Home Exploits Tools SQLbit – Script for Automatize Boolean-Based Blind SQL Injections

SQLbit – Script for Automatize Boolean-Based Blind SQL Injections

April 27, 2022 Leave a Comment
SQLite - Exploit Boolean-Based Blind SQL Injections Bug

SQL Blind Injection Tool

Just another script for automatize boolean-based blind SQL injections.

Works with SQLite at least, supports using cookies.

It uses bitwise comparisons with multithreading to find cell values instead of binary search, which is more efficient.

It’s able to:

  • Search cell values by columns in a table
  • Search characters count in a cells by columns in a table
  • Search rows count in a table

The search algorithm is shown below

SQLite - Script for Automatize Boolean-Based Blind SQL Injections

The number of bits need to compare (7 by default for ASCII) and the number of threads can be specified as input data.


Installation

git clone https://github.com/Sunlight-Rim/sqlbit.git pip3 install -r requirements.txt

Usage

It does not accept command line arguments, so you can specify data in the config file or at runtime program.

python sqlbit.py

SQLite - Exploit Boolean-Based Blind SQL Injections Bug
Download SQLbit

You May Also Like

Fully automated Log4j RCE Scanning and Exploit Tool Kali Linux

log4j-scan – Log4j RCE Scanning and Exploit Tool

Subzy - Subdomain Takeover Vulnerability Scan Tool

Subzy – Subdomain Takeover Vulnerability Tool

IntruderPayloads - a Collection of Burpsuite Intruder Payloads For Bug Hunting

IntruderPayloads – Collection of Burpsuite Intruder Payloads For Bug Hunting

What is CORS Misconfiguration Bug

Corsy – CORS Misconfiguration Scanner

Faraday Web Dashboard- Open Source Vulnerability Management Platform

Faraday – Open Source Vulnerability Management Platform

Gopherus SSRF to RCE with Reverse Shell - Tool for Exploiting SSRF and gaining RCE

Gopherus – Tool for Exploiting SSRF and gaining RCE

Leave a Reply

Your email address will not be published. Required fields are marked *

9 − nine =