It’s been 2 years, but a new version of sqlninja is out at Sourceforge, we wrote about the previous release back in 2008 and we’ve actually been following this tool since 2006! Sqlninja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main […]
Tag Archives | hacking-ms-sql
Microsoft Warns of Serious MS-SQL 2000 & 2005 Vulnerability
Another big flaw has been discovered in Microsoft software just a few days after they broke their patch cycle to issue a patch for the IE bug that allowed remote code execution. This time however it doesn’t really effect home users or the general consumer, it’s a more specific server side vulnerability affecting Microsoft SQL […]
sqlninja 0.2.3 released – Advanced Automated SQL Injection Tool for MS-SQL
We’ve been folowing the development of sqlninja since the early days, it’s growing into a well matured and more polished tool with advanced features. Sqlninja is a tool written in PERL to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a […]
sqlninja 0.2.2 Released for Download – SQL Injection Tool
Sqlninja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of […]
mssql-hax0r v0.9 – Multi-purpose MS-SQL injection script
mssql-hax0r v0.9 is a Multi-purpose MS-SQL injection attack tool for advanced Microsoft SQL Server exploitation. Three modes of operation are currently available: info (Information Gathering), dump (Record Dump), and brute (Brute Force). You may need to tweak the code a bit to make it fit your needs (i.e. modifying the injection string and/or the language […]
piggy – Download MS-SQL Password Brute Forcing Tool
Piggy is yet another tool for performing online password guessing against Microsoft SQL servers. It supports scanning multiple servers using a dictionary file or a file with predefined accounts (username and password combinations). It’s a pretty simple tool and has a Win32 binary verson – it is a command line tool however.
1 2 3 4 5 6 7 8 9 10 11 12 13 |
Piggy v1.0.1 by patrik@cqure.net -------------------------------- usage: piggy [options] options: -u [username] - Single username -p [password] - Single password -s [server] - Single server -S [srvfile] - File containing ip/hostnames -D [dicfile] - File containing passwords -A [accounts] - File containing username;password combinations -N - Do not check availability before scan -v verbose - Verbose logging |
You can […]
Popular Tags
computer-security · darknet · ddos · dos · exploits · fuzzing · google · hacking-networks · hacking-websites · hacking-windows · hacking tool · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · pen-testing · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · windows · windows-security · Windows Hacking · worms · XSS ·