Packet Knights Crew http://www.pkcrew.org keyhole.tar.gz Description Key Hole is a linux administration tool that permits an admin to firewall even the ports he needs to use. Author Asynchro,Cthulhu Homepage http://www.pkcrew.org MD5 Checksum 7b9692f186e41bce8b2f696a2f7f6e20 fpf.tar.gz Description FPF is a lkm for Linux which changes the TCP/IP stack in order to emulate other OS's TCP fingerprint. The package contains the lkm and a parser for the nmap file that let you choose directly the os you want. Author FuSyS,Cyrax Homepage http://www.pkcrew.org MD5 Checksum 96e0d902d790672c9e645fca88cc09e7 rf.tar.gz Description Route Faker adds an extra hop to the result when someone traceroutes to you. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum 2a634f5f593228a15d8fab591236690f 4to6.tar.gz Description 4to6ddos is a distributed denial of service against ipv6 that works without installing ipv6 support. It shoots ipv6 encapsulated in ipv4 packets directly to the ipv4-to-ipv6 tunnels. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum 347b6d04412d64d23635013879bdae36 hcl.tar.gz Description Host Control Library (hcl) implements dynamic host based control, Giving apps rsh-like trusting. Features the ability to learn and record a defined maximum number of hosts for users. Author Asynchro Homepage http://www.pkcrew.org MD5 Checksum e568e515ebe0d3433c5a09f2ccd37478 Rial.c Description RIAL is a lkm based rootkit which can hide processes, files, directories, LKMs, connections and file parts. While some of these are present in a large number of lkms, connections and file-parts hiding are new ideas, or at least i couldn't find any lkm which had them. All the processes, files, directories and lkms containing in their name the string defined in HIDE are hidden. Reading from /proc/net/tcp is intercepted and read data is filtered to hide some connections. Author Technok Homepage http://www.pkcrew.org MD5 Checksum 3bb687667a69ddc3cd274eb1ffac0719 pcapture.tar.gz Description Simple pcap dumper (just to learn on how to use libpcap). Author Cthuluh Homepage http://www.pkcrew.org MD5 Checksum 19fa555c68dba57d3e05a98b99cb19a6 ddb.tar.gz Description A backdoor that allows you to keep remote access to a shell on a LAN protected by masquerading, getting rid of the inability for non public address to listen to a port reachable from the Internet. Author The Recidjvo Homepage http://www.pkcrew.org MD5 Checksum 160a48a5b3c8e479102e10689731737d ddb-sfe.tar.gz Description An backdoor that lets you to reach root/user account shells over tcp channel using a procedure of callback initialized by a ICMP packet. Author The Recidjvo Homepage http://www.pkcrew.org MD5 Checksum 8e1eeb8715c5e2283f2db800d0ef06f7 A-SnIf.c Description A-Snif is a simple packet sniffer, for learning. Author Asynchro Homepage http://www.pkcrew.org MD5 Checksum 901ef4d027ef03c5eaa9486a363983ac bf-code.c Description Bftpd 1.0.12 contains a remote buffer overflow. Denial of service exploit included. Author Asynchro Homepage http://www.pkcrew.org MD5 Checksum 2c83fb7aa5e258203dc119f297a8ac28 lbk.tar.gz Description LBK is a local kernel based (kld) backdoor for FreeBSD 4.0 which provides a root shell if the TERM environment variable is set with the password. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum 9c0ce7942d25d16b8b7571dc588039f0 bsdfpf.tar.gz Description BSD FingerPrintFucker is kld for Freebsd which changes the tcp/ip stack in order to emulate other OS's against tcp/ip fingerprinting. Author Cthulhu Homepage http://www.pkcrew.org MD5 Checksum ffa476c1388600f039deafe4e6e6c959 pkc001.txt Description PKC Security Advisory #1 - The Oops proxy server 1.4.22, 1.4.6, and prior contain a remotely exploitable heap overflow. Includes PKCoops-ex.c, a proof of concept exploit tested on Slackware 7.0. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum 513a02ac5db3c03eb6bb76a85ed459ee pkc002.txt Description PKC Security Advisory #2 - Tinyproxy version 1.3.2 and 1.3.3 has a remotely exploitable heap overflow. Includes PKCtiny-ex.c proof of concept exploit. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum 061a37587f330bb27e6fb68037bce07c pkc003.txt Description PKC Security Advisory #3 - Micq-0.4.6 contains remotely exploitable buffer overflows which allow running arbitrary code with the UID/GID of the user running micq. Includes micRAq.c, linux/x86 proof of concept exploit. Author The Recidjvo Homepage http://www.pkcrew.org MD5 Checksum 24a010e9979e0021bf0ee38824eeeb7d pkc004.txt Description PKC Security Advisory #4 - Icecast v1.3.8beta2 and prior contains remotely exploitable format string bugs which allow remote code execution with the UID/GID of the user running Icecast. Includes PKCicecast-ex.c, a remote proof of concept exploit tested against Icecast 1.3.7 on Slackware 7.0 and RedHat 7.0. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum d2baf97ccaf7099542435cfd6ae71298 hjksuite-0.1b.tar.gz Description Hjksuite is a collection of programs for hijacking. First of all it contains hjklib, a library for hijacking. It contains also some programs like hjkbnc which allows irc hijackinig directly with your client, hjkhttpd for hijacking HTTP sessions, and hjknetcat, for hijacking text connections. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum 0e53971ff36caa2758c5088b78381e23 7b9692f186e41bce8b2f696a2f7f6e20 fpf.tar.gz Description FPF is a lkm for Linux which changes the TCP/IP stack in order to emulate other OS's TCP fingerprint. The package contains the lkm and a parser for the nmap file that let you choose directly the os you want. Author FuSyS,Cyrax Homepage http://www.pkcrew.org MD5 Checksum 96e0d902d790672c9e645fca88cc09e7 rf.tar.gz Description Route Faker adds an extra hop to the result when someone traceroutes to you. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum 2a634f5f593228a15d8fab591236690f 4to6.tar.gz Description 4to6ddos is a distributed denial of service against ipv6 that works without installing ipv6 support. It shoots ipv6 encapsulated in ipv4 packets directly to the ipv4-to-ipv6 tunnels. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum 347b6d04412d64d23635013879bdae36 hcl.tar.gz Description Host Control Library (hcl) implements dynamic host based control, Giving apps rsh-like trusting. Features the ability to learn and record a defined maximum number of hosts for users. Author Asynchro Homepage http://www.pkcrew.org MD5 Checksum e568e515ebe0d3433c5a09f2ccd37478 Rial.c Description RIAL is a lkm based rootkit which can hide processes, files, directories, LKMs, connections and file parts. While some of these are present in a large number of lkms, connections and file-parts hiding are new ideas, or at least i couldn't find any lkm which had them. All the processes, files, directories and lkms containing in their name the string defined in HIDE are hidden. Reading from /proc/net/tcp is intercepted and read data is filtered to hide some connections. Author Technok Homepage http://www.pkcrew.org MD5 Checksum 3bb687667a69ddc3cd274eb1ffac0719 pcapture.tar.gz Description Simple pcap dumper (just to learn on how to use libpcap). Author Cthuluh Homepage http://www.pkcrew.org MD5 Checksum 19fa555c68dba57d3e05a98b99cb19a6 ddb.tar.gz Description A backdoor that allows you to keep remote access to a shell on a LAN protected by masquerading, getting rid of the inability for non public address to listen to a port reachable from the Internet. Author The Recidjvo Homepage http://www.pkcrew.org MD5 Checksum 160a48a5b3c8e479102e10689731737d ddb-sfe.tar.gz Description An backdoor that lets you to reach root/user account shells over tcp channel using a procedure of callback initialized by a ICMP packet. Author The Recidjvo Homepage http://www.pkcrew.org MD5 Checksum 8e1eeb8715c5e2283f2db800d0ef06f7 A-SnIf.c Description A-Snif is a simple packet sniffer, for learning. Author Asynchro Homepage http://www.pkcrew.org MD5 Checksum 901ef4d027ef03c5eaa9486a363983ac bf-code.c Description Bftpd 1.0.12 contains a remote buffer overflow. Denial of service exploit included. Author Asynchro Homepage http://www.pkcrew.org MD5 Checksum 2c83fb7aa5e258203dc119f297a8ac28 lbk.tar.gz Description LBK is a local kernel based (kld) backdoor for FreeBSD 4.0 which provides a root shell if the TERM environment variable is set with the password. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum 9c0ce7942d25d16b8b7571dc588039f0 bsdfpf.tar.gz Description BSD FingerPrintFucker is kld for Freebsd which changes the tcp/ip stack in order to emulate other OS's against tcp/ip fingerprinting. Author Cthulhu Homepage http://www.pkcrew.org MD5 Checksum ffa476c1388600f039deafe4e6e6c959 pkc001.txt Description PKC Security Advisory #1 - The Oops proxy server 1.4.22, 1.4.6, and prior contain a remotely exploitable heap overflow. Includes PKCoops-ex.c, a proof of concept exploit tested on Slackware 7.0. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum 513a02ac5db3c03eb6bb76a85ed459ee pkc002.txt Description PKC Security Advisory #2 - Tinyproxy version 1.3.2 and 1.3.3 has a remotely exploitable heap overflow. Includes PKCtiny-ex.c proof of concept exploit. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum 061a37587f330bb27e6fb68037bce07c pkc003.txt Description PKC Security Advisory #3 - Micq-0.4.6 contains remotely exploitable buffer overflows which allow running arbitrary code with the UID/GID of the user running micq. Includes micRAq.c, linux/x86 proof of concept exploit. Author The Recidjvo Homepage http://www.pkcrew.org MD5 Checksum 24a010e9979e0021bf0ee38824eeeb7d pkc004.txt Description PKC Security Advisory #4 - Icecast v1.3.8beta2 and prior contains remotely exploitable format string bugs which allow remote code execution with the UID/GID of the user running Icecast. Includes PKCicecast-ex.c, a remote proof of concept exploit tested against Icecast 1.3.7 on Slackware 7.0 and RedHat 7.0. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum d2baf97ccaf7099542435cfd6ae71298 hjksuite-0.1b.tar.gz Description Hjksuite is a collection of programs for hijacking. First of all it contains hjklib, a library for hijacking. It contains also some programs like hjkbnc which allows irc hijackinig directly with your client, hjkhttpd for hijacking HTTP sessions, and hjknetcat, for hijacking text connections. Author Cyrax Homepage http://www.pkcrew.org MD5 Checksum 0e53971ff36caa2758c5088b78381e23