Section: .. / groups / s0ftpj /
Disclaimers: s0ftpr0ject 99 is a security team founded in the summer of 1997. Its research team is fully dedicated to study, describe and resolve security problems related to the network and digital worlds. Tools and documentation available on this site are meant to be used only in order to improve your security and privacy, and not as a way to harm anybody. Any use of the available material that goes against the laws of any state is not condoned by s0ftpr0ject 99, which also cannot be held responsible for any misuse. s0ftpr0ject 99 absolutely dissociates itself from any cracking/hacking/phreaking group that may claim to be in any way collaborating with us. If YOU are going against the law, WE will never have any relation with you. Any remark should be addressed to staff@s0ftpj.org, and abuses reported immediately, with all the necessary informations, to abuse@s0ftpj.org. Also, due to recent facts happened in our country, we point out that we strictly dissociate from any terroristic or eversive groups and their destabilizing and highly deprecable actions. If you, the visitor, are somehow offended by the contents of the site, we ask you to leave this site immediately, and don't go on accessing, reading or downloading anything here. On the other hand, by accessing the main page, you agree with this disclaimer and must consider yourself responsible for any use you make of the informations contained inside. Also, who is currently hosting our page and our mirrors cannot be legally sued for its content.
|
| /// File Name: |
sniffjoke-0.1.tar.gz |
Description:
|
SniffJoke implements sniffer/IDS evasion techniques. SniffJoke runs on a network connected box by selectively applying evasion techniques to sessions involving it. Evasion application is governed by user rules and implemented with a netfilter/ulogd module.
| | Author: | vecna | | Homepage: | http://www.s0ftpj.org/ | | File Size: | 17426 | | Last Modified: | Mar 5 20:15:17 2007 |
| MD5 Checksum: | 3197b8ba5c32b72df0aaa5632ee21e2c |
|
| /// File Name: |
tcc.tar.gz |
Description:
|
TCP Congestion paper and proof of concept code - A vulnerability in the TCP protocol affects several OS's, allowing remote denial of service attacks. Includes a netfilter module which implements a new method of blocking the attack. More information on TCP congestion vulnerabilities available here
| | Author: | Vecna | | Homepage: | http://www.s0ftpj.org | | File Size: | 16191 | | Last Modified: | Jun 5 00:27:07 2002 |
| MD5 Checksum: | 2a15af964e5f1cb85f3ee252a0a64826 |
|
| /// File Name: |
pippa_v2.txt |
Description:
|
Network datapipe with interactive mode, support for proxy server socks (v4 or v5), logging facility and option to concatenate more pipes. Documentation: 'PiPPA v2', BFi4 (December 98). Linux/WinNT - perl source. Courtesy of soft project digital security for y2k.
| | File Size: | 15577 | | Last Modified: | Sep 23 15:04:43 1999 |
| MD5 Checksum: | 7b32f257dff84a1fed0e3f3ba03d07a1 |
|
| /// File Name: |
gtpa-0.12c.tar.gz |
Description:
|
Generic time path analysis via ttysnoop-0.12c patching.
| | Author: | vecna | | Homepage: | http://www.s0ftpj.org/ | | File Size: | 15474 | | Last Modified: | Mar 5 20:06:07 2007 |
| MD5 Checksum: | a2ebde4a8972189d7958d50c990d873f |
|
| /// File Name: |
kstat.tar.gz |
Description:
|
Kstat is a tool for Linux which can find an attacker in your system by a direct analysis of the kernel via /dev/kmem, bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). Kstat can find the syscalls which were modified by a LKM, list the linked LKMs, query one or all the network interfaces of the system, list all the processes and much more.
| | Author: | Fusys | | Homepage: | http://www.s0ftpj.org | | File Size: | 14523 | | Last Modified: | Jan 4 17:54:20 2001 |
| MD5 Checksum: | f6314c81beecea2df666f5c49f166c38 |
|
| /// File Name: |
kstat.tgz |
Description:
|
Kstat is a tool for Linux which is designed to find an attacker in your system by a direct analysis of the kernel through /dev/kmem and bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). Kstat can find the syscalls which were modified by a LKM, list the linked LKMs, query one or all the network interfaces of the system, list all the processes and much more.
