存档

文章标签 ‘工具’

SQL注射辅助工具的编写

2011年7月19日 admin     938 views 1 条评论

好久没更新,也没去找文章copy上来了,发现小站做的越来越烂。
现在开放、共享的环境越来越差了…
今天因为需要就临时改了下原来写的一个小脚本,增加了mysql报错方式盲注的小功能,这个功能sqlmap应该有吧,好久没用过了,windows下Havij 1.14 Pro这个工具也用这种方式盲注,所以速度很快。

此外还尝试用C语言写一个web漏洞检测程序。
初步实现是爬行网页,提取url,然后提取url的参数,然后判断是否存在注射。这些东西网上都有,我实现这个玩意主要是检验和提高C语言编程方面的知识,另一方面自己写的可以随意扩展,并且用的时候知道程序在干什么。已经初步实现了检测部分弱智注射了,还存在很多要完善的地方,真正要写个小工具的时候发现并不是那么简单,老有想找个代码参考下的冲动。

[root@localhost]# ./bget.pl

|=—————————————–=|
|=——[ Blind SQL Injector V1.3 ]——–=|
|=——-[ c4rp3nt3r@0x50sec.org ]———=|
|=—————————————–=|

Choose a number to be execute:
[0] sql (from [STDIN])
[1] version()
[2] database()
[3] user()
[4] dump table_schema v5.x
[5] dump table_name (table_schem=database() v5.x)
[6] dump column_name (table_name= [STDIN] v5.x)
[7] fuzz table_name v4.x
[8] fuzz column_name v4.x
[9] fuzz web path(‘read httpd.conf’)
[a] load_file(‘/etc/passwd’)
[b] load_file(‘c:\boot.ini’)
[c] load_file(‘file path from [STDIN]‘)
[d] load_file(‘file path from [STDIN] error base’)
[e] dump table_schema (v5.x error base)
[f] dump table_name (table_schem=database() v5.x error base)
[g] dump column_name (table_name= [STDIN] v5.x error base)
[x] sql (from [STDIN] error base)

Choose a number#

分类: 新闻八卦 标签: , ,

老外整理的渗透测试工具

2010年4月13日 admin     3,273 views 没有评论

From:http://hi.baidu.com/0×255
老外整理的渗透测试工具
Packet Shaper:
Nemesis: a command line packet shaper
Packit: The Packet Toolkit – A network packet shaper.
Hping by Antirez: a command line TCP/IP packet shaper
Sing: stands for ‘Send ICMP Nasty Garbage’; sends fully customizeable ICMP packets
Scapy: a new python-based packet generator

Password Cracker/Login Hacker:
John the Ripper: a well-known password cracker for Windows and *nix Systems
Djohn: a distributed password cracker based on “John the Ripper”
Cain & Abel: an advanced password recovery tool for windows systems. It sniffs the network packets an cracks authentication brute-force or with dictionary attacks.
Project RainbowCrack: Advanced instant NT password cracker
Rainbowtables: The shmoo group provides pre-generated rainbow tables for bittorrent download. The tables are generated with RainbowCrack (see above).
Windows NT password recovery tool by Peter Nordahl
THC-Dialup Login Hacker by THC. It tries to guess username and password against the modem carrier. As far as I know the only available dialup password guesser for *NIX.
Hydra by THC: a multi-protocol login hacker. Hydra is also integrated with Nessus.
Medusa: parallel network login auditor
THC imap bruter: a very fast imap password brute forcer

阅读全文…

分类: 工具代码 标签: ,