1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
.TH THEMOLE 1 "November 24 2011"
.SH NAME
themole \- automatic SQL injection exploitation tool
.SH SYNOPSIS
.B \fBthemole\fP [ -h ] [ -u \fIurl\fP ] [ -n \fIneedle\fP ] [-t \fInum_threads\fP]
.SH DESCRIPTION
The Mole is a command line interface SQL Injection exploitation tool.
This application is able to exploit both union-based and blind
boolean-based injections.
Every action The Mole can execute is triggered by a specific command.
All this application requires in order to exploit a SQL Injection is
the URL(including the parameters) and a needle(a string) that appears in
the server's response whenever the injection parameter generates a valid
query, and does not appear otherwise.
.SH OPTIONS
.TP
\fB\-h\fP
Shows the help message and exits.
.TP
\fB\-u \fIurl\fP
Sets the url of the mole's instance to \fIurl\fP.
.TP
\fB\-n \fIneedle\fR
Sets the needle of the mole's instance to \fIneedle\fP. It must be a
string that appears when the injection returns true and disappears when
the injection is false.
.TP
\fB\-t \fIthreads\fR
Sets the max number of concurrent requests that the mole will be making.
Cannot be changed at runtime.
.SH SEE ALSO
The program provides interactive documentation, refer also to the
official README file.
.SH AUTHOR
.nh
This manual page was written by Santiago Alessandri
<salessandri@nasel.com.ar>
|