Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered.
It is written in perl and so far has been successfully tested on:
- Linux
- FreeBSD
- Mac OS X
You can download sqlninja 0.2.1-r1 here:
Security4all Blog
Twitter
Slideshare
Facebook
Digg
Flickr
0 comments:
Post a Comment