Locked jSQL Injection v0.4 - a java tool for automatic database injection

[mauzzz]

This is the hidden content, please

• Sign In
• or
• Sign Up

 

This is the hidden content, please

• Sign In
• or
• Sign Up

 

Description

 

jSQL Injection is a lightweight application used to find database information from a distant server.

jSQL is free, open source and cross-platform (Windows, Linux, Mac OS X, Solaris).

 

Version 0.4 features:

 

GET, POST, header, cookie methods

Normal, error based, blind, time based algorithms

Automatic best algorithm selection

Multi-thread control (start/pause/resume/stop)

Progression bars

Shows URL calls

Simple evasion

Proxy setting

Distant file reading

Webshell deposit

Terminal for webshell commands

Configuration backup

Update checker

Admin page check and preview

Brute forcer (md5 mysql...)

Coder (encode decode base64 hex md5...)

Supports MySQL

 

Current work:

* upload binary/text file via hexadecimal and 'into dumpfile' [sqli]

* upload binary/text file via HTML form [dev]

* upload binary/text file via netcat [dev]

* testing netcat client (full Java) [dev]

* testing telnet client (full Java) [dev]

* testing VNC client (full Java w/ TightVNC) [dev]

 

Next work:

+ upload page check and preview [dev]

+ distant table writing [sqli]

+ upload binary file via temporary table and 'into dumpfile' [sqli]

+ netcat connection (upload server) [dev]

+ VNC connection (upload server) [dev]

+ RDP connection (providing client) [dev]

+ right elevation [sqli]

+ manual injection for advanced users [sqli]

+ speed increase (non encoding pass): 50% faster [sqli]

+ controlling all running tasks in a tab [gui]

# speed test comparison with other injection tools [dev]

# automatic code testing (JUnit) [dev]

# wiki pages [site]

 

 

This is the hidden content, please

• Sign In
• or
• Sign Up

This is the hidden content, please

• Sign In
• or
• Sign Up