what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2004-01-06

chkrootkit-043.tar.gz
Posted Jan 6, 2004
Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit v0.43 locally checks for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: Better PROMISC mode detection on newer Linux kernels, new CGI backdoors detected, new rootkits added, and minor bug fixes.
tags | tool, trojan, integrity, rootkit
systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux
SHA-256 | 116242ca080fe3b4d62772e05c8a42ee4bd5a826ccb49a7b5aa0ed05b58e5758
toolkit.tgz
Posted Jan 6, 2004
Authored by r3dstorm

The R3dstorm Toolkit is a rootkit like utility which hides processes and files and was tested on Red Hat 9.0.

tags | tool, rootkit
systems | linux, redhat, unix
SHA-256 | 2b31937ef797c0b48a00e99462cb38c25d74fd46d7354bf828532adf1a57b757
Openwall Linux Kernel Patch
Posted Jan 6, 2004
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Fixes two newly discovered local root vulnerabilities in the mremap() system call. Ported to kernel v2.4.23.
tags | overflow, kernel
systems | linux
SHA-256 | ed2cf0f0331fa312c06bda8d7a5154da3f0532e142d13094457de775afb424fe
yinyang-1.0.zip
Posted Jan 6, 2004
Authored by Primac | Site yinyang.sourceforge.net

yinyang is a kernel module used to detect a file opening and passes that information to a daemon for action such as logging file transactions, anti-virus checking, and other file activities. Ideal for real-time on-access file scanning.

tags | kernel, virus
systems | linux
SHA-256 | d203f08bf9f7f8d70175d2752601233678644c81319fd93f6eb776353c2f91d4
AQTRONIX Security Advisory AQ-2003-02
Posted Jan 6, 2004
Authored by Parcifal Aertssen | Site aqtronix.com

AQTRONIX Security Advisory AQ-2003-02 - When an HTTP request with the verb TRACK under Microsoft IIS 5.0 is performed, the transaction is not logged. This can lead to the server being utilized for XST attacks along with other tactics for information gathering. Microsoft silently fixed this bug in IIS 6.0.

tags | advisory, web
SHA-256 | 1cc8f2eec00f14d310835e89c0e3a53b9d47467a9845df76a8e8d4c71dfffb75
exp-xsok-2.c
Posted Jan 6, 2004
Authored by n2n

Local gid=games exploit for xsok v1.0.2 and below that exploits the -xsokdir command line overflow bug.

tags | exploit, overflow, local
SHA-256 | c3a5c213c08d45eb04fe4e7433752ae2ab219ae36a5b6e16bf72bb3172fb8b95
exp-xsok.c
Posted Jan 6, 2004
Authored by n2n

Local gid=games exploit for xsok v1.0.2 and below that will automatically calculate the return address and has improved shellcode. Tested on RedHat 9.0.

tags | exploit, local, shellcode
systems | linux, redhat
SHA-256 | 3e6e7fbdfeca585aeec422ec95da58f46f9af1e35a26b5de75fcb316a7db05b6
Syskey.zip
Posted Jan 6, 2004
Authored by Nicola Cuomo | Site studenti.unina.it

Small whitepaper describing the obfuscation algorithm used by Windows 2k/NT/XP Syskey and the steps required to remove its encryption from the password hashes. Tools to automate the process included.

tags | paper
systems | windows
SHA-256 | f5f9bec45eda579187a441ef744709a51fad7d1713b89e43530fcc7690bca1d3
adore-ng-0.31.tgz
Posted Jan 6, 2004
Authored by teso, stealth | Site team-teso.net

Adore is a Linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.

Changes: Syslog filtering, wtmp/utmp/lastlog filtering, relinking of LKMs as described in Phrack #61.
systems | linux
SHA-256 | 87dcaf982e1058d9279347cd8fd26d51f9edbfca0e02f19d548cdcddcf6ffaf3
Trustscn_6.4_b85.exe
Posted Jan 6, 2004
Authored by Felipe Moniz de Aragao | Site syhunt.com

TrustSight Security Scanner 6.4 Build 85 is a new version of the web security scanner originally known as the Stealth HTTP Security Scanner. It provides 13,000 http vulnerability checks and runs on Win32 and Linux under Wine.

Changes: Improved scanning performance of web servers. Minor fixes. CVE Compatible.
tags | web
systems | linux, windows
SHA-256 | bf53602f4de0190f7c8493edad2e10e9e4e056e0b2ffe407a484218ee1e1194e
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close