<a href="http://www.nosec.org/web/files/demon.exe" target="_blank">http://www.nosec.org/web/files/demon.exe</a><br><a href="http://www.virustotal.com/analisis/0bfb9d08a2dfe0ad413d08491d0a82a3" target="_blank">http://www.virustotal.com/analisis/0bfb9d08a2dfe0ad413d08491d0a82a3</a><br>
<br><a href="http://www.nosec.org/web/files/pdf_poc.exe" target="_blank">http://www.nosec.org/web/files/pdf_poc.exe</a><br><a href="http://www.virustotal.com/analisis/d619319b2c4a7c5bb3a81adf25bf6559" target="_blank">http://www.virustotal.com/analisis/d619319b2c4a7c5bb3a81adf25bf6559</a><br>
<br><a href="http://www.nosec.org/web/files/zps.exe" target="_blank">http://www.nosec.org/web/files/zps.exe</a><br><a href="http://www.virustotal.com/analisis/26d6e7ff7aa79d20331906543a73d458" target="_blank">http://www.virustotal.com/analisis/26d6e7ff7aa79d20331906543a73d458</a><br>
<br><div class="gmail_quote">On Wed, Mar 26, 2008 at 10:54 AM, josh <<a href="mailto:mastahflank@gmail.com" target="_blank">mastahflank@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Not me, although I did looked at it. I thought great, kiddies are going to love this<br>
Sent from my BlackBerry® smartphone with SprintSpeed<br>
<div><div></div><div><br>
-----Original Message-----<br>
From: davidrook <<a href="mailto:david.rook@realexpayments.com" target="_blank">david.rook@realexpayments.com</a>><br>
<br>
Date: Wed, 26 Mar 2008 17:23:03<br>
To:Razi Shaban <<a href="mailto:razishaban@gmail.com" target="_blank">razishaban@gmail.com</a>><br>
<a href="mailto:Cc:full-disclosure@lists.grok.org.uk" target="_blank">Cc:full-disclosure@lists.grok.org.uk</a>, <a href="mailto:webappsec@securityfocus.com" target="_blank">webappsec@securityfocus.com</a><br>
Subject: Re: [Full-disclosure] Pangolin v1.2.590 - The best SQL<br>
injector you've ever seen<br>
<br>
<br>
I wonder how many readers of this list now have a backdoor on their<br>
machine...........<br>
<br>
Razi Shaban wrote:<br>
> Hmm...<br>
> Backdoors eh?<br>
><br>
> Nice try.<br>
><br>
> --<br>
> razi<br>
><br>
> On 3/26/08, A. Ramos <<a href="mailto:aramosf@unsec.net" target="_blank">aramosf@unsec.net</a>> wrote:<br>
><br>
>> Take a look over:<br>
>> <a href="http://www.virustotal.com/analisis/0603d534b0128bf81ec57a8ab00e145c" target="_blank">http://www.virustotal.com/analisis/0603d534b0128bf81ec57a8ab00e145c</a><br>
>><br>
>><br>
>><br>
>> 2008/3/26 <<a href="mailto:zwell@sohu.com" target="_blank">zwell@sohu.com</a>>:<br>
>><br>
>><br>
>> ><br>
>> ><br>
>> ><br>
>> > Pangolin is a GUI tool running on Windows to perform as more as possible<br>
>> > pen-testing through SQL injection. This version now supports following<br>
>> > databases and operations:<br>
>> ><br>
>> > * MSSQL : Server informations, Datas, CMD execute, Regedit, Write file,<br>
>> > Download file, Read file, File Browser...<br>
>> > * MYSQL : Server informations, Datas, Read file, Write file...<br>
>> > * ORACLE : Server informations, Datas, Accounts cracking...<br>
>> > * PGSQL : Server informations, Datas, Read file...<br>
>> > * DB2 : Server informations, Datas, ...<br>
>> > * INFORMIX : Server informations, Datas, ...<br>
>> > * SQLITE : Server informations, Datas, ...<br>
>> > * ACCESS : Server informations, Datas, ...<br>
>> > * SYBASE : Server informations, Datas, ...<br>
>> > etc.<br>
>> ><br>
>> > And supports:<br>
>> > * HTTPS support<br>
>> > * Pre-Login<br>
>> > * Proxy<br>
>> > * Specify any HTTP headers(User-agent, Cookie, Referer and so on)<br>
>> > * Bypass firewall setting<br>
>> > * Auto-analyzing keyword<br>
>> > * Detailed check optio ns<br>
>> > * Injection-points management<br>
>> > etc.<br>
>> ><br>
>> > What's the differents to the others?<br>
>> > * Easy-of-use : What I try to do is making pen-tester more care about<br>
>> > result, not the process. All you should do is clicking the buttons.<br>
>> > * Amazing Speed : so many people told you things about brute sql injection,<br>
>> > is it really necessary? Forget char-by-char, we can row-by-row(of cource,<br>
>> > not every injection-point can do this)?<br>
>> > * The exact check mothod : do you really think automated tools like<br>
>> > AWVS,APPSCAN can find all injection-points?<br>
>> ><br>
>> > So, whatever, just check it out, and then enjoy your feeling ;)<br>
>> > More information : <a href="http://www.nosec.org/web/index.php?q=pangolin" target="_blank">http://www.nosec.org/web/index.php?q=pangolin</a><br>
>> > Download : <a href="http://seclab.nosec.org/security/pangolin_bin.rar" target="_blank">http://seclab.nosec.org/security/pangolin_bin.rar</a><br>
>> ><br>
>> > Declare: Pangolin is designed for security testing by pen-tester when he has<br>
>> > been authorized. DO NOT attack any website viciously or accept the<br>
>> > consequences!!!<br>
>> ><br>
>> ><br>
>> ><br>
>> > ________________________________<br>
>> ><br>
>> > 2008年薪水翻倍技巧<br>
>> > *用搜狗拼音写邮件,体验更流畅的中文输入>><br>
>><br>
>><br>
>>> _______________________________________________<br>
>>><br>
>> > Full-Disclosure - We believe in it.<br>
>> > Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>
>> > Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">http://secunia.com/</a><br>
>> ><br>
>><br>
>><br>
>><br>
>><br>
>> --<br>
>> Alejandro Ramos / Alex -- (<a href="mailto:aramosf@unsec.net" target="_blank">aramosf@unsec.net</a>)<br>
>> molling://CISSP/GWAS/CISA<br>
>> <a href="http://www.unsec.net" target="_blank">http://www.unsec.net</a><br>
>><br>
>> _______________________________________________<br>
>> Full-Disclosure - We believe in it.<br>
>> Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>
>> Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">http://secunia.com/</a><br>
>><br>
>><br>
>> ------------------------------------------------------------------------<br>
>><br>
>> _______________________________________________<br>
>> Full-Disclosure - We believe in it.<br>
>> Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>
>> Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">http://secunia.com/</a><br>
<br>
--<br>
David Rook | <a href="mailto:david.rook@realexpayments.com" target="_blank">david.rook@realexpayments.com</a><br>
Information Security Analyst<br>
<br>
Realex Payments<br>
Enabling thousands of businesses to sell online.<br>
<br>
Realex Payments, Dublin, <a href="http://www.realexpayments.com" target="_blank">www.realexpayments.com</a><br>
Castlecourt, Monkstown Farm, Monkstown, Co Dublin, Ireland<br>
Tel: +353 (0)1 2808 559 Fax: +353 (0)1 2808 538<br>
<br>
Realex Payments, London, <a href="http://www.realexpayments.co.uk" target="_blank">www.realexpayments.co.uk</a><br>
1 Hammersmith Grove, London W6 0NB, England<br>
Tel: +44 (0)203 178 5370 Fax: +44 (0)207 691 7264<br>
<br>
Pay and Shop Limited, trading as Realex Payments has its registered office at Castlecourt, Monkstown Farm, Monkstown, Co Dublin, Ireland and is registered in Ireland, company number 324929.<br>
<br>
This mail and any documents attached are classified as confidential and<br>
are intended for use by the addressee(s) only unless otherwise<br>
indicated. If you are not an intended recipient of this email, you must<br>
not use, disclose, copy, distribute or retain this message or any part<br>
of it. If you have received this email in error, please notify us<br>
immediately and delete all copies of this email from your computer<br>
system(s).<br>
--<br>
<br>
_______________________________________________<br>
Full-Disclosure - We believe in it.<br>
Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>
Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">http://secunia.com/</a><br>
_______________________________________________<br>
Full-Disclosure - We believe in it.<br>
Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>
Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">http://secunia.com/</a></div></div></blockquote></div><br><br clear="all"><br>-- <br>Russ McRee, GCIH, GCFA, CISSP<br>425-518-6998 cell<br><a href="http://holisticinfosec.org" target="_blank">holisticinfosec.org</a><br>
<a href="http://blog.holisticinfosec.org" target="_blank">blog.holisticinfosec.org</a>