BigBoo is a YABASST, Yet Another Block And Superblock Subversion Tool. It swallows, encrypts and hides your files in a ext2/ext3 or swap partition.
92a311d976af3b5d128519c2bf912806Kernel Security Therapy Anti-Trolls (KSTAT) is a very powerful security tool to detect many kinds of rogue kernel rootkits. It analyzes the kernel through /dev/kmem and detects modified syscalls as well as various other problems. This version runs on 2.4.x only, and can assist in finding and removing trojan LKMs. It supports network socket dumps, sys_call fingerprinting, stealth module scanning, and more.
96954a3d4b4dd623480b5ed05a7b7523Kstat is a powerful tool for Linux v2.4.x which displays information taken directly from kernel structures taken from /dev/kmem. This is especially useful when we can't trust output from usual sources and applications, for example after an unauthorized access to our systems. Effective if something like ps, ifconfig, lsmod, or system calls are patched.
01bdbde57c74a4e9a0c01c7eaf5b9794Kstat is a tool for Linux which can find an attacker in your system by a direct analysis of the kernel via /dev/kmem, bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). Kstat can find the syscalls which were modified by a LKM, list the linked LKMs, query one or all the network interfaces of the system, list all the processes and much more.
f6314c81beecea2df666f5c49f166c38FPF is a lkm for Linux which changes the TCP/IP stack in order to emulate other OS's TCP fingerprint. The package contains the lkm and a parser for the nmap file that let you choose directly the os you want.
96e0d902d790672c9e645fca88cc09e7S0ftpj Security Advisory SPJ-004-000 - Multiple remote CGI vulnerabilities in MailStudio2000. Users can view any file on the system, as well as execute commands remotely as root. Major search engines can be used to locate vulnerable hosts. Exploit descriptions included.
8a9281a0c39e117d2596d7473d567816Sniffit 0.3.7beta Linux/x86 Remote Exploit. Tested on RedHat 5.2, 6.0, 6.2.
929ce3bac86f2f7cf7fd42ec7e0807a4Linux kernel 2.2.x implementation of the CaRoGNa 2.0.x module Secret technique of the divine HOKUHACKO school [ Hokuto No Ken rules ;)] Sacred Strike of the Modular Renewal that bumps root down.
42718d42c8967fcdf62650d647e4424aSimple module to prevent lame people from using your box as a launch base for spoofed ip packets. Intercepts the socketcall() system call looking for the IP_HDRINCL parameter passed via setsockopt().
d75f42fbe84717789145d2ac2bdf1c4cLinux Loadable Kernel Module to keep an eye on the system, and add security 'on the fly' to a prexisting running box. Contains a simple implementation of BSD securelevels, while waiting for the official 'in-distro' arrival of Linux Capabilities [POSIX 1.e] in 2.4.x and strong ACLs.
6d45601756c7bd61466fd81365d98854s0ftpr0ject Security Advisory 003-000: Remotely Exploitable Buffer Overflow in Sniffit. Possibly all systems running Sniffit (0.3.7beta and all versions logging mail headers). Successful attacks depend on being able to craft shellcodes so they can bypass input filter.
c5083dca3fe64f7ab0a77d6906a7e0b4Spjy2ksniff.c Network sniffer to operate passive attacks and find weaknesses in the protection of the traffic on your LAN. It uses the pcap(3) library to access to datalink level. Newbie (limited) version.
19f75dc1b51019435852a74dc7a79cfa
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed