Metasploit and SQL injection

imagensecforcepost.png

SECFORCE has released a set of scripts for enhancing Metasploit functionality exploiting SQL injection vulnerabilities. This is particularly useful in two scenarios:

The scripts can be retrieved from the Metasploit repository.

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/mssql/mssql_payload_sqli.rb

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin_sqli.rb

You may also be interested in...

imagensecforcepost.png
Nov. 14, 2012

VMInjector – DLL Injection tool to unlock guest VMs

VMInjector is a tool designed to bypass OS login authentication screens of major operating systems running on VMware Workstation/Player, by using direct memory manipulation.

See more
imagensecforcepost.png
March 31, 2009

SECFORCE have co-authored the book "SQL Injection Attacks and Defense"

SECFORCE has co-authored a book fully dedicated to SQL injection attacks and published by Syngress.

See more