27 June 2006 | 16,239 views

sqlninja 0.1.0alpha – MS-SQL Injection Tool

Check For Vulnerabilities with Acunetix

sqlninja is a little toy that has been coded during a couple of pen-tests done lately and it is aimed to exploit SQL Injection vulnerabilities on web applications that use Microsoft SQL Server as their back-end.

It borrows some ideas from similar tools like bobcat, but it is more targeted in providing a remote shell even with paranoid firewall settings.

It is written in perl and runs on UNIX-like boxes.

Here’s a list of what it does so far:

  • Upload of nc.exe (or any other executable) using the good ol’ debug script trick
  • TCP/UDP portscan from the target SQL Server to the attacking machine, in order to find a port that is allowed by the firewall of the target network and use it for a reverse shell
  • Direct and reverse bindshell, both TCP and UDP
  • DNS-tunneled pseudoshell, when no TCP/UDP ports are available for a direct/reverse shell, but the DB server can resolve external hostnames

Being an alpha version and since it was originally supposed to be just a quick&dirty toy for a pentest, there are lots of bugs waiting to be found and fixed so go ahead and download it ! :)

More tunneling options (e.g.: HTTP, SMTP, …) will be added in the future together.

You can read more and download sqlninja here:

http://sqlninja.sourceforge.net/

Advertisements



Recent in Database Hacking:
- OAT – Oracle Auditing Tools For Database Security
- ODAT (Oracle Database Attacking Tool) – Test Oracle Database Security
- Navy Sys Admin Hacks Into Databases From Aircraft Carrier

Related Posts:
- sqlninja v0.2.5 Released – Microsoft SQL Server (MS-SQL) SQL Injection Vulnerability Tool
- sqlninja 0.2.3 released – Advanced Automated SQL Injection Tool for MS-SQL
- sqlninja 0.2.2 Released for Download – SQL Injection Tool

Most Read in Database Hacking:
- Pangolin – Automatic SQL Injection Tool - 74,606 views
- bsqlbf 1.1 – Blind SQL Injection Tool - 54,026 views
- SQLBrute – SQL Injection Brute Force Tool - 39,363 views

Advertise on Darknet

One Response to “sqlninja 0.1.0alpha – MS-SQL Injection Tool”