Black Wolf Technologies

Null.pl is a Perl script which uses a dictionary file to launch a brute force attach against a remote host using a null session.  Homepage: http://neoerudition.net. Authored By Lawrence Lavigne

The /dev/null Mystery

NULL - The Ultimate Computer Language

Excellent detailed explanation describing how to programmatically connect to NT Server NULL Sessions and extract the name of the true administrator account. Authored By JD Glaser, NT OBJECTives, Inc.. 24.170 kb.

The Zeus Web Server does not parse null terminated strings properly, and can reveal the source to CGI scripts under certain circumstances. Authored By Julian Midgley courtesy of Bugtraq

execve(”/bin/sh”,{”/bin/sh”,NULL},NULL) shellcode for Mac OSX on both the PPC and x86 platforms. Authored By nemo

Null httpd 0.5.0, a small multi-threading HTTP server, contains a remote exploitable heap overflow. Exploit code for Null httpd servers running on Red Hat Linux 7.3 is included in the advisory and can be used to spawn a remote root shell. In Null httpd version 0.5.1 this vulnerability has been fixed.  Homepage: http://www.netric.org.

World in Conflict versions 1.000 and below suffer from a denial of service vulnerability due to allowing access to a NULL pointer.  Homepage: http://aluigi.org/. Authored By Luigi Auriemma

The general log wipers write the null entry to the logfiles, so admin can check the wiped traces such as the wiped. This log wiper wipes the log entry of wtmp, wtmpx, utmp, utmpx, lastlog without such wiped traces. This utility can also reconstruct the zapped logs, and remove the null entry. The usage is same as zap.

APC SmartSwitch and UPS products use an HTTP/SNMP management card that have backdoor passwords in them. Tested vulnerable: SmartUPS 3000RM with AP9606 AOS v3.2.1 and SmartUPS App v3.2.6, MasterSwitch AP9212 with AP9606 AOS v3.0.3 and MasterSwitch App v2.2.0.  Homepage: http://null.sniffing.net/. Authored By Dave Tarbatt