From owner-freebsd-ports-bugs@FreeBSD.ORG Wed Oct 17 15:20:01 2007 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E8BB516A478 for ; Wed, 17 Oct 2007 15:20:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 4078713C4A8 for ; Wed, 17 Oct 2007 15:20:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.1/8.14.1) with ESMTP id l9HFK0ae084925 for ; Wed, 17 Oct 2007 15:20:00 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.1/8.14.1/Submit) id l9HFK0tM084924; Wed, 17 Oct 2007 15:20:00 GMT (envelope-from gnats) Resent-Date: Wed, 17 Oct 2007 15:20:00 GMT Resent-Message-Id: <200710171520.l9HFK0tM084924@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, valerio.daelli@gmail.com Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DC0D716A41B for ; Wed, 17 Oct 2007 15:14:56 +0000 (UTC) (envelope-from eldon@sodio.ifom-ieo-campus.it) Received: from mail.ifom-firc.it (mail.ifom-firc.it [85.239.175.131]) by mx1.freebsd.org (Postfix) with ESMTP id 3A92D13C4A6 for ; Wed, 17 Oct 2007 15:14:55 +0000 (UTC) (envelope-from eldon@sodio.ifom-ieo-campus.it) Received: (qmail 573 invoked by uid 811); 17 Oct 2007 15:17:05 -0000 Received: from 85.239.175.187 by mail.ifom-firc.it (envelope-from , uid 803) with qmail-scanner-2.01 (clamdscan: 0.91.2/4543. f-prot: 4.6.7/3.16.15. spamassassin: . Clear:RC:1(85.239.175.187):. Processed in 0.397473 secs); 17 Oct 2007 15:17:05 -0000 Received: from unknown (HELO sodio.ifom-ieo-campus.it) ([85.239.175.187]) (envelope-sender ) by smtp.ifom-firc.it (qmail-ldap-1.03) with SMTP for ; 17 Oct 2007 15:17:04 -0000 Received: (from eldon@sodio.ifom-ieo-campus.it) by sodio.ifom-ieo-campus.it (mini_sendmail/1.3.6 29jun2005); Wed, 17 Oct 2007 17:16:53 CEST (sender eldon@sodio.ifom-ieo-campus.it) Message-Id: <20071017151456.3A92D13C4A6@mx1.freebsd.org> Date: Wed, 17 Oct 2007 15:14:55 +0000 (UTC) From: valerio.daelli@gmail.com To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/117276: New port: security/sqlninja a Sql Server penetration testing tool -- revisited X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: valerio.daelli@gmail.com List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Oct 2007 15:20:02 -0000 >Number: 117276 >Category: ports >Synopsis: New port: security/sqlninja a Sql Server penetration testing tool -- revisited >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Wed Oct 17 15:20:00 UTC 2007 >Closed-Date: >Last-Modified: >Originator: Valerio Daelli >Release: FreeBSD 6.2-RELEASE-p6 amd64 >Organization: IFOM >Environment: System: FreeBSD sodio.ifom-ieo-campus.it 6.2-RELEASE-p6 FreeBSD 6.2-RELEASE-p6 #8: Tue Jul 24 17:16:37 CEST 2007 root@sodio.ifom-ieo-campus.it:/usr/obj/usr/src/sys/SODIO amd64 >Description: SqlNinja is a tool to perform penetration testing on a Sql Server Database >How-To-Repeat: >Fix: --- sqlninja.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # /root/sqlninja/ # /root/sqlninja/Makefile # /root/sqlninja/distinfo # /root/sqlninja/pkg-descr # /root/sqlninja/pkg-plist # echo c - /root/sqlninja/ mkdir -p /root/sqlninja/ > /dev/null 2>&1 echo x - /root/sqlninja/Makefile sed 's/^X//' >/root/sqlninja/Makefile << 'END-of-/root/sqlninja/Makefile' X# New ports collection makefile for: sqlninja X# Date created: 2007-10-17 X# Whom: Valerio Daelli X# X# $FreeBSD$ X# X XPORTNAME= sqlninja XPORTVERSION= 0.2.1r1 XCATEGORIES= security XMASTER_SITES= ${MASTER_SITE_SOURCEFORGE} XMASTER_SITE_SUBDIR= ${PORTNAME} XDISTNAME= ${PORTNAME}-${PORTVERSION:S/r/-r/} XEXTRACT_SUFX= .tgz X XMAINTAINER= valerio.daelli@gmail.com XCOMMENT= Sql Server exploit toolkit X XRUN_DEPENDS= ${SITE_PERL}/Net/Pcap.pm:${PORTSDIR}/net/p5-Net-Pcap \ X ${SITE_PERL}/NetPacket/UDP.pm:${PORTSDIR}/net/p5-NetPacket \ X ${SITE_PERL}/Net/RawIP.pm:${PORTSDIR}/net/p5-Net-RawIP \ X ${SITE_PERL}/Net/DNS/Nameserver.pm:${PORTSDIR}/dns/p5-Net-DNS \ X ${SITE_PERL}/IO/Socket/SSL.pm:${PORTSDIR}/security/p5-IO-Socket-SSL X XUSE_PERL5= yes X Xdo-build: X Xdo-install: X ${MKDIR} ${PREFIX}/etc/sqlninja X ${MKDIR} ${PREFIX}/etc/sqlninja/scripts X ${MKDIR} ${PREFIX}/etc/sqlninja/dnstun X ${MKDIR} ${PREFIX}/share/doc/sqlninja X. for i in sqlninja X ${INSTALL_SCRIPT} ${WRKSRC}/${i} ${PREFIX}/bin X. endfor X. for i in dnstun.scr nc.scr X ${INSTALL_SCRIPT} ${WRKSRC}/scripts/${i} ${PREFIX}/etc/sqlninja/scripts X. endfor X. for i in dnstun.c dnstun.exe X ${INSTALL_SCRIPT} ${WRKSRC}/dnstun/${i} ${PREFIX}/etc/sqlninja/dnstun X. endfor X. for i in sqlninja-howto.html sqlninja.conf.example X ${INSTALL_DATA} ${WRKSRC}/${i} ${PREFIX}/share/doc/sqlninja X. endfor X X.include END-of-/root/sqlninja/Makefile echo x - /root/sqlninja/distinfo sed 's/^X//' >/root/sqlninja/distinfo << 'END-of-/root/sqlninja/distinfo' XSIZE (sqlninja-0.2.1-r1.tgz) = 118928 XMD5 (sqlninja-0.2.1-r1.tgz) = 4548b90a695eb0707fa38d6f3400cd29 XSHA256 (sqlninja-0.2.1-r1.tgz) = e1f2978750e3d86dc04e6d185157d4936156bc2761f67fb73ff822ccd721f704 END-of-/root/sqlninja/distinfo echo x - /root/sqlninja/pkg-descr sed 's/^X//' >/root/sqlninja/pkg-descr << 'END-of-/root/sqlninja/pkg-descr' XSqlninja is a tool targeted to exploit SQL Injection Xvulnerabilities on a web application Xthat uses Microsoft SQL Server as its back-end. X XIts main goal is to provide a remote shell on the Xvulnerable DB server, even in a very Xhostile environment. It should be used by Xpenetration testers to help and automate the Xprocess of taking over a DB Server when Xa SQL Injection vulnerability has been discovered. X XWWW: http://sqlninja.sourceforge.net/ END-of-/root/sqlninja/pkg-descr echo x - /root/sqlninja/pkg-plist sed 's/^X//' >/root/sqlninja/pkg-plist << 'END-of-/root/sqlninja/pkg-plist' Xbin/sqlninja Xetc/sqlninja/scripts/dnstun.scr Xetc/sqlninja/scripts/nc.scr Xetc/sqlninja/dnstun/dnstun.c Xetc/sqlninja/dnstun/dnstun.exe Xshare/doc/sqlninja/sqlninja-howto.html Xshare/doc/sqlninja/sqlninja.conf.example X@dirrm etc/sqlninja/scripts X@dirrm etc/sqlninja/dnstun X@dirrm etc/sqlninja X@dirrm share/doc/sqlninja END-of-/root/sqlninja/pkg-plist exit --- sqlninja.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted: