Friday, August 17, 2012 0 comments
SQL Injection is one of the most dangerous attack. Last year many high profile hacking have been done with the help of SQL injection attack. Few days back, I also reported that SQL injection attacks have been increased to 69% this year. And the availability of many automatic SQL injection attacking tools also make it easy to attack on websites without having in-depth knowledge of the attack.
This post is about a nice SQL injection attack which can exploit Blin SQL injection attack vulnerability of web applications. This tool is called BBQSQL. According to the documentation, "BBQSQL is a SQL injection framework specifically designed to be hyper fast, database agnostic, easy to setup, and easy to modify"
Main feature of this tool is that it can exploit blind SQL injection vulnerability. So this is very useful tool to check the webapplication's security and then patch vulnerabilities found by the tool. This will make your application secure from various kind of web attacks.
This too comes with a nice interface that helps while working with the tool. It finds all the blind SQL injection vulnerabilities of the application and configuration to make sure your data looks right.
It was designed using the event driven concurrency provided by Python’s gevent. This allows BBQSQL to run much faster than existing single/multithreaded applications.