RSS

All Project Updates

Discussions

Issue Tracker

Releases

Reviews

Source Code

Wiki

RSS

View All Comments | Print View | Page Info | Change History (all pages)

Home

Project Description

Marathon Tool is a POC for using heavy queries to perform a Time-Based Blind SQL Injection attack. This tool is still work in progress but is right now in a very good alpha version to extract information from web applications using Microsoft SQL Server, Microsoft Access, MySQL or Oracle Databases.

Application Supported features:

Database Schema extraction from SQL Server, Oracle and MySQL
Data extraction from Microsoft Access 97/2000/2003/2007 databases
Parameter Injection using HTTP GET or POST
SSL support
HTTP proxy connection available
Authentication methods: Anonymous, Basic, Digest and NTLM
Variable and value insertion in cookies (Does not support dynamic values)
Configuration available an flexible for injections
Configurable Log

Common Help Topics

Configuration

Reference Links

http://technet.microsoft.com/en-us/library/cc512676.aspx

Last edited Aug 7 2008 at 3:19 PM by alekusu, version 6

Want to leave feedback?
Please use Discussions or Reviews instead.

Downloads

Current release:

August 2008 Alpha

Thu Aug 7 2008 at 7:00 AM

1420 downloads

More info

Microsoft Public License (Ms-PL)

This license governs use of the accompanying software. If you use the software, you accept this license. If you do not accept the license, do not use the software.

1. Definitions

The terms "reproduce," "reproduction," "derivative works," and "distribution" have the same meaning here as under U.S. copyright law.

A "contribution" is the original software, or any additions or changes to the software.

A "contributor" is any person that distributes its contribution under this license.

"Licensed patents" are a contributor's patent claims that read directly on its contribution.

2. Grant of Rights

(A) Copyright Grant- Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free copyright license to reproduce its contribution, prepare derivative works of its contribution, and distribute its contribution or any derivative works that you create.

(B) Patent Grant- Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free license under its licensed patents to make, have made, use, sell, offer for sale, import, and/or otherwise dispose of its contribution in the software or derivative works of the contribution in the software.

3. Conditions and Limitations

(A) No Trademark License- This license does not grant you rights to use any contributors' name, logo, or trademarks.

(B) If you bring a patent claim against any contributor over patents that you claim are infringed by the software, your patent license from such contributor to the software ends automatically.

(C) If you distribute any portion of the software, you must retain all copyright, patent, trademark, and attribution notices that are present in the software.

(D) If you distribute any portion of the software in source code form, you may do so only under this license by including a complete copy of this license with your distribution. If you distribute any portion of the software in compiled or object code form, you may only do so under a license that complies with this license.

(E) The software is licensed "as-is." You bear the risk of using it. The contributors give no express warranties, guarantees or conditions. You may have additional consumer rights under your local laws which this license cannot change. To the extent permitted under your local laws, the contributors exclude the implied warranties of merchantability, fitness for a particular purpose and non-infringement.

Activity

7 30 All days

Page Views	52
Visits	41
Pages Per Visit	1.27
Work Items Closed	0
Discussion Posts	0