Metasploit and SQL injection

imagensecforcepost.png

SECFORCE has released a set of scripts for enhancing Metasploit functionality exploiting SQL injection vulnerabilities. This is particularly useful in two scenarios:

The scripts can be retrieved from the Metasploit repository.

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/mssql/mssql_payload_sqli.rb

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin_sqli.rb

You may also be interested in...

imagensecforcepost.png
Dec. 30, 2008

Practical attack against SSL certificates - Creating a rogue CA certificate

Security researchers revealed how a weakness in the MD5 hashing algorithm could be used to create a rogue certificate.

See more
imagensecforcepost.png
Oct. 17, 2008

SCADA Security

SCADA Security

See more