SQLiDumper v10.1.0
SQLi Dumper tool is a very powerful windows tool to automate the process of Detection and Exploitation of SQL Injection vulnerabilities. SQLi Dumper tool will do everything for you from detection or identification of vulnerability to Exploitation of vulnerability automatically. It is very powerful than the most famous Havij tool.
It is a very useful tool for the Pentesters or Bug hunters as this tool will do everything for them from detection of the vulnerability to exploitation of the vulnerability. SQLi dumper tool is able to dump all the data in the database once it has been the SQL injection vulnerability detected.
In this article, I will explain step by step process to use the SQLi Dumper tool for detecting and exploiting the vulnerability and in the end, I will also show how to dump the data once the vulnerability identified.
SQLi Dumper tool has many key features that make it the most useful tool for SQL injection vulnerability detection, Exploitation, and Post-Exploitation purposes.
Key Features of SQLi Dumper tool
Here is the key features of this tool that makes it very useful,
- It has inbuilt support of many search engines to find the targets online.
- Automated search for the targets using Dork queries.
- An automated way of Analyzing and Exploitation of the injection points.
- Bulk URL analysis and exploitation feature.
- Automated analyzer for URL GET and POST parameters, cookie values, etc.
- Supports multi-threading for Analysis, Exploitation, Dumping of the data from databases, tables, columns, etc.
- It has a custom query box to dump the specific data using the SQL queries.
- It has the advances WAF bypass techniques, can be used while analyzing, exploiting, or dumping the data.
- One can manually control delays and timeouts for better performance and WAF bypassing.
- Supports to route the data from the multiple proxies automatically.
- It has also an Admin Login finder feature and an Online hash cracker mechanism.
- It supports the Reverse IP technique.
- You don’t need to install the SQLi dumper software(provides standalone .exe).
It supports many SQL Injection Methods listed below,
– MySQL
– Error (Integer / String)
– Union (Integer / String)
Error Methods:
– Double Query
– XPATH – ExtractValue
– XPATH – UpdateXML
– Blind
– Brute Forcing
– Load File Scanner
Illegal Mix Of Collations:
– UnHexHex()
– Binary()
– Convert Using utf8
– Compress(Uncompress())
– Cast As Char
– MS SQL
– Union (Integer / String)
– Convert Using latin1
– Aes_decrypt(aes_encrypt())
– Error (Integer / String)
Illegal Mix Of Collations:
– SQL_Latin1;
– Oracle
– Cast As Char.
– Union (Integer / String)
– Error (Integer / String)
Error Methods:
– GET_HOST_ADDRESS
– GET; APPINGXPATH.
– DRITHSX.SN
Illegal Mix Of Collations:
– Cast As Char.
Supports TOP N Types:
– ROWUM
– DESE_RANK()
– RANK()
Analizer also detects:
– MS Access
– PostgreSQL
– Sybase
PS. Password : appo.pro
Comments 0