Download Our Hash Cracker. Our Other Blogs "Python Journey" and "SQL Injection Techniques".


Friday, March 16, 2012

Automatic SQLi Vulnerability Finder

Posted by Subir Sutradhar | Friday, March 16, 2012 | , , , , ,

In This post I am going to Introduce a Tool, which Automatically scans for Websites which are Vulnerable to SQLi.

If You Like This Post, Don't Forget To Give This Blog Credits By Hitting LIKE on the Left hand Side and +1 for Google.

The SQL Poizon Tool



Click Here to Download

How to use (The Basic Usage):

Open up the SQL Poizon Tool

1. Under Search Hunter Tab, Left Hand Pane, Expand All Dorks Options, choose any Dork Type, Example Php, expand Php and again choose the exact dork that You Would like to Exploit with, Example: inurl:index.php?id=



2. Now on the Right Hand Pane, at the top, Drop down the Engine and select Searchqu, we cannot select Google API because Google stops the search by Captcha.
Drop down the Max, and select how many sites u want to find together. Country, If you want to be specific, Drop it down and select the Country, from which the sites are to be checked for Vulnerability, then click on Scan beside Engine.

3. Once the Scan completes, Right hand side lower pane will have a list of websites. Right click on any one and click on "Send to SQLi Crawler>>All"



Next, at the top, click on SQLi Crawler Tab, and on the First Pane, Click on Crawl, The Tool will start checking the sites for Vulnerability.

And the Second pane, is where the Vulnerable Links will be displayed. There will be two types of result under Vulnerable links.

One with yellow bulbs>>>Means Not sure whether vulnerable or not(Personally I suggest its a waste of time researching with the these kind of websites)

Another one will be the jackpots, websites with red cross, they are vulnerable.

So this Tool helps to find out List of websites that are Vulnerable to SQLi.

This is just the Basic Usage Tutorial, You Can Explore the Tool More To get More Results.

Click Here to Download

Suppose I get a Link http://www.xyz.com/index.php?id=8

Now we can use The Mole Tool For exploiting the Site.

To know how to use The Mole Tool and Download .Click Me

NOTE: This is For Educational Purpose, No One is Held Responsible for any kind of consequences, be it Good or Bad. Use at your own risk.

If You Like This Post, Don't Forget To Give This Blog Credits By Hitting LIKE on the Left hand Side and +1 for Google.

Feel Free To Leave A Comment

If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!


0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Labels