Blackhatacademy Developers releases Fully automated MySQL5 boolean based enumeration tool. By default, this script will first determine username, version and database name before enumerating the information_schema information.
- When the -q flag is applied, a user can supply any query that returns only a single cell
- If the exploit or vulnerability requires a single quote, simply tack %27 to the end of the URI.
- This script contains error detection : It will only work on a mysql 5.x database, and knows when its queries have syntax errors.
- This script uses perl's LibWhisker2 for IDS Evasion (The same as Nikto).
- This script uses the MD5 algorithm for optimization. There are other optimization methods, and this may not work on all sites.