Section: .. / advisories / b0f /
| /// File Name: |
bugzilla.txt |
Description:
|
BufferOverflow Advisory: Unchecked system call in Bugzilla 2.8. The script used to submit new bugs, process_bug.cgi, is vulnerable because it does not check the contents of the who field. Includes perl remote exploit code.
| | Author: | {} | | Homepage: | http://root66.nl.eu.org | | File Size: | 8782 | | Last Modified: | May 12 03:00:26 2000 |
| MD5 Checksum: | e31f4178d743cb63cb655661d9f6c3d2 |
|
| /// File Name: |
Neon_beta4.c |
Description:
|
-(- Neon beta4 -)- Simple Host or Iplist Cgi Scanner ( 356 ) Checks
| | Author: | axess | | Homepage: | http://www.b0f.com | | File Size: | 23908 | | Last Modified: | May 9 23:23:30 2000 |
| MD5 Checksum: | fcbbe41e4081d6f3ffc4902b86c685c9 |
|
| /// File Name: |
OMNI.SH |
Description:
|
Exploit/DoS for OmniHTTPd pro v.2.06 Win98 (NT not tested). The result is crash of remote server.
| | Author: | sirius | | Homepage: | http://www.b0f.com | | File Size: | 1850 | | Last Modified: | May 9 23:21:08 2000 |
| MD5 Checksum: | bcacbf9c5c4468cc5daa396b467a2b3e |
|
| /// File Name: |
b0stt.tar.gz |
Description:
|
Buffer0verfl0w Security Team Ssh Trojan - Does not log anything to system logs(utmp,wtmp,lastlog and the rest of syslogd logs), it also logs all incoming/outcoming ssh passwords.
| | Author: | xfer | | Homepage: | http://b0f.freebsd.lublin.pl | | File Size: | 83433 | | Last Modified: | May 8 05:09:22 2000 |
| MD5 Checksum: | 3ca811fa7c30725b688e469ac3d73e0a |
|
| /// File Name: |
trappa.tar.gz |
Description:
|
Trappa detects a CGI scan and sends an alert message to syslog with the attackers IP+Web Browser. Works by installing decoy CGI scripts in the cgi-bin directory.
| | Author: | Narrow | | Homepage: | http://www.b0f.com | | File Size: | 1620 | | Last Modified: | May 8 00:26:54 2000 |
| MD5 Checksum: | 363448532830a960dc354287a21ad11f |
|
| /// File Name: |
aurora.tgz |
Description:
|
Project aurora is lamagra's non-blind LAN spoofing project. It can be used to create TCP connections from a non-existing box or another box in the network. The biggest problem while spoofing was guessing the sequence numbers to acknowledge and that the other box always sends back a reset when it receives a SYN|ACK. This used to be solved by abusing small bugs in the tcpip stack.
| | Author: | lamagra | | Homepage: | http://lamagra.seKure.de | | File Size: | 7607 | | Last Modified: | May 5 22:06:34 2000 |
| MD5 Checksum: | 6b276aa4c57241cef0a88d7306e26461 |
|
| /// File Name: |
spider.tgz |
Description:
|
fs-spider is a multi-threaded bad permissions finder (user defined). It
| | Author: | lamagra | | Homepage: | http://lamagra.seKure.de | | File Size: | 4146 | | Last Modified: | May 5 22:04:01 2000 |
| MD5 Checksum: | 48bb15ad312e8be76f26b4bcc38bb6be |
|
| /// File Name: |
connect.c |
Description:
|
This shellcode creates a connection to a host/port and starts a shell. This should be more anti-IDS then the others and it can go through a firewall.
| | Author: | lamagra | | Homepage: | http://lamagra.seKure.de | | File Size: | 2735 | | Last Modified: | May 5 21:57:15 2000 |
| MD5 Checksum: | b92b48091663aeca497d26a0b45769f0 |
|
| /// File Name: |
elm-smash.c |
Description:
|
This exploit spawns an EGID mail shell on the default Slackware 4 install.
| | Author: | scrippie | | Homepage: | http://b0f.freebsd.lublin.pl | | File Size: | 2267 | | Last Modified: | May 5 21:03:19 2000 |
| MD5 Checksum: | 9103ea3b4c415060fa4ec20011b06106 |
|
| /// File Name: |
connect.asm |
Description:
|
Passive Connection Shellcode. Source is well documented.
| | Author: | scrippie | | Homepage: | http://b0f.freebsd.lublin.pl | | File Size: | 3152 | | Last Modified: | May 5 01:47:42 2000 |
| MD5 Checksum: | 966774e7b1d15bd8e89934220bcd309d |
|
| /// File Name: |
how.defaced.apache.org.txt |
Description:
|
How www.apache.org was defaced. This paper does _not_ uncover any new vulnerabilities. It points out common (and slightly less common) configuration errors, which even the people at apache.org made. This is a general warning. Learn from it.Authored By {} and Hardbeat.
| | File Size: | 6220 | | Last Modified: | May 4 23:03:52 2000 |
| MD5 Checksum: | 6fcb5e9296d4d2412c8cd9e03a7ac4d4 |
|
| /// File Name: |
tp2.sh |
Description:
|
Timbuktu Pro 2.0b650 denial of service exploit.
| | Author: | eth0 | | Homepage: | http://b0f.freebsd.lublin.pl | | File Size: | 1522 | | Last Modified: | Apr 27 18:24:08 2000 |
| MD5 Checksum: | 9f2830f69b5d9919739d014f885ba830 |
|
| /// File Name: |
sqlsyslogd.c |
Description:
|
syslogd-to-MySQL wrapper v0.1 prebeta. Stores syslog messages in a MySQL database. Written for FreeBSD.
