SQL injection refers to an injection attack in which the attacker adds malicious SQL statements to a Web form input box to gain access to resources or make changes to data. SQL Injection is very common with PHP and ASP applications due to the prevalence of older functional interfaces. Due to the nature of programmatic interfaces available, J2EE and ASP.NET applications are less likely to have easily exploited SQL injections. This vulnerability could possibly affect any website or web application that makes use of an SQL-based database, The risk of SQL injection exploits is on the rise because of automated tools. SQL injection is not being done manually anymore and there is so many tools that do the job automatically which put thousands and thousands of website at the risk of SQL injection. One of the automated tools is jSQL Injection.
jSQL Injection is a free open source application coded in Java it's cross-platform which mean it work on multi Operating system that include windows , Linux , Mac OS and Solaris
jSQL Injection is also part of the official penetration testing distribution Kali Linux and it's included in distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux.
Features of jSQL: GET, POST, header, cookie methods Normal, error based, blind, time based algorithms Automatic best algorithm selection Multi-thread control (start/pause/resume/stop) Progression bars Shows URL calls Simple evasion Proxy setting Distant file reading Webshell deposit Terminal for webshell commands Configuration backup Update checker Admin page checker Brute forcer (md5 mysql…) Coder (encode decode base64 hex md5…) Supports MySQL
TUTORIAL By Cyb3rw0rM CONTACT ME: Cyb3rw0rm@hotmail.com THIS TUTORIAL IS ONLY FOR EDUCATIONAL PURPOSES! DON'T USE THIS FOR ILLEGAL PURPOSES, THIS IS ONLY FOR SECURITY RESARCH!