HKTL_ACE

This hacktool may arrive on the system via software exploits or through security weaknesses taken advantage of attackers.

It is an SQL Injection Toolkit used to compromise Web servers. It enables remote user to gain full access to affected servers. This toolkit also includes a Graphical User Interface that the attacker could use to perform arbitrary commands.

It allows an attacker to do certain actions to the affected server.

NOTES:

This hacktool may arrive to the system via software exploits or through security weaknesses taken advantage of attackers.

It is an SQL Injection Toolkit used to compromise Web servers. It enables remote user to gain full access to affected servers. This toolkit also includes a Graphical User Interface that the attacker could use to perform arbitrary commands.

It allows an attacker to do the following to the affected server:

• Brute force password-protected servers
• Execute SQL Commands
• Manipulate database
• Execute remote commands using command prompt
• Modify registry entries
• Turn Off Server
• Restart Server
• Disable TCP/IP filter
• Upload/Download files
• Manipulate files
• Execute files
• Perform a DoS Attack
• Perform a RAM & CPU Attack
• Send Spam Mails
• Deface Web pages including index pages such as the following:
  index.htm
  index.html
  index.asp
  index.cfm
  index.php
  default.htm
  default.html
  default.asp
  default.cfm
  default.php

It can gather the following information:

• User Properties: User Credentials, Computer Name, User Domain Name
• CPU Information: Processor Architecture, Number of Processors, Identifier, Level, Revision
• Operating System Information: Operating Sytem, IP address, Server Software, CMD Path, Public Paths, System Path, Executables
• Drives information: File System, Free Space, Capacity
• IIS User name and password
• FTP credentials