«
Expand/Collapse
225 items tagged "packet"
Related tags:
zero [+],
tar bz2 [+],
tar [+],
smb [+],
samba [+],
memory corruption [+],
random port [+],
pkd [+],
kernel module [+],
ipt [+],
tool [+],
mandriva linux [+],
denial of service [+],
zero day [+],
server authentication [+],
security vulnerabilities [+],
packet generator [+],
november [+],
january [+],
independent network [+],
hyenae [+],
february [+],
f22 raptor [+],
december [+],
based buffer overflow [+],
attack [+],
packet storm [+],
exploits [+],
t50 [+],
sukhoi [+],
stress testing [+],
service vulnerability [+],
scapy [+],
random bytes [+],
python interpreter [+],
pak [+],
network discovery tool [+],
manipulation tool [+],
chaos communication congress [+],
storm [+],
service [+],
packet trace [+],
new [+],
linux security [+],
april [+],
aircrack [+],
version [+],
travis goodspeed [+],
stealth scan [+],
stack buffer [+],
server [+],
september [+],
security advisory [+],
request function [+],
port tcp [+],
packet type [+],
packet storm security [+],
packet size [+],
op code [+],
message packet [+],
may [+],
march [+],
mandriva [+],
manager. authentication [+],
mac os x [+],
mac os [+],
mac [+],
lowpan [+],
license server [+],
june [+],
july [+],
jdenet [+],
jd edwards [+],
injection [+],
indefinite periods [+],
file [+],
emc documentum [+],
documentum eroom [+],
dissector [+],
day [+],
concept application [+],
code [+],
buffer overflow vulnerability [+],
buffer [+],
authorization mechanism [+],
august [+],
application [+],
academic proof [+],
Newbie [+],
Area [+],
network [+],
packetfence [+],
network access control [+],
nac system [+],
large heterogeneous networks [+],
x widget [+],
wep wpa [+],
wep [+],
vulnerable version [+],
usa [+],
traffic [+],
time [+],
tiger [+],
tcp traffic [+],
tar gz [+],
table [+],
rlc [+],
remote computer [+],
radio interference [+],
radio [+],
qos [+],
protocol stacks [+],
protocol [+],
program [+],
pip [+],
packetstormsecurity [+],
packet data services [+],
october [+],
news [+],
nbsp [+],
name [+],
microseconds [+],
malformed [+],
magic packet [+],
icmp [+],
harald welte [+],
eapol [+],
dns resolution [+],
dns [+],
defect [+],
data packet [+],
covert channel [+],
checksum [+],
buffer overflow attack [+],
bind [+],
authoritative servers [+],
and [+],
aircrack ng [+],
Wireless [+],
Software [+],
Fixes [+],
Bugs [+],
BackTrack [+],
transparent proxying [+],
network address translation [+],
iptables [+],
xxx [+],
wireless lan cards [+],
wireless lan card [+],
winlog [+],
wi fi [+],
whay [+],
wep key cracking [+],
vmware [+],
united states [+],
texas instruments pci 1410 [+],
texas [+],
test [+],
t shirts [+],
spa [+],
sony vaio vgn [+],
sniffing [+],
slides [+],
sip [+],
single [+],
sending [+],
security models [+],
security [+],
sans [+],
read [+],
protest [+],
programming microcontrollers [+],
problme [+],
problem [+],
privilege escalation vulnerability [+],
open source tool [+],
open [+],
networking [+],
network traffic [+],
network stress [+],
network packet [+],
marvell yukon 88e8036 [+],
local privilege escalation [+],
linux wireless [+],
linux tools [+],
laws murky [+],
lan [+],
kismet [+],
joey bernard [+],
isp internet service [+],
internet telephony service providers [+],
internet telephony service [+],
internet control message protocol [+],
injector [+],
ibm t61 [+],
hacks [+],
hacking [+],
goodfet [+],
gation [+],
free software updates [+],
filter rules [+],
filter [+],
fil [+],
experimental [+],
dos vulnerability [+],
debugger [+],
datapacket [+],
crack [+],
controller. my [+],
codecs [+],
cisco telepresence [+],
cisco security advisory [+],
cisco security [+],
cisco ios [+],
cisco aironet [+],
cisco [+],
cant remeber [+],
bugtraq [+],
black hat [+],
authentication request [+],
authentication [+],
apple ios [+],
advisory [+],
act two [+],
Tools [+],
Technologies [+],
Release [+],
Metrics [+],
linux [+],
tgz [+],
archive [+],
vulnerability [+],
iptables firewall [+],
wireshark [+]
-
-
19:53
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2012-080 - It may be possible to make Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
-
19:53
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2012-080 - It may be possible to make Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
-
19:53
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2012-080 - It may be possible to make Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
-
-
19:25
»
Packet Storm Security Misc. Files
This archive contains all of the 310 exploits added to Packet Storm in April, 2012.
