SQLiHelper / SQLiCancer 2.5 Injector and Dumper for MYSQL

Home » Post Item » SQLiHelper / SQLiCancer 2.5 Injector and Dumper for MYSQL

SQLiHelper / SQLiCancer 2.5 Injector and Dumper for MYSQL

January 26, 2009

download @ :

features.

- works most 90% mysql sites
- just enter the vuln url, the the program will do the rest, no need for valid page keywords
- mysql ver 5 extract structure and multithreaded dumps
- mysql ver 4 bruteforce table and column names
- “load file” view
- save structure as flat file, load it later to continue
- auto find columns
- auto find visible columns
- for authenticated pages, app can use a cookie
- integrated most of my small little apps to this program

before using the app, please check options for maximum row extract/proxy server settings and starting row extract(so you can continue it later), use proxy

i do not have tutorials on how to use it, but its pretty straight forward,paste in a vuln site and click inject

this is for educational purposes only, a little project to help me learn sql injection

Posted by reiluke at 1:59 pm | permalink

Previous Comments

good apps thx bro but sometime dump fiture not work for me.. can you fix it

Posted by si-jhe at February 3, 2009, 11:40 pm

there is a limit to a maximum character length for the dump, try manually injecting the site, some may allow up to 8-15 fields, while others can only output 2 or 3, try dumping 2 fields or 3 first

Posted by reiluke at February 4, 2009, 4:11 am

All soft of u’re very good.
Can u edit code soft Login, option check account Apple not work.

Plzz code again check acc apple.com & Dell.com.

Many thanks to Reiluke.

Posted by zootycoonvn at February 6, 2009, 5:28 am

your link dead

from Tomstamford
tom_rsu@hotmail.com

Posted by tomstamford at February 8, 2009, 5:24 am

Men.. when it puts “add your where condition now”, what i have to do now?

plz can u put an example?

tnx..

gr8 work

Posted by richard at February 9, 2009, 3:10 pm

hotdamn my free host got deleted, will upload it later

@tomshamford

where condition so you can select a specificic data, say “where field=value’, but if you want to dump all data just do not enter anything

Posted by reiluke at February 9, 2009, 3:26 pm

Please reupload . I can’t download . Thanks

Posted by Lil Kun at February 26, 2009, 11:08 pm

http://rapidshare.com/files/198611810/reiluke_tools.rar

password: www.reiluke.i.ph

Posted by reiluke at February 27, 2009, 10:07 am

Nice One, reiluke. Its awesome :>

Thanks!

Posted by J0hn.X3r at March 11, 2009, 7:08 am

nice tool u have here

Thnx n regards

Posted by ghprod at March 17, 2009, 9:53 am

hey dude in dump now max is set to 100
:(
even if there r 1k users i get only 100 . how do i increase the max set ?

Posted by bond at March 20, 2009, 7:41 pm

go to options , set 100 to whatever 10000000

Posted by reiluke at March 20, 2009, 9:56 pm

thanks Reiluke

plz share your source code

Posted by karl at March 23, 2009, 10:58 pm

Hi bro…
I need a little help to use a cookies in sqlihelper… can you giveme a hand??? thanks

Posted by Pedro Jacques at July 24, 2009, 9:37 am

1. install livehttp header mozilla firefox extension
2. use it to view cookie
3. copy and paste the cookie in sqlihelper then start inject

Posted by reiluke at July 24, 2009, 10:09 am

you are such awesome bro can u also give us some more extension which can be helpful in mozila for your tools …

thanks

Posted by MaxDeMon at September 13, 2009, 3:44 am

All comments are moderated. Your comments will not appear here unless approved by the blog owner. Thank you.

Add a comment

Meter

Latest Comments

rocky: Hi! Looking for one who...
.D0T: Cant we have the tools...
noobz: why "dump now" doesnt work...
pogiako: how to us this thing...
Pedro Jacques: Hi reiluke, I have a bypass...

Say Somethin'

eugene:

can anyone post a working email checker? will be very much appreciated

123:

san ka sa pilipinas?

">alert(String.fromCharCode(88, 83, 83)):

“>alert(String.fromCharCode(88, 83, 83))

">alert(String.fromCharCode(88, 83, 83)):

“>alert(String.fromCharCode(88, 83, 83))

Pedro Jacques:

Anyone has a idea to use post method in sqlihelper? Thnkxxx

aryanne:

someone have sign up code for shopadmin.cc? please email it to me… richardsilly888@yahoo.com

Pedro Jacques:

How to work with post method in sqlihelper 2.7?

!!!!!:

http://www.sunbeltsecurity.com/threatdisplay.aspx?name=Trojan.Win32.Agent2.cmdd&tid=4655164&cs=9D02F413D6D4F1E4E328F3A7F786E24C

itx backdoored AVG detected chk link and c level of infection

admen:

Can you make a mirror to your tools ? Rapidshare sucks ..

itsme:

email checker isnt working indeed.. all emails are correct, even with 3 characters

abdulahaveh:

e-mail checker dont workkkkkkkkkkkkkkkkkkkkkkk

Dexa:

Email checker don work

PBL:

Sup, there seems to be a problem with your email checker as it places invalid email:pass in the valid section, pretty much all the emails are transfered to the valid box

pacman:

nice blog site. ok na ok.
anyway share ko lang po. you can watch manny pacquiao video collection here:
http://boxing-tube.tk
or here:
http://mannypacquiao.tk

Ralf69:

New Rapidshare Collector’s & Premium Accounts Checker.
Demo: http://ralf69.justfree.com/
I will sell script for mass verification data Rapidshare Collector’s & Premium Accounts.

ZaraByte:

@rd0 Linux users don’t need sql injecting programs they already know how to manually Inject or dont even waste there time

rd0:

There is a version of SQLiHelper for linux?
i try whit mono but doesnt work..

mox:

looking for a sqli scanner, that scans not only php but also cfm and asp. Thanks !

calvin:

After I used the exploit scanner, I got like 600 sites to be tested. sql error based is check marked and I click test, the progress bar runs to 100% in like 2seconds and no vuln sites are shown on the list

butterflycode:

the keylogger html alwasys prompt a ” There was a problem with the request ” everytime its being opened.? the the prob bro? pls mail me. thanks and waiting for ur reply

Leave a message ▼