BBQSQL – SQL injection exploitation tool

Tool Description

Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don’t you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues.

BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customisation for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has an intuitive UI to make setting up attacks much easier. Python gevent is also implemented, making BBQSQL extremely fast.

Similar to other SQL injection tools you provide certain request information. You must provide the usual information:

  • URL
  • HTTP Method
  • Headers
  • Cookies
  • Encoding methods
  • Redirect behavior
  • Files
  • HTTP Auth
  • Proxies

Then specify where the injection is going and what syntax we are injecting.

Tool Source: https://github.com/Neohapsis/bbqsql/

Kali Repo: http://git.kali.org/gitweb/?p=packages/bbqsql.git;a=summary

General Details:

Video Tutorial: Coming Soon

ACCCHECK – Password dictionary attack tool for SMB

Tool Description

The tool is designed as a password dictionary attack tool that targets windows authentication via the SMB protocol. It is really a wrapper script around the ‘smbclient’ binary, and as a result is dependent on it for its execution.

Tool Source: https://labs.portcullis.co.uk/tools/acccheck/

Kali Repo: http://git.kali.org/gitweb/?p=packages/acccheck.git;a=summary

General Details

root@kali:~# acccheck

acccheck v0.2.1 - By Faiz

Description:
Attempts to connect to the IPC$ and ADMIN$ shares depending on which flags have been
chosen, and tries a combination of usernames and passwords in the hope to identify
the password to a given account via a dictionary password guessing attack.

Usage = ./acccheck [optional]

 -t [single host IP address]
 OR
 -T [file containing target ip address(es)]

Optional:
 -p [single password]
 -P [file containing passwords]
 -u [single user]
 -U [file containing usernames]
 -v [verbose mode]

Examples
Attempt the 'Administrator' account with a [BLANK] password.
    acccheck -t 10.10.10.1
Attempt all passwords in 'password.txt' against the 'Administrator' account.
    acccheck -t 10.10.10.1 -P password.txt
Attempt all password in 'password.txt' against all users in 'users.txt'.
    acccehck -t 10.10.10.1 -U users.txt -P password.txt
Attempt a single password against a single user.
    acccheck -t 10.10.10.1 -u administrator -p password

Usage Example

root@kali:~# acccheck.pl -T smb-ips.txt -v
Host:192.168.1.201, Username:Administrator, Password:BLANK

Video Tutorial: Coming Soon!