Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Insomnia: Tool Release - InsomniaShell.aspx

from [Brett Moore] Network Security [Permanent Link]
Subject: Insomnia: Tool Release - InsomniaShell.aspx
Date: Tue, 12 Feb 2008 15:11:15 +1300 
___________________________________________________________________

 Insomnia Security :: InsomniaShell.aspx
___________________________________________________________________

 Name: InsomniaShell.aspx
 Released: 12 Feb 2008
 Author: Brett Moore, Insomnia Security
 Original Link: http://www.insomniasec.com/releases/tools
___________________________________________________________________

InsomniaShell is a tool for use during penetration tests, when
you have ability to upload or create an arbitrary .aspx page.

This .aspx page is an example of using native calls through pinvoke
to provide either a reverse shell or a bind shell. 

It has the added advantage of searching through all accessible 
processes looking for a SYSTEM or Administrator token to use for
impersonation.

If the provider page is running on a server with a local SQL Server
instance, the shell includes functionality for a named pipe 
impersonation attack. This requires knowledge of the sa password,
and results in the theft of the token that the SQL server is 
executing under.
___________________________________________________________________


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Insomnia: Tool Release - InsomniaShell.aspx, Brett Moore <=
Previous by Date:  PPP authentication brute-force attack?, Matheus Michels
Next by Date:  RE: removing metadata from documents, Password Crackers, Inc.
Previous by Thread:  PPP authentication brute-force attack?, Matheus Michels
Next by Thread:  AS400 Net Recon, Jon Kibler
Indexes:  [Date] [Thread] [Top] [All Lists]