Can perform brute-force attacks on the "sa" (system admin) password to gain full control.
SQLNinja is not a discovery tool; it is an . It assumes a SQL injection point has already been found (perhaps via tools like sqlmap ) and focuses on automating the "takeover" of the database server. Primary Target: Microsoft SQL Server (MS-SQL). Key Capabilities: new package sqlninja fixed
SQLninja is written in Perl and requires several modules to function correctly: Can perform brute-force attacks on the "sa" (system