Trace: 这文章要好好看，值得学习。fox牛这次放血了。

WPAD (Web Proxy Auto Discovery) is a method used by web clients to automatically
locate a browser configuration file used to connect through proxy.

All these additions are based on dbms_export_extension exploit. This will work against the following oracle versions:
Oracle 8.1.7.4, 9.2.0.1 - 9.2.0.7, 10.1.0.2 - 10.1.0.4, 10.2.0.1-10.2.0.2, XE

Checks for a vulnerability in IIS6 that allows arbitrary users to access secured WebDAV folders by searching for a password-protected folder and attempting to access it. As of May 2009, this vulnerability is unpatched.

As a follow up of HTTP Parameter Pollution presentation,
I think it's time to give some details of the Yahoo! Classic Mail exploitation.
That's the long version of the video we showed @ OWASP Appsec Poland 2009:
Youtube LD Video or Wisec HD Video

BaoFeng (config.dll) ActiveX Remote Code Execution Exploit

In the last months, we have discovered several real world flaws in which
HPP can be used to modify the application behaviors, access
uncontrollable variables and even bypass input validation checkpoints
and WAFs rules.

JVS update has been released:
 

Trace：上次是Pcshare,这次是Gh0st,下个是谁？

I just uploaded the presentation “SQL Injection in Oracle Webapps” to our website. This presentation describes the basics of SQL, different exploitation techniques (inband, out-of-band, blind), how to search creditcard numbers in the database (using dbms_xmlgen), …Here is one of the sample SQL Injection strings from the presentation. With this  SQL Injection string we are getting all username/passwords, all table names, all column names and all privileges in one step. The trick is to use sum(length(utl_http())) in the SELECT clause.

 欢迎各位安全爱好者来交流技术，吹水打P。

PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. If you are new to PHP and want to get some idea of how it works, try the introductory tutorial. After that, check out the online manual, and the example archive sites and some of the other resources available in the links section.

This vulnerability allows remote attackers to bypass access restrictions on vulnerable installations
of Internet Information Server 6.0.
The specific flaw exists within the WebDAV functionality of IIS 6.0. The Web Server fails to properly
handle unicode tokens when parsing the URI and sending back data. Exploitation of this issue can
result in the following:

由前面的基础知识3，可以得知选择远程破解Oracle 的最好帐户是SYS，因为此帐户永远有效。在Oracle10g以前的版本在安装的时候并没有提示修改SYS 的默认密码，Oracle10g 虽然提示修改密码了，但是并没有检查密码的复杂性。