Amap V2.1 is a scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
a2fcff73f3df3c1bcf73d1501e95403b8c981c8c823a2d9d6763f52252bbb3adMultiple buffer overflow vulnerabilities have been found in FTGate Pro Mail Server v. 1.22 (1328). The SMTP server for FTGate has unchecked buffers for the MAIL FROM and RCPT TO commands that allows for a remote attacker to overwrite the stack pointer and can lead to remote code execution.
95f83e228cdce2e2eb8f46c216a792e6251d913be395c5a856648d63f75cb23aCore Security Technologies Advisory ID: CORE-2003-0303 - Six vulnerabilities have been found in the Mirabilis ICQ Pro 2003a client that are both locally and remotely exploitable. Use of these allow for remote code execution and a denial of service.
0991a1824e78e4c8354e6a13a23e4dcb0744e6f23f88a6827fb82c4a80bcd380Kerio Personal Firewall 2.1.4 and below remote code execution exploit that makes use of a replay attack against the channel for remote administration. Tested against Windows XP SP1.
3ca9f3eea820f2361bf7253796cca6fd61159fdc6ca8ad10ea7dabecfed4483eNmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.
b5be5bfa828be1c68450348d02809caf817e12c59cdcf0ec56bdc7565e5b200cOpenSSH <= 3.6.1p1 user identification remote exploit shell script which tells you whether or not a user exists by using a timing attack. Accurate against Redhat.
7cbb2545e6b122031cbd298d8d2d101b7363a0226a88a977a69b64ab2dadea68Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.
2f92e31dc859835ac31579a09caf9af18f6e7780da3a77274ad367a809014f13Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over a thousand remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available here.
f781412191baf12ef79ac3cdaec2132fe5e8e0d619b6c7eed2afd923de116151Smtpscan is a tool to guess which MTA is used by sending several "special" SMTP requests and by comparing error codes returned with those in the fingerprint database. It does not take into account banners and other text information, that cannot be trusted, only error codes. A document describing the fingerprinting method implemented in smtpscan is available here.
fd101022e24513e478b7c8169c469c2fa7f54c516e188f035c355c73619ccc6aLocal root exploit for the bounds checking vulnerability found in the utility youbin.
87875ae0421b2986889e445fb60844fbfbac8b79aed78b2e768d51ed7601cfdfyoubin, the utility that acts as a network version of the utility biff, has insufficient bounds checking that allows arbitrary code execution.
246db609e0835a2434298e984b43373b3bfa91bc54ee98a12910070f03a1b529NetBIOS Enumeration Utility v3.1 is a utility for Windows which can be used to enumerate NetBIOS information from one host or a range of hosts. The information that is enumerated includes the account lockout threshold, local groups and users, global groups and users, shares, and more. This utility will also perform password checking with the use of a dictionary file. Runs on Windows NT 4.0/2000/XP.
d390a60dc40079e73d75a5813205ca3aa54cbd4c652fafbfe4d8ac908693a87dA vulnerability exists in the TFTP protocol implementation of the Polycom 6100-4 NetEngine 3.4.8 ADSL router that allows a specially crafted packet to cause a denial of service.
636954b85ab294d8dcce6f31fecbf299025c1efb2b2951a83fc60d8d7d0db2dbA simple and versatile sniffer utility to monitor ports 21 (FTP) and 110 (POP) for quick accumulation of user and password strings.
847db033bdacbf08f6a22d1dd2fbd88f7df4a357677aad3960d6352d6ba97e8eElf binder v1.5 will bind a tar file to the end of an executable. It will then untar the file in /tmp, run the installation script, and can be useful for automation.
7c68d9e3a950633449b73b3e7cc149f45eb56ccbd2ba6ed0f2f1cd101337429cDisco is a passive IP discovery utility designed to sit on segments distributed throughout a network and discover unique IPs. In addition to IP discovery Disco has the ability to passively fingerprint TCP SYN packets to determine the host operating system.
6183163d79bc3366a35a626ce453925b5247312d90899d9150635d23fbcafe33Ettercap 0.6.a is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining an established TCP connection! Integrated into a easy-to-use and powerful ncurses interface.
db1a6ae82d6e080ab1f7610b55e7a71d84a293f014601598cbc40be203191a91L33t Cereal.
0f6cdd33ccc1647712dbe24f469c1dde9dfd911389e33e3620c314514c39525eWhitepaper discussing cracking basics.
3da459b607b000828f4c5f52483c9fa63dcd11949b7f79f0e54d8ec5ec13d329
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
