SQL Blind Injection Tool
Just another script for automatize boolean-based blind SQL injections.
Works with SQLite at least, supports using cookies.
It uses bitwise comparisons with multithreading to find cell values instead of binary search, which is more efficient.
It’s able to:
- Search cell values by columns in a table
- Search characters count in a cells by columns in a table
- Search rows count in a table
The search algorithm is shown below
The number of bits need to compare (7 by default for ASCII) and the number of threads can be specified as input data.
git clone https://github.com/Sunlight-Rim/sqlbit.git pip3 install -r requirements.txt
It does not accept command line arguments, so you can specify data in the config file or at runtime program.