Sign In
SecureState home
SecureState
Skip navigation links
About Us
Audit & Compliance
Profiling
e.Discovery
Risk Management
Government
SecureState > SA Exploiter


Skip navigation links
Contact Us
Careers
Clients By Industry
Competitive Landscape
Media Center
Free Tools
Events
FAQ
Blog

SA Exploiter 


The most advanced GUI tool for aiding in full compromises of MSSQL servers via SQL injection.

Author: Scott White, Senior Security Consultant

Release:  August 10, 2008 by SecureState, 2pm at Defcon 16, Las Vegas, NV

SA Exploiter v.1 beta is the most advanced and only GUI tool available solely targeting SQL injection with excessive privileges to root MSSQL servers.  SA Exploiter is a standalone windows portable executable that automates the generation of injection strings for use with popular attacks such as the “ftp answer file” attack, as well as other more advanced attacks using binary payload injection.  The tool takes the widely known 64k limitation of Windows debug and successfully allows Metasploit shellcode to be copy/pasted or custom exe’s to be delivered for execution without the use of egress connections like ftp/tftp.  The tool also features code generation of many tasks such as disabling antivirus, turning on xp_cmdshell, adding user accounts, etc.

System Requirements: Windows

Installation Instructions:Standalone exe, no install needed.

Download Now

 
 

Chat Live with SecureState

Website designed and developed by SecureState, © 2008 SecureState LLC. All rights reserved. | Privacy Policy | Report discrepancy