Vuln Dev
Yet another SQL injection framework Apr 19 2007 06:44PM
Guillermo Marro (gmmarro flowgate net) (1 replies)
Hi List,

FG-Injector is a free tool that leverages the pentester's work by
facilitating the exploitation of SQL Injection vulnerabilities.

It includes a a powerful proxy feature for intercepting and modifying
HTTP requests, a network spy module to allow the analyst view HTTP
requests and their corresponding responses and an inference engine for
automating SQL injection exploitation.

The Inference Engine Module of the FG-Injector Framework automates the
generation and injection of SQL statements needed for exploitation of a
Blind SQL Injection. This module will work also for regular injections
using the same method. It can produce blind injections on web/app
servers using MS SQL Server, MySQL, and PostgresSql DBMSs.

Get both, sources and a windows binary from:

http://www.flowgate.net/?lang=en&seccion=herramientas

-G
--
...........................................
Guillermo Marro
F L O W G A T E Consulting
Maipu 778 - piso 1 - of 10
Rosario - 2000
Argentina
TEL: +54-341-4112511
FAX: +54-341-5291067
PGP: http://www.flowgate.net/PK/GM_FG.pub
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQBGJ7iKQkJMAsC/Z9sRApWyAJ9iLH4ToFylhAydy1ri1xf4J6xUOACfVGDf
+iD8TXUHX5Fn1M8mz63Sn7Q=
=/H/I
-----END PGP SIGNATURE-----

[ reply ]
Re: Yet another SQL injection framework (file corruption) Apr 20 2007 11:56AM
Guillermo Marro (gmmarro flowgate net)


 

Privacy Statement
Copyright 2010, SecurityFocus