?¿?¿?¿? pupurri o purpurina ?¿?¿?¿?¿
NMAP
Este es un comando de NMAP que me agrado bastante por ser bastante util.... sirve para escanear multiples ips buscando un puerto especifico en este caso el 80 (httpd) Excelente comando para nuestro nmap:
/**way!**/
[GrisUNO@localhost /]$ nmap -T4 --max_rtt_timeout 200 --initial_rtt_timeout 150 --min_hostgroup 512 --max_retries 0 -n
-P0 -p80 -oA Log X.X.X.X/X
/**pd: en matrix nunca se esta seguro**/
-------------------------------------------------------------
Ataque a ciegas de inyección SQL, Blind SQL injection
http://www.unsec.net/download/bsqlbf.pl
/**fuente url: wikipedia**/
------------------------------------------------------------
RAPIDSHARE.PL
#!/bin/bash
if [ -z $1 ]; then echo "$0";exit; fi
if [ -f $1 ]; then file=$1; else url=$1; fi
function dwn() {
echo -e "\nDownloading ($n/$total): $url"
html_n1=`curl -s $url`
url_n1=`echo "$html_n1"|grep 'id="ff"'|sed -e 's/.*action="\(.*\)" m.*/\1/'`
if [[ "$html_n1" == *"could not be found"* ]]; then
echo "Error: File not found"; exit
fi
html_n2=`curl -s -d "dl.start=Free" $url_n1`
nsleep=`echo "$html_n2" | grep 'var c'|sed -e 's/var c=\(.*\);.*/\1/'`
if [[ "$html_n2" == *"is already downloading a file"* ]]; then
echo "Error: already downloading a file"; exit
fi
if [ -n $nsleep ]; then
url_n2=`echo "$html_n2"|grep "var tt"|sed -e 's/.*action="\(.*\)" m.*/\1/'`
echo "Sleeping: $nsleep secs."
sleep $nsleep
echo "Done. filename: `basename $url`"
curl -d "mirror=on&x=30&y=32" $url_n2 -O
else
echo "Error. Try later"
fi
}
if [ -f $1 ]; then
total=`cat $file|wc -l`
n=0
for url in `cat $file`; do
n=$(( $n + 1 ))
dwn $url $n
done
else
total=1; n=1; dwn $url
fi
/**fuente del script: http://www.unsec.net**/
------------------------------------------------------
NETSTAT y otras hiervas
Para conocer que procesos abren que puertos
netstat -p // linux // C:\> netstat -ano
c:\> tasklist | find "PID"
c:\> netstat -b en WXP
Mediante WMI, con las limitaciones que ello implica
C:\> wmic nic list
C:\> wmic nicconfig
---------------------------------------------------
links SHARE AUDITING
* http://setacl.sourceforge.net/index.html
* http://www.somarsoft.com/ (DumpSec)
* http://www.sysinternals.com/ntw2k/source/shareenum.shtml
* http://www.sysinternals.com/ntw2k/source/accessenum.shtml
* http://www.scriptlogic.com/products/security%2Dexplorer/
-----------------------------------------------------
* TeleSweep:
http://www.securelogix.com/modemscanner/index.htm
* Xiscan: http://www.xiscan.com/introduction/xiscan.html
* ModemScan: http://www.wardial.net/default.html
* iwar: http://www.softwink.com/iwar/
* thc-scan (sin link por ser de THC)
* toneloc (sin link por deprecated)
* PAW/PAWS: http://www.wyae.de/software/paw/
* - T-Kit http://www.t-kit.com/, Windows, commercial
--------------------------------------------------------------------------
LINKS Y OTRAS HIERVAS
oracle
http://btb.banquise.net/
http://802.11ninja.net/code/hashattack-0.2.0.tgz
http://www.toolcrypt.org/index.html?orabf
http://www.trantechnologies.com/pass_cracker.zip
http://www.0xdeadbeef.info/code/oracrack
http://www.red-database-security.com/software/checkpwd.html
http://seclists.org/pen-test/2007/May/0096.html
http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
http://freeworld.thc.org/thc-orakel/
http://www.milw0rm.com/related.php?program=Oracle
------------------------------------------------------------------
dev bus pci
solaris:$> Prtconf ; prtvconf ; prtdiag
-----------------------------------------------------------------
fichero=$1
for i in `cat $fichero`; do
R=`lynx -dump "http://www.google.com/search?q=%22$i%22"`
if [ `echo "$R" | grep -i "did not match any documents" | wc -l ` == 0 ]
then
H=`echo "$R"| awk '$6 == "about" { print $7}'`
if [ ! -z $H ]; then echo $i:$H; fi
fi
done
---------------------------------------------------------------------------
comandos y otras hiervas
#hping2 -S -s 20 -p 443 192.168.1.2 -c 1 -w 8192 -M 0
#hping2 -S -s 20 -p 443 192.168.1.2 -c 1 -w 8192 -M 0 -L 0
#scapy
>>> p=IP(dst="192.168.1.2")/TCP(dport=443, flags="S")
>>> sr(p)
iptables -t nat -I PREROUTING 1 -s 0/0 -d -p tcp --dport 443 -j DNAT --to-destination
iptables -t nat -I POSTROUTING 1 -s 0/0 -d -j SNAT --to-source
# tcpdump -S -nn -vv -S -r test.pcap
$wget http://www.unsec.net/2007/09/usernamestxt.html
$wget http://www.unsec.net/download/usernames.txt.gz
$lynx http://www.isecpartners.com/wsbang.html
$ echo " http://www.openwall.com/passwords/wordlists/
ftp://ftp.ox.ac.uk/pub/wordlists/
http://www.outpost9.com/files/WordLists.html
http://packetstormsecurity.org/Crackers/wordlists/
http://theargon.com/achilles/wordlists/
https://www.totse.com/en/hack/word_lists/index.html
https://www.securinfos.info/wordlists_dictionnaires.php
http://www.vulnerabilityassessment.co.uk/passwords.htm "
