Havij是一款自动化的SQL注入工具,它能够帮助渗透测试人员发现和利用Web应用程序的SQL注入漏洞。Havij不仅能够自动挖掘可利用的SQL查询,还能够识别后台数据库类型、检索数据的用户名和密码hash、转储表和列、从数据库中提取数据,甚至访问底层文件系统和执行系统命令,当然前提是有一个可利用的SQL注入漏洞。Havij支持广泛的数据库系统,如 MsSQL, MySQL, MSAccess and Oracle。 Havij支持参数配置以躲避IDS,支持代理,后台登陆地址扫描。
工具特点:
支持的数据库和方法:
MsSQL 2000/2005 with error
MsSQL 2000/2005 no error (union based)
MySQL (union based)
MySQL Blind
MySQL error based
Oracle (union based)
MsAccess (union based)
Automatic database detection
Automatic type detection (string or integer)
Automatic keyword detection (finding difference between the positive and negative response)
Trying different injection syntaxes
Proxy support
Real time result
Options for replacing space by /**/,+,... against IDS or filters
Avoid using strings (magic_quotes similar filters bypass)
Bypassing illegal union
Full customizable http headers (like referer and user agent)
Load cookie from site for authentication
Guessing tables and columns in mysql<5 (also in blind) and MsAccess
Fast getting tables and columns for mysql
Multi thread Admin page finder
Multi thread Online MD5 cracker
Getting DBMS Informations
Getting tables, columns and data
Command executation (mssql only)
Reading system files (mysql only)
insert/update/delete data
工具的更多详细信息及下载地址参见itsecteam.com。 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.Ofcourse most of that is after you have a successful exploit. Not only that, it supports a wide array of databases -- MsSQL, MySQL, MSAccess and Oracle! You could also choose to evade IDS detection by simple pre-configured tricks of this tool. You can also try to brute force your way to find the admin directory and yes it does support proxies too!
会员登录关闭
注册会员关闭