mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-29 13:00:32 +01:00
9fa48440c8
Signed-off-by: B. Watson <yalhcru@gmail.com>
19 lines
968 B
Text
19 lines
968 B
Text
Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities
|
|
on a web application that uses Microsoft SQL Server as its
|
|
back-end. Its main goal is to provide a remote access on the
|
|
vulnerable DB server, even in a very hostile environment. It should
|
|
be used by penetration testers to help automate the process of
|
|
taking over a DB Server when a SQL Injection vulnerability has been
|
|
discovered.
|
|
|
|
Since version 0.2.5, sqlninja will upload .exe files by default
|
|
instead of .scr ones. If you want to upload .scr files instead,
|
|
the original sqlninja files are distributed in:
|
|
/usr/lib$LIBDIRSUFFIX/sqlninja/scripts/
|
|
|
|
Raul Siles' patch for better Metasploit Framework interaction has been
|
|
discontinued since it was released for an old version of sqlninja
|
|
only. The patch added two new timers ($client_delay (30 secs) and
|
|
$server_delay (5 secs)) to use within sqlninja. Since it could be
|
|
still somehow handy it has been included in the package documentation
|
|
directory.
|