NAME¶
themole - automatic SQL injection exploitation tool
SYNOPSIS¶
themole [ -h ] [ -u url ] [ -n needle ] [-t
num_threads]
DESCRIPTION¶
The Mole is a command line interface SQL Injection exploitation tool. This
application is able to exploit both union-based and blind boolean-based
injections.
Every action The Mole can execute is triggered by a specific command. All this
application requires in order to exploit a SQL Injection is the URL(including
the parameters) and a needle(a string) that appears in the server's response
whenever the injection parameter generates a valid query, and does not appear
otherwise.
OPTIONS¶
- -h
- Shows the help message and exits.
- -u url
- Sets the url of the mole's instance to url.
- -n needle
- Sets the needle of the mole's instance to needle. It must be a
string that appears when the injection returns true and disappears when
the injection is false.
- -t threads
- Sets the max number of concurrent requests that the mole will be making.
Cannot be changed at runtime.
SEE ALSO¶
The program provides interactive documentation, refer also to the official
README file.
AUTHOR¶
This manual page was written by Santiago Alessandri
<salessandri@nasel.com.ar>