Welcome to...

Main Menu

Home
Who's Johnny?
Book List
- - - - - - -
The Google Hacking Database
JIHS Charity Program
Downloads
Forums
Photos and Images
AOET / Uganda Mission
- - - - - - -
Links
Contact Us
Search
FAQs
Wrapper
Every purchase feeds an African child for one month! (What?)

Latest Downloads

File Icon "No-Tech Hacking" Sample Chapter
File Icon Yo Yo SKillz #1
File Icon Aggressive Network Self-Defense Sample Chapter
File Icon Gooscan (Linux)
File Icon The Art of Presentation With Bruce Potter
Home arrow Downloads

Downloads

Downloads Home »  Tools

DocumentsDate added

Order by : name | date | hits [ ascendent ]
file icon Win2K LDAP authentication bruteforcerhot!
05.04.2001
This never really got finished... Anyhow, I noticed when playing around with LDAP on Win2k that LDAP authentication requests came back with different response codes when using an existing username vs a non-existing one. Using this technique, you can enumerate usernames on the server. In addition, LDAP authentications don't seem to count as invalid logins as far as the 2k user is concerned. This means you can remotely determine usernames, and attempt passwords to your heart's content without bothering the set lockouts. Nice.
Hits: 8795
file icon Unicode Attackerhot!
08.08.2001
This basic perl script does the unicode attack. Very basic, but made unicode easier to visualize. My second perl script ever. I didn't realize perl was so c00l! ;-)
Hits: 6930
file icon Trojan Explorer.exehot!
21.09.2001
This trojan explorer creates a user account called "hack0r" with a password of "cha0srul3sall!" on a windows NT machine, then runs explorer like normal. Plop it in the root of c: and when an admin user logs in, the pathing problem runs this one instead. Then, log in and enjoy. Props to Jimmy for the user creation piece! The trojan was hand-rolled by yours truly. This should definitely set off your virus scanner.
Hits: 55728
file icon rs_iis2.c - webdav exploithot!
10.04.2003
This is a modified version of romansoft's IIS WEBDAV exploit. This gives remote SYSTEM privs on Windows 2000 boxes running IIS 5. I added a recursive function to troll through RET values to find the magic number. I also added a magic number of my own. Read the source for more details, especially if you are concerned about knocking down your target. (YOU SHOULD be concerned about this, as this is bad!) My included magic number works against Windows 2000 w/service pack 3 & IIS 5.
Hits: 6470
file icon Gooscan (Linux)hot!
01.11.2006
Gooscan is a tool that automates queries against Google search appliances, but with a twist. These particular queries are designed to find potential vulnerabilities on web pages. Think "cgi scanner" that never communicates directly with the target web server, since all queries are sent to Google, not to the target. This is the latest version (v1.0) with many security fixes and updates by Mike Schiraldi. Thanks, Mike!
Hits: 65259
<< Start < Prev 1 2 Next > End >>
Results 1 - 5 of 8