SQLAT - SQL Auditing Tools Suite

SQLAT is a suite of tools which could be usefull for pentesting a MS SQL Server. The tools are still in development but tend to be quite stable.
The tools do dictionary attacks, upload files, read registry and dump the SAM. They do this by wrapping extended stored procedures. There is also a tool for doing a minimal analysis of a SQL Server with output as HTML. You need to be ’sa’ to run some of the tools, but this usually isn’t a problem.
The tool temporarily restores the xp_cmdshell if it is removed and the dll is still left on the system.
SQLAT is based on the freetds library and as of version 1.0.6 supports NTLM integrated login. It does not do named pipes yet.

Requires:
FreeTDS http://www.freetds.org
Pwdump2 http://razor.bindview.com/tools/files/pwdump2.zip

http://www.cqure.net/tools/sqlat-src-1.1.0.tar.gz

hash krackin rss feed Subscribe in a reader


Copyright 2011 | All software listed is freeware unless otherwise stated. All software listed is property of the publisher. The software on this website may be reported by antivirus as malicious, however this can be disregarded due to the nature of these tools. Hash Krackin can not be held responsible for any of your actions performed by the resources of this website. Please contact the webmaster of any broken links or password cracker resources you would like featured on this site.