exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 177 RSS Feed

Worm Files

Polygraph.pdf
Posted Nov 1, 2006

Polygraph: Automatically Generating Signatures for Polymorphic Worms.

tags | paper, worm
SHA-256 | da1b41fe602bad7291c8016f7113690ea192d79e0a4c9eba51a3ca9c189192e9
sysmask-1.08.tgz
Posted Oct 5, 2006
Authored by XIAO Gang | Site wims.unice.fr

Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.

Changes: Kernel patch update for 2.6.17.13 and 2.4.33.3. Fixed malformed kernel patch problem.
tags | worm, arbitrary
systems | linux
SHA-256 | f82e69f16be11017058cec85631b2a4a7ff659f7f6aa7888ef96daeb0029b2a2
nepenthes-0.1.7.tar.bz2
Posted Sep 22, 2006
Site nepenthes.mwcollect.org

Nepenthes is a low interaction honeypot like honeyd or mwcollect. Low Interaction Honeypots emulate _known_ vulnerabilities to collect information about potential attacks. Nepenthes is designed to emulate vulnerabilities worms use to spread, and to capture these worms. As there are many possible ways for worms to spread, Nepenthes is modular.

tags | tool, worm, vulnerability, intrusion detection
systems | unix
SHA-256 | 62f683616636ec09e170d81d15203e1d17c3fba5ba313e76d4c5251116f76168
myspace.txt
Posted Aug 29, 2006
Authored by Matthew Wollenweber

Myspace.com appears to have a worm propagating via user pages.

tags | advisory, worm
SHA-256 | a45aed96f50d5e55ff8f7110a5dbb0e94e5fffae010f6b1b692196f1d9338efe
InqTanaThroughTheEyes.txt
Posted Feb 26, 2006
Authored by Kevin Finisterre

Whitepaper written to address both FUD and rumors surrounding the release of detailed information about the InqTana proof of concept worm.

tags | paper, worm, proof of concept
SHA-256 | 97f38cd5ac3a5a8e7f37fced12c45e663ce5ca7f24ea52a2d3c528ce2ed49f19
sysmask-1.06.tgz
Posted Feb 8, 2006
Authored by XIAO Gang | Site wims.unice.fr

Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.

Changes: Added skype configuration. Some minor fixes and improvements.
tags | worm, arbitrary
systems | linux
SHA-256 | d6a8d99407835d5ef5f471f4db9dc3295c0a351b03cabd88fa7aa8ca2167387a
mwcollect-3.0.3.tar.bz2
Posted Feb 6, 2006
Authored by Honeynet Project | Site mwcollect.org

mwcollect is an easy solution to collect worms and other autonomous spreading malware in a non-native environment like Linux. The mwcollect daemon mwcollectd opens ports that are known to be commonly exploited by Malware and simulates certain known vulnerabilities on them.

Changes: The Threestone mwcollect version fixes some timeout bugs and should increase overall performance. The submit-gotek module for Alliance support has been added and this version now finally builds and runs very good on FreeBSD.
tags | tool, worm, vulnerability, intrusion detection
systems | linux, unix
SHA-256 | 49e91fe8561176558e0859842c936b17143ccab750e3e30c8e2b3d391cb394b3
html-trap.procmail-1.150.gz
Posted Jan 15, 2006
Authored by John Hardin | Site impsec.org

Email Security through Procmail attempts to address the trend towards "enhancing" email clients with support for active content, which exposes end-users to many and varied threats, by "sanitizing" email: removing obvious exploit attempts and disabling the channels through which exploits are delivered. Facilities for detecting and blocking Trojan Horse exploits and worms are also provided.

Changes: Fix the unrar executable check so that it does not test for unrar if RAR scanning is already explicitly disabled by $DISABLE_RAR_SCAN. Fix recipient notification so that it will now work on relays.
tags | worm, trojan
systems | unix
SHA-256 | ed45904440d2a6be917137c868071b99074c1caededc8a55bd75f20656fb7031
outpostMambo.txt
Posted Dec 9, 2005
Site outpost24.com

It appears that the Mambo vulnerability recently released by rgod has a worm propagating. The backdoor associated with it has been named Linux/Elxbot.

tags | advisory, worm
systems | linux
SHA-256 | e3fb9a2f30bc3d5a402b631862eeb9b36c498a852afc9ce1ee9480c0870372aa
digsig-1.3.2.tar.gz
Posted Nov 20, 2005
Site sourceforge.net

DigSig kernel load module checks the signature of a binary before running it. It inserts digital signatures inside the ELF binary and verifies this signature before loading the binary. It is based on the Linux Security Module hooks (standard in main stream Linux kernel 2.5.66 and higher). Therefore, it improves the security of the system by avoiding a wide range of malicious binaries like viruses, worms, Trojan programs, and backdoors from running on the system.

tags | worm, kernel, trojan
systems | linux
SHA-256 | 71a9882698f37ed54e72a04fb21ecad41b68f381a335ddc601301d49c752b135
p3scan-2.3.1.tar.gz
Posted Nov 20, 2005
Authored by laitcg | Site p3scan.sourceforge.net

Pop 3 scan is a full transparent proxy server for POP3 clients. It runs on a Linux box with iptables (for port redirection). It can be used to provide POP3 email scanning from the Internet to any internal network, and is ideal for helping to protect your Other OS LAN from harm, especially when used in conjunction with a firewall and other Internet proxy servers. It is designed to enable scanning of incoming email messages for viruses, worms, trojans, spam, and harmful attachments. Because viewing HTML email can enable a spammer to validate an email address (via Web bugs), it can also provide HTML stripping.

Changes: Bug fix release.
tags | worm, web, trojan
systems | linux, unix
SHA-256 | 2c51185caddde414de13f7de9b94986145a6519deac1de655f38538113122329
voyagerWorm.txt
Posted Nov 1, 2005

Snippet of code from the Voyager Beta worm.

tags | worm
SHA-256 | 0a9d34add4e646f517537712d241a8537ff7a4bcc502318fa6bb16b5087e7474
mwcollect-3.0.0.tar.bz2
Posted Nov 1, 2005
Authored by Honeynet Project | Site mwcollect.org

mwcollect is an easy solution to collect worms and other autonomous spreading malware in a non-native environment like Linux.

Changes: First v3 core based version that catches a whole bunch of malware.
tags | tool, worm, intrusion detection
systems | linux, unix
SHA-256 | 21ae6a8d58a5ef93483cc8c163cf219d57d4772a2f4875558329e397b4c8be5b
TT-Dave-Aitel-Nematodes.sxi
Posted Oct 11, 2005
Authored by Dave Aitel

Nematodes (Beneficial Worms) - This presentation presents concepts for taking expoitation frameworks into the next evolution: solving complex security problems by generating robustly controllable beneficial worms. The Why, How, and What of Nematode creation are discussed, along with some concepts in Mesh routing. Problems discussed include legal issues, controlling your worm, writing an intermediate language, the Nematode Intermediate Language (NIL) for writing robust worms, reliability problems, commications protocols, and future work.

tags | worm, protocol
SHA-256 | 446fdad6f1cbb3d6964e71c5e4b8c7eeb406f2582978a27b2314f9e084849e8d
p3scan-2.2.1.tar.gz
Posted Sep 23, 2005
Authored by laitcg | Site p3scan.sourceforge.net

Pop 3 scan is a full transparent proxy server for POP3 clients. It runs on a Linux box with iptables (for port redirection). It can be used to provide POP3 email scanning from the Internet to any internal network, and is ideal for helping to protect your Other OS LAN from harm, especially when used in conjunction with a firewall and other Internet proxy servers. It is designed to enable scanning of incoming email messages for viruses, worms, trojans, spam, and harmful attachments. Because viewing HTML email can enable a spammer to validate an email address (via Web bugs), it can also provide HTML stripping.

Changes: Made TOP command processing an option. Fixed ability to not use ripmime library. Various other tweaks.
tags | worm, web, trojan
systems | linux, unix
SHA-256 | f2542177fa45fe9ad6bb30fd647614d25ee68588559f91895f366bef1983cb98
sysmask-1.04.tgz
Posted Aug 26, 2005
Authored by XIAO Gang | Site wims.unice.fr

Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.

Changes: Some minor fixes and improvements.
tags | worm, arbitrary
systems | linux
SHA-256 | e79617a3497971702e0be67e1f70480b75311ba9e0f36b43e84dacf09d1d3019
sysmask-1.02.tgz
Posted Aug 24, 2005
Authored by XIAO Gang | Site wims.unice.fr

Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.

tags | worm, arbitrary
systems | linux
SHA-256 | 7242e1e7df113be5894e705e07bd061b8bd640c267fdc13d2147a8e5b3cf8f22
ZeroBoardWorm.c
Posted May 27, 2005

Worm source code that exploits a vulnerability in ZeroBoard, allowing arbitrary PHP code injection.

tags | exploit, worm, arbitrary, php
SHA-256 | 37e1935776b6372a3598a1e1d96f2c6fcacae45ae89ca34dc306ba733e77e212
wormCFP.txt
Posted Feb 28, 2005
Site www1.cs.columbia.edu

Call for papers for WORM 2005, the 3rd Workshop on Rapid Malcode. Submissions are due by June 23rd, 2005.

tags | paper, worm, conference
SHA-256 | ce06ad691b6f58f4a13eaecd6e5934f34deb492bb31514677f016e6bfb106cdc
zbcode.c
Posted Feb 10, 2005

Source code for a worm that spreads using Zboard PHP vulnerabilities. Known as the ZeroBoard worm, it infects Linux, FreeBSD, and Sun.

tags | worm, php, vulnerability
systems | linux, freebsd
SHA-256 | 4040e59fececc70fcef5d30cbff38f15457047e62161edc81adda31769b65a06
OutlookMuteX.txt
Posted Jan 28, 2005
Authored by Anand Khare

Exploit for Outlook that can press a button to verify it is okay to access protected contact data. Tested against Windows XP SP1. This functionality may be utilized in future worm creation.

tags | exploit, worm
systems | windows
SHA-256 | b7b894daaf5e749e2f7ec8cab19e398017e5a3a7694ac2d2bf74ebf782fb2f30
p3scan-2.0.tar.gz
Posted Jan 22, 2005
Authored by laitcg | Site p3scan.sourceforge.net

Pop 3 scan is a full transparent proxy server for POP3 clients. It runs on a Linux box with iptables (for port redirection). It can be used to provide POP3 email scanning from the Internet to any internal network, and is ideal for helping to protect your Other OS LAN from harm, especially when used in conjunction with a firewall and other Internet proxy servers. It is designed to enable scanning of incoming email messages for viruses, worms, trojans, spam, and harmful attachments. Because viewing HTML email can enable a spammer to validate an email address (via Web bugs), it can also provide HTML stripping.

tags | worm, web, trojan
systems | linux, unix
SHA-256 | 0a56b7a930ae363d78d47f70b15740255348708cec1693277c1456897490b0be
phpbb.ssh.D.txt
Posted Jan 7, 2005
Authored by priv8crew

New version of the phpBB worm with bot install that makes use of Altavista.

tags | exploit, worm
SHA-256 | c5803f6012ff7cfa1585917d923f94e611150553d2fb171052cdefe79a0f8b4f
PhpIncludeWorm.txt
Posted Jan 2, 2005

New PHP based worm that targets any vulnerable page or script with a remote file inclusion vulnerability.

tags | exploit, worm, remote, php, file inclusion
SHA-256 | f686e3ce87521020d566eb54425d1d16f068cd1e65357f20186d576f792c1994
SantyB.php.txt
Posted Jan 2, 2005

Santy.b phpBB worm that affects versions 2.0.10 and below and installs a bot. Uses AOL/Yahoo search.

tags | advisory, worm
SHA-256 | 25273610beb305e25f97564d200388d022753613cacaf2fd823a114c466cb115
Page 3 of 8
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close