Sqlninja demo page
While sqlninja can be extremely effective in your penetration tests, is not a trivial tool to setup and use. While this is a good thing to keep script kiddies at bay, it can be also a problem for security professionals that have to deal with short deadlines. Therefore, here are a couple of flash movies that should make things a little clearer for people that have never used this tool before.
A demo of all basic features:
- How to configure the tool
- How to fingerprint the remote server
- How to bruteforce the 'sa' password
- How to upload executables and obtain a shell
A demo of the integration of sqlninja and metasploit, showing how to start from a simple SQL Injection to finally obtain a full GUI access on the remote DB server. Yes, while the other demo should be watched first, this happens to be the coolest one.