Sqlninja is a tool which is used to exploit SQL Injection
vulnerabilities on a web application that users Microsoft SQL
Server as its back-end. It's main goal is to provide a remote
access on the vulnerable DB server, even in a very hostile environment.
It will be used by penetration testers to automate the process of
taking over a DB Server when a SQL Injection vulnerability has been
discovered.
Additional feautures in the latest version :-
ICMP-based shell.
CVE-2010-0232 support to escalate the sqlservr.exe process to SYSTEM.
Header-based injection support.
You can download SQLNinja from here .
Additional feautures in the latest version :-
You can download SQLNinja from here .
0 comments:
Post a Comment