SQLbit – Script for Automatize Boolean-Based Blind SQL Injections

SQLite - Exploit Boolean-Based Blind SQL Injections Bug

SQL Blind Injection Tool

Just another script for automatize boolean-based blind SQL injections.

Works with SQLite at least, supports using cookies.

It uses bitwise comparisons with multithreading to find cell values instead of binary search, which is more efficient.

It’s able to:

  • Search cell values by columns in a table
  • Search characters count in a cells by columns in a table
  • Search rows count in a table

The search algorithm is shown below

SQLite - Script for Automatize Boolean-Based Blind SQL Injections

The number of bits need to compare (7 by default for ASCII) and the number of threads can be specified as input data.


Installation

git clone https://github.com/Sunlight-Rim/sqlbit.git pip3 install -r requirements.txt

Usage

It does not accept command line arguments, so you can specify data in the config file or at runtime program.

python sqlbit.py

SQLite - Exploit Boolean-Based Blind SQL Injections Bug

You May Also Like

Leave a Reply

Your email address will not be published.

14 − three =