This link has been bookmarked by 66 people . It was first bookmarked on 25 Jul 2006, by Steev Klimaszewski.
-
18 Jan 16
-
05 Nov 13
-
05 Sep 12
-
19 Apr 12
-
13 Nov 11
-
21 Feb 11
-
08 Jan 11
Long Nguyen H DFancy going from a SQL Injection on Microsoft SQL Server to a full GUI access on the DB? Take a few new SQL Injection tricks, add a couple of remote shots in the registry to disable Data Execution Prevention, mix with a little Perl that automatically gene
security sql tools hacking sqlinjection pentest injection database
-
05 Dec 10
-
18 Nov 10
-
.a SQL Server injection & takeover tool
-
-
17 Nov 10
-
14 Nov 10
-
13 Nov 10
-
12 Nov 10
-
10 Nov 10
-
20 Aug 10
Kenneth PriisholmFancy going from a SQL Injection on Microsoft SQL Server to a full GUI access on the DB? Take a few new SQL Injection tricks, add a couple of remote shots in the registry to disable Data Execution Prevention, mix with a little Perl that automatically gene
-
08 Jul 10
-
11 May 10
-
29 Mar 10
-
10 Mar 10
kkotowicz* Fingerprint of the remote SQL Server
* Bruteforce of 'sa' password (in 2 flavors: dictionary-based and incremental)
* Privilege escalation to sysadmin group if 'sa' password has been found
* Creation of a custom xp_cmdshell if the original one has been -
25 Dec 09
-
15 Sep 09
-
27 Sep 08
-
22 Sep 08
Gabor NagypalFancy going from a SQL Injection to a full GUI access on the DB server? What about extracting password hashes on the fly? Take a few new SQL Injection tricks, add a couple of remote shots in the registry to disable Data Execution Prevention, mix with a little Perl that automatically generates a debug script, put all this in a shaker with a Metasploit wrapper, shake well and you have the latest release of sqlninja!
-
06 Jun 08
-
21 May 08
-
30 Apr 08
-
16 Feb 08
-
24 Nov 07
-
17 Oct 07
-
28 Aug 07
-
21 Jul 07
-
05 Jul 07
-
28 Jun 07
-
21 Jun 07
-
18 Dec 06
-
16 Dec 06
-
11 Sep 06
-
25 Jul 06
Would you like to comment?
Join Diigo for a free account, or sign in if you are already a member.