exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 166 RSS Feed

Files Date: 2002-07-01 to 2002-07-31

7350fun
Posted Jul 18, 2002
Authored by Lorian

7350fun is a remote exploit for mod_php v4.0.2rc1-v4.0.5 and v4.0.6-v4.0.7RC2. This exploit appears to be a revised version of the 73501867 exploit, which was written by the same author, contained less functionality and was not encrypted. Note: this exploit also causes PHP 4.1.2 versions to segfault. This code was abandoned in a honey pot and is published under Fair Use Law 17 U.S.C.A 107

tags | exploit, remote, php
SHA-256 | 8a1c0c6bcdd15226fa9559cd421b9ccc4eefd1e6864a6e563ecc6a07fb3258aa
SPIKEv2.4.tar.gz
Posted Jul 17, 2002
Authored by Dave Aitel | Site immunitysec.com

SPIKE is an attempt to write an easy to use generic protocol API that helps reverse engineer new and unknown network protocols. It features several working examples. Includes a web server NTLM Authentication brute forcer and example code that parses web applications and DCE-RPC (MSRPC).

Changes: Added GUI, and scripting language support. Examples included. Screenshot available here.
tags | web, protocol
systems | unix
SHA-256 | e055b1879513702841a95c003e9606a987f0497b30ff9ffd6517017a36ef0fe0
Atstake Security Advisory 02-07-15.1
Posted Jul 17, 2002
Authored by Atstake, Ollie Whitehouse | Site atstake.com

Atstake Advisory A071502-1 - Norton Personal Internet Firewall 2001 v3.0.4.91 for Windows NT and 2000 contains buffer overflows in the HTTP proxy which allows attackers to overwrite the first 3 bytes of the EDI register, which can lead to remote code execution.

tags | remote, web, overflow, code execution
systems | windows
SHA-256 | b638be2b6c12ee1233b0973e42fb9455d457e7c5b99317fa57810587b7da13b0
lcrzoex-4.12-src.tgz
Posted Jul 17, 2002
Authored by Laurent Constantin | Site laurentconstantin.com

Lcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex. Windows binaries available here.

Changes: Some bugs were fixed.
tags | udp, spoof, tcp, protocol, library
systems | linux, windows, solaris, freebsd
SHA-256 | b79af779312f215978148a5acb6a9cfe2ff951688ede3ce11905407756d1d81e
thp-0.4.3-1.tar.gz
Posted Jul 17, 2002
Authored by George Bakos | Site alpinista.dyndns.org

Tiny Honeypot (thp) is a simple honey pot program based on iptables redirects, an xinetd listener, and perl. It listens on every TCP port not currently in use, logging all activity and providing some feedback to the attacker. The responders, written in Perl, provide just enough interaction to fool most automated attack tools, as well as quite a few humans, at least for a little while.

Changes: Now has session timeouts, simple HTTP emulation, a PID on the capture log start line (to allow correlation with xinetd logging), and xinetd per-source limits by default.
tags | perl, tcp
systems | unix
SHA-256 | 74d2f02c24eabc0a1841d95b79c6c97ec4ef9ae62c8434413778524f4b15ed95
ltelnet.c
Posted Jul 17, 2002
Authored by Nicola Piazzolla

Ltelnet is a simple linux telnet client written in c.

systems | linux, unix
SHA-256 | e3f894f887b86e05fae960ee2296814fc7e81273c4836b04f82423ee9d96b2cb
motion-3.0.4.tar.gz
Posted Jul 17, 2002
Authored by Jeroen Vreeken | Site motion.technolust.cx

Motion uses a video4linux device for detecting movement. It makes snapshots of the movement which later will be converted to MPEG movies, making it useful as an observation or security system. It can send out email and SMS messages when detecting motion and includes a web interface.

Changes: New stable release - The netcam code uses tmpfiles instead of pipes. MPEG files are opened with append to prevent overwriting time lapse videos.
tags | web
systems | linux
SHA-256 | 383de518a2de728696267c7446c8957dc0dd2da79f1ca095bcac378f6f179aca
darkstat-2.0.tar.gz
Posted Jul 17, 2002
Site members.optushome.com.au

Darkstat is an ntop-workalike network statistics gatherer. Built to be faster and smaller than ntop, it uses libpcap to capture network traffic and serves up Web page reports of statistics such as data transferred by host, port, and protocol. It also has a neat bandwidth usage graph.

Changes: Accounting and DB code rewritten, man page updated, sniffed http requests can be logged.
tags | tool, web, sniffer, protocol
SHA-256 | d799e4755b193f3dcee0d046b1b4f70abacad26b4a7b32f5ca7082f560be580b
elfrip.c
Posted Jul 17, 2002
Authored by netric, PoWeR PoRK | Site netric.org

Elfrip is a tiny cat-like utility for ripping the code section out of a nasm generated elf image.

systems | unix
SHA-256 | d04491b975521b75ef0b591b237c4372cec5f1be775b96ff57fb534aa0a5189f
cdump.c
Posted Jul 17, 2002
Authored by netric, PoWeR PoRK | Site netric.org

Simple pipe driven utility for creating c-style char decs from binary input. Can be of use for embedding shellcode etc in c sourcefiles.

tags | shellcode
systems | unix
SHA-256 | 4a6f029c31af9c526bea153a129ac74524a75df0ffb07a45e880902c7f0e3df0
chrooted.tar.gz
Posted Jul 17, 2002
Authored by netric, Atje | Site netric.org

BSD chrooted user shell scripts.

tags | shell
systems | unix, bsd
SHA-256 | 43313c3a23fcf8951f2941733be00dfe54f56ed678bfc65984b319d755b836c0
Cyclops-1.2-Stand.zip
Posted Jul 17, 2002
Authored by Felipe Moniz | Site nstalker.com

Cyclops 1.2 is a Log Auditing Tool for Web Servers. Cyclops looks for patterns in the log files that suggest an intruder is attacking. The log file formats supported are Apache, Common Log Format, Microsoft IIS, NCSA, PWS and Sambar Server. Tested on Windows 95, 98, ME, NT, 2000 or XP.

tags | web
systems | windows
SHA-256 | 1b8899d74ed4051cd79ea1f12c6ec812a5187f78ae79d992c375e513c8b9f9d5
oddsock.txt
Posted Jul 17, 2002
Authored by Lucas Lundgren | Site outpost24.com

Outpost24 Advisory - The Oddsock Playlist Generator v2.1 contains multiple buffer overflow vulnerabilities which result in a denial of service against the winamp/shoutcast service.

tags | denial of service, overflow, vulnerability
SHA-256 | 90c57c359b6bdbc11c79f220a2fbf14980057252f61933fa10f8406116cc4f9f
FreeBSD Security Advisory 2002.31
Posted Jul 17, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:31 - OpenSSH included with FreeBSD-CURRENT between 2002-03-18 and 2002-06-25 has a remote root vulnerability because ChallengeResponseAuthentication is turned on by default.

tags | remote, root
systems | freebsd
SHA-256 | 95c8eacb9873f2fd53d933945c9f51ac0fb845249ac900809ad7f1f99002a160
HexView Security Advisory 2002-06-05.01
Posted Jul 16, 2002
Authored by HexView | Site sgi.com

SGI Security Advisory 20020605-01-I - A vulnerability found in the chunked encoding implementation in Apache versions 1.3.24, 2.0.36 or prior can be used to remotely execute code on systems running this software. This vulnerability affects IRIX systems versions 6.5.12m/f up to and including 6.5.16. SGI IRIX 6.5.17 is not affected.

systems | irix
SHA-256 | 76bb676c215a49fb99134bfa0b2bd17ffce8884666531a51a9bc18221c6c10b1
bugtraq-icq-sound-scheme.txt
Posted Jul 16, 2002
Authored by Adam Blaszczyk

A vulnerability found in the ICQ Sound Scheme can be used to remotely drop files on systems running ICQ by using an Internet Explorer mapping via .icm files.

