Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

[tool] sqlsus 0.3 released !

From: sativouf <sativouf () gmail com>
Date: Sun, 5 Apr 2009 22:07:53 +0200
Hi everyone,

A new version of sqlsus has been released and is available at
http://sqlsus.sf.net/
You will find on the website a description of the features, along with
some documentation and flash demos showing how the tool can be used.

sqlsus is a MySQL injection and takeover tool, written in perl.
Via a command line interface that mimics a mysql console, you can
retrieve the database structure / contents, inject a SQL query,
download files from the web server, upload and control a backdoor, and
much more...
It is designed to maximize the amount of data gathered per web server
hit, making the best use (I can think of) of MySQL functions to
optimize the available injection space.
sqlsus is focused on PHP/MySQL installations, and integrates some neat
features, some of which are really specific to this DBMS.


What's new
==========

- Full SQLite backend, storing queries / results as they come,
databases structure, variables... into a local SQLite database.
- Added "clone" command to clone some columns, a table, or the full
database into a local SQLite database.
- "clone" has a resume ability, allowing to continue accross sessions.
- Rewrite of the blind injection engine (A LOT faster now):
   - keep all the threads busy with micro tasks (huge speed improvement)
   - regular expression matching for each item, prior to bruteforcing
(huge drop in the number of hits required)
   - progress meter
- Added cookie support.
- Possibility to change the current database ("use xxx"), and still be
able to use all the commands transparently
- Better query shortening, allowing even more data to be fetched per server hit.
- Got rid of IPC::Shareable, using socketpair() instead.
- Use of BINARY for inband injections, to avoid collation issues.
- Inband injection is now only contained in subqueries, to allow more
complex sql injection scenarios.
...

The full CHANGELOG can be found in the tarball or at
http://sqlsus.sf.net/download.html

Download and enjoy :)

- sativouf

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: