Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:55:47 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1493281146&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Operating%20System%3A%20UNIX%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Fos%2Funix%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1493281146.1338191747.1338191747.1338191747.1%3B%2B__utmz%3D32867617.1338191747.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/113040/kolkata.tgz http://packetstormsecurity.org/files/113040/kolkata.tgz http://packetstormsecurity.org/files/113040/Kolkata-Web-Application-Fingerprinting.html Fri, 25 May 2012 20:31:24 GMT Kolkata is a tool for IDS evading web application fingerprinting. It is written in perl and uses LibWhisker. http://packetstormsecurity.org/files/113003/mobiusft-0.5.13.tar.gz http://packetstormsecurity.org/files/113003/mobiusft-0.5.13.tar.gz http://packetstormsecurity.org/files/113003/Mobius-Forensic-Toolkit-0.5.13.html Thu, 24 May 2012 02:46:01 GMT Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. http://packetstormsecurity.org/files/112951/nmap-6.00.tgz http://packetstormsecurity.org/files/112951/nmap-6.00.tgz http://packetstormsecurity.org/files/112951/Nmap-Port-Scanner-6.00.html Tue, 22 May 2012 04:00:28 GMT Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. http://packetstormsecurity.org/files/112948/zoneh-poster.txt http://packetstormsecurity.org/files/112948/zoneh-poster.txt http://packetstormsecurity.org/files/112948/Zone-H-Multithreaded-Poster.html Mon, 21 May 2012 10:11:11 GMT Zone-H posting utility that is multi-threaded. http://packetstormsecurity.org/files/112940/mandos_1.5.4.orig.tar.gz http://packetstormsecurity.org/files/112940/mandos_1.5.4.orig.tar.gz http://packetstormsecurity.org/files/112940/Mandos-Encrypted-File-System-Unattended-Reboot-Utility-1.5.4.html Sun, 20 May 2012 19:11:11 GMT The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system. http://packetstormsecurity.org/files/112881/libssh2-1.4.2.tar.gz http://packetstormsecurity.org/files/112881/libssh2-1.4.2.tar.gz http://packetstormsecurity.org/files/112881/libssh2-C-Library-1.4.2.html Sat, 19 May 2012 01:37:12 GMT libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY. http://packetstormsecurity.org/files/112855/AdminpageFinder.py.txt http://packetstormsecurity.org/files/112855/AdminpageFinder.py.txt http://packetstormsecurity.org/files/112855/Admin-Page-Finder-Script.html Fri, 18 May 2012 14:29:33 GMT This python script looks for a large amount of possible administrative interfaces on a given site. http://packetstormsecurity.org/files/112828/360AnalyticsLtd-0.2.4.zip http://packetstormsecurity.org/files/112828/360AnalyticsLtd-0.2.4.zip http://packetstormsecurity.org/files/112828/360-FAAR-Firewall-Analysis-Audit-And-Repair-0.2.4.html Fri, 18 May 2012 14:05:00 GMT 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands. http://packetstormsecurity.org/files/112854/webvulscan_v0.11.zip http://packetstormsecurity.org/files/112854/webvulscan_v0.11.zip http://packetstormsecurity.org/files/112854/Web-Application-Vulnerability-Scanner-0.11.html Thu, 17 May 2012 21:54:06 GMT WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote, or local, web applications for security vulnerabilities. As a scan is running, details of the scan are dynamically updated to the user. These details include the status of the scan, the number of URLs found on the web application, the number of vulnerabilities found and details of the vulnerabilities found. After a scan is complete, a detailed PDF report is emailed to the user. The report includes descriptions of the vulnerabilities found, recommendations and details of where and how each vulnerability was exploited. http://packetstormsecurity.org/files/112733/opendnssec-1.3.8.tar.gz http://packetstormsecurity.org/files/112733/opendnssec-1.3.8.tar.gz http://packetstormsecurity.org/files/112733/OpenDNSSEC-1.3.8.html Tue, 15 May 2012 21:59:41 GMT OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security. http://packetstormsecurity.org/files/112721/bluelog-1.0.3.tar.gz http://packetstormsecurity.org/files/112721/bluelog-1.0.3.tar.gz http://packetstormsecurity.org/files/112721/Bluelog-Bluetooth-Scanner-Logger-1.0.3.html Tue, 15 May 2012 03:19:40 GMT Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice. http://packetstormsecurity.org/files/112720/softhsm-1.3.3.tar.gz http://packetstormsecurity.org/files/112720/softhsm-1.3.3.tar.gz http://packetstormsecurity.org/files/112720/SoftHSM-1.3.3.html