Sunday, February 5, 2012

TinKode-US Army full disclosure

7:57 PM  Admin  No comments


US Army full disclosure

Posted by isrtinkode on February 19, 2010
                                                                         _
                                /\                                    (_) |
                               /  \   _ __ _ __ ___  _   _   _ __ ___  _| |
                              / /\ \ | '__| '_ ` _ \| | | | | '_ ` _ \| | |
                             / ____ \| |  | | | | | | |_| |_| | | | | | | |
                            /_/    \_\_|  |_| |_| |_|\__, (_)_| |_| |_|_|_|
                                                      __/ |
                                                     |___/
                                              #full disclosure@c0de.breaker
#Informations:
First Army was established on August 10, 1918 as a field army when sufficient American military manpower had arrived in France during World War I. As an element of the American Expeditionary Force (AEF) in the latter stages of World War I it was the first of three field armies established under the AEF. Serving in its ranks were many figures who later played important roles in World War II. First Army was inactivated in April 1919.
Few time ago I found a website vulnerable to MSSQL Injection (www.onestop.army.mil)… But today I tested another website, and in 2 minutes i found a vulnerable parameter.
Vulnerable link: www.first.army.mil
Testing:


Main Informations:
#Version: Microsoft SQL Server 2005 - 9.00.4035.00 (Intel X86) Nov 24 2008 13:01:59 Copyright (c) 1988-2005 Microsoft Corporation Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 2)
#User: Vacancyuser
#Principal Database: FirstArmyVacancies
#Server Name: GIcensoredL02
#Server: Microsoft-IIS/6.0
Version:
All databases from webserver:
[1] FirstArmyVacancies
[2] master
[3] tempdb
[4] model
[5] msdb
[6] ReportServer
[7] ReportServerTempDB
[8] gis_production
[9] 1st_Army_East
[10] FirstArmy_ATLevel_Training
[11] BESMgmt3
[12] 68W
[13] FirstArmy_Common
[14] G5MOB
[15] SpotlightManagementFramework
[16] HQ_Apps
[17] SurgeonsCTT
[18] TrainingOperationsPlanner
[19] UnitMilestone
[20] WheelsUpDown
[21] GFI
[22] CommandersTrainingTool
[23] NetPerfMon
[24] fsweb
Tables from “fsweb” database:
[1] Categories
[2] BuddyList
[3] ApptTypes
[4] DistanceList
[5] AppointmentBook_Properties
[6] AppointmentBook_Locations
[7] Appointmentbook_Holidays
[8] AppointmentBook
[9] AliasChart
[10] Abreviations
[11] UserActivityLog
[12] websafeFONTS
[13] PortalPageContent
[14] ValidFileTypes
[15] VerificationQuestions
[16] websafeFontSize
[17] Ziplist
[18] TimeSchedule
[19] POC
[20] SystemClearance
[21] CELL_CONFTABLE
[22] Messages
[23] States
[24] PortalPageData
[25] portalMENUS
[26] PortalGroups
Columns from table_name “POC
[1] UserName
[2] ClientID
[3] PortalWebsite
[4] Prefix
[5] FirstName
[6] MiddleName
[7] LastName
[8] Suffix
[9] Email
[10] regEmail
[11] Expertise
[12] Fax
[13] City
[14] State
[15] Zip
[16] DisplayZip
[16] Address1
[17] Address2
[18] Phone
[19] Cell
[20] Author
[21] Password
[22] ClearanceLevel
[23] Notes
[24] BranchofService
[25] Ext
[26] RegistrationNumber
[27] LastLogin
[28] FailedLogins
[29] ActiveLogins
[30] VerificationQuestion1
[31] VerificationResponse1
[32] VerificationQuestion2
I want to say, i didn’t extract anything from any database like username,passwords,adresses,etc

Read More

WinRAR

6:06 PM  Admin  No comments


Download WinRAR 4.20 
Arabic (32 bit, 64 bit),
Armenian (32 bit, 64 bit),
Azerbaijani (32 bit, 64 bit),
Belarusian (32 bit, 64 bit), 
Bulgarian (32 bit, 64 bit),
Catalan (32 bit, 64 bit),
Chinese Simplified (32 bit64 bit),
Chinese Traditional (32 bit, 64 bit),
Croatian (32 bit, 64 bit),
Czech (32 bit, 64 bit),
Danish (32 bit, 64 bit),
Dutch (32 bit, 64 bit),
English (32 bit, 64 bit),
Estonian (32 bit, 64 bit),
Finnish (32 bit, 64 bit),
French (32 bit, 64 bit),
Georgian (32 bit, 64 bit),
German (32 bit, 64 bit),
Greek (32 bit, 64 bit),
Hebrew (32 bit, 64 bit),
Hungarian (32 bit, 64 bit),
Indonesian (32 bit, 64 bit),
Italian (32 bit, 64 bit),
Japanese (32 bit, 64 bit),
Lithuanian (32 bit, 64 bit),
Macedonian (32 bit, 64 bit),
Norwegian (32 bit, 64 bit),
Persian (32 bit, 64 bit),
Polish (32 bit, 64 bit),
Portuguese (32 bit, 64 bit),
Portuguese Brazilian (32 bit, 64 bit),
Romanian (32 bit, 64 bit),
Russian (32 bit, 64 bit),
Slovak (32 bit, 64 bit),
Slovenian (32 bit, 64 bit),
Spanish (32 bit, 64 bit),
Swedish (32 bit, 64 bit),
Thai (32 bit, 64 bit),
Turkish (32 bit, 64 bit),
Ukrainian (32 bit, 64 bit),
Uzbek (32 bit, 64 bit),
Valencian (32 bit, 64 bit),
Vietnamese (32 bit, 64 bit).

 WinRAR is a powerful archive manager. It can backup your data and reduce the size of email attachments, decompress RAR, ZIP and other (CAB,ARJ,LZH,TAR,GZ and TAR.GZ,BZ2 and TAR.BZ2,ACE,UUE,JAR (Java Archive),ISO (ISO9660 - CD image),7Z,Z (Unix compress)) files downloaded from Internet and create new archives in RAR and ZIP file format. You can try WinRAR before buy, its trial version is available in downloads.
WinRAR_archiver_is_a_powerful_archive_manager

Keywords: Arhivatoare, Backup Data Software, Backup Software, Compression/decompression Software, Compression/decompression Tools, Downloads, Free to try software, Trial Software,Freeware Software.

Read More

SlavaSoft HashCalc

4:39 PM  Admin  No comments

Mirror 1
Download HashCalc 2.02
Mirror 2
Download HashCalc 2.02


SlavaSoft HashCalc
HASH, CRC, AND HMAC CALCULATOR


A fast and easy-to-use calculator that allows to compute message digests, checksums and HMACs for files, as well as for text and hex strings. It offers a choice of 13 of the most popular hash and checksum algorithms for calculations.


Major Features:

  •       Support of 12 well-known and documented hash and checksum algorithms: MD2, MD4, MD5, SHA-1, SHA-2( 256, 384, 512), RIPEMD-160, PANAMA, TIGER, ADLER32, CRC32.
  •       Support of a custom hash algorithm (MD4-based) used in eDonkey and eMule applications.
  •       Support of 2 modes of calculations: HASH/CHECKSUM and HMAC.
  •       Support of 3 input data formats: files, text strings and hex strings.
  •       Work with large size files. (Tested on file sizes up to 15 GB).
  •       Drag-and-drop support.
  •       Quick and simple installation.
  •       Calculates hash/checksum and HMAC for files of any type: music, audio, sound, video, image, icon, text, compression, etc., with the extensions: .mp3, .wav, .avi, .mpg, .midi, .mov, .dvd, .ram, .zip, .rar, .ico, .gif, .pif, .pic, .tif, .tiff, .txt, .doc, .pdf, .wps, .dat, .dll, .hex, .bin, .iso, .cpp, .dss, .par, .pps, .cue, .ram, .md5, .sfv, etc.


Read More