Skip to content
/ blind-sqli-scripts Public

Template scripts developed to retrieve information using various techniques in blind SQL injection attacks

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

XingSc29/blind-sqli-scripts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits

README.md

README.md

 
 

bolean-based.py

bolean-based.py

 
 

error-based.py

error-based.py

 
 

time-based.py

time-based.py

 
 

Repository files navigation

Introduction

Blind SQL injection is tricky because it usually involves brute-forcing to retrieve information.

While SQLMap is a great tool to retrieve information, custom scripts can be a better alternative in certain scenarios. For example:

  • If the web application works differently where they b64-encode the SQL queries before submitting the web requests, SQLMap might not work well.
  • If we have determined a payload that will bypass the target web application firewall, we may want to stick to it by defining the payload in our script instead of using SQLMap.

Overall, an exploit script will offer more flexibility.

To-do

  • Add better algorithms like binary search

About

Template scripts developed to retrieve information using various techniques in blind SQL injection attacks

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages