I wrote a couple of new tools for pen-testing MSSQL servers. I wrote them on OpenBSD, but they should work on any *nix. sqlcmd.c - MSSQL "shell" sql-bugger - Uploads and compiles an exe through MSSQL I tested them against MSSQL 6.5, but they should work on 7 with SQL authentication as well. Both of these tools use a replay of an isql_w session. http://www.severus.org/sqltools.zip X ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri Mar 08 2002 - 09:57:39 PST