28 October 2006 | 17,111 views

BobCat SQL Injection Tool based on Data Thief

Secure Your Website with Acunetix

BobCat is a tool to aid a security consultant in taking full advantage of SQL injection vulnerabilities. It is based on a tool named “Data Thief” that was published as PoC by appsecinc. BobCat can list the linked severs, database schema, and allow the retrieval of data from any table that the current application user has access to.

The methods that BobCat incorprates are based on those discussed in the following papers:

advanced sql injection
more advanced sql injection
advanced sql injection
manipulating sql server usig sql injection

I suggest if you are interested in SQL injection at all, you read all of the above papers.

BobCat Requirements

  1. Windows OS (Tested on XP SP2)
  2. Access to MS SQL server/MSDE2000 (Tested on MSDE2000)
  3. .Net Framework 2.0

Read more about BobCat here:

Northern Monkee – BobCat

Download BobCat here:

BobCat Alpha 0.3

Some tools to use with BobCat can be found here:

BobCat Tools





                

Recent in Database Hacking:
- 1 Million Accounts Leaked From Banks, Government Agencies & Consultancy Firms
- The Mole v0.3 Released For Download – Automatic SQL Injection Exploitation Tool
- MySQL 1 Liner Hack Gives Root Access Without Password

Related Posts:
- sqlninja 0.1.0alpha – MS-SQL Injection Tool
- Bsqlbf V2 – Blind SQL Injection Brute Forcer Tool
- Social Engineering Gets a Big Jewel Heist

Most Read in Database Hacking:
- Pangolin – Automatic SQL Injection Tool - 67,135 views
- bsqlbf 1.1 – Blind SQL Injection Tool - 53,589 views
- Absinthe Blind SQL Injection Tool/Software - 38,716 views

Advertise on Darknet

Comments are closed.