Jump to content
Eric

SQLIer 0.8.2b

By Eric, in Programe utile

Recommended Posts

Eric Newbie

Eric

Posted
Posted

SQLIer is a script that uses brute force to crack passwords through "true/false" SQL injection vulnerabilities.

With "true/false" SQL injection vulnerabilities, you cannot actually query data out of the database, only ask a statement that is returned "true" or "false.

SQLIer takes each character's ASCII code and asks a "higher/lower" question to the database, eventually reaching the actual character code. This script also does not use quotes in the exploit to operate, meaning it will work for a wider range of sites.

An 8 character password (containing any character from decimal ASCII code 1-127) takes approximately 1 minute to crack.

What's New in This Release:

* This release removes the dependency on the "tempfile" command, which apparently is Debian/Debian-derivative specific.

* It should now work on most GNU/Unix platforms.

download: http://bcable.net/archive.php?sqlier-0.8.2b.sh

source: nixbit.com

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...