jSQL Injection is a lightweight application used to find database information from a distant server.
jSQL is free, open source and cross-platform (Windows, Linux, Mac OS X, Solaris).
jSQL is also included in Black Hat Sec, ArchAssault Project and BlackArch Linux.
Screenshot of alpha v0.6 [download here]
alpha-v0.6 Speed x 2 (no more hex encoding), 10 db vendors supported: MySQL Oracle SQLServer PostgreSQL DB2 Firebird Informix Ingres MaxDb Sybase. JUnit tests, log4j, i18n integration and more.
Coming... JUnit tests with Hibernate, Github issues with OAuth, i18n arabic russian chinese integration, next rdbms already implemented: Cubrid Derby H2 HSQLDB MariaDb Teradata, TODO: SQLite Access MSDE...
Screenshots of v0.5 [download here]
0.5 SQL shell, Uploader.
0.4 Admin page search, Brute force (md5 mysql...), Decoder (decode encode base64 hex md5...).
0.3 Distant file reader, Webshell drop, Terminal for webshell commands, Configuration backup, Update checker.
0.2 Time based algorithm, Multi-thread control (start pause resume stop), Shows URL calls.
0.0-0.1 Methods GET / POST / header / cookie, Algorithms Normal / Error / Blind, Automatic best algorithm selection, Progression bars, Simple evasion, Proxy setting, Supports MySQL.
Attacking web-server is illegal without prior mutual consent. The end user is responsible and obeys all applicable laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.