SQL ninja 0.2.6 released

Sqlninja is a tool which is used to exploit SQL Injection vulnerabilities on a web application that users Microsoft SQL Server as its back-end. It's main goal is to provide a remote access  on the vulnerable DB server, even in a very hostile environment. It will  be used by penetration testers to  automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered.


Additional feautures in the latest version :-

ICMP-based shell.

CVE-2010-0232 support to escalate the sqlservr.exe process to SYSTEM.

Header-based injection support. 

You can download SQLNinja from here .

Posted in: News