Section: .. / groups / synnergy /
 .
|
| /// File Name: |
host-detection.doc |
Description:
|
Advanced Host Detection - Techniques To Validate Host-Connectivity. Security Engineers spend a tireless amount of effort to block and filter packet anomalies in an internetwork connected environment. Advanced host mapping bypasses many forms of intrusion detection systems, filters, and routers, essentially enabling an attacker to map and discover previously unknown firewalled hosts. Also available in PDF and TXT form.
| | Author: | Dethy | | Homepage: | http://www.synnergy.net | | File Size: | 145920 | | Last Modified: | Jan 15 22:21:59 2001 |
| MD5 Checksum: | 938010bc0d9b99eb9b35830b0f7a13e7 |
|
| /// File Name: |
portscan.pdf |
Description:
|
Examining port scan methods - Analyzing Audible Techniques. This paper attempts to enumerate a variety of ways to discover and map internal/external networks using signature-based packet replies and known protocol responses when scanning. Specifically, this document presents all known techniques used to determine open/closed ports on a host and ways an attacker may identify the network services running on arbitrary servers. Text version available here.
| | Author: | Dethy | | Homepage: | http://www.synnergy.net | | File Size: | 67383 | | Last Modified: | Jan 5 09:26:29 2001 |
| MD5 Checksum: | aa639e684a8e7913186faa5b0f7081b9 |
|
| /// File Name: |
host-detection.pdf |
Description:
|
Advanced Host Detection - Techniques To Validate Host-Connectivity. (PDF) Security Engineers spend a tireless amount of effort to block and filter packet anomalies in an internetwork connected environment. Advanced host mapping bypasses many forms of intrusion detection systems, filters, and routers, essentially enabling an attacker to map and discover previously unknown firewalled hosts. Also available in TXT and DOC form.
| | Author: | Dethy | | Homepage: | http://www.synnergy.net | | File Size: | 61012 | | Last Modified: | Jan 15 22:19:41 2001 |
| MD5 Checksum: | 2866b8e06c2e023af6d2353b6ac6c628 |
|
| /// File Name: |
host-detection.txt |
Description:
|
Advanced Host Detection - Techniques To Validate Host-Connectivity. Security Engineers spend a tireless amount of effort to block and filter packet anomalies in an internetwork connected environment. Advanced host mapping bypasses many forms of intrusion detection systems, filters, and routers, essentially enabling an attacker to map and discover previously unknown firewalled hosts. Also available in PDF and DOC form.
| | Author: | Dethy | | Homepage: | http://www.synnergy.net | | File Size: | 42776 | | Last Modified: | Jan 15 22:17:57 2001 |
| MD5 Checksum: | 29e1aa57dd7594aeb700b3e563f4579a |
|
| /// File Name: |
portscan.txt |
Description:
|
Examining port scan methods - Analyzing Audible Techniques. This paper attempts to enumerate a variety of ways to discover and map internal/external networks using signature-based packet replies and known protocol responses when scanning. Specifically, this document presents all known techniques used to determine open/closed ports on a host and ways an attacker may identify the network services running on arbitrary servers.
| | Author: | Dethy | | Homepage: | http://www.synnergy.net | | File Size: | 32573 | | Last Modified: | Jan 5 09:24:32 2001 |
| MD5 Checksum: | 4608dc43a219fc1243b13e3e1ca6f75d |
|
| /// File Name: |
bug-testing.txt |
Description:
|
The Importance of Bug Testing - Includes discussion of alpha / beta releases, the importance of bug testing, software development goals, software testing strategies, functional prototypes, designing test sets, defect testing, acceptance testing, and structural prototypes.
| | Author: | Dethy | | Homepage: | http://www.synnergy.net | | File Size: | 28150 | | Last Modified: | Oct 3 21:46:41 2000 |
| MD5 Checksum: | 93ccf43ca9128f73447bd47fe1fa89f1 |
|
| /// File Name: |
syn.jpg |
Description:
|
Synnergy Logo
| | File Size: | 20397 | | Last Modified: | Dec 10 06:17:49 1999 |
| MD5 Checksum: | 2e2bbb3a163530be6d329e216d48adec |
|
| /// File Name: |
obsd-ftpd.c |
Description:
|
OpenBSD v2.6 and 2.7 ftpd remote root exploit.
