exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2003-12-03 to 2003-12-04

Posted Dec 3, 2003
Site midas-nms.sourceforge.net

MIDAS NMS is a configurable web based network monitoring and network intrusion detection server. It uses a distributed client/server model that allows it to scale to very large networks, and features highly optimized Snort support that dramatically reduces the overhead of both the Snort Sensor and the alert data repository. Also supports Netsaint/Nagios plugins and Big Brother clients, allowing for easy migration.

Changes: Web interface was completely rewritten and much improved. The requirement of rrdtool was removed. Internal SQL tables and PHP functions are now used to produce graphs. Several major and minor bugs were fixed.
tags | tool, web, sniffer
SHA-256 | 2655edc70bf23696df70dc487fa99dd751550a133361135e178e2fad1208738d
Firewall Builder With GUI
Posted Dec 3, 2003
Site fwbuilder.org

Firewall Builder consists of object-oriented GUI and set of policy compilers for various firewall platforms. In Firewall Builder, firewall policy is a set of rules, each rule consists of abstract objects which represent real network objects and services (hosts, routers, firewalls, networks, protocols). Firewall Builder helps user maintain database of objects and allows policy editing using simple drag-and-drop operations. Firewall Builder can be used to manage firewalls built on variety of platforms including, but not limited to, Linux running iptables and FreeBSD or Solaris running ipfilter.

tags | tool, firewall, protocol
systems | linux, solaris, freebsd
SHA-256 | a3e1a1d5602dd2f9f837660b57a86896f4889709be8bf1b4c2f7d3e0fbe59eb8
Posted Dec 3, 2003
Authored by Andreas Oestling | Site nitzer.dhs.org

Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.

Changes: Bug fixes.
tags | tool, perl, sniffer
systems | bsd
SHA-256 | d9d006ffdb368ee6a413eee32caca7b7ee7d284108b1ec37da8cf1b7fb9bd40c
Posted Dec 3, 2003
Site cipherdyne.org

Port Scan Attack Detector (psad) is a collection of four lightweight daemons written in Perl and C that are designed to work with Linux firewalling code (iptables and ipchains) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate. Changelog available here.

tags | remote, kernel, udp, perl, tcp
systems | linux
SHA-256 | 65fc565468cd4afcaec56eb1f3db070cdc7bbcf950cb892eb3851ad5bc4f13a5
Posted Dec 3, 2003
Authored by Luigi Auriemma | Site aluigi.altervista.org

The Surfboard webserver v1.1.8 and below contains remote directory traversal and denial of service vulnerabilities. Exploit URLs and a patch included.

tags | exploit, remote, denial of service, vulnerability
SHA-256 | 3dbbe78f6853a71fc44dfdf40f5fb21a8eec9d6276975bbbeb5bd302badc590f
Posted Dec 3, 2003
Authored by William Robertson | Site cs.ucsb.edu

Glibc heap protection patch for Glibc v2.3.2 - Uses the canary method to detect and block heap overflows. Note that this will not stop attacks against the GOT or PLT. An analysis of the performance and detection capabilities of this patch is available here.

tags | overflow
systems | unix
SHA-256 | 3da8e273df467c4ae9bfa63a05dd6ebd62c4ac7a7647b01c8ced31d2479bda97
Posted Dec 3, 2003
Authored by Christophe Devine

Linux kernel v2.4.22 and below do_brk() proof of concept exploit written in ASM which tests for the vulnerability, rebooting your system if it is found. Requires nasm greater than v0.98.36, tested with nasm 0.98.38.

tags | exploit, kernel, proof of concept
systems | linux
SHA-256 | 3a1805e87c6665a847a70d41034ba9ce9bf3fd72bd1dea9674ecaa0b343b4333
Posted Dec 3, 2003
Authored by Paul Szabo

Remote exploit for Eudora 6.0.1's (on Windows) LaunchProtect feature, which warns the user before running executable attachments. Unfortunately this only works in the attach folder; using spoofed attachments, executables stored elsewhere may run without warning.

tags | exploit, remote, spoof
systems | windows
SHA-256 | b80328406863d0be504957a92ac97cabca2db4fc69884a48e398d8e55f0a64d3
Posted Dec 3, 2003
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added parallel scan support and included smbnt and cisco AAA support.
tags | web, cracker, imap
systems | cisco
SHA-256 | 11d4e84acd9ba0ff47bcce3af0d8ab452e0703a39f1785ddb9b55525f5549b95
Posted Dec 3, 2003
Authored by Kev | Site bournemouthbynight.co.uk

Brian.c is a simple tool to effectively convert a switched network (or a part of it) into a shared network so that sniffing can take place. Allows ARP spoofing of any number of machines, includes an internal relay process for relaying packets to the correct destination, provides a gateway switch for spoofing routers, includes various timing options, and includes a DOS switch for spoofing without relaying. Includes everything to turn a switched network into a shared network so that sniffing can take place, in one easy to use tool. Based on ARP poisoning from Ettercap, but unlike Ettercap it works in many-to-many scenarios which are present in shared networks. Tested on Redhat 8, it compiles under Linux. Requires libnet and libpcap.

tags | tool, spoof, sniffer
systems | linux, redhat
SHA-256 | ed538861806c64275273f8ce041053bef2f1f835a3d1e708263acedbce08f0cf
Posted Dec 3, 2003
Authored by Wojciech Purczynski, Paul Starzetz | Site isec.pl

Detailed information on the linux kernel v2.4 prior to v2.4.23 local root vulnerability in the do_brk() kernel function. Kernels 2.4.20-18.9, 2.4.22 (vanilla), and 2.4.22 with grsecurity patch are confirmed vulnerable.

tags | advisory, kernel, local, root
systems | linux
SHA-256 | 43a76479ec2e92c678e1e79c86fa11a5609b490ba6e29b4d220c64300a875126
Posted Dec 3, 2003
Authored by PAgVac

WNMSB-LAN is a Windows Messenger Service Bomber. Includes C++ source and a windows executable.

systems | windows
SHA-256 | e40365e6959bbb96dece8f2fe67c334965524cfb7facc28f04554e17152d1f2b
Cisco Security Advisory 20031202-SNMP-trap
Posted Dec 3, 2003
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20031202 - Cisco Aironet Access Points (AP) running Cisco IOS software will send any static Wired Equivalent Privacy (WEP) key in the cleartext to the Simple Network Management Protocol (SNMP) server if the snmp-server enable traps wlan-wep command is enabled. Cisco Aironet 1100, 1200, and 1400 series are affected, but the command is disabled by default.

tags | protocol
systems | cisco
SHA-256 | 705c85418950584e704df182238699f65f51cad8b32f80e8a6784bbcd4f5c02c
Page 1 of 1

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By