| | Author: | Venglin | | Homepage: | http://www.freebsd.lublin.pl | | File Size: | 3452 | | Last Modified: | Apr 26 02:55:38 2000 |
| MD5 Checksum: | 9a055ca5347884d3708e659ce3ae8a55 |
|
| /// File Name: |
plogd2.c |
Description:
|
Plogd v2 (Revision 1.5) is a syn/udp/icmp packet logger for freebsd.
| | Author: | Przemyslaw Frasunek | | Homepage: | http://freebsd.lublin.pl/ | | Changes: | Fixed fd leak, misc bugfixes. | | File Size: | 10613 | | Last Modified: | Apr 26 02:49:08 2000 |
| MD5 Checksum: | eef674504b75af8c3aa2b70b04a1ae7d |
|
| /// File Name: |
b0f3-ncurses.txt |
Description:
|
BufferOverflow Security Advisory #3 - libncurses buffer overflow in NCURSES 1.8.6 on FreeBSD 3.4-STABLE. Setuid programs linked with libncurses can be exploited to obtain root access.
| | Author: | Venglin | | Homepage: | http://www.b0f.com | | File Size: | 1493 | | Last Modified: | Apr 25 00:37:30 2000 |
| MD5 Checksum: | 6498cacb6f034cf8c3e1a0d842966aaa |
|
| /// File Name: |
stringwiper.sh |
Description:
|
Stringwiper is a shell script that wipes a certain string from all files in /var/log.
| | Author: | Axess | | Homepage: | http://www.b0f.com | | File Size: | 1009 | | Last Modified: | Apr 21 22:04:00 2000 |
| MD5 Checksum: | 7fedda4412646f990615f444f96a5965 |
|
| /// File Name: |
nschecker.sh |
Description:
|
nschecker.sh NS Security Scanner - Uses dig to query the bind version from a list of ips.
| | Author: | Axess | | Homepage: | http://www.b0f.com | | File Size: | 1982 | | Last Modified: | Apr 21 22:04:00 2000 |
| MD5 Checksum: | 62f4b7a9625cf389e7e581a0e97e8536 |
|
| /// File Name: |
gibd00r3.c |
Description:
|
gibd00r3.c is a passworded backdoor which pretends to be an ident daemon.
| | Author: | Axess | | Homepage: | http://www.b0f.com | | File Size: | 3032 | | Last Modified: | Apr 21 22:04:00 2000 |
| MD5 Checksum: | 967dd190a53f9ccca2ee70bb035b752f |
|
| /// File Name: |
b0f2-NetOp.txt |
Description:
|
BufferOverflow Advisory #2 - The NetOp Remote Control for NT tool allows anyone with a client to connect to the host software and download any file. Version 6 is vulnerable.
| | Author: | Axess | | Homepage: | http://www.b0f.com | | File Size: | 2044 | | Last Modified: | Apr 19 02:56:14 2000 |
| MD5 Checksum: | 90008d5a73104863d3757608ebafa575 |
|
| /// File Name: |
nt.security.check.part2.txt |
Description:
|
Evaluating the Security of a NT System Part II - In depth information on NT security. Includes discussion of Groups and User rights, The Administrator Account and Administrators Group, The Guest Account and Everyone Group, Files Folders Permissions and Shares, Virus and Trojan Horse Controls, Auditing and Event Logs, and backup.
| | Author: | Slash | | Homepage: | http://www.b0f.com | | File Size: | 15326 | | Last Modified: | Apr 19 02:47:32 2000 |
| MD5 Checksum: | fe7e11cad54e919bd29cead6d72f68af |
|
| /// File Name: |
bsyrin1.zip |
Description:
|
Buffer Syringe is a tool for checking servers/daemons (e.g. ftp) for buffer overflow(s) on given parameter(s) (a stress tool if you may). It has a flexible configuration file where you input the parameters needed to run the program and it logs sessions to textfile for easy viewing and printing.
| | Author: | Digital Monkey | | File Size: | 24821 | | Last Modified: | Apr 17 23:48:54 2000 |
| MD5 Checksum: | 7c18e001b401c47b2eb6f113cc730c42 |
|
| /// File Name: |
warftpd.c |
Description:
|
WarFtpd dos attack - The buffer overflow seems to occur because the bound check of the command of MKD/CWD is imperfect. War FTPd 1.70-1 does fix this problem, but it contains other vulnerabilities.
| | Author: | eth0 | | Homepage: | http://www.b0f.com | | File Size: | 2298 | | Last Modified: | Apr 15 23:30:00 2000 |
| MD5 Checksum: | 7b5df6570bf8564ddc9a989902540d66 |
|
| /// File Name: |
IRIX.Login.Security.txt |
Description:
|
IRIX Login Security - In this paper you will learn a bit about logins, and the seriousness of what could happen if you don't take certain precautions. You will have found out some options you can take with your logins, certain restrictions, and a lot more.
| | Author: | Prizm | | File Size: | 18157 | | Last Modified: | Apr 10 04:41:31 2000 |
| MD5 Checksum: | e63b7ee974a2cce3da3eabb47ebfaf7e |
|
| /// File Name: |
sc.tgz |
Description:
|
sc.tgz is a bunch of linux shellcodes. x86: shellexecuting, portbinding, encrypted (to avoid IDS detection), cdrom ejecting, writing (append "lamagra was here" to /etc/motd) , reading (read 255 chars and execute). tools: a tool that "creates" shellcode from the _start of a program, a list of useful syscalls + arguments. m68k: reading, shellexecuting.
| | Author: | Lamagra | | Homepage: | http://lamagra.seKure.de | | File Size: | 4644 | | Last Modified: | Apr 5 22:04:00 2000 |
| MD5 Checksum: | a8c3ed7bd209e48aa86b7e725075d9eb |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
