用wordpress的要注意了,不过拿我这里测试就没效果了,我从一开始就是关闭用户注册的。
# WordPress 2.6.1 SQL Column Truncation Vulnerability (PoC)
#
# found by irk4z[at]yahoo.pl
# homepage: http://irk4z.wordpress.com/
#
# this is not critical vuln [;
#
# first, read this discovery:
# http://www.suspekt.org/2008/08/18/mysql-and-sql-column-truncation-vulnerabilities/
#
# in this hack we can remote change admin password, if registration enabled
#
# greets: Stefan Esser, Lukasz Pilorz, cOndemned, tbh, sid.psycho, str0ke and all fiends
阅读全文 »
Tags: SQL Column Truncation,
Vulnerability,
WordPress
论文下载地址:http://huaidan.org/archives/2291.html
来源:补天网
2008 DEFCON 16全球黑客大会上发布的功能强大的盲注工具。
当时论文题目是:
Time-Based Blind SQL Injection using heavy queries:
A practical approach for MS SQL Server, MS Access, Oracle and MySQL databases and Marathon Tool
阅读全文 »
Tags: SQL Injection,
SQL注入,
盲注
PoC Code is in Attach file because this file is saved in ‘Unicode’ type for exploit.
Here is Description for this Vuln :
· Type of Issue : Buffer Overflow.
· Affected Software : Google Chrome 0.2.149.27.
· Exploitation Environment : Google Chrome (Language: Vietnamese) on Windows XP SP2.
· Impact: Remote code execution.
· Rating : Critical .
· Description :
阅读全文 »
Tags: Exploit,
Google Chrome
Author: nerex
E-mail: nerex[at]live[dot]com
Google’s new Web browser (Chrome) allows files (e.g., executables) to be automatically
downloaded to the user’s computer without any user prompt.
This proof-of-concept was created for educational purposes only.
Use the code it at your own risk.
The author will not be responsible for any damages.
阅读全文 »
Tags: Exploit,
Google Chrome
—————————————————
Software:
Google Chrome Browser 0.2.149.27
Tested:
Windows XP Professional SP3
Result:
Google Chrome Crashes with All Tabs
阅读全文 »
Tags: Google Chrome,
Vulnerability
(via Safe3)
Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc.
It’s very flexible, here are some functionalities:
阅读全文 »
Tags: Wfuzz
软件主页:http://powerfuzzer.sourceforge.net/ (via tr4c3)
Powerfuzzer is a highly automated web fuzzer based on many other Open Source fuzzers available (incl. cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer) and information gathered from numerous security resources and websites. It is capable of spidering website and identifying inputs.
Don’t have a clue what a Fuzzer/Fuzz testing is ? Not a problem, read on here
Currently, it is capable of identifying these problems:
– Cross Site Scripting (XSS)
– Injections (SQL, LDAP, code, commands, and XPATH)
– CRLF
– HTTP 500 statuses (usually indicative of a possible misconfiguration/security flaw incl. buffer overflow)
阅读全文 »
Tags: Fuzzer
