Yet another SQL injection framework
- From: Guillermo Marro <gmmarro@xxxxxxxxxxxx>
- Date: Thu, 19 Apr 2007 15:44:26 -0300
Hi List,
FG-Injector is a free tool that leverages the pentester's work by
facilitating the exploitation of SQL Injection vulnerabilities.
It includes a a powerful proxy feature for intercepting and modifying
HTTP requests, a network spy module to allow the analyst view HTTP
requests and their corresponding responses and an inference engine for
automating SQL injection exploitation.
The Inference Engine Module of the FG-Injector Framework automates the
generation and injection of SQL statements needed for exploitation of a
Blind SQL Injection. This module will work also for regular injections
using the same method. It can produce blind injections on web/app
servers using MS SQL Server, MySQL, and PostgresSql DBMSs.
Get both, sources and a windows binary from:
http://www.flowgate.net/?lang=en&seccion=herramientas
-G
--
...........................................
Guillermo Marro
F L O W G A T E Consulting
Maipu 778 - piso 1 - of 10
Rosario - 2000
Argentina
TEL: +54-341-4112511
FAX: +54-341-5291067
PGP: http://www.flowgate.net/PK/GM_FG.pub
Attachment:
signature.asc
Description: This is a digitally signed message part
- Follow-Ups:
- Re: Yet another SQL injection framework (file corruption)
- From: Guillermo Marro
- Re: Yet another SQL injection framework (file corruption)
- Prev by Date: Re: Re: Linux restricted ASCII Shellcode
- Next by Date: Re: Yet another SQL injection framework (file corruption)
- Previous by thread: CfP Hack.lu 2007
- Next by thread: Re: Yet another SQL injection framework (file corruption)
- Index(es):
Relevant Pages
|
