Sayfalar

[JSQL v0.3] Java Tool for Automatic Database Injection

jSQL Injection is a lightweight application used to find database information from a distant server.

jSQL is free, open source and cross-platform (Windows, Linux, Mac OS X, Solaris).




Version 0.2 features:
  • GET, POST, header, cookie methods
  • normal, error based, blind, time based algorithms
  • automatic best algorithm selection
  • thread control (start/pause/resume/stop)
  • expose URL calls
  • simple evasion
  • data retrieving progression bar
  • proxy setting
  • supports MySQL

Next release v0.3 will include:
+ distant file reading [sqli]
+ webshell deposit [sqli]
+ terminal to run webshell commands [gui]
+ configuration backup [gui]
+ Updates checking [gui]
+ user interface tweaks [gui]
Next work:
+ distant table writing [sqli]
+ distant file writing [sqli]
+ reverse tcp shell deposit [sqli]
+ right elevation [sqli]
+ speed increase (non encoding pass): 50% faster [sqli]
+ control all running tasks in a tab [gui]
# speed test comparison with other injection tools [dev]
# automatic code testing (JUnit) [dev]
# wiki pages [site]