Curious Yellow v0.01 is example code for Fun and Games with FreeBSD Kernel modules. Contains examples for all the different kernel alteration methods plus several small tools that can also be used for detection and defense.
73f88d8d22fa2950f8a4357f7da33c328f20127b5742927ce21031e9f29ee484Fun and Games with FreeBSD Kernel Modules - Kernel hacking using kernel modules and kmem patching. Contains information on how to intercept system calls and other calls in the kernel by altering the corresponding call table. Also shows how to alter these tables by writing to kernel memory and gives an example of patching the kernel directly without the use of modules. Furthermore an example is given on how the symbol table in the kernel can be altered.
6db5555db57051ba93d1218a96282712e6bec0bee4d5f2277a0cc04f3e3b2771Format String Builder includes code and instructions for use of a program which aids in the creation of format string exploits. Includes fmtbuilder.c, a small program to help build the strings.
848aaf31d3d81b8a782d44737935a4b9fcbae59484032cc55cdd1d2a44e1e406This package contains all codes prepared for technical paper - UNIX Assembly Codes Development for Vulnerabilities Illustration Purposes. For every discussed processor architecture samples of various assembly components are included.
b198c0c0a17e1e73d1170ac01516e46602412eb03ffe85f6eeb00bf35c7ed193Unix Assembly Code Development for Vulnerabilities Illustration Purposes v1.02 - Covers IRIX / MIPS, Solaris, HP-UX, AIX, Ultrix, Linux, BeOS, and BSD. Includes system call invocation information, code specifics, "Zero free" code, ASM functionality, and examples.
62d2e8de6232b3ff6562e6a1ae2a27a030259d2647d85ffb2ae413a70b82d7e1Guidelines for C source code auditing - A basic reference containing some tips, approaches and methods for finding vulnerabilities in C code.
b51ef94c9808338490069713f8eb6404b9f0ffddb2612c40f2369d7c13b0a159Looking for Vulnerabilities - Our approach has been to look for a few common mistakes in programs (and scripts) of interest (mainly setuid, setgid programs and network servers). This paper focuses on unsafe temp files, unsafe environment, and buffer overflows.
f66499c4db19f49b5b6f1abda1969d8574ee7a5fbe0ed73010d9c2401d1d8dacMonitoring Networks Using ntop - How to monitor networks using the security tool ntop. Includes information on how to use it as a lightweight IDS.
8fab586e80d7808fa072e8c914fb00ef79573c88cc88de648f64595124e333e7Stealth Syscall Redirection - This article describes a technique of redirecting system calls without modifying the sys call table (implemented in Linux). This can be used to evade intrusion detection systems that use the sys call table to register redirected or trojaned system calls. The basic premise behind this attack is to modify the old system call code to jump to the new system call, thus control is transferred to the replacement system call and the sys call table is left untouched.
b65637f6eb6460d4d82d35adddf11e37ba7cdf38d977e6f9f161d95599528e70Open-Source Security Testing Methodology Manual - This is a document of Internet security testing methodology, a set of rules and guidelines for solid penetration testing, ethical hacking, and information security analysis including the use of open source testing tools for the standardization of security testing and the improvement of automated vulnerability testing tools.
13359705253cc0ddb86314504ce87e011dbd75e3d275187fc6074dabcfb1ae41This guide intends to teach the basics of buffer overflow to the average C programmer without the need for complex knowledge of assembly. Written with FreeBSD 4.2-Release in mind, but written for x86 *nix.
cb58a5e28f825f34f22a59c92b55d25701b5d23ebf652a924fb49ea2eaa8a82bDisassembling programs on Debian Linux 2.2 using gdb.
56d9a1c2e8443b0f76c19af756ecdda7c41fa869fa870e362ec15110a4a21e2bHow to exploit format string vulnerabilities - In Spanish.
d30ae54998bb2cc00f334b5bae58862608dc3f8d9da7dce9df01a7975c7a1cc0This paper describes how the StJude kernel module stops local and remote exploits from being successful. The Saint Jude model for improper privilege transitions terminates program execution when it is exploited even if the exploit is unknown.
32a264782ffbeb3b1d5ac2fe7295419e164d7bcced7404713c2fa709c85c1ee7Format Bugs - What they are, Where they came from, and How to exploit them. Users can often input format strings into printf and other statments, causing the stack to be overwritten. Includes code samples and debugger output.
a591a666146efb26ddfc36a8bc0226770a35257ba749a6efc8797ecf52f3289cPassive Fingerprinting is a method to learn more about the enemy, without them knowing it. Specifically, you can determine the operating system and other characteristics of the remote host using nothing more then sniffer traces. Though not 100% accurate, you can get surprisingly good results by looking at the TTL, TOS, Window Size, and DF bit. Includes information on changing your machines fingerprint on Linux and Solaris.
3de3522a3961606ab4ff30b515bb3831552e13e90fd72c8718c7d15a4adf6301Building a Bastion Host Using HP-UX 11 - Covers configuring HP-UX 10 and 11 to be a secure host, useful for firewall gateways, web servers, ftp servers, dns servers, mail hubs, and more.
d1b8db73a010afb5da4be15559a94e2c098a450abb5a26cce22234cd6db501d7IRIX Login Security - In this paper you will learn a bit about logins, and the seriousness of what could happen if you don't take certain precautions. You will have found out some options you can take with your logins, certain restrictions, and a lot more.
35daa4e31eadc2e9835852cb680f16c18c3d63d83c32a3c93afa078dcdfd4718Securing and Optimizing Red Hat Linux - This documentation is indispensable for peoples that want to get all advantage, security, and optimization of a Linux Server. Features Free/SWAN section, Quota configuration, Portsentry, Logcheck, section, improved firewall security approach, more system security tips and a lot other changes. This is the version 1.2 released the March 17, 2000.
21fedc3ff40715c9ab54627a93f618933543a9092dd9c93b1701b7e1865b8233What you don't know will hurt you - Remote information gathering. This paper outlines two models of information gathering . The first model is "noisy" where the attacker uses all known resources with little reguard for what footprints* might be left on the target. The second is "stealthy". Wherein the attacker uses methods and packages designed to subvert logging facilities on the target.
7ad6564fa61c83377ccb981bf858b6053af46d1c53f44d173b57428b2d0d38a9A little article on m68k buffer overflows + shellcode.
016422af06a4b1b382cf3adddd84f9422c208462d1ded6d338ac8ba2a3b63718Step by Step instructions for tunnelling IP through an SSL Proxy using two linux boxes, pppd, ipfwadm, and ppptcp-ssl.
0dea7e4d8de7848934326ba14c32424742eca07f1b208d21ec80e262ffbdfb8cThere exists a vulnerability with certain configurations of certain ftp daemons with which users with a valid ftp only acccount on a system may execute arbitrary commands (including binaries supplied by themselves). There also exists the possibilty that anonymous ftp users may execute arbitrar y commands (also including binaries supplied by themselves). While this vulnerability is entirely configuration dependent. The required configuration is rather common. Exploit information here.
223f01ce4e2ad4bdfbd09c6989851a84ceba7d1fbe6c4a85a5d5802a338bf787Attacking FreeBSD with Kernel Modules - The System Call Approach. System calls can be backdoored on FreeBSD much like they can on linux, and most linux kernel modules can easily be ported to FreeBSD. Includes information on intercepting system calls, filesystem related hacks, hiding files and contests, process related hacks, file execution redirection, tty hijacking, and module hiding.
99570c1f731fdefef35078cbb47958ca6d7efe7e113d0f5d14d4788fbf479ea0Beginners Guide to Linux + Easy Installation Guide version 1.1 - I'd bet some of the people reading this description are using Windows, and are afraid to install Unix on their computer for some reason. "Sure, Unix does all those cool things and has better security and most Unix programs are open-source, but what will happen if I'll screw up with the installation and delete my old copy of Windows?" Black Sun Research Facility presents - an easy to understand and simple installation guide for Redhat Linux and Mandrake Linux, the two most easiest-to-install distributions (although this tutorial is good for other common Linux distributions as well).
94cf75c7fd9dcca69ca84c58292ccd72ecd74d76665906368f284adf788ce5fb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed