分类 ‘工具收集’ 下的日志

Internet Explorer 7.0 Exploit(MS09-002,可以执行任意代码)

作者:Friddy

Microsoft IE CFunctionPointer函数内存破坏漏洞(MS09-002)
发布时间:2009-02-10
影响版本:
Microsoft Internet Explorer 7.0

漏洞描述:
BUGTRAQ ID: 33627
CVE(CAN) ID: CVE-2009-0075
阅读全文 »

Tags: ,

MS Internet Explorer 7 Memory Corruption PoC (MS09-002)

<!--
MS09-002
===============================
grabbed from:
wget http://www.chengjitj.com/bbs/images/alipay/mm/jc/jc.html --user-agent="MSIE 7.0; Windows NT 5.1"

took a little but found it. /str0ke
-->
 阅读全文 »
Tags: , ,

Acunetix Web Vulnerability Scanner 20090211 Crack

来源:往事如风

安装程序名:2009_02_11_01_webvulnscan6.exe

下载地址:http://www.namipan.com/d/2009_02_11_01_webvulnscan6.exe/5f4dcd983232913075c1bdbcff8abf508562116190c0db00


http://www.acunetix.com/download/fullverv6/2009_02_11_01_webvulnscan6.exe(需要用户名密码,旧版程序里有。)

Patch:web.vulnerability.scanner.6.0.0.3013-patch.rar

使用方式:复制到安装目录后执行。

Tags: ,

sql_2005_inj 0.2 Final [Code By kook1991]

来源:WEB安全手册

sql_2005_inj 0.2 Final Code By kook1991 [Sql 2005 Injector Updated by kook E-Mail:[email protected]]

[1] What’s Sql 2005 Injector?

http://www.pcsec.org/archives/sql-2005-inj-gui.html Updated
[2]What’s it can do?

It’s used to Sql injection MSSQL 2005 & 2008.
[3]What is its working theory?
阅读全文 »

Tags: , , ,

RainbowCrack 1.3

RainbowCrack 1.3 is released, with following new features:

  1. Multicore processor support
  2. Overlapped computation and harddisk read
  3. Improved hash algorithm performance of NTLM and MD5
  4. Fully backward compatible with existing rainbow tables generated by earlier versions of RainbowCrack
  5. Other enhancements

A proof of concept implementation of GPU accelerated RainbowCrack is also provided, with the use of CUDA technology.

Download

rainbowcrack-1.3-win.zip

Tags:

Webtunnel 0.0.2

信息来源:Trace

I’d like to announce the release of Webtunnel 0.0.2, available at http://sourceforge.net/projects/webtunnel.

Webtunnel 0.0.2
Copyright 2009 Janos Szatmary
E-mail: [email protected]
Web: http://webtunnel.sourceforge.net

WHAT’S NEW
阅读全文 »

Tags: , ,

SFX-SQLi: A new SQL injection technique for MSSQL (dumps a table in one request!)

信息来源:Trace

I am glad to release SFX-SQLi (Select For XML SQL injection), a new SQL
injection technique which allows to extract the whole information of a
Microsoft SQL Server 2005/2008 database in an extremely fast and efficient
way.
阅读全文 »

Tags: , ,

WPA终结梦魇—-GPU运算之高速破解WPA-PSK加密实战 – [Wireless Hack]

# 鬼仔:无线安全破解专用WPA-PSK Hash Table DVD下载地址汇总 – [Wireless Hack]

作者:longas

现在很多朋友都在学习和研究WPA的破解及WPA PMK Hash破解,关于WPA PMK Hash的创建及使用,我已经在《无线网络安全攻防实战》一书中给出详细操作实例,并且为了给大家提供一个练手的机会,ZerOne安全团队无线安全组也在广州安全交流会上无偿提供给大家高达4.3GB的WPA PMK Hash Table DVD光盘镜像下载(大家可到Anywlan论坛或者我的Blog查看下载地址),呵呵,虽然也受到了一些莫名其妙的指责。但是作为高速破解的途径来说,从一开始,就不止Hash这一种方法,这里我要讲述的就是在未来几年内将会成为主流的破解方法—GPU运算破解
阅读全文 »

Tags: , , ,