Steghide is steganography program which hides bits of a data file in some of the least significant bits of another file in such a way that the existence of the data file is not visible and cannot be proven. Steghide is designed to be portable and configurable and features hiding data in bmp, wav and au files, blowfish encryption, MD5 hashing of passphrases to blowfish keys, and pseudo-random distribution of hidden bits in the container data. It is able to embed data in BMP, WAV, and AU files.
ff9bc688ec3eb84593723ea25071447f207bcfaa94f53a248ca0096d9e2cc5a5Unichk is a tool for Linux which checks for 224 Unicode vulnerabilities in Microsoft IIS.
45a6db642a8a66e95d9334c8d29873ecda259a67fbb203d5302c66e083806f7eXScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. It is also more stable than xlock.
192956ca270a2f8c2e8ec9dd1e03f9d58c6f91af172ce7f1d84503763627bf3dIPFC is a framework to manage and monitor multiple types of security modules across a network. Security modules can be as diverse as packet filters (like netfilter, pf, ipfw, IP Filter, checkpoint FW1, etc.), NIDS (Snort, arpwatch, etc.), Web servers, and other general devices (from servers to embedded devices). Features log collection for different security "agents", dynamic log correlation possibilities, and easy extensibility due to the generic database and XML message formats used.
63511bda8c6fd2d6f712c45572657cc8891a2f5cdada97fec9266aa464af65a9Sendmail is a very popular unix Mail Transfer Agent, a program that moves mail from one machine to another.
05e168c4f3fc3b39b64c3ad2bf82a3d76d04a9a87c706d333d6dccd60cf02c43The goal of FireStarter is to provide an easy to use, yet powerful, GUI tool for setting up, administrating and monitoring firewalls for Linux machines. FireStarter is made for the GNOME desktop. It can actively monitor your firewall and list any unauthorized connection attempts made to your machine in a readable table format.
596f6a8ddf49abee65e5e834da0f3170010fb8dc7587e4994e99615d518d4528IP Filter is a TCPIP packet filter which works well in a firewall environment. It can either be run as a loadable kernel module (recommended) or incorporated into your kernel. Scripts are provided to install and patch system files as required. IP Filter also includes several cool features, including transparent proxying via packet forwarding, allowing for round-robin forwarding to achieve load-balanced proxy.
4cdd248efebd50f41df78053aa260aa3da830dfc5eb3a802747c331a56b21913SGI Security Advisory 20020102-02-I - A vulnerability related to the way the IRIX unified name service daemon (nsd) manages its cache files has been reported which allows remote users to fill the disk. The nsd daemon is installed by default on all 6.5.x versions of IRIX, and this vulnerability exists in all versions of IRIX 6.5.4m/f through 6.5.11m/f. The problem has been fixed in IRIX 6.5.12m/f.
44d2dcae3a1ebef95b52d69bf3a53fea80ae607bc6bbf4571c42ecb9a5b47610Local root exploit for sudo + postfix. Exploits sudo prior to sudo-1.6.4.1. Tested on debian powerpc unstable.
56c4a7509e2a9ce7833c6d4cb82396da0284a904354b620cfe74d1de0f8ee533Myndscream is a SYN flooder.
80700bcca1fb983ba2ff733e252130393272d4e3574d8346bce31ea2c1d614fbTroier is a package of trojaned linux commands. Includes du, locate, netstat, ps, pstree, top, w, and who.
36639e9cd73d3706b82e255356a62bb0d1004cbb508747d25be9960364a72adaReversing the ELF - Stepping with GDB during PLT uses and .GOT fixup. This is a GDB tutorial about runtime process fixup using the Procedure Linkage Table section (.plt) and the Global Offset Table section (.got) by the dynamic linker ld-linux.so. ASM knowledge will be helpful. More info on ELF here.
d827aaba5feb045e90dea774ade60c84ce956eb244b90457391bfb60f6d84432FreeBSD Security Advisory FreeBSD-SA-02:06 - The sudo port prior to sudo-1.6.4.1 contains a local root vulnerability. If a user who has not been authorized by the system administrator (listed in the 'sudoers' file) attempts to use sudo, sudo will send an email alert. When it does so, it invokes the system mailer with superuser privileges, and with most of the user's environment intact.
95d8394d5117d9a6f3521370ab41a96912996869f60e721be66457c59168ec22ScreamingCobra is an application for remote vulnerability discovery in ANY UNKNOWN web applications such as CGIs and PHP pages. Simply put, it attempts to find vulnerabilities in all web applications on a host without knowing anything about the applications. Modern CGI scanners scan a host for CGIs with known vulnerabilities. ScreamingCobra is able to 'find' the actual vulnerabilities in ANY CGI, whether it has been discovered before or not.
1c61510c3cb228a1abff6c5da28c95a0d953967242a0947ff6e7255b9603f309Cm-ssh is the Teso SSH remote exploit. Includes targets for SSH-1.5-1.2.27, SSH-1.99-OpenSSH_2.2.0p1, SSH-1.5-1.2.26, and SSH-1.5-1.2.31. Binary form only. Brute forces the stack.
36d483d3aefeedd928c940806cf788f6b477890f44e775db5cc7b2ecd2fa7557LKH is a very powerful and documented kernel function hooking library running on Linux 2.4/x86 . The code has been explained and the API described in Phrack #58 : Linux x86 kernel function hooking emulation. It Supports functions with or without frame pointer, you can enable, disable the hook, access in rw mode the original function parameters, set as permanent or singleshot hijacking, and be discrete or aggressive.
e3efb0bc08482cc47cdb890c9383289d52b76dacfd5498437b9f05b73fc02d15"Remote Access Session" is a security tool to analyze the integrity of systems. The program tries to gain access to a system using the most advanced techniques of remote intrusion. It can either work in normal mode (which is fast) or hard mode (which is more intensive). There is a big difference between "Remote Access Session" and other remote security audit tools as "Nessus" or "Internet Scanner" - If "Remote Access Session" finds a remote vulnerability that gives a user account or root, it will try to exploit it and it will return a shell. In my honest opinion, this is the only way to discard false positives of remote vulnerabilities, and the only way to demonstrate that the danger is real to upper management. "Remote Access Session" is not a hacker tool. It has been designed for system administrators and security engineers, and does not attempt any kind of stealth.
2cdbc9aa9177b20c2915656098d38b15148d2b34b3fa4e552468f2a90b1d6412Aesop is a TCP-proxy which supports many advanced and powerful features. It's designed to be secure, fast and reliable. Aesop makes use of strong cryptography (RC4) for all its data-transmission up to the end-link. Another powerful feature of Aesop is that Aesop proxies can be transparently stacked into a secure chain. Aesop is implemented using multiplexing and is therefor fast and lightweight.
506bf2fa186327dec76049ba0d5a8cf7dadc72d8d2ac02a3f29f8a31729d0276CGIAudit is a black-box debugging tool which automatically audits CGI entities with only an interface specification, the HTML form. Attack types that a CGI script or program become subject to are configurable, as well as server replies that denote a possible penetration success. Other features include a built-in spider, proxy support, and hexadecimal encoding of requests.
d126c77221362b232d8c30d9ff3b6318d53fa438bbc6f491cf482f578d240a23FreeBSD Security Advisory FreeBSD-SA-02:05 - The pine port, versions previous to pine-4.40, handles URLs in messages insecurely. PINE allows users to launch a web browser to visit a URL embedded in a message. Due to a programming error, PINE does not properly escape meta-characters in the URL before passing it to the command shell as an argument to the web browser.
bd35deff33ef609e251b486734b4b234a56114ded09699be08f3d6b9fa3ad22eThe Boozt! banner management software for Linux v0.9.8alpha remote exploit. Included shellcode creates a suid httpd shell in /tmp. Fix available here.
76e9febe02a80ee5b9f529526ed2bcc8ef743cd4768f9e070b7ca96214e48fe4How Nmap scans work - This MS word document has information on how some of the different nmap scan types work.
22b9a4cfef68364a9b2ddaa65ca1711e247271b9ab7e8b22d390d178b4512d08Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.
a5fea5ba068d2b6b32f3f2fba83ef2c4fef29d12194faa7400b55466d2a9d656Darkside is a rootkit for unix which hides processes and their children, hides files, manipulates uid's, and modifies the tcp/ip stack to hide connections.
eb276d600410c8a211cbf397f2b173e3e4002a0aa9941df781e69f1c181d746bIRPAS is a suite of routing protocol attack tools which sends custom routing protocol packets from the unix command line. It is very useful for searching for new routing protocol vulnerabilities. Included is a tool for sending Cisco Discovery Protocol (CDP) messages, one for injecting IGRP routes, and a scanner for IGRP autonomous systems. Documentation available here.
6fd6dd1b5ca7eb5e3d6f2d12608a58741756eb2b080c577a322a31af1150b1ce
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed