Inguma 0.0.5: Brute forcing and password cracking
- From: Joxean Koret <joxeankoret@xxxxxxxx>
- Date: Sat, 20 Oct 2007 18:44:10 +0200
Hi to all,
The latest version of Inguma (0.0.5) have been released with many fixes
and new modules. The following are the most important changes and
* Added one exploit for the vulnerability in SYS.LT.FINDRICSET (Oracle
CPU Oct. 2007).
* Added the module "firetest" to test firewall configurations.
* Added module "brutessh" to brute force SSH servers.
* Added module "bruteora" to brute force Oracle servers. It will check
for every (commonly) possible user or for an specified user.
* Added a tool to crack MD5 hashes using freely available rainbow
* Added module "sidguess" to guess the SID of an Oracle Database
* _*Initial*_ shellcode support. See the SIDVault remote root exploit
and $INGUMA_DIR/lib/libexploit.py for details. x86 support with
InlineEgg. Thanks you Gera!
* Added a password cracker for Oracle11g.
* Added a password cracker for MS SQL Server 7 and 2000.
* Enhanced the Oracle PL/SQL Fuzzer. Now, if you redirect the output
only the vulnerabilities found are logged, all the rest of the output
are written to stderr.
Description: This is a digitally signed message part