July 17th, 2009

bsqlbf v2.3 Released – Blind SQL Injection Brute Forcing Tool

This perl script allows extraction of data from Blind SQL Injections. It accepts custom SQL queries as a command line parameter and it works for both integer and string based injections.
We reported bsqlbf when it first hit the net back in April 2006 with bsqlbf v1.1, then the v2.0 update in June 2008. This new [...]

December 23rd, 2008

Microsoft Warns of Serious MS-SQL 2000 & 2005 Vulnerability

Another big flaw has been discovered in Microsoft software just a few days after they broke their patch cycle to issue a patch for the IE bug that allowed remote code execution.
This time however it doesn’t really effect home users or the general consumer, it’s a more specific server side vulnerability affecting Microsoft SQL Server [...]

June 27th, 2008

Bsqlbf V2 – Blind SQL Injection Brute Forcer Tool

There are quite a lot of SQL Injection Tools available and now there is one more to add to the stable for testing – Bsqlbf V2, which is a Blind SQL Injection Brute Forcer.

The original tool (bsqlbfv1.2-th.pl) was intended to exploit blind sql injection against a mysql backend database, this new version supports blind sql [...]

May 30th, 2008

sqlninja 0.2.3 released – Advanced Automated SQL Injection Tool for MS-SQL

We’ve been folowing the development of sqlninja since the early days, it’s growing into a well matured and more polished tool with advanced features.
Sqlninja is a tool written in PERL to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote [...]

April 15th, 2008

sqlninja 0.2.2 Released for Download – SQL Injection Tool

Sqlninja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of [...]

November 20th, 2007

sqlninja 0.2.1-r1 – SQL Injection Tool for MS-SQL Released for Download

Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process [...]

July 23rd, 2007

piggy – Download MS-SQL Password Brute Forcing Tool

Piggy is yet another tool for performing online password guessing against Microsoft SQL servers.
It supports scanning multiple servers using a dictionary file or a file with predefined accounts (username and password combinations).

It’s a pretty simple tool and has a Win32 binary verson – it is a command line tool however.
Piggy v1.0.1 by patrik@cqure.net
——————————–
usage: piggy [options]

options:
[...]

June 22nd, 2007

sqlninja 0.1.2 Released for Download – SQL Injection Tool

sqlninja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment.
It should be used by penetration testers to help and automate the process of taking [...]


Sitemap - ShaolinTiger - DigiSniper - Digital Photography
Shutter Asia Photography Forum - We Ate This