lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <DE5B0CD0A5DEE04F9147D08BF6DD21DF0C52D2@sec1svr03.SEC1SVR2003.sec-1.com>
Date: Mon Nov 21 11:24:17 2005
From: garyo at sec-1.com (Gary Oleary-Steele)
Subject: [SEC-1 LTD] Automagic SQL Injector

		[SEC-1 LTD]
	Sec-1 Research Labs Release
	
 Release Name:	Sec-1 Automagic SQL injector 0.1 Beta
 Release Date:	21/November/2005
     Platform: 	Active Perl Windows
       Author: 	Gary O'Leary-Steele
	


The Automagic SQL Injector is part of the Sec-1 Exploit Arsenal
provided as part of the Applied Hacking & Intrusion Prevention
training courses.


In a nutshell it's an automated SQL injection tool designed to help 
save time on pen tests. It is only designed to work with vanilla 
Microsoft SQL injection holes where errors are returned.

For a demonstration please visit http://scoobygang.org/magicsql/


The following features are currently supported:

[*] Browse tables and dump table data to a CSV file (2 methods).

[*] Upload files using debug script method.

[*] Automagical UDP reverse shell

[*] Interactive xp_cmdshell (simulated cmd.exe shell)


I plan to add other features such as a brute force account cracker 
and a module to search for other SQL servers using OPENROWSET().


Download: http://scoobygang.org/automagic.zip


Written for Active Perl (Windows), doesn't work too well on *nix.

Usage:

[*]  Sec-1 Automagical SQL injection tool [*]
        Gary O'leary-Steele @ Sec-1 Ltd

Usage:  perl C:\Automagic SQL injector\injector.pl <Options>

        -h      Target Host
        -f      Target File (e.g. /process_login.asp)
        -t      Type (POST|GET)
        -q      Is a leading single quote required (YES|NO)
        -a      Additional header such as a cookie. Enclose within ""
        -d      Database creation type (T|R). TEMP ## or regular table
                (Default is TEMP)


[THANKS!]

Thanks to Ollie Whitehouse for his srcmake.exe and UDP Revshell tool.
Thanks to Northern Monkee for the SQL help.

Note: Most of the supported features have been incorporated into 
bobcat by Northern Monkee, this simply offers an alternative.

**************************************************************
NEW: Sec-1 Hacking Training - Learn to breach network security 
to further your knowledge and protect your network 
http://www.sec-1.com/applied_hacking_course.html
**************************************************************

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