| | Author: | Fusys | | Homepage: | http://www.s0ftpj.org | | File Size: | 14523 | | Last Modified: | Apr 16 22:38:16 2001 |
| MD5 Checksum: | f6314c81beecea2df666f5c49f166c38 |
|
| /// File Name: |
oMBRa.c |
Description:
|
Linux kernel 2.2.x implementation of the CaRoGNa 2.0.x module Secret technique of the divine HOKUHACKO school [ Hokuto No Ken rules ;)] Sacred Strike of the Modular Renewal that bumps root down.
| | Author: | FuSyS | | Homepage: | http://www.s0ftpj.org | | File Size: | 14069 | | Last Modified: | May 5 16:14:51 2000 |
| MD5 Checksum: | 42718d42c8967fcdf62650d647e4424a |
|
| /// File Name: |
apmislay-0.0.1.tar.gz |
Description:
|
Apmislay (avoid+privacy+mislay) is a library to make anonymous connections without performance loss. It implements a simple technique based on IP spoofing and suits well for file sharing systems or anonymous transfers of large amount of data.
| | Author: | vecna | | Homepage: | http://www.s0ftpj.org/ | | File Size: | 11575 | | Last Modified: | Mar 5 20:11:45 2007 |
| MD5 Checksum: | 47ff6423957a002a9659007df4312623 |
|
| /// File Name: |
SPJ-003-000.txt |
Description:
|
s0ftpr0ject Security Advisory 003-000: Remotely Exploitable Buffer Overflow in Sniffit. Possibly all systems running Sniffit (0.3.7beta and all versions logging mail headers). Successful attacks depend on being able to craft shellcodes so they can bypass input filter.
| | Author: | FuSyS | | Homepage: | http://www.s0ftpj.org | | File Size: | 11042 | | Last Modified: | May 3 18:15:59 2000 |
| MD5 Checksum: | c5083dca3fe64f7ab0a77d6906a7e0b4 |
|
| /// File Name: |
proscan.c |
Description:
|
ProScan: Tool to scan a LAN in order to find interfaces in PROMISC mode. It's accomplished by using non-standard queries. For linux. Courtesy of soft project digital security for y2k.
| | File Size: | 10662 | | Last Modified: | Sep 23 14:20:44 1999 |
| MD5 Checksum: | 5d59f3d45d2bb253e1663b8444c7a0e6 |
|
| /// File Name: |
knstat_freebsd.c |
Description:
|
This simple source code uses sysctlbyname() to fetch statistics for a protocol that you can use for security purposes or for kernel testing.
| | Author: | Pigpen. | | Homepage: | http://www.s0ftpj.org | | File Size: | 10616 | | Last Modified: | May 4 18:35:56 2000 |
| MD5 Checksum: | fbb0c43d5b6b7a83551bd7c3a6665bc7 |
|
| /// File Name: |
libvsk-1.0.tar.gz |
Description:
|
Libvsk is a set of libraries for network traffic manipulation from userlevel, with some functions of filtering/sniffing.
| | Author: | Vecna | | Homepage: | http://www.s0ftpj.org | | File Size: | 10569 | | Last Modified: | Jan 4 18:07:59 2001 |
| MD5 Checksum: | 03b859947702e03b90805a396d85183f |
|
| /// File Name: |
spj-004-000.txt |
Description:
|
S0ftpj Security Advisory SPJ-004-000 - Multiple remote CGI vulnerabilities in MailStudio2000. Users can view any file on the system, as well as execute commands remotely as root. Major search engines can be used to locate vulnerable hosts. Exploit descriptions included.
| | Author: | Fusys | | Homepage: | http://www.s0ftpj.org | | File Size: | 10078 | | Last Modified: | Jun 13 16:48:32 2000 |
| MD5 Checksum: | 8a9281a0c39e117d2596d7473d567816 |
|
| /// File Name: |
spapem.tar.gz |
Description:
|
The Spapem project aims to how how to elude securelevel under *BSD systems by hiding the fact that the system has been rebooted. Includes code to restore the PID, a LKM to change the uptime, a generic rootkit example, a module to remove startup messages, and instructions for patching init(8).
