Monday, June 20, 2011

BSQLBF v.2.7 - Blind Sql Injection Brute Forcer Released

An updated version is now available for download. This supports “-nomatch” switch. The -nomatch switch is exactly opposite of the -match switch, ie, it will look for the supplied unique keyword which only appears in the false page and NOT in true page. Remember, the “-match” looks for a unique string which only appears in true and do not appear in false cases.

The -nomatch switch is particularly useful which carying out injections in the following scenarios:

Injection in insert statement
True and Error Scenario
Injection in order by etc


No comments: