Showing 1 - 3 of 3

Files Date: 2002-08-07

StJude_LKM-0.21.tar.gz: Posted Aug 7, 2002; Authored by Tim Lawless | Site sourceforge.net; Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.; Changes: Addition of Self Integrity Checks to Detect Attacks against StJude itself, Addition of configuration options to hard-code memory offsets into the source instead of discovery during load time permitting the loading of Stmichael from an initrd, before init spawns and the filesystems are mounted. Added in Kernel Licensing Code to Identify the Kernel License for Newer kernels - No more Tainted Kernels. Really Immutable filesystem support for ext3 fs added. Includes modifications to work with more recent ac kernels.; tags | remote, kernel, local, root; systems | linux; SHA-256 | 18ba017359747bd64ce087008e2e9a292252a6d9659754a1fc1928b307b99330; Download | Favorite | View

StMichael_LKM-0.11.tar.gz: Posted Aug 7, 2002; Authored by Tim Lawless | Site sourceforge.net; StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.; Changes: Addition of Self Integrity Checks to Detect Attacks Against StMichael itself. Added of configuration options to hard-code memory offsets into the source instead of discovery during load time, permitting loading of Stmichael from an initrd, before init spawns and the filesystems are mounted.; tags | kernel; systems | linux; SHA-256 | 05453e68b128c4bc3d111e203127ddebcf8a353f6d35be8a1568db78e5a6bcf9; Download | Favorite | View

SPIKE2.5.tar.gz: Posted Aug 7, 2002; Authored by Dave Aitel | Site immunitysec.com; SPIKE is an attempt to write an easy to use generic protocol API that helps reverse engineer new and unknown network protocols. It features several working examples. Includes a web server NTLM Authentication brute forcer and example code that parses web applications and DCE-RPC (MSRPC).; Changes: Includes Microsoft SQL server hello bug, 2 remote unauthenticated Access Violations via MSRPC, 1 vulnerability in the MSRPC endpoint for the MTA, and includes SPIKE Proxy 1.1.1. SPIKE Blackhat talk available here.; tags | web, protocol; systems | unix; SHA-256 | 4b6f55e50509d028e4bd6ddd572448488111ccb0ec96471f70c82403816b6ba9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days