Apache Tomcat Remote Exploit (PUT request) and Account Scanner
The modified pnscan scanner utility scans a range of IPs to find open apache tomcat servers by trying the following login access combinations:
- tomcat:tomcat
- password:password
- admin:admin
- admin:password
- admin:<nopass>
- tomcat:<nopass>
The included perl script can be used to unlock apache tomcat servers remotely by using the collected login combinations.
it will retrieve either a root or SYSTEM reverse shell depending on the operating system or the equivalent of a reverse shell as the current user tomcat is running as. the exploit might contain metasploit logic (thanks to jduck).
By Kingcope
Use this tool at your own risk. No source code review (may contain hidden shell)
Lynis Auditing Tool
Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.
This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems. It can be run without prior installation, so inclusion on read only storage is no problem (USB stick, cd/dvd).
Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOX (Sarbanes-Oxley) compliance audits.
Intended audience:
Security specialists, penetration testers, system auditors, system/network managers.
Examples of audit tests:
- Available authentication methods
- Expired SSL certificates
- Outdated software
- User accounts without password
- Incorrect file permissions
- Firewall auditing
Supported operating systems
Tested on:
- Arch Linux
- CentOS
- Debian
- Fedora Core 4 and higher
- FreeBSD
- Gentoo
- Knoppix
- Mac OS X
- Mandriva 2007
- OpenBSD 4.x
- OpenSolaris
- OpenSuSE
- PcBSD
- PCLinuxOS
- Red Hat, RHEL 5.x
- Slackware 12.1
- Solaris 10
- Ubuntu
interesting papers on malware, botnets, antivirus and security
Alex Kirk - Characteristics and detection of HTTP C&C.pptx 25-May-2011 13:12 1.0M
Andrei Saygo and Patrik Vicol - How to stop the Daemon.ppsx 25-May-2011 12:35 640K
Anoirel Issa - Polymorphism and anti anti-virus techniques - A look at recent malware trends.pdf 05-May-2011 08:26 568K
Anthony Bettini - (In)security in URL shortening and redirection services.pptx 23-May-2011 10:13 1.2M
Christine Bejerasco - Building a reputation - A session with a website shrink.pptx 25-May-2011 13:07 2.8M
Chun Feng - The shellcode storm caused by the butterfly effect.pptx 25-May-2011 13:09 3.2M
Daniel Radu and Bruce Dang - Shellcode analysis using dynamic binary instrumentation.pdf 25-May-2011 12:58 521K
DonatoFerrante - Java malware.pdf 03-May-2011 23:14 6.7M
Igor Muttik - Keynote address - Ubiquitous malware and ubiquitous AV.pptx 25-May-2011 13:08 7.2M
Jindrich Kubec and Jiri Sejtko - Grabbing the PDF by the tail.PDF 25-May-2011 12:32 2.6M
Jose Miguel Esparza - Obfuscation and (non-)detection of malicious PDF files.PDF 20-May-2011 10:55 1.1M
Jui-Chieh Wu and Ray Liao - Building world-wide domain reputation.pptx 25-May-2011 13:33 5.3M
Mikel Gastesi - Banking fraud evolution - New techniques in real fraud cases.ppt 25-May-2011 13:21 4.6M
Richard Ford - Hardening the net - Building a new platform for security.pptx 25-May-2011 13:22 725K
Robert Lipovsky, Alexandr Matrosov and Dmitry Volkov - Cybercrime in Russia - Trends and isues.pdf 25-May-2011 13:10 2.5M - must read
Robert Sandilands - Scaling a viruslab.PDF 03-May-2011 02:30 676K
Stephan Chenette - Fireshark v2 - An analysis toolkit for malicious web sites.html
Four Top Live CD Distros – Security, Pen-Testing, Forensics & Recovery – 2011
1. Blackbuntu
Blackbuntu is distribution for penetration testing which was specially designed for security training students and practitioners of information security.
Blackbuntu is Ubuntu base distro for Penetration Testing with GNOME Desktop Environment. It's currently being built using the Ubuntu 10.10 and work on reference Back|Track.
Blackbuntu features the following upstream components: Ubuntu 10.10, Linux 2.6.35 and Gnome 2.32.0
System requirements
1GHz x86 processor
768 MB of system memory (RAM)
10 GB of disk space for installation
Graphics card capable of 800×600 resolution
DVD-ROM drive or USB port
You can download it from here
2. DEFT 6.1
DEFT Linux 6 is based on the new Kernel 2.6.35 (Linux side) and the DEFT Extra 3.0 (Computer Forensic GUI) with the best freeware Windows Computer Forensic tools. DEFT it’s a new concept of Computer Forensic live system that use LXDE as desktop environment and WINE for execute Windows tools under Linux and mount manager as tool for device management.
It is a very easy to use system that includes an excellent hardware detection and the best free and open source applications dedicated to incident response and computer forensics.
DEFT is meant to be used by:
police
investigators
system administrator
individuals
and all the people who need to use forensic tool but don’t know the open source operative systems and the Forensic techniques.
You can download it from here
3. BackBox Linux
BackBox is a Linux distribution based on Ubuntu Lucid 10.04 LTS developed to perform penetration tests and security assessments. Designed to be fast, easy to use and to provide a minimal yet complete desktop environment thanks to its own software repositories always been updated to the last stable version of the most known and used ethical hacking tools.
You can download it from here
And of course the standard 
4. Backtrack 4 R2 - Nemesis
Yes, the time has come again – for a new kernel, and a new release of BackTrack. Codenamed “Nemesis”. This release is our finest release as of yet with faster Desktop responsiveness, better hardware support, broader wireless card support, streamlined work environment.
We could go on for pages on saying how great the new version is, but we’ll cut to the chase, and give you the run down:
* Kernel 2.6.35.8 – *Much* improved mac80211 stack.
* USB 3.0 support.
* New wireless cards supported.
* All wireless Injection patches applied, maximum support for wireless attacks.
* Even *faster* desktop environment.
* Revamped Fluxbox environment for the KDE challenged.
* Metasploit rebuilt from scratch, MySQL db_drivers working out of the box.
* Updated old packages, added new ones, and removed obsolete ones.
* New BackTrack Wiki with better documentation and support.
* Our most professional, tested and streamlined release ever.
You can download it from here
If there is a distro I missed please leave a comment. The ones I listed above have great support please dont submit dead projects.
Disclaimer
Categories
- android (1)
- antivirus (1)
- backup (1)
- backup exec (2)
- bruteforce (6)
- conference (2)
- CRSF (2)
- DirectAdmin (1)
- DoS (11)
- enumeration (2)
- Fără categorie (2)
- flash (2)
- Fuzzer (2)
- games (1)
- hacking (116)
- how-to (32)
- Information gathering (2)
- lfi (3)
- linux (27)
- mobile (1)
- ms exchange (2)
- News (2)
- Phishing (1)
- php (1)
- rdp (1)
- rfi (5)
- rootkit (1)
- scripts (33)
- seo (1)
- sniff (3)
- social engineering (2)
- source code (33)
- sqli (16)
- ssh (2)
- symantec (3)
- tools (73)
- tutorials (20)
- tutorials (1)
- Uncategorized (7)
- vranger (1)
- windows (12)
- wireless (1)
- wsus (1)
- xpath (1)
- xsrf (1)
- xss (12)
