💾 Archived View for aphrack.org › issues › phrack60 › 4.gmi captured on 2021-12-04 at 18:04:22. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-12-03)
-=-=-=-=-=-=-
==Phrack Inc.== Volume 0x0b, Issue 0x3c, Phile #0x04 of 0x10 |=--------------------=[ T O O L Z A R M O R Y ]=----------------------=| |=-----------------------------------------------------------------------=| |=---------=[ packetstorm <http://www.packetstormsecurity.org> ]=-------=| This new section, Phrack Toolz Armory, is dedicated to tool annoucements. We will showcast selected tools of relevance to the computer underground which have been released recently. The tools for #60 have been selected in teamwork by the Packet Storm staff and Phrack staff. Drop us a mail if you develop something that you think is worth of being mentioned here. 1 - nmap 3.1 Statistics Patch 2 - thc-rut 3 - Openwall GNU/*/Linux (Owl) 1.0 4 - Stealth Kernel Patch 5 - Memfetch 6 - Lcrzoex ----[ 1 - NMAP 3.1 Statistics Patch URL : http://packetstormsecurity.org/UNIX/nmap/nmap-3.10ALPHA4_statistics-1.diff Author : vitek[at]ixsecurity.com Comment : The Nmap 3.10ALFA Statistics Patch adds the -c switch which guesses how much longer the scan will take, shows how many ports have been tested, resent, and the ports per second rate. Useful for scanning firewalled hosts. ----[ 2 - thc-rut URL : http://www.thehackerschoice.com/thc-rut Author : anonymous[at]segfault.net Comment : RUT (aRe yoU There, pronouced as 'root') is your first knife on foreign network. It gathers informations from local and remote networks. It offers a wide range of network discovery utilities like arp lookup on an IP range, spoofed DHCP request, RARP, BOOTP, ICMP-ping, ICMP address mask request, OS fingerprinting, high-speed host discovery, ... THC-RUT comes with a OS host Fingerprinter which determines the remote OS by open/closed port characteristics, banner matching and nmap fingerprinting techniques (T1, tcpoptions). The fingerprinter has been developerd to quickly (10mins) categorize hosts on a Class B network. Information sources are (amoung others) SNMP replies, telnetd (NVT) negotiation options, generic Banner Matching, HTTP-Server version, DCE request and tcp options. It is compatible to the nmap-os-fingerprints database and comes in addition to this with his own perl regex capable fingerprinting database (thcrut-os-fingerprints). ----[ 3 - Openwall GNU/*/Linux (Owl) 1.0 (Released 2002-10-13) URL : http://www.openwall.com/Owl Author : Solar Designer and other hackers. Comment : Openwall Linux is the Hacker's choice platform. The security has been defined by people who know what they are doing. Owl comes without any useless services running by default, no RPM dependencies headache, full featured environment for developers, a large number of usefull tools and a BSD-port-like update mechanism. It's for people who prefer vi over click/drag-and-drop sickness to configure the system. Openwall GNU/*/Linux (Owl) includes a pre-built copy of John the Ripper password cracker ready for use without requiring another OS (life system!) and without having to install on a hard disk (although that is supported). The CD-booted system is fully functional, you may even let it go multi-user with virtual consoles and remote shell access. John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, and BeOS. Its primary purpose is to detect weak Unix passwords, but a number of other hash types are supported aswell. This is probably the most secure linux distribution out there. ----[ 4 - Stealth Kernel Patch URL : http://packetstormsecurity.org/UNIX/patches/linux-2.2.22-stealth.diff.gz Author : Sean Trifero <sean[at]innu.org> Comment : The Stealth Kernel Patch for Linux v2.2.22 makes the linux kernel discard the packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags. Does a very good job of confusing nmap and queso. ----[ 5 - Memfetch URL : http://packetstormsecurity.org/linux/security/memfetch.tgz Author : Michal Zalewski <lcamtuf[at]ghettot.net> Comment : Memfetch dumps the memory of a program without disrupting its operation, either immediately or on the nearest fault condition (such as SIGSEGV). It can be used to examine suspicious or misbehaving processes on your system, verify that processes are what they claim to be, and examine faulty applications using your favorite data viewer so that you are not tied to the inferior data inspection capabilities in your debugger. ----[ 6 - Lcrzoex URL : http://www.laurentconstantin.com/en/lcrzoex/ http://www.laurentconstantin.com/en/rzobox/ (front end) Author : Laurent Constantin <laurent.constantin@aql.fr> Comment : Lcrzoex contains over 400 tools to test an Ethernet/IP network. It runs under Linux, Windows, FreeBSD, OpenBSD and Solaris. Features: - sniff/spoof/replay - syslog/ftp/dns/http/telnet clients - ping/traceroute - web spider - tcp/web backdoor - data conversion |=[ EOF ]=---------------------------------------------------------------=|