This perl script allows extraction of data from Blind SQL Injections. It accepts custom SQL queries as a command line parameter and it works for both integer and string based injections. We reported bsqlbf when it first hit the net back in April 2006 with bsqlbf v1.1, then the v2.0 update in June 2008. This [...]
Tag Archive | "hacking oracle"
Pangolin is an automatic SQL injection penetration testing tool developed by NOSEC. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management [...]
WITOOL is an graphical based SQL Injection Tool written in dotNET. – For SQL Server, Oracle – Error Base and Union Base Interface Features Retrieve schema : DB/TableSpace, Table, Column, other object Retrieve data : retrive paging, dump xml file Log : View the raw data HTTP log Environment OS: Windows 2000/XP/VISTA Requirement: Microsoft .NET(2.0) [...]