Metasploit and SQL injection

imagensecforcepost.png

SECFORCE has released a set of scripts for enhancing Metasploit functionality exploiting SQL injection vulnerabilities. This is particularly useful in two scenarios:

The scripts can be retrieved from the Metasploit repository.

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/mssql/mssql_payload_sqli.rb

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin_sqli.rb

You may also be interested in...

imagensecforcepost.png
Jan. 5, 2015

SPARTA 1.0 BETA released

SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase.

See more
imagensecforcepost.png
April 15, 2017

CVE-2017-0199 exploitation with Cobalt Strike tutorial

CVE-2017-0199 leverages the way an OLE object is embedded into a Word/RTF document making it possible to execute its content without user interaction.

See more