jSQL Injection is a lightweight application used to find database information from a distant server.
jSQL is free, open source and cross-platform (Windows, Linux, Mac OS X, Solaris).
Version 0.2 features:
GET, POST, header, cookie methods
normal, error based, blind, time based algorithms
automatic best algorithm selection
thread control (start/pause/resume/stop)
expose URL calls
simple evasion
data retrieving progression bar
proxy setting
supports MySQL
Next release v0.3 will include:
+ distant file reading [sqli]
+ webshell deposit [sqli]
+ terminal to run webshell commands [gui]
+ configuration backup [gui]
+ Updates checking [gui]
+ user interface tweaks [gui]
Next work:
+ distant table writing [sqli]
+ distant file writing [sqli]
+ reverse tcp shell deposit [sqli]
+ right elevation [sqli]
+ speed increase (non encoding pass): 50% faster [sqli]
+ control all running tasks in a tab [gui]
# speed test comparison with other injection tools [dev]
# automatic code testing (JUnit) [dev]
# wiki pages [site]
https://code.google.com/p/jsql-injection/
Download JSQL v0.3
