lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <43E38C4C.6060301@northern-monkee.co.uk>
Date: Fri Feb  3 17:02:03 2006
From: dave at northern-monkee.co.uk (Dave)
Subject: :: BobCat Alpha v0.2 ::

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

:: What is it? ::
BobCat is a tool to aid a security consultant in taking full advantage
of SQL injection vulnerabilities. It is based on a tool named "Data
Thief" that was published as PoC by appsecinc. BobCat can exploit SQL
injection bugs/opportunities in web applications, independent of
language, but dependent on MS SQL as the back end DB.

:: More Info ::
Site: http://www.northern-monkee.co.uk/
Project: http://www.northern-monkee.co.uk/projects/bobcat/bobcat.html
E-Mail: bobcat@...thern-monkee.co.uk

:: Requirements ::
In order for BobCat to be useful you need the following:

a) an application that is vulnerable to SQL injection.
b) an MS SQL server/MSDE 2000 instance that is;
	reachable from the client you are running bobcat from and;
	reachable from the remote db that you are running commands on.
c) a privileged account on local DB (sa preferable).

:: Download ::
Download BobCat Alpha v0.2 from:
 http://www.northern-monkee.co.uk/projects/bobcat/bin/BobCat_Alphav0.2.zip
http://www.northern-monkee.co.uk/projects/bobcat/bin/BobCat_Alphav0.2.rar

Accompanying tools can be obtained from:

http://www.northern-monkee.co.uk/projects/bobcat/bin/Tools.zip
http://www.northern-monkee.co.uk/projects/bobcat/bin/Tools.rar

:: Notes ::
Please report all grumbles, gripes and bugs to:

e-mail: bobcat@...thern-monkee.co.uk

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFD44xLCq8ddNLLSusRAkFNAKCV/sCG1OzHZbKAP28tF+VB1spBQQCfURFH
cfwtlZvDswSqpcxfE+H3MhQ=
=xvfX
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