UPDATE: mysqloit v0.2!

Latest version of mysqloit v0.2 is released and ready for action! We have discussed about this tool here.

Whats new?
1) SQL Injection detection using time based injection method
2) Database fingerprint
3) Web server directory fingerprint
4) Payload creation and execution

Basic Requirements:
1) FILE privileges.
2) Web server and database server must be in the same machine 3) Prior knowledge of the web server directory.
4) For the LAMP platform, if the mysqld runs as a non root user, a writable web server directory is required.

How to use?
It is written in python, so can be run from any system which has python compiler.

./mysqloit.py -h

Download mysqloit here

Related Posts

• March 15, 2010 -- UPDATE: sqlmap 0.8 Final!
• November 26, 2009 -- Pangolin – Automatic SQL injection penetration testing tool
• October 12, 2009 -- Update : Sqlmap version 0.8 release candidate 1
• July 29, 2009 -- Tips and tips for advance sql injection
• March 10, 2010 -- ackack: Monitor your Network Traffic and Detect Unauthorized Sessions Easily!
• March 6, 2010 -- UPDATE: Samurai Web Testing Framework 0.8!
• March 4, 2010 -- Vulnerability Manager: Automate Your Application Security Program!
• February 25, 2010 -- PenTestIT Post Of The Day: Hacking Oracle From Web!
• February 22, 2010 -- DNSmap: The passive DNS network mapper!

Tagged as: application security, database security, mysql injection tool, sql injection tecniques