Winfingerprint v0.5.4: Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controller), BDC (Backup Domain Controller), NT MEMBER SERVER, NT WORKSTATION, SQLSERVER, NOVELL NETWARE SERVER, WINDOWS FOR WORKGROUPS, WINDOWS 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, E numerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes.
c45a685becd894b737307ef8fc67eb36056f51363c88acc40028f5fd07a243f4Mapper is a network connectivity tester that employs a number of techniques to try and guess if a host is alive or not. Since many machines have ICMP firewalled off, it uses 7 different TCP and ICMP tests in attempting to gain some sort of response. Mapper can send spoofed decoys and use random delays for added stealth.
8e6ed6fd200d9037a5a4ceeac6f7a9e3a958b867e1b25983b6da7715b9c81c01PFilter filters OpenBSD PF log files parsed by tcpdump and prints colored messages. Both /var/log/pflog and pflog0 are supported for real-time logging. Tested on OpenBSD 3.2.
06aabdf94e4b27e355ac9c84239893655812953cf957332b8fdef3f30e001dd9Amnesia is a simple encryption/decryption tool for files and directories that uses a 702 bit key built off of a user provided password.
a64c0312a17205d862e7a23e63ab2d92577591796a8be88bf0c8a50a5deb33deA vulnerability in the LiteServe combination server for Win32 exists in that the handling of filenames on Win32 platforms may reveal the code of a desired CGI script to an attacker. Windows handles file names with the period character (0x2E) on the end as if the character had been removed. LiteServe fails to compensate for this behavior, and is vulnerable to a simple CGI disclosure attack.
2c3ca28c00d0930e2a9c6fbc4f72dc74895e351d73e4de6f97aa89bb5230a2adCross Site Scripting vulnerabilities exist in the e-mail web services of hotmail.com, yahoo.com, and excite.com. These problems allow for cookie capturing of unsuspecting victims who may easily give up their cookies via clicking on a link in an e-mail or elsewhere and with the link actually pointing to the legitimate site.
0e1d0d54940384d01ff7c3049f87a8a7e2540acdafd2a17cb783e60afe5122f5This DCL script abuses the old psi_mail trick on VAX/VMS systems to remotely find valid users.
b300bdc9bf7a8a50ee833fcd7c6502f1b542165feca28c88b135ae16d0afbccbA suite of scripts that were originally part of the AEnigma DIDS Project. The script snortctl is for management of the Snort NIDS. The snortfilter is a log parser and colorized.
a20e34b031a3b811e776cf26ef2b23b8da7a07a37c0d686dcea96aab426d35a4HAVOC is a random ARP traffic generator which will temporarily hose your ethernet segment. Bug fix of previous release (0.1c)
74e17c81361042e28aa21c339279aa472c86be6884323f0e8f0583ed01d48727Multithreaded Proxy Scanner for UNIX v0.7.0. This proxy scanner uses a small PHP script to collect open proxy servers.
f104e807c621cceb31c16056158d12c795b3dc603408f99872db08030dd301e3Remote exploit for rsync version 2.5.1 and below run on Linux. This exploit makes use of a simple frame pointer overflow.
6d22b5088d7fc52eb994bcfe37975d15f67800c96849738dce0efa68d5b1fe86Another exploit for ipppd, the daemon that is part of the isdn4linux-utils package and is part of the default install for many linux distributions. Tested on SuSE 7.3 and should work on SuSE 8.0. Anonymously submitted.
5010025186a5b9e7bdc4e46a0ff7cd95eee0761951c2b034cc7db0f606d8cd82The IISPop E-Mail Server from Curtiscomp.com is vulnerable to a denial of service attack via a simple buffer overflow on the listening daemon.
f1e9f711eabd7012bda2d2d99a807a06d454bfa9e37157608e2983ae2f405a47INetCop Security Advisory #2002-0x82-004 - Various buffer overflow vulnerabilities exist in Zeroo HTTP Server v1.5. Remote linux exploit included to gain root privileges.
a3c4fb3627efc81e628826beed19110486973e4f8ac5a7bd42bc897ce5b93c6aINetCop Security Advisory #2002-0x82-003 - LibHTTPD, a utility that can be used to add basic web server capabilities to an application or embedded device, is vulnerable to a buffer overflow which allows remote attackers to gain root access to the system.
42b98d2d9176568731b8e14b52d0f6712290e40350893e64b5996c712275747aINetCop Security Advisory #2002-0x82-002 - A buffer overflow in Light HTTPd version 1.0 allows for remote attackers to grab a shell or perform related activities as the webserver uid.
4394e54d71505d1fce1d0784dbc84067ece93adfb1a1d1cad4e863b4f87b14c9INetCop Security Advisory #2002-0x82-001 - A directory traversal vulnerability has been found in Tiny HTTPd 1.0. Basic exploitation is documented.
a49d55847f0e0b697cc4797e61934daffcf7b2aaf646fca37369ef068a3705ceLoggy is a log cleaner that will remove an IP address in the standard /var/log files under linux along with cleaning up wtmp, utmp, lastlog, etc.
287d1642b6111bc0527c95c818dcc5263a986daa55198b2805ec37c83adc5a56Defcon 10 Presentation: filelist
434f931c401a3a76527e65459c234d2a93ae568a54e248afe8ad4aee195e3889Defcon 10 Presentation: frame
03f5c9cfcd17038408545ba3a9207b8f631c9804e36c4c699cf81cc92a3c034cDefcon 10 Presentation: fullscreen
6c219ceea2a7b7279bb55e020ca34467d49038eb48b00a380a8005e6d7349665Defcon 10 Presentation: master01
3ae84ca169f8d767ee5ca4f9cdf8967703c9725aa6ccba67264d8ee50f2dfc0cDefcon 10 Presentation: master56_image004 in GIF format
d1ff3c4714eb5c9622f6b60715681dc0c595df90b59f7a197fe20b58c8d90986Defcon 10 Presentation: master56_image005 in GIF format
8807e8e8248bd8aa6ece9b59cd1aab6e0f2d27f639ca6d6b7b2e005836b3478eDefcon 10 Presentation: master56_stylesheet
109f4ffb9b4cdd248ebd506dc591b33c59e193963ed123173dbea8648736e03c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
