[WEB SECURITY] Database tools required

Will Vandevanter Will_Vandevanter at rapid7.com
Tue May 11 15:38:48 EDT 2010

Check out the following auxiliaries in metasploit:



From: Jorge Correa [jacorream at gmail.com]
Sent: Tuesday, May 11, 2010 3:15 PM
To: Will Vandevanter
Cc: p0wnsauc3 at gmail.com; Parmendra Sharma; websecurity at webappsec.org
Subject: Re: [WEB SECURITY] Database tools required

Could you recommend us some of these Metasploit tools?

Thank you,
Jorge Correa

On Tue, May 11, 2010 at 13:36, Will Vandevanter <Will_Vandevanter at rapid7.com<mailto:Will_Vandevanter at rapid7.com>> wrote:
Also, check out Metasploit which has some great modules for connecting to specific DBs.

From: TAS [p0wnsauc3 at gmail.com<mailto:p0wnsauc3 at gmail.com>]
Sent: Tuesday, May 11, 2010 1:59 PM
To: Parmendra Sharma; websecurity at webappsec.org<mailto:websecurity at webappsec.org>
Subject: Re: [WEB SECURITY] Database tools required


Though your are not very clear with your question, I assume, since you have got the DB credentials, you want to connect to the database at the backend directly. If that is so, every database has its client. Download and install the client and connect to the backend.


Sent from BlackBerry® - Vodafone

From: Parmendra Sharma <s.parmendra at gmail.com<mailto:s.parmendra at gmail.com>>
Date: Tue, 11 May 2010 11:07:20 +0530
To: <websecurity at webappsec.org<mailto:websecurity at webappsec.org>>
Subject: [WEB SECURITY] Database tools required

Hi All,

While performing a VA / PT exercise of an application i got the database credentials. Kindly suggest any tool which connects me to the database through the application.

Thanks and Regards:

Parmendra Sharma
Computer Security Analyst

Join us on IRC: irc.freenode.net<http://irc.freenode.net> #webappsec

Have a question? Search The Web Security Mailing List Archives:

Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20100511/e8cdb620/attachment.html>

More information about the websecurity mailing list