lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed, 1 Dec 2010 17:43:42 -0300
From: Augusto Pereyra <aepereyra@...il.com>
To: Full-Disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: LFIMAP

Problem fixed.

Thanks

2010/12/1 netinfinity <netinfinity.securitylab@...il.com>:
> I had to use hex editor to extract test.dat and lfimap-1.4.py.
>
>
>
>
> On Wed, Dec 1, 2010 at 9:07 PM, netinfinity
> <netinfinity.securitylab@...il.com> wrote:
>>
>> And your archives sucks also. Please use standard ones.
>>
>> On Wed, Dec 1, 2010 at 12:44 PM, Augusto Pereyra <aepereyra@...il.com>
>> wrote:
>>>
>>> Hi i'd like to share with the community this tool developed by me.
>>> This tool is very usefull when you find some site with the
>>> vulnerability called local file include.
>>> This is a list of functionalities of the tool:
>>>
>>> Can find automatically the root of the file system.
>>> Detect default files outside of the web folder
>>> It will try detect passwords inside the files
>>> Support basic authentication
>>> Can use null byte to bypass some controls
>>> Write a report of the scan to a file
>>>
>>> The tool can be downloaded from:
>>> http://code.google.com/p/lfimap/downloads/list
>>>
>>> Please download the last version
>>>
>>> My English sucks, sorry
>>> Thanks to www.artsweb.com.ar
>>> Best regard
>>> Augusto Pereyra
>>>
>>> ------------------------------------------------------------------------
>>> This list is sponsored by: Information Assurance Certification Review
>>> Board
>>>
>>> Prove to peers and potential employers without a doubt that you can
>>> actually do a proper penetration test. IACRB CPT and CEPT certs require a
>>> full practical examination in order to become certified.
>>>
>>> http://www.iacertification.org
>>> ------------------------------------------------------------------------
>>>
>>
>>
>>
>> --
>> www.google.com
>
>
>
> --
> www.google.com
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