SPECS: sqlier.spec (NEW) - new

glen glen at pld-linux.org
Wed Apr 15 10:35:38 CEST 2009 

Author: glen                         Date: Wed Apr 15 08:35:38 2009 GMT
Module: SPECS                         Tag: HEAD
---- Log message:
- new

---- Files affected:
SPECS:
   sqlier.spec (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SPECS/sqlier.spec
diff -u /dev/null SPECS/sqlier.spec:1.1
--- /dev/null	Wed Apr 15 10:35:38 2009
+++ SPECS/sqlier.spec	Wed Apr 15 10:35:33 2009
@@ -0,0 +1,52 @@
+# $Revision$, $Date$
+%define		rel	0.1
+Summary:	SQLIer - an SQL Injection vulnerable URL prober
+Name:		sqlier
+Version:	0.8
+Release:	0.b.%{rel}
+License:	BSD
+Group:		Applications
+Source0:	http://bcable.net/archive.php?%{name}-%{version}b.sh
+# Source0-md5:	40702eb5397dfd4134ad7761a15a5e88
+URL:		http://bcable.net/project.php?sqlier
+Requires:	python
+Requires:	wget
+BuildArch:	noarch
+BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%description
+SQLIer takes an SQL Injection vulnerable URL and attempts to determine
+all the necessary information to build and exploit an SQL Injection
+hole by itself, requiring no user interaction at all (unless it can't
+guess the table/field names correctly). By doing so, SQLIer can build
+a UNION SELECT query designed to brute force passwords out of the
+database. This script also does not use quotes in the exploit to
+operate, meaning it will work for a wider range of sites.
+
+An 8 character password (containing any character from decimal ASCII
+code 1-127) takes approximately 1 minute to crack.
+
+%prep
+%setup -qcT
+cp %{SOURCE0} %{name}.sh
+
+%install
+rm -rf $RPM_BUILD_ROOT
+install -d $RPM_BUILD_ROOT%{_bindir}
+install %{name}.sh $RPM_BUILD_ROOT%{_bindir}/%{name}
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_bindir}/sqlier
+
+%define date	%(echo `LC_ALL="C" date +"%a %b %d %Y"`)
+%changelog
+* %{date} PLD Team <feedback at pld-linux.org>
+All persons listed below can be reached at <cvs_login>@pld-linux.org
+
+$Log$
+Revision 1.1  2009/04/15 08:35:33  glen
+- new
================================================================

More information about the pld-cvs-commit mailing list