httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the FreeBSD release.
a29d163083835e04f3ac34d48e56fcbc39f8f5cc7c18ea0d79acbfd4686fbc7bhttprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Linux release.
3abdeb0ba0bc07b69489438ae6647d34460512df310036ac0f7ce7785a824e2fNetgear RP114 devices, and possibly other related Netgear hardware, have a URI filtering bypass vulnerability when the URI being evaluated is larger than 220 bytes long.
7c2791d42f4fe25ac35ea87b471ff12f43f5d2022deaf13d5ef51f4d2621d65fnmapgrep is a small tool customized to grep regular expression patterns from a nmap log file and output the IP addresses that match the pattern.
fee7b6368d25712423e3f5c6f72366c8809222691257594176a7019b4973204eAmusing graphic of Microsoft's UK web site getting compromised and defaced again in May, 2004.
edb2ed3493028fcae986a0d3855973827917f057e0b23a9a519176ced4557a53White paper discussing the basics of shellcoding, a quick overview of assembly, and usage of shellcodes.
91df4a2a5aa6a6b5d59ad6bb47315c025fe3c9ede801c8998cd641028cfa2e6aVariant vulnerabilities have been disclosed regarding the flaw in Mac OS X where code can be silently delivered via the disk URI handler vulnerability.
7f4de2005e09f74eb0be7ac3e2f6d7f05ddc88c8a54064407622cfebe1b4a6caLiferay Enterprise Portal is said to be subject to multiple cross site scripting flaws.
6a406562d84aca76726075d51e3b23200851d5566a3bce7dbf86b4d418ad6b38BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier versions are susceptible a denial of service due to a malicious crafted HTTP GET request. Sample exploit included. Tested on Windows XP SP1.
9890d7016baddf8fdcf712e31a16c8da51096b32a041e1fa58e9d203e5c84240Amusing simple one-liner that shows that 3COM 812 ADSL modems are still susceptible to 4 year old denial of service attacks.
26aae1a7af5d89cbe48405ff5017b10bf4bc1bca154fd25e8194f64e0b22955eTHC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
8b59d0d841cc4678b31bce621bd10bf3cb81be9f314edbc697911c8026447c4eA vulnerability, caused due to an unspecified error within Xconfig, has been discovered in Exceed versions 9.x. When exploited, local users can bypass certain restrictions.
ed2ff2c4f566f565d33db59092d739c063a6c615a912c4ac303918b0f624d4d2ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.
357a2bc9ed8983c10210da4f617486ae2dd60362fba21b11f3e966eec2f996efboclient 1.3.0 - boclient is a remote windows administration tool which uses BackOrifice or NetBus servers on Windows. It is an improvement of version 1.21. Most recent versions have GNU readline support, NetBus commands, portability to other platforms (BeOS, QNX and 64bit architectures like Alpha) and async network I/O. Archive password is set to p4ssw0rd. Use at your own risk.
4db03812b64cf1b08496e4cd2aadfdbcb229c4bcdfb7eae12997ad4e2a2ef389JailUtils is a collection of utilities for managing FreeBSD jails. They facilitate the orderly startup and shutdown of jails, list processes in jails, and do various other things.
c9d041599e62770672605ddf3c368a7c224e70f5897a27edcdf1db91ecdf06ebAn ActiveX Control provided by Symantec Norton Antivirus 2004 contains a remotely exploitable DoS condition. In order to trigger this vulnerability, malicious website administrators must induce Internet Explorer users to view a specially crafted web site, which will consequently consume a lot of system resources.
b8d95ab82a67ea2b5d834503696acb10b2db9577517d8d464b4f51e4ac230bb8ucd-snmp versions 4.2.6 and below suffer from a buffer overflow on the command line when the daemon is spawned.
24514b893dcbc9255cf0b3b4192324d7c0f00059646711e8fb3fc0a35111ed7cAll versions of e107 have a vulnerability that allows html tags and content to be posted to the stats page and to be listed under Referers. This allows an attacker to put any site link or code they want on the list of Referers.
3d071845699b3f18e1a62591cd0f475ad46e2ef07f146eec7372ff10fd3ab1a3Microsoft Windows Explorer suffers from a flaw where it will execute underlying files when they are linked in html pages.
fa8e114e14244e1f93821759c64b4ffa1f4446012b15d9869310e70a1b766d32Simple generic backdoor protected by a password encrypted with an MD5 hash. Gets added into inittab.
e882134c2334e44c8578e2e5edbc6cf3a3e29bd4f6d910f9a7118cca31ac094fOpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
77b12ac17e409a561b564cf05f38a1870ee616305166f1153043e242df097cefRemote root exploit for stable CVS releases up to 1.11.15 and CVS feature releases up to 1.12.7. Solaris version. Anonymously submitted.
65c674ac77ccd4a45957f097a3fcebfc7836743e95663c5b329449a7e1d5d93eRemote root exploit for stable CVS releases up to 1.11.15 and CVS feature releases up to 1.12.7. Linux and FreeBSD version. Anonymously submitted.
cbba2ce54b3c6d2fab06e83029be065535aa55e80f9747949b5f4579b7f3ef21Corsaire White Paper: Cookie Path Best Practice. A brief document discussing how and why a cookie path should be strictly defined.
c30fa2410156b0fdf005bdaacdb6fc9efd561e2ce36194f3f8f20250a403b84aCorsaire White Paper: Secure Development Framework. This paper addresses the need for an infrastructure to exist in which things are securely developed to help mitigate the high costs incurred when vulnerable software is released into the wild.
ae3a4aef9a3c1fb41a54ed92d274edc5a78883a841e8f4a1e084e12fb15c408e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
