This Ruby code will test a specified Host's SSL certificate against the Debian-based blacklist of keys (RSA 2048 and DSA 1024) generated during the period where openssl on Debian-based installs suffered from a weakness in random number generation. Note that the blacklist is embedded in the code so the file is about 23 MB.
96666f341f89b312294862723156679cHhp-qtip.c is a local root exploit for /usr/bin/tip on BSDI 4.2. Requires access to tip, usually gid(dialer).
b1f1e53e81b7b495f4faeb362d585475Site Protector v2.0 password deciphering tool coded in javascript.
94d259f2a63e71595ba9c16696e98e1bThe TEA (Tiny Encryption Algorithm) is a Feistel type cipher; The block is split into two parts, each being 32 bits, 128 bit key, and by default uses 32 rounds.
f329eec0e937db186c88d61b40986914A local buffer overflow exploit for pileup v1.1 and maybe others. Will gain root[uid=0].
7bec7f726aa3536d50353cced6d8907eA local buffer overflow exploit for sccw v1.1 and maybe others. Will gain root[uid=0].
9f4fd01a61fe22039bc91d8ef6d301d6Cso.c is a remote exploit for cgicso included with cgiemail 1.6. Tested on Slackware Linux 7.1 running Apache 1.3.20.
bca688c3d593da49eb33f09d20d27877Hhp-temprace6_0.pl is a quick and simple temp race checker for Linux, BSD, Sun/Solaris and IRIX. Put together to eliminate the hassle of manual checking.
559f3a9f22658577b77a93c23f00ab8fA tcp proxy.
f2a2ad13de7b8861314c2677c4070683Chanshell is somewhat like an IRC bot with bash capabilities.
2fc1f88c2d7ba171edfce0b48424ffacProgramming and Programming Securely - How to do it. Includes information on argument checking, buffer checking, shell escapes, preventing races, logging, sly tricks, and more.
20f8b0010458cbdee0ef507d641cac7dA document Analysis tool which is useful for cryptanalysis. From May '98.
0a8358f22eec80a8cb66434421526159Hhp-gdc_smash.c is a local root exploit for gdc. Requires group wheel access. Tested on BSDI 4.1 x86 default install.
efae2c2cea50f03e11330ec67729ea53Hhp-ospf_smash.c is a local root exploit for ospf_monitor. Tested on BSDI 4.1 x86 default install.
b41b1c1bc193511d950a1c291c22c23fThis little utility will use a public service (netcraft) to check the web server version and operating system of a remote host.
a5cdbc365ef4c4de7316495a0af1d224Shellcode which plays audio (knock knock) vi /dev/dsp and setreuid(0,0) + execve shellcode for Linux/x86.
09ea4fb300968292550704403c558be9Expect v5.31.8 and v5.28.1 contains local buffer overflows. It is possible to exploit any suid/sgid expect application.
d4683a31e003e1d110fcc9fde5e5c203GnomeScott local buffer overflow which provides a gid=40 (game) shell on SuSE 6.4 and 7.0.
acd214c6042007d291a1c8f0fa829904Expect (/usr/bin/expect) v5.31.8 and v5.28.1 local buffer overflow exploit. Tested on Slackware 7.x. Advisory available here.
da8604330b6cf684127712d3e2938053Gnomehack local buffer overflow exploit which provides a gid=60 (games) shell on Debian 2.2.
13f17ac2fd9c6293682ff867a2aeab1bKwintv local buffer overflow exploit which provides a gid=33 (video) shell on SuSE 7.0.
dd5032ac157db74a06d24a992baca46cFancylogin v0.99.7 local root exploit. Tested on Red Hat 6.1.
bd17ae6dbc38a3a95fecc60e731790d5Generic ELF .dtors exploit.
d03e62839876d6b8544e584845e46fcdIpchains firewall frontend - Prompts enabled.
3a806aca1ca2ccaeca56f19ed379048aSTonX v0.6.5 and v0.6.7 local root exploit. Tested on Slackware 7.0.
8a1770d7784c6541840ba4ee8c888446
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed