蓝盟诗人[LUC]蓝客联盟

高级SQL注入工具-Havij 1.10

2011-01-23 20:33 作者: 来源: 本站 浏览: 3,023 views 我要评论 字号:

Havij是一款自动化的SQL注入工具,它能够帮助渗透测试人员发现和利用Web应用程序的SQL注入漏洞。Havij不仅能够自动挖掘可利用的SQL查询,还能够识别后台数据库类型、检索数据的用户名和密码hash、转储表和列、从数据库中提取数据,甚至访问底层文件系统和执行系统命令,当然前提是有一个可利用的SQL注入漏洞。Havij支持广泛的数据库系统,如 MsSQL, MySQL, MSAccess and Oracle。 Havij支持参数配置以躲避IDS,支持代理,后台登陆地址扫描。

工具特点:

支持的数据库和方法:

MsSQL 2000/2005 with error
MsSQL 2000/2005 no error (union based)
MySQL (union based)
MySQL Blind
MySQL error based
Oracle (union based)
MsAccess (union based)
Automatic database detection
Automatic type detection (string or integer)
Automatic keyword detection (finding difference between the positive and negative response)
Trying different injection syntaxes
Proxy support
Real time result
Options for replacing space by /**/,+,... against IDS or filters
Avoid using strings (magic_quotes similar filters bypass)
Bypassing illegal union
Full customizable http headers (like referer and user agent)
Load cookie from site for authentication
Guessing tables and columns in mysql<5 (also in blind) and MsAccess Fast getting tables and columns for mysql Multi thread Admin page finder Multi thread Online MD5 cracker Getting DBMS Informations Getting tables, columns and data Command executation (mssql only) Reading system files (mysql only) insert/update/delete data 工具的更多详细信息及下载地址参见itsecteam.com。 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.Ofcourse most of that is after you have a successful exploit. Not only that, it supports a wide array of databases -- MsSQL, MySQL, MSAccess and Oracle! You could also choose to evade IDS detection by simple pre-configured tricks of this tool. You can also try to brute force your way to find the admin directory and yes it does support proxies too!

打印
分享到:
复制链接

发表评论

*

* (保密)

Ctrl+Enter 快捷回复

会员登录关闭

记住我 忘记密码

注册会员关闭

小提示: 您的密码会通过填写的"电子邮箱"发送给您.