/fmavituna/one-click-ownage-ferruh-mavituna-3
It's licensed under GPLv3 and all the source code is in the Google
Code SVN. Source code includes all the required files to create your
own payload for manually using One Click Ownage attack as well.
More information about the tool, source code
This is a different and more practical approach to get a reverse shell
or code execution in SQL Injections (particularly in MSSQL). The idea
is simple. Getting a reverse shell from an SQL Injection with one HTTP
request without using an extra channel such as TFTP, FTP to upload the
initial
-hacker/https://labs.portcullis.co.uk/application/bsql-hacker/
*Injection Wizard Video:
*http://www.vimeo.com/1536040?pg=embedsec=1536040
--
Ferruh Mavituna
http://ferruh.mavituna.com
___
Full-Disclosure - We believe in it.
Charter: http
(compared to normal Blind SQL
Injection), requiring two rather than six requests to retrieve each char.
*
*Download:
*https://labs.portcullis.co.uk/download/Deep_Blind_SQL_Injection.pdf
Regards,
--
Ferruh Mavituna
http://ferruh.mavituna.com
___
Full
of Next Generation Security
Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1
4BF with Company Number 04225835 and VAT Number 783096402
--
Ferruh Mavituna
http://ferruh.mavituna.com
___
Full-Disclosure - We believe in it.
Charter
.
== Disclosure Timeline ==
* 9 May 2008 - Vendor Informed, Couple of mail exchanged and I tried
to explain why this is bad, it didn't work.
* 12 May 2008 - Ask for an update, No response.
* 20 June 2008 - Public Release
--
Ferruh Mavituna
http://ferruh.mavituna.com
and detailed analysis in the paper
which explains and shows the impact of this attack.
Regards,
--
Ferruh Mavituna
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
and detailed analysis in the paper
which explains and shows the impact of this attack.
Regards,
--
Ferruh Mavituna
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
://ferruh.mavituna.com/blogs/xsstunnelling-video.zip
Video shows to exploit a permanent XSS in wordpress and bypass Basic
Auth on the fly by XSS Tunnel.
Regards,
--
Ferruh Mavituna
http://ferruh.mavituna.com
___
Full-Disclosure - We believe in it.
Charter