|
|
| |
|
eNYe
Sec is
a group of people interested on computer
security, without economic pretensions.
Our intention is to publish information
and try to cooperate/help to community,
at time that we learn with it.
|
|
|
....................:: News
::.................... |
|
|
|
| |
|
|
| |
Paper about exploiting web vulns |
|
|
|
 |
|
|
Pepelux has wrote a paper about exploiting web vulnerabilities to gain access to the system.
There are a lot of vulnerabilities that allow us to exploit a website, all of them are old and documented. We can found LFI, RFI, SQL, XSS, SSI, ICH and other attacks. For that reason this paper is centered only in attacks that allow us access to the system and to execute commands remotely.
Download (English) | Descargar (Castellano)
|
|
 |
|
|
|
|
|
|
|
| Pepelux
has
made a bash script to make blind
attacks SQL injection again databases,
usually MySQL. It attacks with bruteforce
gaining configuration data, tables,
fields and data from DB. It uses
lynx navigator.
Download
|
|
|
|
|
|
|
|
|
|
| Pepelux
has
made a windows utility to capture
all traffic from net card, as a
sniffer (promiscuous mode). It is
configurable with filters, and captures
TCP, UDP, ICMP and ARP protocols.
It can export data, and has a login
plain text detection mode (ftp,
pop3, etc.). It is multilanguage
(english + spanish).
Download | See
screenshot
|
|
|
|
|
|
|
|
| |
|
|
| |
Playing
with sockets (port scan) |
|
|
|
|
|
| Pepelux
has wrote a paper about port scanning
at low level. It explains anonymous
port scan, playing with net packet
headers using raw sockets. It shows
most used scan techniques (xmas,
fin, etc.), through own raw sockets
code and examples. It also explains
a little about SO's detection.
Download
(English)
| Descargar
(Castellano)
|
|
|
|
|
|
|
|
|
|
| You
are reading the english
version
from enye-sec.org
web :).
We will try to translate into english
everything that we make (papers,
programs, exploits, etc.). We had
translated some programs / exploits,
that you can find on english web
version. We will try to translate
old papers, and in the future we
will (try) translate everything.
Our english ( specially mine :-S
) is not very good, sorry for it.
|
|
|
|
|
|
|
|
|
|
|
LKM rootkit for Linux x86 with the
2.6 kernel. It inserts salts inside
system_call and sysenter_entry handlers,
so it does not modify sys_call_table,
or IDT content. It hide files, directories,
and processes. Hides chunks inside
of files, gives remote reverse_shell
access, local root, etc.
Download
LKM
Go
to programs section
|
|
|
|
|
|
|
|
|
|
