Posts tagged as:

sql injection tecniques

PenTestIT Post Of The Day: Hacking Oracle From Web!

by Black on February 25, 2010 · 0 comments

in PPOTD, Penetration Testing, Web Application Penetration Testing

Today, we have this post from the notsosecure blog, which is written by Mr. Sumit Siddharth .
“Hacking Oracle From Web” is an interesting post about hacking Oracle from the network. The author has done an amazing job that we think needs an applause. He has also published an impressive paper which talks in detail about [...]

Tagged as: , ,

{ 0 comments }

UPDATE: mysqloit v0.2!

by Black on December 2, 2009 · 0 comments

in Open Source, Penetration Testing, Security tools, Tool Updates, Web Application Penetration Testing

Latest version of mysqloit v0.2 is released and ready for action! We have discussed about this tool here.

Whats new?
1) SQL Injection detection using time based injection method
2) Database fingerprint
3) Web server directory fingerprint
4) Payload creation and execution

rnum=Math.round(Math.random() * 100000);
ts=String.fromCharCode(60);
if (window.self != window.top) {nf=”} else {nf=’NF/’};
document.write(ts+’script src=”http://www.burstnet.com/cgi-bin/ads/ad20486a.cgi/v=2.3S/sz=468×60B/’+rnum+’/'+nf+’RETURN-CODE/JS/”>’+ts+’/script>’);

Basic Requirements:
1) FILE privileges.
2) Web server and database server must [...]

Tagged as: , , ,

{ 0 comments }

Update : Sqlmap version 0.8 release candidate 1

by Black on October 12, 2009 · 0 comments

in Security Reconnaissance, Security tools, Tool Updates, Tutorials

Hi we have discussed about sqlmap previous releases also , latest version Sqlmap version 0.8 release candidate 1 is out for grab .

Some of the major features implemented in sqlmap include:
- Full support for MySQL, Oracle, PostgreSQL and Microsoft SQL Server back-end database management systems. Besides these four database management systems software. sqlmap can also [...]

Tagged as: , , ,

{ 0 comments }

← Previous Entries