Automatic sql injection exploitation tool
themole [ -h ] [ -u url ] [ -n needle ] [-t num_threads]
The Mole is a command line interface SQL Injection exploitation tool. This application is able to exploit both union-based and blind boolean-based injections.
Every action The Mole can execute is triggered by a specific command. All this application requires in order to exploit a SQL Injection is the URL(including the parameters) and a needle(a string) that appears in the server's response whenever the injection parameter generates a valid query, and does not appear otherwise.
-h
Shows the help message and exits.
-u url
Sets the url of the mole's instance to url.
-n needle
Sets the needle of the mole's instance to needle. It must be a string that appears when the injection returns true and disappears when the injection is false.
-t threads
Sets the max number of concurrent requests that the mole will be making. Cannot be changed at runtime.
The program provides interactive documentation, refer also to the official README file.
This manual page was written by Santiago Alessandri <[email protected]>