SQLinject.sh - Script to automate the process of hijacking an MSSQL database connection.

SQLinject.sh – Script to automate the process of hijacking an MSSQL database connection.

This script is designed to automate the process of hijacking an MSSQL database connection. This script can be used to perform a MITM attack between two IP addresses using ettercap and ARP spoofing. You also submit an original SQL query and a new SQL query. The script will create, compile, and load an ettercap filter to replace the original SQL string with your new one. This should work on any MSSQL connection that is not encrypted.

sqlinject.sh

sqlinject.sh

SQLinject.sh Script:

Source : http://pastebin.com/Nge9rx7g |
for usage detail here: https://blog.anitian.com/hacking-microsoft-sql-server-without-a-password/