The SQLPwnage tool is one of the most useful tools on Fast-Track, the tool essentially scans subnets looking for web servers, once found it automatically starts to crawl the site looking or post parameters (currently SQLPwnage does not support query string parameters). Once a list of post parameters have been identified, Fast-Track will either try blind SQL injection or error based SQL injection and attempt to automatically exploit the system for you. If successful, whatever payload you specified will be delivered to you, this could be meterpreter, reverse shell, bind shell, reverse vnc, and much more. SQLPwnage will automatically re-enable xp cmdshell if disabled, try to elevate permissions, and use the hex to binary bypass explained in the SQL bruter section to deliver our payloads.