exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 69 RSS Feed


Posted Sep 18, 2001
Authored by Stephanie Wehner | Site r4k.net

Curious Yellow v0.01 is example code for Fun and Games with FreeBSD Kernel modules. Contains examples for all the different kernel alteration methods plus several small tools that can also be used for detection and defense.

tags | paper, kernel
systems | unix, freebsd
SHA-256 | 73f88d8d22fa2950f8a4357f7da33c328f20127b5742927ce21031e9f29ee484
Posted Sep 18, 2001
Authored by Stephanie Wehner | Site r4k.net

Fun and Games with FreeBSD Kernel Modules - Kernel hacking using kernel modules and kmem patching. Contains information on how to intercept system calls and other calls in the kernel by altering the corresponding call table. Also shows how to alter these tables by writing to kernel memory and gives an example of patching the kernel directly without the use of modules. Furthermore an example is given on how the symbol table in the kernel can be altered.

tags | paper, kernel
systems | unix, freebsd
SHA-256 | 6db5555db57051ba93d1218a96282712e6bec0bee4d5f2277a0cc04f3e3b2771
Posted Aug 9, 2001
Authored by Frederic Raynal, Samuel Dralet

Format String Builder includes code and instructions for use of a program which aids in the creation of format string exploits. Includes fmtbuilder.c, a small program to help build the strings.

tags | paper
systems | unix
SHA-256 | 848aaf31d3d81b8a782d44737935a4b9fcbae59484032cc55cdd1d2a44e1e406
Posted Jul 29, 2001
Authored by The Last Stage of Delirium | Site lsd-pl.net

This package contains all codes prepared for technical paper - UNIX Assembly Codes Development for Vulnerabilities Illustration Purposes. For every discussed processor architecture samples of various assembly components are included.

tags | paper, vulnerability
systems | unix
SHA-256 | b198c0c0a17e1e73d1170ac01516e46602412eb03ffe85f6eeb00bf35c7ed193
Posted Jul 29, 2001
Authored by The Last Stage of Delerium | Site lsd-pl.net

Unix Assembly Code Development for Vulnerabilities Illustration Purposes v1.02 - Covers IRIX / MIPS, Solaris, HP-UX, AIX, Ultrix, Linux, BeOS, and BSD. Includes system call invocation information, code specifics, "Zero free" code, ASM functionality, and examples.

tags | paper, vulnerability
systems | linux, unix, solaris, irix, bsd, aix, hpux, beos
SHA-256 | 62d2e8de6232b3ff6562e6a1ae2a27a030259d2647d85ffb2ae413a70b82d7e1
Posted Jul 23, 2001
Authored by Mixter | Site mixter.void.ru

Guidelines for C source code auditing - A basic reference containing some tips, approaches and methods for finding vulnerabilities in C code.

tags | paper, vulnerability
systems | unix
SHA-256 | b51ef94c9808338490069713f8eb6404b9f0ffddb2612c40f2369d7c13b0a159
Posted Jul 18, 2001
Authored by Antonomasia

Looking for Vulnerabilities - Our approach has been to look for a few common mistakes in programs (and scripts) of interest (mainly setuid, setgid programs and network servers). This paper focuses on unsafe temp files, unsafe environment, and buffer overflows.

tags | paper, overflow, vulnerability
systems | unix
SHA-256 | f66499c4db19f49b5b6f1abda1969d8574ee7a5fbe0ed73010d9c2401d1d8dac
Posted Jul 11, 2001
Site ntop.org

Monitoring Networks Using ntop - How to monitor networks using the security tool ntop. Includes information on how to use it as a lightweight IDS.

tags | paper
systems | unix
SHA-256 | 8fab586e80d7808fa072e8c914fb00ef79573c88cc88de648f64595124e333e7
Posted Jun 5, 2001
Authored by Silvio Cesare | Site big.net.au

