[Dailydave] hotel room things
Rhys Kidd
rhyskidd at gmail.com
Mon May 14 11:23:27 EDT 2007
Dave,
I'm personally a big fan of sqlmap, http://sqlmap.sourceforge.net/. for
blind SQL injection and enumeration.
Some nice features include:
- Using both page hashes and string matches to pick responses apart.
- Extensive fingerprinting
- Limited IDS evasion.
- Support for a variety of RDBMS'
Being able to do the below in Python is hot; in a very PCI-is-a-buzz-word
kind of way.
$ python sqlmap.py -u "http://localhost/index.php?id=1&cat=2" --tables -D
mysql
Database: mysql
[21 tables]
+---------------------------+
| columns_priv |
| db |
| event |
| func |
| general_log |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| host |
| plugin |
| proc |
| procs_priv |
| slow_log |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.immunitysec.com/pipermail/dailydave/attachments/20070514/e7cd4614/attachment-0001.htm
More information about the Dailydave
mailing list