$echo -e "GET / HTTP/1.0\nHost:www.gmail.com\n\n" | openssl s_client -quiet -connect www.gmail.com:443 2>/dev/null|awk -F: '/^Server:/ { print $2 }'
C:\> reg query "HKCU\Software\Microsoft\Office\11.0\Excel\Resiliency\DocumentRecovery" /s
C:\> for /F %i in (forensic_mru.txt) do reg query "%i" /s
C:\>reg query HKCU\ /s | find "Opened" | find "HKEY"
C:\>reg query HKCU\ /s | find "MRU" | find "HKEY"
C:\>reg query HKCU\ /s | find "Recent File List" | find "HKEY"
HKCU\Software\Microsoft\Office\9.0\Common\Open Find\Microsoft Word\Settings\Save As\File Name MRU
HKCU\Software\Microsoft\Office\9.0\Common\Open Find\Microsoft Word\Settings\Open\File Name MRU
HKCU\Software\Microsoft\Office\9.0\Common\Open Find\Microsoft Word\Settings\Create custom dictionary\File Name MRU
HKCU\Software\Microsoft\Office\9.0\Common\Open Find\Microsoft Word\Settings\Add Custom Dictionary\File Name MRU
HKCU\Software\Microsoft\Office\9.0\Common\Open Find\Microsoft PowerPoint\Settings\Insert Picture\File Name MRU
HKCU\Software\Microsoft\Office\9.0\Common\Open Find\Microsoft PowerPoint\Settings\Save As\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Word\Settings\Save As\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Word\Settings\Open\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Word\Settings\Create custom dictionary\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Word\Settings\Add Custom Dictionary\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Word\Settings\Insert Picture\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Word\Settings\New from Existing Document\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft PowerPoint\Settings\Insert Picture\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft PowerPoint\Settings\Save As\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Document Imaging\Settings\Save As\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Document Imaging\Settings\Open\File Name MRU
HKCU\Software\Microsoft\Office\8.0\Common\Open Find\Microsoft Word\Settings\Save As\File Name MRU
HKCU\Software\Microsoft\Office\8.0\Common\Open Find\Microsoft Word\Settings\Open\File Name MRU
HKCU\Software\Microsoft\Office\8.0\Common\Open Find\Microsoft Word\Settings\Select File to Merge Into Current Document\File Name MRU
HKCU\Software\Microsoft\Office\8.0\Common\Open Find\Office\Settings\Open Office Document\File Name MRU
HKCU\Software\Microsoft\Office\8.0\Common\Open Find\Office\Settings\Open Office Document\Any Text MRU
HKCU\Software\Microsoft\Office\8.0\Common\Open Find\Microsoft PowerPoint\Settings\Save\File Name MRU
HKCU\Software\Microsoft\Office\8.0\Excel\Recent File List
HKCU\Software\Microsoft\Office\9.0\Excel\Recent Files
HKCU\Software\Microsoft\Office\10.0\PowerPoint\Recent File List
HKU\.DEFAULT\Software\Microsoft\Office\10.0\Excel\Recent Files
HKCU\Software\Microsoft\Office\10.0\Excel\Recent Files
HKCU\Software\Microsoft\Office\11.0\Excel\Resiliency\DocumentRecovery
HKCU\Software\Microsoft\Office\10.0\Excel\Recent Templates
HKCU\Software\Microsoft\Office\10.0\PowerPoint\Recent Templates
HKCU\Software\Microsoft\Office\10.0\Word\Recent Templates
HKCU\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent File List
HKCU\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent Page List
HKCU\Software\Gabest\Media Player Classic\Recent Dub List
HKU\.DEFAULT\Software\Microsoft\MSPaper\Persist File Name
HKCU\Software\Microsoft\MSPaper\Persist File Name
HKCU\Software\Microsoft\MSPaper\Recent File List
HKCU\Software\Foxit Software\Foxit Reader\Recent File List
HKU\.DEFAULT\Software\Microsoft\MSE\10.0\FileMRUList
HKU\.DEFAULT\Software\Microsoft\MSE\10.0\ProjectMRUList
HKU\.DEFAULT\Software\Microsoft\MSE\10.0\SolutionMRUList
HKCU\Software\Microsoft\MSE\10.0\FileMRUList
HKCU\Software\Microsoft\MSE\10.0\ProjectMRUList
HKCU\Software\Microsoft\MSE\10.0\SolutionMRUList
HKCU\Software\Corel\User Assistant\9\Recent Work\WordPerfect\Last Opened
HKCU\Software\Corel\User Assistant\10\Recent Work\WordPerfect\Last Opened
HKCU\Software\Corel\User Assistant\9\Recent Work\QuattroPro\Last Opened
HKCU\Software\Corel\User Assistant\10\Recent Work\QuattroPro\Last Opened
HKCU\Software\Corel\User Assistant\9\Recent Work\Corel Presentations\Last Opened
HKCU\Software\Corel\User Assistant\10\Recent Work\Corel Presentations\Last Opened
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKCU\Software\Microsoft\Internet Explorer\TypedURLs
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\TypedURLs
HKCU\Software\Microsoft\MediaPlayer\Player\RecentFileList
HKCU\Software\Microsoft\MediaPlayer\Player\Settings\OpenDir
HKU\.DEFAULT\Software\Microsoft\MediaPlayer\Player\RecentFileList
HKCU\Software\Microsoft\MediaPlayer\Player\Settings\SaveAsDir
HKCU\Software\Microsoft\MediaPlayer\Preferences\CDRecordPath
HKCU\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist
HKCU\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
HKCU\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
HKCU\Software\Google\NavClient\1.1\History
HKU\.DEFAULT\Software\7-ZIP\FM
HKCU\Software\7-ZIP\FM
HKCU\Software\ahead\Nero - Burning Rom\Settings\BrowserDir
HKCU\Software\ahead\Nero - Burning Rom\Settings\ImageDir
HKCU\Software\ahead\Nero - Burning Rom\Settings\NeroCompilation
HKCU\Software\ahead\Nero - Burning Rom\Settings\WorkingDir
HKU\.DEFAULT\Software\Macromedia\Flash 6\Open Document
HKCU\Software\Macromedia\Flash 6\Open Document
HKCU\Software\RealNetworks\RealPlayer\6.0\Preferences\LastLoginTime
HKCU\Software\RealNetworks\RealPlayer\6.0\Preferences\LastOpenFileDir
HKCU\Software\SmartFTP\Queue
HKCU\Software\SmartFTP\LocalView
HKCU\Software\WinRAR\General\LastFolder
HKCU\Software\Nico Mak Computing\WinZip\directories
HKCU\Software\Adobe\Acrobat Reader\5.0\AVGeneral\cRecentFiles
HKU\.DEFAULT\Software\Adobe\Acrobat Reader\5.0\AVGeneral\cRecentFiles
HKU\.DEFAULT\Software\Adobe\Acrobat Reader\6.0\AVGeneral\cRecentFiles
HKCU\Software\Adobe\Acrobat Reader\6.0\AVGeneral\cRecentFiles
HKU\.DEFAULT\Software\Adobe\Adobe Acrobat\6.0\AVGeneral\cRecentFiles
HKCU\Software\Adobe\Adobe Acrobat\6.0\AVGeneral\cRecentFiles\c1
HKCU\Software\MGI\VideoWave\Recent File List
HKCU\Software\Sierra Imaging\Image Expert 2000\Recent Album List
HKCU\Software\ahead\Nero - Burning Rom\Recent File List
HKU\.Default\Software\ahead\Nero - Burning Rom\Recent File List
HKCU\Software\ahead\nero wave editor\Recent File List
HKU\.Default\Software\ahead\nero wave editor\Recent File List
HKCU\Software\ahead\Cover Designer\Recent File List
HKU\.Default\Software\ahead\Cover Designer\Recent File List
HKCU\Software\BVRP Software\Annuaire\Recent File List
HKCU\Software\Microsoft\HTML Help Workshop\Recent File List
HKCU\Software\Microsoft\HTML Help Workshop\Project Files
HKCU\Software\Microsoft\HTML Help Workshop\Html Titles
HKCU\Software\Microsoft\HTML Help Workshop\Compressed HTML
HKCU\Software\Microsoft\Picture It! Publishing\5.0\Recent File List
HKCU\Software\Software602\602Tab\Recent File List
HKCU\Software\Software602\WinMgr\1.0\602Tab\Recent Files
HKCU\Software\Software602\602Text\2000\Settings
HKCU\Software\TMT Development\TMT Pascal Lite 3
HKCU\Software\HeadLight\GetRight\TypedURLs
HKU\.Default\Software\HeadLight\GetRight\TypedURLs
HKCU\Software\Jasc\Paint Shop Pro 6\Recent File List
HKCU\Software\Jasc\Paint Shop Pro 7\Recent File List
HKCU\Software\Jasc\Paint Shop Pro 8\Recent File List
HKCU\Software\Greatis\Regrun2\RegAdviser\LocateHistory
HKCU\Software\Ontrack\PowerDesk\CurrentVersion\PDFind\FileNames
HKCU\Software\SpeedBit\Download Accelerator\HistoryCombo
HKCU\Software\Microsoft\Office\10.0\Clip Organizer\Search\Last Query
HKU\.Default\Software\Microsoft\Office\10.0\Clip Organizer\Search\Last Query
HKCU\Software\Microsoft\ClipArt Gallery\2.0\MRUDescription
HKU\.DEFAULT\Software\JetCar\JetCar\Recent File List
HKU\.DEFAULT\Software\JetCar\JetCar\DownDir
HKCU\Software\JetCar\JetCar\Recent File List
HKCU\Software\JetCar\JetCar\DownDir
HKU\.DEFAULT\Software\VB and VBA Program Settings\Microsoft Visual Basic AddIns\VisData6
HKCU\Software\VB and VBA Program Settings\Microsoft Visual Basic AddIns\VisData6
HKU\.DEFAULT\Software\CursorArts\MRU Items
HKCU\Software\CursorArts\MRU Items
HKU\.DEFAULT\Software\Spidersoft\WebZIP\Settings
HKCU\Software\Spidersoft\WebZIP\Settings
HKU\.DEFAULT\Software\Advanced Grapher\RecentFiles
HKCU\Software\Advanced Grapher\RecentFiles
HKU\.DEFAULT\Software\MeeSoft\ImageAnalyzer
HKCU\Software\MeeSoft\ImageAnalyzer
HKU\.DEFAULT\Software\InstallShield\Express\4.0\Recent File List
HKCU\Software\InstallShield\Express\4.0\Recent File List
HKU\.DEFAULT\Software\Impact\Microangelo\Animator\MRU List
HKU\.DEFAULT\Software\Impact\Microangelo\Librarian\MRU List
HKU\.DEFAULT\Software\Impact\Microangelo\Studio\MRU List
HKCU\Software\Impact\Microangelo\Animator\MRU List
HKCU\Software\Impact\Microangelo\Librarian\MRU List
HKCU\Software\Impact\Microangelo\Studio\MRU List
HKCU\Software\Impact\Microangelo\Animator\MRU List
HKU\.DEFAULT\Software\FerretSoft\NetFerret\CurrentVersion\Web
HKCU\Software\FerretSoft\NetFerret\CurrentVersion\Web
HKU\.DEFAULT\Software\ORL\VNCviewer\MRU
HKCU\Software\ORL\VNCviewer\MRU
HKU\.DEFAULT\Software\PowerArchiver\Files
HKCU\Software\PowerArchiver\Files
HKU\.DEFAULT\Software\Microsoft\DevStudio\6.0\Recent File List
HKCU\Software\Microsoft\DevStudio\6.0\Recent File List
HKU\.DEFAULT\Software\e-merge\WinAce\2.0\MRU Items
HKCU\Software\e-merge\WinAce\2.0\MRU Items
HKU\.DEFAULT\Software\JGsoft\EditPadLite\Search
HKCU\Software\JGsoft\EditPadLite\Reopen
HKU\.DEFAULT\Software\VB and VBA Program Settings\3D Canvas\Application
HKCU\Software\VB and VBA Program Settings\3D Canvas\Application
HKCU\Software\7-ZIP\FM
HKU\.DEFAULT\Software\Vallen-Systeme GmbH\Vallen JPegger\MRU-Files-BMP&PCX
HKU\.DEFAULT\Software\Vallen-Systeme GmbH\Vallen JPegger\MRU-Folders-IMG
HKU\.DEFAULT\Software\Vallen-Systeme GmbH\Vallen JPegger\MRU-Folders-MP3
HKCU\Software\Vallen-Systeme GmbH\Vallen Zipper\MRU-Files-ZIP
HKU\.DEFAULT\Software\M.Dev Software\ZG5\MRU Items
HKCU\Software\M.Dev Software\ZG5\MRU Items
HKCU\Software\WinRAR\ArcHistory
HKCU\Software\Trident Software\PowerZip\Recent File List
HKCU\Software\Trident Software\PowerZip\Doc
HKCU\Software\WinRAR\DialogEditHistory\ExtrPath
HKCU\Software\Nico Mak Computing\WinZip\extract
HKCU\Software\Gnucleus\Searches
HKCU\Software\Kazaa\Search
HKU\.Default\Software\Kazaa\Search
HKCU\Software\Jasc\Animation Shop 2\Recent File List
HKCU\Software\Jasc\Animation Shop 3\Recent File List
HKCU\Software\Jasc\Jasc Media Center Plus\Recent File List
HKCU\Software\Jasc\Jasc WebDraw 1\Recent File List
HKCU\Software\Macromedia\Flash 5\Recent File List
HKCU\Software\Macromedia\Flash 6\Recent File List
HKCU\Software\Macromedia\Firework 6\Recent File List
HKCU\Software\Macromedia\Dreamweaver 4\Recent File List
HKCU\Software\Macromedia\Dreamweaver 6\Recent File List
HKLM\SOFTWARE\Microsoft\Direct3D\MostRecentApplication
HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
HKCU\SOFTWARE\Microsoft\DirectInput\MostRecentApplication
HKCU\Software\Ulead Systems\Ulead PhotoImpact\7.0\Recent File List
HKCU\Software\SpeedBit\Download Accelerator\HistoryCombo
HKCU\Software\Microsoft\Office\10.0\Clip Organizer\Search\Last Query
HKU\.Default\Software\Microsoft\Office\10.0\Clip Organizer\Search\Last Query
HKCU\Software\Microsoft\ClipArt Gallery\2.0\MRUDescription
HKCU\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor
HKU\.DEFAULT\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor
HKCU\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor
HKCU\Software\Creative Tecg\Creative Wavestudio\Settings
HKCU\Software\Freeware\VirtualDub\MRU List
HKCU\Software\Microsoft\Journal Viewer\MRU
HKCU\Software\Ying3\DLExpert\MAIN
HKCU\Software\Microsoft\Search Assistant\ACMru\5001
HKCU\InstallLocationsMRU
HKU\.Default\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\FilesNamedMRU
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\ContainingTextMRU
HKU\.Default\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\ContainingTextMRU
HCKU\Software\ORL\VNCviewer\MRU
HCKU\Software\RealVNC\VNCViewer4\MRU
HCKU\Software\Ahead\Cover Designer\Recent File List
HCKU\Software\Ahead\Nero - Burning Rom\Recent File List
HCKU\Software\Ahead\Nero WaveEditor\Recent File List
HCKU\Software\DVD Shrink\DVD Shrink 3.2\Recent File List
HCKU\Software\DVDAuthor2\DVD-lab\Recent File List
HCKU\Software\JetCar\JetCar\Recent File List
HCKU\Software\Macromedia\Dreamweaver 8\Recent File List
HCKU\Software\Macromedia\Fireworks\8\ini\Recent File List
HCKU\Software\Macromedia\Flash 8\Recent File List
HCKU\Software\Microsoft\Consola de administración de Microsoft\Recent File List
HCKU\Software\SoulSeek\SoulSeek\Recent File List
HCKU\Software\WinHTTrack Website Copier\WinHTTrack Website Copier\Recent File List
---------------------------------------------------------------------------------------
/**
** /
/** crack?¿?
http://www.securitystats.com/tools/hashcrack.php
http://www.passcracking.com/
http://www.plaintext.info
**/
------------------------------------------------------------------------------------
SQL INJECTION TOOLS
sqlbf: sin duda alguna, la primera, la mejor. Los genios hacen genialidades.
sqlinjector: de NGSSoftware, a dia de hoy, un poco desfasada.
bfsql blind sql injection para mysql (la mia, vamos). un TODO infinito. y un BUGS infinito++
sqlpowerinjector: mysql, oracle, sql-server, postgresql, ¿sybase?.. sql injection normal y blind. Jamas la he conseguido hacer funcionar.
sqlmap: blind para mysql y postgresql
sqlninja: injection para sql-server.
bobcat: para sql-server. no está mal, pero hay que montar un MSDE para hacerla rular... y le cuesta!
absinthe: : postgresql, oracle, sql-server, ¿sybase?... bastante maja, aunque tiene un par de fallos que podrian mejorarse...
sqlbrute: sql-server y oracle. blind sql injection para dumpear tablas. no va todo lo fina que deberia.
automagic: automatización para explotar sql-server.
webinspect - sql injector: Comercial, solo disponible en el paquete de webinspect, oracle, sql server, sybase... realmente buena.
SQLIBF: realmente buena, muy potente. nice work!
Priamos SQLdump de sql-server. Muy sencillo/eficaz en mi experiencia.
FG-Injector: un poco liosa en su uso, pero eficiente.
SQLDumper:No la he testado aún.
SQL Injection Tool: Sin probar.
ISR-sqlget. Sin probar
SQLix De OWASP, bastante simple.
SQLID En ruby, no me convence
SQLier script en bash... ehm..
Pangolin En los 3 SQL que he probado, no ha funcionando en ninguno, eso si, tiene buena pinta.
Squeeza Para MSSQL, liberado en bh2007, ataque basado en tiempo.
BSQLHacker Funciona bajo windows, para MSSQL, Oracle y en beta MySQL, basado en tiempos.
*--------
http://www.mitec.cz/
http://www.unsec.net/download/WRA.zip
http://www.netcraft.com
http://webhosting.info
http://www.domainsdb.net/
http://www.searchmee.com/web-info/ip-hunt.php
http://www.domaintools.com/reverse-ip/
http://www.archive.org
http://search.msn.com
http://www.seologs.com/ip-domains.html
http://www.tomdns.net/index.php
http://tripp.dynalias.org/
http://www.imperva.com/application_defense_center/tools.asp
http://www.int0x21.com/
http://jacquelin.potier.free.fr/networkstuff/
http://www.unsec.net/2005/04/iptables-ftp-en-modo-pasivo.html
http://www.unsec.net/2004/12/mi-shell-script-para-tunningperformance.html
http://www.unsec.net/2004/12/deshabilitar-icmp-mask-reply-en-tru64.html
http://www.hsc-labs.com/ressources/outils/babelweb/index.html.en
babelweb http://www.unsec.net/download/babelweb-1.0.tar.gz
Este es un comando de NMAP que me agrado bastante por ser bastante util.... sirve para escanear multiples ips buscando un puerto especifico en este caso el 80 (httpd) Excelente comando para nuestro nmap:
/**way!**/
[GrisUNO@localhost /]$ nmap -T4 --max_rtt_timeout 200 --initial_rtt_timeout 150 --min_hostgroup 512 --max_retries 0 -n
-P0 -p80 -oA Log X.X.X.X/X
/**pd: en matrix nunca se esta seguro**/
-------------------------------------------------------------
Blind SQL injection
http://es.wikipedia.org/wiki/Blind_SQL_injectionAtaque a ciegas de inyección SQL, Blind SQL injection
http://www.unsec.net/download/bsqlbf.pl
/**fuente url: wikipedia**/
------------------------------------------------------------
RAPIDSHARE.PL
#!/bin/bash
if [ -z $1 ]; then echo "$0
if [ -f $1 ]; then file=$1; else url=$1; fi
function dwn() {
echo -e "\nDownloading ($n/$total): $url"
html_n1=`curl -s $url`
url_n1=`echo "$html_n1"|grep 'id="ff"'|sed -e 's/.*action="\(.*\)" m.*/\1/'`
if [[ "$html_n1" == *"could not be found"* ]]; then
echo "Error: File not found"; exit
fi
html_n2=`curl -s -d "dl.start=Free" $url_n1`
nsleep=`echo "$html_n2" | grep 'var c'|sed -e 's/var c=\(.*\);.*/\1/'`
if [[ "$html_n2" == *"is already downloading a file"* ]]; then
echo "Error: already downloading a file"; exit
fi
if [ -n $nsleep ]; then
url_n2=`echo "$html_n2"|grep "var tt"|sed -e 's/.*action="\(.*\)" m.*/\1/'`
echo "Sleeping: $nsleep secs."
sleep $nsleep
echo "Done. filename: `basename $url`"
curl -d "mirror=on&x=30&y=32" $url_n2 -O
else
echo "Error. Try later"
fi
}
if [ -f $1 ]; then
total=`cat $file|wc -l`
n=0
for url in `cat $file`; do
n=$(( $n + 1 ))
dwn $url $n
done
else
total=1; n=1; dwn $url
fi
/**fuente del script: http://www.unsec.net**/
------------------------------------------------------
NETSTAT y otras hiervas
Para conocer que procesos abren que puertos
netstat -p // linux // C:\> netstat -ano
c:\> tasklist | find "PID"
c:\> netstat -b en WXP
Mediante WMI, con las limitaciones que ello implica
C:\> wmic nic list
C:\> wmic nicconfig
---------------------------------------------------
links SHARE AUDITING
* http://setacl.sourceforge.net/index.html
* http://www.somarsoft.com/ (DumpSec)
* http://www.sysinternals.com/ntw2k/source/shareenum.shtml
* http://www.sysinternals.com/ntw2k/source/accessenum.shtml
* http://www.scriptlogic.com/products/security%2Dexplorer/
-----------------------------------------------------
wardialing tools
* Phonesweep: http://www.sandstorm.net/products/phonesweep/* TeleSweep:
http://www.securelogix.com/modemscanner/index.htm
* Xiscan: http://www.xiscan.com/introduction/xiscan.html
* ModemScan: http://www.wardial.net/default.html
* iwar: http://www.softwink.com/iwar/
* thc-scan (sin link por ser de THC)
* toneloc (sin link por deprecated)
* PAW/PAWS: http://www.wyae.de/software/paw/
* - T-Kit http://www.t-kit.com/, Windows, commercial
--------------------------------------------------------------------------
LINKS Y OTRAS HIERVAS
oracle
http://btb.banquise.net/
http://802.11ninja.net/code/hashattack-0.2.0.tgz
http://www.toolcrypt.org/index.html?orabf
http://www.trantechnologies.com/pass_cracker.zip
http://www.0xdeadbeef.info/code/oracrack
http://www.red-database-security.com/software/checkpwd.html
http://seclists.org/pen-test/2007/May/0096.html
http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
http://freeworld.thc.org/thc-orakel/
http://www.milw0rm.com/related.php?program=Oracle
------------------------------------------------------------------
dev bus pci
solaris:$> Prtconf ; prtvconf ; prtdiag
-----------------------------------------------------------------
Obtención de información : Detección de proxys y otros
fichero=$1
for i in `cat $fichero`; do
R=`lynx -dump "http://www.google.com/search?q=%22$i%22"`
if [ `echo "$R" | grep -i "did not match any documents" | wc -l ` == 0 ]
then
H=`echo "$R"| awk '$6 == "about" { print $7}'`
if [ ! -z $H ]; then echo $i:$H; fi
fi
done
---------------------------------------------------------------------------
comandos y otras hiervas
#hping2 -S -s 20 -p 443 192.168.1.2 -c 1 -w 8192 -M 0
#hping2 -S -s 20 -p 443 192.168.1.2 -c 1 -w 8192 -M 0 -L 0
#scapy
>>> p=IP(dst="192.168.1.2")/TCP(dport=443, flags="S")
>>> sr(p)
iptables -t nat -I PREROUTING 1 -s 0/0 -d
iptables -t nat -I POSTROUTING 1 -s 0/0 -d
# tcpdump -S -nn -vv -S -r test.pcap
$wget http://www.unsec.net/2007/09/usernamestxt.html
$wget http://www.unsec.net/download/usernames.txt.gz
$lynx http://www.isecpartners.com/wsbang.html
