Scully: SQL DB interface and Brute Forcer

2008/10/07 22:33 | 鬼仔 | 工具收集 | 消灭0留言

Scully is a brute forcer and a simple client interface to MSSQL and MYSQL Database servers. No more need to install database client libraries or setup ODBC connections in windows

What Does Scully do?

Scully is a client interface to MSSQL and MySQL database servers. No more need for
MSSQL/MySQL client libraries to be installed and no more need to setup an ODBC connection
either. Simply add IP/Hostname, username, password, port and database name and SQL away.
阅读全文 »

Tags: , ,

Google给我Blog生成附加链接了

2008/10/07 22:10 | 鬼仔 | 心情随笔 | 8 条评论了已经

Google对附加链接的说明:详细

Google 有时会根据网站内容生成附加链接以帮助用户浏览您的网站,这种链接称为网站链接。Google 会定期通过网站内容生成这些网站链接。

由于我们的网站链接是动态生成的,因此此列表会随时变化。

值得高兴的一件事。

Tags: ,

reDuh: Re-inventing TCP like its 1973!

2008/10/07 21:10 | 鬼仔 | 工具收集 | 消灭0留言

reDuh was released as part of SensePost's BlackHat USA 2008 talk on tunnelling data in and out of networks. Most external firewalls block all incoming sockets except for port 80/443. reDuh allows an attacker to use the compromised web server as a tunneling proxy into the internal network enviroment. reDuh encodes data into valid HTTP requests, which is then delivered to the server agent, decoded, and redirects the data to the various configured tunnels. reDuh is available in JSP/PHP/ASP.

主页:reDuh home page
下载地址:reDuhClient (the local proxy) | reDuhu Server Pages (JSP/PHP/ASP)

Way7T 那里看到的,原文题目为:超强的内网渗透跳板webshell。

Tags:

入侵骗子站xuehk.com全过程

2008/10/07 0:25 | 鬼仔 | 技术文章 | 8 条评论了已经

鬼仔注:本文的亮点在“仔细看过讨论后得知原来用nc反弹回来的shell权限是比webshell权限高的”这句,其实这个以前在提权之道(关于WNDOWS 2003 目录权限的初探)中就提到过---“反弹回来的SHELL的权限与网站的权限是不一样的”。

文章作者:落叶纷飞[J.L.S.T]
信息来源:安全叶子技术小组[J.Leaves Security Team] (http://00day.cn)
本文已发表于黑客手册0807期,转载请保留此信息.

这篇文章在两个多月前的时候我就完成了,但是只是做为我自己的入侵笔记来用,并没有想过要投稿。但现在因为比较急用银子,所以就发给N0h4ck献丑了。(为了有人对号入座,我把图片稍稍处理了一下,请读者们见谅)。
阅读全文 »

Tags:

PHP二分法注射猜解

2008/10/07 0:13 | 鬼仔 | 技术文章 | 才 1 条评论

来源:wolvez
b.php

<?php
$conn = new com("ADODB.Connection");
$connstr = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=". realpath("data.mdb");

$conn->Open($connstr);
$rs = new com("ADODB.RecordSet");
$sql="select * from news where id=".$_GET[id];
$rs->Open($sql,$conn,1,1);
if(! $rs->eof) {
echo "{ok}";
} else{
echo "{no}";
}
?>

阅读全文 »

Tags:

mIRC 6.34 Remote Buffer Overflow Exploit

2008/10/05 13:34 | 鬼仔 | 工具收集 | 才 1 条评论

#!/usr/bin/perl
#
#
# mIRC 6.34 Remote Buffer Overflow Exploit
# Exploit by SkD (skdrat <at> hotmail <.> com)
# ----------------------------------------
# A day's work of debugging and looking at mIRC.
#
# Tested on Windows XP SP3 English and Windows Vista SP0.
#
# Credits to securfrog for publishing the PoC.
#
# Author has no responsibility over the damage you do with this!
#
# Note: You might change the addresses for Vista ;)
#
# ----------------------------------------
阅读全文 »

Tags: ,