NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Pen-test> 2002-03

From: Jeff Thomas (jeffseverus.org)
Date: Fri Mar 08 2002 - 07:27:09 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I wrote a couple of new tools for pen-testing MSSQL servers. I wrote them
on
OpenBSD, but they should work on any *nix.

sqlcmd.c - MSSQL "shell"
sql-bugger - Uploads and compiles an exe through MSSQL

I tested them against MSSQL 6.5, but they should work on 7 with SQL
authentication as well.
Both of these tools use a replay of an isql_w session.

http://www.severus.org/sqltools.zip

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]