.:[ packet storm ]:.
                             
beyond paranoid
beyond paranoid

 Section:  .. / papers / unix  /

Page 2 of 4
<< 1 2 3 4 >> Files 25 - 50 of 76
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: fstream-overflows.txt
Description:
 This paper describes FILE stream overflow vulnerabilities and illustrates how they can be exploited. The author uses a FILE stream overflow in dvips as a case study.
Author:Killah.
Homepage:http://www.hack.gr/users/killah/
File Size:15126
Last Modified:Feb 3 06:14:57 2003
MD5 Checksum:886e4343079f8bdc593fe647b77e9859

 ///  File Name: ftp.conversions.txt
Description:
 There exists a vulnerability with certain configurations of certain ftp daemons with which users with a valid ftp only acccount on a system may execute arbitrary commands (including binaries supplied by themselves). There also exists the possibilty that anonymous ftp users may execute arbitrar y commands (also including binaries supplied by themselves). While this vulnerability is entirely configuration dependent. The required configuration is rather common. Exploit information here.
Author:suid
Homepage:http://www.suid.edu/advisories/
File Size:6411
Last Modified:Dec 20 16:52:02 1999
MD5 Checksum:60d91c3dfdbb29df1e4f8c03f721854e

 ///  File Name: FV.txt
Description:
 Finding Vulnerabilities - This paper explains the auditing of C source code to find application exploits. Includes a practical example of how to hack an IDS that was coded for a website.
Author:Bob
Homepage:http://blaat.dtors.net
File Size:11623
Last Modified:Sep 17 09:48:12 2002
MD5 Checksum:6e349f14320160b2b874d172bdb12a94

 ///  File Name: ifg.html
Description:
 What you don't know will hurt you - Remote information gathering. This paper outlines two models of information gathering . The first model is "noisy" where the attacker uses all known resources with little reguard for what footprints* might be left on the target. The second is "stealthy". Wherein the attacker uses methods and packages designed to subvert logging facilities on the target.
Author:Larry W. Cashdollar
Homepage:http://vapid.dhs.org/
File Size:45016
Last Modified:Feb 25 00:00:20 2000
MD5 Checksum:8c5d2cd4001ad4470133c36a43af996f

 ///  File Name: IM2001.pdf.gz
Description:
 Monitoring Networks Using ntop - How to monitor networks using the security tool ntop. Includes information on how to use it as a lightweight IDS.
Homepage:http://www.ntop.org/ntop.html
File Size:61795
Last Modified:Jul 10 20:49:36 2001
MD5 Checksum:d7040802ce1e515343918c4951abd3e9

 ///  File Name: init_rpi.txt
Description:
 Whitepaper detailing how to successfully patch the linux kernel in order to allow ptracing /sbin/init, and subsequently inject a connect-back shellcode into the target process. Patch code included.
Author:Christophe Devine
File Size:18196
Last Modified:Dec 30 13:49:58 2003
MD5 Checksum:416c6fffc2174a4c171d7edaeccba127

 ///  File Name: iptun-ssl.txt
Description:
 Step by Step instructions for tunnelling IP through an SSL Proxy using two linux boxes, pppd, ipfwadm, and ppptcp-ssl.
Author:Coaxial Karma
File Size:3414
Last Modified:Dec 24 05:20:25 1999
MD5 Checksum:f97085de399eda7f63b62850784a1e00

 ///  File Name: IRIX.Login.Security.txt
Description:
 IRIX Login Security - In this paper you will learn a bit about logins, and the seriousness of what could happen if you don't take certain precautions. You will have found out some options you can take with your logins, certain restrictions, and a lot more.
Author:Prizm
File Size:18157
Last Modified:Apr 9 22:41:31 2000
MD5 Checksum:e63b7ee974a2cce3da3eabb47ebfaf7e

 ///  File Name: lfv.txt
Description:
 Looking for Vulnerabilities - Our approach has been to look for a few common mistakes in programs (and scripts) of interest (mainly setuid, setgid programs and network servers). This paper focuses on unsafe temp files, unsafe environment, and buffer overflows.
Author:Antonomasia
File Size:4882
Last Modified:Jul 18 02:36:19 2001
MD5 Checksum:c19d28b643f5801709d883ff41b13972

 ///  File Name: linux-390-shellcode-devel.txt
Description:
 Writing shellcode for Linux/390 mainframes. Includes port binding shellcode example.
Author:Johnny Cyberpunk
Homepage:http://www.thc.org
File Size:20406
Last Modified:Jul 24 00:55:51 2002
MD5 Checksum:7065ee89fdd6f0feef6c441ebd9d9031

 ///  File Name: linux.txt
Description:
 Beginners Guide to Linux + Easy Installation Guide version 1.1 - I'd bet some of the people reading this description are using Windows, and are afraid to install Unix on their computer for some reason. "Sure, Unix does all those cool things and has better security and most Unix programs are open-source, but what will happen if I'll screw up with the installation and delete my old copy of Windows?" Black Sun Research Facility presents - an easy to understand and simple installation guide for Redhat Linux and Mandrake Linux, the two most easiest-to-install distributions (although this tutorial is good for other common Linux distributions as well).
Author:Barakirs
File Size:33524
Last Modified:Dec 11 15:04:15 1999
MD5 Checksum:d9cb2e5a272312e5564957dd36cd938f

 ///  File Name: logs.txt
Description:
 Commonly overlooked audit trails on intrusions. This is my attempt of compiling a 'top list' of audit trails that are being left after intrusions where the intruders try to cover their tracks but don't do a good job. To put it short, there are actually a lot of audit trails on a normal UNIX system, which can almost all be overcome, but with some effort, that most intruders evade.
Author:Mixter
Homepage:http://members.tripod.com/mixtersecurity
File Size:6319
Last Modified:Dec 6 19:26:19 1999
MD5 Checksum:b16d1ecc218691d9dced63d62e760712

 ///  File Name: m68koverflows
Description:
 A little article on m68k buffer overflows + shellcode.
Author:Lamagra
File Size:5660
Last Modified:Feb 15 15:29:38 2000
MD5 Checksum:42d0b829fbbaa6931036905d49008c5f

 ///  File Name: mac.txt
Description:
 Mandatory Access Control tutorial to correctly and safely install, configure, and use MAC policies. Written for FreeBSD users. Full step by step details given with explanations.
Author:Bugghy
Homepage:http://vaida.bogdan.googlepages.com/
File Size:23878
Last Modified:Apr 17 08:17:00 2004
MD5 Checksum:6863069367b013e42b38720c4e26da80

 ///  File Name: manipulating.dtors.txt
Description:
 A paper that details the manipulation of the destructor when utilizing a buffer overflow, a format string attack, or corrupting a malloc chunk.
Author:Bob
File Size:6781
Last Modified:Jul 6 03:18:36 2003
MD5 Checksum:cf655444e6c3559bebdf6fd69d4b4aeb

 ///  File Name: memorylayout.txt
Description:
 Memory Layout - Detailed information on memory management.
Author:Frédérick Giasson
Homepage:http://www.decatomb.com
File Size:110138
Last Modified:Jul 8 03:29:09 2002
MD5 Checksum:eccc537f79e41f8e72c26f58a7c3722d

 ///  File Name: Netric-RE-partII.pdf
Description:
 Radical Environments part II - This paper continues where part one left off, detailing a technique in writing 0 bytes when exploiting a local buffer overflow using a non-executable stack with the heap being stored in memory at a virtual address containing a \x00 byte.
Author:gloomy, The Itch
Homepage:http://www.netric.org
File Size:31363
Last Modified:Apr 22 01:58:29 2003
MD5 Checksum:6ae5f2cc150e8976d7d2778c6fb57fcd

 ///  File Name: noroot.ps
Description:
 Life Without Root: A method for authorizing users to perform certain system administration tasks without giving them the super-user password
File Size:82758
Last Modified:Oct 1 17:22:48 1999
MD5 Checksum:db036d542aa53454f5503454ec32d190

 ///  File Name: omega.txt
Description:
 Tutorial on a new way of exploiting buffer overflows (ret-into-libc).
Author:Lamagra.
File Size:9138
Last Modified:Oct 22 14:06:20 1999
MD5 Checksum:567d84e713346700e3c79f318f95c78a

 ///  File Name: osstmm.pdf
Description:
 Open-Source Security Testing Methodology Manual - This is a document of Internet security testing methodology, a set of rules and guidelines for solid penetration testing, ethical hacking, and information security analysis including the use of open source testing tools for the standardization of security testing and the improvement of automated vulnerability testing tools.
Homepage:http://www.ideahamster.org
File Size:321442
Last Modified:Apr 7 02:14:08 2001
MD5 Checksum:039e3cb8c5d94cdfe5ee1b5f56784f88

 ///  File Name: Overflows.txt
Description:
 This guide intends to teach the basics of buffer overflow to the average C programmer without the need for complex knowledge of assembly. Written with FreeBSD 4.2-Release in mind, but written for x86 *nix.
Author:Fides
File Size:11086
Last Modified:Mar 16 21:18:18 2001
MD5 Checksum:80f65b73212240d5bf980459a615515b

 ///  File Name: password.ps
Description:
 UNIX Password Security: A discussion of the importance of well-chosen passwords, and how passwords are cracked
File Size:45570
Last Modified:Oct 1 17:22:48 1999
MD5 Checksum:3c8d71c2787c83c6a5383dc49ec62d85

 ///  File Name: ppc.shellcode.txt
Description:
 Power PC shellcode. LinuxPPC and BSD (darwin?) versions are included.
Author:Palante
File Size:11888
Last Modified:Nov 17 16:05:37 1999
MD5 Checksum:544ea5c5049203fa4db8159ed39bee81

 ///  File Name: promiscuous_detection_01.pdf
Description:
 In the local network, the act of sniffing has become a serious threat. Malicious users can use sniffing techniques to steal confidential documents and anyone's privacy by sniffing the network. Sniffing causes privacy intrusion, and can be done simply by downloading free sniffer tools from the Internet and installing them into a personal computer that resides on the local network. The documentation below discusses the use of Address Resolution Protocol (ARP) packets to effectively detect malicious users when they are sniffing the network. The tool Promiscan implements the techniques discussed in this document.
Homepage:http://www.securityfriday.com
File Size:95873
Last Modified:Dec 8 21:35:57 2001
MD5 Checksum:bc65962e49e09ab64b3e0d74e72cfe7d

 ///  File Name: rdCpaper-fb.text
Description:
 How to exploit format string vulnerabilities - In Spanish.
Author:Venomous
Homepage:http://www.rdcrew.com.ar
File Size:14819
Last Modified:Dec 23 21:22:32 2000
MD5 Checksum:2e2786b05184aebe0803a534b6636612
 

 ///  Last 10 Files
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citectodbc-fivews.txt
  5. :· citect_scada_odbc.rb.txt
  6. :· flockweb-dos.txt
  7. :· google-chrome-dos4.txt
  8. :· google-download2.txt
  9. :· PLSA-2008-41.txt
  10. :· PLSA-2008-40.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· PLSA-2008-41.txt
  2. :· PLSA-2008-40.txt
  3. :· PLSA-2008-39.txt
  4. :· PLSA-2008-38.txt
  5. :· PLSA-2008-37.txt
  6. :· MDVSA-2008-188.txt
  7. :· glsa-200809-05.txt
  8. :· PLSA-2008-36.txt
  9. :· microworld-insecure.txt
  10. :· SSRT080119.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citect_scada_odbc.rb.txt
  5. :· flockweb-dos.txt
  6. :· google-chrome-dos4.txt
  7. :· google-download2.txt
  8. :· webcmsportal-blindsql.txt
  9. :· esfaq-sql.txt
  10. :· vastal-itechcosmetics.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· clamav-0.94.tar.gz
  2. :· distack-1.1.0-dev.tar.gz
  3. :· samhain-2.4.6.tar.gz
  4. :· sqlmap-0.6.tar.gz
  5. :· psbot.py.txt
  6. :· mimedefang-2.65.tar.gz
  7. :· advchk-2.11.tar.bz2
  8. :· kisgearth-0.01f.tar.bz2
  9. :· lynis-1.2.0.tar.gz
  10. :· fwknop-1.9.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· citectodbc-fivews.txt
  2. :· freebsd-revcon.txt
  3. :· insecurityoverview-samsung.pdf
  4. :· xcon2008-cfp.txt
  5. :· aslr-bypass.txt
  6. :· alphanumeric-shellcode.txt
  7. :· imagebase-shellcode.txt
  8. :· mysql-injection-newbies.txt
  9. :· draft-gont-opsec-ip-security-01.txt
  10. :· draft-ietf-tsvwg-port-randomization-02.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice