Full Disclosure: Re: Pangolin v1.2.590 - The best SQL injector you've ever seen

[Tim Kunschke <tim () timmey homelinux com>]

o0 hmm nice try 0o

I will not really know how many people now have a trojan horse or worm
on their Pc.


°°°°snake°°°°


zwell () sohu com schrieb:
> Pangolin is a GUI tool running on Windows to perform as more as
> possible pen-testing through SQL injection. This version now supports
> following databases and operations:
>
> * MSSQL : Server informations, Datas, CMD execute, Regedit, Write
> file, Download file, Read file, File Browser...
> * MYSQL : Server informations, Datas, Read file, Write file...
> * ORACLE : Server informations, Datas, Accounts cracking...
> * PGSQL : Server informations, Datas, Read file...
> * DB2 : Server informations, Datas, ...
> * INFORMIX : Server informations, Datas, ...
> * SQLITE : Server informations, Datas, ...
> * ACCESS : Server informations, Datas, ...
> * SYBASE : Server informations, Datas, ...
> etc.
>
> And supports:
> * HTTPS support
> * Pre-Login
> * Proxy
> * Specify any HTTP headers(User-agent, Cookie, Referer and so on)
> * Bypass firewall setting
> * Auto-analyzing keyword
> * Detailed check options
> * Injection-points management
> etc.
>
> What's the differents to the others?
> * Easy-of-use : What I try to do is making pen-tester more care about
> result, not the process. All you should do is clicking the buttons.
> * Amazing Speed : so many people told you things about brute sql
> injection, is it really necessary? Forget char-by-char, we can
> row-by-row(of cource, not every injection-point can do this)?
> * The exact check mothod : do you really think automated tools like
> AWVS,APPSCAN can find all injection-points?
>
> So, whatever, just check it out, and then enjoy your feeling ;)
> More information : http://www.nosec.org/web/index.php?q=pangolin
> Download : http://seclab.nosec.org/security/pangolin_bin.rar
>
> Declare: Pangolin is designed for security testing by pen-tester when
> he has been authorized. DO NOT attack any website viciously or accept
> the consequences!!!
>
>
>
> ------------------------------------------------------------------------
> 2008年薪水翻倍技巧
> <http://doc.go.sohu.com/200802/5e1b674ab8183f3db8baba8ee4c6dd53.php>
> *用搜狗拼音写邮件，体验更流畅的中文输入>>
> <http://goto.mail.sohu.com/goto.php3?code=mailadt-ta>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/