Security / Penetration Testing (Debian/Ubuntu) – Why Google Skipfish failes to be a top-class web vulnerability scanner

Some of you might have read my little tutorial about how to use Google Skipfish for web vulnerability scanning. While I was fascinated by the efficiency and speed of this application, I started to use it more often. Although manual testing can’t be replaced by a machine, web vulnerability scanners are still a helping hand. During […]... Read More

com_grid XSS Vulnerabilities closed

In May 2010 I discovered several XSS vulnerabilities within the Joomla components Card View JX and Table JX which were all based on the famous com_grid component. Until now those vulnerabilities remained unpatched. Today I received an email from David Mavec who is one of the guys working on com_grid. According to him, all vulnerabilities […]... Read More

Simple SQL Injection Vulnerability Scanner 0.5 released

Today I am releasing version 0.5 of my Simple SQL Injection Vulnerability Scanner. [Download here] It contains all the features from the first released version 0.3 and now contains – in addition – a column fuzzer. Simply start a scan by using python sqli_scanner.py -u “target” and then start fuzzing by using the parameter -fuzz […]... Read More

Joke Website Script SQL Injection and Cross-Site Scripting Vulnerabilities

Please view the original advisory here. The “Joke Website Script” is exposed to SQL Injection and Cross-Site Scripting attacks. >> #1 SQL Injection target/search.php?submit=Search&keyword=[SQLi] >> #2 Cross-Site Scripting target/search.php?submit=Search&keyword=[XSS]... Read More

Lyrics Script SQL Injection and Cross-Site Scripting Vulnerabilities

Please view the original advisory here. The “Lyrics Script” suffers from various SQL Injection and Cross-Site Scripting vulnerabilities. >> #1 SQL Injection target/search_results.php?search=Search&k=[SQL Injection] target/browse_artist.php?letter=[SQL Injection] target/browse_song.php?letter=[SQL Injection] >> #2 Cross-Site Scripting target/search_results.php?search=Search&k=[XSS]... Read More
Automated Joomla SQL Injection Exploiter Screenshot 1 Automated Joomla SQL Injection Exploiter Screenshot 2

Automated Joomla SQL Injection Exploiter

Today I am releasing my Automated Joomla SQL Injection Exploiter version 1.0 (23th May 2010). [Download here] I wrote this tool because I did not want to write a new exploit every time when a new Joomla (component/module/plugin) SQL injection vulnerability was discovered/revealed. Simply hand over a vulnerable Joomla URL to the tool and receive all Joomla […]... Read More