ALERT!
Click here to register with a few steps and explore all our cool stuff we have to offer!
Home
Upgrade
Credits
Help
Search
Awards
Achievements
 4108

SQLi Dumper v.9.6

by Foxi - 03-14-2018 - 07:39 AM
#1
[Image: SQLi%2BDumper%2Bv.9.6.png]

SQLi Dumper v.9.6 is an excellent, advanced, automatic SQL injection tool for testing links that may contain SQL injection problems in Windows.

This tool is more powerful than the famous Havij SQL injection and has many features including:
-Supports Multi. Online search engine (to find the trajects);
-Automated exploiting and analyzing from a URL list;
-Automated search for data in a bulk URL list;
-Automated analyzer for injections points using URL, POST, Cookies, UserLogin or UserPassword;
-Dumper supports dumping data with multi-threading (databases/tables/columns/fetching data);
-Exploiter supports up to 100x threads;
-Analyzer and Dumper supports up to 50x threads;
-Advanced WAF bypass methods;
-Advanced custom query box;
-Dumper can dump large amounts of data, with greats control of delay each request (multi-threading);
-Easy switch vulnerabilities to vulnerabilities;
-Supports proxies list;
-GeoIP database;
-Internal database;
-Trash System;
-Admin login finder;
-Hash online cracker;
-Reverse IP;
-Standalone .exe (no install).

The SQL Injection Methods that are supported include:
– MySQL
– Union (Integer / String)
– Error (Integer / String)
** Error Methods:
– Double Query
– XPATH – ExtractValue
– XPATH – UpdateXML
– Brute Forcing
– Blind
– Load File
– Load File Scanner
** Illegal Mix Of Collations:
– UnHexHex()
– Binary()
– Cast As Char
– Compress(Uncompress())
– Convert Using utf8
– Convert Using latin1
– Aes_decrypt(aes_encrypt())
– MS SQL
– Union (Integer / String)
– Error (Integer / String)
** Illegal Mix Of Collations:
– SQL_Latin1;
– Cast As Char.
– Oracle
– Union (Integer / String)
– Error (Integer / String)
** Error Methods:
– GET_HOST_ADDRESS
– DRITHSX.SN
– GET;APPINGXPATH.
** Illegal Mix Of Collations:
– Cast As Char.
** Suports TOP N Types:
– ROWUM
– RANK()
– DESE_RANK()
** Analizer detects also:
– MS Access
– PostgredSQL
– Sybase

I wanted to use its dork scanner feature for a specific website, not a random search. But, how?
Use this dork in a dork scanner:
.aspx? & site:samplesite.com
.php?  & site:samplesite.com
.asp?  & site:samplesite.com
.pl?   & site:samplesite.com
.jsp?  & site:samplesite.com
And, it simply fetches the links and automatically scans for SQL injection in those links.

Virustotal:
https://www.virustotal.com/#/file/828d20.../detection

Download:
Hidden Content
You must register or login to view this content.

Reply
#2
Nice work dude!!!!
This account is currently banned
Ban reason: multi | IP: 31.171.154.155 | Email: N/A
Reply
#3
Thanks a lot bro!
Reply
#4
Thanks for sharing
Reply
#5
Thanks for sharing bro, this is cool tool :D
Reply

Users browsing: 1 Guest(s)