Havij v1.13

[Nytro]

Am vazut ca sunt multi fani ai acestui program. A aparut aceasta versiune de curand.

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.

It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.

The power of Havij that makes it different from similar tools is its injection methods. The success rate is more than 95% at injectiong vulnerable targets using Havij.

The user friendly GUI (Graphical User Interface) of Havij and automated settings and detections makes it easy to use for everyone even amateur users.

Havij v1.13 Advanced SQL Injection Tool released. New features of this version are:

* Oracle error based database added with ability to execute query.

* Getting tables and column when database name is unknown added (mysql)

* Another method added for finding columns count and string column in PostgreSQL

* Automatic keyword finder optimized and some bugs fixed.

* A bug in finding valid string column in mysql fixed.

* 'Key is not unique' bug fixed

* Getting data starts from row 2 when All in One fails - bug fixed

* Run time error when finding keyword fixed.

* False table finding in access fixed.

* keyword correction method made better

* A bug in getting current data base in mssql fixed.

* A secondary method added when input value doesn't return a normal page (usually 404 not found)

* Data extraction bug in html-encoded pages fixed.

* String or integer type detection made better.

* A bug in https injection fixed.

How to use

This tool is for exploiting SQL Injection bugs in web application.

For using this tool you should know a little about SQL Injections.

Enter target url and select http method then click Analyze.

Note: Try to url be valid input that returns a normal page not a 404 or error page.

Informatii:

http://itsecteam.com/en/projects/project1.htm

Descarcare:

http://itsecteam.com/files/havij/Havij1.13Free.rar

PS: Nu l-am incercat, nu stiu daca e infectat, dar daca il luati de pe site-ul oficial, de la link-ul postat nu cred ca o sa fie probleme.

[sevex]

A aparut de ceva vreme

[tdxev]

Da îl folosesc pentru admin finder nu pentru sql dumper . Ca sql dumper mi-a dovedit c? este în stare s? se bloceaze chiar ?i când ii fac sintaxa manual ?i ii arat din ce coloana sa extrag? datele.