Managing Login Credentials with Yaptest
During larger pentests, it’s quite possible you’ll acquire logon credentials for tens, hundreds or even thousands of systems. After a while it becomes hard to track which systems you know usernames for, which ones you’ve got passwords for, etc. Yaptest can help you keep track of all your logon credentials. Here are some of its […]
DB2 SQL Injection Cheat Sheet
Finding a SQL injection vulnerability in a web application backed by DB2 isn’t too common in my experience. When you do find one, though it pays to be prepared…
Ingres SQL Injection Cheat Sheet
Ingres seems to be one of the less common database backends for web applications, so I thought it would be worth installing it and making some notes to make my next Ingres-based web app test a little easier.
Minor update: Yapscan v0.7.2
I just fixed a bug that caused yapscan to crash intermittently during ICMP scans. Download page.
Yaptest Overview
Yet Another PenTEST… [The download / install page is over here if that’s what you’re looking for]. At times pentesting is one of the most fun jobs around. Other times, though it’s dull. When you’re having to manually check for the same issues on the next host and the next host and the next… testing […]
Stealing Usernames and Passwords from SSHD
I just read a really cool blog post by Sebastian Krahmer. He discusses a post-exploitation technique to snoop on incomming SSH sessions – including the username and password used to authenticate.
Cracking Postgres Password Hashes with MDCrack
As far as I’m aware there are aren’t many good password crackers around for PostgreSQL database password hashes. Here are a few notes on how to crack postgres password hashes quickly using MDCrack. Even though MDCrack is a Windows program, it works well enough under WINE for our purposes. Linux users can therefore benefit from […]