Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:31:39 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1897585288&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2FUNIX%2Fmisc%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1897585288.1338190299.1338190299.1338190299.1%3B%2B__utmz%3D32867617.1338190299.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/110038/dnschef-0.1.tar.gz http://packetstormsecurity.org/files/110038/dnschef-0.1.tar.gz http://packetstormsecurity.org/files/110038/DNSChef-0.1.html Wed, 22 Feb 2012 02:16:08 GMT DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts. A DNS proxy (aka "Fake DNS") is a tool used for application network traffic analysis among other uses. For example, a DNS proxy can be used to fake requests for "badguy.com" to point to a local machine for termination or interception instead of a real host somewhere on the Internet. http://packetstormsecurity.org/files/105385/Pytroj-v01.tar.gz http://packetstormsecurity.org/files/105385/Pytroj-v01.tar.gz http://packetstormsecurity.org/files/105385/Pytroj-Tool-Python-Injector.html Wed, 28 Sep 2011 09:09:09 GMT Pytroj is a tool for infecting .pyc files with arbitrary code that spreads out to infect all other .pyc files. Pytroj is a proof of concept attack against .pyc files. It searches for other .pyc files and injects itself into them. The injected code can be any python code (in this case it prints "You have been exploited"). http://packetstormsecurity.org/files/105244/dns-discovery.tar.bz2 http://packetstormsecurity.org/files/105244/dns-discovery.tar.bz2 http://packetstormsecurity.org/files/105244/DNS-Discovery-Sub-Domain-Brute-Forcer.html Wed, 21 Sep 2011 02:36:05 GMT DNS Discovery is a multi-threaded DNS sub-domain brute-forcing utility. It is meant to be used by pen-testers during initial stages. http://packetstormsecurity.org/files/100436/cvechecker-3.1.tar.gz http://packetstormsecurity.org/files/100436/cvechecker-3.1.tar.gz http://packetstormsecurity.org/files/100436/CVE-Checker-3.1.html Thu, 14 Apr 2011 17:30:53 GMT cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage. http://packetstormsecurity.org/files/100359/cvechecker-3.0.tar.gz http://packetstormsecurity.org/files/100359/cvechecker-3.0.tar.gz http://packetstormsecurity.org/files/100359/CVE-Checker-3.0.html Tue, 12 Apr 2011 23:05:51 GMT cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage. http://packetstormsecurity.org/files/100265/sec-wall-1.0.0.tar.gz http://packetstormsecurity.org/files/100265/sec-wall-1.0.0.tar.gz http://packetstormsecurity.org/files/100265/Sec-Wall-Security-Proxy-1.0.0.html Sun, 10 Apr 2011 19:47:55 GMT sec-wall is a high-performance security proxy that supports SSL/TLS, WS-Security, HTTP Auth Basic/Digest, extensible authentication schemes based on custom HTTP headers and XPath expressions, powerful URL matching/rewriting, and an optional header enrichment. It's a security wall with which you can conveniently fence otherwise defenseless backend servers. http://packetstormsecurity.org/files/96293/cvechecker-2.0.tar.gz http://packetstormsecurity.org/files/96293/cvechecker-2.0.tar.gz http://packetstormsecurity.org/files/96293/CVE-Checker-2.0.html Thu, 02 Dec 2010 04:48:07 GMT cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage. http://packetstormsecurity.org/files/94449/cvechecker-1.0.tar.gz http://packetstormsecurity.org/files/94449/cvechecker-1.0.tar.gz http://packetstormsecurity.org/files/94449/CVE-Checker-1.0.html Mon, 04 Oct 2010 00:52:27 GMT cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage. http://packetstormsecurity.org/files/93727/cvechecker-0.6.tar.gz http://packetstormsecurity.org/files/93727/cvechecker-0.6.tar.gz http://packetstormsecurity.org/files/93727/CVE-Checker-0.6.html Sat, 11 Sep 2010 18:30:16 GMT cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage. http://packetstormsecurity.org/files/93455/cvechecker-0.5.tar.gz http://packetstormsecurity.org/files/93455/cvechecker-0.5.tar.gz http://packetstormsecurity.org/files/93455/CVE-Checker-0.5.html Fri, 03 Sep 2010 03:01:40 GMT cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage. http://packetstormsecurity.org/files/93150/cvechecker-0.4.tar.gz http://packetstormsecurity.org/files/93150/cvechecker-0.4.tar.gz http://packetstormsecurity.org/files/93150/CVE-Checker-0.4.html Thu, 26 Aug 2010 06:17:36 GMT cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage. http://packetstormsecurity.org/files/92945/cvechecker-0.3.tar.gz http://packetstormsecurity.org/files/92945/cvechecker-0.3.tar.gz http://packetstormsecurity.org/files/92945/CVE-Checker-0.3.html Sat, 21 Aug 2010 01:19:35 GMT cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage. http://packetstormsecurity.org/files/92909/peludo-cachicamo-v1.0.0.tar.gz http://packetstormsecurity.org/files/92909/peludo-cachicamo-v1.0.0.tar.gz http://packetstormsecurity.org/files/92909/Peludo-Compilation-Environment-1.0.0.html Fri, 20 Aug 2010 00:49:07 GMT Peludo is a system to create and run platform independent, self-contained, network-transportable, injectable applications written in the C programming language. It provides a cross-compilation