The Mole is an automatic SQL Injection exploitation tool. All you need to do is provide a vulnerable URL and a valid string on the site you are testing and The Mole will detect the injection and exploit it, either by using the union technique or a boolean query based technique.
We did mention The Mole when we first heard about it back in 2011 – The Mole – Automatic SQL Injection SQLi Exploitation Tool.
- Support for injections using MySQL, MS-SQL Server, Postgres and Oracle databases.
- Command line interface.
- Auto-completion for commands, command arguments and database, table and columns names.
- Support for filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.
- Exploits SQL Injections through GET/POST/Cookie parameters.
- Developed in Python 3.
- Exploits SQL Injections that return binary data.
- Powerful command interpreter to simplify its usage.
You can download The Mole v0.3 here:
Or read more here.
- Navy Sys Admin Hacks Into Databases From Aircraft Carrier
- aidSQL – PHP Application For SQL Injection Detection & Exploitation
- 1 Million Accounts Leaked From Banks, Government Agencies & Consultancy Firms
- The Mole – Automatic SQL Injection SQLi Exploitation Tool
- sqlmap 0.9 Released – Automatic Blind SQL Injection Tool
- sqlmap 0.7 Released – Automatic SQL Injection Tool
Most Read in Database Hacking:
- Pangolin – Automatic SQL Injection Tool - 69,554 views
- bsqlbf 1.1 – Blind SQL Injection Tool - 53,700 views
- Absinthe Blind SQL Injection Tool/Software - 38,875 views