Section: .. / groups / s0ftpj /
Disclaimers: s0ftpr0ject 99 is a security team founded in the summer of 1997. Its research team is fully dedicated to study, describe and resolve security problems related to the network and digital worlds. Tools and documentation available on this site are meant to be used only in order to improve your security and privacy, and not as a way to harm anybody. Any use of the available material that goes against the laws of any state is not condoned by s0ftpr0ject 99, which also cannot be held responsible for any misuse. s0ftpr0ject 99 absolutely dissociates itself from any cracking/hacking/phreaking group that may claim to be in any way collaborating with us. If YOU are going against the law, WE will never have any relation with you. Any remark should be addressed to staff@s0ftpj.org, and abuses reported immediately, with all the necessary informations, to abuse@s0ftpj.org. Also, due to recent facts happened in our country, we point out that we strictly dissociate from any terroristic or eversive groups and their destabilizing and highly deprecable actions. If you, the visitor, are somehow offended by the contents of the site, we ask you to leave this site immediately, and don't go on accessing, reading or downloading anything here. On the other hand, by accessing the main page, you agree with this disclaimer and must consider yourself responsible for any use you make of the informations contained inside. Also, who is currently hosting our page and our mirrors cannot be legally sued for its content.
|
| /// File Name: |
imap4.tgz |
Description:
|
Kit including two tools that scan for exploitable versions of IMAP4; the scan can be accomplished by specifying a single host or using a file containing all the ip's. Includes: Imap4 scanner, Imap4 checker. Linux - c source. Courtesy of soft project digital security for y2k.
| | File Size: | 1351 | | Last Modified: | Sep 23 14:23:58 1999 |
| MD5 Checksum: | 0679ce9dabf065060c6da7b7168afa6b |
|
| /// File Name: |
innova-0.0.1.tar.gz |
Description:
|
Innova is a framework that permits to manipulate network sessions starting at layer 3 and is transparent to the application. It runs entirely in userspace on Linux and supports plugins.
| | Author: | vecna | | Homepage: | http://www.s0ftpj.org/projects/innova/index.htm | | File Size: | 43375 | | Last Modified: | Mar 5 20:08:58 2007 |
| MD5 Checksum: | be2a3e42f36511feabe5bc650d4418ce |
|
| /// File Name: |
ipfhack.c |
Description:
|
LKM for FreeBSD which makes ipfilter always accept packets from a certain IP.
| | Author: | Pigpen. | | Homepage: | http://www.s0ftpj.org | | File Size: | 3210 | | Last Modified: | May 22 13:30:19 2000 |
| MD5 Checksum: | 3eeebbc3a32fda0cfed1a8b824b91b12 |
|
| /// File Name: |
ipfwfilter.c |
Description:
|
BSD kernel module which prevents ipfw from blocking a specified IP address.
| | Author: | Pigpen | | File Size: | 22454 | | Last Modified: | Jan 24 20:19:54 2000 |
| MD5 Checksum: | 6ad0523663225eeed26e569d111e1509 |
|
| /// File Name: |
kcheck.c |
Description:
|
IGMP/ICMP/IPIP/IDP/RSVP/IPIP/IPPROTO_RAW KERNEL CHECKER.
| | Author: | Pigpen. | | Homepage: | http://www.s0ftpj.org | | File Size: | 4739 | | Last Modified: | May 4 18:35:53 2000 |
| MD5 Checksum: | f1bd4cdbfbaff4500c5d2246177a3151 |
|
| /// File Name: |
knstat_freebsd.c |
Description:
|
This simple source code uses sysctlbyname() to fetch statistics for a protocol that you can use for security purposes or for kernel testing.
| | Author: | Pigpen. | | Homepage: | http://www.s0ftpj.org | | File Size: | 10616 | | Last Modified: | May 4 18:35:56 2000 |
| MD5 Checksum: | fbb0c43d5b6b7a83551bd7c3a6665bc7 |
|
| /// File Name: |
ksec.tar.gz |
Description:
|
Ksec (Kernel Security Checker) is a tool for FreeBSD and OpenBSD which can find an attacker by direct analysis of the kernel via /dev/mem, bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). KSec can find the modified syscalls from userspace, detect the promisc interfaces, find the modifications applied to a protocol and much more.
| | Author: | Pigpen | | Homepage: | http://www.s0ftpj.org | | File Size: | 18238 | | Last Modified: | Jan 4 17:50:24 2001 |
| MD5 Checksum: | d084d77610110ba6fa0784418443629b |
|
| /// File Name: |
ksec.tgz |
Description:
|
Ksec is a tool useful for finding an attacker in your BSD system by a direct analysis of the kernel through /dev/kmem, bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). KSec can find the modified syscalls from userspace, detect the promisc interfaces, find the modifications applied to a protocol and much more. Tested on FreeBSD and OpenBSD. For more information see Detecting Loadable Kernel Modules (LKM) by Toby Miller.
| | Author: | Pigpen | | Homepage: | http://www.s0ftpj.org | | File Size: | 18238 | | Last Modified: | Apr 16 22:32:16 2001 |
| MD5 Checksum: | d084d77610110ba6fa0784418443629b |
|
| /// File Name: |
kstat.tar.gz |
Description:
|
Kstat is a tool for Linux which can find an attacker in your system by a direct analysis of the kernel via /dev/kmem, bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). Kstat can find the syscalls which were modified by a LKM, list the linked LKMs, query one or all the network interfaces of the system, list all the processes and much more.
| | Author: | Fusys | | Homepage: | http://www.s0ftpj.org | | File Size: | 14523 | | Last Modified: | Jan 4 17:54:20 2001 |
| MD5 Checksum: | f6314c81beecea2df666f5c49f166c38 |
|
| /// File Name: |
kstat.tgz |
Description:
|
Kstat is a tool for Linux which is designed to find an attacker in your system by a direct analysis of the kernel through /dev/kmem and bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). Kstat can find the syscalls which were modified by a LKM, list the linked LKMs, query one or all the network interfaces of the system, list all the processes and much more.
| | Author: | Fusys | | Homepage: | http://www.s0ftpj.org | | File Size: | 14523 | | Last Modified: | Apr 16 22:38:16 2001 |
| MD5 Checksum: | f6314c81beecea2df666f5c49f166c38 |
|
| /// File Name: |
kstat24.tgz |
Description:
|
Kstat is a powerful tool for Linux v2.4.x which displays information taken directly from kernel structures taken from /dev/kmem. This is especially useful when we can't trust output from usual sources and applications, for example after an unauthorized access to our systems. Effective if something like ps, ifconfig, lsmod, or system calls are patched.
| | Author: | Fusys | | Homepage: | http://www.s0ftpj.org | | Changes: | This is a major update of kstat, since its release for the 2.2.x kernels. This runs on 2.4.x only, and can better assist in finding and removing trojan LKMs. It sports network socket dumps, sys_call fingerprinting, stealth modules scanning and more. | | File Size: | 20741 | | Last Modified: | Jun 5 12:34:42 2002 |
| MD5 Checksum: | 01bdbde57c74a4e9a0c01c7eaf5b9794 |
|
| /// File Name: |
kstat24_v1.1-2.tgz |
Description:
|
Kernel Security Therapy Anti-Trolls (KSTAT) is a very powerful security tool to detect many kinds of rogue kernel rootkits. It analyzes the kernel through /dev/kmem and detects modified syscalls as well as various other problems. This version runs on 2.4.x only, and can assist in finding and removing trojan LKMs. It supports network socket dumps, sys_call fingerprinting, stealth module scanning, and more.
| | Author: | FuSyS | | Homepage: | http://www.s0ftpj.org/en/site.html | | File Size: | 24472 | | Last Modified: | Nov 30 22:53:12 2003 |
| MD5 Checksum: | 96954a3d4b4dd623480b5ed05a7b7523 |
|
| /// File Name: |
libvsk-1.0.tar.gz |
Description:
|
Libvsk is a set of libraries for network traffic manipulation from userlevel, with some functions of filtering/sniffing.
| | Author: | Vecna | | Homepage: | http://www.s0ftpj.org | | File Size: | 10569 | | Last Modified: | Jan 4 18:07:59 2001 |
| MD5 Checksum: | 03b859947702e03b90805a396d85183f |
|
| /// File Name: |
LuCe.c |
Description:
|
Linux Loadable Kernel Module to keep an eye on the system, and add security 'on the fly' to a prexisting running box. Contains a simple implementation of BSD securelevels, while waiting for the official 'in-distro' arrival of Linux Capabilities [POSIX 1.e] in 2.4.x and strong ACLs.
| | Author: | FuSyS | | Homepage: | http://www.s0ftpj.org/bfi | | File Size: | 9785 | | Last Modified: | May 5 16:11:19 2000 |
| MD5 Checksum: | 6d45601756c7bd61466fd81365d98854 |
|
| /// File Name: |
N0Sp00f.c |
Description:
|
Simple module to prevent lame people from using your box as a launch base for spoofed ip packets. Intercepts the socketcall() system call looking for the IP_HDRINCL parameter passed via setsockopt().
| | Author: | FuSyS | | Homepage: | http://www.s0ftpj.org | | File Size: | 7324 | | Last Modified: | May 5 16:12:47 2000 |
| MD5 Checksum: | d75f42fbe84717789145d2ac2bdf1c4c |
|
| /// File Name: |
obscura.c |
Description:
|
Total obscurity for BPF Promisc Mode.
| | Author: | Pigpen. | | Homepage: | http://www.s0ftpj.org | | File Size: | 3895 | | Last Modified: | May 4 18:36:00 2000 |
| MD5 Checksum: | 65900333453657ee11bb728a1ca18714 |
|
| /// File Name: |
obsd4-sock.tar.gz |
Description:
|
SRaw for OpenBSD is a kld which makes all users able to open raw sockets. Supported protocols are IPPROTO_RAW, IPPROTO_ICMP, IPPROTO_IPIP, IPPROTO_IPV4, IPPROTO_IGMP.
| | Author: | Pigpen | | Homepage: | http://www.s0ftpj.org | | File Size: | 2464 | | Last Modified: | Jan 4 18:17:15 2001 |
| MD5 Checksum: | f5b4d4b2eec79664d724e25cee06d8b2 |
|
| /// File Name: |
obsd_ipfhack.c |
Description:
|
LKM for OpenBSD which makes ipfilter always accept packets from a certain IP.
| | Author: | Pigpen. | | Homepage: | http://www.s0ftpj.org | | File Size: | 3071 | | Last Modified: | May 25 07:35:57 2000 |
| MD5 Checksum: | 152172a4150816265d58039a7e404402 |
|
| /// File Name: |
obsd_nospoof.c |
Description:
|
Anti-spoofing lkm for OpenBSD via setsockopt() - detects and logs IP header manipulation.
| | Author: | Pigpen. | | Homepage: | http://www.s0ftpj.org | | File Size: | 2931 | | Last Modified: | May 23 17:09:19 2000 |
| MD5 Checksum: | 29ccce542461940624e0353917b43a0f |
|
| /// File Name: |
obsd_obscura.c |
Description:
|
Total obscurity for BPF Promisc Mode. OpenBSD Port.
| | Author: | Pigpen. | | Homepage: | http://www.s0ftpj.org | | File Size: | 2749 | | Last Modified: | May 23 14:14:24 2000 |
| MD5 Checksum: | 2a1531337ab8059845db579358fa3212 |
|
| /// File Name: |
oMBRa.c |
Description:
|
Linux kernel 2.2.x implementation of the CaRoGNa 2.0.x module Secret technique of the divine HOKUHACKO school [ Hokuto No Ken rules ;)] Sacred Strike of the Modular Renewal that bumps root down.
| | Author: | FuSyS | | Homepage: | http://www.s0ftpj.org | | File Size: | 14069 | | Last Modified: | May 5 16:14:51 2000 |
| MD5 Checksum: | 42718d42c8967fcdf62650d647e4424a |
|
| /// File Name: |
onosendai02.tar.gz |
Description:
|
0N0S3NDAi: (blind ip spoofing) Support tools for 0N0S3NDAi project. Includes: SEQprobe (displays remote host's ISN generation), SMail v2 (the DEFINITIVE fake mail). Courtesy of soft project digital security for y2k.
| | File Size: | 5621 | | Last Modified: | Sep 23 14:20:05 1999 |
| MD5 Checksum: | c74ba93d36f16f2eb723913addf30c8e |
|
| /// File Name: |
piove.tar.gz |
Description:
|
This FreeBSD module shows how to intercept getpass(3) function and print anything that is typed without terminal echo.
| | Author: | Vecna | | Homepage: | http://www.s0ftpj.org | | File Size: | 1145 | | Last Modified: | Jan 4 18:12:55 2001 |
| MD5 Checksum: | 545ecc2024316a312ab036592b8e802a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
