Monday, May 23, 2011

Online SQL Injection Tester with WAF Bypass Soon..

Hey fellas , 

               I am currently designing online sql injection tester. You can just insert your website/weblink/site in the input provided and when once you press scan it automatically penetrate into the website and try to grab as much as information.

The Information it would retrieve is 
Database Name
OS Version
Mysql Version
Host Name
Total Tables present in the Database
Total Columns present in the Database 
All the table names 
All the column Names associated with the table names.
Already i have designed SQL Injection value Dumper so i dont need to dump more values :) 

Currently it is underdevelopment right now it can Find the following 

Database NAME
OS Version
MYSQL Version
Hostname
Total Tables
Total Columns 

Well i know there are lots of other tools which can do the same where is the difference ? 

Well this has artificial intellegence automatically detect the Web Application Firewall (W.A.F) that means 
when you do some sql injection on some sites it says Forbidden this bypasses all those and retrieves the values :) .
I am not saying this penitrates 100% but most of it :) it does .

This is still underdevelopment as i have got little less time i will do my best to complete this project as soon as possible should not be less than a week or 2. :) 

You donation/comments are always welcome :) that would make me feel better and code better.

If you are my Hater/Enemy please curse yourself i don't mind.
URL:Well it will be on the Next Post and here too once completed :)

Here are some of the screen shots GUI i am not even thinking to keep fancy boxes.

The Site says Forbidden with normal sql injection

Starting screen for SQLI Injector i know GUI SUX

Inserting the URL HERE

Now Press Scan Button

Now it scans and find the Database and Version bypassed WAF


Regards
Subhash Dasyam
Freelance Pentester

3 comments for "Online SQL Injection Tester with WAF Bypass Soon.."

  1. nice tool online :)

    ReplyDelete
  2. Hey mate,

    I cant see any link. When will you release that online tool?

    ReplyDelete
  3. wow nice please post it here soon i need that desperately.

    ReplyDelete

background