The Mole is a python based automatic SQL injection exploitation tool developed by Nasel.Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. It currently supports MySQL, SQL Server and Oracle databases.
Installation of the Mole
From terminal
(Recommend for Kali Linux users)
apt-get update
apt-get install themole
From GIT
$ git clone git://git.code.sf.net/p/themole/code themole-code
From Tarball
$ cd /data/src/
$ wget http://sourceforge.net/projects/themole/files/themole-0.2.6/themole-0.2.6-lin-src.tar.gz/download
$ tar xzvf themole-0.2.6-lin-src.tar.gz
$ cd themole-0.2.6/
Features
Support for injections using Mysql, SQL Server, Postgres and Oracle databases.
Command line interface. Different commands trigger different actions.
Auto-completion for commands, command arguments and database, table and columns names.
Support for query filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.
Developed in python 3.
DOWNLAOD LINKS:
Windows:
https://sourceforge.net/projects/themole/files/themole-0.2.6/themole-0.2.6-win32.zip/download
Linux:
https://sourceforge.net/projects/themole/files/themole-0.2.6/themole-0.2.6-lin-src.tar.gz/download
[ame]https://www.youtube.com/watch?v=9Rrrm0JsLVw[/ame]
