Skip to main content

BBSQL and new injection tool written in python

BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customization for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has an intuitive UI to make setting up attacks much easier. Python gevent is also implemented, making BBQSQL extremely fast.

Summary

We tried to write the tool in such a way that it would be very self explanatory when setting up an attack in the UI. However, for sake of thoroughness we have included a detailed Readme that should provide you additional insight on the specifics of each configuration option. One thing to note is that every configuration option in the UI has a description associated with it, so if you do choose to fire up the tool without reading this page you should be able to hack your way through an attack.

High Level Usage

Similar to other SQL injection tools you provide certain request information.
Must provide the usual information:

URLHTTP MethodHeadersCookiesEncoding methodsRedirect behaviorFilesHTTP AuthProxies

Then specify where the injection is going and what syntax we are injecting. Read on for details.

How to Install

This should be straight forward, but what ever is. Try running:

sudo pip install bbqsql

If that doesn’t work for you, you can install from source. The tool requires gevent , requests .

Download now: BBQSQL

Comments

Popular posts from this blog

So what exactly is cryptography

Nowadays Internet is an important part of Life.  We are using the Internet for sending confidential data also like password,for storing army secrets. But the Internet is insecure medium.we all use internet at a daily basis.  Do you know why? Insecure Medium: Imagine you are sending a data.  In internet world, data are separated as packets and send to the destination.  Do you think the data directly reaching the destination?   If  you think so,you are wrong.  The packets are going through different routers.  Finally, the data is sent to the user.  In this gap, Intruders(i mean attackers) takes advantages. so who are they .the are  I.they  can see what you are sending.  Because your data are simple and easy to readable by anyone. How to secure the data? We can not stop the intruders and their activities.  But we can make our data as Unreadable for Intruders.  For this purpose, the Cryptography is introduce...

Lunix malware havoc

The Krebs DDoS attacks have proven that the IoT landscape is a fertile ground that can breed huge botnets capable of launching massive DDoS assaults. As such, it should be no surprise that malware authors are now focusing their efforts on this sector and putting out new threats in the hopes of building the next Mirai botnet. One of the latest additions to the IoT malware market is a trojan codenamed Linux/NyaDrop, recently reverse engineered by MalwareMustDie, the same researcher who discovered the Mirai malware. MalwareMustDie points out in his research that this binary appeared in May, but was somewhat simplistic and not that common. Things changed after the Krebs DDoS attacks, and a new sample has appeared on the market, with the malware’s author most likely drawn back to the IoT landscape by Mirai’s success. Just like most IoT malware nowadays, NyaDrop’s author relies on brute-forcing Internet-exposed IoT devices using their default credentials. In a conversati...

Remove virus from android

Desktops aren’t the only gadgets that can be affected by a virus. Android devices have a malware problem and it’s growing every day. If you do get a virus, you could perform a factory reset to get rid of it, but that means you’d lose all your data — those photos you shot, the saved games, the text messages, and everything else. Obviously, you want a factory reset to be your last option. So what can you do to remove a virus from Android without a factory reset? Is It Really a Virus? If your phone isn’t functioning the way it should be, there’s a chance you have some malware on it. One wrong tap somewhere and a malicious file might have been downloaded on your phone, which is leeching battery life, Internet resources, or your personal data. But it could be something else. Suppose your Android refuses to boot or crashes every time it starts up. Or maybe you can’t seem to download apps from the Play Store. These are not necessarily caused...