Re: Open Source SQL Inject, XSS, Remote File Include Testing

From: Marco Ivaldi (raptor@mediaservice.net)
Date: Thu May 24 2007 - 06:06:02 EDT


Hey again pen-testers,

On Mon, 21 May 2007, Marco Ivaldi wrote:

> You shouldn't expect anything too fancy (it's still v0.1 after all;), but it
> does its job:

I managed to work a bit more on my multi-purpose MSSQL injection script,
and now (at version 0.9;) it can be considered a fairly powerful and
usable attack tool. You can download it from:

http://www.0xdeadbeef.info/code/mssql-hax0r

Three modes of operation are available:

1) Information Gathering (-m info).
    Dump basic information about the MSSQL database (@@version, db_name(),
    user_name(), system_user, etc.), database names, tables/views/stored
    procedures, columns, data types, keys, and users.

2) Record Dump (-m dump).
    Dump N records from the specified columns/table|db..table

3) Brute Force (-m brute)
    Perform a brute force attack against the specified user(s), either
    using a password wordlist or testing weak passwords such as the empty
    one or password=username.

Cheers,

-- 
Marco Ivaldi, OPST
Chief Security Officer    Data Security Division
@ Mediaservice.net Srl    http://mediaservice.net/
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:49 EDT