Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
46b3c43698a8fd3171e26348ce3dcb97090e19e73b8424d1a0fc1dbf6c1f753b
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
524bb56f5c023913a3328472fa5f6aa5a6cb2c88568ba205c466a1b9a7dfe0e4
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
0fbec3e733e1fc14dfcdf8a49ef16a0c61acc54ff3598cf387a4e86c3d7cc995
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
39ed6684d66ada9efa09fb0b6d338e67cfc788dc8edd7db5067de783a51fbd03
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
bc3163c8b5ceaa27a0a38daac6146987dba202b556b8fe7a7e3fe136f528d9eb
NetBSD Security Advisory 2004-010 - Some of the functions in /usr/src/sys/compat/ which implement execution of foreign binaries (such as Linux, FreeBSD, IRIX, OSF1, SVR4, HPUX, and ULTRIX) use argument data in unsafe ways prior to calling the kernel syscall.
05546d49f053bc61209d8c580436a808dbef16beb496554eb15265e595aea34f
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
78702c2f8f43e546c8002d842fad47e077f205f16b6ac210cff5a285cdfe0d58
Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.
a6d2f67e1ec0e015cc4054c00654d076ede9156b89ed9bb360dbd47c8dd0d208
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
563c62f63acfbef79e79659c3f483813816c7d032ef73e96e462a3b4f9a2fc7f
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
27e25c4b06db42014635847c0db0c749a460341696191dcc1b2c3f54a09ba0cd
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
61178c2481dc83ac450af064ef072dcd6a76d5ce4df0af6fa657b7ec33feeafe
sishell is a reverse (connecting) shellcode kit for x86 Linux, FreeBSD, NetBSD and OpenBSD. It generates both regular shellcode without NULLs and stand-alone ELF executables. sishell is distributed with a Makefile system, a custom ELF brander (brandelf) and a C example code generator. sishell is distributed under the MIT License.
eb3226fcdde43122beef233db2fe7fa8429b08bce8d263a6fc202949daf66992
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
ebe4d15fbb7e16bd088dbffdd949b7ae10f0315d5518d1822f90a62b76c6293c
NetBSD Security Advisory 2004-009 - A set of flaws in the ftpd source code can be used together to achieve root access within an ftp session. With root file manipulation ability, mechanisms to gain a shell are numerous, so this issue should be considered a remote root situation.
19988f37ee9bac237bfdb409657a8f72e0dc9b3791fb9c48b914cfac30ce0bdd
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
eedb15c911b12bfe5875017c67fd6f2ff7e514833ee6f9eda236fe9e015cd061
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
39925a2882b60cffb5673663f256429064eb325ad4c13c93ab41f6d2db9d592e
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
ddb7b048407b5fb6e587f9d11c817ea961cbbe0e1900e0c62a25b7999562554c
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
6c46bc7cd162ea1fe3977cdfd753f9a7b7450b7b248d33d564e792d4cc7f25ff
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
fc6827f3792a325e79c300d9d45e526eb2da3a8c759cfe3695710b5016f3cfd3
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
aea281094216a1e5958d6d228f9ce433e10df9a99af8c2e1789a5331743c274a
An integer handling error within the swapctl() system call of NetBSD 1.x can allow a local user the ability to cause a denial of service attack.
0b04f2d0bae3375ec84b5c4112c85c28ed5adf7a137c5cae027ebc0d6c7b7189
rrs is a reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). The listener will accept the connection and receive a shell from the remote host. rrs features full pseudo-tty support, full OpenSSL support (high encryption, client/server authentication, choice of cipher suites), Twofish encryption, a simple XOR cipher, plain-text (unencrypted) session, peer-side session monitoring (snooping), daemon option and reconnection features. rrs is Free Software distributed under the MIT License and is known to compile and run under Linux, FreeBSD, NetBSD, OpenBSD and QNX.
ffd9098cf93da5bda65150fe241ec51eb0eb0e37edca038e6a2216bc12546e85
rrs is a reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). The listener will accept the connection and receive a shell from the remote host. rrs features full pseudo-tty support, full OpenSSL support (high encryption, client/server authentication, choice of cipher suites), Twofish encryption, a simple XOR cipher, plain-text (unencrypted) session, peer-side session monitoring (snooping), daemon option and reconnection features. rrs is Free Software distributed under the MIT License and is known to compile and run under Linux, FreeBSD, NetBSD, OpenBSD and QNX.
d88505015c16f2edd0fa08ec1d5fe659035fd768314016daf711864453c44e27
sishell is a reverse (connecting) shellcode kit for x86 Linux, FreeBSD, NetBSD and OpenBSD. It generates both regular shellcode without NULLs and stand-alone ELF executables. sishell is distributed with a Makefile system, a custom ELF brander (brandelf) and a C example code generator. sishell is distributed under the MIT License.
2c3d6e93ea10f49f72295f4c8a5610d2e83976e34a37eda03b1600301a9077c1
rrs is a reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). The listener will accept the connection and receive a shell from the remote host. rrs features full pseudo-tty support, full OpenSSL support (high encryption, client/server authentication, choice of cipher suites), Twofish encryption, a simple XOR cipher, plain-text (unencrypted) session, peer-side session monitoring (snooping), daemon option and reconnection features. rrs is Free Software distributed under the MIT License and is known to compile and run under Linux, FreeBSD, NetBSD, OpenBSD and QNX.
e1731f76298f2b4aca4e90cbd80cd194f4e3c066efb4079b79d2674f6b009d1d