HOWTO : The Mole on Kali Linux 1.0.7

The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique.



Features



- Support for injections using Mysql, SQL Server, Postgres and Oracle databases.

- Command line interface. Different commands trigger different actions.

- Auto-completion for commands, command arguments and database, table and columns names.

- Support for filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.

- Exploits SQL Injections through GET/POST/Cookie parameters.

- Developed in python 3.

- Exploits SQL Injections that return binary data.

- Powerful command interpreter to simplify its usage.



Tutorials



Quick start

Command Usage

Exploiting injections through POST/Cookies

Filters - bypassing IDS/IPS

Exploiting injections that return binary data

Writing custom filters



Installation



apt-get update

apt-get install themole




Run it



themole -h

themole -u "http://www.samiux.com/?id=1" -n "admin"










That's all! See you.