2009年2月 的日志

Acunetix Web Vulnerability Scanner 20090211 Crack

来源:往事如风

安装程序名:2009_02_11_01_webvulnscan6.exe

下载地址:http://www.namipan.com/d/2009_02_11_01_webvulnscan6.exe/5f4dcd983232913075c1bdbcff8abf508562116190c0db00


http://www.acunetix.com/download/fullverv6/2009_02_11_01_webvulnscan6.exe(需要用户名密码,旧版程序里有。)

Patch:web.vulnerability.scanner.6.0.0.3013-patch.rar

使用方式:复制到安装目录后执行。

Tags: ,

sql_2005_inj 0.2 Final [Code By kook1991]

来源:WEB安全手册

sql_2005_inj 0.2 Final Code By kook1991 [Sql 2005 Injector Updated by kook E-Mail:[email protected]]

[1] What’s Sql 2005 Injector?

http://www.pcsec.org/archives/sql-2005-inj-gui.html Updated
[2]What’s it can do?

It’s used to Sql injection MSSQL 2005 & 2008.
[3]What is its working theory?
阅读全文 »

Tags: , , ,

RainbowCrack 1.3

RainbowCrack 1.3 is released, with following new features:

  1. Multicore processor support
  2. Overlapped computation and harddisk read
  3. Improved hash algorithm performance of NTLM and MD5
  4. Fully backward compatible with existing rainbow tables generated by earlier versions of RainbowCrack
  5. Other enhancements

A proof of concept implementation of GPU accelerated RainbowCrack is also provided, with the use of CUDA technology.

Download

rainbowcrack-1.3-win.zip

Tags:

Ewebeditor2.8.0最终版删除任意文件漏洞

作者:oldjun

这个漏洞可以很鸡肋,也可以很致命,关键看你怎么利用!

此漏洞存在于Example\NewsSystem目录下的delete.asp文件中,这是ewebeditor的测试页面,无须登陆可以直接进入,看这些代码:
阅读全文 »

Tags: ,

Webtunnel 0.0.2

信息来源:Trace

I’d like to announce the release of Webtunnel 0.0.2, available at http://sourceforge.net/projects/webtunnel.

Webtunnel 0.0.2
Copyright 2009 Janos Szatmary
E-mail: [email protected]
Web: http://webtunnel.sourceforge.net

WHAT’S NEW
阅读全文 »

Tags: , ,

利用python特性进行提权

作者:xi4oyu

回家上不了网,看了看python核心编程,发现个有趣的利用python小技巧,不敢藏私,拿出来给各位淫人分享。

不管是偷也好,抢也罢,弄到一个普通用户的账户shell

看下他的使用习惯
阅读全文 »

Tags: ,

拿下PHPBB.com的过程(老外写的)

# 鬼仔:前几天比较大的新闻了,PHPBB的数据库也被拿了下来。今天更新Blog想起来这篇还没发,估计不少朋友已经看过了。

原文链接

It all started on Jan 14th when I was surfing milw0rm and came across this exploit: http://www.milw0rm.com/exploits/7778 I then remembered that phpbb.com was running PHPlist and went looking through my email to find the link to the script’s location. So I went to phpbb.com/lists and sure enough they were running a vulnerable version. Next I enabled my favorite program proxy program and tried http://www.phpbb.com/lists/admin/index.php?_SERVER%5bConfigFile%5d=../../../../../../etc/ passwd and sure enough it included the etc/passwd
阅读全文 »

Tags:

Windows 下使用脚本快速切换网络配置

# 鬼仔:这样用起来netsh更方便点,原作者是用来在不同的环境中切换网络设置用的。

作者:北极冰仔

在不同地方上网总要来回改网络配置,手敲一堆 IP、DNS 甚是麻烦,是否可以把常用的网络配置做成脚本?Google 后有收获。

(此处删节数百言,寡人表达能力待提升空间实在太大)
阅读全文 »

Tags: , ,