* Supported on Windows, Unix and Linux operating systems
* SQL Server, Oracle, MySQL, Sybase/Adaptive Server and DB2 compliant
* SSL support
* Load automatically the parameters from a form or a IFrame on a web
page (GET or POST)
* Detect and browse the framesets
* Option that auto detects the language of the web site
* Detect and add cookies used during the Load Page process (Set-Cookie
detection)
* Find automatically the submit page(s) with its method (GET or POST)
displayed in a different color
* Can create/modify/delete loaded string and cookies parameters directly
in the Datagrids
* Single SQL injection
* Blind SQL injection
- Comparison of true and false response of the page or results in
the cookie
- Time delay
* Response of the SQL injection in a customized browser
* Can view the HTML code source of the returned page in HTML contextual
colors and search in it
* Fine tuning parameters and cookies injection
* Can parameterize the size of the length and count of the expected
result to optimize the time taken by the application to execute the SQL
injection
* Create/edit ASCII characters preset in order to optimize the blind SQL
injection number of requests/speed
* Multithreading (configurable up to 50)
* Option to replace space by empty comments /**/ against IDS or filter
detection
* Automatically encode special characters before sending them
* Automatically detect predefined SQL errors in the response page
* Automatically detect a predefined word or sentence in the response page
* Real time result
* Save and load sessions in a XML file
* Feature that automatically finds the differences between the response
page of a positive answer with a negative one
* Can create a range list that will replace the variable (<<@>>) inside
a blind SQL injection string and automatically play them for you
* Automatic replaying a variable range with a predefined list from a
text file
* Firefox plugin that will launch SQL Power Injector with all the
information of the current webpage with its session context (parameters
and cookies)
* Two integrated tools: Hex and Char encoder and MS SQL @options
interpreter
* Can edit the Referer
* Can choose a User-Agent (or even create one in the User-Agent XML file)
* Can configure the application with the settings window
* Support configurable proxies
Hace unos dias descargue la nueva version 1.2, y me parece un tool muy util, viene con un addon para mozilla firefox lo cual facilita mucho las busquedas
Me parecio un tool util y quize compartirlo, espero no romper las reglas del foro
Instaladorhttps://sourceforge.net/project/showfiles.php?group_id=159131 (https://sourceforge.net/project/showfiles.php?group_id=159131)
Saludos!
No me convence mucho, la única opción que por la que me podría decantar sería la de brute forcing para blind SQL Inyection y por lo que veo no tiene nada parecido.