Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 11:48:00 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1795092605&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Mixter's%20Exploits%20and%20Tools%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fgroups%2Fmixter%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1795092605.1338205680.1338205680.1338205680.1%3B%2B__utmz%3D32867617.1338205680.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/26125/neatdocs.tgz http://packetstormsecurity.org/files/26125/neatdocs.tgz http://packetstormsecurity.org/files/26125/neatdocs.tgz.html Fri, 24 May 2002 05:06:17 GMT NEAT is a script language driven exploit/vulnerability management tool that does active penetration testing. This is a pre-release with documentation and code snippets. NEAT is similar to raccess but is more sophisticated. http://packetstormsecurity.org/files/26076/neolock.tgz http://packetstormsecurity.org/files/26076/neolock.tgz http://packetstormsecurity.org/files/26076/neolock.tgz.html Tue, 14 May 2002 06:53:47 GMT Neolock is a tool that is a combination of console security locking tool (vlock) matrix console screensaver (cmatrix). Provides more discreet and nicer console locking. http://packetstormsecurity.org/files/26075/ileech.tgz http://packetstormsecurity.org/files/26075/ileech.tgz http://packetstormsecurity.org/files/26075/ileech.tgz.html Tue, 14 May 2002 06:51:11 GMT Illeech is a collection of search engine harvesting scripts (google/altavista). http://packetstormsecurity.org/files/24637/libmix-122.tgz http://packetstormsecurity.org/files/24637/libmix-122.tgz http://packetstormsecurity.org/files/24637/libmix-122.tgz.html Sun, 15 Apr 2001 18:06:19 GMT LibMix is a library that provides an API for various useful functions, including an AES encryption interface, various network front-ends and low level datagram functions, as well as functions for string manipulations and other miscellaneous utility functions. It also includes functions to transmit encrypted data via stateless spoofed datagrams (tfntransmit/tfnread). http://packetstormsecurity.org/files/24636/Q-2.4.tar.gz http://packetstormsecurity.org/files/24636/Q-2.4.tar.gz http://packetstormsecurity.org/files/24636/Q-2.4.tar.gz.html Sun, 15 Apr 2001 17:38:37 GMT Q v2.4 is a client / server backdoor which features remote shell access with strong encryption for root and normal users, and a encrypted on-demand tcp relay/bouncer that supports encrypted sessions with normal clients using the included tunneling daemon. Also has stealth features like activation via raw packets, syslog spoofing, and single on-demand sessions with variable ports. http://packetstormsecurity.org/files/24145/issl.tgz http://packetstormsecurity.org/files/24145/issl.tgz http://packetstormsecurity.org/files/24145/issl.tgz.html Fri, 26 Jan 2001 07:51:18 GMT iSSL is a library offering a minimal cryptographical API that uses the ciphers RSA and AES to establish SSL-alike, secure encrypted communications between two peers communicating through a network socket, including session key generation and public key exchange. http://packetstormsecurity.org/files/23713/libmix-120.tgz http://packetstormsecurity.org/files/23713/libmix-120.tgz http://packetstormsecurity.org/files/23713/libmix-120.tgz.html Sat, 02 Dec 2000 23:11:43 GMT LibMix is a library that provides an API for various useful functions, including an AES encryption interface, various network front-ends and low level datagram functions, as well as functions for string manipulations and other miscellaneous utility functions. It also includes functions to transmit encrypted data via stateless spoofed datagrams (tfntransmit/tfnread). http://packetstormsecurity.org/files/22714/C-intro.tar.gz http://packetstormsecurity.org/files/22714/C-intro.tar.gz http://packetstormsecurity.org/files/22714/C-intro.tar.gz.html Wed, 02 Aug 2000 22:17:19 GMT Introduction to programming in C - Written with the goal of letting people get the most knowledge as fast as possible from