exploit the possibilities
Showing 1 - 25 of 74 RSS Feed

Teso

Team Teso
7350ssharp-0.51.tgz
Posted Jun 25, 2004
Authored by teso, stealth | Site stealth.openwall.net

ssharp is a tool for man in the middle attacks against SSH.

SHA-256 | 2e4df21e2413ddc4731a20b6106f2fb5a75feeccc9288a687315659cefe6ee28
adore-ng-0.41.tgz
Posted Mar 12, 2004
Authored by teso, stealth | Site team-teso.net

Adore is a Linux LKM based rootkit for Linux v2.[246]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Ported to 2.6 and fixed a buffer overflow from version 0.32.
systems | linux
SHA-256 | f7f3132f7abb9f75bf1761c20916f778d3487efed3356124798ff769d61224c4
adore-ng-0.31.tgz
Posted Jan 6, 2004
Authored by teso, stealth | Site team-teso.net

Adore is a Linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Syslog filtering, wtmp/utmp/lastlog filtering, relinking of LKMs as described in Phrack #61.
systems | linux
SHA-256 | 87dcaf982e1058d9279347cd8fd26d51f9edbfca0e02f19d548cdcddcf6ffaf3
objobf-0.5.0.tar.bz2
Posted Aug 10, 2003
Authored by teso, scut | Site team-teso.net

objobf is an obfuscater for x86/Linux ELF relocatable object files (.o files) that can produce fancy graphs to visualize function structures. Released at CCCAMP 2k3.

tags | x86
systems | linux
SHA-256 | 3afd6cb33f2bc2f444e4ae31ac730f84c53f71705207242063224711f8832449
loaded-0.21.tgz
Posted May 28, 2003
Authored by teso, Sebastian Krahmer | Site team-teso.net

loaded version 0.21 is an IPv4 load balancer for Linux. It requires netfilter and the QUEUE target enabled in the kernel.

tags | kernel
systems | linux
SHA-256 | 289bf4facdf46653729a2bdb276ddbe1c97e51adb9d403a39f2cd8e30e4643c6
guess-who-0.44.tgz
Posted May 28, 2003
Authored by teso, Sebastian Krahmer | Site team-teso.net

guess-who version 0.44 is a password brute force utility for SSH2.

SHA-256 | 214fd24fdc31ce0ae27321085714876bb3c2d68ef8c3cd97400ae0dbb86f3d8a
reducebind.c
Posted Jan 27, 2003
Authored by teso, scut | Site team-teso.net

This utility converts a dynamically link Linux IA32 ELF binary to a static binary.

systems | linux
SHA-256 | b2f98619b069e576e51819658cb1142cc8d9a95a54a65bd7749c5f19124f8240
sparc.c
Posted Jan 5, 2003
Authored by teso, scut

Remote root exploit for Solaris Napalm heap overflow - SPARC version. Tested against SunOS 5.6, 5.7, 5.8, and 5.9. Attempts to add a root shell to inetd.conf.

tags | remote, overflow, shell, root
systems | solaris
SHA-256 | 31f1d3a448b985faea7b24302d4c77d14c5872c6dedf6a8acaba2c2b9b0d7b07
burneye-1.0.1-src.tar.bz2
Posted Dec 24, 2002
Authored by teso | Site teso.scene.at

Burneye ELF encryption program 1.0.1 with full source and docs.

SHA-256 | c117ac7c00e0b953d484b0dd8e5b77ddc2954e0e0c1141a8773c681ea19aa56b
epta.tgz
Posted Dec 3, 2002
Authored by teso, Sebastian Krahmer | Site team-teso.net

Execution Path Timing Analysis of Unix Daemons - White paper on how to determine if a username is valid remotely by timing remote responses of login programs. OpenSSH diff against v2.99p2 which determines if a username exists even on the newest versions of OpenSSH included.

tags | remote
systems | unix
SHA-256 | d10799a160420e1d98d3d1d82b71b468d6f8cbe44e6d70f262dddffda7cb071c
hack.pl
Posted Nov 30, 2002
Authored by teso, Sebastian Krahmer | Site team-teso.net

Suidperl v5.00503 and others tmp race local root exploit.

tags | local, root
SHA-256 | 0cbc7a3b56529f76acc7c8ceebd4879b13b5f1e22f44319f11c7a07fcafd8c9d
7350pippi.pl
Posted Nov 30, 2002
Authored by teso

7350pippi is a x86/Linux ipppd local root exploit.

tags | x86, local, root
systems | linux
SHA-256 | d67d5f0185de854a8c944dc88002b38187342acf03013c765f3c8acdf84ebe84
7350lapsus.pl
Posted Nov 30, 2002
Authored by teso

7350lapsus is a lpr-3.0.48 Local root exploit. Requires root on a host counted in hosts.lpd and local account on lpd box. This is proof of concept, chown()ing /etc/passwd to a user named 'stealth'.

tags | local, root, proof of concept
SHA-256 | 008fb511165627efdecec5b56039891877cb8c6295921fcc905fddc5f9d0f05c
adore-0.42.tgz
Posted Sep 19, 2002
Authored by teso, stealth | Site team-teso.net

Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Added devpts fix, fixed is_secret64() to properly hide files, and fixed a memory leak.
systems | linux
SHA-256 | ee53884a983a43ec25707f506863dc74451ddf00c166ffe16702abe049b32a70
burneye-1.0-linux-static.tar.gz
Posted Sep 19, 2002
Authored by teso | Site teso.scene.at

Burneye ELF encryption program, x86-linux binary, version 1.0 - new year release!

tags | x86
systems | linux
SHA-256 | abb3b6307900d42db68bca1fe91b32ee37668ddf3c3bc2481803bfd3c64fe830
burneye-stripped.tar.gz
Posted Sep 19, 2002
Authored by teso | Site teso.scene.at

Stripped burneye sources, for educational purposes (beside the speech + article).

SHA-256 | 6930a9cad59edd2543fbb07609b403472baa7babb7dcb0d0d20eeb60059386ad
teso_crew_99_at_ccc-camp.jpg
Posted Sep 15, 2002
Authored by teso

TESO at CCC.

SHA-256 | a7e9747dc72e7bd46c3287687584429cb7aae875051299f7e78c2bd9a6a83f5f
chap.pdf
Posted Feb 26, 2002
Authored by teso, Sebastian Krahmer | Site team-teso.net

Weaknesses in the CHAP protocol as used within PPP and PPTP. Allows authentication in PPTP networks without knowing valid login/password combinations. This authentication scheme is widely used at universities (WLAN networks). A link to a special pppd which is able to authenticate without valid /etc/ppp/chap-secrets is included.

tags | protocol
SHA-256 | a57abb2faae0727b81e1510955840c818aed9a508d24a18b84c7c47e18cd0da4
teso-advisory-012.txt
Posted Feb 5, 2002
Authored by teso | Site team-teso.net

TESO Security Advisory - LIDS Linux Intrusion Detection System vulnerability. The "Linux Intrusion Detection System" security patch for the Linux kernel creates a security vulnerability. Exploitation is easy and local users may be able to gain unrestricted root privileges.

tags | kernel, local, root
systems | linux
SHA-256 | 8db59c973f0a09a893a58ab51abf452ad932286369e021ea1f5d4515063ef9d4
iob-0.1.tar.gz
Posted Oct 11, 2001
Authored by teso, scut | Site team-teso.net

IOB stands for I/O bridge, a simple tty chaining program. It can be used to log almost any session, including ssh, gpg, pgp, cfsattach, losetup, etc.

