7350fun is a remote exploit for mod_php v4.0.2rc1-v4.0.5 and v4.0.6-v4.0.7RC2. This exploit appears to be a revised version of the 73501867 exploit, which was written by the same author, contained less functionality and was not encrypted. Note: this exploit also causes PHP 4.1.2 versions to segfault. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107
8a1c0c6bcdd15226fa9559cd421b9ccc4eefd1e6864a6e563ecc6a07fb3258aa
SPIKE is an attempt to write an easy to use generic protocol API that helps reverse engineer new and unknown network protocols. It features several working examples. Includes a web server NTLM Authentication brute forcer and example code that parses web applications and DCE-RPC (MSRPC).
e055b1879513702841a95c003e9606a987f0497b30ff9ffd6517017a36ef0fe0
Atstake Advisory A071502-1 - Norton Personal Internet Firewall 2001 v3.0.4.91 for Windows NT and 2000 contains buffer overflows in the HTTP proxy which allows attackers to overwrite the first 3 bytes of the EDI register, which can lead to remote code execution.
b638be2b6c12ee1233b0973e42fb9455d457e7c5b99317fa57810587b7da13b0
Lcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex. Windows binaries available here.
b79af779312f215978148a5acb6a9cfe2ff951688ede3ce11905407756d1d81e
Tiny Honeypot (thp) is a simple honey pot program based on iptables redirects, an xinetd listener, and perl. It listens on every TCP port not currently in use, logging all activity and providing some feedback to the attacker. The responders, written in Perl, provide just enough interaction to fool most automated attack tools, as well as quite a few humans, at least for a little while.
74d2f02c24eabc0a1841d95b79c6c97ec4ef9ae62c8434413778524f4b15ed95
Ltelnet is a simple linux telnet client written in c.
e3f894f887b86e05fae960ee2296814fc7e81273c4836b04f82423ee9d96b2cb
Motion uses a video4linux device for detecting movement. It makes snapshots of the movement which later will be converted to MPEG movies, making it useful as an observation or security system. It can send out email and SMS messages when detecting motion and includes a web interface.
383de518a2de728696267c7446c8957dc0dd2da79f1ca095bcac378f6f179aca
Darkstat is an ntop-workalike network statistics gatherer. Built to be faster and smaller than ntop, it uses libpcap to capture network traffic and serves up Web page reports of statistics such as data transferred by host, port, and protocol. It also has a neat bandwidth usage graph.
d799e4755b193f3dcee0d046b1b4f70abacad26b4a7b32f5ca7082f560be580b
Elfrip is a tiny cat-like utility for ripping the code section out of a nasm generated elf image.
d04491b975521b75ef0b591b237c4372cec5f1be775b96ff57fb534aa0a5189f
Simple pipe driven utility for creating c-style char decs from binary input. Can be of use for embedding shellcode etc in c sourcefiles.
4a6f029c31af9c526bea153a129ac74524a75df0ffb07a45e880902c7f0e3df0
BSD chrooted user shell scripts.
43313c3a23fcf8951f2941733be00dfe54f56ed678bfc65984b319d755b836c0
Cyclops 1.2 is a Log Auditing Tool for Web Servers. Cyclops looks for patterns in the log files that suggest an intruder is attacking. The log file formats supported are Apache, Common Log Format, Microsoft IIS, NCSA, PWS and Sambar Server. Tested on Windows 95, 98, ME, NT, 2000 or XP.
1b8899d74ed4051cd79ea1f12c6ec812a5187f78ae79d992c375e513c8b9f9d5
Outpost24 Advisory - The Oddsock Playlist Generator v2.1 contains multiple buffer overflow vulnerabilities which result in a denial of service against the winamp/shoutcast service.
90c57c359b6bdbc11c79f220a2fbf14980057252f61933fa10f8406116cc4f9f
FreeBSD Security Advisory FreeBSD-SA-02:31 - OpenSSH included with FreeBSD-CURRENT between 2002-03-18 and 2002-06-25 has a remote root vulnerability because ChallengeResponseAuthentication is turned on by default.
95c8eacb9873f2fd53d933945c9f51ac0fb845249ac900809ad7f1f99002a160
SGI Security Advisory 20020605-01-I - A vulnerability found in the chunked encoding implementation in Apache versions 1.3.24, 2.0.36 or prior can be used to remotely execute code on systems running this software. This vulnerability affects IRIX systems versions 6.5.12m/f up to and including 6.5.16. SGI IRIX 6.5.17 is not affected.
76bb676c215a49fb99134bfa0b2bd17ffce8884666531a51a9bc18221c6c10b1
A vulnerability found in the ICQ Sound Scheme can be used to remotely drop files on systems running ICQ by using an Internet Explorer mapping via .icm files.
a57d7bce4fffa574d030c75c76377bbf9a65d4383b975bd3504617e115664363
Using a Compromised Router to Capture Network Traffic - This document details the approach, methodology and results of a recent experiment using GRE tunnels to sniff all traffic passing through a Cisco router.
cde9ed24f2abf6cc7625477e61b850179dd4e9a0d79c528f6d47e6637dddad12
Shame v0.2j3 is a fast multithreaded banner scanner.
e5162ed020bed819da2319c2508b510dc0e91ba8da8e9a67c4c03d834d78ae25
Atho.exe for Windows will transmit packets which causes some modems to hang up.
80fc4a500fbee608881afe10e62fbb42ab356168275bb03192977fb580c0fd84
SPIKE proxy is a proxy which uses the SPIKE API to help reverse engineer new and unknown network protocols. Provides security analysis features for Web applications, a multi-threaded design, man in the middle SSL proxying, handles Connection: keep-alive properly (it is possible to log in to Hotmail with it), and rewrites User-Agent to pretend to be running IE. Requires pyOpenSSL pre 0.5 from the SPIKE Web page. Several working examples are included.
2cc7ac85df579320ecd4e4c70e6ba4fec0eb040650fc9349630356851e1d99d5
Double Choco Latte, a project management package, contains remote vulnerabilities which allow any file on the webserver to be read and cross site scripting bugs.
acb217fc6a980bd564416b4953fee5ba579712a79602d438e7328d8eb8697b65
OAT v1.2.0 is a set of tools which can be used to audit Oracle databases running on the Microsoft Windows platform. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.
17b789dc0c4f20818e16e097cd8de94348b2acdbe7665d63d8ff1b91c2df0e9b
This tool should be used to audit the strength of Microsoft SQL Server passwords offline. The tool can be used either in BruteForce mode or in Dictionary attack mode. The performance on a 1 Ghz Pentium (256mb) is around 750,000 guesses/sec. This is the source - Windows and Linux binaries available here.
70225e564e5dad311fc27b7eb5302b9441f8adc52da4eaf2c2d49d79708fe23d
Atstake Security Advisory - Several vulnerabilities found in Pingtel Xpressa SIP VoIP phones model PX-1 v1.2.5-1.2.7.4 can lead to the disclosure of user credentials, the hijacking of calls, unauthorized access on phone devices and much more. Pingtel released a workaround that can be used by affected customers, available here.
137c467df7a52e511bc1a0959f6c9113896a816a356cc78d4266270c84c5e3e0
FreeBSD Security Advisory FreeBSD-SA-02:29 - A buffer overflow has been found tcpdump v3.7.1 and below which can be triggered through specially crafted NFS packets. Since tcpdump typically runs with root privileges, exploitation of this vulnerability can be used to remotely execute code on systems that are affected.
e80b102939576bd0557c204c249e44d533520aa46fd213b0c8a7af8d017ca2bd