Metasploit and SQL injection

imagensecforcepost.png

SECFORCE has released a set of scripts for enhancing Metasploit functionality exploiting SQL injection vulnerabilities. This is particularly useful in two scenarios:

The scripts can be retrieved from the Metasploit repository.

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/mssql/mssql_payload_sqli.rb

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin_sqli.rb

You may also be interested in...

imagensecforcepost.png
Nov. 9, 2008

Penetration testing, antivirus, firewalls and false sense of security

False sense of security is an ongoing issue. Fueled by inaccurate marketing strategies promising the ultimate security product and convincing clients that their product will make your system immune to every single attack.

See more
imagensecforcepost.png
Feb. 22, 2011

Benefits of penetration testing

Benefits of conducting a penetration test: Manage Risk Properly, Increase Business Continuity, Minimise Client-side Attacks, Protect Clients, Partners And Third Parties, Comply With Regulation

See more