- BSQLHackerSetup-0909.exeMD5: CB013675C759B9E3CCA4EBF0DCB5F798
- BSQLHackerSetup-0908.exeMD5: 9AFBF65E2818098CCE4B65D663ACEFA7
- BSQLHackerSetup-0907.exeMD5: A09DCC9D65B13558A49D5B8F75E250A6
BSQL (Blind SQL) Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities virtually in any database.
BSQL Hacker aims for experienced users as well as beginners who want to automate SQL Injections (especially Blind SQL Injections).
It allows metasploit alike exploit repository to share and update exploits.
- Easy Mode
- SQL Injection Wizard
- Automated Attack Support (database dump)
- MySQL (experimental)
- Fast and Multithreaded
- 4 Different SQL Injection Support
- Blind SQL Injection
- Time Based Blind SQL Injection
- Deep Blind (based on advanced time delays) SQL Injection
- Error Based SQL Injection
- Can automate most of the new SQL Injection methods those relies on Blind SQL Injection
- RegEx Signature support
- Console and GUI Support
- Load / Save Support
- Token / Nonce / ViewState etc. Support
- Session Sharing Support
- Advanced Configuration Support
- Automated Attack mode, Automatically extract all database schema and data mode
- Update / Exploit Repository Features
- Metasploit alike but exploit repository support
- Allows to save and share SQL Injection exploits
- Supports auto-update
- Custom GUI support for exploits (cookie input, URL input etc.)
- GUI Features
- Load and Save
- Template and Attack File Support (Users can save sessions and share them. Some sections like username, password or cookie in the templates can be show to the user in a GUI)
- Visually view true and false responses as well as full HTML response, including time and stats
- Connection Related
- Proxy Support (Authenticated Proxy Support)
- NTLM, Basic Auth Support, use default credentials of current user/application
- SSL (also invalid certificates) Support
- Custom Header Support
- Injection Points (only one of them or combination)
- Query String
- HTTP Headers
- Post Injection data can be stored in a separated file
- XML Output (not stable)
- CSRF protection support
one time session tokens or asp.net viewstate ort similar can be used for separated login sessions, bypassing proxy pages etc.
It's still beta and there are known issues :
- Automated Attack for MySQL is experimental, might not work properly
- Apache UsersEnumerate the usernames on any system that uses Apache and the UserDir module.
- Attacking Windows DomainsCRESTCon presentation looking at the Windows Domain Authentication model
- BSQL brute forcer V2Updated version of the Blind SQL Injection Brute Forcer from www.514.es. Works against PostgreSQL, MySQL, MSSQL and Oracle and supports custom SQL Queries.
- Deep Blind SQL InjectionDeep Blind SQL Injection is a new way to exploit Blind SQL Injections with a 66% reduction in the number of requests.
- DoS Attacks Using SQL WildcardsThis paper discusses abusing Microsoft SQL Query wildcards to consume CPU in database servers. This can be achieved using only the search field present in most common web applications.
- enum4linuxA Linux alterntive to enum.exe for enumerating data from Windows and Samba hosts.