Absinthe – SQL injection tool
Absinthe – SQL injection tool
Absinthe
is a gui-based tool that automates the process of downloading the
schema & contents of a database that is vulnerable to Blind SQL
Injection.
Absinthe does not aid in the discovery of SQL Injection holes. This tool will only speed up the process of data recovery.
Features:
Automated SQL Injection
Supports MS SQL Server, MSDE, Oracle, Postgres
Cookies / Additional HTTP Headers
Query Termination
Additional text appended to queries
Supports Use of Proxies / Proxy Rotation
Multiple filters...
The Mole – Automatic SQL Injection SQLi Exploitation Tool
The Mole is an automatic SQL Injection exploitation tool. Only by
providing a vulnerable URL and a valid string on the site it can detect
the injection and exploit it, either by using the union technique or a
boolean query based technique.
Features
Support for injections using Mysql, SQL Server, Postgres and Oracle
databases.
Command line interface....
HTG Explains: How Hackers Take Over Web Sites with SQL Injection / DDoS
Even if you’ve only loosely followed the events of the hacker groups
Anonymous and LulzSec, you’ve probably heard about web sites and
services being hacked, like the infamous Sony hacks. Have you ever
wondered how they do it?
There are a number of tools and techniques that these groups use, and
while we’re not trying to give you a manual to do this yourself, it’s
useful...
Hacking website using SQL Injection -step by step guide
Before we see what SQL
Database:
Database is collection of data. In website point of view, database is
used for storing user ids,passwords,web page details and more.
Some List of Database are:
* DB servers,
* MySQL(Open source),
* MSSQL,
* MS-ACCESS,
* Oracle,
* Postgre SQL(open source),
* SQLite,
SQL:
Structured Query Language is Known as SQL. In order to communicate with
the Database ,we are using SQL query. We are querying the database so it
is called as Query language.
Definition...
How They Hack Your Website: Overview of Common Techniques
Case Studies: Learn How the Experts Are Managing Customer Experience
We hear the same terms bandied about whenever a popular site gets
hacked. You know… SQL Injection, cross site scripting, that kind of
thing. But what do these things mean? Is hacking really as inaccessible
as many of us imagine — a nefarious, impossibly technical twilight world
forever beyond our ken?
Not really.
When you consider that you can go to Google right now and enter a search
string which will return you thousands of usernames and passwords to...
The Target Intranet(sql injection)
This appeared to be an entirely custom application, and we had no prior
knowledge of the application nor access to the source code: this was a
"blind" attack. A bit of poking showed that this server ran Microsoft's
IIS 6 along with ASP.NET, and this suggested that the database was
Microsoft's SQL server: we believe that these techniques can apply to
nearly any web application backed by any SQL server.
The login page had a traditional username-and-password form, but also an
email-me-my-password link; the latter proved to be the downfall of
the...
Read more »
You might also like:
Sign up here with your email
ConversionConversion EmoticonEmoticon