Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 11:50:05 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1928535148&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=r00tabega%20releases%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fgroups%2Fr00tabega%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1928535148.1338205805.1338205805.1338205805.1%3B%2B__utmz%3D32867617.1338205805.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/24585/RetaRDS.pl http://packetstormsecurity.org/files/24585/RetaRDS.pl http://packetstormsecurity.org/files/24585/RetaRDS.pl.html Sat, 07 Apr 2001 07:58:51 GMT RetaRDS.pl checks for IIS web servers which are vulnerable to the RDS bug. Includes host list scanning and IDS evasion. http://packetstormsecurity.org/files/22688/rivat.tgz http://packetstormsecurity.org/files/22688/rivat.tgz http://packetstormsecurity.org/files/22688/rivat.tgz.html Mon, 31 Jul 2000 21:22:46 GMT Rivat is a distributed CGI scanner written in perl which scans for over 405 vulnerabilities. http://packetstormsecurity.org/files/22687/sourcescan.pl http://packetstormsecurity.org/files/22687/sourcescan.pl http://packetstormsecurity.org/files/22687/sourcescan.pl.html Mon, 31 Jul 2000 21:13:39 GMT Sourcescan.pl looks through C source code for common vulnerabilities, including strcpy, gets, strcat, sprintf, fscanf, scanf, vsprintf, realpath, getopt, getpass, streadd, strecpy, strtrns, getenv, and setenv. http://packetstormsecurity.org/files/22686/stealthcode.txt http://packetstormsecurity.org/files/22686/stealthcode.txt http://packetstormsecurity.org/files/22686/stealthcode.txt.html Mon, 31 Jul 2000 21:10:57 GMT Many IDS systems detect buffer overflow exploitation by looking for a series of NOP's (hex 90) which are typically used to pad the buffer so the offset does not have to be exact. Instead of using NOP's, a stealthy exploit could jump to the next instruction (jmp 0x00) or jump a small number of instructions. http://packetstormsecurity.org/files/22456/bx-dos.pl http://packetstormsecurity.org/files/22456/bx-dos.pl http://packetstormsecurity.org/files/22456/bx-dos.pl.html Thu, 06 Jul 2000 23:02:22 GMT BitchX dos exploit - joins a channel with %s in the name, and invites target nick. http://packetstormsecurity.org/files/22249/usercheck.pl http://packetstormsecurity.org/files/22249/usercheck.pl http://packetstormsecurity.org/files/22249/usercheck.pl.html Thu, 29 Jun 2000 15:31:13 GMT Quick perl script to search through the history file of each user on your system for a certain command (i.e. "cat /etc/passwd"). http://packetstormsecurity.org/files/22248/sploitmon.pl http://packetstormsecurity.org/files/22248/sploitmon.pl http://packetstormsecurity.org/files/22248/sploitmon.pl.html Thu, 29 Jun 2000 15:29:47 GMT sploitmon.pl is a simple yet sophisticated perl script that runs in the background to monitor Apache's access_log file for indications of an exploit scan. If one is detected, a new exploit_scan_log file is created with the details. Checks for /cgi-bin/phf, /cgi-bin/nph-test-cgi, and /cgi-bin/whois_raw.cgi. http://packetstormsecurity.org/files/22247/sumon.pl http://packetstormsecurity.org/files/22247/sumon.pl http://packetstormsecurity.org/files/22247/sumon.pl.html Thu, 29 Jun 2000 15:17:17 GMT A simple yet sophisticated perl script that runs in the background and monitors for user attempts to su to root. If one is detected, the log file is immediately mailed to a specified user and a backup is created in /tmp. Very useful for attempting to keep track of logs after an intrusion has occured. http://packetstormsecurity.org/files/22246/suidbofcheck.pl http://packetstormsecurity.org/files/22246/suidbofcheck.pl http://packetstormsecurity.org/files/22246/suidbofcheck.pl.html Thu, 29 Jun 2000 15:15:46 GMT suidbofcheck.pl searches the system for suid binaries in /usr/bin, /bin, /sbin, and /usr/sbin and tests each one against a standard buffer overflow (both with and without the use of environmental variables) at a specified offset. http://packetstormsecurity.org/files/22245/chanserv.c http://packetstormsecurity.org/files/22245/chanserv.c http://packetstormsecurity.org/files/22245/chanserv.c.html Thu, 29 Jun 2000 15:13:25 GMT Exploits the auto registration feature of most ChanServ bots and causes it to die. This exploit has been known to work on networks including DalNet, CobraNet and RelicNet. http://packetstormsecurity.org/files/22101/icqwebfront.sh http://packetstormsecurity.org/files/22101/icqwebfront.sh http://packetstormsecurity.org/files/22101/icqwebfront.sh.html Fri, 09 Jun 2000 22:31:03 GMT ICQ Web Front DOS Exploit - guestbook.cgi, part of ICQ web front, is vulnerable to a remote denial of service attack. This shell script exploit generates a malformed POST request and uses netcat to send it to port 80 of the victim host. http://packetstormsecurity.org/files/21998/magdalena.pl http://packetstormsecurity.org/files/21998/magdalena.pl http://packetstormsecurity.org/files/21998/magdalena.pl.html Thu, 01 Jun 2000 04:28:32 GMT Magdalena.pl is a small utility written in perl that will scan a list of hostnames for a certain CGI. It lets the user define a string to match rather than just relying on HTTP codes. http://packetstormsecurity.org/files/17840/netsol.c http://packetstormsecurity.org/files/17840/netsol.c http://packetstormsecurity.org/files/17840/netsol.c.html Thu, 11 May 2000 01:03:56 GMT Exploit for the (patched) major security issue with networksolutions.com(easysteps.pl) which would have set up a bindshell if it had been run. http://packetstormsecurity.org/files/17659/whois_raw.c http://packetstormsecurity.org/files/17659/whois_raw.c http://packetstormsecurity.org/files/17659/whois_raw.c.html Sat, 22 Apr 2000 05:50:46 GMT The whois_raw.cgi perl script included in all freeware versions of the cdomain package allows remote attacker to view/retrieve any system files, such as /etc/passwd, and to execute commands. Exploit included, which drops a shell, unlike previous whois_raw.cgi exploits. http://packetstormsecurity.org/files/17626/communigate.pl http://packetstormsecurity.org/files/17626/communigate.pl http://packetstormsecurity.org/files/17626/communigate.pl.html Fri, 21 Apr 2000 22:35:44 GMT communigate.pl is a DoS exploit against CommuniGatePro 3.1 for NT.