lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <00ce01c7b76b$f31e2050$9b00010a@BYFXA011461>
Date: Mon, 25 Jun 2007 18:01:07 -0300
From: "Francisco Amato" <famato@...obyte.com.ar>
To: <full-disclosure@...ts.grok.org.uk>
Subject: [ERRATA] :: [ISR] :: Infobyte Security Research
	:: release (ISR-sqlget.pl) v1.0.0

-- ISR - Infobyte Security Research
-- | ISR-sqlget v1.0.0 | www.infobyte.com.ar |


..:: DESCRIPTION

ISR-sqlget: It's a blind SQL injection tool developed in Perl.
It lets you get databases schemas and tables rows.
Using a single GET/POST you can access quietly the database structure
and using a single GET/POST you can dump every table row to a csv-like file.

Databases supported:

    - IBM DB2
    - Microsoft SQL Server
    - Oracle
    - Postgres
    - Mysql
    - IBM Informix
    - Sybase
    - Hsqldb (www.hsqldb.org)
    - Mimer (www.mimer.com)
    - Pervasive (www.pervasive.com)
    - Virtuoso (virtuoso.openlinksw.com)
    - SQLite
    - Interbase/Yaffil/Firebird (Borland)
    - H2 (http://www.h2database.com)
    - Mckoi (http://mckoi.com/database/)
    - Ingres (http://www.ingres.com)
    - MonetDB (http://www.monetdb.nl)
    - MaxDB (www.mysql.com/products/maxdb/)
    - ThinkSQL (http://www.thinksql.co.uk/)
    - SQLBase (http://www.unify.com)

Evasion features:

    - Full-width/Half-width Unicode encoding
    - Apache non standard CR bypass
    - mod_security bypass
    - Random uppercase request transform
    - PHP Magicquotes: encode every string using db CHR function or similar.
    - Convert requests to hexadecimal values
    - Avoid non-space replacing for /**/ or (\t) tab
    - Avoid non || or + concatenation using db concat function or similar.
    - Random user-agent
    - Random proxy-server
    - Random delay request

Common features:

    - Database schemate download blacklist
    - Cookie array support
    - SSL support
    - Proxy server support
    - Database information dumped in csv format


Reporting:

    - Database structure graphication to create impact executive reports
    require Graphviz library (http://www.graphviz.org/)

..DEMO

    -  Demo features (bypassing IBM ISS Proventia IPS)
    http://www.infobyte.com.ar/demo/ISR_sqlget_ISS_proventia_bypass.html

..AUTHOR

Francisco Amato - famato+at+infobyte+dot+com+dot+ar

..:: DOWNLOAD

http://www.infobyte.com.ar/development.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