With firefox - URL: *http://www.nosec.org/a.exe*
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd";> <HTML><HEAD><TITLE>??????</TITLE> <META HTTP-EQUIV="Content-Type" Content="text/html; charset=GB2312"> <STYLE type="text/css"> BODY { font: 9pt/12pt ?? } H1 { font: 12pt/15pt ?? } H2 { font: 9pt/12pt ?? } A:link { color: red } A:visited { color: maroon } </STYLE> </HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD> <h1>??????</h1> ???????????????????????? <hr> <p>???????:</p> <ul> <li>????????????????????????????</li> <li>???????????????,?????????,?????????????? </li> <li>??<a href="javascript:history.back(1)">??</a>??????????</li> </ul> <h2>HTTP ?? 404 - ?????????<br>Internet ???? (IIS)</h2> <hr> <p>????(?????????)</p> <ul> <li>?? <a href="http://go.microsoft.com/fwlink/?linkid=8180";>Microsoft ??????</a>?????“HTTP”?“404”????</li> <li>??“IIS ??”(?? IIS ??? (inetmgr) ???),???????“????”?“??????”?“?????????”????</li> </ul> </TD></TR></TABLE></BODY></HTML> ---------------- EOF ----------------- wget http://www.nosec.org/a.exe --19:39:40-- http://www.nosec.org/a.exe => `a.exe' Auflösen des Hostnamen »www.nosec.org«.... 218.92.8.74 Verbindungsaufbau zu www.nosec.org|218.92.8.74|:80... verbunden. HTTP Anforderung gesendet, warte auf Antwort... 404 Not Found 19:40:26 FEHLER 404: Not Found. :P woooah °°°°snake°°°° Micheal Cottingham schrieb: > C:\Users\Micheal\Research>..\bin\upx\upx -d pangolin_bin\out\pangolin.exe > Ultimate Packer for eXecutables > Copyright (C) 1996,1997,1998,1999,2000,2001,2002,2003,2004,2005,2006,2007 > UPX 3.02w Markus Oberhumer, Laszlo Molnar & John Reiser Dec 16th 2007 > > File size Ratio Format Name > -------------------- ------ ----------- ----------- > 2834944 <- 879616 31.03% win32/pe pangolin.exe > > Unpacked 1 file. > > C:\Users\Micheal\Research\pangolin_bin\out>strings pangolin.exe | find > "http://"; > > http://www.nosec.org/web/index.php?q=ua_collection&id= > http://www.nosec.org/web/index.txt > http:// > http://%s > http://www.nosec.org > 2pangolin -- Maded By ZwelL -- http://www.nosec.org > 0Check http://www.nosec.org for more information. > http://www.nosec.org/a.exe > (http://192.168.0.5/access/get.asp?id=295 > (http://192.168.0.5/access/get.asp?id=295 > 'http://192.168.0.5/mysql/get.php?id=295 > %http://192.168.0.5/sql/get.asp?id=295 > &http://192.168.0.5/sql0/get.asp?id=295 > > C:\Users\Micheal\Research\pangolin_bin\out> > > Interesting. > > On Wed, Mar 26, 2008 at 1:54 PM, josh <[EMAIL PROTECTED]> wrote: > >> Not me, although I did looked at it. I thought great, kiddies are going to >> love this >> Sent from my BlackBerry(R) smartphone with SprintSpeed >> >> -----Original Message----- >> From: davidrook <[EMAIL PROTECTED]> >> >> Date: Wed, 26 Mar 2008 17:23:03 >> To:Razi Shaban <[EMAIL PROTECTED]> >> Cc:[email protected], [EMAIL PROTECTED] >> Subject: Re: [Full-disclosure] Pangolin v1.2.590 - The best SQL >> injector you've ever seen >> >> >> I wonder how many readers of this list now have a backdoor on their >> machine........... >> >> Razi Shaban wrote: >> > Hmm... >> > Backdoors eh? >> > >> > Nice try. >> > >> > -- >> > razi >> > >> > On 3/26/08, A. Ramos <[EMAIL PROTECTED]> wrote: >> > >> >> Take a look over: >> >> http://www.virustotal.com/analisis/0603d534b0128bf81ec57a8ab00e145c >> >> >> >> >> >> >> >> 2008/3/26 <[EMAIL PROTECTED]>: >> >> >> >> >> >> > >> >> > >> >> > >> >> > Pangolin is a GUI tool running on Windows to perform as more as >> possible >> >> > pen-testing through SQL injection. This version now supports following >> >> > databases and operations: >> >> > >> >> > * MSSQL : Server informations, Datas, CMD execute, Regedit, Write >> file, >> >> > Download file, Read file, File Browser... >> >> > * MYSQL : Server informations, Datas, Read file, Write file... >> >> > * ORACLE : Server informations, Datas, Accounts cracking... >> >> > * PGSQL : Server informations, Datas, Read file... >> >> > * DB2 : Server informations, Datas, ... >> >> > * INFORMIX : Server informations, Datas, ... >> >> > * SQLITE : Server informations, Datas, ... >> >> > * ACCESS : Server informations, Datas, ... >> >> > * SYBASE : Server informations, Datas, ... >> >> > etc. >> >> > >> >> > And supports: >> >> > * HTTPS support >> >> > * Pre-Login >> >> > * Proxy >> >> > * Specify any HTTP headers(User-agent, Cookie, Referer and so on) >> >> > * Bypass firewall setting >> >> > * Auto-analyzing keyword >> >> > * Detailed check optio ns >> >> > * Injection-points management >> >> > etc. >> >> > >> >> > What's the differents to the others? >> >> > * Easy-of-use : What I try to do is making pen-tester more care about >> >> > result, not the process. All you should do is clicking the buttons. >> >> > * Amazing Speed : so many people told you things about brute sql >> injection, >> >> > is it really necessary? Forget char-by-char, we can row-by-row(of >> cource, >> >> > not every injection-point can do this)? >> >> > * The exact check mothod : do you really think automated tools like >> >> > AWVS,APPSCAN can find all injection-points? >> >> > >> >> > So, whatever, just check it out, and then enjoy your feeling ;) >> >> > More information : http://www.nosec.org/web/index.php?q=pangolin >> >> > Download : http://seclab.nosec.org/security/pangolin_bin.rar >> >> > >> >> > Declare: Pangolin is designed for security testing by pen-tester when >> he has >> >> > been authorized. DO NOT attack any website viciously or accept the >> >> > consequences!!! >> >> > >> >> > >> >> > >> >> > ________________________________ >> >> > >> >> > 2008??????? >> >> > *????????,??????????>> >> >> >> >> >> >>> _______________________________________________ >> >>> >> >> > Full-Disclosure - We believe in it. >> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> > Hosted and sponsored by Secunia - http://secunia.com/ >> >> > >> >> >> >> >> >> >> >> >> >> -- >> >> Alejandro Ramos / Alex -- ([EMAIL PROTECTED]) >> >> molling://CISSP/GWAS/CISA >> >> http://www.unsec.net >> >> >> >> _______________________________________________ >> >> Full-Disclosure - We believe in it. >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> >> >> ------------------------------------------------------------------------ >> >> >> >> _______________________________________________ >> >> Full-Disclosure - We believe in it. >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> -- >> David Rook | [EMAIL PROTECTED] >> Information Security Analyst >> >> Realex Payments >> Enabling thousands of businesses to sell online. >> >> Realex Payments, Dublin, www.realexpayments.com >> Castlecourt, Monkstown Farm, Monkstown, Co Dublin, Ireland >> Tel: +353 (0)1 2808 559 Fax: +353 (0)1 2808 538 >> >> Realex Payments, London, www.realexpayments.co.uk >> 1 Hammersmith Grove, London W6 0NB, England >> Tel: +44 (0)203 178 5370 Fax: +44 (0)207 691 7264 >> >> Pay and Shop Limited, trading as Realex Payments has its registered office >> at Castlecourt, Monkstown Farm, Monkstown, Co Dublin, Ireland and is >> registered in Ireland, company number 324929. >> >> This mail and any documents attached are classified as confidential and >> are intended for use by the addressee(s) only unless otherwise >> indicated. If you are not an intended recipient of this email, you must >> not use, disclose, copy, distribute or retain this message or any part >> of it. If you have received this email in error, please notify us >> immediately and delete all copies of this email from your computer >> system(s). >> -- >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
