[转载]SQL Injection Pentesting TooL

信息来源：邪恶八进制信息安全团队（www.eviloctal.com）



  
The SQL Injection TooL designed to examine database through errors in the programming code web sites, or more precisely, it uses so-called SQL Injections  
  
Features of programm  
  
Version 3.0.0 PreRelease - FREEE!!!
Completely overhauled engine programme.
Now, the element of WinSock is added, which gives work with low HTTP protocol, it has significantly expanded its capabilities.

--- [Added]
- Work with injection through GET,POST,GET(inside Cookie),POST(inside Cookie)
- Terminal for HTTP RAW (analogue of InetHack)
- Upload file to server through SQL
- Reading every available for reading file on the server:)
- BackConnect from DB = MsSQL
- Dump DB, if type of DB is MsSQL
- Possibility of a Basic authentication
- Possible Determine of the fields of a SELECT query using the ORDER BY,GROUP BY,UNION SELECT
- Possible replacements comments to analog when filtering
- Possible replacements spaces to analog when filtering
- Possibility of autodetection of KeyWord
- Possibility of autodetection of type DB
- Ability to connect to the servers at random port
- Ability to connect to the proxy-servers to a random port
--- [Fixed]
- A accurate definition of quantity the fields that supports printing values
- A accurate with proxy-servers

http://sqltool.itdefence.ru/indexeng.html