BSQLinjector - Blind SQL injection exploitation tool written in ruby.

BSQLinjector – Blind SQL injection exploitation tool written in ruby.

BSQLinjector uses blind method to retrieve data from SQL databases. I recommend using “–test” switch to clearly see how configured payload looks like before sending it to an application.

Blind SQL injection exploitation tool written in ruby.

Blind SQL injection exploitation tool written in ruby.

Support Platform
– Windows using MinGW
– All Linux and Unix Platform

Example usage:
ruby BSQLinjector.rb –pattern=truestatement –file=/tmp/req.txt –prepend=”abcd’and’a’=’b’+union+select+’truestatement’+from+table+where+col%3d’value’+and+substr(password,” –append=”‘#” –ssl
BSQLInjector.rb Script:

Source : https://github.com/enjoiz