AOH :: P60-0X04.TXT

Phrack 60 File 04: Toolz Armory

                             ==Phrack Inc.==

               Volume 0x0b, Issue 0x3c, Phile #0x04 of 0x10

|=--------------------=[ T O O L Z   A R M O R Y ]=----------------------=|
|=---------=[ packetstorm <>  ]=-------=|

This new section, Phrack Toolz Armory, is dedicated to tool annoucements.
We will showcast selected tools of relevance to the computer underground
which have been released recently. The tools for #60 have been selected
in teamwork by the Packet Storm staff and Phrack staff.

Drop us a mail if you develop something that you think is worth of being
mentioned here.

   1 - nmap 3.1 Statistics Patch
   2 - thc-rut
   3 - Openwall GNU/*/Linux (Owl) 1.0
   4 - Stealth Kernel Patch
   5 - Memfetch
   6 - Lcrzoex
----[ 1 - NMAP 3.1 Statistics Patch

URL     :
Author  : vitek[at] 
Comment : The Nmap 3.10ALFA Statistics Patch adds the -c switch which
          guesses how much longer the scan will take, shows how many ports
          have been tested, resent, and the ports per second rate.  Useful
	  for scanning firewalled hosts.

----[ 2 - thc-rut

URL     :
Author  : anonymous[at]
Comment : RUT (aRe yoU There, pronouced as 'root') is your first knife on
          foreign network. It gathers informations from local and remote
          It offers a wide range of network discovery utilities
          like arp lookup on an IP range, spoofed DHCP request, RARP,
          BOOTP, ICMP-ping, ICMP address mask request, OS fingerprinting,
          high-speed host discovery, ...

          THC-RUT comes with a OS host Fingerprinter which determines the remote
          OS by open/closed port characteristics, banner matching and nmap
          fingerprinting techniques (T1, tcpoptions).

          The fingerprinter has been developerd to quickly (10mins)
          categorize hosts on a Class B network. Information sources are
          (amoung others) SNMP replies, telnetd (NVT) negotiation options,
          generic Banner Matching, HTTP-Server version, DCE request and
          tcp options. It is compatible to the nmap-os-fingerprints
          database and comes in addition to this with his own perl regex
          capable fingerprinting database (thcrut-os-fingerprints).

----[ 3 - Openwall GNU/*/Linux (Owl) 1.0 (Released 2002-10-13)

URL     :
Author  : Solar Designer and other hackers.
Comment : Openwall Linux is the Hacker's choice platform. The security
          has been defined by people who know what they are doing. Owl
          comes without any useless services running by default, no RPM
          dependencies headache, full featured environment for
          developers, a large number of usefull tools and a BSD-port-like
          update mechanism. It's for people who prefer vi over
          click/drag-and-drop sickness to configure the system.

          Openwall GNU/*/Linux (Owl) includes a pre-built copy of John
          the Ripper password cracker ready for use without requiring
	  another OS (life system!) and without having to install on a
	  hard disk (although that is supported). The CD-booted system
	  is fully functional, you may even let it go multi-user with
	  virtual consoles and remote shell access.

          John the Ripper is a fast password cracker, currently
	  available for many flavors of Unix (11 are officially
          supported, not counting different architectures), DOS, Win32,
	  and BeOS. Its primary purpose is to detect weak Unix
	  passwords, but a number of other hash types are supported

          This is probably the most secure linux distribution out there.

----[ 4 - Stealth Kernel Patch

URL     :
Author  : Sean Trifero <sean[at]>
Comment : The Stealth Kernel Patch for Linux v2.2.22 makes the linux kernel
	  discard the packets that many OS detection tools use to query the
	  TCP/IP stack. Includes logging of the dropped query packets and
	  packets with bogus flags. Does a very good job of confusing nmap
	  and queso.

----[ 5 - Memfetch

URL     :
Author  : Michal Zalewski <lcamtuf[at]>
Comment : Memfetch dumps the memory of a program without disrupting its
	  operation, either immediately or on the nearest fault condition
	  (such as SIGSEGV). It can be used to examine suspicious or
	  misbehaving processes on your system, verify that processes are
          what they claim to be, and examine faulty applications using your
	  favorite data viewer so that you are not tied to the inferior
	  data inspection capabilities in your debugger.

----[ 6 - Lcrzoex

URL     :
 (front end)
Author  : Laurent Constantin <>
Comment : Lcrzoex contains over 400 tools to test an Ethernet/IP
          network. It runs under Linux, Windows, FreeBSD, OpenBSD and
	  Solaris. Features:

		  - sniff/spoof/replay
		  - syslog/ftp/dns/http/telnet clients
		  - ping/traceroute
		  - web spider
		  - tcp/web backdoor
		  - data conversion

|=[ EOF ]=---------------------------------------------------------------=|

AOH Site layout & design copyright © 2006 AOH