Results 1 to 3 of 3

Thread: Sql-Drive-By - New software for finding sql vulnerable sites

  1. #1
    Join Date

    Sql-Drive-By - New software for finding sql vulnerable sites

    Afternoon guys

    I just finished version 1.0.0 of a program I am calling sql drive by. This program was created when I was teaching a friend about website vulnerabilities and was finding it difficult to find an sql injection vulnerable website to show how to test for the vulnerability. I wanted a program that not only made it easier to find these sites but also emphasizes how many sites out these are still vulnerable to SQLi and why people should be paying more attention to fixing these issues.

    A quick description of its use would be like this:

    python3 --term=index.php?id=

    The term can be any dork you can think of and the program will then run through and return a list of pages that look to be possibly vulnerable.

    You can change the depth of search and choose between search engines. Currently yahoo and bing. It also includes an admin page finder.

    You can find my git here:



  2. #2
    Join Date
    Hey Dosk3n,

    Thank you for writing this and sharing with everybody. I've just downloaded and am running some now so thought I'd offer a review

    > Raspberry Pi 2
    > Internet @ ~250KBps
    > Ethernet - eth0
    > Kali 2 Rolling ARM

    Incredibly easy, just follow the instructions on Github. No errors and downloaded fine. Dependencies installed ok.

    Very easy to use, straightforward and simple UI that's easy to understand.

    Unfortunately, I've not yet found any SQL vulnerable websites with the program. Either a good sign of IT security in general or a bad sign for usage - more testing is required. So far, I've tried a depth of up to 3 on both search engines with the term "index.php?id=" (if I get any results after posting, I'll edit / update).

    Tested "find-admin" on a few of my sites and all were found

    Would be nice to have a verbose mode to see a little bit of what is happening in the background but not overly needed if you understand the theory (or look at the source). No other suggestions

    Last edited by tbdev; 2016-12-06 at 01:57. Reason: Inclusion of OS version

  3. #3
    Join Date
    Thank you for the feedback.

    I find that the specific term you are using is probably the most common so its usually the one that is patched the quickest. I have just tested with term "user.php?id=" and it fetched results with a depth of 3. Obviously the higher depth the more results you will return.

    I have started taking notes for the added features for the next versions so I will be sure to add a verbose mode.



Similar Threads

  1. Finding Save Files With a software
    By cpoexperts in forum General Archive
    Replies: 0
    Last Post: 2020-10-20, 04:55
  2. vulnerable routers
    By mesho in forum General Archive
    Replies: 0
    Last Post: 2020-07-27, 12:07
  3. Open SSL 1.01 to 1.01f vulnerable
    By pedropt in forum General Archive
    Replies: 2
    Last Post: 2014-04-11, 10:18

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts