Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

 

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware,, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      bash818

      SQLi-Fuzzer

      1 post in this topic

      Hidden Content

        Give reaction to this post to see the hidden content.

      Copy and paste into your terminal. Drop it into the same directory where "sqlmap-dev/sqlmap.py" is located

      for me its in "/opt/"....

      Usage is simple, ./L23 <target>

      If you want to run against list of targets make sure theyre  one line each

      site.com

      site.net

      site.gov

      etc...

      run with this

      Hidden Content

        Give reaction to this post to see the hidden content.

      I let this run against a list of sites and check on results later in >>> "cat ~/.sqlmap/output/<targetSite>/log"

       

      • Like 8
      • Thanks 1
      • Haha 1

      Share this post


      Link to post
      Share on other sites
      Guest
      This topic is now closed to further replies.

      • Similar Content

        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content.
          Hidden Content
          Give reaction to this post to see the hidden content.  
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Introduction
          SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine and many features for penetration testers.
          SQLMap is capable of databases fingerprinting, fetching data from the databases, accessing the database file systems, running different commands on the target server, etc.

          SQLmap: Automatic SQL Injection Tool
          This very powerful exploitation tool is developed in Python an it’s FREE to use. It requires Python version 2.6.x or 2.7.x. and comes preinstalled on Kali Linux, but can be run on any platform.
          Features
          SQLmap have many features divided into 3 groups:
              GENERIC FEATURES     FINGERPRINT AND ENUMERATION FEATURES     TAKEOVER FEATURES We’ll list some of them here:
              Full support for:MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase and SAP MaxDB database management systems.
              Full support for six SQL injection techniques: boolean-based blind, time-based blind, error-based, UNION query, stacked queries and out-of-band.
              Support to directly connect to the database without passing via a SQL injection, by providing DBMS credentials, IP address, port and database name.
              Support to enumerate users, password hashes, privileges, roles, databases, tables and columns.
              Automatic recognition of password hash formats and support for cracking them using a dictionary-based attack.
              Support to dump database tables entirely, a range of entries or specific columns as per user’s choice. The user can also choose to dump only a range of characters from each column’s entry.
              Support to search for specific database names, specific tables across all databases or specific columns across all databases’ tables. This is useful, for instance, to identify tables containing custom application credentials where relevant columns’ names contain string like name and pass.
              Capable to download and upload any file from the database server underlying file system when the database software is MySQL, PostgreSQL or Microsoft SQL Server.
              Support to execute arbitrary commands and retrieve their standard output on the database server underlying operating system when the database software is MySQL, PostgreSQL or Microsoft SQL Server.
              Ability to establish an out-of-band stateful TCP connection between the attacker machine and the database server underlying operating system. This channel can be an interactive command prompt, a Meterpreter session or a graphical user interface (VNC) session as per user’s choice.
              Support for database process’ user privilege escalation via Metasploit’s Meterpreter getsystem command.


          Hidden Content
          Give reaction to this post to see the hidden content.
        • By gonzaloball
          download cracked full version of SQLi Dumper v.9.7 [Cracked By PC-RET]



          Hidden Content
          Give reaction to this post to see the hidden content.




          * Added auto disable scanner IP blacklist 
          * Fixed URL parser 
          * Improved Exploiter, better detection rate 
          * Misc: improvements, fixes and optimizations 

          If anyone has an error, 
          then install 




          free download the link and enjoy

          BINDED & BACKDOORED

          password: 1234
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content.
          The probably most powerful SQLi Dumping Panel named SIB!
          This panel is faster than SQLi Dumper and many other sqli tools.


          Hidden Content
          Give reaction to this post to see the hidden content.