| | Author: | Vecna | | Homepage: | http://www.s0ftpj.org | | File Size: | 9833 | | Last Modified: | Apr 16 22:56:25 2001 |
| MD5 Checksum: | ff292eb12a32ff7f232049be335cb144 |
|
| /// File Name: |
LuCe.c |
Description:
|
Linux Loadable Kernel Module to keep an eye on the system, and add security 'on the fly' to a prexisting running box. Contains a simple implementation of BSD securelevels, while waiting for the official 'in-distro' arrival of Linux Capabilities [POSIX 1.e] in 2.4.x and strong ACLs.
| | Author: | FuSyS | | Homepage: | http://www.s0ftpj.org/bfi | | File Size: | 9785 | | Last Modified: | May 5 16:11:19 2000 |
| MD5 Checksum: | 6d45601756c7bd61466fd81365d98854 |
|
| /// File Name: |
carogna.c |
Description:
|
Loadable Kernel Module to hide in a system. It substitutes in 4kbytes a full rootkit. Only for 2.0.x kernels. Documentation: 'PR0GETT0 CAR0NTE - PARTE I' , BFi3 (Luglio 98); 'PR0GETT0 CAR0NTE - PARTE II' , BFi4 (December 98). Linux - LKM c source. Courtesy of soft project digital security for y2k.
| | File Size: | 8544 | | Last Modified: | Sep 23 15:04:06 1999 |
| MD5 Checksum: | 68ad39a66f1e0c78606c9fab4ea4fdc9 |
|
| /// File Name: |
ucp.c |
Description:
|
SMS Spoofing Tool - Spoof your SMS by using this code with smsclient.
| | Author: | Jack McKrak | | Homepage: | http://www.s0ftpj.org | | File Size: | 8394 | | Last Modified: | Jan 4 19:42:03 2001 |
| MD5 Checksum: | 4893e2044a30ac7a59927d15e527537e |
|
| /// File Name: |
SPJY2Ksniff.c |
Description:
|
Spjy2ksniff.c Network sniffer to operate passive attacks and find weaknesses in the protection of the traffic on your LAN. It uses the pcap(3) library to access to datalink level. Newbie (limited) version.
| | Author: | Fusys | | Homepage: | http://www.s0ftpj.org/en/tools.html | | File Size: | 8284 | | Last Modified: | Dec 31 08:14:14 1999 |
| MD5 Checksum: | 19f75dc1b51019435852a74dc7a79cfa |
|
| /// File Name: |
smonitor.tar.gz |
Description:
|
Syscall Monitor for FreeBSD - Using this tool you are allowed to monitor the use of the syscalls on your system and to prevent their execution for the specified users/groups.
| | Author: | Pigpen | | Homepage: | http://www.s0ftpj.org | | File Size: | 7682 | | Last Modified: | Jan 4 18:06:18 2001 |
| MD5 Checksum: | aeb3c22d03b85b81f229dea7e57eb14c |
|
| /// File Name: |
N0Sp00f.c |
Description:
|
Simple module to prevent lame people from using your box as a launch base for spoofed ip packets. Intercepts the socketcall() system call looking for the IP_HDRINCL parameter passed via setsockopt().
| | Author: | FuSyS | | Homepage: | http://www.s0ftpj.org | | File Size: | 7324 | | Last Modified: | May 5 16:12:47 2000 |
| MD5 Checksum: | d75f42fbe84717789145d2ac2bdf1c4c |
|
| /// File Name: |
sinto.c |
Description:
|
Sinto.c is an interactive tty hijacker for Linux.
| | Author: | Vecna | | Homepage: | http://www.s0ftpj.org | | File Size: | 7054 | | Last Modified: | Nov 29 03:03:02 2000 |
| MD5 Checksum: | a74319ef64630e2a3d3494dcd6f96e72 |
|
| /// File Name: |
udp_spoof_detect.c |
Description:
|
DETECT UDP SP00FiNG ON OUR FREEBSD BOX VIA KLD.
| | Author: | Pigpen. | | Homepage: | http://www.s0ftpj.org | | File Size: | 6943 | | Last Modified: | May 4 18:36:17 2000 |
| MD5 Checksum: | 60ca24d54f0af45281bd803a2872f1bb |
|
| /// File Name: |
rst.c |
Description:
|
RST: RST Storm: destroys TCP links. For linux. Courtesy of soft project digital security for y2k.
| | File Size: | 6852 | | Last Modified: | Sep 23 14:20:53 1999 |
| MD5 Checksum: | 46ebace20f456b086e3c6e21d0d82d3f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
