Local root exploit for cifslogin on HP-UX 11.11 and below.
cbe107b425f84e964a28c2d35329b307c9a9e68db01f52d835edd0a6034f1266
Windows with Delphi interface denial of service exploit for Savant HTTP Server 3.0 and below. This exploit utilizes four methods, all from old known vulnerabilities, to crash the daemon.
50fbaad57674f880ec45c9cd48db7355b820590adaa6ad15a8081ef4f1074f7c
Smtpscan is a tool to guess which MTA is used by sending several "special" SMTP requests and by comparing error codes returned with those in the fingerprint database. It does not take into account banners and other text information, that cannot be trusted, only error codes. A document describing the fingerprinting method implemented in smtpscan is available here.
4c5bd1d3afc0e282eabb3eeb2a9eaf951fba6c2d8ee3085b14d76221cff3be18
IP Sentinel is a tool that prevents unauthorized usage of IP addresses within an ethernet broadcast domain by answering ARP requests. After receiving faked replies, requesting parties store the MAC in their ARP tables and will send future packets to this invalid MAC, rendering the IP unreachable. Features chroot non-root operation.
b67c39bb7de96fc952d31f59c297e67e7956dbc59a1570dbc6a2b1dbc65b2ad7
Hackbot v2.15 is an host exploration tool and banner grabber. It scans hosts for FTP banners, SSH banners, Open Relays, EXPN and VRFY options, more than 200 common CGI vulnerabilities and common indexable directories, NT unicode vulnerabilities and NT nimda infections.
585541a710f53e77b36a655588a546bd1b454b40761f3c43c42fd4f3dd1de912
Winterrogate recurses directory structure obtaining the following information according to filemask: File Name, Complete Path, Directory, File Size, Creation Time, Last Access Time, Last Write Time, and MD5 Checksum. Extra information Gathered on *.DLL, *.VBX, *.DRV, *.EXE, *.OCX, *.BIN, *.SCR (IF THE DEVELOPER ADDED IT) includes CompanyName, FileDescription, FileVersion, InternalName, LegalCopyright, OriginalFilename, ProductName, ProductVersion, Comments, LegalTrademarks, PrivateBuild, and SpecialBuild. Screenshot available here.
bea6fd1fa9336ebd8a037f7e20dd886924399b6708e86468805e80cd11211c08
Winfingerprint v0.5.4: Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controller), BDC (Backup Domain Controller), NT MEMBER SERVER, NT WORKSTATION, SQLSERVER, NOVELL NETWARE SERVER, WINDOWS FOR WORKGROUPS, WINDOWS 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, E numerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes.
c45a685becd894b737307ef8fc67eb36056f51363c88acc40028f5fd07a243f4
Mapper is a network connectivity tester that employs a number of techniques to try and guess if a host is alive or not. Since many machines have ICMP firewalled off, it uses 7 different TCP and ICMP tests in attempting to gain some sort of response. Mapper can send spoofed decoys and use random delays for added stealth.
8e6ed6fd200d9037a5a4ceeac6f7a9e3a958b867e1b25983b6da7715b9c81c01
PFilter filters OpenBSD PF log files parsed by tcpdump and prints colored messages. Both /var/log/pflog and pflog0 are supported for real-time logging. Tested on OpenBSD 3.2.
06aabdf94e4b27e355ac9c84239893655812953cf957332b8fdef3f30e001dd9
Amnesia is a simple encryption/decryption tool for files and directories that uses a 702 bit key built off of a user provided password.
a64c0312a17205d862e7a23e63ab2d92577591796a8be88bf0c8a50a5deb33de
A vulnerability in the LiteServe combination server for Win32 exists in that the handling of filenames on Win32 platforms may reveal the code of a desired CGI script to an attacker. Windows handles file names with the period character (0x2E) on the end as if the character had been removed. LiteServe fails to compensate for this behavior, and is vulnerable to a simple CGI disclosure attack.
2c3ca28c00d0930e2a9c6fbc4f72dc74895e351d73e4de6f97aa89bb5230a2ad
Cross Site Scripting vulnerabilities exist in the e-mail web services of hotmail.com, yahoo.com, and excite.com. These problems allow for cookie capturing of unsuspecting victims who may easily give up their cookies via clicking on a link in an e-mail or elsewhere and with the link actually pointing to the legitimate site.
0e1d0d54940384d01ff7c3049f87a8a7e2540acdafd2a17cb783e60afe5122f5
This DCL script abuses the old psi_mail trick on VAX/VMS systems to remotely find valid users.
b300bdc9bf7a8a50ee833fcd7c6502f1b542165feca28c88b135ae16d0afbccb
A suite of scripts that were originally part of the AEnigma DIDS Project. The script snortctl is for management of the Snort NIDS. The snortfilter is a log parser and colorized.
a20e34b031a3b811e776cf26ef2b23b8da7a07a37c0d686dcea96aab426d35a4
HAVOC is a random ARP traffic generator which will temporarily hose your ethernet segment. Bug fix of previous release (0.1c)
74e17c81361042e28aa21c339279aa472c86be6884323f0e8f0583ed01d48727
Multithreaded Proxy Scanner for UNIX v0.7.0. This proxy scanner uses a small PHP script to collect open proxy servers.
f104e807c621cceb31c16056158d12c795b3dc603408f99872db08030dd301e3
Remote exploit for rsync version 2.5.1 and below run on Linux. This exploit makes use of a simple frame pointer overflow.
6d22b5088d7fc52eb994bcfe37975d15f67800c96849738dce0efa68d5b1fe86
Another exploit for ipppd, the daemon that is part of the isdn4linux-utils package and is part of the default install for many linux distributions. Tested on SuSE 7.3 and should work on SuSE 8.0. Anonymously submitted.
5010025186a5b9e7bdc4e46a0ff7cd95eee0761951c2b034cc7db0f606d8cd82
The IISPop E-Mail Server from Curtiscomp.com is vulnerable to a denial of service attack via a simple buffer overflow on the listening daemon.
f1e9f711eabd7012bda2d2d99a807a06d454bfa9e37157608e2983ae2f405a47
INetCop Security Advisory #2002-0x82-004 - Various buffer overflow vulnerabilities exist in Zeroo HTTP Server v1.5. Remote linux exploit included to gain root privileges.
a3c4fb3627efc81e628826beed19110486973e4f8ac5a7bd42bc897ce5b93c6a
INetCop Security Advisory #2002-0x82-003 - LibHTTPD, a utility that can be used to add basic web server capabilities to an application or embedded device, is vulnerable to a buffer overflow which allows remote attackers to gain root access to the system.
42b98d2d9176568731b8e14b52d0f6712290e40350893e64b5996c712275747a
INetCop Security Advisory #2002-0x82-002 - A buffer overflow in Light HTTPd version 1.0 allows for remote attackers to grab a shell or perform related activities as the webserver uid.
4394e54d71505d1fce1d0784dbc84067ece93adfb1a1d1cad4e863b4f87b14c9
INetCop Security Advisory #2002-0x82-001 - A directory traversal vulnerability has been found in Tiny HTTPd 1.0. Basic exploitation is documented.
a49d55847f0e0b697cc4797e61934daffcf7b2aaf646fca37369ef068a3705ce
Loggy is a log cleaner that will remove an IP address in the standard /var/log files under linux along with cleaning up wtmp, utmp, lastlog, etc.
287d1642b6111bc0527c95c818dcc5263a986daa55198b2805ec37c83adc5a56