diff options
| -rw-r--r-- | network/sqlninja/README | 27 |
1 files changed, 15 insertions, 12 deletions
diff --git a/network/sqlninja/README b/network/sqlninja/README index 3d26adcf36c25..fa8e0c43171bc 100644 --- a/network/sqlninja/README +++ b/network/sqlninja/README @@ -1,16 +1,19 @@ -Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web -application that uses Microsoft SQL Server as its back-end. Its main goal is -to provide a remote access on the vulnerable DB server, even in a very hostile -environment. It should be used by penetration testers to help automate the -process of taking over a DB Server when a SQL Injection vulnerability has been +Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities +on a web application that uses Microsoft SQL Server as its +back-end. Its main goal is to provide a remote access on the +vulnerable DB server, even in a very hostile environment. It should +be used by penetration testers to help automate the process of +taking over a DB Server when a SQL Injection vulnerability has been discovered. -Since version 0.2.5, sqlninja will upload .exe files by default instead of -.scr ones. If you want to upload .scr files instead, the original sqlninja -files are distributed inside /usr/lib$LIBDIRSUFFIX/sqlninja/scripts/ . +Since version 0.2.5, sqlninja will upload .exe files by default +instead of .scr ones. If you want to upload .scr files instead, +the original sqlninja files are distributed in: +/usr/lib$LIBDIRSUFFIX/sqlninja/scripts/ Raul Siles' patch for better Metasploit Framework interaction has been -discontinued since it was released for an old version of sqlninja only. The -patch added two new timers ($client_delay (30 secs) and $server_delay (5 -secs)) to use within sqlninja. Since it could be still somehow handy it has -been included in the package documentation directory. +discontinued since it was released for an old version of sqlninja +only. The patch added two new timers ($client_delay (30 secs) and +$server_delay (5 secs)) to use within sqlninja. Since it could be +still somehow handy it has been included in the package documentation +directory. |