Jump to content
Sign in to follow this  

SqlNinja: SQLi Scanner

Recommended Posts

SqlNinja este unul din tool'urile de baza din Backtrack si Kali Linux. Acesta te poate ajuta sa injectezi servere si sa recuperezi baze de date in timp real. Daca nu aveti aceste distro'uri, puteti sa il descarcati din aceste locuri:




Avertisment: Daca vreti sa il descarcati separat o sa va trebuiasca mai multe module instalate deja pe calculator! Mai multe detalii mai jos.



The following versions are available:

The alpha of the new release, with all the newest cool stuff! Data extraction via WAITFOR and DNS tunnel, plus vbscript-based upload! Download it and find some bugs 🙂

The stable version. It lacks the data extraction module, but it has been tested a lot more extensively
SVN snapshot

This is the hemorrhaging edge version! It supports Powershell stagers with metasploit. It is a work-in-progress, not 100% documented, and likely to have several bugs, so not for the faint hearted. Come on, give it a try, show chicks how brave you are, and report some bugs!

To download the latest snapshot, use the following command:

$ svn co svn://svn.code.sf.net/p/sqlninja/code/ sqlninja-devel

If your AV complains, it is because the Churrasco executable in the tarball is recognized as a virus. So nothing to worry about.


In order to use sqlninja, the following Perl modules need to be present:


You will also need the Metasploit Framework 3 on your box to use the metasploit attack mode, and also a VNC client if you use the VNC payload.

You also need a brain. Not strictly a Perl module, but it helps.



Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this