SpoC 007 - SQLMap - Progress Page

From OWASP

Revision as of 11:48, 16 July 2007 by Inquis (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Contents

1 Roadmap
- 1.1 Accomplished objectives at 16th of July 2007
- 1.2 Ongoing work at 16th of July 2007
2 Links

Roadmap

Accomplished objectives at 16th of July 2007

[100%] Extend inband SQL injection functionality to all other possible queries
[100%] Add Microsoft SQL Server database fingerprint
[100%] Add support for query ETA (Estimated Time of Arrival) real time calculation
[100%] Improve Google dorking support to take advantage of remote hosts affected by SQL injection to perform other command line argument actions
[100%] Improve logging functionality

Ongoing work at 16th of July 2007

[10%] Add support for Oracle database management system
[60%] Add support to extract database users password hash (done for MySQL and PostgreSQL, in progress for Microsoft SQL Server)
[60%] Add a fuzzer class with the aim to parse html page looking for standard database error messages consequently improving database fingerprinting
[0%] Add support for SQL injection on HTTP Cookie and User-Agent headers

Links

Retrieved from "https://wiki.owasp.org/index.php?title=SpoC_007_-_SQLMap_-_Progress_Page&oldid=19912"