ports/117276: New port: security/sqlninja a Sql Server penetration testing tool -- revisited

[valerio.daelli at gmail.com]

>Number:         117276
>Category:       ports
>Synopsis:       New port: security/sqlninja a Sql Server penetration testing tool -- revisited
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Oct 17 15:20:00 UTC 2007
>Closed-Date:
>Last-Modified:
>Originator:     Valerio Daelli
>Release:        FreeBSD 6.2-RELEASE-p6 amd64
>Organization:
IFOM 
>Environment:
System: FreeBSD sodio.ifom-ieo-campus.it 6.2-RELEASE-p6 FreeBSD 6.2-RELEASE-p6 #8: Tue Jul 24 17:16:37 CEST 2007 root at sodio.ifom-ieo-campus.it:/usr/obj/usr/src/sys/SODIO amd64


	
>Description:
SqlNinja is a tool to perform penetration testing on a Sql Server Database
>How-To-Repeat:
	
>Fix:

	

--- sqlninja.shar begins here ---
# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	/root/sqlninja/
#	/root/sqlninja/Makefile
#	/root/sqlninja/distinfo
#	/root/sqlninja/pkg-descr
#	/root/sqlninja/pkg-plist
#
echo c - /root/sqlninja/
mkdir -p /root/sqlninja/ > /dev/null 2>&1
echo x - /root/sqlninja/Makefile
sed 's/^X//' >/root/sqlninja/Makefile << 'END-of-/root/sqlninja/Makefile'
X# New ports collection makefile for:	sqlninja
X# Date created:				2007-10-17
X# Whom:					Valerio Daelli <valerio.daelli at gmail.com>
X#
X# $FreeBSD$
X#
X
XPORTNAME=	sqlninja
XPORTVERSION=	0.2.1r1
XCATEGORIES=	security
XMASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
XMASTER_SITE_SUBDIR=	${PORTNAME}
XDISTNAME=	${PORTNAME}-${PORTVERSION:S/r/-r/}
XEXTRACT_SUFX=	.tgz
X
XMAINTAINER=	valerio.daelli at gmail.com
XCOMMENT=	Sql Server exploit toolkit
X
XRUN_DEPENDS=		${SITE_PERL}/Net/Pcap.pm:${PORTSDIR}/net/p5-Net-Pcap		\
X		${SITE_PERL}/NetPacket/UDP.pm:${PORTSDIR}/net/p5-NetPacket		\
X		${SITE_PERL}/Net/RawIP.pm:${PORTSDIR}/net/p5-Net-RawIP		\
X		${SITE_PERL}/Net/DNS/Nameserver.pm:${PORTSDIR}/dns/p5-Net-DNS		\
X		${SITE_PERL}/IO/Socket/SSL.pm:${PORTSDIR}/security/p5-IO-Socket-SSL
X
XUSE_PERL5=	yes
X
Xdo-build:
X
Xdo-install:
X	${MKDIR} ${PREFIX}/etc/sqlninja
X	${MKDIR} ${PREFIX}/etc/sqlninja/scripts
X	${MKDIR} ${PREFIX}/etc/sqlninja/dnstun
X	${MKDIR} ${PREFIX}/share/doc/sqlninja
X.	for i in sqlninja
X		${INSTALL_SCRIPT} ${WRKSRC}/${i} ${PREFIX}/bin
X.	endfor
X.	for i in dnstun.scr nc.scr
X		${INSTALL_SCRIPT} ${WRKSRC}/scripts/${i} ${PREFIX}/etc/sqlninja/scripts
X.	endfor
X.	for i in dnstun.c dnstun.exe
X		${INSTALL_SCRIPT} ${WRKSRC}/dnstun/${i} ${PREFIX}/etc/sqlninja/dnstun
X.	endfor
X.	for i in sqlninja-howto.html sqlninja.conf.example
X		${INSTALL_DATA} ${WRKSRC}/${i} ${PREFIX}/share/doc/sqlninja
X.	endfor
X
X.include <bsd.port.mk>
END-of-/root/sqlninja/Makefile
echo x - /root/sqlninja/distinfo
sed 's/^X//' >/root/sqlninja/distinfo << 'END-of-/root/sqlninja/distinfo'
XSIZE (sqlninja-0.2.1-r1.tgz) = 118928
XMD5 (sqlninja-0.2.1-r1.tgz) = 4548b90a695eb0707fa38d6f3400cd29
XSHA256 (sqlninja-0.2.1-r1.tgz) = e1f2978750e3d86dc04e6d185157d4936156bc2761f67fb73ff822ccd721f704
END-of-/root/sqlninja/distinfo
echo x - /root/sqlninja/pkg-descr
sed 's/^X//' >/root/sqlninja/pkg-descr << 'END-of-/root/sqlninja/pkg-descr'
XSqlninja is a tool targeted to exploit SQL Injection
Xvulnerabilities on a web application
Xthat uses Microsoft SQL Server as its back-end.
X
XIts main goal is to provide a remote shell on the
Xvulnerable DB server, even in a very
Xhostile environment. It should be used by
Xpenetration testers to help and automate the
Xprocess of taking over a DB Server when
Xa SQL Injection vulnerability has been discovered.
X
XWWW: http://sqlninja.sourceforge.net/
END-of-/root/sqlninja/pkg-descr
echo x - /root/sqlninja/pkg-plist
sed 's/^X//' >/root/sqlninja/pkg-plist << 'END-of-/root/sqlninja/pkg-plist'
Xbin/sqlninja
Xetc/sqlninja/scripts/dnstun.scr
Xetc/sqlninja/scripts/nc.scr
Xetc/sqlninja/dnstun/dnstun.c
Xetc/sqlninja/dnstun/dnstun.exe
Xshare/doc/sqlninja/sqlninja-howto.html
Xshare/doc/sqlninja/sqlninja.conf.example
X at dirrm etc/sqlninja/scripts
X at dirrm etc/sqlninja/dnstun
X at dirrm etc/sqlninja
X at dirrm share/doc/sqlninja
END-of-/root/sqlninja/pkg-plist
exit
--- sqlninja.shar ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted: