what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 25 of 109

Integrity Files

Rootkit Hunter 1.4.6

Posted Feb 19, 2018

Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: Added support for Alpine Linux (busybox). Added the Diamorphine LKM test. Added the ALLOWIPCPID configuration file option. Added the ALLOWIPCUSER configuration file option. Various other additions, improvements, and bug fixes made.

tags | tool, shell, perl, integrity, rootkit

systems | netbsd, unix, solaris

MD5 | 54762d04ec7faa0736cc151271b02c06

Download | Favorite | View

Rootkit Hunter 1.4.4

Posted Jun 30, 2017

Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: Added the GLOBSTAR configuration file option. This will set the shells globstar option to allow recursive checks of directories. By default this option is disabled. Added a Japanese translation file. Added support for the 'BSDng' package manager option. This can be used by those BSD systems which have the 'pkg' command available (currently later FreeBSD systems). Various other improvements and bug fixes made.

tags | tool, shell, perl, integrity, rootkit

systems | netbsd, unix, solaris

MD5 | c625bcb5e226d1f2a7a3a530b7e4fbd9

Download | Favorite | View

Chkrootkit Local Privilege Escalation

Posted Nov 20, 2015

Authored by Thomas Stangner, Julien jvoisin Voisin | Site metasploit.com

Chkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a trivial privsec. WfsDelay is set to 24h, since this is how often a chkrootkit scan is scheduled by default.

tags | exploit, tool, root, integrity, rootkit

advisories | CVE-2014-0476

MD5 | 2931d0fa21b7d9e3e2ce5473dde9cf34

Download | Favorite | View

Check Rootkit 0.50

Posted May 23, 2014

Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: New and enhanced tests, minor bug fixes.

tags | tool, trojan, integrity, rootkit

systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux

MD5 | 9e67dd56f835264d43aeb04944610b03

Download | Favorite | View

Rootkit Hunter 1.4.2

Posted Mar 23, 2014

Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: DISABLE_UNHIDE option has been removed from the configuration file. Various bug fixes.

tags | tool, shell, perl, integrity, rootkit

systems | netbsd, unix, solaris

MD5 | 85ad366b7f3999eb2a9371e39a1a4df7

Download | Favorite | View

Another File Integrity Checker 3.4

Posted Sep 10, 2013

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Three new classes were added: Afick::Aliases, Afick::Macros, and Afick::Directives. A new macro was added: archive_retention. On Windows, installation of the Tk module is now forced. afickonfig now works on all config types. An inconsistency between command line parameters and config directives was fixed.

tags | tool, integrity

systems | linux, windows, unix

MD5 | cb19e7d6f6d11ca66ed1882e2a9f6ac8

Download | Favorite | View

Another File Integrity Checker 3.3

Posted Dec 27, 2012

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: This release continued the rewrite with libraries and unit tests. Afick::Gen, a new library for generic code was added. A bug was fixed in the fix report_url option. The check_update feature was also fixed.

tags | tool, integrity

systems | linux, windows, unix

MD5 | aa524134be2e3f10c5a53323e30017ff

Download | Favorite | View

Another File Integrity Checker 3.2

Posted Nov 14, 2012

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: This is the second release of the new 3.x branch (a progressive rewrite in object oriented programming). Many bugs were fixed. A new plugin (stat_date) was added. The class Afick::Tst was added.

tags | tool, integrity

systems | linux, windows, unix

MD5 | 720ca380c7a5177be14239cf434e05ec

Download | Favorite | View

Another File Integrity Checker 3.1

Posted Jul 26, 2012

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: This is the first public (stable) release of new 3.x branch. It is a rewrite (partial for now) of afick in object oriented programming, to allow better code and better support. It matches the 2.21 release for features. The two afick branches (2.x and 3.x) will be maintained in parallel for a few versions, to allow users to migrate when they want.

tags | tool, integrity

systems | linux, windows, unix

MD5 | 0549d9754b9f0eb22887e4586d07267c

Download | Favorite | View

Another File Integrity Checker 2.21

Posted Jul 17, 2012

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: On Unix/Linux systems, the cron job can now notify nagios monitoring, using the nsca tool.

tags | tool, integrity

systems | linux, windows, unix

MD5 | 351f7c5784143cc50ec77c10d36a9739

Download | Favorite | View

Rootkit Hunter 1.4.0

Posted May 1, 2012

Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: This release adds eleven bugfixes, seven changes, and five new items.

tags | tool, shell, perl, integrity, rootkit

systems | netbsd, unix, solaris

MD5 | 37b1ceb79a5ff3debca335d6550ac6b0

Download | Favorite | View

Another File Integrity Checker 2.20

Posted Feb 7, 2012

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: SHA-256 and SHA-512 checksum algorithms were added to replace SHA-1 for better security. Output of SHA checksums are now compatible with the output of the sha1sum, sha256sum, and sha512sum commands.

tags | tool, integrity

systems | linux, windows, unix

MD5 | 6fa2d357839fc75138ef2ca287b0ae59

Download | Favorite | View

Another File Integrity Checker 2.19

Posted Nov 16, 2011

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: A new option (--csv) is added to allow export of the database in CSV format. A new macro (MAILAUTH), permits mail authentication on Windows. A new directive (allow_relativepath) is added that makes internal controls use relative path instead absolute path. A new syntax for file/directories and use of the AFICK_CHROOT environment variable allow 'chrooted directories'.

tags | tool, integrity

systems | linux, windows, unix

MD5 | 0e1af12fad0bb9160046bb918fd92a4a

Download | Favorite | View

Another File Integrity Checker 2.18

Posted Oct 11, 2011

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: This release fixes a lot of little problems on Windows operating systems. A delete button has been added in afick_set_planning.pl. Environment variables in the configuration file are now expanded on-the-fly at the beginning of a run. The program's documentation has been updated.

tags | tool, integrity

systems | linux, windows, unix

MD5 | d45b0d789f44c4b810d0de8d62866384

Download | Favorite | View

Another File Integrity Checker 2.17

Posted Jun 10, 2011

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Arguments for the --list option should now be separated by a comma instead a space character. Search for the default config file is now the same for Unix and Linux: /etc/afick.conf and then afick.conf. The version is now shared between afick and afick-tk. Arguments for --list can also be given in several calls.

tags | tool, integrity

systems | linux, windows, unix

MD5 | 827f131c6a5c7f7e9b0dca5e1fe50c6f

Download | Favorite | View

Malmon Detection Tool 0.3

Posted Feb 2, 2011

Authored by ShadowX | Site sourceforge.net

Malmon is a real-time exploit/backdoor detection tool for Linux that audits the integrity of files in a given directory.

Changes: Huge speed optimizations, a scan option, force update, and the ability to add/remove a directory from the watch list while running.

tags | tool, integrity

systems | linux, unix

MD5 | d72b83dc2d5738c9cba02f96a787db1a

Download | Favorite | View

Malmon Detection Tool 0.1b

Posted Jan 21, 2011

Authored by ShadowX | Site sourceforge.net

Malmon is a real-time exploit/backdoor detection tool for Linux that audits the integrity of files in a given directory.

tags | tool, integrity

systems | linux, unix

MD5 | 8386a5519eea6223d969429cd0397eb9

Download | Favorite | View

Another File Integrity Checker 2.16

Posted Dec 15, 2010

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Some bugs were fixed in checksum computing.

tags | tool, integrity

systems | linux, windows, unix

MD5 | 44fba54d8f5d7fe89508e463867e1043

Download | Favorite | View

Rootkit Hunter 1.3.8

Posted Nov 18, 2010

Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: The change log lists 24 bug fixes, 29 changes and 18 new items.

tags | tool, shell, perl, integrity, rootkit

systems | netbsd, unix, solaris

MD5 | 0c34eb2a2d0caa384f442c11fcbb0c46

Download | Favorite | View

Another File Integrity Checker 2.15

Posted Apr 24, 2010

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Afick will now work on Windows Vista/Seven with uac. Afick_cron now uses boune syntax instead of bash syntax. A bug has been fixed for activeperl 5.10.1.1007. Remaining environment variables in the configuration file are detected/replaced by the check_config and clean_config options.

tags | tool, integrity

systems | windows, unix

MD5 | 5ed77c562b9615b89a2f62cdb97720d8

Download | Favorite | View

Rootkit Hunter 1.3.6

Posted Nov 30, 2009

Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: This release offers more ease of use and improved checks. The changelog lists 29 additions including 9 configuration options and details for 12 rootkits, 29 changes including improvements for 15 rootkit checks, and 22 bugfixes.

tags | tool, shell, perl, integrity, rootkit

systems | netbsd, unix, solaris

MD5 | 41bd92b1ea0803401c4a45215c8293a2

Download | Favorite | View

iWatch Filesystem Monitor 0.2.2

Posted Nov 18, 2009

Authored by Cahya Wirawan | Site iwatch.sourceforge.net

iWatch is a real-time filesystem monitoring program. It is a tool for detecting any changes on your filesystem and reporting it to the system administrator immediately. It uses a simple configuration file in XML format and is based on inotify, a file change notification system in the Linux kernel.

Changes: The bug where the file being watched contains one of the formats available for substitution was fixed. A directory that is renamed or moved is now watched properly. Unnecessary watching of create events was fixed. A feature was added to reload the configuration file when the SIGHUP signal is received. A feature to specify the charset was added.

tags | tool, kernel, integrity

systems | linux

MD5 | b32155e844b0d58871dc72041160938d

Download | Favorite | View

Check Rootkit 0.49

Posted Jul 30, 2009

Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: New and enhanced tests, minor bug fixes.

tags | tool, trojan, integrity, rootkit

systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux

MD5 | 304d840d52840689e0ab0af56d6d3a18

Download | Favorite | View

Another File Integrity Checker

Posted Jul 28, 2009

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: The checksum output is now compatible with md5sum/sha1sum commands. A bug was fixed on negative rules. The quiet option was added. The graphical interface now accepts database, history, and archive command line options.

tags | tool, integrity

systems | windows, unix

MD5 | 74b85916767a45c024a4dc125547f6a2

Download | Favorite | View

Another File Integrity Checker 2.13-1

Posted Jan 21, 2009

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Removed udev files from scan. Began to remove global variables. Various other bug fixes and additions.

tags | tool, integrity

systems | windows, unix

MD5 | ccf339b7ea5226fc2f6bbea0cccc5859

Download | Favorite | View