| | Author: | Scrippie | | Homepage: | http://www.synnergy.net | | File Size: | 20337 | | Last Modified: | Dec 24 06:59:47 2000 |
| MD5 Checksum: | 851ecd7cde4ff528736a6f54e5ea9649 |
|
| /// File Name: |
inebriation.c |
Description:
|
Inebriation.c is a local linux/x86 /bin/su + locale libc functions exploit which has been written in response to previous unreliable exploits for this vulnerability. It includes a perl wrapper to find the correct offset, can use GOT overwrites to evade stackguard, stackshield, and libsafe, uses clean overflow string creation, and has documentation and several other usability improvements.
| | Author: | Scrippie | | Homepage: | http://www.synnergy.net | | File Size: | 17156 | | Last Modified: | Oct 3 22:12:26 2000 |
| MD5 Checksum: | a4ea18e81fddb4c040951cf4232de56a |
|
| /// File Name: |
wais.pl.advisory.txt |
Description:
|
The wais.pl CGI written by Tony Sanders provides means to access the waisq WAIS client via the webserver. Waisq contains buffer overflows allowing remote code execution which can be exploited via wais.pl. In addition, files owned by nobody on the webserver can be overwritten with arbitrary content. Includes exploit for Linux/x86.
| | Author: | Scrippie | | Homepage: | http://www.synnergy.net | | File Size: | 13976 | | Last Modified: | Aug 14 19:36:58 2000 |
| MD5 Checksum: | 795f85e6d55de6d0878a8c35c77da7a9 |
|
| /// File Name: |
dtors.txt |
Description:
|
Overwriting the .dtors section - This paper presents a concise explanation of a technique to gain control of a C program's flow of execution given that it has been compiled with gcc. This exploit technique has several advantages over changing the stack pointer, including ease of determining the exact position where we want to write and point to our shellcode, and is simpler than a GOT patch.
| | Author: | Juan M. Bello Rivas | | Homepage: | http://www.synnergy.net | | File Size: | 10059 | | Last Modified: | Dec 13 04:53:04 2000 |
| MD5 Checksum: | f693cc32d668324c2205e77036aa3fd1 |
|
| /// File Name: |
sadmind-sun.brute.c |
Description:
|
Remote exploit for rpc.sadmind which brute forces the offset. Tested against Solaris X86 and SPARC v2.6 and 7.0.
| | Author: | Nikolai Abromov | | File Size: | 7394 | | Last Modified: | Nov 14 01:37:21 2000 |
| MD5 Checksum: | c0c0dc5180d9081f3ba5df8bbfca3981 |
|
| /// File Name: |
ia.txt |
Description:
|
IP Aliasing - How to set it up on a unix host.
| | Author: | Guidob | | Homepage: | http://www.synnergy.net | | File Size: | 7281 | | Last Modified: | Sep 25 15:20:46 1999 |
| MD5 Checksum: | 1706c80b88ef4ca447e374cb28492d5e |
|
| /// File Name: |
sadmindex-brute-lux.c |
Description:
|
Sadmind exploit stack pointer brute forcer, just ./sadmindex-brute-lux [arch] and it will brute force the stack pointer, it'll output a message on success and open ingreslock (1524) on the remote computer. This brute forcer requires sadmind exploit by Cheez Whiz.
| | Author: | elux | | File Size: | 6481 | | Last Modified: | Dec 13 09:14:15 1999 |
| MD5 Checksum: | 7588b1cbff18bd6bcdb5fe10b4e85ada |
|
| /// File Name: |
tco.txt |
Description:
|
Synnergy Laboratories Advisory SLA-2000-14 - The BSD/Linux telnet client has a stack overflow which is not usually a security problem, except in the case of a restricted shell environment which allows users to set environment variables and run telnet. Perl proof of concept exploit included.
