| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Mar 2008 19:10:12 +0100 From: Tim Kunschke <tim@...mey.homelinux.com> CC: full-disclosure@...ts.grok.org.uk Subject: Re: Pangolin v1.2.590 - The best SQL injector you've ever seen o0 hmm nice try 0o I will not really know how many people now have a trojan horse or worm on their Pc. °°°°snake°°°° zwell@...u.com schrieb: > > Pangolin is a GUI tool running on Windows to perform as more as > possible pen-testing through SQL injection. This version now supports > following databases and operations: > > * MSSQL : Server informations, Datas, CMD execute, Regedit, Write > file, Download file, Read file, File Browser... > * MYSQL : Server informations, Datas, Read file, Write file... > * ORACLE : Server informations, Datas, Accounts cracking... > * PGSQL : Server informations, Datas, Read file... > * DB2 : Server informations, Datas, ... > * INFORMIX : Server informations, Datas, ... > * SQLITE : Server informations, Datas, ... > * ACCESS : Server informations, Datas, ... > * SYBASE : Server informations, Datas, ... > etc. > > And supports: > * HTTPS support > * Pre-Login > * Proxy > * Specify any HTTP headers(User-agent, Cookie, Referer and so on) > * Bypass firewall setting > * Auto-analyzing keyword > * Detailed check options > * Injection-points management > etc. > > What's the differents to the others? > * Easy-of-use : What I try to do is making pen-tester more care about > result, not the process. All you should do is clicking the buttons. > * Amazing Speed : so many people told you things about brute sql > injection, is it really necessary? Forget char-by-char, we can > row-by-row(of cource, not every injection-point can do this)? > * The exact check mothod : do you really think automated tools like > AWVS,APPSCAN can find all injection-points? > > So, whatever, just check it out, and then enjoy your feeling ;) > More information : http://www.nosec.org/web/index.php?q=pangolin > Download : http://seclab.nosec.org/security/pangolin_bin.rar > > Declare: Pangolin is designed for security testing by pen-tester when > he has been authorized. DO NOT attack any website viciously or accept > the consequences!!! > > > > ------------------------------------------------------------------------ > 2008年薪水翻倍技巧 > <http://doc.go.sohu.com/200802/5e1b674ab8183f3db8baba8ee4c6dd53.php> > *用搜狗拼音写邮件,体验更流畅的中文输入>> > <http://goto.mail.sohu.com/goto.php3?code=mailadt-ta> > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists