Hi to all, The latest version of Inguma (0.0.5) have been released with many fixes and new modules. The following are the most important changes and updates: * Added one exploit for the vulnerability in SYS.LT.FINDRICSET (Oracle CPU Oct. 2007). * Added the module "firetest" to test firewall configurations. * Added module "brutessh" to brute force SSH servers. * Added module "bruteora" to brute force Oracle servers. It will check for every (commonly) possible user or for an specified user. * Added a tool to crack MD5 hashes using freely available rainbow tables. * Added module "sidguess" to guess the SID of an Oracle Database instance. * _*Initial*_ shellcode support. See the SIDVault remote root exploit and $INGUMA_DIR/lib/libexploit.py for details. x86 support with InlineEgg. Thanks you Gera! * Added a password cracker for Oracle11g. * Added a password cracker for MS SQL Server 7 and 2000. * Enhanced the Oracle PL/SQL Fuzzer. Now, if you redirect the output only the vulnerabilities found are logged, all the rest of the output are written to stderr. Regards, Joxean Koret
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/