sishell is a reverse (connecting) shellcode kit for x86 Linux, FreeBSD, NetBSD and OpenBSD. It generates both regular shellcode without NULLs and stand-alone ELF executables. sishell is distributed with a Makefile system, a custom ELF brander (brandelf) and a C example code generator. sishell is distributed under the MIT License.
2c3d6e93ea10f49f72295f4c8a5610d2e83976e34a37eda03b1600301a9077c1gwee, or Generic Web Exploitation Engine, is a small program written in C designed to exploit input validation vulnerabilities in web scripts, such as Perl CGIs, PHP, etc. gwee is much like an exploit, except more general-purpose. It features several reverse connecting shellcodes, 4 methods of injection, and a built-in HTTP/HTTPS client and server. gwee is distributed under the MIT License. The Perl and Python shellcodes were written by Sabu.
a6f6a37f5e530eb4830fbac1b48b25142c7ccee1c7a06b9458eb9eca5bb7d37frrs is a reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). The listener will accept the connection and receive a shell from the remote host. rrs features full pseudo-tty support, full OpenSSL support (high encryption, client/server authentication, choice of cipher suites), Twofish encryption, a simple XOR cipher, plain-text (unencrypted) session, peer-side session monitoring (snooping), daemon option and reconnection features. rrs is Free Software distributed under the MIT License and is known to compile and run under Linux, FreeBSD, NetBSD, OpenBSD and QNX.
e1731f76298f2b4aca4e90cbd80cd194f4e3c066efb4079b79d2674f6b009d1dThe etherdam utility is an IPTables firewall configuration engine. It implements a primitive scripting language as an alternative to the direct use of iptables. It comes with full documentation plus a heavily commented example configuration file. The configuration file should work for many scenarios with minimal adjustment.
2a178517bb502a2c6ecb01f4ce83f0fba4d3d3461939e5f3b1ec8cad32127782FreeBSD 4.x kernel security module. Currently supports forkbomb protection, and setuid restrictions and logging. Future versions of the module will carry more powerful features such as stack randomization, malloc bomb protection, etc.
d6046ee8a2cb59b97f9b114b492cff647c5d8ba07c777afb085fd9540d22b791SmOk3 has reported a vulnerability in e107 version 0.x, which can be exploited to conduct script insertion attacks.
ffc203776b348b7e241395594527efc8355618e7f5691876c2abbb91ebefa4c2A vulnerability in the Java Runtime Environment may allow a remote unprivileged user to cause the Java Virtual Machine to become unresponsive resulting in a Denial of Service (DoS) condition for the runtime environment and servers that run on the runtime environment. Affected versions are Sun Java JRE 1.4.x and Sun Java SDK 1.4.x. Unaffected versions are 1.4.2_04 or later.
634bafb123157c728d0624e898b9c78737d1db3146091555c65b88327a961f3dAuxploiter is a remote exploitation tool for the c:\aux vulnerability and is able to completely lock a user mail client. Outlook and other mail clients read this message using Internet Explorer, which is touchy to this vulnerability.
379b4e6b32cfd722ac33ffd4b3b82493967efcf5b1256e6d26c1f5cd867ec2a2Pound versions 1.5 and below local and remote format string exploit. Only works locally if pound is setuid.
d32c4eb64924cacbd6138fbf93daad2d980fde8fa9dea7eb17cdfb06d23df785Write up detailing how to defeat file browsing restrictions on Windows 98 running Novell 3.2.0.0.
eba44110e3caccbe7c8b9b342ad17af2aa59924dd11497e268bd6624c6881869knock is a server/client set of tools that implements the idea known as port-knocking. Port-knocking is a method of accessing a backdoor to your firewall through a special sequence of port hits. This can be useful for opening up temporary holes in a restrictive firewall for SSH access or similar.
81dccc25ad234c9efb1f356e108abff9b75ea60cb5ef2bc3f2c9bade0e8a1e83sfick (simple file integrity checker) is a system that assists system administrators with the process of verifying the integrity of critical files. Given a system compromise, system administrators must be able to verify the integrity of any files they designate as critical and, if such files have been modified in any way, have the ability to restore an original copy of such a file. It stores backup copies of files designated as critical along with verification information to write-once media such as a CD-R.
f19f0e96659e1b703991c1416ab37685580925979309d1fe6ba6b9c9088e100fYAVR, or Yet Another antiVirus Recipe, is a procmail recipe that helps filter out many of the common e-mail worms and viruses.
0a2020f64ffde3521d3a9272c239b92de70d8076b994b5aa964249061e2942feThe WebRamp scanner is program that scans for open webramp administration webpages, rips the usernames and passwords out, and dumps them into a text file. Included in the tarball is the binary, source and a script example for scanning multiple subnets.
2d8ee617ceaad37b92609c22942e015c78e277cd1c6817b3d5b0c675598e2967A buffer overflow has been identified in efFingerD version 0.2.12.
579a8af004a7d1139f1522767ad1220c8da86ccabd89512f32c4c6110bf8937e84 byte Linux i386 shellcode which binds /bin/sh to TCP port 2707.
9b9774ec4874486dacdaee199ac08b545b6b978c39f935e72afad17953be31e1Remote exploit for the Lsasrv.dll RPC buffer overflow. Tested against various Russian and English versions of Windows XP Professional, Windows 2000 Professional, and Windows 2000 Advanced Server. Ported to compile properly on Linux.
de64cd542848869101fd0295b16efedcc16a5d8fa502380d2df58defde723411Multithreaded multi-link X.25 Pad password brute-forcing utility. Tested on Solaris. The speed of this software will depend on network congestion and the number of free outgoing links.
0376e9b17ff926409fad0c905df32f253c46300171d706ec8aae3ca07053102cOpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
7964cfa752ea4d3d2d61f55640d29d955fe4816bdb4dfa5909ebd77913d66e28ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.
f1049899de4f8573964d5531d0d23c0a0a42d3597e93435a8897f47bf7e06c2bThe Nuke jokes module for PHPNuke is susceptible to path disclosure, cross site scripting, and SQL injection attacks.
2c563bf041f397f2368286aa9f5f303cec749c7907a27ee19b36a9362644cb89Eudora is susceptible to a fraudulent URL vulnerability where a malicious URL can be masked behind what appears to be a legitimate link in the client. This technique is used commonly by phishers.
07c109786d4b5d5968c26b09b0ebaeb84aece62066406ed0dce5ece18c26fbdbFireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
05f3bc2e96dc0388d273f7c8a966a73f2970c3303e55ab69284bd08ab6bd84fbWrite up noting how Microsoft's Windows IPSec implementation fails to properly authenticate an IPSec gateway and in return will accept client certificates as gateway certificates.
cf364f51155ba33ddfd9895eff2a5dd2e1dc229766ef23c6a25bbccaf2b36176The default installation of Trend OfficeScan allows a non administrative user to disable the service due to weak permissions, stopping the Antivirus software from working. Versions 3.0 to 6.0 are affected.
b5058376de37871b8a9edae79cb539b3067880dea63213336bb15e458655204b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed