SQLBrute – SQL Injection Brute Force Tool

Keep on Guard!


SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities. It supports time based and error based exploit types on Microsoft SQL Server, and error based exploit on Oracle. It is written in Python, uses multi-threading, and doesn’t require non-standard libraries (there is some code in there for pycurl, but it is disabled because it isn’t finished).

For error based SQL injection, SQLBrute should work, if you can either:

  • Get an identifiable difference between adding the exploit strings AND 1=1 and AND 1=2 to your SQL injection point (usually works if the query is normally valid)
  • Get an identifiable difference between adding the exploit strings OR 1=1 and OR 1=2 to your SQL injection point (usually works if the query is normally invalid)

For time based SQL injection, SQLBrute should work if you can use exploit syntax similar to ;waitfor delay ‘0:0:5’ to generate a time delay in Microsoft SQL Server.

Here is the options printed from SQLBrute when you run it with no options:

Full details and usage notes can be found here:

Using SQLBrute to brute force data from a blind SQL injection point

You can download SQLBrute here:

sqlbrute.py

Posted in: Database Hacking, Hacking Tools

, , , ,


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


9 Responses to SQLBrute – SQL Injection Brute Force Tool

  1. backbone June 5, 2007 at 7:16 am #

    it seems great and all, but it laks the mysql server option…

  2. Torvaun June 5, 2007 at 7:51 am #

    I like it. Not that I do a lot of brute-forcing myself, but I recently ran into a situation where I’d been locked out of a database by some glitch which was never fully explained to me. I ended up running the attack manually because I didn’t have this.

    Brute force sucks for manual hacking.

  3. Sypherknife June 5, 2007 at 12:25 pm #

    Awesome, lets see what I can do with this…

    …I mean, yeah, learning etc..

  4. Bogwitch June 5, 2007 at 9:53 pm #

    This can all be done already with a copy of Brutus and a well formed .bad file.
    I’ve bruted and dictionaried, (whatever the hell that is), SQL servers with Brutus on several occasions.
    Brutus really is a smashing tool. It takes a short while to learn and it kicks the backside out of most other tools.
    Sort of makes this tool redundant but kudos to the programmer – you can never have enough tools. :)

  5. Daniel June 5, 2007 at 10:04 pm #

    i agree about the smashingness of brutus. However, with this thing, being written in python i can see a self propogating worm idea. like hack a site, run some form of a perl script which runs this and then you have automated sql hacking.

  6. Bogwitch June 5, 2007 at 10:04 pm #

    Well, that’s what I get for letting my typing run away from me before I’ve even checked out the tool.
    What this tool can do goes far beyond what I achieved with Brutus (not to say Brutus /couldn’t/ do it)
    I can only apologise and blame it on the fact that I was studying until 0215 last night and up at 0700 this morning. :)
    But that’s just making excuses.
    Darknet: please feel free to delete my drivel if it suits you!

  7. Daniel June 5, 2007 at 10:16 pm #

    well Bogwitch nothing you said was really incorrect,
    just incomplete, this thing is like brutus in python, minus telnet ftp and cgi hacking and possibly wormable.

    XD

  8. Darknet June 6, 2007 at 4:48 am #

    Regular tools like Brutus can’t brute force via blind SQL injection avenues like this tool is designed to do.

  9. Daniel June 6, 2007 at 5:08 am #

    true i didnt think of the blind aspect.
    i see a mash up in the furure.

    SQLBrute + Jikto = World Domination.

    automated scanning and blind SQL injection