BBQSQL – Example Usage

This topic contains 2 replies, has 3 voices, and was last updated by  Henry864 3 years, 1 month ago.

  • Author
    Posts
  • #8658
     GoldenSunKing 
    Participant

    Currently working on writing a report on the various SQL injection tools available, trying to work with the tool BBQSQL (https://github.com/Neohapsis/bbqsql) now for blind injection but I am really struggling to integrate the custom tags the tool uses into an attack statement for table extraction, offing a small tip if anyone can show me an example of successful usage on one of the various test beds available(or a custom script)

    Peace people

  • #53774
     Mr-Inaudible 
    Participant

    sounds interesting, Is this for windows or linux? because i have’nt seen your link yet .

  • #53775
     Henry864 
    Participant

    Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don’t you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues.

    BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customization for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has an intuitive UI to make setting up attacks much easier. Python gevent is also implemented, making BBQSQL extremely fast.

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?