Blisqy – Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB)
A slow data siphon for MySQL/MariaDB using bitwise operation on printable ASCII characters, via a blind-SQL injection. Usage USAGE: blisqy.py –server <Web Server> –port <port> –header <vulnerable header> –hvalue <header value> –inject <point of injection> –payload <custom sql payload> –dig <yes/no> –sleeptime <default 0.5> Options: -h, –help show this help message and exit –server=WEBSERVER Specify […]