Microsoft SQL Server NTLM Stealer

This module can be used to help capture or relay the LM/NTLM credentials of the account running the remote SQL Server service. The module will use the supplied credentials to connect to the target SQL Server instance and execute the native "xpdirtree" or "xpfileexist" stored procedure. The stored...

Oracle 10g SYS.LT.MERGEWORKSPACE SQL Injection Exploit

// /Oracle 10g SYS.LT.MERGEWORKSPACE SQL Injection Exploit/ /grant DBA and create new OS user java/ // /exploit grant DBA to scott/ /and execute OS command "net user"/ /using java procedures / // /tested on oracle 10.1.0.5.0/ // // / Date of Public EXPLOIT: January 6, 2009 / / Written by: Alexand...

Oracle 10g R1 xdb.xdb_pitrig_pkg Buffer Overflow Exploit (PoC)

No description provided by source. // / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGTRUNCATE / / BUFFER OVERFLOW / // / POC exploit , Crash database / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // //...

Oracle 10g R1 pitrig_truncate PLSQL Injection (get users hash)

No description provided by source. // / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGTRUNCATE / / SQL Injection Exploit / // / sploit get password Hashes / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 28, 2008 / / Written by: &nbsp...

Oracle 10g R1 pitrig_drop PLSQL Injection (get users hash)

No description provided by source. // / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGDROP / / SQL Injection Exploit / // / sploit get password Hashes / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 28, 2008 / / Written by: &...

Oracle 10g R1 xdb.xdb_pitrig_pkg PLSQL Injection (change sys password)

No description provided by source. // / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGDROP / / SQL Injection Exploit / // / exploit change system password / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 25, 2008 / / Written by: &nbs...

Oracle 10g R1 - 'pitrig_drop' Get Users Hash / PL/SQL Injection

// / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGDROP / / SQL Injection Exploit / // / sploit get password Hashes / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 28, 2008 / / Written by: Alexandr "Sh2kerr" Polyakov / / email:...

oracle-truncatesql.txt

// / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGTRUNCATE / / SQL Injection Exploit / // / sploit get password Hashes / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 28, 2008 / / Written by: Alexandr "Sh2kerr" Polyakov / / email:...

oracle-pitrigsql.txt

// / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGDROP / / SQL Injection Exploit / // / sploit get password Hashes / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 28, 2008 / / Written by: Alexandr "Sh2kerr" Polyakov / / email:...

Oracle 10g R1 xdb.xdb_pitrig_pkg Buffer Overflow Exploit (PoC)

Exploit for multiple platform in category dos / poc ============================================================== Oracle 10g R1 xdb.xdbpitrigpkg Buffer Overflow Exploit PoC ============================================================== // / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGTRUNCATE / / BUFFE...

Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (Change Sys Password)

// / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGDROP / / SQL Injection Exploit / // / exploit change system password / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 25, 2008 / / Written by: Alexandr "Sh2kerr" Polyakov / / email:...

oracle-xdboverflow.txt

// / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGTRUNCATE / / BUFFER OVERFLOW / // / POC exploit , Crash database / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 28, 2008 / / Written by: Alexandr "Sh2kerr" Polyakov / / email:...

Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (Change Sys Password)

Oracle 10g R1 - xdb.xdbpitrigpkg PLSQL Injection Change Sys Password // / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGDROP / / SQL Injection Exploit / // / exploit change system password / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 25,...

oracle-dropsql.txt

// / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGDROP / / SQL Injection Exploit / // / exploit change system password / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 25, 2008 / / Written by: Alexandr "Sh2kerr" Polyakov / / email:...

Oracle 10g CTX_DOC.MARKUP SQL Injection Exploit

Exploit for multiple platform in category local exploits =============================================== Oracle 10g CTXDOC.MARKUP SQL Injection Exploit =============================================== // / Oracle 10g CTXDOC.MARKUP SQL Injection Exploit / // / sploit grant DBA to unprivileged user ...