Full Disclosure: :: BobCat Alpha v0.2 ::

[Dave <dave () northern-monkee co uk>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

:: What is it? ::
BobCat is a tool to aid a security consultant in taking full advantage
of SQL injection vulnerabilities. It is based on a tool named "Data
Thief" that was published as PoC by appsecinc. BobCat can exploit SQL
injection bugs/opportunities in web applications, independent of
language, but dependent on MS SQL as the back end DB.

:: More Info ::
Site: http://www.northern-monkee.co.uk/
Project: http://www.northern-monkee.co.uk/projects/bobcat/bobcat.html
E-Mail: bobcat () northern-monkee co uk

:: Requirements ::
In order for BobCat to be useful you need the following:

a) an application that is vulnerable to SQL injection.
b) an MS SQL server/MSDE 2000 instance that is;
        reachable from the client you are running bobcat from and;
        reachable from the remote db that you are running commands on.
c) a privileged account on local DB (sa preferable).

:: Download ::
Download BobCat Alpha v0.2 from:
 http://www.northern-monkee.co.uk/projects/bobcat/bin/BobCat_Alphav0.2.zip
http://www.northern-monkee.co.uk/projects/bobcat/bin/BobCat_Alphav0.2.rar

Accompanying tools can be obtained from:

http://www.northern-monkee.co.uk/projects/bobcat/bin/Tools.zip
http://www.northern-monkee.co.uk/projects/bobcat/bin/Tools.rar

:: Notes ::
Please report all grumbles, gripes and bugs to:

e-mail: bobcat () northern-monkee co uk

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFD44xLCq8ddNLLSusRAkFNAKCV/sCG1OzHZbKAP28tF+VB1spBQQCfURFH
cfwtlZvDswSqpcxfE+H3MhQ=
=xvfX
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/