{"id":3234,"date":"2011-12-01T16:50:44","date_gmt":"2011-12-01T16:50:44","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=3234"},"modified":"2017-09-24T22:02:28","modified_gmt":"2017-09-24T14:02:28","slug":"the-mole-automatic-sql-injection-sqli-exploitation-tool","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2011\/12\/the-mole-automatic-sql-injection-sqli-exploitation-tool\/","title":{"rendered":"The Mole Download &#8211; Automatic SQL Injection Tool For Windows"},"content":{"rendered":"<p>The Mole is an automatic SQL Injection tool for SQLi exploitation for Windows and Linux. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2011\/12\/The-Mole-Download-Automatic-SQL-Injection-Tool-640x406.png\" alt=\"The Mole Download - Automatic SQL Injection Tool\" width=\"640\" height=\"406\" class=\"aligncenter size-medium wp-image-4789\" srcset=\"https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2011\/12\/The-Mole-Download-Automatic-SQL-Injection-Tool-640x406.png 640w, https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2011\/12\/The-Mole-Download-Automatic-SQL-Injection-Tool-1024x650.png 1024w, https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2011\/12\/The-Mole-Download-Automatic-SQL-Injection-Tool.png 1035w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/p>\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3033787195489589\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- Darknet Responsive Post Ad Links [previously link ad unit] -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-3033787195489589\"\r\n     data-ad-slot=\"5456620019\"\r\n     data-ad-format=\"auto\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script>\n<h2>What is The Mole SQL Injection Tool for Windows &#038; Linux?<\/h2>\n<p>The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible.<\/p>\n<p>This application is able to exploit both union-based and blind boolean-based injections.<\/p>\n<p>Every action The Mole can execute is triggered by a specific command. All this application requires in order to exploit a SQL Injection is the URL(including the parameters) and a needle(a string) that appears in the server&#8217;s response whenever the injection parameter generates a valid query, and does not appear otherwise.<\/p>\n<p>So far, The Mole supports MySQL, MS-SQL and PostgreSQL, but we expect to include other DBMSs in the future.<\/p>\n<h2>Features of The Mole SQL Injection Tool<\/h2>\n<ul>\n<li>Support for Mysql, Postgres, SQL Server and Oracle.<\/li>\n<li>Automatic SQL injection exploitation using union technique.<\/li>\n<li>Automatic blind SQL injection exploitation.<\/li>\n<li>Exploits SQL Injections in GET\/POST\/Cookie parameters.<\/li>\n<li>Support for filters, in order to bypass certain IPS\/IDS rules using generic filters, and the possibility of creating new ones easily.<\/li>\n<li>Exploits SQL Injections that return binary data.<\/li>\n<li>Powerful command interpreter to simplify its usage.<\/li>\n<\/ul>\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3033787195489589\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- Darknet Responsive Post Ad Links [previously link ad unit] -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-3033787195489589\"\r\n     data-ad-slot=\"5456620019\"\r\n     data-ad-format=\"auto\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script>\n<h3>Using The Mole SQL Injection Software<\/h3>\n<pre>\r\n- url [URL [PARAM]]: Gets\/sets the URL. If PARAM is given then the\r\ninjection will be performed on that argument. This can also be provided\r\nas an argument to the application, using the \"-u\" parameter.\r\n\r\n- needle [NEEDLE]: Gets\/sets the NEEDLE. This can also be provided as an\r\nargument to the application, using the \"-n\" parameter.\r\n\r\n- method (GET|POST <param_post> ) [vulnerable_param]: Sets the method of\r\nthe request to GET or POST. In case POST is given the param_post string\r\nwill be used as the POST parameters. If vulnerable_param is given then\r\nthe mole will use this parameter to inject.\r\n\r\n- vulnerable_param [<GET|POST|Cookie> VULNERABLE_PARAM]: Sets\/gets the\r\ntype and name of the vulnerable parameter to be exploited by The Mole.\r\n\r\n- injectable_field [<FIELD_NUM>]: Sets\/gets the field of the query\r\nwhich will be used to print the information retrieved when using a\r\nunion technique.\r\n\r\n- auth [<basic> <USERNAME:PASSWORD>]: Sets\/gets the authentication\r\ninformation used by The Mole in each request.\r\n\r\n- follow_redirects [<on|off>]: Sets\/gets the follow redirect flag. If\r\nenabled, The Mole will follow http redirects received from the server.    \r\n\r\n- dbinfo: Fetch current user name, database name and DBMS version.\r\n\r\n- usercreds: Fetches the credentials for the dbms. Usually requires\r\nadministrator privileges on the database.\r\n\r\n- schemas: Fetches the schemas(databases) from the server. The results\r\nobtained will be cached, so further calls to this command will return\r\nthe cached entries. See \"fetch\" command.\r\n\r\n- tables <SCHEMA>: Fetches the tables for the schema SCHEMA. The results\r\nobtained will be cached, so further calls to this command will return\r\nthe cached entries. See \"fetch\" command.\r\ne.g: \"tables mysql\"\r\n\r\n- columns <SCHEMA> <TABLE>: Fetches the columns for the table TABLE, in\r\nthe schema SCHEMA. The results obtained will be cached, so further calls\r\nto this command will return the cached entries. See \"fetch\" command.\r\ne.g: \"columns mysql user\"\r\n\r\n- recursive (schemas|tables <SCHEMA>): Recursively fetches the structure\r\nof all schemas or just of the SCHEMA if used with tables.\r\n\r\n- query <SCHEMA> <TABLE> COLUMN1[,COLUMN2[,COLUMN3[...]]] [where COND]:\r\nPerform a query to fetch every column given, using the table TABLE\r\nlocated in the schema SCHEMA. A \"where condition\" can be given. Note\r\nthat The Mole will take care of any string conversions required on the\r\ncondition. Therefore, you can use string literals(using single quotes)\r\neven if the server escapes them. Note that no caching is performed\r\nwhen executing this command.\r\ne.g: query mysql user User,Password where User = 'root'\r\n\r\n- fetch <schemas|tables|columns> [args]: This command calls schemas,\r\ntables or columns commands depending on the arguments given, forcing\r\nthem to refetch entries, even if they have already been dumped. This\r\nis useful when, after having stopped a query in the middle of it, you\r\nwant to fetch all of the results and not just those that you were able\r\nto dump before stopping it.\r\ne.g: \"fetch columns mysql user\"\r\n\r\n- readfile <FILE>: Read the FILE from the remote server (if possible)\r\nand print it.\r\n\r\n- find_tables <SCHEMA> <TABLE1> [<TABLE2>, ...]: Bruteforce to find if\r\nthe TABLES given as parameters are part of the SCHEMA. Useful for MySQL\r\nversion 4 where no information_schema available.\r\n\r\n- find_tables_like <SCHEMA> <FILTER>: Perform a query to extract all\r\ntables from SCHEMA that match the LIKE filter given as param FILTER.\r\n\r\n- find_users_table <SCHEMA>: Bruteforce to find tables in SCHEMA that\r\nmatch common names for tables where usernames are stored.\r\n\r\n- cookie [COOKIE]: Gets\/sets a cookie to be sent in each HTTP request's\r\nheaders.\r\n\r\n- mode <union|blind>: Sets the SQL Injection exploitation method. By\r\ndefault, union mode is used. If the injection cannot be exploited using\r\nthis mode, change it to blind using \"mode blind\" and try again. Nothing\r\nelse has to be configured to go from union to blind mode, as long as you\r\nhave already set the URL and needle.\r\n\r\n- prefix [PREFIX]: Gets\/sets the prefix for each request. The prefix\r\nwill be appended to the URL's vulnerable parameter on each request.\r\n\r\n- suffix [SUFFIX]: Gets\/sets the suffix for each request. The suffix\r\nwill be appended after the injection code on the URL's vulnerable\r\nparameter.\r\n\r\n- verbose <on|off>: Sets the verbose mode on and off. When this mode is\r\non, each request's parameters will be printed out.\r\n\r\n- output <pretty|plain>: Sets the output style. When pretty output mode\r\nis enabled(this is the default), queries result will be printed on a\r\ntidy box, using column names and each row will be aligned. The drawback\r\nis that this method requires the whole query to finish before printing\r\nresults, so you might want to use \"plain\" output if you seek immediate\r\nresults. In contrast, plain mode prints each result as soon as it is\r\nrecovered.\r\ne.g:\r\nPretty output might print results like this:\r\n\r\n+-----------------------------------------------------+\r\n| User    | Password                                  |\r\n+-----------------------------------------------------+\r\n| blabla  | *2B0DDEE3597240B595689260B53D411F515B806D |\r\n| foobar  | *641B2485F1789F7A6BEE986648B83A899D96793B |\r\n+-----------------------------------------------------+\r\n\r\nWhile plain output will print them like this:\r\n\r\nUser, Password:\r\nblabla, *2B0DDEE3597240B595689260B53D411F515B806D\r\nfoobar, *641B2485F1789F7A6BEE986648B83A899D96793B\r\n\r\n- delay [DELAY]: Gets\/Sets the delay between requests. Use this\r\nif the server contains some kind of IPS system that returns HTTP error\r\nwhen executing lots of requests in a short amount of time. Note that\r\nDELAY can be a floating point number, so you can set \"0.5\" as the\r\ndelay.\r\n\r\n- headers <set|del> <HEADER> [VALUE]: Sets\/removes the given HTTP\r\nheader. Use this to set the User-Agent, cookie, or whatever additional\r\nheader you want to send.\r\n\r\n- encoding [ENCODING]: Gets\/sets the encoding use to decode the response\r\nreceived.\r\n\r\n- requestsender [<httpsender|headsender>]: Gets\/sets the request sending\r\nmechanism. httpsender is the default mechanism, it makes the request and\r\nreturns the full body of the response. headsender makes a HEAD request\r\nand retrieves the headers of the response as the HTML of the response. \r\n\r\n- qfilter <add|del|config> <FILTER> [ARGS]: Add\/configure\/remove query \r\nfilters. Query filters are applied to each query before appending it to \r\nthe vulnerable parameter. So far, these can be used to either bypass an \r\nIPS\/IDS or to apply a filter when SQL Server requires you to change the\r\ncollation of the retrieved fields.\r\n\r\n- responsefilter <add|del|config> <FILTER> [ARGS]: Adds\/removes\/configs \r\na response filter. Response filters are applied to the response retrieved \r\nfrom the server. In some cases, invalid HTML can make The Mole miss the \r\ninjection, so you might want to use a regular expression in order to fix \r\nit.\r\n\r\n- requestfilter <add|del|config> <FILTER> [ARGS]: Add\/configure\/remove\r\na request filter. Request filters are applied once the request is generated\r\nbut before it is sent to the server.\r\n\r\n- export <TYPE> [<ARG1>, ...]: Exports the current mole configuration\r\nand the dumped schema's structures for later usage.\r\nCurrently supported types and params:\r\n    + xml <FILE>: exports the configuration to an xml file.\r\n\r\n- import <TYPE> [<ARG1>, ...]: Imports a previously exported mole\r\nconfiguration and dumped schema's structures.\r\nCurrently supported types and params:\r\n    + xml <FILE>: imports the configuration from an xml file.\r\n\r\n- usage <COMMAND>: Print the usage for the command COMMAND.\r\n\r\n- exit: Exit The Mole.\r\n<\/pre>\n<p>Other automated SQLInjection Tools would be:<\/p>\n<p>&#8211; <a href=\"https:\/\/www.darknet.org.uk\/2008\/09\/bsql-hacker-automated-sql-injection-framework\/\">BSQL Hacker Download \u2013 Automated SQL Injection Tool<\/a><br \/>\n&#8211; <a href=\"https:\/\/www.darknet.org.uk\/2010\/09\/havij-advanced-automated-sql-injection-tool\/\">Havij Download \u2013 Advanced Automated SQL Injection Tool<\/a><br \/>\n&#8211; <a href=\"https:\/\/www.darknet.org.uk\/2007\/02\/sqlmap-automated-blind-sql-injection-tool\/\">sqlmap \u2013 Automated Blind SQL Injection Tool<\/a><\/p>\n<p>You can download The Mole SQL Inection Tool here:<\/p>\n<p>Windows: <a href=\"https:\/\/sourceforge.net\/projects\/themole\/files\/themole-0.3\/themole-0.3-win32.zip\/download\">themole-0.3-win32.zip<\/a><br \/>\nLinux: <a href=\"https:\/\/sourceforge.net\/projects\/themole\/files\/themole-0.3\/themole-0.3-lin-src.tar.gz\/download\">themole-0.3-lin-src.tar.gz<\/a><\/p>\n<p>Or read more <a href=\"https:\/\/sourceforge.net\/projects\/themole\/\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Mole is an automatic SQL Injection tool for SQLi exploitation for Windows and Linux. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. What is The Mole SQL Injection Tool [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"The Mole is an automatic SQL Injection tool for SQLi exploitation for Windows and Linux by providing only a vulnerable URL for union & boolean blind attacks","_seopress_robots_index":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[2],"tags":[7181,439,1235],"featured_image_src":null,"featured_image_src_square":null,"author_info":{"display_name":"Darknet","author_link":"https:\/\/www.darknet.org.uk\/author\/darknet\/"},"_links":{"self":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/3234"}],"collection":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/comments?post=3234"}],"version-history":[{"count":0,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/3234\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/media?parent=3234"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/categories?post=3234"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/tags?post=3234"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}