Tue, 15 May 2012 03:18:09 GMT SoftHSM is an implementation of a cryptographic store accessible through a PKCS#11 interface. You can use it to explore PKCS#11 without having a Hardware Security Module. It is being developed as a part of the OpenDNSSEC project. SoftHSM uses Botan for its cryptographic operations. http://packetstormsecurity.org/files/112678/XCat_1.5.zip http://packetstormsecurity.org/files/112678/XCat_1.5.zip http://packetstormsecurity.org/files/112678/XCat-1.5.html Sun, 13 May 2012 12:12:12 GMT XCat is a PHP web interface for scanning sites mined through bing.com. http://packetstormsecurity.org/files/112665/Odaym-Cura-0.4.0.tar.gz http://packetstormsecurity.org/files/112665/Odaym-Cura-0.4.0.tar.gz http://packetstormsecurity.org/files/112665/Cura-0.4.0.html Sat, 12 May 2012 10:33:11 GMT Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address). http://packetstormsecurity.org/files/112593/360AnalyticsLtd-0.2.3.zip http://packetstormsecurity.org/files/112593/360AnalyticsLtd-0.2.3.zip http://packetstormsecurity.org/files/112593/360-FAAR-Firewall-Analysis-Audit-And-Repair-0.2.3.html Thu, 10 May 2012 04:33:07 GMT 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands. http://packetstormsecurity.org/files/112491/NetcatPHPShell-1.10.zip http://packetstormsecurity.org/files/112491/NetcatPHPShell-1.10.zip http://packetstormsecurity.org/files/112491/NetcatPHPShell-1.10.html Mon, 07 May 2012 19:49:06 GMT NetcatPHPShell is a PHP backdoor that can be leveraged to launch a connect-back shell. http://packetstormsecurity.org/files/112484/Netzob-0.3.2.tar.gz http://packetstormsecurity.org/files/112484/Netzob-0.3.2.tar.gz http://packetstormsecurity.org/files/112484/Netzob-0.3.2.html Sun, 06 May 2012 02:04:45 GMT Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats). http://packetstormsecurity.org/files/112447/strongswan-4.6.3.tar.gz http://packetstormsecurity.org/files/112447/strongswan-4.6.3.tar.gz http://packetstormsecurity.org/files/112447/strongSwan-IPsec-Implementation-4.6.3.html Thu, 03 May 2012 22:54:20 GMT strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms. http://packetstormsecurity.org/files/112384/cifex-1.1.txt http://packetstormsecurity.org/files/112384/cifex-1.1.txt http://packetstormsecurity.org/files/112384/cIFrex-1.1-Source-Scanner.html Wed, 02 May 2012 01:37:48 GMT cIFrex is a small script written in PHP that supports searching for bugs in the analysis of the source code. It uses a database of regular expressions. http://packetstormsecurity.org/files/112335/rkhunter-1.4.0.tar.gz http://packetstormsecurity.org/files/112335/rkhunter-1.4.0.tar.gz http://packetstormsecurity.org/files/112335/Rootkit-Hunter-1.4.0.html Tue, 01 May 2012 21:24:57 GMT Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD. http://packetstormsecurity.org/files/112446/samhain-3.0.4.tar.gz http://packetstormsecurity.org/files/112446/samhain-3.0.4.tar.gz http://packetstormsecurity.org/files/112446/Samhain-File-Integrity-Checker-3.0.4.html Tue, 01 May 2012 15:43:58 GMT Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris. http://packetstormsecurity.org/files/112387/whmcs-google-scan.sh.txt http://packetstormsecurity.org/files/112387/whmcs-google-scan.sh.txt http://packetstormsecurity.org/files/112387/WHMCS-Scanning-Tool.html Tue, 01 May 2012 12:12:12 GMT WHMCS scanning tool that uses Google to find systems that are possible vulnerable to shell upload. http://packetstormsecurity.org/files/112334/360AnalyticsLtd-0.2.1.zip http://packetstormsecurity.org/files/112334/360AnalyticsLtd-0.2.1.zip http://packetstormsecurity.org/files/112334/360-FAAR-Firewall-Analysis-Audit-And-Repair-0.2.1.html Mon, 30 Apr 2012 14:34:58 GMT 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands. http://packetstormsecurity.org/files/112328/ropeadope.py.txt http://packetstormsecurity.org/files/112328/ropeadope.py.txt http://packetstormsecurity.org/files/112328/RopeADope-1.1-Linux-Log-Cleaner.html Mon, 30 Apr 2012 14:17:16 GMT RopeADope is a log cleaning script for Linux. http://packetstormsecurity.org/files/112298/clamsap-0.9.7.4.tar.gz http://packetstormsecurity.org/files/112298/clamsap-0.9.7.4.tar.gz http://packetstormsecurity.org/files/112298/ClamSAP-Libraries-0.9.7.4.html Fri, 27 Apr 2012 20:46:20 GMT ClamSAP consists of two C shared libraries that link between ClamAV and the Virus Scan Interface (VSI) of SAP (official name: NW-VSI). A SAP application can use the ClamAV engine to scan for malicious uploads in HTTP uploads, for example.