| | Author: | Dethy | | Homepage: | http://www.synnergy.net | | File Size: | 4393 | | Last Modified: | Sep 22 02:05:59 2000 |
| MD5 Checksum: | c6491ecc47f199f8a19a31d67e79f43c |
|
| /// File Name: |
ftpd-aix |
Description:
|
Remote buffer overflow exploit for ftpd from AIX 4.3.2 running on an RS6000. (power).
| | Author: | Dvorak | | Homepage: | http://www.synnergy.net/software/dvorak/ | | File Size: | 4271 | | Last Modified: | Sep 24 23:49:47 1999 |
| MD5 Checksum: | fc17c2f69566bc0213c21821b8da3b09 |
|
| /// File Name: |
msadcscan-unix.c |
Description:
|
Synnergy Networks msadc scanner - This is just a basic string scanner that happens to scan for the msadc module string.
| | Author: | elux | | Homepage: | http://www.synnergy.net | | File Size: | 2281 | | Last Modified: | Dec 14 00:33:05 1999 |
| MD5 Checksum: | 848292758ce51eeecb718dea80503411 |
|
| /// File Name: |
SLA-17.Anaconda.txt |
Description:
|
Synnergy Laboratories Advisory SLA-2000-17 - A flaw in Linux/UNIX Anaconda Foundation Directory, a yahoo style search engine based on the Open Directory Project allows remote users to traverse the webservers filesystem, allowing arbitary files to be read by appending a trailing NULL byte in URL encoded format. Exploit URL included.
| | Author: | Kostas Petrakis | | Homepage: | http://www.synnergy.net | | File Size: | 2077 | | Last Modified: | Oct 15 20:18:49 2000 |
| MD5 Checksum: | 4473a774da7c24d3ddf462e13bfbf37e |
|
| /// File Name: |
SLA-16.MasterIndex.txt |
Description:
|
Synnergy Laboratories Advisory SLA-2000-16 - Synnergy Labs has found a flaw within Master Index for Linux/UNIX that allows a user to successfully traverse the filesystem on a remote host, allowing arbitary files/folders to be read. Exploit URL included. Fix available here.
| | Author: | Kostas Petrakis | | Homepage: | http://www.synnergy.net | | File Size: | 2008 | | Last Modified: | Oct 11 03:23:41 2000 |
| MD5 Checksum: | a00a442f87ac62e4716afc3cc58d0c62 |
|
| /// File Name: |
mailtool-adv.txt |
Description:
|
Local vulnerability in Solaris mailtool(1) - /usr/openwin/bin/mailtool on Solaris 8 (x86 and sparc) contains a local buffer overflow vulnerability.
| | Author: | specifying a long environment buffer containing machine executable code, it is possible to execute arbitrary command(s) as gid mail. ;Homepage: http://www.synnergy.net. | | File Size: | 1740 | | Last Modified: | May 30 21:21:25 2001 |
| MD5 Checksum: | 1e5e671cf9f5a6ad579331d3e7053810 |
|
| /// File Name: |
SLA-15-PHPix.txt |
Description:
|
PHPix, a Web-based photo album viewer written in PHP has a vulnerability which allows remote users to traverse directories and read any file on the server. Exploit URL included. Fix available here.
| | Author: | Kostas Petrakis | | Homepage: | http://www.synnergy.net | | File Size: | 1616 | | Last Modified: | Oct 10 03:30:47 2000 |
| MD5 Checksum: | bc3908f2f9d85da09ccb7ad48698fd82 |
|
| /// File Name: |
exklock.c |
Description:
|
FreeBSD X key lock (xklock) v2.7.1 and below local root exploit - Tested on FreeBSD ports collection v3.5.1 and v4.2.
| | Author: | Dethy | | Homepage: | http://www.synnergy.net | | File Size: | 1596 | | Last Modified: | Feb 21 21:43:21 2001 |
| MD5 Checksum: | c5a5aabc95055e9049edae3b5c5de143 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
