![]() ![]() To Audit Management and Multiple Databases > Integration with Metasploit3, to obtain a graphical access to the remote DB > Evasion techniques to confuse a few IDS/IPS/WAF. (check the documentation for details about how this works). > DNS-tunneled pseudo-shell, when no TCP/UDP ports are available forĪ direct/reverse shell, but the DB server can resolve external hostnames > ICMP-tunneled shell, when no TCP/UDP ports are available for a direct/reverse > Direct and reverse bindshell, both TCP and UDP To find a port that is allowed by the firewall of the target network > TCP/UDP portscan from the target SQL Server to the attacking machine, in order > Upload of netcat (or any other executable) using only normal HTTP requests (no FTP/TFTP needed). > Creation of a custom xp_cmdshell if the original one has been removed > Bruteforce of ‘sa’ password (in 2 flavors: dictionary-based and incremental). > Fingerprint of the remote SQL Server (version, user performing the queries, user privileges, xp_cmdshell availability, DB authentication mode) The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a Boolean query based technique. Mole is an automatic SQL Injection exploitation tool. The Mole: Automatic SQL Injection Exploitation Tool
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |