Opened 13 years ago
#31900 new request
add SQl Injection brute to the ports tree
Reported by: | fyodor.vassiley@… | Owned by: | macports-tickets@… |
---|---|---|---|
Priority: | Low | Milestone: | |
Component: | ports | Version: | 2.0.3 |
Keywords: | CEHv7 SQL Injection | Cc: | |
Port: |
Description
http://www.darknet.org.uk/2007/06/sqlbrute-sql-injection-brute-force-tool/
SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities. It supports time based and error based exploit types on Microsoft SQL Server, and error based exploit on Oracle. It is written in Python, uses multi-threading, and doesn’t require non-standard libraries (there is some code in there for pycurl, but it is disabled because it isn’t finished).
For error based SQL injection, SQLBrute should work, if you can either:
Get an identifiable difference between adding the exploit strings AND 1=1 and AND 1=2 to your SQL injection point (usually works if the query is normally valid) Get an identifiable difference between adding the exploit strings OR 1=1 and OR 1=2 to your SQL injection point (usually works if the query is normally invalid)
For time based SQL injection, SQLBrute should work if you can use exploit syntax similar to ;waitfor delay ’0:0:5′ to generate a time delay in Microsoft SQL Server.