Volatile Worm

[Rafael Silva <listas () geekworld com br>]

Hello everyone,

I'm here to publish a tool that exploits the concept of web  
application worms.
It's not a brand new thing but I hope to help sysadmins and the  
security community.
Volatine Worm is a web worm for MSSQL web applications vulnerable to  
SQL Injection and forces
them into executing store procedures like xp_cmdshell.

The concept of this worm is pretty simple: Find vulnerable hosts in an  
automated fashion searching
in Google for URLs like:

news.asp
noticias.asp
comments.asp
...

When the worm finds a potential vulnerable application it tests if it  
is flawed by simply appending
a single quote in the URL. It analyzes the error code returned to  
determine if it is running MSSQL.
If it succedes to find a MSSQL, the worm issues a 'ping' command using  
xp_cmdshell, performing
a phone home. Then you can test a lot of things like setup a ftp  
server and send any file to the
vulnerable host.

Feel free to improve the code.

Download: http://www.rfdslabs.com.br/volatile.txt





rfds@gland:~/codes/volatile$ perl volatile.pl  -h

Volatile [Automatic SQL Injection Exploit]
Written by rfds and hash

use volatile.pl [-h|-q <query>|-w <walk>|-d <device>|-i <ip>]

       -h:     print this help
       -q:     the magic query string  [required]
       -w:     rounds per search       [required]
       -d:     external device         [required]
       -i:     the device's ip         [required]

happy hacking
rfds@gland:~/codes/volatile$


Cheers,
-Rafael Silva


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------