Stealth Syscall Redirection - This article describes a technique of redirecting system calls without modifying the sys call table (implemented in Linux). This can be used to evade intrusion detection systems that use the sys call table to register redirected or trojaned system calls. The basic premise behind this attack is to modify the old system call code to jump to the new system call, thus control is transferred to the replacement system call and the sys call table is left untouched.

tags | paper, trojan
systems | linux, unix
SHA-256 | b65637f6eb6460d4d82d35adddf11e37ba7cdf38d977e6f9f161d95599528e70
Posted Apr 7, 2001
Site ideahamster.org

Open-Source Security Testing Methodology Manual - This is a document of Internet security testing methodology, a set of rules and guidelines for solid penetration testing, ethical hacking, and information security analysis including the use of open source testing tools for the standardization of security testing and the improvement of automated vulnerability testing tools.

tags | paper
systems | unix
SHA-256 | 13359705253cc0ddb86314504ce87e011dbd75e3d275187fc6074dabcfb1ae41
Posted Mar 17, 2001
Authored by Fides

This guide intends to teach the basics of buffer overflow to the average C programmer without the need for complex knowledge of assembly. Written with FreeBSD 4.2-Release in mind, but written for x86 *nix.

tags | paper, overflow, x86
systems | unix, freebsd
SHA-256 | cb58a5e28f825f34f22a59c92b55d25701b5d23ebf652a924fb49ea2eaa8a82b
Posted Mar 16, 2001
Authored by Angel Ramos

Disassembling programs on Debian Linux 2.2 using gdb.

tags | paper
systems | linux, unix, debian
SHA-256 | 56d9a1c2e8443b0f76c19af756ecdda7c41fa869fa870e362ec15110a4a21e2b
Posted Dec 24, 2000
Authored by venomous | Site rdcrew.com.ar

How to exploit format string vulnerabilities - In Spanish.

tags | paper, vulnerability
systems | unix
SHA-256 | d30ae54998bb2cc00f334b5bae58862608dc3f8d9da7dce9df01a7975c7a1cc0
Posted Nov 2, 2000
Authored by Tim Lawless | Site sourceforge.net

This paper describes how the StJude kernel module stops local and remote exploits from being successful. The Saint Jude model for improper privilege transitions terminates program execution when it is exploited even if the exploit is unknown.

tags | paper, remote, kernel, local
systems | unix
SHA-256 | 32a264782ffbeb3b1d5ac2fe7295419e164d7bcced7404713c2fa709c85c1ee7
Posted Jun 29, 2000
Authored by Lamarga | Site lamagra.seKure.de

Format Bugs - What they are, Where they came from, and How to exploit them. Users can often input format strings into printf and other statments, causing the stack to be overwritten. Includes code samples and debugger output.

tags | paper
systems | unix
SHA-256 | a591a666146efb26ddfc36a8bc0226770a35257ba749a6efc8797ecf52f3289c
Posted Apr 27, 2000
Authored by Lance Spitzner | Site enteract.com

Passive Fingerprinting is a method to learn more about the enemy, without them knowing it. Specifically, you can determine the operating system and other characteristics of the remote host using nothing more then sniffer traces. Though not 100% accurate, you can get surprisingly good results by looking at the TTL, TOS, Window Size, and DF bit. Includes information on changing your machines fingerprint on Linux and Solaris.

tags | paper, remote
systems | linux, unix, solaris
SHA-256 | 3de3522a3961606ab4ff30b515bb3831552e13e90fd72c8718c7d15a4adf6301
Posted Apr 12, 2000
Authored by Kevin Steves | Site people.hp.se

Building a Bastion Host Using HP-UX 11 - Covers configuring HP-UX 10 and 11 to be a secure host, useful for firewall gateways, web servers, ftp servers, dns servers, mail hubs, and more.

tags | paper, web
systems | unix, hpux
SHA-256 | d1b8db73a010afb5da4be15559a94e2c098a450abb5a26cce22234cd6db501d7
Posted Apr 10, 2000
Authored by Prizm

IRIX Login Security - In this paper you will learn a bit about logins, and the seriousness of what could happen if you don't take certain precautions. You will have found out some options you can take with your logins, certain restrictions, and a lot more.

tags | paper
systems | unix, irix
SHA-256 | 35daa4e31eadc2e9835852cb680f16c18c3d63d83c32a3c93afa078dcdfd4718
Posted Apr 5, 2000
Authored by Gerhard Mourani | Site pages.infinit.net

Securing and Optimizing Red Hat Linux - This documentation is indispensable for peoples that want to get all advantage, security, and optimization of a Linux Server. Features Free/SWAN section, Quota configuration, Portsentry, Logcheck, section, improved firewall security approach, more system security tips and a lot other changes. This is the version 1.2 released the March 17, 2000.

tags | paper
systems | linux, redhat, unix
SHA-256 | 21fedc3ff40715c9ab54627a93f618933543a9092dd9c93b1701b7e1865b8233
Posted Feb 25, 2000
Authored by Larry W. Cashdollar | Site vapid.dhs.org

What you don't know will hurt you - Remote information gathering. This paper outlines two models of information gathering . The first model is "noisy" where the attacker uses all known resources with little reguard for what footprints* might be left on the target. The second is "stealthy". Wherein the attacker uses methods and packages designed to subvert logging facilities on the target.

tags | paper, remote
systems | unix
SHA-256 | 7ad6564fa61c83377ccb981bf858b6053af46d1c53f44d173b57428b2d0d38a9
Posted Feb 15, 2000
Authored by Lamagra

A little article on m68k buffer overflows + shellcode.

tags | paper, overflow, shellcode
systems | unix
SHA-256 | 016422af06a4b1b382cf3adddd84f9422c208462d1ded6d338ac8ba2a3b63718
Posted Dec 24, 1999
Authored by Coaxial Karma

Step by Step instructions for tunnelling IP through an SSL Proxy using two linux boxes, pppd, ipfwadm, and ppptcp-ssl.

tags | paper
systems | linux, unix
SHA-256 | 0dea7e4d8de7848934326ba14c32424742eca07f1b208d21ec80e262ffbdfb8c
Posted Dec 20, 1999
Authored by Suid | Site suid.edu

There exists a vulnerability with certain configurations of certain ftp daemons with which users with a valid ftp only acccount on a system may execute arbitrary commands (including binaries supplied by themselves). There also exists the possibilty that anonymous ftp users may execute arbitrar y commands (also including binaries supplied by themselves). While this vulnerability is entirely configuration dependent. The required configuration is rather common. Exploit information here.

tags | paper, arbitrary
systems | unix
SHA-256 | 223f01ce4e2ad4bdfbd09c6989851a84ceba7d1fbe6c4a85a5d5802a338bf787
Posted Dec 20, 1999
Authored by pragmatic | Site pimmel.com

Attacking FreeBSD with Kernel Modules - The System Call Approach. System calls can be backdoored on FreeBSD much like they can on linux, and most linux kernel modules can easily be ported to FreeBSD. Includes information on intercepting system calls, filesystem related hacks, hiding files and contests, process related hacks, file execution redirection, tty hijacking, and module hiding.

tags | paper, kernel
systems | linux, unix, freebsd
SHA-256 | 99570c1f731fdefef35078cbb47958ca6d7efe7e113d0f5d14d4788fbf479ea0
Posted Dec 11, 1999
Authored by Barakirs

Beginners Guide to Linux + Easy Installation Guide version 1.1 - I'd bet some of the people reading this description are using Windows, and are afraid to install Unix on their computer for some reason. "Sure, Unix does all those cool things and has better security and most Unix programs are open-source, but what will happen if I'll screw up with the installation and delete my old copy of Windows?" Black Sun Research Facility presents - an easy to understand and simple installation guide for Redhat Linux and Mandrake Linux, the two most easiest-to-install distributions (although this tutorial is good for other common Linux distributions as well).

tags | paper
systems | linux, redhat, windows, unix, mandrake
SHA-256 | 94cf75c7fd9dcca69ca84c58292ccd72ecd74d76665906368f284adf788ce5fb
Page 2 of 3

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By