Getting r00t 2k. A hacking guide for newbies that is completely written in Spanish. This has been created as a knowledge base for an understanding of hacking in South America and Spain as knowledge of hacking has gained more importance in these areas.
1773578b04e321244b6e66f4d60c103506061359e9e02c2945bfe8b49ffb063aSAINT is the Security Administrator's Integrated Network Tool. It gathers as much information about remote hosts and networks as possible by examining all network services and potential security flaws. The collected data can then be analyzed using a simple rules-based system (or via other included interfaces). In Exploratory Mode, SAINT will examine the avenues of trust and dependency and iterate further data collection runs over secondary hosts.
6dd4c82c81b35846a579cd99abd16083fe4815afbee039265e9bba71445d6be5More ways to abuse c|/con/con - In mail with html tags, in normal html, serv-u ftp, and win registry.
dbd63bc06595239243344b801d6472325cf936204765a3d9446777ea220235b9S.A.F.E.R. Security Bulletin 000317.EXP.1.5 - Remote user can obtain list of directories on Netscape. Netscape Enterprise Server with 'Web Publishing' enabled can be tricked into displaying the list of directories and subdirectories, if user supplies certain 'tags'.
28a1f7d9a52e29f7b6c7169a7703161db67a48f4e7b0b0a67e10192242dcf897RFP2K03 - Contemplations on dvwssr.dll and how it affects life. Lots of information here. Also includes a fixed versoin of the perl exploit.
35d74c40a89b7e8cc70b2ff471f069a45fac739fddcdc7582bf99957b60ddc84Windows keystroke logger - aimed at stealing a bios password. Visual Basic source included.
38c777ce53e8e33d266e679904dd73d55ae1d45ada9d5ba0a9dbe61ef92a6db6OS/2 suite of hacking tools - dnsscan scans a range of ip's for presents and resolves hostname, tcpscan is a classical connect() scanner for TCP service ports, udpscan scans UDP service ports, nbping Netbios information gathering tool, rhs, an os/2 trojan, epwrna is a portmapper service daemon, and rnc is the client for the trojan.
3250b4a3bdd558904de809b765769a243ce5de6535df2a5edd0393d7a5bc0da1The Sentinel project is designed to be a portable, accurate implementation of all publicly known promiscuous detection techniques. Sentinel currently supports 3 methods of remote promiscuous detection: The DNS test, Etherping test, and ARP test. Support for the ICMP Ping Latency test is under development.
02e142e7a8a5cfef8d6e749c0d6701a73239b098fd104c2605164562580266efSecure FTP (sftp) implements a file transfer protocol using ssh/rsh as the transport mechanism. When the client is invoked, a remote shell is spawned and the server is run. sftp is mainly useful over a secure ssh session since passwords are not exposed. It also has the advantage that no root access is required, since the server runs as a user process.
85a5c78020ddfa0bfb731ac1339828ffb05581c43a3501e9bda5390d6be56624syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.
bf0f60d0b240aad222ca48ebc861079b157b3ac72482591e0f9314e126752c56Anyone who can execute CGIMailer (anyone who can use the forms that use CGIMailer) can specify what configuration file to use and this can be any file on the system CGIMailer is running on. This allows for the existance of private files to be detected. There are more dangerous implications though: this vulnerability could possibly be exploited to obtain private files from the target system. If there is an FTP server running on the target system on which an attacker has upload priviledges, he/she could upload a malicious configuration file, and then run it using CGIMailer. Configuration files can be used to send files to the attacker via e-mail (among other things).
93e43f717e47063b7aa4ac1264f4e1f4436a2587838dfecd4a1ffd48d2008703Two exploits are included in this. It is a dcc chat buffer overflow in seperate exploits for linux and mirc.
f3545aeb86c142cd44d2d9e66a6762114035037eafe2d84e99ae2888730f8e89The geographical tracerouter for unix. It combines the fastest tracerouter with the ability to locate where the intermediate machines are located in the world.
957f35ba6bc4b75bb8076c3128b95ecfa078b5d0d8f18661cc29bd277d65b82aThis is a very flexible, easy to use password cracker for the Linux/Unix platform. Just specify the dictionary file and the passwd file and your set. It attempts to crack each password in the passwd file using the words from the dictionary file.
aaa548be3dd9642b28de076a0c47d9219f6698481dd270e20087bb6b40e3c253Port scanner with a nice interface. Prompts for banner.
8bd800104043b93ad61675985333a24b5e4beecff4a27488c42726047481d2a1Fake PS. A ps trojan that hides multiple services of your choice.
3e09bcc70563d501bf7435df4fda3acaa09a7abdba7db06486c4dfa3bbb3af65vulnerability in wmcdplay (installed on Halloween 4 Linux) (advisory + exploit
6477942c86ee6dd52bac80bf956cbed6863e52d464ae92b66bef9d20f7902b03vulnerability in atsadc (installed on Halloween 4 Linux) (advisory + exploit)
189114c1fe799648b677c16aa36fcc179942f685bacb5b0318c678f0cb0f01b9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed