Re: Firebird pentestingSep 30 2009 06:53AM Christian Eric Edjenguele (christian edjenguele owasp org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
another thing, I've also write a couple of OpenVAS network vulnerabily
test for firebird/interbase.
Taras wrote:
> Hello, all!
>
> In one of last pentests I found network accessible Firebird DB with DBA
> default account. But I can't found any clients for Linux for
> FB/Interbase :( Couuld you advice something to connect and make query to
> FB from Linux? What pentesters point of view will be interesting in such
> access?
>
> Thanks!
>
>
- --
Christian Eric Edjenguele
IT Security Engineer
PGP KeyID: 0xB1654498
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
Hash: SHA1
another thing, I've also write a couple of OpenVAS network vulnerabily
test for firebird/interbase.
Taras wrote:
> Hello, all!
>
> In one of last pentests I found network accessible Firebird DB with DBA
> default account. But I can't found any clients for Linux for
> FB/Interbase :( Couuld you advice something to connect and make query to
> FB from Linux? What pentesters point of view will be interesting in such
> access?
>
> Thanks!
>
>
- --
Christian Eric Edjenguele
IT Security Engineer
PGP KeyID: 0xB1654498
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJKwwBIAAoJENETScWxZUSYHQEH/i0Pk4v63w4rZelqf2xolGLn
UiZB30gFO+MIzfTv8YDHxH1PDoZq/O1xH996keIBtaywvX9exbfO+yuDWDYZ5k1S
JV+qZjd6SszPhq967OTWBaTskevr4RKmRdPWciRe1BTyD5J6fZQbcFLu/pSM1YhK
DJezle9KEWUYzESixiGmj/19K15OPILMp/hjAu+F0NkjlIUM3MDd91x4vpBpyOSy
F25y5675jDNrJ2myEXL5ETyXrK1L8zG0vaHBxlZS0ufV8hyW2BWFx80Z3v5e0bc4
9v0/2X/kJA7s4YtmdNenG+fOVrlC7fiyc+vjCgmpQMQelHpJ8W2BrpfoTXjvoAk=
=86ot
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]