The Mole for Kali Linux

The Mole is a python based automatic SQL Injection exploitation tool developed by Nasel. All you need to do is to provide a vulnerable URL and a valid string on the site it and it can detect the injection and exploit it, either by using the union technique or a boolean query based technique.

Features
  • Support for injections using Mysql, SQL Server, Postgres and Oracle databases.
  • Command line interface. Different commands trigger different actions.
  • Auto-completion for commands, command arguments and database, table and columns names.
  • Support for filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.
  • Exploits SQL Injections through GET/POST/Cookie parameters.
  • Developed in python 3.
  • Exploits SQL Injections that return binary data.
  • Powerful command interpreter to simplify its usage.

Links:
Downloads, The Mole for different platforms.
Documentation, How to install The Mole.
Tutorial, How to use The Mole to exploit SQL injections.
Disclaimer: Usage of The Mole for attacking web servers without mutual consent can be considered as an illegal activity. It is the final user's responsibility to obey all applicable local, state and federal laws. 
Previous
Next Post »