Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "SQL injection/mysqli-blindutils"
From NetSec
| Line 8: | Line 8: | ||
# [[sqli-p.pl]] - A [[perl]] script that uses [[boolean enumeration]] to retrieve data. | # [[sqli-p.pl]] - A [[perl]] script that uses [[boolean enumeration]] to retrieve data. | ||
# [[sqli-slee.py]] - A [[python]] script that uses a [[boolean timing attack]] for data extraction. | # [[sqli-slee.py]] - A [[python]] script that uses a [[boolean timing attack]] for data extraction. | ||
| + | |||
| + | {{warning|<center>End user is responsible for his or her own actions when using this software. It is a crime to use this software against any system that you do not own without written consent.</center>}} | ||
Revision as of 00:06, 19 November 2012
- Main article: Web exploitation tools
mysqli-blindutils is a package of various blind SQL injection utilities capable of extracting data from remote MySQL databases.
Package contents:
- sqli-hap.py - A python script that uses comparative precomputation to exceed the speeds of boolean enumeration during data retrieval.
- sqli-p.pl - A perl script that uses boolean enumeration to retrieve data.
- sqli-slee.py - A python script that uses a boolean timing attack for data extraction.
|
