{"id":269,"date":"2006-06-27T04:14:35","date_gmt":"2006-06-27T04:14:35","guid":{"rendered":"https:\/\/www.darknet.org.uk\/2006\/06\/sqlninja-010alpha-ms-sql-injection-tool\/"},"modified":"2010-06-21T19:00:25","modified_gmt":"2010-06-21T18:00:25","slug":"sqlninja-010alpha-ms-sql-injection-tool","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2006\/06\/sqlninja-010alpha-ms-sql-injection-tool\/","title":{"rendered":"sqlninja 0.1.0alpha – MS-SQL Injection Tool"},"content":{"rendered":"
<\/p>\n
sqlninja is a little toy that has been coded during a couple of pen-tests done lately and it is aimed to exploit SQL Injection vulnerabilities on web applications that use Microsoft SQL Server as their back-end.<\/p>\n
It borrows some ideas from similar tools like bobcat, but it is more targeted in providing a remote shell even with paranoid firewall settings.<\/p>\n
It is written in perl and runs on UNIX-like boxes.<\/p>\n
Here’s a list of what it does so far:<\/p>\n
Being an alpha version and since it was originally supposed to be just a quick&dirty toy for a pentest, there are lots of bugs waiting to be found and fixed so go ahead and download it ! :) <\/p>\n
More tunneling options (e.g.: HTTP, SMTP, …) will be added in the future together.<\/p>\n
You can read more and download sqlninja here:<\/p>\n
<\/p>\n