Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
[Full-disclosure] :: BobCat Alpha v0.2 ::
From: Dave (davenorthern-monkee.co.uk)
Date: Fri Feb 03 2006 - 11:01:00 CST
-----BEGIN PGP SIGNED MESSAGE-----
:: What is it? ::
BobCat is a tool to aid a security consultant in taking full advantage
of SQL injection vulnerabilities. It is based on a tool named "Data
Thief" that was published as PoC by appsecinc. BobCat can exploit SQL
injection bugs/opportunities in web applications, independent of
language, but dependent on MS SQL as the back end DB.
:: More Info ::
:: Requirements ::
In order for BobCat to be useful you need the following:
a) an application that is vulnerable to SQL injection.
b) an MS SQL server/MSDE 2000 instance that is;
reachable from the client you are running bobcat from and;
reachable from the remote db that you are running commands on.
c) a privileged account on local DB (sa preferable).
:: Download ::
Download BobCat Alpha v0.2 from:
Accompanying tools can be obtained from:
:: Notes ::
Please report all grumbles, gripes and bugs to:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/