objobf is an obfuscater for x86/Linux ELF relocatable object files (.o files) that can produce fancy graphs to visualize function structures. Released at CCCAMP 2k3.
3afd6cb33f2bc2f444e4ae31ac730f84c53f71705207242063224711f8832449Advanced Shellcode Generator 1.1-1. - Very compact and simple to use. All notation written in Italian.
d4c742228d707e23668817a999341be91f460d02ae77919fd026d785294d6c77Atstake Security Advisory A080703-2 - tcpflow, the network monitoring tool that records TCP sessions in an easy to use and view manner, contains a format string vulnerability that is typically unexploitable.
b4f0c4f5a717ad038f3eb39e9c687e11d5766b61d2e3b9b83c77992f43bb0bcfAtstake Security Advisory A080703-1 - Both IPNetSentryX and IPNetMonitorX come with three helper tools that each have security issues associated with them. The first two tools: RunTCPDump and RunTCPFlow allow arbitrary users to monitor the network without requiring any form of authentication or privilege. The third tool, tcpflow (executed by RunTCPFlow), contains a format string vulnerability, allowing arbitrary commands to be run as the user calling the program. Since RunTCPFlow is setuid root and will pass arguments to tcpflow, we can execute arbitrary commands as root.
e9e60f02bd40ae6f22a3de8966d31b5d80e4df271203a7ad9f1e8286a57adf29Normal Lotus SameTime login credential encryption with 1.5 and 3.0 Windows clients use RC2 to encrypt the password, and even sends the key along with the login packet allowing an attacker to decrypt the credentials and steal a user's IM identity.
ad64a9fe4bbbde50b0d5f0cba5697b9b0bcecf4a3a60751b3d67d01c9cd0fa10Remote denial of service exploit for the Cisco CSS 11000 Series.
c5ef0113e39d3c73ba4df7113af56372b1444b5439d9cdf3ae4f662aee1524daThe Cisco CSS 11000 Series is vulnerable to a denial of service when there is a heavy storm of TCP SYN packets directed to the circuit address. It may also cause a high CPU load or sudden reboots.
f428cbfd82405bf502ceb2aa293ef7892c0d9d5b82c9b6b3f2bc160a5ec34590Response from Corey Bridges of ZoneAlarm in regards to the vulnerability originally discovered by Lord YuP in their device driver VSDATANT and the exploit that is circulating for it.
4512058aba60fcf0849c6965870ff987198adc999b4c1041329bc6c2fa605f69WAM! FTP Server version 1.0.4.0 for Windows is susceptible to a directory traversal that allows a remote attacker to break out of the restricted root and download any file on the system.
2e6731198e30d3571d5619bf3047d785bb7909b2bc3946b3f18ad6bc1e61d654A Zaurus PDA version of Airsnarf, the rogue wireless access point setup utility designed to demonstrate how a rogue AP can steal usernames and passwords from public wireless hotspots. Designed to run on OpenZaurus 3.2.
5dfbdaa02876bca750e1401d6f4e11532113a459d20f1064faa923f93a8683abAirsnarf is a simple, rogue wireless access point setup utility designed to demonstrate how a rogue AP can steal usernames and passwords from public wireless hotspots. Airsnarf was developed and released to demonstrate an inherent vulnerability of public 802.11b hotspots: snarfing usernames and passwords by confusing users with DNS and HTTP redirects from a competing AP.
8774437be771fac3538896a3028b363aa6352973bef24564a5ec915079094874Kfence provides kernel protection against basic exploitation techniques, including stack and heap overflows and format string exploits, by patching /dev/kmem and redirecting system_call to test if the eip of the caller is in the wrong memory region. Tested on Linux kernels 2.4.18-14 and 2.4.7-10.
4882a25fff4d193104f36ac6ccd74b5873f768ed53c3edac2856689c60eaf87dMeteor FTP server version 1.5 remote exploit that causes a denial of service when large amounts of data are fed to the USER directive.
299a2dc142ced8f9ce1a0c1919e8e67e0ee89dc256aa83c9e56352763ff3d9e0Meteor FTP server version 1.5 is vulnerable to a remote denial of service when large amounts of data are fed to the USER directive.
b4cfe181724c3b90ba0d60d8c3bf0e202529e26d7c55a47cade63e2e544e570cexitwound is a ptrace shared library redirection backdoor that is based on the technique described in Phrack 59-8. It attempts to redirect certain string handling routines commonly used in Internet services to trapdoored functions which yield a connect back shell on a specifically constructed passphrase. The benefits of this lie in the fact that no extra malicious processes or listening ports are needed, avoiding crude forms of forensic analysis.
1fb78b1c33c0f156067d5cf7ef5bba6b8cf5f205cfc830717cbddb3db6de3b95Application Mapper is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
a2826954e3dafa6ed8b2e3866603be894a0363d4ef2157de174bb9e5e407d089Grenzgaenger is a SOCKS-like hacker tool for tunneling nmap, netcat and exploits transparently through systems into protected networks.
7b46223b2239a585a065db7456ef97a3a6f6b8c152023b6ac785b4990ad42954Version mapper 0.5.2 is a utility for fingerprinting services by checking features and replies of bogus commands being fed to the daemon. Currently supports FTP, SMTP, POP3, IMAP, and HTTP.
315d3d9e5cf65be910fc47d159fe64a09effc31240e987426e119ac6e5524275Cisco Systems IOS 11.x UDP echo memory leak remote sniffer. The UDP echo service (UDP port 7) has to be enabled on the device. The bug will cause the Cisco router to send about 20 kilobytes of data from the interface buffer pools containing packets in the send/recv/forward queues. This tool will identify IOS memory blocks, find the router specific offset for packets in the block and decode the packet to the screen. Note that this is not a full dump of the traffic through the remote router but rather a subset of received data. Features include a packet checksum cache to prevent repeated output of the same packet, auto identification of packets and buffer offsets, and IPv4 decoding.
88c96f5f35ee8e8f230938a70d6e512ac19d921be8f468c01cdb28507adc9a83Cisco IOS 12.x/11.x remote exploit for the HTTP integer overflow using a malformed HTTP GET request and two gigabytes of data.
7f4a101d2a92a428372a4b1a01844cc8f4d4614537c428b116c224be6b8b346c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed