seeing is believing
Showing 1 - 25 of 74 RSS Feed

Teso

Team Teso
7350ssharp-0.51.tgz
Posted Jun 25, 2004
Authored by teso, stealth | Site stealth.openwall.net

ssharp is a tool for man in the middle attacks against SSH.

MD5 | 8e8771914abfa95f80ea1fd9a7539c45
adore-ng-0.41.tgz
Posted Mar 12, 2004
Authored by teso, stealth | Site team-teso.net

Adore is a Linux LKM based rootkit for Linux v2.[246]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Ported to 2.6 and fixed a buffer overflow from version 0.32.
systems | linux
MD5 | 3295d45f24060914c411d1d75343660a
adore-ng-0.31.tgz
Posted Jan 6, 2004
Authored by teso, stealth | Site team-teso.net

Adore is a Linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Syslog filtering, wtmp/utmp/lastlog filtering, relinking of LKMs as described in Phrack #61.
systems | linux
MD5 | 4a925181db7030c1e9b67225a88abbe0
objobf-0.5.0.tar.bz2
Posted Aug 10, 2003
Authored by teso, scut | Site team-teso.net

objobf is an obfuscater for x86/Linux ELF relocatable object files (.o files) that can produce fancy graphs to visualize function structures. Released at CCCAMP 2k3.

tags | x86
systems | linux
MD5 | ba6b6f098f2c1e48c6946c6b13f568bb
loaded-0.21.tgz
Posted May 28, 2003
Authored by teso, Sebastian Krahmer | Site team-teso.net

loaded version 0.21 is an IPv4 load balancer for Linux. It requires netfilter and the QUEUE target enabled in the kernel.

tags | kernel
systems | linux
MD5 | d467ee59815b3f7befd3c46911940c80
guess-who-0.44.tgz
Posted May 28, 2003
Authored by teso, Sebastian Krahmer | Site team-teso.net

guess-who version 0.44 is a password brute force utility for SSH2.

MD5 | a40161347c970fe627631a1354f7d35d
reducebind.c
Posted Jan 27, 2003
Authored by teso, scut | Site team-teso.net

This utility converts a dynamically link Linux IA32 ELF binary to a static binary.

systems | linux
MD5 | 51bd11bc0ce5e38a9cb6933d910de716
sparc.c
Posted Jan 5, 2003
Authored by teso, scut

Remote root exploit for Solaris Napalm heap overflow - SPARC version. Tested against SunOS 5.6, 5.7, 5.8, and 5.9. Attempts to add a root shell to inetd.conf.

tags | remote, overflow, shell, root
systems | solaris
MD5 | 34c08bb66b18e41b75d2c0287149d5ad
burneye-1.0.1-src.tar.bz2
Posted Dec 24, 2002
Authored by teso | Site teso.scene.at

Burneye ELF encryption program 1.0.1 with full source and docs.

MD5 | 848ae0d696d2438a01753a0fad665270
epta.tgz
Posted Dec 3, 2002
Authored by teso, Sebastian Krahmer | Site team-teso.net

Execution Path Timing Analysis of Unix Daemons - White paper on how to determine if a username is valid remotely by timing remote responses of login programs. OpenSSH diff against v2.99p2 which determines if a username exists even on the newest versions of OpenSSH included.

tags | remote
systems | unix
MD5 | 3652eb952d213483c1e22f10b941883d
hack.pl
Posted Nov 30, 2002
Authored by teso, Sebastian Krahmer | Site team-teso.net

Suidperl v5.00503 and others tmp race local root exploit.

tags | local, root
MD5 | 8041a1da62bd891ae9e65c3a2871a6c2
7350pippi.pl
Posted Nov 30, 2002
Authored by teso

7350pippi is a x86/Linux ipppd local root exploit.

tags | x86, local, root
systems | linux
MD5 | 0c635de06e7fd0738cf3c235e1b74c8c
7350lapsus.pl
Posted Nov 30, 2002
Authored by teso

7350lapsus is a lpr-3.0.48 Local root exploit. Requires root on a host counted in hosts.lpd and local account on lpd box. This is proof of concept, chown()ing /etc/passwd to a user named 'stealth'.

tags | local, root, proof of concept
MD5 | 85d373c856befc7da5b6d2727b6291af
adore-0.42.tgz
Posted Sep 19, 2002
Authored by teso, stealth | Site team-teso.net

Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Added devpts fix, fixed is_secret64() to properly hide files, and fixed a memory leak.
systems | linux
MD5 | 156ded13d5e16b84a9e31193bc9bc417
burneye-1.0-linux-static.tar.gz
Posted Sep 19, 2002
Authored by teso | Site teso.scene.at

Burneye ELF encryption program, x86-linux binary, version 1.0 - new year release!

tags | x86
systems | linux
MD5 | 13bd499f3695bb087c7742a82471c565
burneye-stripped.tar.gz
Posted Sep 19, 2002
Authored by teso | Site teso.scene.at

Stripped burneye sources, for educational purposes (beside the speech + article).

