From: haroon (haroon@sensepost.com)
Date: Fri Aug 10 2007 - 08:31:31 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all (and sorry for the horrible cross-post)
The paper, slides and squeeza tool we used at BlackHat/DefCon 07 have
been pushed to our www, and have been linked to with a mini-splurb at
http://www.sensepost.com/blog/
The squeeza tool will allow you to automate parts of a SQL Injection
attack with some level of modularity, so you can add modules at one end
(stuff to do on the server) or channels on the other (ways to get data
back). It currently supports a bunch of stuff, but most importantly
allows free sql queries, and binary file transfers over your channel of
choice (currently http error messages, dns or pure time delays)
The paper/slides also cover a bunch of other timing related attacks and
explores XSRT/(D)XSRT (because the world can never have enough acronyms*).
As usual the stuff is freely downloadable and (hopefully useful and)
easily extensible, and feedback is appreciated...
*Actually, we think its pretty cool, but we _are_ geeks who thought that
the coolest thing in Vegas this year was the .za vs .usa soccer match
that took place illegally in the Caesars car-park..
/mh
- --
Haroon Meer, SensePost Information Security |
http://www.sensepost.com/blog/
PGP: http://www.sensepost.com/pgp/haroon.txt | Tel: +27 83786 6637
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
iD8DBQFGvFqjjc6KZkVo+wYRAiwvAJ4ir7IC+nbCfiMb2VX3ARuYM9SM6QCfeNpN
dP1Weukz3Vrd3WdmlannZko=
=eFT0
-----END PGP SIGNATURE-----
** CRM114 Whitelisted by: From haroon@sensepost.com **
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:00 EDT