-
-
18:08
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
18:08
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
18:08
»
Packet Storm Security Misc. Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
11:13
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
11:13
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
11:13
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
21:32
»
SecDocs
Authors:
Harald Welte Tags:
GSM phone Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Almost everyone uses the packet oriented transmission modes of cellular networks. However, unlike TCP/IP, Ethernet and Wifi, not many members of the hacker commnunity are familiar with the actual protocol stack for those services. This talk is aimed to give an in-depth explanation how the lower layer protocols on the air and wired interfaces for packet data services in cellular networks are structured. For 2.5/2.75G, this includes RLC/MAC, NS, BSSGP, LLC, SNDCP, GTP For 3G/3.5G, this includes RRC, RLC, PDCP, NBAP, RANAP
-
21:32
»
SecDocs
Authors:
Harald Welte Tags:
GSM phone Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Almost everyone uses the packet oriented transmission modes of cellular networks. However, unlike TCP/IP, Ethernet and Wifi, not many members of the hacker commnunity are familiar with the actual protocol stack for those services. This talk is aimed to give an in-depth explanation how the lower layer protocols on the air and wired interfaces for packet data services in cellular networks are structured. For 2.5/2.75G, this includes RLC/MAC, NS, BSSGP, LLC, SNDCP, GTP For 3G/3.5G, this includes RRC, RLC, PDCP, NBAP, RANAP
-
-
20:59
»
Packet Storm Security Recent Files
This whitepaper discusses using ICMP as a covert tunnel for traffic. An example of this technique is tunneling complete TCP traffic over ping requests and replies. More technically it works by injecting arbitrary data into an echo packet sent to a remote computer. The remote computer replies in the same manner, injecting an answer into another ICMP packet and sending it back.
-
20:59
»
Packet Storm Security Misc. Files
This whitepaper discusses using ICMP as a covert tunnel for traffic. An example of this technique is tunneling complete TCP traffic over ping requests and replies. More technically it works by injecting arbitrary data into an echo packet sent to a remote computer. The remote computer replies in the same manner, injecting an answer into another ICMP packet and sending it back.
-
-
21:55
»
SecDocs
Authors:
Travis Goodspeed Tags:
wireless WiFi Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: New to 2011, Packet-in-Packet exploits allow for injection of raw radio frames into remote wireless networks. In these exploits, an attacker crafts a string that when transmitted over the air creates the symbols of a complete and valid radio packet. When radio interference damages the beginning of the outer packet, the receiver is tricked into seeing only the inner packet, allowing a frame to be remotely injected. The attacker requires no radio, and injection occurs without a software or hardware bug. This lecture presents the first implementation of Packet-in-Packet injection for 802.11B, allowing malicious PHY-Layer frames to be remotely injected. The attack is standards-compliant and compatible with all vendors and drivers. Unlike the simpler implementations for 802.15.4 and 2FSK, 802.11B presents a number of unique challenges to the PIP implementer. A single packet can use up to three symbol sets and three data-rates, switching rates once within the header and a second time for the beginning of the body. Additionally, a 7-bit scrambler randomizes the encoding of each packet, so the same string of text can be represented 128 different ways at the exact same rate and encoding. This lecture presents the first implementation of Packet-in-Packet injection for 802.11B, allowing malicious PHY-Layer frames to be remotely injected. The attack is standards-compliant and compatible with all vendors and drivers. As a demo, we intend to present a malicious string which can be embedded in any file with lots of slack space, such as an ISO image. When this image is downloaded over HTTP on 802.11B, beacon frames will be injected. For the demo, we will be injecting the SSID stack buffer overflow frames from Uninformed Volume 6.
-
-
21:27
»
SecDocs
Authors:
Travis Goodspeed Tags:
wireless WiFi Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: New to 2011, Packet-in-Packet exploits allow for injection of raw radio frames into remote wireless networks. In these exploits, an attacker crafts a string that when transmitted over the air creates the symbols of a complete and valid radio packet. When radio interference damages the beginning of the outer packet, the receiver is tricked into seeing only the inner packet, allowing a frame to be remotely injected. The attacker requires no radio, and injection occurs without a software or hardware bug. This lecture presents the first implementation of Packet-in-Packet injection for 802.11B, allowing malicious PHY-Layer frames to be remotely injected. The attack is standards-compliant and compatible with all vendors and drivers. Unlike the simpler implementations for 802.15.4 and 2FSK, 802.11B presents a number of unique challenges to the PIP implementer. A single packet can use up to three symbol sets and three data-rates, switching rates once within the header and a second time for the beginning of the body. Additionally, a 7-bit scrambler randomizes the encoding of each packet, so the same string of text can be represented 128 different ways at the exact same rate and encoding. This lecture presents the first implementation of Packet-in-Packet injection for 802.11B, allowing malicious PHY-Layer frames to be remotely injected. The attack is standards-compliant and compatible with all vendors and drivers. As a demo, we intend to present a malicious string which can be embedded in any file with lots of slack space, such as an ISO image. When this image is downloaded over HTTP on 802.11B, beacon frames will be injected. For the demo, we will be injecting the SSID stack buffer overflow frames from Uninformed Volume 6.
-
-
22:04
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:04
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:04
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:06
»
Packet Storm Security Advisories
Onapsis Security Advisory - If a "Message packet" is sent to the JDENet port (6015 by default) containing a specially crafted "File Packet", the sent file is saved in the server where the JDENet service is running, in the arbitrary location specified by the "File Packet".
-
20:06
»
Packet Storm Security Recent Files
Onapsis Security Advisory - If a "Message packet" is sent to the JDENet port (6015 by default) containing a specially crafted "File Packet", the sent file is saved in the server where the JDENet service is running, in the arbitrary location specified by the "File Packet".
-
20:06
»
Packet Storm Security Misc. Files
Onapsis Security Advisory - If a "Message packet" is sent to the JDENet port (6015 by default) containing a specially crafted "File Packet", the sent file is saved in the server where the JDENet service is running, in the arbitrary location specified by the "File Packet".
-
-
19:35
»
Packet Storm Security Misc. Files
Cisco Security Advisory - Cisco NX-OS Software is affected by a denial of service (DoS) vulnerability that could cause Cisco Nexus 1000v, 5000, and 7000 Series Switches that are running affected versions of Cisco NX-OS Software to reload when the IP stack processes a malformed IP packet. Cisco has released free software updates that address this vulnerability.
-
-
16:43
»
Packet Storm Security Recent Files
ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
16:43
»
Packet Storm Security Tools
ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
16:43
»
Packet Storm Security Misc. Files
ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
-
17:49
»
Packet Storm Security Headlines
Packet Storm Security will be going dark in the next few hours as we join the protest against the Stop Online Privacy Act () and the PROTECT IP Act (), two pieces of United States legislation. We strongly feel that bills of this nature infringe upon privacy, break many security models and would cause great harm to the Internet community. These bills appear to be created by people who do not understand how technology works and their power to influence fiscally through lobbies and other means may cause serious harm to the future. We ask our readers to help the greater good by sending an email to your representatives through the . We also ask that you read the EFF article . - Packet Storm Security Staff
-
-
16:23
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
16:23
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
16:23
»
Packet Storm Security Misc. Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
22:47
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:47
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:47
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
11:31
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-351 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wellintek KingView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code inside nettransdll.dll. The parent service is called HistoryServer.exe and listens on port 777. When a packet with op-code 3 is received, the service allocates memory from the heap based on the 10th and 11th bytes of the packet (element count). Packet data is then copied into the allocated buffer based on the first two bytes of the packet (packet size). These values can be manipulated to create a heap overflow and and attacker can exploit this to remotely execute arbitrary code in the context of the service (Local System).
-
11:31
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-351 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wellintek KingView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code inside nettransdll.dll. The parent service is called HistoryServer.exe and listens on port 777. When a packet with op-code 3 is received, the service allocates memory from the heap based on the 10th and 11th bytes of the packet (element count). Packet data is then copied into the allocated buffer based on the first two bytes of the packet (packet size). These values can be manipulated to create a heap overflow and and attacker can exploit this to remotely execute arbitrary code in the context of the service (Local System).
-
11:31
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-351 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wellintek KingView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code inside nettransdll.dll. The parent service is called HistoryServer.exe and listens on port 777. When a packet with op-code 3 is received, the service allocates memory from the heap based on the 10th and 11th bytes of the packet (element count). Packet data is then copied into the allocated buffer based on the first two bytes of the packet (packet size). These values can be manipulated to create a heap overflow and and attacker can exploit this to remotely execute arbitrary code in the context of the service (Local System).
-
-
17:22
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
17:22
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
17:22
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
21:44
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
21:44
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
21:44
»
Packet Storm Security Misc. Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
17:36
»
Packet Storm Security Recent Files
This archive contains all of the 229 exploits added to Packet Storm in October, 2011.
-
-
16:04
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
16:04
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
16:04
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
12:35
»
Packet Storm Security Recent Files
Packet Storm Widget is a Mac OS X widget that allows users to see all latest news from packetstormsecurity.org. A user can choose between different kind of news to see: All of the Latest Content, Latest News, Latest Files, Latest 0 Days, Latest Vulnerabilities and Latest Exploits. This allows a user to always keep up to date on their favorite security topics. Please note that this was *not* created by Packet Storm Security and questions should be directed to the author. This should run on Leopard, Snow Leopard, Lion and Tiger.
-
12:35
»
Packet Storm Security Misc. Files
Packet Storm Widget is a Mac OS X widget that allows users to see all latest news from packetstormsecurity.org. A user can choose between different kind of news to see: All of the Latest Content, Latest News, Latest Files, Latest 0 Days, Latest Vulnerabilities and Latest Exploits. This allows a user to always keep up to date on their favorite security topics. Please note that this was *not* created by Packet Storm Security and questions should be directed to the author. This should run on Leopard, Snow Leopard, Lion and Tiger.
-
-
22:55
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:55
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:55
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:55
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
19:43
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-244 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Flexera Software Flexnet License Server Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the lmadmin component which listens by default on TCP port 27000 (this can vary however if the port is in use). When handling a packet type having the opcode 0x2f the process trusts a user provided value when calculating the bytes remaining in the packet. Using this tainted remaining length value the process then copies packet data into a buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the lmadmin user.
-
19:43
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-244 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Flexera Software Flexnet License Server Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the lmadmin component which listens by default on TCP port 27000 (this can vary however if the port is in use). When handling a packet type having the opcode 0x2f the process trusts a user provided value when calculating the bytes remaining in the packet. Using this tainted remaining length value the process then copies packet data into a buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the lmadmin user.
-
19:43
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-244 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Flexera Software Flexnet License Server Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the lmadmin component which listens by default on TCP port 27000 (this can vary however if the port is in use). When handling a packet type having the opcode 0x2f the process trusts a user provided value when calculating the bytes remaining in the packet. Using this tainted remaining length value the process then copies packet data into a buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the lmadmin user.
-
-
19:45
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-236 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Documentum eRoom Indexing Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bundled implementation of OpenText's HummingBird Connector. When parsing a particular packet received from a TCP connection, the application will attempt to copy part of the packet's contents into a buffer located on the stack. Due to not completely accommodating for the size of the data in the packet, the application will overwrite variables positioned after the buffer. This can lead to code execution under the context of the server.
-
19:45
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-236 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Documentum eRoom Indexing Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bundled implementation of OpenText's HummingBird Connector. When parsing a particular packet received from a TCP connection, the application will attempt to copy part of the packet's contents into a buffer located on the stack. Due to not completely accommodating for the size of the data in the packet, the application will overwrite variables positioned after the buffer. This can lead to code execution under the context of the server.
-
19:45
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-236 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Documentum eRoom Indexing Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bundled implementation of OpenText's HummingBird Connector. When parsing a particular packet received from a TCP connection, the application will attempt to copy part of the packet's contents into a buffer located on the stack. Due to not completely accommodating for the size of the data in the packet, the application will overwrite variables positioned after the buffer. This can lead to code execution under the context of the server.
-
-
14:58
»
Packet Storm Security Recent Files
A defect in the affected BIND 9 versions allows an attacker to remotely cause the "named" process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured within named.conf or by disabling any features at compile-time or run-time. A remote attacker would need to be able to send a specially crafted packet directly to a server running a vulnerable version of BIND. There is also the potential for an indirect attack via malware that is inadvertently installed and run, where infected machines have direct access to an organization's nameservers. Versions affected are 9.6.3, 9.6-ESV-R4, 9.6-ESV-R4-P1, 9.6-ESV-R5b1 9.7.0, 9.7.0-P1, 9.7.0-P2, 9.7.1, 9.7.1-P1, 9.7.1-P2, 9.7.2, 9.7.2-P1, 9.7.2-P2, 9.7.2-P3, 9.7.3, 9.7.3-P1, 9.7.3-P2, 9.7.4b1 9.8.0, 9.8.0-P1, 9.8.0-P2, 9.8.0-P3, and 9.8.1b1.
-
14:58
»
Packet Storm Security Misc. Files
A defect in the affected BIND 9 versions allows an attacker to remotely cause the "named" process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured within named.conf or by disabling any features at compile-time or run-time. A remote attacker would need to be able to send a specially crafted packet directly to a server running a vulnerable version of BIND. There is also the potential for an indirect attack via malware that is inadvertently installed and run, where infected machines have direct access to an organization's nameservers. Versions affected are 9.6.3, 9.6-ESV-R4, 9.6-ESV-R4-P1, 9.6-ESV-R5b1 9.7.0, 9.7.0-P1, 9.7.0-P2, 9.7.1, 9.7.1-P1, 9.7.1-P2, 9.7.2, 9.7.2-P1, 9.7.2-P2, 9.7.2-P3, 9.7.3, 9.7.3-P1, 9.7.3-P2, 9.7.4b1 9.8.0, 9.8.0-P1, 9.8.0-P2, 9.8.0-P3, and 9.8.1b1.
-
-
6:08
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
6:08
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
6:08
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
7:08
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
7:08
»
Packet Storm Security Misc. Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
9:01
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
9:01
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
9:01
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
10:41
»
Packet Storm Security Recent Files
T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.
-
10:41
»
Packet Storm Security Tools
T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.
-
-
16:45
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-136 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Directory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in how ibmslapd.exe handles LDAP CRAM-MD5 packets. ibmslapd.exe listens by default on port TCP 389. When the process receives an LDAP CRAM-MD5 packet, it uses libibmldap.dll to handle the allocation of a buffer for the packet data. A specially crafted packet can cause the ber_get_int function to allocate a buffer that is too small to fit the packet data, causing a subsequent stack-based buffer overflow. This can be leveraged by a remote attacker to execute arbitrary code under the context of the SYSTEM user.
-
16:45
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-136 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Directory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in how ibmslapd.exe handles LDAP CRAM-MD5 packets. ibmslapd.exe listens by default on port TCP 389. When the process receives an LDAP CRAM-MD5 packet, it uses libibmldap.dll to handle the allocation of a buffer for the packet data. A specially crafted packet can cause the ber_get_int function to allocate a buffer that is too small to fit the packet data, causing a subsequent stack-based buffer overflow. This can be leveraged by a remote attacker to execute arbitrary code under the context of the SYSTEM user.
-
16:45
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-136 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Directory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in how ibmslapd.exe handles LDAP CRAM-MD5 packets. ibmslapd.exe listens by default on port TCP 389. When the process receives an LDAP CRAM-MD5 packet, it uses libibmldap.dll to handle the allocation of a buffer for the packet data. A specially crafted packet can cause the ber_get_int function to allocate a buffer that is too small to fit the packet data, causing a subsequent stack-based buffer overflow. This can be leveraged by a remote attacker to execute arbitrary code under the context of the SYSTEM user.
-
-
15:30
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
15:30
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
15:30
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
8:51
»
Packet Storm Security Recent Files
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
-
8:51
»
Packet Storm Security Tools
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
-
8:51
»
Packet Storm Security Misc. Files
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
-
-
7:25
»
Packet Storm Security Recent Files
SimpleSPA is an application that consists of a single packet authorization mechanism designed for the purpose of hiding semi-public services like a SSH server. There is a server side (Linux only) and a client side (Windows and Linux). This application is similar to FWKnop and more of an academic/proof of concept application as opposed to a full blown commercial quality application. involves a client that creates a packet with a payload encrypted with the public half of two different RSA keys. The idea is that one key would be shared by all users and it would encrypt the user name of the individual. A second key specific to each individual user would encrypt a pre-shared key (just any old string, nothing secret about it really) and a timestamp (to counter replay attacks). The server would receive this packet and decrypt this first half of the packet, which would give us the user name of the person sending the packet. The server would then know which user specific second key to use to decrypt the pre-shared key and time stamp to evaluate them for acceptability. If all is good, then the server would open up a port for the semi-public service we were trying to conceal for a brief amount of time to allow for a connection to be made. PDF included that explains everything. Written in Java.
-
7:25
»
Packet Storm Security Tools
SimpleSPA is an application that consists of a single packet authorization mechanism designed for the purpose of hiding semi-public services like a SSH server. There is a server side (Linux only) and a client side (Windows and Linux). This application is similar to FWKnop and more of an academic/proof of concept application as opposed to a full blown commercial quality application. involves a client that creates a packet with a payload encrypted with the public half of two different RSA keys. The idea is that one key would be shared by all users and it would encrypt the user name of the individual. A second key specific to each individual user would encrypt a pre-shared key (just any old string, nothing secret about it really) and a timestamp (to counter replay attacks). The server would receive this packet and decrypt this first half of the packet, which would give us the user name of the person sending the packet. The server would then know which user specific second key to use to decrypt the pre-shared key and time stamp to evaluate them for acceptability. If all is good, then the server would open up a port for the semi-public service we were trying to conceal for a brief amount of time to allow for a connection to be made. PDF included that explains everything. Written in Java.
-
7:25
»
Packet Storm Security Misc. Files
SimpleSPA is an application that consists of a single packet authorization mechanism designed for the purpose of hiding semi-public services like a SSH server. There is a server side (Linux only) and a client side (Windows and Linux). This application is similar to FWKnop and more of an academic/proof of concept application as opposed to a full blown commercial quality application. involves a client that creates a packet with a payload encrypted with the public half of two different RSA keys. The idea is that one key would be shared by all users and it would encrypt the user name of the individual. A second key specific to each individual user would encrypt a pre-shared key (just any old string, nothing secret about it really) and a timestamp (to counter replay attacks). The server would receive this packet and decrypt this first half of the packet, which would give us the user name of the person sending the packet. The server would then know which user specific second key to use to decrypt the pre-shared key and time stamp to evaluate them for acceptability. If all is good, then the server would open up a port for the semi-public service we were trying to conceal for a brief amount of time to allow for a connection to be made. PDF included that explains everything. Written in Java.
-
-
12:00
»
Hack a Day
Here’s a chance to learn a little bit about network security. This article walks us through some of the core concepts of network manipulation and packet sniffing using Linux tools. [Joey Bernard] discusses the uses for packages like tcpdump, p0f, and dsniff. They are capable of recording all network traffic coming through your computer’s connection, seeking out machines installed [...]
-
-
20:27
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:27
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:27
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
12:01
»
Packet Storm Security Recent Files
T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.
-
12:01
»
Packet Storm Security Tools
T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.
-
12:01
»
Packet Storm Security Misc. Files
T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.
-
-
11:22
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
11:22
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
11:22
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
15:51
»
Packet Storm Security Recent Files
Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
-
15:51
»
Packet Storm Security Tools
Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
-
15:51
»
Packet Storm Security Misc. Files
Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
-
-
16:19
»
Packet Storm Security Recent Files
Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
-
16:19
»
Packet Storm Security Tools
Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
-
16:19
»
Packet Storm Security Misc. Files
Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
-
-
22:01
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
22:01
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
20:30
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
7:56
»
Wirevolution
The term “QoS” is used ambiguously. The two main categories of definition are first, QoS Provisioning: “the capability of a network to provide better service to selected network traffic,” which means packet prioritization of one kind or another, and second more literally: “Quality of Service,” which is the degree of perfection of a user’s audio experience in the face of potential impairments to network performance. These impairments fall into four categories: availability, packet loss, packet delay and tampering. Since this sense is normally used in the context of trying to measure it, we could call it QoS Metrics as opposed to QoS Provisioning. I would put issues like choice of codec and echo into the larger category of Quality of Experience, which includes all the possible impairments to audio experience, not just those imposed by the network.
By “tampering” I mean any intentional changes to the media payload of a packet, and I am OK with the negative connotations of the term since I favor the “dumb pipes” view of the Internet. On phone calls the vast bulk of such tampering is transcoding: changing the media format from one codec to another. Transcoding always reduces the fidelity of the sound, even when transcoding to a “better” codec.
Networks vary greatly in the QoS they deliver. One of the major benefits of going with VoIP service provided by your ISP (Internet Service Provider) is that your ISP has complete control over QoS. But there is a growing number of ITSPs (Internet Telephony Service Providers) that contend that the open Internet provides adequate QoS for business-grade telephone service. Skype, for example.
But it’s nice to be sure. So I have added a “QoS Metrics” category in the list to the right of this post. You can use the tools there to check your connection. I particularly like the one from Voxygen, which frames the test results in terms of the number of simultaneous voice sessions that your WAN connection can comfortably handle. Here’s an example of a test of ten channels:
-
-
22:01
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-204 - The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081.
-
22:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-204 - The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081.
-
-
19:01
»
Packet Storm Security Misc. Files
ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
-
10:01
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
10:01
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
10:03
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
22:51
»
Packet Storm Security Tools
Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible interesting (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data.
-
-
11:02
»
Packet Storm Security Misc. Files
ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
11:02
»
Packet Storm Security Recent Files
ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
-
9:44
»
remote-exploit & backtrack
Bonjour :)
Mon probléme est simple. Je veux cracké un wifi en WEP (numericable) et sa normalement sa me pose aucun probléme (surtout avec les numericable :p ) sauf certaines box qui s'obstine à ne jamais rien vouloir envoyé comme packet.
Je suis donc à la recherche d'une technique ou d'un logiciel ou quelque chose qui serai capable de forcer la box à se bouger le cul et à envoyer quelques petit mais précieux packet.
Merci d'avance pour votre aide
Bisous ;)
-
-
23:00
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-107 - The server failed to check the table name argument of a COM_FIELD_LIST command packet for validity and compliance to acceptable table name standards. This could be exploited to bypass almost all forms of checks for privileges and table-level grants by providing a specially crafted table name argument to COM_FIELD_LIST. The server could be tricked into reading packets indefinitely if it received a packet larger than the maximum size of one packet. The server was susceptible to a buffer-overflow attack due to a failure to perform bounds checking on the table name argument of a COM_FIELD_LIST command packet. By sending long data for the table name, a buffer is overflown, which could be exploited by an authenticated user to inject malicious code. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. The updated packages have been patched to correct these issues.
-
23:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-107 - The server failed to check the table name argument of a COM_FIELD_LIST command packet for validity and compliance to acceptable table name standards. This could be exploited to bypass almost all forms of checks for privileges and table-level grants by providing a specially crafted table name argument to COM_FIELD_LIST. The server could be tricked into reading packets indefinitely if it received a packet larger than the maximum size of one packet. The server was susceptible to a buffer-overflow attack due to a failure to perform bounds checking on the table name argument of a COM_FIELD_LIST command packet. By sending long data for the table name, a buffer is overflown, which could be exploited by an authenticated user to inject malicious code. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. The updated packages have been patched to correct these issues.
-
-
0:00
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
0:00
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
22:00
»
Packet Storm Security Tools
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
-
22:00
»
Packet Storm Security Recent Files
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
-
-
22:00
»
Packet Storm Security Tools
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
-
22:00
»
Packet Storm Security Recent Files
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
-
-
22:44
»
Packet Storm Security Recent Files
This archive contains all of the 424 exploits added to Packet Storm in March, 2010.
-
-
15:09
»
remote-exploit & backtrack
I am looking at doing some wep key cracking on my own system because I do small networking jobs and have a lot of people ask me about the wep crack difficulty and security. I am mostly just looking to broaden my horizon a little. I have read it is really not that difficult and I have watched people do it via youtube and I have scanned this forum and the other backtrack forums. I have the steps down pretty good but I am unable to get it to work correctly and I do beleive I know the problem but not sure...
When I run a aireplay -ng --test I get a "packet Injection is working" and it will give me a percent, i am usually getting around a 50%. I am using a IBM t61 lenovo ( I cant remeber but i think it is a 4965?) thinking maybe possibly a driver problem??
Should I be getting a 100% on the test.. I usually install Netgear routers but I have installed a couple Linksys's also..
Thanks for you help in advance I hope that this an informative and fun place to be.. My luck on the other backtrack forum was not so fun..
nathan
-
-
5:27
»
remote-exploit & backtrack
in airodump-ng data packet is 1200000 And in aircrack-ng to me you show 508 ivs whay
-
-
17:00
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
17:00
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
13:00
»
Packet Storm Security Recent Files
This archive contains all of the 396 exploits added to Packet Storm in February, 2010.
-
13:00
»
Packet Storm Security Exploits
This archive contains all of the 396 exploits added to Packet Storm in February, 2010.
-
-
0:00
»
Packet Storm Security Exploits
The LWRES dissector in Wireshark version 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allows remote attackers to execute arbitrary code due to a stack-based buffer overflow. This bug found and reported by babi. This particular exploit targets the dissect_getaddrsbyname_request function. Several other functions also contain potentially exploitable stack-based buffer overflows. The Windows version (of 1.2.5 at least) is compiled with /GS, which prevents exploitation via the return address on the stack. Sending a larger string allows exploitation using the SEH bypass method. However, this packet will usually get fragmented, which may cause additional complications. NOTE: The vulnerable code is reached only when the packet dissection is rendered. If the packet is fragmented, all fragments must be captured and reassembled to exploit this issue. This version loops, sending the packet every X seconds until the job is killed.
-
-
17:00
»
Packet Storm Security Recent Files
The LWRES dissector in Wireshark version 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allows remote attackers to execute arbitrary code due to a stack-based buffer overflow. This bug found and reported by babi. This particular exploit targets the dissect_getaddrsbyname_request function. Several other functions also contain potentially exploitable stack-based buffer overflows. The Windows version (of 1.2.5 at least) is compiled with /GS, which prevents exploitation via the return address on the stack. Sending a larger string allows exploitation using the SEH bypass method. However, this packet will usually get fragmented, which may cause additional complications. NOTE: The vulnerable code is reached only when the packet dissection is rendered. If the packet is fragmented, all fragments must be captured and reassembled to exploit this issue.
-
17:00
»
Packet Storm Security Exploits
The LWRES dissector in Wireshark version 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allows remote attackers to execute arbitrary code due to a stack-based buffer overflow. This bug found and reported by babi. This particular exploit targets the dissect_getaddrsbyname_request function. Several other functions also contain potentially exploitable stack-based buffer overflows. The Windows version (of 1.2.5 at least) is compiled with /GS, which prevents exploitation via the return address on the stack. Sending a larger string allows exploitation using the SEH bypass method. However, this packet will usually get fragmented, which may cause additional complications. NOTE: The vulnerable code is reached only when the packet dissection is rendered. If the packet is fragmented, all fragments must be captured and reassembled to exploit this issue.
-
-
13:10
»
remote-exploit & backtrack
Hi there
i have a problem and i need some help... when i start nmap command like -T aggressive -sV -P0 or something like that my internet connections died directly...
NMAP SYS:
(SYN Stealth Scan Timing: About 35.17% done; ETC: 21:50 (0:03:15 remaining)
sendto in send_ip_packet: sendto(5, packet, 44, 0,xx.xx.xx.xx, 16) => Network is
unreachable
Offending packet: TCP xxx.xxx.xxx.xxx:xxxxx > xx.xx.xx.xx:xxxxS ttl=40 id=10530 ip
len=44 seq=859018994 win=1024 <mss 1460>
Sleeping 15 seconds then retrying )
i don't know why, but all goes down. I have Tenda N router and my laptop is sony vaio (VGN-SZ3XWP) with Ethernet: Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller. My question is what is the reason for doing this... To fix the problem i must shut down the router for a 20 seconds and after that work's fine.
-
-
17:00
»
Packet Storm Security Tools
ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
17:00
»
Packet Storm Security Recent Files
ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
1:37
»
remote-exploit & backtrack
when i was trying to scan my network , i need some help for the following hosts which were taking too much time,
Code:
msf > db_nmap -v -PN 11.68.2.*
Starting Nmap 4.60 at 2010-01-29 13:54 GMT
Initiating Parallel DNS resolution of 43 hosts. at 13:54
Completed Parallel DNS resolution of 43 hosts. at 13:54, 16.50s elapsed
Initiating SYN Stealth Scan at 13:54
Scanning 5 hosts [1715 ports/host]
Increasing send delay for 11.68.2.0 from 0 to 5 due to 11 out of 21 dropped probes since last increase.
Increasing send delay for 11.68.2.3 from 0 to 5 due to 11 out of 24 dropped probes since last increase.
SYN Stealth Scan Timing: About 1.47% done; ETC: 14:28 (0:33:47 remaining)
adjust_timeouts2: packet supposedly had rtt of 9534065 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8570036 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8570036 microseconds. Ignoring time.
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
Increasing send delay for 11.68.2.1 from 0 to 5 due to 11 out of 16 dropped probes since last increase.
Increasing send delay for 11.68.2.1 from 5 to 10 due to max_successful_tryno increase to 4
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
adjust_timeouts2: packet supposedly had rtt of 8651528 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8651528 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8799413 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8799413 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 9439597 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 9439597 microseconds. Ignoring time.
Increasing send delay for 11.68.2.1 from 10 to 20 due to max_successful_tryno increase to 5
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
adjust_timeouts2: packet supposedly had rtt of 8456311 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8456311 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8075286 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8075286 microseconds. Ignoring time.
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
adjust_timeouts2: packet supposedly had rtt of 10434435 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 10434435 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 9118916 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 9118916 microseconds. Ignoring time.
Increasing send delay for 11.68.2.1 from 20 to 40 due to max_successful_tryno increase to 6
Increasing send delay for 11.68.2.1 from 40 to 80 due to max_successful_tryno increase to 7
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
Quote:
|
Well as i told ,i was scanning my internal network ,i never scan in that ip (coz i change my internal ip while posting here ), and i made a mistake posting in bug fixes,rather than in different section, bcoz i was trying to post some bugs before in this section.
|
-
1:37
»
remote-exploit & backtrack
when i was trying to scan my network , i need some help for the following hosts which were taking too much time,
Code:
msf > db_nmap -v -PN 11.68.2.*
Starting Nmap 4.60 at 2010-01-29 13:54 GMT
Initiating Parallel DNS resolution of 43 hosts. at 13:54
Completed Parallel DNS resolution of 43 hosts. at 13:54, 16.50s elapsed
Initiating SYN Stealth Scan at 13:54
Scanning 5 hosts [1715 ports/host]
Increasing send delay for 11.68.2.0 from 0 to 5 due to 11 out of 21 dropped probes since last increase.
Increasing send delay for 11.68.2.3 from 0 to 5 due to 11 out of 24 dropped probes since last increase.
SYN Stealth Scan Timing: About 1.47% done; ETC: 14:28 (0:33:47 remaining)
adjust_timeouts2: packet supposedly had rtt of 9534065 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8570036 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8570036 microseconds. Ignoring time.
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
Increasing send delay for 11.68.2.1 from 0 to 5 due to 11 out of 16 dropped probes since last increase.
Increasing send delay for 11.68.2.1 from 5 to 10 due to max_successful_tryno increase to 4
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
adjust_timeouts2: packet supposedly had rtt of 8651528 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8651528 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8799413 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8799413 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 9439597 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 9439597 microseconds. Ignoring time.
Increasing send delay for 11.68.2.1 from 10 to 20 due to max_successful_tryno increase to 5
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
adjust_timeouts2: packet supposedly had rtt of 8456311 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8456311 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8075286 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 8075286 microseconds. Ignoring time.
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
adjust_timeouts2: packet supposedly had rtt of 10434435 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 10434435 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 9118916 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of 9118916 microseconds. Ignoring time.
Increasing send delay for 11.68.2.1 from 20 to 40 due to max_successful_tryno increase to 6
Increasing send delay for 11.68.2.1 from 40 to 80 due to max_successful_tryno increase to 7
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
Quote:
|
Well as i told ,i was scanning my internal network ,i never scan in that ip (coz i change my internal ip while posting here ), and i made a mistake posting in bug fixes,rather than in different section, bcoz i was trying to post some bugs before in this section.
|
-
-
21:08
»
SecDocs
Authors:
Travis Goodspeed Tags:
debugger debugging embedded Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: The GoodFET is an open source tool for programming microcontrollers and memories by SPI, I2C, JTAG, and a slew of vendor-proprietary protocols. In this lecture, the design of the GoodFET will be explained in detail, and various semi-proprietary protocols will be discussed in depth. Leading toward the future, methods of packet sniffing proprietary protocols will be discussed. Finally, the BadFET – a voltage glitching variant of the GoodFET – will be introduced. This lecture begins with a brief introduction to microcontroller debugging devices, along with packet captures of each. These include asynchronous serial (UART bootloaders), synchronous serial protocols (AVR ISP, Chipcon), and JTAG (MSP430, ARM). After these have been introduced, the talk continues by showing packet captures of each as implemented on the GoodFET. Attention is also paid to the security vulnerabilities of each debugging protocol, its access controls, and methods of circumventing those access controls. The GoodFET is the device that I used to break Chipcon's line of Zigbee SoC devices for BlackHat USA.
-
11:39
»
remote-exploit & backtrack
I am trying to crack my own WEP enabled AP, it's only plugged in to the wall and has no clients connected and no internet connection.
I seem to be having some problems with cracking of wep with no clients as I keep getting deauthentication packets when trying the fragmentation attack. I am using an ALFA AWUS0368H with the patched r8187 driver.
Start Airmon in monitor mode
Lock on to target AP
Send fake auth
Quote:
11:11:52 Sending Authentication Request (Open System) [ACK]
11:11:52 Authentication successful
11:11:52 Sending Association Request [ACK]
11:11:52 Association successful :-) (AID: 1)
|
Next I try the fragmentation attack
Quote:
Saving chosen packet in replay_src-0127-112629.cap
11:26:34 Data packet found!
11:26:34 Sending fragmented packet
11:26:35 No answer, repeating...
11:26:35 Trying a LLC NULL packet
11:26:35 Sending fragmented packet
11:26:37 No answer, repeating...
|
Then I try another packet:
Quote:
Saving chosen packet in replay_src-0127-112923.cap
11:29:33 Data packet found!
11:29:33 Sending fragmented packet
11:29:35 No answer, repeating...
11:29:35 Trying a LLC NULL packet
11:29:35 Sending fragmented packet
11:29:35 Got a deauthentication packet!
|
Then I try and reauth
Quote:
11:33:19 Sending Authentication Request (Open System) [ACK]
11:33:19 Authentication successful
11:33:19 Sending Association Request [ACK]
11:33:19 Got a deauthentication packet! (Waiting 3 seconds)
11:33:22 Sending Authentication Request (Open System)
11:33:24 Sending Authentication Request (Open System)
11:33:26 Sending Authentication Request (Open System) [ACK]
11:33:26 Authentication successful
11:33:26 Sending Association Request [ACK]
11:33:26 Got a deauthentication packet! (Waiting 5 seconds)
11:33:31 Sending Authentication Request (Open System)
11:33:33 Sending Authentication Request (Open System)
11:33:35 Sending Authentication Request (Open System) [ACK]
11:33:35 Authentication successful
11:33:35 Sending Association Request [ACK]
11:33:35 Association successful :-) (AID: 1)
|
-
-
18:01
»
remote-exploit & backtrack
Hello,
I was wondering if you could possibly help me, ive been reading for hours each day about deiver,chipsets,wireless lan cards etc ive done a search on the forum but to no avail, here goes..
I have an
INPROCONN IPN2220 wireless lan card.
And a
Realtek rtl8139/810 family fast ethernet NIC.
and pcmia adapter is
Texas instruments PCI-1410 cardbus controller.
Inside a toshiba L10 pro satellite.
Ive downloaded vmware workstation 7, backtrack 4 vmware image and aircrack. what i want to know is does my wireless lan support packet injection and monitor mode in windows? If not, does vmware support my wireless lan so i can inject packets in linux?
Thanks in advance!:):)
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant