4418 matches found
Nmap NSE net: ms-sql-info
Attempts to extract information from Microsoft SQL Server instances. SYNTAX: mssql.timeout: How long to wait for SQL responses. This is a number followed by 'ms' for milliseconds, 's' for seconds, 'm' for minutes, or 'h' for hours. Default: '30s'. OpenVAS Vulnerability Test $Id:...
Pangolin 3.2.3 - Automatic SQL injection penetration testing tool New Release !
Pangolin 3.2.3 - Automatic SQL injection penetration testing tool New Release ! Pangolin is an automatic SQL injection penetration testing Pen-testing tool for Website manager or IT Security analyst. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications...
[SECURITY] Fedora 15 Update: rubygem-rails-3.0.5-2.fc15
Rails is a framework for building web-application using CGI, FCGI, modruby, or WEBrick on top of either MySQL, PostgreSQL, SQLite, DB2, SQL Server, or Oracle with eRuby- or Builder-based templates...
The Decline and Fall of Slammer?
Me and Slammer Helkern go back a long way… to 25 January 2003 to be precise. It was a baptism of fire for me in my new role as a virus analyst at Kaspersky Lab. It was a weekend and I was alone, in charge of monitoring the incoming flow of suspicious files. I had barely been at the company a mont...
DB Audit v4.2.29 all-in-one database security and auditing solution !
DB Audit v4.2.29 all-in-one database security and auditing solution ! .DB Audit Expert is a professional all-in-one database security and auditing solution for Oracle, Sybase, DB2, MySQL and Microsoft SQL Server. DB Audit Expert enables database and system administrators, security administrators,...
Lush Cosmetics Australian website hacked !
The Australian and New Zealand shopping site of cosmetics retailer Lush has been hacked just weeks after a similar breach occurred on the UK site. Credit card details and other intimate information of shoppers have been exposed. If you visit the Lush Cosmetics Australian website you will find a...
VMSA-2011-0003 : Third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3 Microsoft SQL Server 2005 Express Edition SQL Express distributed with vCenter Server 4.1 Update 1 and vCenter Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to...
Metasploit Framework v3.5.2 latest version download !
Our favourite exploitation framework – The Metasploit Framework has been updated! We now have Metasploit Framework version 3.5.2! "The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits...
Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (MS09-004) (via SQL Injection) (Metasploit)
$Id: ms09004spreplwritetovarbinsqli.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft SQL Server - Payload Execution (via SQL Injection) (Metasploit)
$Id: mssqlpayloadsqli.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft SQL Server Payload Execution via SQL injection
$Id: mssqlpayload.rb 11392 2010-12-21 20:36:34Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Microsoft SQL Server Payload Execution via SQL Injection
This module will execute an arbitrary payload on a Microsoft SQL Server, using a SQL injection vulnerability. Once a vulnerability is identified this module will use xpcmdshell to upload and execute Metasploit payloads. It is necessary to specify the exact point where the SQL injection...
MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection
A heap-based buffer overflow can occur when calling the undocumented "spreplwritetovarbin" extended stored procedure. This vulnerability affects all versions of Microsoft SQL Server 2000 and 2005, Windows Internal Database, and Microsoft Desktop Engine MSDE without the updates supplied in MS09-00...
Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (MS09-004) (Metasploit)
$Id: ms09004spreplwritetovarbin.rb 11631 2011-01-24 19:37:58Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Nmap NSE: MS SQL Info
This script attempts to extract information from Microsoft SQL Server instances. This is a wrapper on the Nmap Security Scanner's http://nmap.org ms-sql-info.nse. OpenVAS Vulnerability Test $Id: gbnmapmssqlinfo.nasl 7006 2017-08-25 11:51:20Z teissa $ Wrapper for Nmap MS SQL Info NSE script...
Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593)
This host is missing a critical security update according to Microsoft Bulletin MS08-052. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
SQL Injection Vulnerability in Italian Government's website !
SQL Injection Vulnerability in Italian Government's website ! Site Penetrate By : GodOfPain , Lord TittiS , SYSTEMOVERIDE 1 Site And Server Info Website link : Bug Url: Can't Publish Powered By: ASP.NET Server Detail: Microsoft SQL Server 2000 - 8.00.2039 Intel X86 Server Name: WEB-VSQL1\INST1...
Governo.it SQL Injection
============================================================== Governo.it SQL Injection Vulnerability We are: ------------------------------------------------------------ GodOfPain Lord TittiS SYSTEMOVERIDE ------------------------------------------------------------ Date: 28/12/2010...
Microsoft SQL Server - Payload Execution (Metasploit)
$Id: mssqlpayload.rb 11392 2010-12-21 20:36:34Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
broadcast-ms-sql-discover NSE Script
Discovers Microsoft SQL servers in the same broadcast domain. SQL Server credentials required: No will not benefit from mssql.username & mssql.password. The script attempts to discover SQL Server instances in the same broadcast domain. Any instances found are stored in the Nmap registry for use b...