$ echo " http://www.openwall.com/passwords/wordlists/
ftp://ftp.ox.ac.uk/pub/wordlists/
http://www.outpost9.com/files/WordLists.html
http://packetstormsecurity.org/Crackers/wordlists/
http://theargon.com/achilles/wordlists/
https://www.totse.com/en/hack/word_lists/index.html
https://www.securinfos.info/wordlists_dictionnaires.php
http://www.vulnerabilityassessment.co.uk/passwords.htm "
echo -ne '\x16\x02\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00' | nc -u hora.rediris.es 123
o
ntpq -c rv hora.rediris.es
$echo -e "GET / HTTP/1.0\nHost:www.gmail.com\n\n" | openssl s_client -quiet -connect www.gmail.com:443 2>/dev/null|awk -F: '/^Server:/ { print $2 }'
C:\> reg query "HKCU\Software\Microsoft\Office\11.0\Excel\Resiliency\DocumentRecovery" /s
C:\> for /F %i in (forensic_mru.txt) do reg query "%i" /s
C:\>reg query HKCU\ /s | find "Opened" | find "HKEY"
C:\>reg query HKCU\ /s | find "MRU" | find "HKEY"
C:\>reg query HKCU\ /s | find "Recent File List" | find "HKEY"
HKCU\Software\Microsoft\Office\9.0\Common\Open Find\Microsoft Word\Settings\Save As\File Name MRU
HKCU\Software\Microsoft\Office\9.0\Common\Open Find\Microsoft Word\Settings\Open\File Name MRU
HKCU\Software\Microsoft\Office\9.0\Common\Open Find\Microsoft Word\Settings\Create custom dictionary\File Name MRU
HKCU\Software\Microsoft\Office\9.0\Common\Open Find\Microsoft Word\Settings\Add Custom Dictionary\File Name MRU
HKCU\Software\Microsoft\Office\9.0\Common\Open Find\Microsoft PowerPoint\Settings\Insert Picture\File Name MRU
HKCU\Software\Microsoft\Office\9.0\Common\Open Find\Microsoft PowerPoint\Settings\Save As\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Word\Settings\Save As\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Word\Settings\Open\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Word\Settings\Create custom dictionary\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Word\Settings\Add Custom Dictionary\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Word\Settings\Insert Picture\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Word\Settings\New from Existing Document\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft PowerPoint\Settings\Insert Picture\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft PowerPoint\Settings\Save As\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Document Imaging\Settings\Save As\File Name MRU
HKCU\Software\Microsoft\Office\10.0\Common\Open Find\Microsoft Document Imaging\Settings\Open\File Name MRU
HKCU\Software\Microsoft\Office\8.0\Common\Open Find\Microsoft Word\Settings\Save As\File Name MRU
HKCU\Software\Microsoft\Office\8.0\Common\Open Find\Microsoft Word\Settings\Open\File Name MRU
HKCU\Software\Microsoft\Office\8.0\Common\Open Find\Microsoft Word\Settings\Select File to Merge Into Current Document\File Name MRU
HKCU\Software\Microsoft\Office\8.0\Common\Open Find\Office\Settings\Open Office Document\File Name MRU
HKCU\Software\Microsoft\Office\8.0\Common\Open Find\Office\Settings\Open Office Document\Any Text MRU
HKCU\Software\Microsoft\Office\8.0\Common\Open Find\Microsoft PowerPoint\Settings\Save\File Name MRU
HKCU\Software\Microsoft\Office\8.0\Excel\Recent File List
HKCU\Software\Microsoft\Office\9.0\Excel\Recent Files
HKCU\Software\Microsoft\Office\10.0\PowerPoint\Recent File List
HKU\.DEFAULT\Software\Microsoft\Office\10.0\Excel\Recent Files
HKCU\Software\Microsoft\Office\10.0\Excel\Recent Files
HKCU\Software\Microsoft\Office\11.0\Excel\Resiliency\DocumentRecovery
HKCU\Software\Microsoft\Office\10.0\Excel\Recent Templates
HKCU\Software\Microsoft\Office\10.0\PowerPoint\Recent Templates
HKCU\Software\Microsoft\Office\10.0\Word\Recent Templates
HKCU\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent File List
HKCU\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent Page List
HKCU\Software\Gabest\Media Player Classic\Recent Dub List
HKU\.DEFAULT\Software\Microsoft\MSPaper\Persist File Name
HKCU\Software\Microsoft\MSPaper\Persist File Name
HKCU\Software\Microsoft\MSPaper\Recent File List
HKCU\Software\Foxit Software\Foxit Reader\Recent File List
HKU\.DEFAULT\Software\Microsoft\MSE\10.0\FileMRUList
HKU\.DEFAULT\Software\Microsoft\MSE\10.0\ProjectMRUList
HKU\.DEFAULT\Software\Microsoft\MSE\10.0\SolutionMRUList
HKCU\Software\Microsoft\MSE\10.0\FileMRUList
HKCU\Software\Microsoft\MSE\10.0\ProjectMRUList
HKCU\Software\Microsoft\MSE\10.0\SolutionMRUList
HKCU\Software\Corel\User Assistant\9\Recent Work\WordPerfect\Last Opened
HKCU\Software\Corel\User Assistant\10\Recent Work\WordPerfect\Last Opened
HKCU\Software\Corel\User Assistant\9\Recent Work\QuattroPro\Last Opened
HKCU\Software\Corel\User Assistant\10\Recent Work\QuattroPro\Last Opened
HKCU\Software\Corel\User Assistant\9\Recent Work\Corel Presentations\Last Opened
HKCU\Software\Corel\User Assistant\10\Recent Work\Corel Presentations\Last Opened
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKCU\Software\Microsoft\Internet Explorer\TypedURLs
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\TypedURLs
HKCU\Software\Microsoft\MediaPlayer\Player\RecentFileList
HKCU\Software\Microsoft\MediaPlayer\Player\Settings\OpenDir
HKU\.DEFAULT\Software\Microsoft\MediaPlayer\Player\RecentFileList
HKCU\Software\Microsoft\MediaPlayer\Player\Settings\SaveAsDir
HKCU\Software\Microsoft\MediaPlayer\Preferences\CDRecordPath
HKCU\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist
HKCU\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
HKCU\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
HKCU\Software\Google\NavClient\1.1\History
HKU\.DEFAULT\Software\7-ZIP\FM
HKCU\Software\7-ZIP\FM
HKCU\Software\ahead\Nero - Burning Rom\Settings\BrowserDir
HKCU\Software\ahead\Nero - Burning Rom\Settings\ImageDir
HKCU\Software\ahead\Nero - Burning Rom\Settings\NeroCompilation
HKCU\Software\ahead\Nero - Burning Rom\Settings\WorkingDir
HKU\.DEFAULT\Software\Macromedia\Flash 6\Open Document
HKCU\Software\Macromedia\Flash 6\Open Document
HKCU\Software\RealNetworks\RealPlayer\6.0\Preferences\LastLoginTime
HKCU\Software\RealNetworks\RealPlayer\6.0\Preferences\LastOpenFileDir
HKCU\Software\SmartFTP\Queue
HKCU\Software\SmartFTP\LocalView
HKCU\Software\WinRAR\General\LastFolder
HKCU\Software\Nico Mak Computing\WinZip\directories
HKCU\Software\Adobe\Acrobat Reader\5.0\AVGeneral\cRecentFiles
HKU\.DEFAULT\Software\Adobe\Acrobat Reader\5.0\AVGeneral\cRecentFiles
HKU\.DEFAULT\Software\Adobe\Acrobat Reader\6.0\AVGeneral\cRecentFiles
HKCU\Software\Adobe\Acrobat Reader\6.0\AVGeneral\cRecentFiles
HKU\.DEFAULT\Software\Adobe\Adobe Acrobat\6.0\AVGeneral\cRecentFiles
HKCU\Software\Adobe\Adobe Acrobat\6.0\AVGeneral\cRecentFiles\c1
HKCU\Software\MGI\VideoWave\Recent File List
HKCU\Software\Sierra Imaging\Image Expert 2000\Recent Album List
HKCU\Software\ahead\Nero - Burning Rom\Recent File List
HKU\.Default\Software\ahead\Nero - Burning Rom\Recent File List
HKCU\Software\ahead\nero wave editor\Recent File List
HKU\.Default\Software\ahead\nero wave editor\Recent File List
HKCU\Software\ahead\Cover Designer\Recent File List
HKU\.Default\Software\ahead\Cover Designer\Recent File List
HKCU\Software\BVRP Software\Annuaire\Recent File List
HKCU\Software\Microsoft\HTML Help Workshop\Recent File List
HKCU\Software\Microsoft\HTML Help Workshop\Project Files
HKCU\Software\Microsoft\HTML Help Workshop\Html Titles
HKCU\Software\Microsoft\HTML Help Workshop\Compressed HTML
HKCU\Software\Microsoft\Picture It! Publishing\5.0\Recent File List
HKCU\Software\Software602\602Tab\Recent File List
HKCU\Software\Software602\WinMgr\1.0\602Tab\Recent Files
HKCU\Software\Software602\602Text\2000\Settings
HKCU\Software\TMT Development\TMT Pascal Lite 3
HKCU\Software\HeadLight\GetRight\TypedURLs
HKU\.Default\Software\HeadLight\GetRight\TypedURLs
HKCU\Software\Jasc\Paint Shop Pro 6\Recent File List
HKCU\Software\Jasc\Paint Shop Pro 7\Recent File List
HKCU\Software\Jasc\Paint Shop Pro 8\Recent File List
HKCU\Software\Greatis\Regrun2\RegAdviser\LocateHistory
HKCU\Software\Ontrack\PowerDesk\CurrentVersion\PDFind\FileNames
HKCU\Software\SpeedBit\Download Accelerator\HistoryCombo
HKCU\Software\Microsoft\Office\10.0\Clip Organizer\Search\Last Query
HKU\.Default\Software\Microsoft\Office\10.0\Clip Organizer\Search\Last Query
HKCU\Software\Microsoft\ClipArt Gallery\2.0\MRUDescription
HKU\.DEFAULT\Software\JetCar\JetCar\Recent File List
HKU\.DEFAULT\Software\JetCar\JetCar\DownDir
HKCU\Software\JetCar\JetCar\Recent File List
HKCU\Software\JetCar\JetCar\DownDir
HKU\.DEFAULT\Software\VB and VBA Program Settings\Microsoft Visual Basic AddIns\VisData6
HKCU\Software\VB and VBA Program Settings\Microsoft Visual Basic AddIns\VisData6
HKU\.DEFAULT\Software\CursorArts\MRU Items
HKCU\Software\CursorArts\MRU Items
HKU\.DEFAULT\Software\Spidersoft\WebZIP\Settings
HKCU\Software\Spidersoft\WebZIP\Settings
HKU\.DEFAULT\Software\Advanced Grapher\RecentFiles
HKCU\Software\Advanced Grapher\RecentFiles
HKU\.DEFAULT\Software\MeeSoft\ImageAnalyzer
HKCU\Software\MeeSoft\ImageAnalyzer
HKU\.DEFAULT\Software\InstallShield\Express\4.0\Recent File List
HKCU\Software\InstallShield\Express\4.0\Recent File List
HKU\.DEFAULT\Software\Impact\Microangelo\Animator\MRU List
HKU\.DEFAULT\Software\Impact\Microangelo\Librarian\MRU List
HKU\.DEFAULT\Software\Impact\Microangelo\Studio\MRU List
HKCU\Software\Impact\Microangelo\Animator\MRU List
HKCU\Software\Impact\Microangelo\Librarian\MRU List
HKCU\Software\Impact\Microangelo\Studio\MRU List
HKCU\Software\Impact\Microangelo\Animator\MRU List
HKU\.DEFAULT\Software\FerretSoft\NetFerret\CurrentVersion\Web
HKCU\Software\FerretSoft\NetFerret\CurrentVersion\Web
HKU\.DEFAULT\Software\ORL\VNCviewer\MRU
HKCU\Software\ORL\VNCviewer\MRU
HKU\.DEFAULT\Software\PowerArchiver\Files
HKCU\Software\PowerArchiver\Files
HKU\.DEFAULT\Software\Microsoft\DevStudio\6.0\Recent File List
HKCU\Software\Microsoft\DevStudio\6.0\Recent File List
HKU\.DEFAULT\Software\e-merge\WinAce\2.0\MRU Items
HKCU\Software\e-merge\WinAce\2.0\MRU Items
HKU\.DEFAULT\Software\JGsoft\EditPadLite\Search
HKCU\Software\JGsoft\EditPadLite\Reopen
HKU\.DEFAULT\Software\VB and VBA Program Settings\3D Canvas\Application
HKCU\Software\VB and VBA Program Settings\3D Canvas\Application
HKCU\Software\7-ZIP\FM
HKU\.DEFAULT\Software\Vallen-Systeme GmbH\Vallen JPegger\MRU-Files-BMP&PCX
HKU\.DEFAULT\Software\Vallen-Systeme GmbH\Vallen JPegger\MRU-Folders-IMG
HKU\.DEFAULT\Software\Vallen-Systeme GmbH\Vallen JPegger\MRU-Folders-MP3
HKCU\Software\Vallen-Systeme GmbH\Vallen Zipper\MRU-Files-ZIP
HKU\.DEFAULT\Software\M.Dev Software\ZG5\MRU Items
HKCU\Software\M.Dev Software\ZG5\MRU Items
HKCU\Software\WinRAR\ArcHistory
HKCU\Software\Trident Software\PowerZip\Recent File List
HKCU\Software\Trident Software\PowerZip\Doc
HKCU\Software\WinRAR\DialogEditHistory\ExtrPath
