[ad] It’s been 2 years, but a new version of sqlninja is out at Sourceforge, we wrote about the previous release back in 2008 and we’ve actually been following this tool since 2006! Sqlninja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its […]
hacking-ms-sql
Microsoft Warns of Serious MS-SQL 2000 & 2005 Vulnerability
[ad] Another big flaw has been discovered in Microsoft software just a few days after they broke their patch cycle to issue a patch for the IE bug that allowed remote code execution. This time however it doesn’t really effect home users or the general consumer, it’s a more specific server side vulnerability affecting Microsoft […]
sqlninja 0.2.3 released – Advanced Automated SQL Injection Tool for MS-SQL
[ad] We’ve been folowing the development of sqlninja since the early days, it’s growing into a well matured and more polished tool with advanced features. Sqlninja is a tool written in PERL to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide […]
sqlninja 0.2.2 Released for Download – SQL Injection Tool
[ad] Sqlninja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process […]
mssql-hax0r v0.9 – Multi-purpose MS-SQL injection script
[ad] mssql-hax0r v0.9 is a Multi-purpose MS-SQL injection attack tool for advanced Microsoft SQL Server exploitation. Three modes of operation are currently available: info (Information Gathering), dump (Record Dump), and brute (Brute Force). You may need to tweak the code a bit to make it fit your needs (i.e. modifying the injection string and/or the […]