[sqlmap-users] sqlmap 0.7rc1 released
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] sqlmap 0.7rc1 released
|
From: Bernardo D. A. G. <ber...@gm...> - 2009-04-22 14:17:34
|
Hi, I am glad to release sqlmap version 0.7rc1. WARNING: This release is a candidate, it only works on Linux so please do not complain that it does not work on your Windows or Mac OS X systems. Thanks to anyone of you that contributed with really appreciated and useful feedback. Changes ======= Some of the new features include: * Added support to execute arbitrary commands on the database server underlying operating system either returning the standard output or not via UDF injection on MySQL and PostgreSQL and via xp_cmdshell() stored procedure on Microsoft SQL Server; * Added support for out-of-band connection between the attacker box and the database server underlying operating system via stand-alone payload stager created by Metasploit and supporting Meterpreter, shell and VNC payloads for both Windows and Linux; * Added support for out-of-band connection via Microsoft SQL Server 2000 and 2005 'sp_replwritetovarbin' stored procedure heap-based buffer overflow (MS09-004) exploitation with multi-stage Metasploit payload support; * Added support for out-of-band connection via SMB reflection attack with UNC path request from the database server to the attacker box by using the Metasploit smb_relay exploit; * Added support to read and write (upload) both text and binary files on the database server underlying file system for MySQL, PostgreSQL and Microsoft SQL Server; * Added database process' user privilege escalation via Windows Access Tokens kidnapping on MySQL and Microsoft SQL Server via either Meterpreter's incognito extension or Churrasco stand-alone executable; * Speed up the inference algorithm by providing the minimum required charset for the query output; * Major bug fix in the comparison algorithm to correctly handle also the case that the url is stable and the False response changes the page content very little; * Many minor bug fixes, minor enhancements and layout adjustments. Complete list of changes at http://sqlmap.sourceforge.net/doc/ChangeLog. Download ======== You can download it in two formats: * Source gzip compressed, http://downloads.sourceforge.net/sqlmap/sqlmap-0.7rc1.tar.gz * Source zip compressed, http://downloads.sourceforge.net/sqlmap/sqlmap-0.7rc1.zip Documentation ============= * sqlmap user's manual: http://sqlmap.sourceforge.net/doc/README.pdf * "Advanced SQL injection to operating system full control" whitepaper[1] and slides[2] presented at Black Hat Europe 2009 in Amsterdam (The Netherlands) on April 16, 2009 [1] http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf [2] http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-slides Happy hacking! -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobiles: +447788962949 (UK), +393493821385 (IT) PGP Key ID: 0x05F5A30F |
