Dailydave mailing list archives

SQL Hooker Release

From: Dave Aitel <dave () immunityinc com>
Date: Thu, 18 Oct 2007 13:40:06 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://forum.immunityinc.com/index.php?topic=92.0

JMS and I decided to put our code where our mouth was.

It looks a lot like this:
PyCommands $ python sql_listener.py 80812.4
Set up XMLRPC Socket on 0.0.0.0 port 8081
select count(*) from users where userName='cow' and userPass='boy'
10.10.10.243 - - [18/Oct/2007 13:03:17] "POST / HTTP/1.0" 200 -

Next up - file operation hooking perhaps? :>

- -dave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHF5p0B8JNm+PA+iURAtFlAKDhW3CVqVd6S621t4kdsQ1Y0sb2cgCg7JY5
QaZkG+j3E5b6NO0SJrR3yM8=
=bvnS
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

SQL Hooker Release Dave Aitel (Oct 18)
- Re: SQL Hooker Release J.M. Seitz (Oct 18)
- <Possible follow-ups>
- Re: SQL Hooker Release Hamid . K (Oct 18)
  - Re: SQL Hooker Release J.M. Seitz (Oct 19)