Metasploit and SQL injection

imagensecforcepost.png

SECFORCE has released a set of scripts for enhancing Metasploit functionality exploiting SQL injection vulnerabilities. This is particularly useful in two scenarios:

The scripts can be retrieved from the Metasploit repository.

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/mssql/mssql_payload_sqli.rb

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin_sqli.rb

You may also be interested in...

imagensecforcepost.png
April 13, 2017

Pre-Auth MySQL remote DOS (Integer Overflow)

MySQL server is affected by a remote DoS attack, which could be exploited by a remote unauthenticated attacker to cause a loss of availability on the targeted service.

See more
imagensecforcepost.png
Oct. 11, 2012

SECFORCE achieves ISO27001:2005

SECFORCE has been accredited to ISO27001:2005 by the British Assessment Bureau.

See more