Strace for NT is a debugging/investigation utility for examining the NT system calls made by a process. It is meant to be used like the strace (or truss) on linux and other unix OSes. What make strace different is that is hooks every system call instead of just selected ones, giving you an excellent idea of what the process is really doing.
5b2735e8141907cec5bb50ae17592fdf8c75adb0f42aca5d7b807a20a63e6166
Ngrep is a powerful network sniffing tool which strives to provide most of GNU grep's common features, applying them to all network traffic. ngrep is a pcap-aware tool that will allow you to specify extended regular expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI, and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop. Windows binaries available here.
e9d9d26303caf0afbf330d2a1c89771c07199d6b58eaed6cba9e25184de356c4
Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.
9db900b88bac67205c493bfdf4780d55020f71d6cf69ea0fd2a01fa148619d7e
NCPQuery is an open source tool that allows probing of a Novell Netware 5.0/5.1 server running IP. It uses TCP port 524 to enumerate objects with public read access, disclosing such information as account names, server services, and other various objects. A remote attacker can gather the equivalent information provided by the console command "display servers" and the DOS client command "cx /t /a /r" without authentication. Includes a Win32 port.
354012e902e80df46b1bf28adfc90559ba18f2db45bf019a1b8745c756211795
Teolupus OpenSSL Exploiter is an automated OpenSSL vulnerability scanner able to find, log and exploit a server "without human intervention". It is based on Nebunu apscan2 but has much more targets. Includes openfuckv2 and openssl-too-open both with more than 130 targets.
ce85e0330ac595ce313685f1e0d5ef79db96eff660b53e1cdb8a6938e169de1c
Iwconfig local proof of concept exploit - Causes a seg fault. Note that iwconfig is not suid.
867f82eb7dcfc7a51d785f60e5b6f4bdc86928b16aa0629292f6687d0fe23112
p0ly.c contains a sniffer, syn flooder, deadly get request attack, and a port scanner.
1c92866c9ec70598ddaaf0956078a1c81f695aada02ee44438e06f76ae3083a7
Small ICMP based backdoor and DDoS slave + master. In German and English.
650e68d37c407e05229b2b7179a5778c05c7cf7efc35ddd259732a9ed2f2d190
Novell iChain prior to v2.2 SP2 beta contains multiple remote vulnerabilities which allow user session hijacking, denial of service, and possibly system compromise.
42d46c7a7fbdcf02338f099cde864377864379a43e501bd4158132aba1fa01dc
AOL Instant Messenger prior to v5.5.3415 contains a buffer overflow in the CCertsByUserName::Cleanup() function which can lead to remote code execution. Can be exploited via HTML web pages or email via long aim: URIs. Fix available here.
658bc232448de8aa479f016c69377dec0c4df2e3dc1edc3e917f281631ca4178
Proxies by Fris - Documents different uses of proxies, proxy related software, and IP ranges.
680c7006ca1f36118af72c2255491223671740387b59e1579136275734c4985d
DeskPRO v1.1.0 and below do not adequately filter user provided data, allowing a remote attacker to insert malicious SQL statements into existing ones. Allows attackers to login to the system as an administrator without knowing the password.
983ccb3475e6d82e382857c1d96466127ac14546a3310ec3ddb85f10f737178d
Ntbindshell is a lightweight (24k compiled) cmd.exe backdoor for Windows. Full C source included. Provides two modes of operation - standard (listening mode) or reverse-connect mode. Includes the ability to install itself as a system service, providing a shell with LocalSystem privileges.
899ef5eaa62de197df74c60aa27e94f9f84b18f384f3eaa0a52cc07eb0ef9ce4
RealOne Player v1, v2, Enterprise Desktop, and Desktop Manager, and RealOne for OS X all contain tempfile vulnerabilities allowing malicious local users to escalate their privileges by manipulating URLs or embedding scripts when RealOne launches the default browser. More information available here.
09826df6449dbec705262c498b3ea583bd519f6074f2fe41812f7380fc5249ae
Redfang v2.5 is an enhanced version of the original application that finds non-discoverable Bluetooth devices by brute-forcing the last six bytes of the device's Bluetooth address and doing a read_remote_name().
7cf45008810ca894b085ae0eb1a0071f0cb6989dd9ce35cfcd617fedf7018c7f
Geeklog v1.3.8 and below contains a SQL injection vulnerability allowing malicious users to change passwords on arbitrary users. Fix available here.
f4ee9373590cb6d8633e3248d2a3a4fc32f197cea472b03b6dc1968bd6294f8d
cpCommerce v0.5f and below contains an input validation error in _functions.php which allows remote arbitrary code execution. Fix available here.
38a5f115f7ff25fa54a8cbaece68467108a84c1f858b98478337d930a03652d9
Atstake Security Advisory A102003-1 - Opera v7.20 and below contains a heap overflow when parsing HREFs with illegally escaped server names, allowing remote code execution via email or malicious web page. Fix available here. Tested against Windows XP and Linux.
47be7130d5351ee1e6a51c87a74d5a02b3e5f28749ce4d47d3f097a00a9f49bd
Bytehoard prior to version 0.7 contains a remote directory traversal vulnerability which allows file access. Fix available here.
760815350b650ce7eb514ab12b531b4c537b4bedcea9a916151c97bbdecab0de
Fetchmail v6.24 and below contains a remote denial of service vulnerability which can be exploited by sending a specially crafted email. Fix available here.
e79612b16d2c2e8069f5a46e09f2cbb86dd22b2c2310ff8597675222ee5ca969
mIRC v6.1 and below remote exploit which takes advantage of the bug described in mirc61.txt. Creates a HTML file which overflows the irc:// URI handling, spawning a local cmd.exe window. The exploit works even if mIRC is not started - The HTML can be in a HTML email or on a web page. Tested against Windows XP build 2600.xpclient.010817-1148.
4cd0bf42beaab24a9681b6932162eb72775c3439db6704c72c2c8e2f9991b043
Remote denial of service exploit for the Microsoft Messenger service buffer overflow described in ms03-043 which causes the target machine to reboot. Includes the ability to send the packet from a spoofed source address and requires the remote netbios name. Tested against Windows 2000 SP4.
e48b844bc994ff34f0e2029f0cb487338b88afdd156b72483f465c14da1a3d48