The Mole(SQL Injection exploitation tool) v0.3 released 

The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole features and tutorial has been discussed before but the new version of Mole (v3.0) has been released and available to download.



Features

  • Support for injections using Mysql, SQL Server, Postgres and Oracle databases.
  • Command line interface. Different commands trigger different actions.
  • Auto-completion for commands, command arguments and database, table and columns names.
  • Support for filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.
  • Exploits SQL Injections through GET/POST/Cookie parameters.
  • Developed in python 3.
  • Exploits SQL Injections that return binary data.
  • Powerful command interpreter to simplify its usage.

Current Release: v0.3 (2012-03-02)

Current Bug-Free version

Even though we want to keep the release up-to-date, it is impossible to make one for every single patch we have applied to the current version to fix a bug. We strongly recommend using the bugfix branch from our repository. To get it, execute:

git clone -b bugfix git://git.code.sf.net/p/themole/code themole-code

In order to put it up to date, before using it, update it by executing:

git pull origin bugfix


The Mole’s release 0.3 is out! Several bugfixes have been made and new features were introduced. As:

* Enabled injection through cookie paramters.
* New filtering mechanism enabling better manipulation and easier filter development.
* Added several of those filters.
* SQL Injections that return binary data are now exploitable.
* DMBS credentials listing.

The Mole SQLi Exploitation Tool Tutorial

Complete tutorial with video explanation can be find here.

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...