"Never let school get in the way of learning."
-- Mark Twain

[BL4CK] - Tools

Publicly available tools published by blacksec members. 

We are not responsible for your actions, this information has been published with the understanding that the viewer will use it responsibly and only for public security proof of concepts.  Exploiting vulnerable hosts may lead to jail time.

Tools

WEP Replay Injection Attack



** script is just a wrapper around aircrack's suite of wireless tools
** script also assumes you are using a madwifi driver wifi0/ath0


WEP Replay Injection Attack
quick script by redsand@blacksecurity.org

Usage -s <Source Mac> -t <Target Mac> -e <ESSID> -c <CHANNEL> [ -1 | -2 | -3 | -4 ]
Example: -s 00:11:22:33:44:55 -t 01:23:43:44:39:12 -e 2WIRE001 -c 11 -1?

-s <Source Mac> source mac address used in attack
-t <Target Mac> target mac address of wap
-e <ESSID> target essid of wap
-c <CHANNEL> target channel number of wap
-C <Client Mac> target client mac (for deauth)
-W <Wordlist> target wordlist used for brute force (wpa/wpa2)
-1 usage attack option arp replay (default)
-2 usage attack option chopchop
-3 usage attack option fragment
-4 usage attack option interactive

sqlidiscover - MsSQL SQL Injection Data Crawler


sqli_discover_tables v0.21 29Jan2009 kaneda 'n phildo, upgraded by redsand.
[*] HTTP cookie set to ASPSESSIONIDSSSTRCDB=JNLLJILCKOOLFEFNLDOBANFL
[*] URL to process: http://www.example.com/catalog/Search.asp
[*] Abusing 'CategoryID'...

[ ] OS version: Windows NT 5.2 (Build 3790: Service Pack 2)
[ ] Current user: dbo

unknown_db.table> help
sqliinjection interactive session help

exit / quit - leave sqli
discover databases / discover dbs - discover all databases on system
discover tables - discover all tables on system
discover columns - discover all columns in current table
select db/database [name] - change context to database [name]
select table [name] - change context to table [name]
fetch n,..,x - fetch data from columns n, etc. (i.e. fetch username,password).

... and more...

MSSQL 0wnage - MSSQL Brute Forcer



This tool has been released as a simple proof of concept.  This proof of concept is a glimpse at some of the more advanced Graphical tools we are preparing and packaging for the future.  This tool along with many others will help assist with both internal and external penetration tests.


$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$'`$$$$$$$$$$$$$'`$$$ MSSQL OWNAGE
$$$$$$  $$$$$$$$$$$  $$$$
$$$$$$$  '$/ `/ `$' .$$$$ Created By: Bigeazer
$$$$$$$$. i  i  /! .$$$$$
$$$$$$$$$.--'--'   $$$$$$ bigeazer@blacksecurity.org
$$^^$$$$$'        J$$$$$$
$$$   ~""   `.   .$$$$$$$ IF THERE IS A WILL THERE IS
$$$$$e,      ;  .$$$$$$$$ A WAY
$$$$$$$$$$$.'   $$$$$$$$$
$$$$$$$$$$$$.    $$$$$$$$
$$$$$$$$$$$$$     $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$


This was written so I can automate some portions of pentesting.  Now don't get me wrong this is not a ./autohack and done tool.  It will find the sql servers that have a default sa password and will try and bruteforce the sa password if it isn't set on default.