environment and other tools needed to generate applications using a new binary format called PLD as well as a Runtime to launch these applications. http://packetstormsecurity.org/files/92817/cvechecker-0.2.tar.gz http://packetstormsecurity.org/files/92817/cvechecker-0.2.tar.gz http://packetstormsecurity.org/files/92817/CVE-Checker-0.2.html Tue, 17 Aug 2010 01:32:30 GMT cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage. http://packetstormsecurity.org/files/90447/tmac-v1.0-beta.tar.gz http://packetstormsecurity.org/files/90447/tmac-v1.0-beta.tar.gz http://packetstormsecurity.org/files/90447/TMAC-For-Linux-1.0-Beta.html Wed, 09 Jun 2010 01:47:48 GMT TMAC is a simple bash program for randomly changing the MAC address of a Network Interface Card (NIC) on Linux . http://packetstormsecurity.org/files/90345/gmailchecker.py.txt http://packetstormsecurity.org/files/90345/gmailchecker.py.txt http://packetstormsecurity.org/files/90345/Gmail-Checker-Script.html Tue, 08 Jun 2010 00:49:51 GMT This is a simple Gmail account checker. http://packetstormsecurity.org/files/88216/unwrap.py.txt http://packetstormsecurity.org/files/88216/unwrap.py.txt http://packetstormsecurity.org/files/88216/Oracle-PL-SQL-Unwrapper.html Sat, 10 Apr 2010 03:19:53 GMT This tool decodes wrapped (obfuscated) Oracle PL/SQL packages. Supports Oracle 10g and 11g. http://packetstormsecurity.org/files/88059/pwnat-0.2-beta.tgz http://packetstormsecurity.org/files/88059/pwnat-0.2-beta.tgz http://packetstormsecurity.org/files/88059/Pwanat-NAT-To-NAT-Tool-0.2.html Tue, 06 Apr 2010 00:22:06 GMT pwnat, pronounced "poe-nat", is a tool that allows any number of clients behind NATs to communicate with a server behind a separate NAT with no port forwarding and no DMZ setup on any routers in order to directly communicate with each other. The server does not need to know anything about the clients trying to connect. http://packetstormsecurity.org/files/86809/perjack.pl.txt http://packetstormsecurity.org/files/86809/perjack.pl.txt http://packetstormsecurity.org/files/86809/PerJack-TCP-Session-Hijack-Tool.html Tue, 02 Mar 2010 00:18:59 GMT PerJack is a TCP Session Hijack tool written in Perl. It does a man-in-the-middle attack, displays all active sessions and takes over the selected TCP session. http://packetstormsecurity.org/files/84513/peludo-cachicamo-beta-v1.0.0.tgz http://packetstormsecurity.org/files/84513/peludo-cachicamo-beta-v1.0.0.tgz http://packetstormsecurity.org/files/84513/Peludo-Compilation-Environment-Beta-1.0.0.html Wed, 30 Dec 2009 00:21:00 GMT Peludo is a system to create and run platform independent, self-contained and injectable applications written in the C programming language. It provides a cross compiling environment with the tools to generate applications in Peludo's new binary format (PLD). The system also provides the runtime to launch these programs as independent executable files or as position independent code that can be injected into a running process. Peludo makes the Java virtual machine of the netifera probe injectable and easier to port to new platforms. http://packetstormsecurity.org/files/78034/iodine-0.5.2.tar.gz http://packetstormsecurity.org/files/78034/iodine-0.5.2.tar.gz http://packetstormsecurity.org/files/78034/Iodine-IPv4-DNS-Tunneler.html Wed, 03 Jun 2009 04:04:06 GMT iodine is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be useful in situations where Internet access is firewalled, but DNS queries are allowed. It needs a TUN/TAP device to operate. The bandwidth is asymmetrical with limited upstream and up to 1 Mbit/s downstream. http://packetstormsecurity.org/files/77916/advchk-3.00.tar.bz2 http://packetstormsecurity.org/files/77916/advchk-3.00.tar.bz2 http://packetstormsecurity.org/files/77916/Advchk-Advisory-Checking-Tool.html Fri, 29 May 2009 00:32:06 GMT Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery. http://packetstormsecurity.org/files/77505/draugr.tar.gz http://packetstormsecurity.org/files/77505/draugr.tar.gz http://packetstormsecurity.org/files/77505/Draugr-dev-k-mem-Tool.html Thu, 14 May 2009 15:54:44 GMT Draugr is a simple tool to play with /dev/(k)mem or a file memory dump. It can find kernel symbols (pattern matching in a XML file or with EXPORT_SYMBOL), processes (informations and sections) (by the kernel linked list or bruteforce) and disassemble/dump the memory. http://packetstormsecurity.org/files/77390/advchk-2.30.tar.bz2 http://packetstormsecurity.org/files/77390/advchk-2.30.tar.bz2 http://packetstormsecurity.org/files/77390/Advchk-Advisory-Checking-Tool.html Sun, 10 May 2009 13:31:27 GMT Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery. http://packetstormsecurity.org/files/75963/iodine-0.5.1.tar.gz http://packetstormsecurity.org/files/75963/iodine-0.5.1.tar.gz http://packetstormsecurity.org/files/75963/Iodine-IPv4-DNS-Tunneler.html Tue, 24 Mar 2009 03:42:48 GMT iodine is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be useful in situations where Internet access is firewalled, but DNS queries are allowed. It needs a TUN/TAP device to operate. The bandwidth is asymmetrical with limited upstream and up to 1 Mbit/s downstream.