This perl script allows extraction of data from Blind SQL Injections.It accepts custom SQL queries as a command line parameter and it works for both integer and string based injections.Databases supported: MS-SQL . MySQL . PostgreSQL . Oracle
The new addition is the execution of any metasploit payload after executing OS code against Oracle database server by exploiting SQL Injection from web apps.See video demo
Download: http://code.google.com
{ 0 komentar... Views All / Send Comment! }
Posting Komentar