SQLIer

  1,963 downloads
0.8.2b BSD License    
  n/a
SQLIer is a script that uses brute force to crack passwords through

description

download

1  

specifications

SQLIer is a script that uses brute force to crack passwords through "true/false" SQL injection vulnerabilities. With "true/false" SQL injection vulnerabilities, you cannot actually query data out of the database, only ask a statement that is returned "true" or "false".

SQLIer takes each character's ASCII code and asks a "higher/lower" question to the database, eventually reaching the actual character code. This script also does not use quotes in the exploit to operate, meaning it will work for a wider range of sites.

An 8 character password (containing any character from decimal ASCII code 1-127) takes approximately 1 minute to crack.

What's New in This Release:

This release removes the dependency on the "tempfile" command, which apparently is Debian/Debian-derivative specific.
It should now work on most GNU/Unix platforms.
READ MORE   
Last updated on October 13th, 2006
1  
SQLIer

0 User reviews so far.

SUBMIT