Apache + OpenSSL v0.9.6d and below exploit for FreeBSD. Tested on FreeBSD 4.4-STABLE, FreeBSD 4.4-RELEASE, FreeBSD 4.5-RELEASE, and FreeBSD 4.6-RELEASE-p1 with Apache-1.3.26 and Apache-1.3.19. Modified to brute force the offset from openssl-too-open.c. Updated by Ech0, and ysbadaddn.
d22209dfa296d626007b88527d9af34b681b9169c571f3e5c5859d8428447224
Logrep is a framework for extraction and presentation of information from several kinds of logfiles. Currently Snort, Squid, Postfix, Apache, Trend Micro VirusWall, and Microsoft IIS are supported. Includes HTML reports, 2D analysis, overview page, secure communication, and bar charts.
735ec960984c399de513f0bbc1fb7aada014033e5a7c0f47e11f5c988d9b0d0f
The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440.
ec17b509b3bd340b49ac1b0607da204d0b9eebf460d9813543e906493ec8828e
Apache OpenSSL v0.9.6d mass scanner. When a vulnerable server is found code is launched. Includes targets for Apache 1.3.6, 1.3.9, 1.3.12, 1.3.19, 1.3.20, 1.3.26, 1.3.23, and 1.3.14. Includes openssl-too-open binary.
aa1467984afb050f4cdbdb18e5960709046b1acf4e899c587a3bb5f32f81af72
Linuxconf v1.28r3 and below local exploit which uses the ptrace method to find the offset. Tested on Mandrake 8.0 and 8.2, and Redhat 7.2 and 7.3.
7c69399dd7f5a08de186e149072b4b0ffad0e4adecf6598bc7fb8d45d8cc6354
Sugarplum is an automated spam-poisoner which feeds large quantities of realistic and enticing but otherwise utterly useless data to wandering spam-bots such as EmailSiphon, Cherry Picker, etc. The intention is to so contaminate spammers' databases as to require culling out large portions, including any real data, and/or to require that spambots be instructed to avoid your site. Sugarplum detects so-called "stealth" spambots, and can be used to activate firewalling or more aggressive countermeasures at the administrator's option. It includes Apache mod_rewrite rules for known spambots.
124b845692b43efa809384e363163cdd16890b144351bdfc5e5bd84e64b2ea20
Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.
c36b6f33fcd4a4f326ec192d78c9f0260d01e5d739e790a7473222ddcbbe15e9