Vulnerable InforMation And IT News » tools - vulnerable security xss sql injection exploit bugs 0day zero-day paper news code

tools

Bsqlbf v2.4

This is an updated version of bsqlbf. This now has the VALIDATE_REMOTE_RC() exploit which David Litchfield discussed in his paper

6: Type 6 is O.S code execution [ORACLE DBMS_REPCAT_RPC.VALIDATE_REMOTE_RC exploit]

This vulnerability was patched by Oracle in July 2009 Critical Patch Update. In a nutshell, if you have identified a SQL injection as ‘SYS’ user than

[Read All About This Article]

26AugMore on injecting PL/SQL from SQL Injections

Posted in Skills and tools, tools on October 24th, 2009 by admin – Be the first to comment

David Litchfield yesterday released 3 papers describing security issues which have now been addressed by Oracle.
Out of these, I found this one particularly interesting.

In a nut shell, this paper talks about 2 functions, which allows execution of PL/SQL and an attacker can use these to inject PL/SQL even if he found just a SQL Injection. THis could also be used to get around the create function privilege. This is very similar to DBMS_EXPORT_EXTENSION vulnerability what David

[Read All About This Article]

Fly_flash 0.1 release

Posted in Skills and tools, skills, tools on August 29th, 2009 by admin – Be the first to comment

fly_flash — Jump/XSS/CSRF in Flash

Author: lake2@80sec.com
Site: http://www.80sec.com
Date: 2009-8-26
From: http://www.80sec.com/release/fly_flash.txt
80SEC — know it then hack it !

[ description ]

fly_flash is a tool for penetration in flash

[ usage ]

upload fly_flash.swf and fly_flash.txt to your server in same directory, embed fly_flash.swf in other website, modify the fly_flash.txt first: ,[,,,data]

cmd

[Read All About This Article]

LastBit PowerPoint Password Recovery 12.0.9123

Posted in Skills and tools, tools on August 23rd, 2009 by admin – Be the first to comment

File size: 0.69 MB

Platform: Win95,Win98,WinME,WinNT 4.x,WinXP,Windows2000

License: Demo

Price:

Date added: 2009-05-15

Publisher: LastBit Password Recovery

Publisher URL:

[Read All About This Article]

MS-SQL Password Cracker

Posted in Skills and tools, tools on August 23rd, 2009 by admin – Be the first to comment

Piggy is yet another tool for performing online password guessing against Microsoft SQL servers.

It supports scanning multiple servers using a dictionary file or a file with predefined accounts (username and password combinations).

It’s a pretty simple tool and has a Win32 binary verson – it is a command line tool however.
Piggy v1.0.1 by patrik@cqure.net -------------------------------- usage: piggy [options]


options:

   -u 
 
[Read All About This Article]



				
				Developing A PHP Core Backdoor
				Posted in Skills and tools,  skills,  tools on August 10th, 2009  by admin – Be the first to comment  

				
					Author: wofeiwo / GaRY  
Contents 
1) Introduction

2) the advantages and disadvantages of

3) design

4) functions

5) reference documentation

6) Some notes 
1) Introduction 
PHP is a very popular web server-side script language. At present, many web applications are based on the php language. Php is due to open-source software and easy to expand, so we can write a PHP module (module is called the expansion or 
 
[Read All About This Article]
				
				
								
			

				
				Rar.Password.Unlocker.v3.0.Win2KXP2003Vista.Cracked
				Posted in Skills and tools,  tools on August 10th, 2009  by admin – Be the first to comment  

				
					ClickToDownload
 
 
[Read All About This Article]
				
				
								
			

				
				Scanner For WordPress 2.x Version Exploit
				Posted in Skills and tools,  tools on August 10th, 2009  by admin – Be the first to comment  

				
					This plugin searches the files and database of your website for signs of suspicious activity. It will not stop someone hacking into your site, but it may help you find any uploaded or compromised files left by the hacker.
When a website is compromised, hackers leave behind scripts and modified content that can be found by manually searching through all the files on a site. Some of the methods used to hide their code or spam links are obvious, like using CSS to hide text, and we can 
 
[Read All About This Article]
				
				
								
			

				
				Lenovo front line 【Kx Series AMI BIOS with SLIC 2.0/2.1】 Download + mode conversion forVista/Win7
				Posted in Skills and tools,  tools on August 8th, 2009  by admin – Be the first to comment  

				
					Lenovo front line Kx Series AMI BIOS with SLIC 2.0 download address (which can activate the Home Basic / Home Premium / Ultimate Vista):

http://www.brsbox.com/filebox/uploadcomplete/randstr/A9ZC333pncM710765204994M/fgid/553c9ffee313e83ea19bb4a06fc01aaf/dirids/ 

Lenovo front line Kx Series AMI BIOS with SLIC 2.1 download address (which can 
 
[Read All About This Article]
				
				
								
			

				
				Security Tools
				Posted in Skills and tools,  tools on August 3rd, 2009  by admin – Be the first to comment  

				
					All tools are from https://security-shell.ws/dev1l/tools.html you can download here. Just for education ,Please don’t do evil.
Here is the list:
Password crackers, Hacking in web-sites, hacking win 9x, etc

Download   Info   Size

 john  John the Ripper (Win32 v1.7.0.1)  1,3 MB

 john  John the Ripper (Dos v1.7.0.1)  0,8 MB

 john  John the Ripper (Unix tar.gz v1.7.0.2)  0,8 MB

 Sqlbftools  Sqlbftools (MySQL Info Blind SQL)  0,1 
 
[Read All About This Article]
				
				
								
			

		
		

Page 1 of 3123»



	


		
        	Subscribe: Entries | Comments
			
			
			

			 

						You are currently browsing the archives for the tools category.

			
			 
			Categories
	Bloging

	Hack News

	IT News

	Skills and tools

	skills

	tools



	Vulnerable InforMation

	0day

	exploit

	vul news



							Recent Posts
			
			            			Microsoft Office Excel SxView Record Parsing Remote Code Execution Vulnerability
						Microsoft Internet Explorer Stylesheet Array Removal Remote Code Execution Vulnerability
						Invision Power Board Currency Mod(edit) SQL injection
						Apache Spamassassin Milter Plugin Remote Root Command Execution
						Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
						Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)
						Internet Explorer ‘winhlp32.exe’ ‘MsgBox()’ Remote Code Execution Vulnerability
						Internet Explorer (6/7) Remote Code Execution -Remote User Add Exploit
						IE wshom.ocx (Run) ActiveX Remote Code Execution ( add admin user)
						Windows Media Player 11 ActiveX launchURL() files download
			
			
										Recent Comments
			

            

	Farheen : That looks really nice.,Aafke...
	Mackenzie	Ward : there is no doubt that Michael Jackson is the best...
	Canlı Sikiş izle : Greatings, Thank you! I would now go on this blog ...
	teleskopy astronomiczne : I just want to say that your blog is full of inter...
	ovimail : i think its not work if we have an email that not ...
	ovimail : nice info ;P...
	Robena Raygosa : I say it! Just delightful! Your authorship manner ...
	buy generic viagra online : I really like your blog and i respect your work. I...
	VictorOs : Dear Author www.vul.kr ! 
I think, that you are m...
	Zygor Guides : This has been really interesting, thanks for that....
			
			
            Archives
				
					June 2010
	March 2010
	January 2010
	December 2009
	November 2009
	October 2009
	September 2009
	August 2009
	July 2009
	June 2009
				
			

							Link
	
Car DVD
CCTV Camera
chinese delecious food
VoIP USA





	
		© 2010. Vulnerable InforMation And IT News. All rights reserved.