devtarget.org

Downloads

Added by Sebastian, October 7th, 2006 @ 11:35 p.m.

Some code snippets, tools etc:

/// ServiceSpy v2:: A new release of Carsten's ServiceSpy tool to read and manipulate service ACLs on Microsoft Windows. Fixes an issue which sometimes prevented access to the service manager. Download the tool here. (format: .zip, author: Michael Domberg, platform: Microsoft Windows).

/// DarkPutty:: A patched version of the Putty ssh client which automatically accepts the hostkey of any server (so basically you can directly log into any server without previously accepting its hostkey). Quite useful in situations where you do not have access to a graphical interface. Download the tool here. (format: .exe, author: Michael Domberg/Carsten Koehler, platform: Microsoft Windows).

/// Old Shatterhand v2:: Michael's .NET implementation of shatter attacks on Microsoft Windows. Features input field activation/deactivation and buffer overflows. Download Old Shatterhand here. (format: .zip, author: Michael Domberg, platform: Microsoft Windows).

/// DarkPutty:: A patched version of the Putty ssh client which automatically accepts the hostkey of any server (so basically you can directly log into any server without previously accepting its hostkey). Quite useful in situations where you do not have access to a graphical interface. Download the tool here. (format: .exe, author: Michael Domberg/Carsten Koehler, platform: Microsoft Windows).

/// Exploit against ProFTPD 1.3.0 (with mod_ctrls enabled): Michael developed an exploit against ProFTPD 1.3.0 (with mod_ctrls enabled) on OpenSuSE 10.2 (x86). ProFTPD is vulnerable to a stack overflow in the function pr_ctrls_recv_request and thus allows local users to gain root privileges. The exploit connects to the Unix domain socket of ProFTPD and sends a string that is longer than the buffer (which has been defined as char[512]) resulting in arbitrary code execution. Download the exploit here. (format: .pl, author: Michael Domberg, platform: Linux).

/// Wednesday: Michael coded another a .NET-based application which can be used to send arbitrary data to a webserver using GET or POST requests. Download it here. (format: ZIP, author: Michael Domberg, platform: Microsoft Windows).

/// ShareSpy: Carsten implemented a tool to search a network segment for accessible Windows shares. You can get this command-line tool here. (format: EXE, author: Carsten Koehler, platform: Microsoft Windows).

/// DAVe (V3!): Michael implemented DAVe, a tool to enumerate and possibly exploit web servers via the Web-based Distributed Authoring and Versioning (Webdav) protocol. The graphical tool requires the .NET framework 1.1 and is available here. (format: EXE, author: Michael Domberg, platform: Microsoft Windows).

/// Service Spy (V3!): The third version of Carsten's tool for identifying weaknesses in Windows (file and service) ACL's and thus possibly escalate privileges to administrator level, output is created in .csv/.tsv format. The new version also allows scanning remote targets if a valid username/password pair is available (format: EXE, author: Carsten Koehler, platform: Microsoft Windows).

/// Tango: A beta version of a tool to perform MITM attacks on SMB connections. This tool is featured in issue 04/2007 of the hakin9 magazine.

/// SMBTickle: A dump of SMB connections used for developing the aforementioned tango.

/// Service Spy: A beta version of Carsten's implementation of a file and service ACL scanner for Windows which can be used to identify weaknesses in Windows ACL's and thus possibly escalate privileges to administrator level, output is created in .csv/.tsv (format: EXE, author: Carsten Koehler, platform: Microsoft Windows).

/// Ultimate netcat collection (well kind of), precompiled binaries: We have put together a collection of statically compiled version of netcat for various operating system that do include the -DGAPING_SECURITY_HOLE option. Hhhm, we wonder what that might be good for :-) Feel free to download the following binaries: Netcat for Linux/x86, Netcat for OpenBSD/x86, Netcat for NetBSD/x86, Netcat for Sun Solaris 9/SPARC, to come: Windows, Symbian etc. (local copy of netcat for Unix source code)...

/// Some Java crypto stuff (does not use the Java crypto API!): Some Java programs implementating (well trying to *g*) various crypto-related protocols and algorithms including Extended Euclid's algorithm, breaking RSA encryption, fermat's algorithm, generating n-bit primes using fermat's algorithm, Pollard-rho's algorithm to factor large numbers, cracking RSA using Pollard-rho's algorithm, the Miller-Rabin primality test and finally an implementation of RSA (module: Public Key Cryptography, format: JAVA, author: Sebastian Wolfgarten).



devtarget.org logo