Nytro Posted February 6, 2013 Report Posted February 6, 2013 [h=1]SQLNinja 0.2.999-alpha1[/h]by Mayuresh on February 6, 2013We finally have a SQLNinja update! We first covered the awesome tool here! We now have SQLNinja version 0.2.999-alpha1! This is the first alpha of the new release, with all the newest cool stuff like data extraction via WAITFOR and DNS tunnel, plus vbscript-based upload!Sqlninja is an exploitation tool to be used against web apps based on MS SQL Server that are vulnerable to SQL Injection attacks, in order to get a shell also in very hostile conditions. Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered.”[h=2]Change log for SQLNinja 0.2.999-alpha1:[/h] Added data extraction moduleAdded vbscript-based uploadSplit big ugly script into modulesLots of refactoring [h=3]Download SQLNinja 0.2.999-alpha1:[/h] SQLNinja 0.2.999-alpha1 – sqlninja-0.2.999-alpha1.tgz 0.2.999-alpha1Sursa: SQLNinja version 0.2.999-alpha1! — PenTestIT Quote
boogy Posted February 6, 2013 Report Posted February 6, 2013 ce face astaDaca cauti putin poti raspunde singur la intrebarea tasqlninja - a SQL Server injection & takeover tool Quote
