Mognet version 1.13 is a GPL'd libpcap/jpcap 802.11b sniffer/analyzer written in Java. It is display-optimized for use on handheld devices like the iPaq, and can save and load frames in libpcap/tcpdump/ethereal format.
71c4a2d8b29343b5112f4cb355dde2b29e060e6b00f6ad3733e1d6e1d3f921ff
CORE Security Advisory CORE-20011001 - Another globbing problem has been discovered in Wu-FTPD, allowing a remote user to execute arbitrary code. Affected versions include: all Wu-FTPD versions through 2.6.1, Wu-FTPD 2.7.0 snapshots, and FTP server programs derived from Wu-FTPD.
b2af010437f4826bb1eed002d7911ab9a56a1c96980ee85e3944582ce2cdbcf9
Details and source diffs for the wu-ftpd v2.6.1 remote overflow vulnerability. By leaving off closing ']' and '}' characters, it's possible to get the glob function to construct a long string which very well may overflow a buffer in gzip v1.2.4.
30748757c260928c611e88fd96b30631aba28b1ad1813970dcd5a76a1ab7932d
Steghide is steganography program which hides bits of a data file in some of the least significant bits of another file in such a way that the existence of the data file is not visible and cannot be proven. Steghide is designed to be portable and configurable and features hiding data in bmp, wav and au files, blowfish encryption, MD5 hashing of passphrases to blowfish keys, and pseudo-random distribution of hidden bits in the container data. It is able to embed data in BMP, WAV, and AU files.
c2bc422e604ece24acd0a7a9e633a942fddb50fcfffb8fb2d26dd84eea7ba0f8
Vapid Labs Security Advisory 11232001-02 - The webserver administrator password for the Xitami Webserver is stored clear-text in a world readable file, allowing a local user to gain control of the webserver and, with some effort, the root account. Affected versions include: Xitami Webserver 2.4d9 and 2.5b5 beta.
086b0483b623081e9fdd5220b9aa4f16c4e694ca9fb5953d8a3a78590a93c16a
NMRC Advisory - A vulnerability has been found in Sun's NetDymanics session management package that allows an attacker to hijack random user sessions. Versions confirmed affected include Solaris 7 and 8 (SPARC), running NetDynamics 4.x and 5.x.
93ca5cbfd649dcedcb26f1045e072b2faba1a2aa28bf1d75267c53805c5bb86d
RemoteCompFind (previously known as RemoteHit) searches for a computer on a remote network, in a given IP Range, using NetBIOS protocol. The program is fully multi-threaded. RemoteHit has MS "Find: Computer" like interface.
f7f1091033a3b2f63fc387cdfb759af2a4e498e63db235ad30a684d4a43192af
ldM.c is a backdoor that runs on tcp port 141 by default.
c6299499912cbd9e814a5674cfc34c5a466c005cc3af22d93a7baed98fc365f9
Capsel v1.9.99pre5 is a Linux kernel module for v2.2.x and 2.4.x with many features that increase your system security. It features the ability to stop chroot jail break, stop ptracing, control the execve call, and removes read permission from core dumps. It also changes the behavior of set*uid system calls which may be used by programs to drop almost all capabilities and UID without dropping capabilities that are needed to work correctly (i.e. bind sockets). Allows you to get rid of many of your SUID files.
a5918d4a20d806208b32e0b417f47e29eb7c913b1b76c03f7dcc0a0f05f8e1fe
Flood2.c is a SYN flooder that is more efficient than Juno because it uses smaller packets. Slightly broken.
87d55c83a0a5d1849a0ac50ee24c11e61710b2a8b7f7933479ee89fafad23673
Std.c is a udp packet flooder. Tested on Linux.
e91335a547a70625afc111963c420b05bbe3f8bb4ba39bf722aaed746cba3df5
IP Sorcery is a TCPIP packet generator which allows you to send TCP, UDP, and ICMP packets with a GTK+ interface.
adc1acd1519ea1fb4385857dd333f445e98932613ca65cea2c8e9888302e03f3
Medusa DS9 is a tool used to increase Linux's security. It consists of two major parts - Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets.
782bc79b5afc4ff443dc44837213c29aa727a4d85eac15d2727e4485fc7da936
Sniff formats hex packets from tcpdump and converts them to ASCII to make them easier to read and understand. Its features include colored console output, CSV file saving, and fully customizable output. The program directly accepts all tcpdump options, including parsing from packet files.
435498f0db4eb809acdb2227c9b536d51fe515d1329b990c5c7ff16977f75bd6
SendIP is a commandline tool to send arbitrary IP packets. It has a large number of command line options to specify the content of every header of a TCP, UDP, ICMP, or raw IP packet. It also allows any data to be added to the packet. Checksums can be calculated automatically, but if you wish to send out wrong checksums, that is supported too.
c3dd259590c3eed83675409fb32029327c00b8da1230643dc43e89976642c03b
Winfingerprint v0.4.0 - Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controller), BDC (Backup Domain Controller), NT member server, NT Workstation, SQLServer, Novell Netware Server, Windows for Workgroups, Windows 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, Enumerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes. Runs on Windows NT and 2000.
cbe16d6221e053409d04ba5f9d8cff4128c6413e64b44b33732d58ccca008171
Procwatch is a perl script which watches a /proc filesystem for new processes. When a process is created, procwatch reports the time, the username, the PID, and the binary that was run. Its output is suitable for logging to log files and is geared for system administrators who are testing a new but as yet untrusted UNIX system. Although it cannot detect, and is not proof against, hacked loadable kernel modules that have modified /proc, it is useful in watching for possible rogue binaries.
68dfad72427ae0eddb228265f96ba7689c3ec4efa78ad0f285c13614b8594c69
The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
fa1ad43fadf54a769b2370a50d8d29243ac7c710c4d53a67279b3fca599d425a
Srape is a perl script which sends tcp with no flags set and causes the victim to reply with rst packets. Seems to be more effective than a syn attack and harder to filter.
e4f492aef69f00b77840d631ac6aa16b968e23e37b3dfc9b6d38bcf76c82d57e
Shell script to scan a domain for open windows shares using samba. Tested on slackware, red hat, SuSE. Requires smb client.
aa897cb01895e470ffc69ea88d3d8aa218b9d21900a286afbf5b78fded94e1fc
CERT Advisory CA-99-16 - Buffer Overflow in solaris sadmind. The sadmind program is installed by default in Solaris 2.5, 2.6, and 7.
91e3ccb53dada317e1d9eb7fb117db045ea4dab85eb4219206c1ebfaece31491
Dword.pl - This will convert a given IP address into it's dword equiv, as described in "How to Obscure Any URL", available here.
3f31fd5b39902ebcc095a352a0538509fc005b0f033a0d5aae798016f30131c7
Explanation of how to exploit the rpc.sadmind bug on Solaris.
39930a280c144ab14cfd240d0a929369a2f7e68dfed059b8f4c01fda84a4ba71
Hotmail is vulnerable to yet another serious security problem involving javascript. Windows, MacOS, and Linux users are affected. Filters may be bypassed by putting line feeds in the middle of the javascript code, the browser will remove the line feeds and execute it.
38d619755398daddb4094c74d9e46a705ebf54917924ac7f57da9be93f94b110
Veritas Volume Manager 3.0.x for Solaris contains a security hole which can, under specific circumstances, allow local users to gain root access. Exploit description included.
fd2319ff0e16f1c6e713fa56b2101950213939c45121c340cc789350ca38aee3