Showing 1 - 15 of 15

Files from Ferruh Mavituna

WebRaider 0.2.3.8: Posted Mar 3, 2010; Authored by Ferruh Mavituna; WebRaider is a proof of concept quality tool to get a reverse shell out of SQL injection (MS-SQL) by using One Click Ownage.; tags | shell, sql injection, proof of concept; SHA-256 | 745e39d9782621659e4b684fd301e6cd6374a5d4ec94298eadb8e858bdd7080d; Download | Favorite | View

Whitepaper Called One Click Ownage: Posted Jul 6, 2009; Authored by Ferruh Mavituna; Whitepaper called One Click Ownage. It discusses getting a reverse shell through SQL injection. Related scripts are in the compressed archive.; tags | paper, shell, sql injection; SHA-256 | d9d69e301c64bdfe485895f78c59131d790f2e51060dcbca3dd44e46bee6d71a; Download | Favorite | View

ScrewTurn-Wiki_08_008.txt: Posted Jul 31, 2008; Authored by Ferruh Mavituna | Site portcullis-security.com; ScrewTurn Wiki versions 2.0.29 and 2.0.30 suffer from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | a8b22b2a31b599e7f3474d1550177b524c414b4751b3c994b3c15034bb922359; Download | Favorite | View

diigo-xss.txt: Posted Jun 20, 2008; Authored by Ferruh Mavituna | Site ferruh.mavituna.com; Diigo Toolbar suffers from a global cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 21a323d1581282c52404d2bfe4aed45ed5fa7390089119deb2828f1987f77587; Download | Favorite | View

wildcard_attacks.pdf: Posted May 20, 2008; Authored by Ferruh Mavituna | Site portcullis-security.com; DoS Attacks Using SQL Wildcards - This paper discusses abusing Microsoft SQL Query wildcards to consume CPU in database servers.; tags | paper; SHA-256 | 966761136e5dd0fc10bac9d6b273966d20386567a7bdca93ac2c13e0d89fc0e9; Download | Favorite | View

XSSTunnelling.pdf: Posted Jul 11, 2007; Authored by Ferruh Mavituna | Site portcullis-security.com; Whitepaper describing tunneling HTTP traffic via cross site scripting channels.; tags | paper, web, xss; SHA-256 | b6e22346f151eaeb24916f751d3e2467742a870c86d317f9d12104eda70ce14d; Download | Favorite | View

xssshellv039.zip: Posted Nov 7, 2006; Authored by Ferruh Mavituna | Site ferruh.mavituna.com; XSS Shell is a powerful cross site scripting backdoor. XSS Shell allows interactively getting control over a cross site scripting (XSS) vulnerability in a web application. It demonstrates the real power and damage of cross site scripting attacks.; tags | exploit, web, shell, xss; SHA-256 | c411de524d741e41c5ddc25ec6179dcc18cfa0cb287e87b7c3d0fa34e180fb35; Download | Favorite | View

TorTray-Full.tgz: Posted Oct 11, 2005; Authored by Ferruh Mavituna | Site ferruh.mavituna.com; Tor Tray is a simple GUI application (C++) which enables you to load TOR in the tray, see messages, and start / stop it easily. Both binary and source code are packaged.; tags | tool, peer2peer; SHA-256 | 40d6edcaf47a55937992c960826642c79c86aa206dcfeffac48995385a8049e5; Download | Favorite | View

firewallbypass.tgz: Posted Jan 5, 2005; Authored by Ferruh Mavituna | Site ferruh.mavituna.com; A generic problem of common personal firewall products is the allowance of shortcuts or interfaces for controlling traffic. Manipulation of these functions can allow for firewall bypass altogether. Various proof of concepts are included for products such as Zone Alarm, Kerio, Agnitium Outpost firewall, Kaspersky Anti-Hacker, Symantec's Norton Personal Firewall, and more.; tags | exploit, proof of concept; SHA-256 | 0bde1ec221ee4623942f39bb82396353f8ecad9ef14dee23da7885e1887610c6; Download | Favorite | View

ASPRunner.txt: Posted Jul 28, 2004; Authored by Ferruh Mavituna | Site ferruh.mavituna.com; ASPRunner versions 2.x suffer from multiple vulnerabilities. Various SQL Injection, information disclosure, cross site scripting, and database download flaws exit.; tags | advisory, vulnerability, xss, sql injection, info disclosure; SHA-256 | 49fdab9c6e54038eccdf55c5a3fa83ec824ccbc7158bd11e4f789fdb4f2b64d6; Download | Favorite | View

webwizXSS.txt: Posted Jun 18, 2004; Authored by Ferruh Mavituna | Site ferruh.mavituna.com; Web Wiz Forums version 7.8 is susceptible to a cross site scripting attack.; tags | advisory, web, xss; SHA-256 | fb95299c719e87d28e1135b8c3aef3ab5dcb36a4e9f359d4685af5c1f35642cd; Download | Favorite | View

bloggerXSS.txt: Posted Mar 27, 2004; Authored by Ferruh Mavituna | Site ferruh.mavituna.com; Blogger from Google has a cross site scripting flaw.; tags | advisory, xss; SHA-256 | 8a582098eeb59bd8ee61257aed05f705b240695f0136b5bdd5944e557c59a20b; Download | Favorite | View

brinkster.txt: Posted Feb 9, 2004; Authored by Ferruh Mavituna | Site ferruh.mavituna.com; Brinkster, the web hosting company, is susceptible to multiple attacks allowing remote attacker to retrieve other user's ASP source code, access to database files, and bypass of code controls.; tags | advisory, remote, web, asp; SHA-256 | 20321697a1b31690cb24599aed57a01f74205775e8fa4851f50d9b0cbf5200ec; Download | Favorite | View

dotnetnuke.txt: Posted Feb 6, 2004; Authored by Ferruh Mavituna | Site ferruh.mavituna.com; DotNetNuke versions 1.0.6 to 1.0.10d are susceptible to file disclosure and cross site scripting attacks.; tags | advisory, xss; SHA-256 | 53e05d2df3888af46549f045b457473e3f5a8930124b0e49bf694ced25fafb8e; Download | Favorite | View

vbulletin.txt: Posted Aug 12, 2003; Authored by Ferruh Mavituna | Site ferruh.mavituna.com; VBulletin version 3.0 Beta 2 is susceptible to a cross site scripting vulnerability in its new member page (register.php).; tags | advisory, php, xss; SHA-256 | 82b507f123b10ff88ea31cb0f462ee386a7460f3528905be6623a60bcc1ae7b8; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days