Blog
Yaptest Update: v0.1.2
Yaptest v0.1.2 contains a minor bugfix. Download it here. * yaptest-nmap-tcp.pl now parallelises scans – accidentally removed in previous version.
SQL Injection Where You Wouldn’t Have Thought It Possible
David Litchfield just released a new paper: “A New Class of Vulnerability in Oracle: Lateral SQL Injection“. It’s a quick read at only 4 pages and very well explained if you’re a pentesting-type. Well worth a read.
Yaptest Update: v0.1.1
Version 0.1.1 of yaptest is now available. There are some improvements to the API, bug fixes for Linux users, enhanced support for bannergrab, sslscan and ldapsearch. See below for the full change log…
Smtp-user-enum Update: v1.2
I just released a bug fix for smtp-user-enum . The -p option to specify a different TCP port didn’t actually work. 🙂
Unix-privesc-check Update: v1.1
Minor update to unix-privesc-check. Added check for accounts with no password in /etc/passwd Record some basic info about the host (hostname, uname -a, interface IPs)
SQL Cheat Sheet Updates
I’ve recently updated the MySQL, MSSQL and PostgreSQL cheat sheets with some notes on creating and deleting users. Info on granting DBA rights is also included. This is useful for those situtations where you’ve found a SQL inject as a privileged user and also have have access to the database port (1433/TCP or whatever).
Yapscan Update: v0.7.4
I just made a minor improvement to yapscan . Download it here . Sid from notsosecure.com suggested that ICMP scans shouldn’t by default throw out lots of annoying messages like “STRANGE: can’t find 10.0.0.1 on my host list”. I agree. This was more of a debugging thing anyway. This is fixed in v0.7.4 – you […]
Update: MSSQL Injection Cheat Sheet
I just made some minor additions to the MSSQL Injection Cheat Sheet : Creating Users Deleting Users Assigning Users the DBA privilege