Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-disclosure] Inguma 0.0.5: Brute forcing and password cracking

from [Joxean Koret] Network Security [Permanent Link]
Subject: [Full-disclosure] Inguma 0.0.5: Brute forcing and password cracking
Date: Sat, 20 Oct 2007 18:44:10 +0200 
Hi to all,

The latest version of Inguma (0.0.5) have been released with many fixes
and new modules. The following are the most important changes and
updates: 

* Added one exploit for the vulnerability in SYS.LT.FINDRICSET (Oracle
CPU Oct. 2007). 
* Added the module "firetest" to test firewall configurations. 
* Added module "brutessh" to brute force SSH servers. 
* Added module "bruteora" to brute force Oracle servers. It will check
for every (commonly) possible user or for an specified user. 
* Added a tool to crack MD5 hashes using freely available rainbow
tables. 
* Added module "sidguess" to guess the SID of an Oracle Database
instance. 
* _*Initial*_ shellcode support. See the SIDVault remote root exploit
and $INGUMA_DIR/lib/libexploit.py for details. x86 support with
InlineEgg. Thanks you Gera! 
* Added a password cracker for Oracle11g. 
* Added a password cracker for MS SQL Server 7 and 2000. 
* Enhanced the Oracle PL/SQL Fuzzer. Now, if you redirect the output
only the vulnerabilities found are logged, all the rest of the output
are written to stderr.

Regards,
Joxean Koret

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-disclosure] Inguma 0.0.5: Brute forcing and password cracking, Joxean Koret <=
Previous by Date:  Wardriving with Yagi Antennas, Terry Cutler
Next by Date:  Re: Wardriving with Yagi Antennas, Matthew Webster
Previous by Thread:  Wardriving with Yagi Antennas, Terry Cutler
Next by Thread:  PacSec 2007 Agenda (Tokyo 11-29/30), Dragos Ruiu
Indexes:  [Date] [Thread] [Top] [All Lists]