Posts tagged: MySQL Hacking

Jan 03 2012

Fully Automated MySQL 5 Boolean Enumeration Script

This script uses blind SQL injection and boolean enumeration to perform INFORMATION_SCHEMA Mapping.


perl -h [hostname] -u [url] [-q [query]]


perl -h -u -q “select system_user()”

– By default, this script will first determine username, version and database name before enumerating the information_schema information.
– When the -q flag is applied, a user can supply any query that returns only a single cell.
– If the exploit or vulnerability requires a single quote, simply tack %27 to the end of the URI.
– This script contains error detection: It will only work on a mysql 5.x database, and knows when its queries have syntax errors.
– This script uses perl’s LibWhisker2 for IDS Evasion (The same as Nikto).
– This script uses the MD5 algorithm for optimization. There are other optimization methods, and this may not work on all sites.