Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don’t you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues.
BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customisation for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has an intuitive UI to make setting up attacks much easier. Python gevent is also implemented, making BBQSQL extremely fast.
Similar to other SQL injection tools you provide certain request information. You must provide the usual information:
- HTTP Method
- Encoding methods
- Redirect behavior
- HTTP Auth
Then specify where the injection is going and what syntax we are injecting.
Tool Source: https://github.com/Neohapsis/bbqsql/
Kali Repo: http://git.kali.org/gitweb/?p=packages/bbqsql.git;a=summary
Video Tutorial: Coming Soon
The tool is designed as a password dictionary attack tool that targets windows authentication via the SMB protocol. It is really a wrapper script around the ‘smbclient’ binary, and as a result is dependent on it for its execution.
Tool Source: https://labs.portcullis.co.uk/tools/acccheck/
Kali Repo: http://git.kali.org/gitweb/?p=packages/acccheck.git;a=summary
[email protected]:~# acccheck
acccheck v0.2.1 - By Faiz
Attempts to connect to the IPC$ and ADMIN$ shares depending on which flags have been
chosen, and tries a combination of usernames and passwords in the hope to identify
the password to a given account via a dictionary password guessing attack.
Usage = ./acccheck [optional]
-t [single host IP address]
-T [file containing target ip address(es)]
-p [single password]
-P [file containing passwords]
-u [single user]
-U [file containing usernames]
-v [verbose mode]
Attempt the 'Administrator' account with a [BLANK] password.
acccheck -t 10.10.10.1
Attempt all passwords in 'password.txt' against the 'Administrator' account.
acccheck -t 10.10.10.1 -P password.txt
Attempt all password in 'password.txt' against all users in 'users.txt'.
acccehck -t 10.10.10.1 -U users.txt -P password.txt
Attempt a single password against a single user.
acccheck -t 10.10.10.1 -u administrator -p password
[email protected]:~# acccheck.pl -T smb-ips.txt -v
Host:192.168.1.201, Username:Administrator, Password:BLANK
Video Tutorial: Coming Soon!