what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

mod_rootme-0.2.tgz
Posted Jun 22, 2004
Authored by Christophe Devine

mod_rootme is a very cool module that sets up a backdoor inside of Apache where a simple GET request will allow a remote administrator the ability to grab a root shell on the system without any logging.

Changes: Updated to support the 2.x series.
tags | remote, web, shell, root
SHA-256 | 9a739606a09c5832a815a754bcd656241faf19f768f15d9537d2c76938728b00

Related Files

mod_rootme-0.3.tgz
Posted Jun 25, 2004
Authored by Christophe Devine

mod_rootme is a very cool module that sets up a backdoor inside of Apache where a simple GET request will allow a remote administrator the ability to grab a root shell on the system without any logging.

Changes: This version adds support for a large number of unix systems, including the BSDs, Solaris, OSF/Tru64 and more.
tags | remote, web, shell, root
SHA-256 | 5d4dbf999c7882a9556deb51b0d6c190b7a93de32438eaf87319407dde904309
mod_rootme-0.1.tgz
Posted Jun 22, 2004
Authored by Christophe Devine

mod_rootme is a very cool module for the Apache 1.3 series that sets up a backdoor inside of Apache where a simple GET request will allow a remote administrator the ability to grab a root shell on the system without any logging.

tags | remote, web, shell, root
SHA-256 | 4ad725b929e8714ed72b2aef702d7383e7f30973e4a777ae8a882ba784fcf58a
mod_ssl-2.8.17-1.3.31.tar.gz
Posted May 25, 2004
Site modssl.org

mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.

Changes: Updated to support Apache 1.3.31.
tags | encryption
SHA-256 | 7feea42e546b3ceb59f8da4485f9006ce4fcbaeebd93500bd2835d31f28f90a0
moddiskcache.txt
Posted Mar 20, 2004
Authored by Andreas Steinmetz

mod_disk_cache, for versions of Apache 2.0.49 and below, stores all client authentication credentials for cached objects on disk. This means proxy authentication credentials and possibly in certain RFC2616 defined cases, standard authentication credentials.

tags | advisory
SHA-256 | 33e8126715a7862594819b683f4ef3dee79a08ceed7484268d1fde2303ba2210
mod_securid-2.0.1.tar.gz
Posted Mar 3, 2004
Authored by Erwan Legrand | Site deny-all.com

The mod_securid Apache module implements RSA SecurID authentication for the Apache Web server. It allows administrators to restrict access to Web sites (or parts of Web sites) to users authenticated using a SecurID token and an ACE server.

tags | web
SHA-256 | d8167dfb86b8a0e5efe9716624c1a52aaa04e6a74d57b4383cc0e2937908c1c9
mod_security-1.7.4.tar.gz
Posted Dec 14, 2003
Site modsecurity.org

Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Understands regular expressions and POST payloads and runs on both branches of Apache.

Changes: A bug in the Apache 2 version that would confuse PHP has been fixed and another bug causing the "nolog" action to not prevent the request from being logged to the audit log has been fixed.
tags | web
SHA-256 | d71a01b4444fe6b454b0fbb39a0c4695069b9bbca5c5c562a32c611606d18eb2
mod_icmp.c
Posted Nov 21, 2003
Authored by fryxar | Site geocities.com

This linux kernel module acts like an icmp proxy for echo/echo-reply packets at kernel level, preventing icmp tunnels through firewalls or directly to the server it is installed on.

tags | kernel
systems | linux
SHA-256 | 9fad32f633cbf5845c1c9aa19434551345fd747ac16e91b836ef8dfa81ef6435
mod_security-1.7.3.tar.gz
Posted Nov 19, 2003
Site modsecurity.org

Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Understands regular expressions and POST payloads and runs on both branches of Apache.

