+- Sinisterly (https://sinister.ly)
+-- Forum: Hacking (https://sinister.ly/Forum-Hacking)
+--- Forum: Hacking Tools (https://sinister.ly/Forum-Hacking-Tools)
+--- Thread: [BETA] MaxISploit SQLi , XSS , Admin login and shared hosting scanne (/Thread-BETA-MaxISploit-SQLi-XSS-Admin-login-and-shared-hosting-scanne)
[BETA] MaxISploit SQLi , XSS , Admin login and shared hosting scanne - Ashba - 10-22-2012
HeLLo <3333
![[Image: prednja1.jpg]](http://www.dodaj.rs/f/1K/UA/1CCHngID/prednja1.jpg)
This tool has three purposes :
1. SQL injection :
a)Error based: it scans for vulnerable websites based on common SQL errors for variety of databases.
b)Difference (true/false) scan: it scans for sites that do not display SQL errors but yet are vulnerable , the concept behind this scan is true / false query to the database which will give different answers which will then be scanned and in case of difference in length and content site will be considered vulnerable.
2.XSS scanner : it encrypts XSS vector and tries to scan result from web server , if XSS vector is found inside source than site is vulnerable. It only uses GET request to web server. NOTE: It will scan for XSS vector but it will not test if alert or any other event really happened.
3. Admin scanner : it scans for admin login locations , based on default list or any other that you have supplied.Response code 200 and 306 is considered success.
4. Shared hosting scanner : it send request to sameip.org and then parses html for pages
http://code.google.com/p/maxisploit-scanner/downloads/list
Remember its Beta Version.
SCAN :
http://www.metascan-online.com/results/4xxprz2ym9ze15nlmacy1wqulu46ibct/cached
https://www.virustotal.com/file/22909a5bfc7fa66936b47f3d2989afe43aa2bd32e3ee3733be5572afe523c30e/analysis/
HackTool.Injecter.aqs (Not a Virus)
.
RE: [BETA] MaxISploit SQLi , XSS , Admin login and shared hosting scanne - Ultimatum - 10-23-2012
I thought asking for rep wasn't allowed :/
Let me see this.
Update:
The EXE is clean
Spoiler:
![[Image: c04f8a5be3e0f5b445a7295f4165a104.png?1350974749]](http://gyazo.com/c04f8a5be3e0f5b445a7295f4165a104.png?1350974749)
RE: [BETA] MaxISploit SQLi , XSS , Admin login and shared hosting scanne - The Protagonist - 10-23-2012
This looks great! DId you make this yourself?
Reminds me of Vanguard: http://www.blackhatlibrary.net/Vanguard
RE: [BETA] MaxISploit SQLi , XSS , Admin login and shared hosting scanne - Ashba - 10-23-2012
(10-23-2012, 07:44 AM)Ultimatum Wrote: I thought asking for rep wasn't allowed :/Thanks !
Let me see this.
Update:
The EXE is clean
(10-23-2012, 09:16 AM)The Protagonist Wrote: This looks great! DId you make this yourself?
Reminds me of Vanguard: http://www.blackhatlibrary.net/Vanguard
No I but my friend.