HKCU\Software\Nico Mak Computing\WinZip\extract
HKCU\Software\Gnucleus\Searches
HKCU\Software\Kazaa\Search
HKU\.Default\Software\Kazaa\Search
HKCU\Software\Jasc\Animation Shop 2\Recent File List
HKCU\Software\Jasc\Animation Shop 3\Recent File List
HKCU\Software\Jasc\Jasc Media Center Plus\Recent File List
HKCU\Software\Jasc\Jasc WebDraw 1\Recent File List
HKCU\Software\Macromedia\Flash 5\Recent File List
HKCU\Software\Macromedia\Flash 6\Recent File List
HKCU\Software\Macromedia\Firework 6\Recent File List
HKCU\Software\Macromedia\Dreamweaver 4\Recent File List
HKCU\Software\Macromedia\Dreamweaver 6\Recent File List
HKLM\SOFTWARE\Microsoft\Direct3D\MostRecentApplication
HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
HKCU\SOFTWARE\Microsoft\DirectInput\MostRecentApplication
HKCU\Software\Ulead Systems\Ulead PhotoImpact\7.0\Recent File List
HKCU\Software\SpeedBit\Download Accelerator\HistoryCombo
HKCU\Software\Microsoft\Office\10.0\Clip Organizer\Search\Last Query
HKU\.Default\Software\Microsoft\Office\10.0\Clip Organizer\Search\Last Query
HKCU\Software\Microsoft\ClipArt Gallery\2.0\MRUDescription
HKCU\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor
HKU\.DEFAULT\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor
HKCU\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor
HKCU\Software\Creative Tecg\Creative Wavestudio\Settings
HKCU\Software\Freeware\VirtualDub\MRU List
HKCU\Software\Microsoft\Journal Viewer\MRU
HKCU\Software\Ying3\DLExpert\MAIN
HKCU\Software\Microsoft\Search Assistant\ACMru\5001
HKCU\InstallLocationsMRU
HKU\.Default\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\FilesNamedMRU
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\ContainingTextMRU
HKU\.Default\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\ContainingTextMRU
HCKU\Software\ORL\VNCviewer\MRU
HCKU\Software\RealVNC\VNCViewer4\MRU
HCKU\Software\Ahead\Cover Designer\Recent File List
HCKU\Software\Ahead\Nero - Burning Rom\Recent File List
HCKU\Software\Ahead\Nero WaveEditor\Recent File List
HCKU\Software\DVD Shrink\DVD Shrink 3.2\Recent File List
HCKU\Software\DVDAuthor2\DVD-lab\Recent File List
HCKU\Software\JetCar\JetCar\Recent File List
HCKU\Software\Macromedia\Dreamweaver 8\Recent File List
HCKU\Software\Macromedia\Fireworks\8\ini\Recent File List
HCKU\Software\Macromedia\Flash 8\Recent File List
HCKU\Software\Microsoft\Consola de administración de Microsoft\Recent File List
HCKU\Software\SoulSeek\SoulSeek\Recent File List
HCKU\Software\WinHTTrack Website Copier\WinHTTrack Website Copier\Recent File List
---------------------------------------------------------------------------------------
/**
HPUX
/usr/sam/lbin/usermod.sam -p `echo "123abcdexy"|/usr/lbin/makekey` aramosf** /
/** crack?¿?
http://www.securitystats.com/tools/hashcrack.php
http://www.passcracking.com/
http://www.plaintext.info
**/
------------------------------------------------------------------------------------
SQL INJECTION TOOLS
sqlbf: sin duda alguna, la primera, la mejor. Los genios hacen genialidades.
sqlinjector: de NGSSoftware, a dia de hoy, un poco desfasada.
bfsql blind sql injection para mysql (la mia, vamos). un TODO infinito. y un BUGS infinito++
sqlpowerinjector: mysql, oracle, sql-server, postgresql, ¿sybase?.. sql injection normal y blind. Jamas la he conseguido hacer funcionar.
sqlmap: blind para mysql y postgresql
sqlninja: injection para sql-server.
bobcat: para sql-server. no está mal, pero hay que montar un MSDE para hacerla rular... y le cuesta!
absinthe: : postgresql, oracle, sql-server, ¿sybase?... bastante maja, aunque tiene un par de fallos que podrian mejorarse...
sqlbrute: sql-server y oracle. blind sql injection para dumpear tablas. no va todo lo fina que deberia.
automagic: automatización para explotar sql-server.
webinspect - sql injector: Comercial, solo disponible en el paquete de webinspect, oracle, sql server, sybase... realmente buena.
SQLIBF: realmente buena, muy potente. nice work!
Priamos SQLdump de sql-server. Muy sencillo/eficaz en mi experiencia.
FG-Injector: un poco liosa en su uso, pero eficiente.
SQLDumper:No la he testado aún.
SQL Injection Tool: Sin probar.
ISR-sqlget. Sin probar
SQLix De OWASP, bastante simple.
SQLID En ruby, no me convence
SQLier script en bash... ehm..
Pangolin En los 3 SQL que he probado, no ha funcionando en ninguno, eso si, tiene buena pinta.
Squeeza Para MSSQL, liberado en bh2007, ataque basado en tiempo.
BSQLHacker Funciona bajo windows, para MSSQL, Oracle y en beta MySQL, basado en tiempos.
*--------
http://www.mitec.cz/
http://www.unsec.net/download/WRA.zip
http://www.netcraft.com
http://webhosting.info
http://www.domainsdb.net/
http://www.searchmee.com/web-info/ip-hunt.php
http://www.domaintools.com/reverse-ip/
http://www.archive.org
http://search.msn.com
http://www.seologs.com/ip-domains.html
http://www.tomdns.net/index.php
http://tripp.dynalias.org/
http://www.imperva.com/application_defense_center/tools.asp
http://www.int0x21.com/
http://jacquelin.potier.free.fr/networkstuff/
http://www.unsec.net/2005/04/iptables-ftp-en-modo-pasivo.html
http://www.unsec.net/2004/12/mi-shell-script-para-tunningperformance.html
http://www.unsec.net/2004/12/deshabilitar-icmp-mask-reply-en-tru64.html
http://www.hsc-labs.com/ressources/outils/babelweb/index.html.en
babelweb http://www.unsec.net/download/babelweb-1.0.tar.gz
Comentarios