SQL-nightmare: SQL SERVER Exploitation

by do son ·

SQL Nightmare

An SQL SERVER Exploitation tool

Functions

  1. Server Directory navigation.
  2. Server Database Dump.
  3. Read Server Files.
  4. Shell spawning.

Download

Use

SQL-nightmare.exe

Input URL Format

http://localhost:1234/index.aspx?param=1 AND 0 union select 1,’rummykhan’,2 –X-

Replace the string/vulnerable column to ‘rummykhan’ and ending comments to –X-

Disclaimer

  1. This software was written for educational purposes only.
  2. Don’t use it on any site without prior permission of site owner.

Source: https://github.com/rummykhan/SQL-nightmare

 

Tags: SQL server exploitationSQL-nightmaresqli