SQL Power Injector: A Graphical Application
A graphical application created in C# .Net 1.1 which helps the penetration tester to find as well as exploit SQL commands on a web page. Its main strength is its capacity to automate tedious blind SQL injection with various threads.
For now, it is SQL Server, Oracle, MySQL, Sybase/Adaptive Server and DB2 compliant, but it is possible to use it with any existing DBMS when using the inline injection in Normal mode.
Definitely, the normal mode is basically the SQL command that someone will put in the parameter sent to the server.
If the characteristic of inline SQL injection is powerful in itself, its main strength dwells in the multithreaded automation of the injection. Not only there is a probability to automate tedious and time-consuming queries but you can also modify the query to get only what you want.
Obviously, it is more useful in the blind SQL injection but the other ways to develop the SQL injection vulnerability is more effusive as well as much faster when the results are showed on the web page whereas union select in an HTML table and generated 500 error for instance.
- Supported on Windows, Unix and Linux operating systems
- SQL Server, Oracle, MySQL, Sybase/Adaptive Server and DB2 compliant
- SSL support
- Load automatically the parameters from a form or an IFrame on a web page (GET or POST)
- Detect and browse the framesets
- Option that auto detects the language of the website
- Detect and add cookies used during the Load Page process (Set-Cookie detection)
- Find automatically the submit page(s) with its method (GET or POST) displayed in a different color
- It can create/modify/delete loaded string and cookies parameters directly in the Datagrids
- Single SQL injection
- Blind SQL injection
- Response to the SQL injection in a customized browser
- Can view the HTML code source of the returned page in HTML contextual colors and search in it
- Fine tuning parameters and cookies injection
- Can parameterize the size of the length and count of the expected result to optimize the time taken by the application to execute the SQL injection
- Create/edit ASCII characters present in order to optimize the blind SQL injection number of requests/speed
- Multithreading (configurable up to 50)
- Option to replace space by empty comments /**/ against IDS or filter detection
- Automatically encode special characters before sending them
- Automatically detect predefined SQL errors in the response page
- Automatically detect a predefined word or sentence in the response page
- Real time result
- Save and load sessions in an XML file
- Feature that automatically finds the differences between the response page of a positive answer to a negative one
- Can create a range list that will replace the variable (<<@>>) inside a blind SQL injection string and automatically play them for you
- Automatic replaying a variable range with a predefined list from a text file
- Firefox plugin that will launch SQL Power Injector with all the information of the current web page with its session context (parameters and cookies)
- Two integrated tools: Hex and Char encoder and MS SQL @options interpreter
- Can edit the Referer
- Can choose a User-Agent (or even create one in the User-Agent XML file)
- Can configure the application with the settings window
- Support configurable proxies