Official release of SQL Power Injector 1.2



Greeting list,

I have the pleasure to announce that a new version of SQL Power Injector is now officially available on my web site:

www.sqlpowerinjector.com

This time like the last version I emphasized on maturity, stability and reliability. I also emphasized on usability, documentation and innovation.

One of the major improvements is an innovative way to optimize and accelerate the dichotomy in the Blind SQL injection, saving time/number of requests up to 25%.

Added to this it's now possible to define a range list that will replace a variable (<<@>>) inside a blind SQL injection string and automatically play them for you. That means you can get all the database names from the sysdatabases table in MS SQL without having to input the dbid each time for example.

Also another great time saver is a new Firefox plugin that will launch SQL Power Injector with all the information of the current webpage with its session context. No more time wasted to copy paste the session cookies after you logged... And of course you can make the easy SQL tests in your browser and you use the plugin once you want to search more thoroughly.

To make your life easier there is now a new feature that will search the diff between a positive condition (1=1) response with a negative condition (1=2) and display the list for you.

Last major addition is the extensive databases Help file (chm) that contains most of the information you need when you SQL inject. It covers the 5 DBMS supported by SQL Power Injector. You can find in it the system tables and views with their columns, environment variables, the useful functions and stored procedures. All this with some notes to how to use them and why it's useful for SQL injection.

But of course, it's more than that... As you will see in the list of the new features.

* Now support DB2 database
* Can create/edit ASCII characters preset in order to optimize the blind SQL injection number of requests/speed
* Can make the blind SQL injection case insensitive (useful with characters preset)
* New feature that will find the differences between the response page of a positive answer with a negative one
* Created a Firefox Plugin that will launch SQL Power Injector with all the current page context (string parameters and cookies)
* Created an extensive documentation used as a databases "Aide Memoire" that contains information related to SQL injection for each supported DBMS (System tables (with their column names and description), environment and session variables, functions, dangerous stored procs, etc...)
* Can create a range list that will replace the variable (<<@>>) inside a blind SQL injection string and automatically play them for you
* Automatic replaying a variable range with a predefined list from a text file
* New management console for Cookies used for the Load Page process
* Detect and add Cookies used during the Load Page process (Set-Cookie detection)
* Improved the User Interface to display contextual information (normal vs blind mode)
* New Datagrid has been added with the Cookies information, which can be injected in the same fashion than the String Parameter
* Improved the accuracy and reliability of the blind SQL injection results (if a character cannot be found it's replaced by the sun char (¤))
* Can edit the Referer
* View source now displays HTML in colors and can be customized in a XML file
* Can search in the View source
* Can choose an User-Agent from the menu (and even add new ones in the XML file)
* Threads are better managed and it's now possible to raise it to the number you wish (50 max in the application but can be changed in the source code)
* Can configure the application settings
* Support configurable proxies
* With SQL Server it is possible to use the TOP keyword
* Take in account the different syntax of MySQL 4.1.0 and lower with higher versions in the database list
* Various things redesigned and quality improvement
* Two integrated tools: Hex and Char encoder and MS SQL @options interpreter
* Problems when there is a Form tag inside another one (Bug fix)
* Bug with multi threads with cookies (Bug fix)

For those who don't know what is SQL Power Injector you will find next
some details about the application (more details can be found on the web
site):

INTRODUCTION
=============

SQL Power Injector is a graphical application created in .Net 1.1 that
helps the penetrating tester to inject SQL commands on a web page.

For now it is SQL Server, Oracle and MySQL compliant, but it is possible to use it with any existing DBMS when using the inline injection (Normal
mode).

Moreover this application will get all the parameters you need to test the SQL injection, either by GET or POST method, avoiding thus the need to use several applications or a proxy to intercept the data.

