SecuriTeam - ISR-Sqlget - Blind SQL Injection Tool

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Ask the Team
Mailing Lists
Advertising Info
Advisories
About SecuriTeam
Blogs

Brought to you by:

Suppliers of:

SecuriTeam in Your Inbox

New vulnerability?
New tool?
Tell us
(Our PGP key).

CanSecWest 2012

2nd Annual Cyber Security

Hack In Paris

Credit:
The information has been provided by Francisco Amato.
To keep updated with the tool visit the project's homepage at: http://www.infobyte.com.ar/development.html

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Protect your website!
Use an External Vulnerability Scanner!
Nothing to install. First report in 1 hour!
www.beyondsecurity.com/vulnerability-scanner

ISR-sqlget: It's a blind SQL injection tool developed in Perl. It lets you get databases schemas and tables rows. Using a single GET/POST you can access quietly the database structure and using a single GET/POST you can dump every table row to a csv-like file.

Databases supported:
- IBM DB2
- Microsoft SQL Server
- Oracle
- Postgres
- Mysql
- IBM Informix
- Sybase
- Hsqldb (www.hsqldb.org)
- Mimer (www.mimer.com)
- Pervasive (www.pervasive.com)
- Virtuoso (virtuoso.openlinksw.com)
- SQLite
- Interbase/Yaffil/Firebird (Borland)
- H2 (http://www.h2database.com)
- Mckoi (http://mckoi.com/database/)
- Ingres (http://www.ingres.com)
- MonetDB (http://www.monetdb.nl)
- MaxDB (www.mysql.com/products/maxdb/)
- ThinkSQL (http://www.thinksql.co.uk/)
- SQLBase (http://www.unify.com)

Evasion features:
- Full-width/Half-width Unicode encoding
- Apache non standard CR bypass
- mod_security bypass
- Random uppercase request transform
- PHP Magicquotes: encode every string using db CHR function or similar.
- Convert requests to hexadecimal values
- Avoid non-space replacing for /**/ or (\t) tab
- Avoid non || or + concatenation using db concat function or similar.
- Random user-agent
- Random proxy-server
- Random delay request

Common features:
- Database schemate download blacklist
- Cookie array support
- SSL support
- Proxy server support
- Database information dumped in csv format

Reporting:
- Database structure graphication to create impact executive reports require Graphviz library (http://www.graphviz.org/)

Demo:
- Demo features (bypassing IBM ISS Proventia IPS) - http://www.infobyte.com.ar/demo/ISR_sqlget_ISS_proventia_bypass.html

blog comments powered by Disqus

	Apache mod_rewrite Vulnerability PoC
	netsniff-ng - A Linux Network Analyzer and Networking Toolkit
	Simple Local File Inclusion Exploiter
	NiX A Linux Brute Forcer
	Nchop - A TCP Session Splicing Tool Used to Rvade Intrusion Detection Systems
	Netifera - Modular Open Source Platform for Security Tools
	WarVOX - Tools for Exploring, Classifying, and Auditing Telephone Systems
	Webshag - Web Server Audit Tool
	Browser Fuzzer
	FSpy - Linux Filesystem Activity Monitoring
	telnetrecon - Telnet Recon
	Zerowine Sandbox
	JPEG Fuzzer
	VNC Server Fuzzer
	RSH Fuzzer