11/20/2022 0 Comments Hacking tools website![]() ![]() Email Trace back is set to Off as default and emails will not be sent, If you are setting this feature on make sure you change the default email address Your email address, Please Change it before using.Ģ. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.Īni-Shell is a simple PHP shell with some unique features like Mass Mailer, A simple Web-Server Fuzzer, DDoser, Back Connect, Bind Shell etc etc ! This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization.ġ. It also sniffs ICQ/ĪIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. WWW/NNTP/CVS/TELNET/MRA/DC++/VNC/MYSQL and ORACLE. Intercepter is a sniffer tool which offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/ Root host: ~ # dpkg-i hexorbase_1.0_all.deb To install it you must download and from the console: Python-qt4 python python-MySQLdb cx_Oracle python-psycopg2 python-python-qscintilla2 pymssql HexorBase runs on Linux and presumably Windows, and requires: This tool is simple to use and very practical, may have to know a little SQL, but the basics. ![]() HexorBase is a database application designed for management and audit multiple database servers simultaneously from a single location, is able to perform SQL queries and brute force attacks against servers common database ( MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL ). To Audit Management and Multiple Databases > Integration with Metasploit3, to obtain a graphical access to the remote DB > Evasion techniques to confuse a few IDS/IPS/WAF. (check the documentation for details about how this works). > DNS-tunneled pseudo-shell, when no TCP/UDP ports are available forĪ direct/reverse shell, but the DB server can resolve external hostnames > ICMP-tunneled shell, when no TCP/UDP ports are available for a direct/reverse > Direct and reverse bindshell, both TCP and UDP To find a port that is allowed by the firewall of the target network > TCP/UDP portscan from the target SQL Server to the attacking machine, in order > Upload of netcat (or any other executable) using only normal HTTP requests (no FTP/TFTP needed). > Creation of a custom xp_cmdshell if the original one has been removed ![]() > Bruteforce of ‘sa’ password (in 2 flavors: dictionary-based and incremental). > Fingerprint of the remote SQL Server (version, user performing the queries, user privileges, xp_cmdshell availability, DB authentication mode) The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a Boolean query based technique. Mole is an automatic SQL Injection exploitation tool. The Mole: Automatic SQL Injection Exploitation Tool ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |