RetaRDS.pl checks for IIS web servers which are vulnerable to the RDS bug. Includes host list scanning and IDS evasion.
403685e902185c6430f4d3e3c3796c88Rivat is a distributed CGI scanner written in perl which scans for over 405 vulnerabilities.
3e13dff1d33f06227f8e2e98d96d6a46Sourcescan.pl looks through C source code for common vulnerabilities, including strcpy, gets, strcat, sprintf, fscanf, scanf, vsprintf, realpath, getopt, getpass, streadd, strecpy, strtrns, getenv, and setenv.
50605a5667497959c16b85bb906bde09Many IDS systems detect buffer overflow exploitation by looking for a series of NOP's (hex 90) which are typically used to pad the buffer so the offset does not have to be exact. Instead of using NOP's, a stealthy exploit could jump to the next instruction (jmp 0x00) or jump a small number of instructions.
898e0efcbc94600d8a277a92621efb6fBitchX dos exploit - joins a channel with %s in the name, and invites target nick.
bf1b93ace5b165b905107d790ed812c8Quick perl script to search through the history file of each user on your system for a certain command (i.e. "cat /etc/passwd").
f71cf01f566565752cfe0186d257add0sploitmon.pl is a simple yet sophisticated perl script that runs in the background to monitor Apache's access_log file for indications of an exploit scan. If one is detected, a new exploit_scan_log file is created with the details. Checks for /cgi-bin/phf, /cgi-bin/nph-test-cgi, and /cgi-bin/whois_raw.cgi.
aa2fb5d66590141e34932b7013cb78d9A simple yet sophisticated perl script that runs in the background and monitors for user attempts to su to root. If one is detected, the log file is immediately mailed to a specified user and a backup is created in /tmp. Very useful for attempting to keep track of logs after an intrusion has occured.
2f63d8f48ccd9afe6917c9af483afc1bsuidbofcheck.pl searches the system for suid binaries in /usr/bin, /bin, /sbin, and /usr/sbin and tests each one against a standard buffer overflow (both with and without the use of environmental variables) at a specified offset.
ee631de3074b32cc5abee50fd5c95f2dExploits the auto registration feature of most ChanServ bots and causes it to die. This exploit has been known to work on networks including DalNet, CobraNet and RelicNet.
8a03734daef08366c7690766b39ac3b7ICQ Web Front DOS Exploit - guestbook.cgi, part of ICQ web front, is vulnerable to a remote denial of service attack. This shell script exploit generates a malformed POST request and uses netcat to send it to port 80 of the victim host.
6e530d772062a21268ccd5286e033a80Magdalena.pl is a small utility written in perl that will scan a list of hostnames for a certain CGI. It lets the user define a string to match rather than just relying on HTTP codes.
61c76bb5db7783afa4a66946d68bfe06Exploit for the (patched) major security issue with networksolutions.com(easysteps.pl) which would have set up a bindshell if it had been run.
80779c804d5fff720b801a60ea920044The whois_raw.cgi perl script included in all freeware versions of the cdomain package allows remote attacker to view/retrieve any system files, such as /etc/passwd, and to execute commands. Exploit included, which drops a shell, unlike previous whois_raw.cgi exploits.
48b2fab0fc5db7bdc2845331f9f03a15communigate.pl is a DoS exploit against CommuniGatePro 3.1 for NT.
12c338c5686dcaa1f8283ab28b8e665e
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed