SQLInjector is a tool to perform blind SQL injection in a website. This version only supports MS SQL Server. It uses time based inference to determine true or false conditions to extract data. The key feature is that it uses a binary search mechanism to reduce the character search address space, this means it can get each character value within 7 to 8 requests.
This is a fairly major update to SqlInjector (yes renamed from BlindSqlInjector). The key change is the addition of true/false inference. So if you have SQLi then its definitely faster to use true/false inference rather than time.
Its features are:
* Ability to export data
* Binary search for faster character identification
* Completely blind injection using time based inference
* True/False inference
* Supports MS SQL Server
* Extracts database name
* Extracts current user
* Extracts server version
* Extracts table names
* Extracts column names
* Extracts column data types
* Extracts column lengths
* Configurable space encoding
* Configurable wait timing
* Tree view display of enumerated data
* Resume support
* Save/Loading of project files
* Proxy support
* Authentication support (Basic, Negotiate, Digest, NTLM, X509)
Download Here
0 comments:
Post a Comment