ssharp is a tool for man in the middle attacks against SSH.
2e4df21e2413ddc4731a20b6106f2fb5a75feeccc9288a687315659cefe6ee28
Adore is a Linux LKM based rootkit for Linux v2.[246]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
f7f3132f7abb9f75bf1761c20916f778d3487efed3356124798ff769d61224c4
Adore is a Linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
87dcaf982e1058d9279347cd8fd26d51f9edbfca0e02f19d548cdcddcf6ffaf3
objobf is an obfuscater for x86/Linux ELF relocatable object files (.o files) that can produce fancy graphs to visualize function structures. Released at CCCAMP 2k3.
3afd6cb33f2bc2f444e4ae31ac730f84c53f71705207242063224711f8832449
loaded version 0.21 is an IPv4 load balancer for Linux. It requires netfilter and the QUEUE target enabled in the kernel.
289bf4facdf46653729a2bdb276ddbe1c97e51adb9d403a39f2cd8e30e4643c6
guess-who version 0.44 is a password brute force utility for SSH2.
214fd24fdc31ce0ae27321085714876bb3c2d68ef8c3cd97400ae0dbb86f3d8a
This utility converts a dynamically link Linux IA32 ELF binary to a static binary.
b2f98619b069e576e51819658cb1142cc8d9a95a54a65bd7749c5f19124f8240
Remote root exploit for Solaris Napalm heap overflow - SPARC version. Tested against SunOS 5.6, 5.7, 5.8, and 5.9. Attempts to add a root shell to inetd.conf.
31f1d3a448b985faea7b24302d4c77d14c5872c6dedf6a8acaba2c2b9b0d7b07
Burneye ELF encryption program 1.0.1 with full source and docs.
c117ac7c00e0b953d484b0dd8e5b77ddc2954e0e0c1141a8773c681ea19aa56b
Execution Path Timing Analysis of Unix Daemons - White paper on how to determine if a username is valid remotely by timing remote responses of login programs. OpenSSH diff against v2.99p2 which determines if a username exists even on the newest versions of OpenSSH included.
d10799a160420e1d98d3d1d82b71b468d6f8cbe44e6d70f262dddffda7cb071c
Suidperl v5.00503 and others tmp race local root exploit.
0cbc7a3b56529f76acc7c8ceebd4879b13b5f1e22f44319f11c7a07fcafd8c9d
7350pippi is a x86/Linux ipppd local root exploit.
d67d5f0185de854a8c944dc88002b38187342acf03013c765f3c8acdf84ebe84
7350lapsus is a lpr-3.0.48 Local root exploit. Requires root on a host counted in hosts.lpd and local account on lpd box. This is proof of concept, chown()ing /etc/passwd to a user named 'stealth'.
008fb511165627efdecec5b56039891877cb8c6295921fcc905fddc5f9d0f05c
7350cowboy.c is supposedly a PHP/3.0.12, 3.0.15, and 3.0.16 with apache 1.3.12 remote format string exploit for FreeBSD 3.4, Slackware Linux 4.0, and 7.0. Very similar to http://packetstormsecurity.org/0010-exploits/phploit.c.
e940a4a8984ee2cd304f252e58a8dff2073d5977d73bfb168d98d7d54ca42f0f
Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
ee53884a983a43ec25707f506863dc74451ddf00c166ffe16702abe049b32a70
Burneye ELF encryption program, x86-linux binary, version 1.0 - new year release!
abb3b6307900d42db68bca1fe91b32ee37668ddf3c3bc2481803bfd3c64fe830
Stripped burneye sources, for educational purposes (beside the speech + article).
6930a9cad59edd2543fbb07609b403472baa7babb7dcb0d0d20eeb60059386ad
TESO at CCC.
a7e9747dc72e7bd46c3287687584429cb7aae875051299f7e78c2bd9a6a83f5f
Weaknesses in the CHAP protocol as used within PPP and PPTP. Allows authentication in PPTP networks without knowing valid login/password combinations. This authentication scheme is widely used at universities (WLAN networks). A link to a special pppd which is able to authenticate without valid /etc/ppp/chap-secrets is included.
a57abb2faae0727b81e1510955840c818aed9a508d24a18b84c7c47e18cd0da4
TESO Security Advisory - LIDS Linux Intrusion Detection System vulnerability. The "Linux Intrusion Detection System" security patch for the Linux kernel creates a security vulnerability. Exploitation is easy and local users may be able to gain unrestricted root privileges.
8db59c973f0a09a893a58ab51abf452ad932286369e021ea1f5d4515063ef9d4
Exploiting Format String Vulnerabilities v1.2 - Includes over 30 pages of well organized information along with several examples.
4ec81ccf82417d72ae0551b3d1085e97a9b9867f7c180e6ba8dd7c5b18eb6b66
IOB stands for I/O bridge, a simple tty chaining program. It can be used to log almost any session, including ssh, gpg, pgp, cfsattach, losetup, etc.
29c258374e9799d3f17c6e1042df216aa63e48c532e3dc875a467a0d72b893c3
TESO Security Advisory #11 - Multiple vendor Telnet Daemon vulnerability. Most current telnet daemons in use today contain a buffer overflow in the telnet option handling. Under certain circumstances it may be possible to exploit it to gain root privileges remotely. Affected systems include BSDI 4.x, FreeBSD, IRIX, Linux with netkit-telnetd < 0.14, NetBSD, OpenBSD 2.x, and Solaris.
4849ac76d26caec6f947c4879fceb873db9d4fbf399d4ebadda0a88587f6c0ba
Adore is a linux LKM based rootkit for Linux v2.[24]. Features smart PROMISC flag hiding, persistent file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
bc8ab5303f03a7435098e0a13569dd423675198c8181472e3c458b68a2296ecf
Ldistfp is an identd fingerprinting tool which works well with all Linux and most *BSD hosts that have their auth service running.
2a08fdfb2ef25619d4dea35c00c18c685ae1ce253062aac1ea47fecf74f5383e