I did a demo of WebRaider in AppSec DC 2009 and finally managed to release it.
WebRaider is a PoC quality tool to get a reverse shell out of SQL Injections (MSSQL) by using One Click Ownage ( http://www.mavitunasecurity.com/s/research/OneClickOwnage.pdf ). Slides: http://www.slideshare.net/fmavituna/one-click-ownage-ferruh-mavituna-3 It's licensed under GPLv3 and all the source code is in the Google Code SVN. Source code includes all the required files to create your own payload for manually using One Click Ownage attack as well. More information about the tool, source code and download: http://www.mavitunasecurity.com/blog/webraider/ -- .fm _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/