Monday, September 13, 2010

Havij Vers 1.2 Released

Description !!
Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.

It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.

What's New?
-HTTPS Support
-MsSQL Blind added
-MsAccess Blind added (Commerical version only)
-PostgreSQL added (Commerical version only)
-Check for update added.
-Manual queries with result added. (Commerical version only)
-1 row per 1 request (all in one request) added (Commerical version only)
-Dumping data into file added (Commerical version only)
-Saving data in XML format added (Commerical version only)
-Injecting targets with any port added (default http port is 80) (Commerical version only)
-XSS bug in saved reports fixed.
-Clear log added.
-Apply button added to the settings so it is possible to change the settings anytime (Commerical version only)
-keyword test and correction method added.
-finding columns count and string column optimized for better injection and data base detecting.
-Finding columns count and string column made better.
-"414 Request-URI too long" bug fixed.
-New method for getting tables and columns in mssql added.
-Some bugs in MsAccess injection when syntax has been defined manually fixed.
-Enable XP_Exec added to cmdshell (Commerical version only)
-Enable OS_Ex added to cmdshell (Commerical version only)
-Enable remote desktop added to cmdshell (Commerical version only)
-Confusing MsSQL 2005 with MySQL when finding columns count fixed.
-Broken MD5 cracker sites removed.
-a bug in detecting mssql no error fixed.
-a bug in getting columns in mssql no error fixed.
-a bug in injecting into access database fixed.
-a bug in getting data in mssql fixed.
-a bug in finding mssql's row count fixed.
-a bug in detecting database type when column count is found fixed.
-a bug in MsSQL no error manual syntax and command executation fixed.

download disini


tanda tangan
tanda tangan



Jangan lewatkan

Havij Vers 1.2 Released
4/ 5

Subscribe via email

Suka dengan artikel di atas? Tambahkan email Anda untuk berlangganan.