Sqlninja v.0.2.6-rc1 Linux
Am Tuesday, 5. Jul 2011 im Topic 'Pentest'
Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.Sqlninja is written in Perl and should run on any UNIX based platform with a Perl interpreter, as long as all needed modules have been installed. So far it has been successfully tested on:
.Linux
.FreeBSD
.Mac OS X
It is basically an official release with all the new features that have been in the SVN for a while (most of them for almost 1 year, ouch). More specifically:
.ICMP-based shell
.CVE-2010-0232 support to escalate the sqlsrvr.exe process to SYSTEM (greetz Tavis)
.Header-based injection support
Download:
http://sqlninja.sourceforge.net/download.html
.Linux
.FreeBSD
.Mac OS X
It is basically an official release with all the new features that have been in the SVN for a while (most of them for almost 1 year, ouch). More specifically:
.ICMP-based shell
.CVE-2010-0232 support to escalate the sqlsrvr.exe process to SYSTEM (greetz Tavis)
.Header-based injection support
Download:
http://sqlninja.sourceforge.net/download.html