释放双眼,带上耳机,听听看~!
The Mole是一款自动化的SQL注入漏洞利用工具。只需提供一个URL和一个可用的关键字,它就能够检测注入点并利用。The Mole可以使用union注入技术和基于逻辑查询的注入技术。
The Mole已更新至0.3版,新版本主要改变:
- Enabled injection through cookie paramters.
- New filtering mechanism enabling better manipulation and easier filter development.
- Added several of those filters.
- SQL Injections that return binary data are now exploitable.
- DMBS credentials listing.