Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: MSSQL tools

MSSQL tools

From: Jeff Thomas <jeff_at_severus.org>
Date: Fri, 8 Mar 2002 08:27:09 -0500

I wrote a couple of new tools for pen-testing MSSQL servers. I wrote them
on
OpenBSD, but they should work on any *nix.

sqlcmd.c - MSSQL "shell"
sql-bugger - Uploads and compiles an exe through MSSQL

I tested them against MSSQL 6.5, but they should work on 7 with SQL
authentication as well.
Both of these tools use a replay of an isql_w session.

http://www.severus.org/sqltools.zip

X

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Mar 08 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]