An analysis of the "Shaft" distributed denial of service tool. Shaftnode was recovered initially in November, 1999. Distinctive features are the ability to switch handler servers and handler ports on the fly, making detection by intrusion detection tools difficult from that perspective, a "ticket" mechanism to link transactions, and the particular interest in packet statistics, showing the "yield" of the DDoS network as a whole.
0af9ed12f935a568a43097d26109b009fa5aa5c7d137a97c98d2ea3460c2395aGrinder.pl scans a range of IP's looking for a URL. Could be used to search for sites with a certain URL or CGI program.
17a62deebdd349e5d8c73be75d2c23ff06c8637cbc112b275271d2d25c11d2c9CGI scanner for windows - looks for 60 vulnerable CGI scripts, , and new ones can easily be entered into the exploit data file.
2542c4f10d193792c9e88f46670117eff5667965cb526d9ced04da2de19c012dHdasm is a DASM hack in perl that dumps output as html allowing the Reverser to follow JMPs and CALLs with ease.
001becc3ef52ac194bdc07057f96781d14b6c63ba7182aab7188cc4fd9e8c963SAINT is the Security Administrator's Integrated Network Tool. It gathers as much information about remote hosts and networks as possible by examining all network services and potential security flaws. The collected data can then be analyzed using a simple rules-based system (or via other included interfaces). In Exploratory Mode, SAINT will examine the avenues of trust and dependency and iterate further data collection runs over secondary hosts.
3c8cc7118dee3c4bbbe8623ee0d7d297235a4fc410844b8c04e9920b3c091a98Microsoft Security Bulletin (MS00-017) - Microsoft has released a patch for a security vulnerability in Microsoft Windows 95, Windows 98, and Windows 98 Second Edition. The vulnerability causes a users system to crash if they attempted to access a file or folder whose path contained certain reserved words. Microsoft FAQ on this vulnerability available here.
789ed00f2ac260d6a3b79a1b807e6f2f5682229d6ae2eb42c9e7194bbb7ae779Netguard 2.0.0 is a lightweight IDS and packet sniffer. It supports Ethernet, PPP, FDDI and local loopback (for debuging). It can log IP, TCP, UDP, ICMP and IGMP packets according to the rules YOU sepcify to syslog, a file or standard input. Uses libpcap.
7f69a6e43bc2c3f9a670eeb72ccdb53f7e6213611195351900184d48b982574bForbidden Knowledge Issue 9 - In this issue: VMB's Carriers, Argosoft FTP Server Advisory, Cellphone and Payphone Warez, More Fun with Abusing Telkom, HAM Radio Inphoze, SAIX IP System, The PAN Credit Card System, Secret Zero-day C++ Kodez, Evil Fun with Webmail.Co.Za Users, Crush FTPd / Generic Java DoS attack, and Offline Explorer Advisory.
e4e3ea7c33fc5534a5d265018db6f1c2a09eaea9ac5e438a5db0676bdc259a92ZSH Advisory - Netscape WebPublisher Allows Directory Listing and Access. Netscape Webpublisher is an addon to Netscape's Enterprise webserver which allows remote file modifications, uploads and downloads. A third party user can access the WebPublisher via downloading a number of java applets and the webserver's directory structure without having a valid account on the system. Netscape v3.5.1 / 3.6 SP1-3 under solaris are vulnerable.
fe012892a4ac1f20d6bb25a0c0a171ed2caeab44aa5c8dc575e5b034b62084e2The CodeBreakers Magazine Issue 5 - In this Issue: Windows Compatible BS/MBR and Multipartite Viruses, Maintaining Your Anonymity on the Internet, Win32 Programming in Assembly, Analysis Of Variant J Of The 666 (a.k.a. SEVENDUST) Mac Virus, BeanHive: The real story, Why use encryption in your macro virus, The Assembly Language Tutorial, WinNT.RemoteExplorer Binary Aquisition, Interviews with Weird Genius, Foxz, Rhape, and Evil-E, Filenc32 Utility, MBR Save Utility, MBR Restore Utility, CodeBreakers Windoze Startup-Shutdown Screen, and Huffman Compression/Decompression in 32bit ASM.
91bf9c6cfab7fa3e6b899720cccc09027d9388e24215b683ff35f4e80265c22b5 exploits for wmcdplay (A cd player designed for WindowMaker - Release 1.0 Beta1) Tested on Mandrake 7.0.
b3df24fce3105f322d4f200071911aafe6bd5667f3ca8f7cca758ea51fc67a99Internet Explorer 4 and 5 crashes if it views this html. Win 9X / NT with all current SPs are affected. Exploits problem with the history object (HS:HISTORY ID="HS").
9c7a7cfd8fdc4ee2a5f37ee5cd3ad3f02bf733bdccb4032b0f68b810766a77e7Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 330 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them.
b4d3d7f0d915ddfb651daf8b26db78199cf87b592e759d65089eb67616770254FIPRA (Fast IP Routing Accounting) is a kernel patch tool for logging IP traffic at high speeds. The logging part is moved inside the kernel and adds as little as possible to the overhead of handling IP packets.
89313416d4a8d6252dbbfecbdea7b89b135c7a32c7daae3c637ab9069e98b6f3WiredView is a GTK and OpenGL-based network traffic monitor which displays its information in a 3D format of questionable usefulness.
73c2ef27e95407e1f9814195d9e49a0fa3c68e9de5e11a9009d7f30b3523ff75The Infinity Exploit Scanner is a CGI script that allows visitors to your site to scan remote webservers for CGI vulnerabilities. The HTML output is configurable, and a log of all vulnerabilities your users find is kept.
ce668040ca3f052bc577f5556bf06a7ed0c0015d60ddf523a8863b4e8447fbd7The Infinity Port Scanner is a CGI script that allows your visitors to remotely scan servers for open ports.
c534f7a9429bc9e7685bcbb722abb007fb0224af8ad4d07ec144d7726abba400HEH! Magazine Issue #2 (In Spanish). Textos incluidos: Armando procesos, IIS 4 a fondo, Compresion de Datos, IDS, y clonacion de celulares.
da358fdfe09c4825c0b374b8b5a807ab33b5bcad18057202fe6996e75f393918Seawall is an ipchains firewall that supports IP masquerading and can be used on a standalone system, on a dedicated firewall system or on a multi-use gateway/server. It supports VPN via IPIP tunnels and PPTP, has an easy to edit configuration file, and can be extended without modifying the base product. It also includes realtime monitoring with an audible alarm that sounds when suspect packets are detected.
1f1524fa22c7b920f0f17d45db155e3de2b62ab60bcc18cf2f3bcd1663a7f388Phex (Ptolomei's Hex Editor) is a simple hex editor for Unices with a look & feel similar to that of joe. It supports files up to 256 MB, binary and text search, and basic block operations. Originally programmed for Linux, it should work on all Unices with curses libraries.
06df386085c2edfff1eabccbe8337ec79903db1ca04bb420a9dfe730009bf487PinePGP provides PGP and GnuPG filters for pine. PGP versions 2.6.x, 5.x, and 6.5.x are supported.
ef940bf3f30427229160e837b67efbde4daed347f528609deda08159664e4e17motd
bb7004f28fd02ea60d3c123c7f000bf8067cc6972a6bb0044de14974768b9d28Coherent Light Bruteforce Toolkit - Contains IRCrack v0.98, a tool which connects directly to an IRC server and uses a wordlist to brute force a channel key, and Boomcrack v0.5, a bruteforce FTP account cracker. The VB6 runtimes are neccesary.
4c14d263469525174f619da108c5bcf8777090f7c3c1f971dbeeccc49add4fd6spam.pl is a perl script which automates the process of sending complaint letters to spammers ISP's. It strips out the proper address from the spams mail headers, taken via stdin.
c2d2d9c40e90cf23b4c4bef454cb67dccc82ed6f165d1a2081c6b7dc23e2c02fFreeBSD Security Advisory - (Revised Mar 19) MH and its successor NMH are popular Mail User Agents, availabe in the FreeBSD ports collection. EXMH and EXMH2 are TCL/TK-based front-ends to the MH system. The mhshow command used for viewing MIME attachments contains a buffer overflow which can be exploited by a specially-crafted email attachment, which will allow the execution of arbitrary code as the local user when the attachment is opened. The japanese version is also vulnerable.
bde11f28ee49b0f8df6ccc8058a3011406310b21e6a2a695abaa7a184658cbaa
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed