ldistfp-0.1.4.tar.gz
Ldistfp is an identd fingerprinting tool which works well with all Linux and most *BSD hosts that have their auth service running.
View Articleadore-0.39b4.tgz
Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding,...
View Articleteso-advisory-011.txt
TESO Security Advisory #11 - Multiple vendor Telnet Daemon vulnerability. Most current telnet daemons in use today contain a buffer overflow in the telnet option handling. Under certain circumstances...
View Articleiob-0.1.tar.gz
IOB stands for I/O bridge, a simple tty chaining program. It can be used to log almost any session, including ssh, gpg, pgp, cfsattach, losetup, etc.
View Articleformatstring-1.2.tar.gz
Exploiting Format String Vulnerabilities v1.2 - Includes over 30 pages of well organized information along with several examples.
View Articleteso-advisory-012.txt
TESO Security Advisory - LIDS Linux Intrusion Detection System vulnerability. The "Linux Intrusion Detection System" security patch for the Linux kernel creates a security vulnerability. Exploitation...
View Articlechap.pdf
Weaknesses in the CHAP protocol as used within PPP and PPTP. Allows authentication in PPTP networks without knowing valid login/password combinations. This authentication scheme is widely used at...
View Articleburneye-stripped.tar.gz
Stripped burneye sources, for educational purposes (beside the speech + article).
View Articleburneye-1.0-linux-static.tar.gz
Burneye ELF encryption program, x86-linux binary, version 1.0 - new year release!
View Articleadore-0.42.tgz
Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding,...
View Article7350cowboy.c
7350cowboy.c is supposedly a PHP/3.0.12, 3.0.15, and 3.0.16 with apache 1.3.12 remote format string exploit for FreeBSD 3.4, Slackware Linux 4.0, and 7.0. Very similar to...
View Article7350lapsus.pl
7350lapsus is a lpr-3.0.48 Local root exploit. Requires root on a host counted in hosts.lpd and local account on lpd box. This is proof of concept, chown()ing /etc/passwd to a user named 'stealth'.
View Articleepta.tgz
Execution Path Timing Analysis of Unix Daemons - White paper on how to determine if a username is valid remotely by timing remote responses of login programs. OpenSSH diff against v2.99p2 which...
View Articleburneye-1.0.1-src.tar.bz2
Burneye ELF encryption program 1.0.1 with full source and docs.
View Articlesparc.c
Remote root exploit for Solaris Napalm heap overflow - SPARC version. Tested against SunOS 5.6, 5.7, 5.8, and 5.9. Attempts to add a root shell to inetd.conf.
View Articlereducebind.c
This utility converts a dynamically link Linux IA32 ELF binary to a static binary.
View Articleloaded-0.21.tgz
loaded version 0.21 is an IPv4 load balancer for Linux. It requires netfilter and the QUEUE target enabled in the kernel.
View Articleobjobf-0.5.0.tar.bz2
objobf is an obfuscater for x86/Linux ELF relocatable object files (.o files) that can produce fancy graphs to visualize function structures. Released at CCCAMP 2k3.
View Articleadore-ng-0.31.tgz
Adore is a Linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding,...
View Articleadore-ng-0.41.tgz
Adore is a Linux LKM based rootkit for Linux v2.[246]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding,...
View Article