SQLbit is just another script for automatize boolean-based blind SQL injections.
Works with SQLite at least, supports using cookies.
It uses bitwise comparisons with multithreading to find cell values instead of binary search, which is more efficient.
It’s able to:
The search algorithm is shown below.
Knowing the name of its column (‘sqlite_master’ by default in sqlite, for example) and the column name of it (‘name’ in sqlite) you can find values of every cell in every row. And the fastest algorithm for this is checking the binary values of every character in every cell, which can be perform using multiple threads. Considering this, we can send only 7 requests to get the standard 7-bit letter, and using 1000 threads, we get ~142 letters per moment (it’s also worth keeping in mind requests to get the length of a cell value).
The number of bits need to compare (7 by default for ASCII) and the number of threads can be specified as input data.
Installing
git clone https://github.com/Sunlight-Rim/sqlbit.git
pip3 install -r requirements.txt
Usage
It does not accept command line arguments, so you can specify data in the config file or at runtime program.
python sqlbit.py
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…