Not yet. C:\Users\Micheal\Research>wget http://www.nosec.org/web/index.txt --15:12:52-- http://www.nosec.org/web/index.txt => `index.txt' Resolving www.nosec.org... done. Connecting to www.nosec.org[218.92.8.74]:80... connected. HTTP request sent, awaiting response... 200 OK Length: 13 [text/plain]
100%[====================================>] 13 12.70K/s ETA 00:00 15:12:52 (12.70 KB/s) - `index.txt' saved [13/13] C:\Users\Micheal\Research>cat index.txt [84.203.3.20] C:\Users\Micheal\Research> A previous attempt got me this: 7453375[61.178.20.90] On Wed, Mar 26, 2008 at 2:33 PM, Ricardo Giorgi <[EMAIL PROTECTED]> wrote: > > > Hi Folks, > > Just for curiosity, did anyone of this list already tried to do a reverse > engineering of the Pangolin's code ? > > Ricardo > > > > Not me, although I did looked at it. I thought great, kiddies are going to > love this > > Sent from my BlackBerryÂ(R) smartphone with SprintSpeed > > > > > -----Original Message----- > > From: davidrook <[EMAIL PROTECTED]> > > > > Date: Wed, 26 Mar 2008 17:23:03 > > To:Razi Shaban <[EMAIL PROTECTED]> > > Cc:[email protected], [EMAIL PROTECTED] > > Subject: Re: [Full-disclosure] Pangolin v1.2.590 - The best SQL > > injector you've ever seen > > > > > > I wonder how many readers of this list now have a backdoor on their > > machine........... > > > > Razi Shaban wrote: > >> Hmm... > >> Backdoors eh? > >> > >> Nice try. > >> > >> -- > >> razi > >> > >> On 3/26/08, A. Ramos <[EMAIL PROTECTED]> wrote: > >> > >>> Take a look over: > >>> http://www.virustotal.com/analisis/0603d534b0128bf81ec57a8ab00e145c > >>> > >>> > >>> > >>> 2008/3/26 <[EMAIL PROTECTED]>: > >>> > >>> > >>> > > >>> > > >>> > > >>> > Pangolin is a GUI tool running on Windows to perform as more as > possible > >>> > pen-testing through SQL injection. This version now supports following > >>> > databases and operations: > >>> > > >>> > * MSSQL : Server informations, Datas, CMD execute, Regedit, Write > file, > >>> > Download file, Read file, File Browser... > >>> > * MYSQL : Server informations, Datas, Read file, Write file... > >>> > * ORACLE : Server informations, Datas, Accounts cracking... > >>> > * PGSQL : Server informations, Datas, Read file... > >>> > * DB2 : Server informations, Datas, ... > >>> > * INFORMIX : Server informations, Datas, ... > >>> > * SQLITE : Server informations, Datas, ... > >>> > * ACCESS : Server informations, Datas, ... > >>> > * SYBASE : Server informations, Datas, ... > >>> > etc. > >>> > > >>> > And supports: > >>> > * HTTPS support > >>> > * Pre-Login > >>> > * Proxy > >>> > * Specify any HTTP headers(User-agent, Cookie, Referer and so on) > >>> > * Bypass firewall setting > >>> > * Auto-analyzing keyword > >>> > * > Detailed check optio ns > >>> > * Injection-points management > >>> > etc. > >>> > > >>> > What's the differents to the others? > >>> > * Easy-of-use : What I try to do is making pen-tester more care about > >>> > result, not the process. All you should do is clicking the buttons. > >>> > * Amazing Speed : so many people told you things about brute sql > injection, > >>> > is it really necessary? Forget char-by-char, we can row-by-row(of > cource, > >>> > not every injection-point can do this)? > >>> > * The exact check mothod : do you really think automated tools like > >>> > AWVS,APPSCAN can find all injection-points? > >>> > > >>> > So, whatever, just check it out, and then enjoy your feeling ;) > >>> > More information : http://www.nosec.org/web/index.php?q=pangolin > >>> > Download : http://seclab.nosec.org/security/pangolin_bin.rar > >>> > > >>> > > Declare: Pangolin is designed for security testing by pen-tester when he has > >>> > been authorized. DO NOT attack any website viciously or accept the > >>> > consequences!!! > >>> > > >>> > > >>> > > >>> > ________________________________ > >>> > > >>> > 2008å¹´è–ªæ°´ç¿»å€ æŠ€å·§ > >>> > *ç"¨æ œç‹—拼音写é‚(R)件,ä½"éªŒæ›´æµ ç•…çš„ä¸æ–‡è¾"å…¥>> > >>> > >>> > >>>> _______________________________________________ > > >>>> > >>> > Full-Disclosure - We believe in it. > >>> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >>> > Hosted and sponsored by Secunia - http://secunia.com/ > >>> > > >>> > >>> > >>> > >>> > >>> -- > >>> Alejandro Ramos / Alex -- ([EMAIL PROTECTED]) > >>> molling://CISSP/GWAS/CISA > >>> http://www.unsec.net > >>> > >>> _______________________________________________ > >>> Full-Disclosure - We believe in it. > >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >>> Hosted and sponsored by Secunia - http://secunia.com/ > >>> > >>> > >>> ------------------------------------------------------------------------ > >>> > >>> _______________________________________________ > >>> Full-Disclosure - We believe in it. > >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >>> Hosted and sponsored by Secunia - http://secunia.com/ > > > > -- > > David Rook | [EMAIL PROTECTED] > > Information Security Analyst > > > > Realex Payments > > Enabling thousands of businesses to sell online. > > > > Realex Payments, Dublin, www.realexpayments.com > > Castlecourt, Monkstown Farm, Monkstown, Co Dublin, Ireland > > Tel: +353 (0)1 2808 559 Fax: +353 (0)1 2808 538 > > > > Realex Payments, London, www.realexpayments.co.uk > > 1 Hammersmith Grove, London W6 0NB, England > > Tel: +44 (0)203 178 5370 Fax: +44 (0)207 691 7264 > > > > Pay and Shop Limited, trading as Realex Payments has its registered office > at > > Castlecourt, Monkstown Farm, Monkstown, Co Dublin, Ireland and is > registered in Ireland, > > company number 324929. > > > > This mail and any documents attached are classified as confidential and > > are intended for use by the addressee(s) only unless otherwise > > indicated. If you are not an intended recipient of this email, you must > > not use, disclose, copy, distribute or retain this message or any part > > of it. If you have received this email in error, please notify us > > immediately and delete all copies of this email from your computer > > system(s). > > -- > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
