https://github.com/rummykhan/sql-nightmare
SQL SERVER Exploitation.
https://github.com/rummykhan/sql-nightmare
sql-injection sql-server
Last synced: 9 months ago
JSON representation
SQL SERVER Exploitation.
- Host: GitHub
- URL: https://github.com/rummykhan/sql-nightmare
- Owner: rummykhan
- License: mit
- Created: 2017-03-18T19:36:03.000Z (almost 9 years ago)
- Default Branch: master
- Last Pushed: 2017-03-18T20:03:55.000Z (almost 9 years ago)
- Last Synced: 2025-03-31T02:05:06.370Z (10 months ago)
- Topics: sql-injection, sql-server
- Language: C#
- Homepage:
- Size: 16.6 KB
- Stars: 27
- Watchers: 3
- Forks: 8
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# SQL Nightmare
An SQL SERVER Exploitation tool
#### Executable
Since this is source code, you can download exe from here [SQL Nightmare](https://www.dropbox.com/s/tld2ta55rajgcgf/SQL-nightmare.exe?dl=0)
#### Functions
1. Server Directory navigation.
2. Server Database Dump.
3. Read Server Files.
4. Shell spawining.
#### Input URL Format
`http://localhost:1234/index.aspx?param=1 AND 0 union select 1,'rummykhan',2 --X-`
Replace the string/vulnerable column to 'rummykhan' and ending comments to --X-
#### Disclaimer
1. This software was written for educational purposes only.
2. Don't use it on any site without prior permission of site owner.
#### Contact
Drop me an email at rehan_manzoor@outlook.com
#### MIT License
This software is licensed under [The MIT License (MIT)](LICENSE).
#### With Love for
| Lafangoo | Connecting | Ch3rn0by1 | exploiter-z | PMH`s Str!k3r | Makman | Madcode | g00n | benzi | Ricardo | Ajkaro | SOG | Jin | Zee-PK | Gujjar | Ashx | h98d (Hussein) | Muhammad Bilal |