y0,
sorry for the NO update, but got time last weekend and tried out the ODBC convert sql injection exploit for MSSQL and implemented it on sqli helper. easy to spot exploitable page, just add a qoute, if you get “Microsoft OLE DB Provider for SQL Server error ‘80040e07′” then its exploitable
SQLI Helper for MYSQL and MSSQL 2.6 ODBC Error Message Exploit
- schema dump
- data dump
no change in use, best is to test it with these sites
http://desisweet.com/desichapationline/item_details.asp?item_id=1
http://www.bernco.gov/stage/departments.asp?dept=2340&submenuid=21008
download:
http://rapidshare.com/files/215376923/SQLIHelperV2.6.rar
本地下载:
password:
www.reiluke.i.ph
on ver 2.7 i will add ms access
sure there are similar tools out there, but my tool is the easiest to use, put the url and watch the app do the rest. enjoy
Posted by reiluke
