tomyk Posted March 5, 2012 Report Posted March 5, 2012 Nasel has just released the new version of The Mole, an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique.This release has introduced new features compared with the previous one, among these you can find that The Mole is now able to exploit injections thourgh cookie parameters. A new promising feature is that now you can exploit injections that return binary data, to achieve this the mole uses uses HEAD requests and analyzes the headers received (the size of the binary to download usually differs when the query was successful or not) and does not need to download the full binary data.In this release there has been a major change in the The Mole's architecture, and now allows to easily insert filters in order to bypass IPS/IDS rules or modify the query on runtime. You can see a tutorial on how to write these filters in the tutorial section of the tool's site.Features Support for injections using Mysql, SQL Server, Postgres and Oracle databases. Command line interface. Different commands trigger different actions. Auto-completion for commands, command arguments and database, table and columns names. Support for filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily. Exploits SQL Injections through GET/POST/Cookie parameters. Developed in python 3. Exploits SQL Injections that return binary data. Powerful command interpreter to simplify its usage.Download :Downloads | The MoleTutorial:Tutorial | The MoleSursa:The Hacker News [ THN ] - Updates to Security Experts and Hackers Quote
malsploit Posted March 5, 2012 Report Posted March 5, 2012 Tot mai interesant mi se pare sqlmap.Cu toate ca in unele situatii The Mole pare sa fie mai rapid. Quote
dukyshor Posted March 5, 2012 Report Posted March 5, 2012 multam..e timpul sa trecem pe injectoare Quote
TheProFromRo Posted March 5, 2012 Report Posted March 5, 2012 (edited) huh Edited September 14, 2019 by TheProFromRo Quote