[<prev] [next>] [day] [month] [year] [list]
Message-ID: <46BC5ABC.6030102@sensepost.com>
Date: Fri, 10 Aug 2007 14:31:56 +0200
From: haroon <haroon@...sepost.com>
To: full-disclosure@...ts.grok.org.uk
Subject: BlackHat/Defcon 2007 Timing Stuff Released..
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all (and sorry for the horrible cross-post)
The paper, slides and squeeza tool we used at BlackHat/DefCon 07 have
been pushed to our www, and have been linked to with a mini-splurb at
http://www.sensepost.com/blog/
The squeeza tool will allow you to automate parts of a SQL Injection
attack with some level of modularity, so you can add modules at one end
(stuff to do on the server) or channels on the other (ways to get data
back). It currently supports a bunch of stuff, but most importantly
allows free sql queries, and binary file transfers over your channel of
choice (currently http error messages, dns or pure time delays)
The paper/slides also cover a bunch of other timing related attacks and
explores XSRT/(D)XSRT (because the world can never have enough acronyms*).
As usual the stuff is freely downloadable and (hopefully useful and)
easily extensible, and feedback is appreciated...
*Actually, we think its pretty cool, but we _are_ geeks who thought that
the coolest thing in Vegas this year was the .za vs .usa soccer match
that took place illegally in the Caesars car-park..
/mh
- --
Haroon Meer, SensePost Information Security |
http://www.sensepost.com/blog/
PGP: http://www.sensepost.com/pgp/haroon.txt | Tel: +27 83786 6637
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
iD8DBQFGvFq8jc6KZkVo+wYRAlGGAJ9pTw7mFHajQK+kKSHByhy4PuDojgCffcRu
p5nVAut9WnjehG8bxd4k26M=
=fGgd
-----END PGP SIGNATURE-----
** CRM114 Whitelisted by: From haroon@...sepost.com **
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists