Full Disclosure mailing list archives

Blind MySQL injection database stressing tool.. for hackers!

From: "kanutron (lists)" <mailinglists () kanutron net>
Date: Fri, 23 Dec 2005 17:10:25 +0100

Hi..

Seems someone wins a fight against a blind MySQL injection, with mysqlv3 and magic_quotes enabled.. This is the funny video:

http://www.reversing.org/files/beyond_mysql_injection.avi
ed2k://|file|beyond_mysql_injection.avi|18148274|CD388D581A720AF5C5887117D9279A1A|h=UZFXHKMLGBOBP56FAYF2LLFNSQARNKQW|/

There’s also another video here:
http://www.unsec.net/download/bsqlbf.avi

The Magic is in the ending part of the video!

The tool (“sqlbftools”) is under the “projects” section and a littlearticle (“Blind MySQL injection and database stressing”) is under the“essays” section in the page: http://www.reversing.org. The msqlbf perlscript is available at http://www.unsec.net/



Ping!


Grettings to Dsr! and 7a69


PD: Dab told me to say nothing about http://unsec.net


--
kanutron (aka Josepmaria Roca)
* mailinglists () kanutron net
* http://kanutron.net/
-----------------------------------------------------------------------------
" las opiniones son como los culos,
 todo el mundo tiene el suyo "
               - Harry Challahan -


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Blind MySQL injection database stressing tool.. for hackers! kanutron (lists) (Dec 23)