SHA-256 | a57d7bce4fffa574d030c75c76377bbf9a65d4383b975bd3504617e115664363
GRE_sniffing.doc
Posted Jul 16, 2002
Authored by David Taylor

Using a Compromised Router to Capture Network Traffic - This document details the approach, methodology and results of a recent experiment using GRE tunnels to sniff all traffic passing through a Cisco router.

tags | paper
systems | cisco
SHA-256 | cde9ed24f2abf6cc7625477e61b850179dd4e9a0d79c528f6d47e6637dddad12
shame2j3.tgz
Posted Jul 15, 2002
Authored by Pf1shy

Shame v0.2j3 is a fast multithreaded banner scanner.

tags | tool, scanner
systems | unix
SHA-256 | e5162ed020bed819da2319c2508b510dc0e91ba8da8e9a67c4c03d834d78ae25
atho.exe
Posted Jul 15, 2002
Authored by Cys

Atho.exe for Windows will transmit packets which causes some modems to hang up.

tags | denial of service
systems | windows
SHA-256 | 80fc4a500fbee608881afe10e62fbb42ab356168275bb03192977fb580c0fd84
spkproxy1.0.tar.gz
Posted Jul 15, 2002
Authored by Dave Aitel | Site immunitysec.com

SPIKE proxy is a proxy which uses the SPIKE API to help reverse engineer new and unknown network protocols. Provides security analysis features for Web applications, a multi-threaded design, man in the middle SSL proxying, handles Connection: keep-alive properly (it is possible to log in to Hotmail with it), and rewrites User-Agent to pretend to be running IE. Requires pyOpenSSL pre 0.5 from the SPIKE Web page. Several working examples are included.

tags | web, protocol
SHA-256 | 2cc7ac85df579320ecd4e4c70e6ba4fec0eb040650fc9349630356851e1d99d5
choco.latte.txt
Posted Jul 15, 2002
Authored by Ulf Harnhammar

Double Choco Latte, a project management package, contains remote vulnerabilities which allow any file on the webserver to be read and cross site scripting bugs.

tags | remote, vulnerability, xss
SHA-256 | acb217fc6a980bd564416b4953fee5ba579712a79602d438e7328d8eb8697b65
oat-source-1.2.0.zip
Posted Jul 15, 2002
Authored by Patrik Karlsson | Site cqure.net

OAT v1.2.0 is a set of tools which can be used to audit Oracle databases running on the Microsoft Windows platform. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.

Changes: Support for command execution on Solaris was added. Now includes OracleQuery, a minimal commandline sql query tool. Many Bugfixes were made.
tags | java
systems | linux, windows, unix
SHA-256 | 17b789dc0c4f20818e16e097cd8de94348b2acdbe7665d63d8ff1b91c2df0e9b
sqlbf-all-src-1.0.1.zip
Posted Jul 15, 2002
Authored by Patrik Karlsson | Site cqure.net

This tool should be used to audit the strength of Microsoft SQL Server passwords offline. The tool can be used either in BruteForce mode or in Dictionary attack mode. The performance on a 1 Ghz Pentium (256mb) is around 750,000 guesses/sec. This is the source - Windows and Linux binaries available here.

tags | cracker
systems | linux, windows
SHA-256 | 70225e564e5dad311fc27b7eb5302b9441f8adc52da4eaf2c2d49d79708fe23d
Atstake-Pingtel-Xpressa.txt
Posted Jul 15, 2002
Site atstake.com

Atstake Security Advisory - Several vulnerabilities found in Pingtel Xpressa SIP VoIP phones model PX-1 v1.2.5-1.2.7.4 can lead to the disclosure of user credentials, the hijacking of calls, unauthorized access on phone devices and much more. Pingtel released a workaround that can be used by affected customers, available here.

tags | vulnerability
SHA-256 | 137c467df7a52e511bc1a0959f6c9113896a816a356cc78d4266270c84c5e3e0
FreeBSD Security Advisory 2002.29
Posted Jul 15, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:29 - A buffer overflow has been found tcpdump v3.7.1 and below which can be triggered through specially crafted NFS packets. Since tcpdump typically runs with root privileges, exploitation of this vulnerability can be used to remotely execute code on systems that are affected.

tags | overflow, root
systems | freebsd
SHA-256 | e80b102939576bd0557c204c249e44d533520aa46fd213b0c8a7af8d017ca2bd
Page 3 of 7
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close