FEATURES
=======

* Supported on Windows, Unix and Linux operating systems
* SQL Server, Oracle, MySQL, Sybase/Adaptive Server and DB2 compliant
* SSL support
* Load automatically the parameters from a form or a IFrame on a web page (GET or POST)
* Detect and browse the framesets
* Option that auto detects the language of the web site
* Detect and add cookies used during the Load Page process (Set-Cookie detection)
* Find automatically the submit page(s) with its method (GET or POST) displayed in a different color
* Can create/modify/delete loaded string and cookies parameters directly in the Datagrids
* Single SQL injection
* Blind SQL injection
- Comparison of true and false response of the page or results in the cookie
- Time delay
* Response of the SQL injection in a customized browser
* Can view the HTML code source of the returned page in HTML contextual colors and search in it
* Fine tuning parameters and cookies injection
* Can parameterize the size of the length and count of the expected result to optimize the time taken by the application to execute the SQL injection
* Create/edit ASCII characters preset in order to optimize the blind SQL injection number of requests/speed
* Multithreading (configurable up to 50)
* Option to replace space by empty comments /**/ against IDS or filter detection
* Automatically encode special characters before sending them
* Automatically detect predefined SQL errors in the response page
* Automatically detect a predefined word or sentence in the response page
* Real time result
* Save and load sessions in a XML file
* Feature that automatically finds the differences between the response page of a positive answer with a negative one
* Can create a range list that will replace the variable (<<@>>) inside a blind SQL injection string and automatically play them for you
* Automatic replaying a variable range with a predefined list from a text file
* Firefox plugin that will launch SQL Power Injector with all the information of the current webpage with its session context (parameters and cookies)
* Two integrated tools: Hex and Char encoder and MS SQL @options interpreter
* Can edit the Referer
* Can choose a User-Agent (or even create one in the User-Agent XML file)
* Can configure the application with the settings window
* Support configurable proxies

SUMMARY OF THE DIFFERENCES WITH THE OTHER EXISTING TOOLS
========================================================

* Web page string and cookie parameters auto detection
* Fine tuning parameters SQL injection
* Time delay feature
* Multithread feature
* Response results in a customized browser
* Automated positive and negative condition discovery
* Blind SQL injection characters preset optimizer

LICENSE
=======

Clarified Artistic License

Cheers!

Francois Larouche



Relevant Pages

  • Official release of SQL Power Injector 1.2
    ... One of the major improvements is an innovative way to optimize and accelerate the dichotomy in the Blind SQL injection, saving time/number of requests up to 25%. ... Also another great time saver is a new Firefox plugin that will launch SQL Power Injector with all the information of the current webpage with its session context. ... No more time wasted to copy paste the session cookies after you logged... ...
    (Bugtraq)
  • Official release of SQL Power Injector 1.2
    ... One of the major improvements is an innovative way to optimize and accelerate the dichotomy in the Blind SQL injection, saving time/number of requests up to 25%. ... Also another great time saver is a new Firefox plugin that will launch SQL Power Injector with all the information of the current webpage with its session context. ... No more time wasted to copy paste the session cookies after you logged... ...
    (Pen-Test)
  • [Full-disclosure] OTRS 1.x/2.x Multiple Security Issues
    ... OTRS, the Open Source Ticket Request System, is a trouble ... ranging from cross site scripting to SQL injection. ... A malicious user may be able to conduct blind SQL code ... an attacker may be able to exploit this issue. ...
    (Full-Disclosure)
  • Official release of SQL Power Injector 1.1
    ... I have the pleasure to announce that a new version of SQL Power Injector is now officially available on my web site: ... For now it is SQL Server, Oracle and MySQL compliant, but it is possible to use it with any existing DBMS when using the inline injection (Normal ... Response of the SQL injection in a customized browser ...
    (Pen-Test)
  • Official release of SQL Power Injector v1.0
    ... SQL Power Injector is a graphical application created in .Net 1.1 that helps the penetrating tester to inject SQL commands on a web page. ... For now it is SQL Server, Oracle and MySQL compliant, but it is possible to use it with any existing DBMS when using the inline injection. ... Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. ...
    (Pen-Test)