BSQL Hacker – Automated SQL Injection

BSQL Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities in virtually any database.

It ships with Automated Attack modules which allows the dumping of whole databases for the following DBMS:

  • MS-SQL Server
  • ORACLE
  • MySQL (experimental)

Attack Templates for:

  • MS Access
  • MySQL
  • ORACLE
  • PostgreSQL
  • MS-SQL Server

Also you can write your own attack template for any other database as well (see the manual for details). New attack templates and exploits for specific web application can be shared via Exploit Repository.

BSQL Hacker aims for experienced users as well as beginners who want to automate SQL Injections (especially Blind SQL Injections).

It supports :

  • Blind SQL Injection (Boolean Injection)
  • Full Blind SQL Injection (Time Based)
  • Deep Blind SQL Injection (a new way to exploit BSQLIs, explained here)
  • Error Based SQL Injection

It allows metasploit alike exploit repository to share and update exploits and attack temlpates.

You can download BSQL Hacker here:

BSQLHackerSetup-0907.exe

Or read more here.

Labels: , ,

Surf Jack – Cookie Session Stealing Tool

A tool which allows one to hijack HTTP connections to steal cookies – even ones on HTTPS sites! Works on both Wifi (monitor mode) and Ethernet.

Features:

  • Does Wireless injection when the NIC is in monitor mode
  • Supports Ethernet
  • Support for WEP (when the NIC is in monitor mode)

Known issues:

  • Sometimes the victim is not redirected correctly (particularly seen when targeting Gmail)
  • Cannot stop the tool via a simple Control^C. This is a problem with the proxy

Requires:

  • Python 2.4
  • Scapy

You can download Surf Jack here:

surfjack-0.2b.zip

Or read more here.

Labels: ,

PorkBind v1.3 – Nameserver (DNS) Security Scanner

This program retrieves version information for the nameservers of a domain and produces a report that describes possible vulnerabilities of each.

Vulnerability information is configurable through a configuration file; the default is porkbind.conf. Each nameserver is tested for recursive queries and zone transfers. The code is parallelized with libpthread.

Changes for v1.3

  • Wrote in-a-bind shell script that scans random domain names from DMOZ
  • Implemented recursive query testing
  • Changed porkbind.conf to use CVE numbers in addition to CERT alerts
  • Modified text displayed on stdout to make it more parsable
  • Licensed with GNU Lesser General Public License
  • Fixed timeout/concurrency/memory corruption bugs
  • Fixed improper comparison of alpha/beta version numbering bug
  • Added typecasts to silence compiler warnings

The tool now scans for 14 flaws and reports CVE numbers & CERT.

You can download PorkBind v1.3 here:

porkbind-1.3.tar.gz

Or read more here.

Labels: , ,
Subscribe to: Posts (Atom)