Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: custom xp_cmdshell on SQL Server
From: Stefano Zanero <s.zanero () securenetwork it>
Date: Fri, 15 Sep 2006 11:35:32 +0200

Andy Lester wrote:
Hello list,

I am pen-testing a web app that is vulnerable to SQL Injection. The
queries to the backend DB are done with a non-privileged user, but using
OPENROWSET and inference-based injection I have been able to find the sa
password and escalate privileges.

Did you have a look at SQL Ninja ?
http://sqlninja.sourceforge.net/

It's a handy tool when you deal with SQL Server.

Stefano


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]