download SqlInjector v.1.0.2
blind SQL injection tool
SQLInjector is a tool to perform blind SQL injection in a website. This version only supports MS SQL Server. It uses time based inference to determine true or false conditions to extract data. The key feature is that it uses a binary search mechanism to reduce the character search address space, this means it can get each character value within 7 to 8 requests.
This is a fairly major update to SqlInjector (yes renamed from BlindSqlInjector). The key change is the addition of true/false inference. So if you have SQLi then its definitely faster to use true/false inference rather than time.
Its features are:
- Ability to export data
- Binary search for faster character identification
- Completely blind injection using time based inference
- True/False inference
- Supports MS SQL Server
- Extracts database name
- Extracts current user
- Extracts server version
- Extracts table names
- Extracts column names
- Extracts column data types
- Extracts column lengths
- Configurable space encoding
- Configurable wait timing
- Tree view display of enumerated data
- Resume support
- Save/Loading of project files
- Proxy support
- Authentication support (Basic, Negotiate, Digest, NTLM, X509)
Download Here
No comments:
Post a Comment