[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Blind MySQL injection database stressing tool.. for hackers!

To: full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, staff@xxxxxxxxxxxxx
Subject: [Full-disclosure] Blind MySQL injection database stressing tool.. for hackers!
From: "kanutron (lists)" <mailinglists@xxxxxxxxxxxx>
Date: Fri, 23 Dec 2005 17:10:25 +0100

Hi..

Seems someone wins a fight against a blind MySQL injection, with mysql v3 and magic_quotes enabled.. This is the funny video: http://www.reversing.org/files/beyond_mysql_injection.avi ed2k://|file|beyond_mysql_injection.avi|18148274|CD388D581A720AF5C5887117D9279A1A|h=UZFXHKMLGBOBP56FAYF2LLFNSQARNKQW|/

There’s also another video here:
http://www.unsec.net/download/bsqlbf.avi

The Magic is in the ending part of the video!

The tool (“sqlbftools”) is under the “projects” section and a little article (“Blind MySQL injection and database stressing”) is under the “essays” section in the page: http://www.reversing.org. The msqlbf perl script is available at http://www.unsec.net/


Ping!


Grettings to Dsr! and 7a69


PD: Dab told me to say nothing about http://unsec.net


--
kanutron (aka Josepmaria Roca)
* mailinglists@xxxxxxxxxxxx
* http://kanutron.net/
-----------------------------------------------------------------------------
" las opiniones son como los culos,
 todo el mundo tiene el suyo "
               - Harry Challahan -


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] [SECURITY] [DSA 926-1] New ketm packages fix privilege escalation
Next by Date: [Full-disclosure] html in simpbook
Previous by thread: [Full-disclosure] [SECURITY] [DSA 926-1] New ketm packages fix privilege escalation
Next by thread: [Full-disclosure] html in simpbook
Index(es):
- Date
- Thread