Sign In
Register
Help
Panic-Reloaded
-------------------
Credits for this go up to hash,
hxxp:www.gotfault.net
------------------------------------------
Here's a Cygwin-compiled binary...
Note:from my very simple tests,i found out that it 's working fine,
unless someone specifies too many threads (it crashes).
So I REALLY suggest to compile/run it under a genuine Unix system...
EDITED: removed see reason below
Page 1 of 1
Panic-reloaded Cygwin Binary
MultiQuote
#2
- Master Sergeant
-
- Group: Second Lieutenant
- Posts: 1,689
- Joined: 26-April 06
Posted 01 May 2006 - 11:29 AM
Why are you sharing so many DOS tools with the kiddies? I'm glad you can compile them, but for those who can't they shouldn't be using them....why arm the kiddies?
BTW Source Code talks about it being a DoS tool-
http://www.milw0rm.com/exploits/1671
BTW Source Code talks about it being a DoS tool-
http://www.milw0rm.com/exploits/1671
There is no security on this earth. Only opportunity.
-Douglas MacArthur
GSO Compiled Exploit Database
----------------------------------------
[b]Mod at GovernmentSecurity
-Douglas MacArthur
GSO Compiled Exploit Database
----------------------------------------
[b]Mod at GovernmentSecurity
#3
- Commander In Chief
-
- Group: GSO Management
- Posts: 6,571
- Joined: 18-August 06
Posted 01 May 2006 - 01:23 PM
these tools are also useful handy for admins to test their servers... but also in a compiled form can be used for malicious purposes...
we dont mind the source to these tools being posted... BUT we would prefer if it was not compiled and uploaded...
if any Admins are seriously worried about what it can do... then they should be able to compile and test it them selves
with it being compiled here ... no doubt as pointed out by ryan... someone is going to try using it against a target.... this we dont want
hence i have removed the compiled version....
regards
we dont mind the source to these tools being posted... BUT we would prefer if it was not compiled and uploaded...
if any Admins are seriously worried about what it can do... then they should be able to compile and test it them selves
with it being compiled here ... no doubt as pointed out by ryan... someone is going to try using it against a target.... this we dont want
hence i have removed the compiled version....
regards
Kenny aka ComSec
Please read the Forum Rules !!!
Blog
" http://kaltech.blogspot.com/ "
______________________
Please read the Forum Rules !!!
Blog
" http://kaltech.blogspot.com/ "
______________________
#4
- Specialist
-
- Group: Specialist
- Posts: 232
- Joined: 27-October 05
Posted 01 May 2006 - 04:57 PM
100% right.I was thinking about it after uploading "panic-reloaded" and already had some regrets:
just the previous day I had uploaded "superforker",and told to myself,what the heck,
even if some kids are actually stupid enough to use it without serious reason,
it will be against their personal pc in school or maybe their buddy's...
But "panic-reloaded" is remote DoS,this,without question,it's way too serious.
Regarding the "why so many DoS tools"...
actually previous days I was browsing the DoS archive in PacketStorm,
got flashed that XP SP2 was found to be vulnerable to "land" attack last year,
and had the idea of compiling old exploits to test their effectiveness against newer systems:
seeing exploits like 'superforker' or even 'targa3' to still have results was kind of a surprize to me...
Whenever I upload/share a compiled binary,
I just think of how many times I have found myself frustrated because:
a-I couldn't find the right tool for a task,even after hours of googling.
b-I found it,but it runs on another platform that I don't have access at the specific moment.
c-I found it,it runs on the platform I am on,but it needs external "libraries",
which either I don't have the permission to install,
or don't want to install because they conflict with previous well-working versions.
d-I found it,but the code is so machine-specific,
that even after hours of digging through it,it doesn't compile successfully.
Meaning I really don't want to get myself misunderstood for "trying to arm script-kiddies",
by far the most hated question one meets is:
"how do I compile...blah-blah...cygwin...destructive-exploit...blah...not-really-useful-to-non-admins".
Since I've actually been in a "compiling" orgasm last days,
and also as a personal way of apologizing/getting the regrets out of me(yeah-my english sucks,i know),
here are 2 compiled programs for Windows admins to make their life easier:
1)onesixtyone 0.3.2
Compiled under Cygwin 1.5.19-4
Credits for this go up to solar eclipse
Read more at:
hxxp://www.phreedom.org/solar/onesixtyone/
Short Description:
onesixtyone takes advantage of the fact that SNMP is a connectionless protocol,
and sends all SNMP requests as fast as it can.
It sends a request for the system.sysDescr.0 value,which is present on almost all SNMP enabled devices.
This returned value gives us a description of the system software running on the device.
Personal Note:
If you ever were in the need of a tool like FoundStone's SNScan,
but command-line based and way too fast...that's it!
onesixtyone_0.3.2.rar (567.93K)
Number of downloads: 18
2)The Dot Net Application Scanner
Converted with Perl2Exe to standalone .exe
Credits for this go up to...(respect!) H.D.Moore
For a lot more,check:
hxxp://www.digitaloffense.net/
Short Description:
Look for common misconfigurations and information leaks in ASP.NET applications.
The_Dot_Net_Application_Scanner.rar (797.22K)
Number of downloads: 13
just the previous day I had uploaded "superforker",and told to myself,what the heck,
even if some kids are actually stupid enough to use it without serious reason,
it will be against their personal pc in school or maybe their buddy's...
But "panic-reloaded" is remote DoS,this,without question,it's way too serious.
Regarding the "why so many DoS tools"...
actually previous days I was browsing the DoS archive in PacketStorm,
got flashed that XP SP2 was found to be vulnerable to "land" attack last year,
and had the idea of compiling old exploits to test their effectiveness against newer systems:
seeing exploits like 'superforker' or even 'targa3' to still have results was kind of a surprize to me...
Whenever I upload/share a compiled binary,
I just think of how many times I have found myself frustrated because:
a-I couldn't find the right tool for a task,even after hours of googling.
b-I found it,but it runs on another platform that I don't have access at the specific moment.
c-I found it,it runs on the platform I am on,but it needs external "libraries",
which either I don't have the permission to install,
or don't want to install because they conflict with previous well-working versions.
d-I found it,but the code is so machine-specific,
that even after hours of digging through it,it doesn't compile successfully.
Meaning I really don't want to get myself misunderstood for "trying to arm script-kiddies",
by far the most hated question one meets is:
"how do I compile...blah-blah...cygwin...destructive-exploit...blah...not-really-useful-to-non-admins".
Since I've actually been in a "compiling" orgasm last days,
and also as a personal way of apologizing/getting the regrets out of me(yeah-my english sucks,i know),
here are 2 compiled programs for Windows admins to make their life easier:
1)onesixtyone 0.3.2
Compiled under Cygwin 1.5.19-4
Credits for this go up to solar eclipse
Read more at:
hxxp://www.phreedom.org/solar/onesixtyone/
Short Description:
onesixtyone takes advantage of the fact that SNMP is a connectionless protocol,
and sends all SNMP requests as fast as it can.
It sends a request for the system.sysDescr.0 value,which is present on almost all SNMP enabled devices.
This returned value gives us a description of the system software running on the device.
Personal Note:
If you ever were in the need of a tool like FoundStone's SNScan,
but command-line based and way too fast...that's it!
onesixtyone_0.3.2.rar (567.93K)
Number of downloads: 18
2)The Dot Net Application Scanner
Converted with Perl2Exe to standalone .exe
Credits for this go up to...(respect!) H.D.Moore
For a lot more,check:
hxxp://www.digitaloffense.net/
Short Description:
Look for common misconfigurations and information leaks in ASP.NET applications.
The_Dot_Net_Application_Scanner.rar (797.22K)
Number of downloads: 13
"Maybe not today,maybe not tomorrow...but soon-and for the rest of your life"
#5
- Master Sergeant
-
- Group: Second Lieutenant
- Posts: 1,689
- Joined: 26-April 06
Posted 02 May 2006 - 04:20 PM
x@ros2000, I would like to clarify my position, I now see your point completely, and I agree, as I have been in the same position. However, just try to keep the DoS tools as source. Everything else that I'm sure you have and will offer up will be [at least by me] greatly appreciated.
There is no security on this earth. Only opportunity.
-Douglas MacArthur
GSO Compiled Exploit Database
----------------------------------------
[b]Mod at GovernmentSecurity
-Douglas MacArthur
GSO Compiled Exploit Database
----------------------------------------
[b]Mod at GovernmentSecurity
Page 1 of 1
