SPECS: sqlier.spec (NEW) - new
glen
glen at pld-linux.org
Wed Apr 15 10:35:38 CEST 2009
Author: glen Date: Wed Apr 15 08:35:38 2009 GMT
Module: SPECS Tag: HEAD
---- Log message:
- new
---- Files affected:
SPECS:
sqlier.spec (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SPECS/sqlier.spec
diff -u /dev/null SPECS/sqlier.spec:1.1
--- /dev/null Wed Apr 15 10:35:38 2009
+++ SPECS/sqlier.spec Wed Apr 15 10:35:33 2009
@@ -0,0 +1,52 @@
+# $Revision$, $Date$
+%define rel 0.1
+Summary: SQLIer - an SQL Injection vulnerable URL prober
+Name: sqlier
+Version: 0.8
+Release: 0.b.%{rel}
+License: BSD
+Group: Applications
+Source0: http://bcable.net/archive.php?%{name}-%{version}b.sh
+# Source0-md5: 40702eb5397dfd4134ad7761a15a5e88
+URL: http://bcable.net/project.php?sqlier
+Requires: python
+Requires: wget
+BuildArch: noarch
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%description
+SQLIer takes an SQL Injection vulnerable URL and attempts to determine
+all the necessary information to build and exploit an SQL Injection
+hole by itself, requiring no user interaction at all (unless it can't
+guess the table/field names correctly). By doing so, SQLIer can build
+a UNION SELECT query designed to brute force passwords out of the
+database. This script also does not use quotes in the exploit to
+operate, meaning it will work for a wider range of sites.
+
+An 8 character password (containing any character from decimal ASCII
+code 1-127) takes approximately 1 minute to crack.
+
+%prep
+%setup -qcT
+cp %{SOURCE0} %{name}.sh
+
+%install
+rm -rf $RPM_BUILD_ROOT
+install -d $RPM_BUILD_ROOT%{_bindir}
+install %{name}.sh $RPM_BUILD_ROOT%{_bindir}/%{name}
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_bindir}/sqlier
+
+%define date %(echo `LC_ALL="C" date +"%a %b %d %Y"`)
+%changelog
+* %{date} PLD Team <feedback at pld-linux.org>
+All persons listed below can be reached at <cvs_login>@pld-linux.org
+
+$Log$
+Revision 1.1 2009/04/15 08:35:33 glen
+- new
================================================================
More information about the pld-cvs-commit
mailing list