MD5 | 14f3aeb7cab6ab215e6c6a3997561408
teso_crew_99_at_ccc-camp.jpg
Posted Sep 15, 2002
Authored by teso

TESO at CCC.

MD5 | 38dcfc807b4384b2828156c0f51b981d
chap.pdf
Posted Feb 26, 2002
Authored by teso, Sebastian Krahmer | Site team-teso.net

Weaknesses in the CHAP protocol as used within PPP and PPTP. Allows authentication in PPTP networks without knowing valid login/password combinations. This authentication scheme is widely used at universities (WLAN networks). A link to a special pppd which is able to authenticate without valid /etc/ppp/chap-secrets is included.

tags | protocol
MD5 | 6b4b918f410d855855fdaab340232b39
teso-advisory-012.txt
Posted Feb 5, 2002
Authored by teso | Site team-teso.net

TESO Security Advisory - LIDS Linux Intrusion Detection System vulnerability. The "Linux Intrusion Detection System" security patch for the Linux kernel creates a security vulnerability. Exploitation is easy and local users may be able to gain unrestricted root privileges.

tags | kernel, local, root
systems | linux
MD5 | 798dd3ba6b7227152566567c49b9423c
iob-0.1.tar.gz
Posted Oct 11, 2001
Authored by teso, scut | Site team-teso.net

IOB stands for I/O bridge, a simple tty chaining program. It can be used to log almost any session, including ssh, gpg, pgp, cfsattach, losetup, etc.

MD5 | e5014222fec4c7375e3f66dbb8edb43a
teso-advisory-011.txt
Posted Jul 29, 2001
Authored by teso, scut | Site team-teso.net

TESO Security Advisory #11 - Multiple vendor Telnet Daemon vulnerability. Most current telnet daemons in use today contain a buffer overflow in the telnet option handling. Under certain circumstances it may be possible to exploit it to gain root privileges remotely. Affected systems include BSDI 4.x, FreeBSD, IRIX, Linux with netkit-telnetd < 0.14, NetBSD, OpenBSD 2.x, and Solaris.

tags | overflow, root
systems | linux, netbsd, solaris, freebsd, irix, openbsd
MD5 | 56fb4e5983fdf5c58663113d30bc8c33
adore-0.39b4.tgz
Posted Jul 29, 2001
Authored by teso, stealth | Site team-teso.net

Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Now includes open()/stat() redirection and improved netstat hiding. Removed execution redirection.
systems | linux
MD5 | 777cbd2a59268b394b79da2bda910a40
adorebsd-0.34.tar.gz
Posted May 25, 2001
Authored by teso, Bind | Site team-teso.net

AdoreBSD 0.34 - Based off Linux Adore by Stealth. Features hiding files and directories from view, makes processes invisible, hides promiscuous flag and syslog messages, execute as root, hides sysctl mib entries, netstat service hiding, authentication, and module hiding. Developed on FreeBSD 4.3-STABLE.

tags | root
systems | linux, freebsd
MD5 | f98864a4f927e04d6f66a010934a08a0
adore-0.38.tar.gz
Posted May 25, 2001
Authored by teso, stealth | Site team-teso.net

Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Added 64bit FS support, now fools protection modules as StMichael, and minor fixes.
systems | linux
MD5 | 72e80f9fa6ebe9358f7fd0358c8e959f
arpmim-0.2.tar.gz
Posted Apr 7, 2001
Authored by teso, Skyper | Site team-teso.net

Arpmim v0.2 implements an ARP man in the middle attack. Includes single or multiple host support, asymmetric MiM, arpop_request, and macoff.

MD5 | 09271a5d4aa3e7652dd10d2a16b6a511
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
Child Safety Smartwatches Easy To Hack, Watchdog Says
Posted Oct 18, 2017

tags | headline, privacy, flaw
Domino's Pizza Delivers User Details To Spammers
Posted Oct 18, 2017

tags | headline, privacy, email, spam, fraud
Microsoft Never Disclosed 2013 Hack Of Secret Vulnerability Database
Posted Oct 18, 2017

tags | headline, hacker, microsoft, data loss, flaw
Adobe Patches Zero-Day Used To Plant Gov't Spying Software
Posted Oct 17, 2017

tags | headline, hacker, government, usa, flaw, cyberwar, adobe, zero day, nsa
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close