Nowadays, in almost all my penetration testing projects, HP dataprotector has been the most vulnerable software installed. I thought of porting the same as a metasploit exploit module. Hence, I wrote exploit for Hp_dataprotector_cmdexec. I will try to describe my work step by step. The input for this was a working exploit-db code (HP Data Protector Remote Root Shell for Linux). The shell code when run normally will give a netcat shell. So here I start up: 1. Took a standard ...
Updated 04-10-2012 at 04:21 PM by sohil_garg
Well MSSQl which is my favorite DB back end which I always look for when trying to 0wn something or in an Internal or External PT, and that it has given me a high success rate always. SQl injection on MSSQL Datas base also rocks and also critical than any other Database systems. The reason is because MSSQL allows stacked queries,and much DBs will allows that. Ok, what are stacked queries ?? Well they are just a functionality that allows user to append multiple queries to a ...
Updated 07-25-2010 at 08:12 PM by fb1h2s
For the past few days I was on a Internal VA/PT project in which I had about a total of 140+ Servers assigned .And time was incredibly less , so a detail analysis on these 140 Servers wasn't possible in a weeks time, so My plans were actually to do a quick Intense Nmap Scan on the targets and analysis the banner first and then to give those target to Nessus for any Hot findings. My targets were actually DR[Data Recovery] servers so scope of work was PT The Nmap gave ...
Updated 07-13-2010 at 01:02 AM by fb1h2s
Recent Comments