Download Here
SQL-Injector
A chrome extension for sql injection using Union Based and Error Based
How To Install:
go to chrome://extension then drag and drop the sql injector folder to open it go to the options of the chrome extension.
How To Use:
To use this tool simply put your target url in the url textbox
Put '_INJECTHERE_' (without quotes) where the tool will inject.
Example:
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1_INJECTHERE_
Click start button and it will start scanning if its vulnerable or not
First the tool will check if the page is changing every visit.
And if it is, you need to take a piece of text that is in normal page.
Example:
website.com/page.php?id=19
Costs: 5 pesos only!
website.com/page.php?id=19'
Costs: only!
You see that the phrase '5 pesos' text disappears.
So you will put that phrase in normalPageKeyword and click start again.
Then after that, the tool will check if there's difference between the normal page and the errored page (the url with quote id=19')
And if normal page is the same as error page, then maybe its not vulnerable so you gotta find another target url.
Then if its not the same as error page, then the tool will now try to get the right comment
There are different types of comment depending on sql syntax:
'--+
--
#
)--+
')--+
"--+
etc..
If the tool cannot find the right comment, you may need to get the right comment by yourself and put it in the comment text box
For example the right comment is " '--+ " then you need to put " '_PAYLOAD--+ " in the comment textbox then click start again
Then the tool will start trying to get the vulnerable columns
it will try to use order by and group by method.
if the tool can't then you gotta count it by yourself and put it in numberOfColumns textbox.
Then the tool will start trying to get the injectable columns
if the tool can't then you gotta get it by yourself and put it in injectableColumn textbox.
Now if you have the comment type, number of columns and injectable columns.
You can now start gathering informations.
First lets try clicking getting version, user and currentDB
After that click [GET] button in database panel.
It will dump the database names, if you already have the database name you can put it in addDatabase textbox then click '>' button
Then select the database you want then click [GET] in the table panel to get the tables.
Same as the columns.
After that you will now dump the datas
You can select multiple columns that you want to dump
for example:
you choosed username column and password column
it will be username,0x3a,passwword
the 0x3a is ':' to seperate the username and password
result: admin:admin123,test1:testing123,z3r:z3r19
No comments:
Post a Comment