SHA-256 | 29c258374e9799d3f17c6e1042df216aa63e48c532e3dc875a467a0d72b893c3
teso-advisory-011.txt
Posted Jul 29, 2001
Authored by teso, scut | Site team-teso.net

TESO Security Advisory #11 - Multiple vendor Telnet Daemon vulnerability. Most current telnet daemons in use today contain a buffer overflow in the telnet option handling. Under certain circumstances it may be possible to exploit it to gain root privileges remotely. Affected systems include BSDI 4.x, FreeBSD, IRIX, Linux with netkit-telnetd < 0.14, NetBSD, OpenBSD 2.x, and Solaris.

tags | overflow, root
systems | linux, netbsd, solaris, freebsd, irix, openbsd
SHA-256 | 4849ac76d26caec6f947c4879fceb873db9d4fbf399d4ebadda0a88587f6c0ba
adore-0.39b4.tgz
Posted Jul 29, 2001
Authored by teso, stealth | Site team-teso.net

Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Now includes open()/stat() redirection and improved netstat hiding. Removed execution redirection.
systems | linux
SHA-256 | bc8ab5303f03a7435098e0a13569dd423675198c8181472e3c458b68a2296ecf
adorebsd-0.34.tar.gz
Posted May 25, 2001
Authored by teso, Bind | Site team-teso.net

AdoreBSD 0.34 - Based off Linux Adore by Stealth. Features hiding files and directories from view, makes processes invisible, hides promiscuous flag and syslog messages, execute as root, hides sysctl mib entries, netstat service hiding, authentication, and module hiding. Developed on FreeBSD 4.3-STABLE.

tags | root
systems | linux, freebsd
SHA-256 | cfeece4d9e9d8347a58eddaf64786360a9187ee3f9bc5af4ee4426bc941f9e3b
adore-0.38.tar.gz
Posted May 25, 2001
Authored by teso, stealth | Site team-teso.net

Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Added 64bit FS support, now fools protection modules as StMichael, and minor fixes.
systems | linux
SHA-256 | 81a2723c4a646ea1c9d07a8b8689f5d9f2b498231624d3516bf9a5a8729ca172
arpmim-0.2.tar.gz
Posted Apr 7, 2001
Authored by teso, Skyper | Site team-teso.net

Arpmim v0.2 implements an ARP man in the middle attack. Includes single or multiple host support, asymmetric MiM, arpop_request, and macoff.

SHA-256 | 85d0ebf42ca0b511272bae44719270ba2cc579d2c7b4c60f48725bdb5c1487c5
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
FBI And NSA Say: Stop Doing These 10 Things That Let Hackers In
Posted May 18, 2022

tags | headline, hacker, government, usa, fbi, nsa
Your Data Is Auctioned Off Up To 987 Times A Day, NGO Reports
Posted May 18, 2022

tags | headline, privacy, data loss
April VMware Bugs Abused To Deliver Mirai Malware, Exploit Log4Shell
Posted May 18, 2022

tags | headline, malware, flaw
APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack 0-Days
Posted May 18, 2022

tags | headline, hacker, malware, cyberwar, zero day
State Of Internet Crime In Q1 2022: Bot Traffic On The Rise, And More
Posted May 18, 2022

tags | headline, hacker, malware, cybercrime, data loss, botnet, fraud
Wizard Spider Hackers Hire Cold Callers To Scare Ransomware Victims Into Paying Up
Posted May 18, 2022

tags | headline, hacker, malware, cybercrime, fraud, cryptography
Sysrv-K Botnet Targets Windows, Linux
Posted May 17, 2022

tags | headline, microsoft, linux, botnet
FBI: Hackers Used Malicious PHP Code To Grab Credit Card Data
Posted May 17, 2022

tags | headline, hacker, government, bank, usa, cybercrime, fraud, fbi, backdoor
iPhones Vulnerable To Attack Even When Turned Off
Posted May 17, 2022

tags | headline, phone, flaw, apple
Don't Accidentally Hire A North Korean Hacker, FBI Warns
Posted May 17, 2022

tags | headline, hacker, government, cyberwar, spyware, korea, fbi, backdoor
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close