Submitted by Akira on 2009, June 18, 8:22 PM
Sql注射总结(早源于’or’1’=’1)
最重要的表名:
select * from sysobjects
sysobjects ncsysobjects
sysindexes tsysindexes
syscolumns
systypes
sysusers
sysdatabases
sysxlogins
sysprocesses
最重要的一些用户名(默认sql数据库中存在着的)
public
dbo
guest(一般禁止,或者没权限)
db_sercurityadmin
ab_dlladmin
一些默认扩展
xp_regaddmultistring
xp_regdeletekey
xp_regdeletevalue
xp_regenumkeys
xp_regenumvalues
xp_regread
xp_regremovemultistring
xp_regwrite
xp_availablemedia 驱动器相关
xp_dirtree 目录
xp_enumdsn ODBC连接
xp_loginconfig 服务器安全模式信息
xp_makecab 创建压缩卷
xp_ntsec_enumdomains domain信息
xp_terminate_process 终端进程,给出一个PID
» 阅读全文
Tags: sql注入, sql injection, injection, 注入, sql injections
入侵渗透 | 评论:0
| Trackbacks:0
| 阅读:124
Submitted by Akira on 2009, June 18, 8:09 PM
安全厂商Trustwave日前表示,黑客最近又瞄上了银行的ATM取款机,通过在上面安装特定恶意软件,可以取光相关ATM机中的所有现金,并记录通过该ATM机取款的所有银行卡的账号和密码等敏感信息。
» 阅读全文
Tags: atm, 黑客
业界资讯 | 评论:0
| Trackbacks:0
| 阅读:103
Submitted by Akira on 2009, June 18, 8:02 PM
在db_owner角色下添加SYSADMIN帐号,这招真狠啊,存在MSSQL注射漏洞的服务器又要遭殃了。方法主要是利用db_owner可以修改sp_addlogin和sp_addsrvrolemember这两个存储过程,饶过了验证部分。具体方法如下
» 阅读全文
Tags: sql注入, 入侵, 渗透, sql injection
入侵渗透 | 评论:0
| Trackbacks:0
| 阅读:92
Submitted by Akira on 2009, June 18, 7:57 PM
网络入侵,安全第一。一个狡猾、高明的入侵者,不会冒然实行动。他们在入侵时前会做足功课,入侵时会通过各种技术手段保护自己,以防被对方发现,引火烧身。其中,跳板技术是攻击者通常采用的技术。下面笔者结合实例,解析攻击入侵中的跳板技术。
1、确定目标
2、设计跳板
3、跳板入侵
4、提权,获取自己想得到的信息
5、全身而退
» 阅读全文
Tags: 入侵, 渗透, 跳板
入侵渗透 | 评论:0
| Trackbacks:0
| 阅读:110
Submitted by Akira on 2009, June 18, 7:52 PM
我们很多情况下都遇到SQL注入可以列目录和运行命令,但是却很不容易找到web所在目录,也就不好得到一个webshell,
» 阅读全文
Tags: 渗透, sql注入
入侵渗透 | 评论:0
| Trackbacks:0
| 阅读:75
Submitted by Akira on 2009, June 18, 7:48 PM
McAfee, Inc. 3.6.0.608 Policy Manager naPolicyManager.dll Arbitrary Data Write
==============================================================================
Internal ID: VULWAR20090616.
-----------
Introduction
------------
naPolicyManager.dll is a library included in the Program Mc Afee inc.
Tested In
---------
- Windows XP SP1/SP2 french/english with IE 6.0 / 7.0.
» 阅读全文
Tags: mcafee, 漏洞
漏洞信息 | 评论:0
| Trackbacks:0
| 阅读:115
Submitted by Akira on 2009, June 13, 3:37 PM
"Green Dam" is a software used for monitoring and anti-pornography, popularizing by Chinese goverment. After July 1st, it will be forced to install on all new Chinese PCs.
Now it already has 50 million copies in China.
In order to monitor the URL that user is exploring, Green Dam injected the browser process. When Green Dam is trying to handle a long URL, a stack overflow will occur in the browser process.
» 阅读全文
Tags: 绿坝exploit, 上网监控, 产品漏洞
漏洞信息 | 评论:0
| Trackbacks:0
| 阅读:129
Submitted by Akira on 2009, June 10, 7:21 PM
# CVE-2009-1151: phpMyAdmin '/scripts/setup.php' PHP Code Injection RCE PoC v0.11
# by pagvac (gnucitizen.org), 4th June 2009.
# special thanks to Greg Ose (labs.neohapsis.com) for discovering such a cool vuln,
# and to str0ke (milw0rm.com) for testing this PoC script and providing feedback!
# PoC script successfully tested on the following targets:
# phpMyAdmin 2.11.4, 2.11.9.3, 2.11.9.4, 3.0.0 and 3.0.1.1
# Linux 2.6.24-24-generic i686 GNU/Linux (Ubuntu 8.04.2)
# attack requirements:
# 1) vulnerable version (obviously!): 2.11.x before 2.11.9.5
# and 3.x before 3.1.3.1 according to PMASA-2009-3
# 2) it *seems* this vuln can only be exploited against environments
# where the administrator has chosen to install phpMyAdmin following
# the *wizard* method, rather than manual method: http://snipurl.com/jhjxx
# 3) administrator must have NOT deleted the '/config/' directory
# within the '/phpMyAdmin/' directory. this is because this directory is
# where '/scripts/setup.php' tries to create 'config.inc.php' which is where
# our evil PHP code is injected 8)
# more info on:
# http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php
# http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/
» 阅读全文
Tags: phpmyadmin, code injection
漏洞信息 | 评论:0
| Trackbacks:0
| 阅读:144
