Description: SqlNinja with Powersploit integration is very very very EXPERIMENTAL
- Inject Meterpreter.ps1 via Xp_CmdShell ft. Powershell
- Invoke-Mimikatz.ps1 via Powershell
Fancy going from a SQL Injection on Microsoft SQL Server to a full GUI access on the DB? Take a few new SQL Injection tricks, add a couple of remote shots in the registry to disable Data Execution Prevention, mix with a little Perl that automatically generates a debug script, put all this in a shaker with a Metasploit wrapper, shake well and you have just one of the attack modules of sqlninja!
Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.
Tags: hacking , sqlninja , meterpreter , powershell , mimikatz , powersploit , bypass av , invoke-mimikatz ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.