Changes: The number of variables whose contents are normalized before rules are applied has been increased, resulting in more predictable regular expression matching. Binaries for Windows were made available and bugs were fixed.
tags | web
SHA-256 | 7f4114a4d7b2e7b8ab0bdd6fbdf6d1caedaf7212fb4e0e943edcb73c5b0d8d4d
mod_wasap-0.0.11.tar.gz
Posted Nov 5, 2003
Authored by Phillip Whelan, Oscar Peredo | Site wasap.exis.cl

WASap is an Apache module for the 1.3.x series that acts as an application level firewall. It can filter and block malignant requests.

tags | web
SHA-256 | 9a44c7ac3a6a64d56f813b6371ec0b745f0f85777ebb56ab69f137523d74897c
mod_dosevasive.1.9.tar.gz
Posted Oct 30, 2003
Authored by Jonathan A. Zdziarski | Site nuclearelephant.com

The Apache DoS Evasive Maneuvers Module is a module for Apache 1.3 and 2.0 that detects and fights off DoS attacks and brute force attempts by adding addresses to a 10-second '403 List' and rejecting rapidly repeated requests for the same URL from the same addresses. This module can be configured to talk to ipchains, ipfilter, or any other tool designed to push the attack out to the network layer, and provides email notification in the event of an attack. Also support iPlanet and Netscape webservers.

Changes: Support for NSAPI has been added (SunONE Servers: iPlanet, Netscape). A TEMP_HOME definition has been added to make changing the location of temporary data easier.
tags | web
SHA-256 | ac048aa4e535e0ae01efc2abf9d6aac6faacb8dedaf19933f38233971e3ac0bb
mod_security-1.7.2.tar.gz
Posted Oct 30, 2003
Site modsecurity.org

Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Understands regular expressions and POST payloads and runs on both branches of Apache.

Changes: This release fixes several bugs, one of which is a potentially exploitable local vulnerability (Apache 2.x users only). It also introduces a SecFilterOutputMimeTypes directive to control which documents will be scanned on output.
tags | web
SHA-256 | b9ad12dc385889e64cc4b38ca8bd26b98ea15bf00b39d4f1cd8d212dc434dec1
mod_security-1.7.tar.gz
Posted Oct 21, 2003
Site modsecurity.org

Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Understands regular expressions and POST payloads and runs on both branches of Apache.

Changes: Added a new anti-evasion technique to fight null-byte attacks, Added output filtering to Apache 2.x, Added the ability to filter cookies (names, values, etc) directly, Added SecServerSignature to mask the web server, Added new action, allow, to finish filter processing and let the request through, Added new action, chain, to chain several filter together (logical AND), and now includes Netware support.
tags | web
SHA-256 | 3c0f0caac30d7f9e9fe9f7c8060dc034726aac11b2aba3ecb5d16c0aea592429
mod_dosevasive.1.7.1.tar.gz
Posted Aug 27, 2003
Authored by Jonathan A. Zdziarski | Site nuclearelephant.com

The Apache DoS Evasive Maneuvers Module is a module for Apache 1.3 and 2.0 that detects and fights off DoS attacks and brute force attempts by adding addresses to a 10-second '403 List' and rejecting rapidly repeated requests for the same URL from the same addresses. This module can be configured to talk to ipchains, ipfilter, or any other tool designed to push the attack out to the network layer, and provides email notification in the event of an attack.

tags | web
SHA-256 | 45f6196ce2c9de9f714930384f606362ddd04e056083b8e15a46b933f13c3935
mod_sigcups.c
Posted May 31, 2003

Cups v1.1.17 and below remote exploit which spawns a shell as lp. Modified version of the original sigcups.c exploit.

tags | exploit, remote, shell
SHA-256 | 5a88fad62d69412d2762fa193f415a3d84cba3182a07cc0ff828178c6b46a28d
mod_ntlm.txt
Posted Apr 21, 2003
Authored by Matthew Murphy

mod_ntlm is the Apache module for versions 1.3 and 2.0 which gives Apache the ability to authenticate users via the NTLM authentication technology that is largely specific to Microsoft IIS. The log() function contains two remotely exploitable vulnerabilities. Both a heap overflow and an incorrect call to ap_log_rerror() allow for arbitrary code execution.

tags | exploit, overflow, arbitrary, vulnerability, code execution
SHA-256 | 802cd05c619e98126a7d5192a17c55f423eeb343fb55248fd94b28417e566c3d
mod_security_1.3b.tar.gz
Posted Dec 15, 2002
Site webkreator.com

Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Understands regular expressions and POST payloads.

Changes: Selective filtering has been introduced. You can now filter requests based on the contents of individual variables (HTTP headers, environment variables, and individual script arguments) coming either from GET or POST.
tags | web
SHA-256 | 4d45450773939db6dca6056dad88a34d0932f9d82ee354d101155e92083157de
mod_ssl-2.8.12-1.3.27.tar.gz
Posted Oct 30, 2002
Site modssl.org

mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.

Changes: Fixed a cross site scripting security bug. Now allows 8192 bytes of shared memory data size.
tags | encryption
SHA-256 | d81ff092eb20a093798adc8dc23fcdddff2470ab896990c01eec1b764c5f3cd7
mod_ssl-toolkit.tar.gz
Posted Oct 10, 2002
Authored by Grange

Mod_ssl off-by-one bug exploitation toolkit for OpenBSD. Creates a malicious .htaccess file which replaces the apache server process with an included HTTP server.

tags | exploit, web
systems | openbsd
SHA-256 | a346c7fbb1e47b293c3ddfa1d114907bec57437d480d6713700617dd05998c97
mod_ssl-2.8.11-1.3.27.tar.gz
Posted Oct 4, 2002
Site modssl.org

mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.

Changes: Updated for Apache 1.3.27 which fixes some security issues.
tags | encryption
SHA-256 | 8d0ec271ba5a8b57a38a31609fe38ed2c151ea9ec0d364126e728cdb81fc945c
mod_ldt.zip
Posted Aug 26, 2002

Root on any linux kernel before 1.3.20

tags | kernel, root, bbs
systems | linux
SHA-256 | bd2072e3fe8555fe2282129e22c8490efb2485c4931c66b1134c6509eaf20ef6
mod.gif
Posted Aug 26, 2002

MOD group.

tags | bbs
SHA-256 | 2ac4d249a39e2266dec059f10b26699cb512737381bfad1b137d5030c46c14eb
mod_ssl-2.8.10-1.3.26.tar.gz
Posted Jul 6, 2002
Site modssl.org

mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.

Changes: Updated for Apache 1.3.26! Fixed some security issues.
tags | encryption
SHA-256 | ccd38e216ad54a99fb5bd62a15b8f34e62a390b05ea0b61fedf3e4cdb10a9b05
mod_ssl_off_by_one.txt
Posted Jul 3, 2002
Authored by Frank Denis

An off-by-one overflow in Apache mod_ssl v2.4.9 and below can be used to by local users to execute code with the privileges of the web server.

tags | web, overflow, local
SHA-256 | bc874d50af7de42b9e7892022426567f87b4cec80e88a6470ac08c1097e61b27
mod_ssl-2.8.8-1.3.24.tar.gz
Posted Apr 4, 2002
Site modssl.org

mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.

Changes: Updated for Apache 1.3.24! Fixed two memory leaks related to CA certificate configuration. Fixed memory leak related to temporary DH key handling. Fixed memory leak on shutdown if CRLs are used.
tags | encryption
SHA-256 | 87d2d26a423507026d930317f91af4d4a9166f77c695212d2ebd0dc59c1e2068
mod_protection-0.0.2.tar.gz
Posted Mar 20, 2002
Authored by twlc, Yaroze | Site twlc.net

Mod_protection is an apache module that integrate basic function of an IDS (intrusion detection system) and of a firewall (just an emulation for now). Your apache administrator have only to install mod_protection and define rules. A normal NIDS can't check SSL protected traffic, where mod_protection can. When a malicious client sends a request that matches on your rules the administrator will be warned and the client gets a user defined page or a error or warning.

Changes: Three new directives - BlockTime, PairAlert, and PairAlertMatch. Blocktime does firewall emulation. Updated docs. Rules are now in an external file.
SHA-256 | e1ff421a590fe6e6835781223069f929d55a39f49c486e2db9671f201e81005e
Page 2 of 4
Back1234Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close