[转载]SQL Injection Pentesting TooL
信息来源:邪恶八进制信息安全团队([url]www.eviloctal.com[/url])The SQL Injection TooL designed to examine database through errors in the programming code web sites, or more precisely, it uses so-called SQL Injections
Features of programm
Version 3.0.0 PreRelease - FREEE!!!
Completely overhauled engine programme.
Now, the element of WinSock is added, which gives work with low HTTP protocol, it has significantly expanded its capabilities.
--- [Added]
- Work with injection through GET,POST,GET(inside Cookie),POST(inside Cookie)
- Terminal for HTTP RAW (analogue of InetHack)
- Upload file to server through SQL
- Reading every available for reading file on the server:)
- BackConnect from DB = MsSQL
- Dump DB, if type of DB is MsSQL
- Possibility of a Basic authentication
- Possible Determine of the fields of a SELECT query using the ORDER BY,GROUP BY,UNION SELECT
- Possible replacements comments to analog when filtering
- Possible replacements spaces to analog when filtering
- Possibility of autodetection of KeyWord
- Possibility of autodetection of type DB
- Ability to connect to the servers at random port
- Ability to connect to the proxy-servers to a random port
--- [Fixed]
- A accurate definition of quantity the fields that supports printing values
- A accurate with proxy-servers
[url]http://sqltool.itdefence.ru/indexeng.html[/url]
页:
[1]