Research and Development

Updated version of the Blind SQL Injection Brute Forcer from www.514.es. It work against PostgreSQL, MySQL, MSSQL and Oracle and supports custom SQL queries.

Key features

This is a modified version of ‘bsqlbfv1.2-th.pl’. This Perl script allows extraction of data from Blind SQL Injections. It accepts custom SQL queries as a command line  parameter and it works for both integer and string based injections.

Databases supported:

  • MS-SQL
  • MySQl
  • Postgres
  • Oracle

Overview

The tool supports 2 attack modes(-type switch):

Type 0:- Blind SQL Injection based on true and false conditions returned by back-end server
Type 1:- Blind SQL Injection based on true and error(e.g syntax error) returned by back-end server.

Examples

$ ./bsqlbf-v2.pl -url http://192.168.1.1/injection_string_post/1.asp?p=1 -method post -match true -database 0 -sql "select top 1 name from sysobjects where xtype='U'"
Bsqlbfv2
bsqlbfv2.zip
April 26, 2013
7.4 KiB
MD5 hash: e8246b7bc2211618424867be3a58b5f4
Details

Request to be added to the Portcullis Labs newsletter

We will email you whenever a new tool, or post is added to the site.

Your Name (required)

Your Email (required)