lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <MKEAIJIPCGAHEFEJGDOCEELNIHAA.marc@eeye.com>
From: marc at eeye.com (Marc Maiffret)
Subject: Tool: Sapphire SQL Worm Scanner

We had a lot of requests to put together a quick free scanner, like we've
done in the past, for this SQL worm.

This is the first version and it is bound to have bugs. Feel free to email
me any issues directly and we can work on them.

The scanner is non-intrusive, wont crash your servers, in identifying
vulnerable systems. It WILL NOT identify already infected systems. Because
of the nature of the worm it keeps any valid data from getting to the victim
system. We suggest using sniffers and IDS's to determine already infected
machines.

You can download the scanner from:
http://www.eeye.com/html/Research/Tools/SapphireSQL.html

For more details about the Sapphire SQL Worm:
http://www.eeye.com/html/Research/Flash/AL20030125.html

If you have any questions or comments feel free to mail me directly. As we
find bugs and make improvements the changes will be reflected on our
website. So go there for the latest ... that way we don't have to flood this
list with email.

Thanks to NGSSoftware (http://www.nextgenss.com/) for discovering the flaw
the SQL worm uses and for publishing a technical write up which made this
scanner possible. Once again illustrating that details ARE needed to help
the good guys.

Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