it. http://packetstormsecurity.org/files/22542/md5bd.c http://packetstormsecurity.org/files/22542/md5bd.c http://packetstormsecurity.org/files/22542/md5bd.c.html Sat, 15 Jul 2000 21:48:54 GMT md5bd.c is a shell server/backdoor that uses a md5 encrypted password to authenticate, therefore the password cannot be retrieved from the server. http://packetstormsecurity.org/files/21918/pat2.tgz http://packetstormsecurity.org/files/21918/pat2.tgz http://packetstormsecurity.org/files/21918/pat2.tgz.html Wed, 24 May 2000 22:46:20 GMT Ping Analysis Tool II (PAT) performs icmp echo scans on a range of ip addresses as fast as physically possible. Features a dual-threaded scanning process and allows you to scan from a list of IP's. http://packetstormsecurity.org/files/17573/libmix-108.tgz http://packetstormsecurity.org/files/17573/libmix-108.tgz http://packetstormsecurity.org/files/17573/libmix-108.tgz.html Fri, 14 Apr 2000 20:29:37 GMT LibMix v1.08 is a library that provides an API for various useful functions, including an AES encryption interface, various network front-ends and low level datagram functions, as well as functions for string manipulations and other miscellaneous utility functions. It also includes functions to transmit encrypted data via stateless spoofed datagrams (tfntransmit/tfnread). http://packetstormsecurity.org/files/17572/nbnbs.c http://packetstormsecurity.org/files/17572/nbnbs.c http://packetstormsecurity.org/files/17572/nbnbs.c.html Fri, 14 Apr 2000 20:28:27 GMT nbnbs.c is a NetBIOS name bulk security scanner for unix. It does long-range network scans for NetBIOS names (Windows and UNIX Samba servers) and logs positives. Based off of nbname.c by mynock and ADM. http://packetstormsecurity.org/files/17507/Q-2.0.tgz http://packetstormsecurity.org/files/17507/Q-2.0.tgz http://packetstormsecurity.org/files/17507/Q-2.0.tgz.html Fri, 07 Apr 2000 00:29:15 GMT Q v2.0 is a client / server backdoor which features remote shell access with strong encryption for root and normal users, and a encrypted on-demand tcp relay/bouncer that supports encrypted sessions with normal clients using the included tunneling daemon. Also has stealth features like activation via raw packets, syslog spoofing, and single on-demand sessions with variable ports. http://packetstormsecurity.org/files/17506/libmix-107.tgz http://packetstormsecurity.org/files/17506/libmix-107.tgz http://packetstormsecurity.org/files/17506/libmix-107.tgz.html Fri, 07 Apr 2000 00:26:29 GMT LibMix v1.07 is a library that provides an API for various useful functions, including an AES encryption interface, various network front-ends and low level datagram functions, as well as functions for string manipulations and other miscellaneous utility functions. It also includes functions to transmit encrypted data via stateless spoofed datagrams (tfntransmit/tfnread). http://packetstormsecurity.org/files/10156/libmix-105.tgz http://packetstormsecurity.org/files/10156/libmix-105.tgz http://packetstormsecurity.org/files/10156/libmix-105.tgz.html Tue, 07 Mar 2000 12:38:31 GMT LibMix v1.05 is a library that provides an API for various useful functions, including an AES encryption interface, various network front-ends and low level datagram functions, as well as functions for string manipulations and other miscellaneous utility functions. It also includes functions to transmit encrypted data via stateless spoofed datagrams (tfntransmit/tfnread). http://packetstormsecurity.org/files/10329/coding.txt http://packetstormsecurity.org/files/10329/coding.txt http://packetstormsecurity.org/files/10329/coding.txt.html Fri, 25 Feb 2000 20:02:35 GMT Coding in C - a summary of some popular mistakes. Most of them are not detected at compile time with all warnings enabled, which makes them very nasty and hard to detect. http://packetstormsecurity.org/files/10543/shlog.c http://packetstormsecurity.org/files/10543/shlog.c http://packetstormsecurity.org/files/10543/shlog.c.html Fri, 25 Feb 2000 19:54:11 GMT shlog.c is a small program that will do getpeername on its input descriptor, and log a remote host, if it is invoked via a remote session, along with uid/gid to syslog. can be used as additional logging tool for login shells (by putting it into the system profile). http://packetstormsecurity.org/files/10544/pcfs.c http://packetstormsecurity.org/files/10544/pcfs.c http://packetstormsecurity.org/files/10544/pcfs.c.html Fri, 11 Feb 2000 19:24:36 GMT pcfs.c is a tool that creates a fake CFS (cryptographic file system) encrypted directory tree, which is reasonable indistinguishable from a real CFS directory. It proves that just having a CFS styled directory doesn't prove it actually contains real encrypted data. http://packetstormsecurity.org/files/10582/webscan.c http://packetstormsecurity.org/files/10582/webscan.c http://packetstormsecurity.org/files/10582/webscan.c.html Tue, 08 Feb 2000 21:58:18 GMT webscan.c is a fast multithreaded CGI and HTTP version scanner that is based off cgichk and can easily be updated. the cgi scanning y2k problem has been fixed in this version. http://packetstormsecurity.org/files/10583/virii.tgz http://packetstormsecurity.org/files/10583/virii.tgz http://packetstormsecurity.org/files/10583/virii.tgz.html Tue, 08 Feb 2000 21:57:39 GMT virii.tgz is a collection of files that are supposedly infected by a linux/elf virus that could be out and spreading in the wild. it also contains a detailed description of the suspicious actions the virus performs and the patterns that can be found in the files. http://packetstormsecurity.org/files/10584/trojans.txt http://packetstormsecurity.org/files/10584/trojans.txt http://packetstormsecurity.org/files/10584/trojans.txt.html Tue, 08 Feb 2000 21:57:07 GMT trojans.txt is a paper that deals with methods of analyzing, debugging and disassembling unix binaries, looking for viruses, trojans and other malicious code. http://packetstormsecurity.org/files/10585/rawpowr.c http://packetstormsecurity.org/files/10585/rawpowr.c http://packetstormsecurity.org/files/10585/rawpowr.c.html Tue, 08 Feb 2000 21:56:21 GMT rawpowr.c can access a block device containing an EXT2 file system in raw mode, changing all executables into suid executables. this demonstrates that security can easily be breached as soon as block devices are directly writable by the attacker. http://packetstormsecurity.org/files/10700/stasis.c http://packetstormsecurity.org/files/10700/stasis.c http://packetstormsecurity.org/files/10700/stasis.c.html Fri, 28 Jan 2000 01:04:34 GMT Stasis is a tool to fool atime/mtime timestamp checking. It records the timestamp of files, then periodically finds atime/mtime changes and restores the old timestamps, as if the files were never accessed / changed. http://packetstormsecurity.org/files/10824/ides.c http://packetstormsecurity.org/files/10824/ides.c http://packetstormsecurity.org/files/10824/ides.c.html Mon, 24 Jan 2000 19:18:58 GMT Intrusion Detection Evasion System is a daemon that monitors connections, and forges additional packets to hide from and disturb network monitoring processes of IDS and sniffers. It does this by inserting rst/fin and ack packets with bogus payloads and invalid sequence numbers that only affect network monitors. It also sends a custom amount of SYN requests from arbitrary sources on every real connection attempt it sees, which can for example be used to simulate coordinated scans. http://packetstormsecurity.org/files/10860/Q-1.0.tgz http://packetstormsecurity.org/files/10860/Q-1.0.tgz http://packetstormsecurity.org/files/10860/Q-1.0.tgz.html Tue, 18 Jan 2000 18:15:59 GMT Q 1.0 is a client / server backdoor which features remote shell access with strong encryption for root and normal users, and a encrypted on-demand tcp relay/bouncer that supports encrypted sessions with normal clients using the included tunneling daemon. Also has stealth features like activation via raw packets, syslog spoofing, and single on-demand sessions with variable ports. This version is downward compatible and includes a few bugfixes that make the remote access daemon work reliably.