04-26-2011, 08:35 PM
Tool for https injection in Havij Free or any other Tool SQLi.
Developer:
Original Text
Hello for all.
************************************
Jerivá-SQLi Versão 1.1 PHP for Windows e LINUX
************************************
Download:
Website:
Follow this project in twitter: @jerivasqli
New version
**************************************
Jerivá-SQLi Versão 3.0 PHP for Windows and LINUX
**************************************
Support "all in one request" for Havij Free.
** Download data tables with performance close to Havij Paid.
Website:
Follow this project in twitter: @jerivasqli and Download this version.
New version
****************************************
Jerivá-SQLi 4.0 - Write in PHP for Windows and LINUX
****************************************
This version suport remote file download in local machine.
Requisit: Target Site vulnerable SQLi and database MYSQL
This feature is Supported for Havij Free.
Website:
Follow this project in twitter: @jerivasqli and Download this version.
Sorry my bad english
Download Remote Files with Havij Free and Jeriva-SQLi 4.0
See this Video:
Sorry my bad english
Learn how to configure windows Jeriva-SQLi
***************************************
Jerivá-SQLi 5.0 - Write in PHP for Windows and Linux
***************************************
Upload - Send files from local machine to the remote server
Requisit: Target Site vulnerable SQLi and database MYSQL
See the demo:
This feature is Supported for Havij Free.
Website:
Follow this project in twitter: @jerivasqli and Download this version.
Sorry my bad english
*********
Video - Installing and cofigurando the Jerivá SQLI on Windows
*********
***************************************
Jerivá-SQLi 6.0 - Write in PHP for Windows and Linux
***************************************
This new feature allows users to create plugins in external-Jerivá SQLI to tampering, manipulation or creating logs.
Now when using the Free Havij or any other tool we can log the URL and or manipulate your data before the request reaches the target site.
The basic structure of a plugin is Tamper
Name of the php script: exemplo_tamper.php
Inside the folder Tamper, was included two Plugins
- base64_base64.php
This script performs the logging of requests and also handles data from SQL Injection.
In addition, he applies two times base64_encode the data that will serve to SQL
- base64.php
Applies a base64_encode times the data that will serve for SQL Injection
A classic example of SQL Injection + Rewrite URL and Tamper Data
Target Site:
The URL will look like
The first converting base64_encode value will be 19283 -> MTkyODM =
The second conversion MTkyODM = base64_encode value will be -> = TVRreU9ETT0
Note: The parameter Inject_Tamper should receive only the script name without the extension php Tamper
Download version 6.0 Jerivá-SQLI following the project on Twitter @ jerivasqli
Videos
Sql Injection in Form's with using enctype="multipart/form-data"
Video
POST e enctype=multipart/form-data -
Project Site: itsafe.net.br
Developer:
[To see links please register here]
Original Text
Quote:O Projeto Jerivá-SQLi é uma camada de serviço baseada em Apache e Script PHP o qual permite realizam SQL Injection explorando recursos que não são nativos (suportados) pela aplicações originais.
Jerivá-SQLi prove suporte a:
Protocolo HTTPS
Injection URL rewrite Page
Hello for all.
************************************
Jerivá-SQLi Versão 1.1 PHP for Windows e LINUX
************************************
Download:
[To see links please register here]
Website:
[To see links please register here]
Follow this project in twitter: @jerivasqli
New version
**************************************
Jerivá-SQLi Versão 3.0 PHP for Windows and LINUX
**************************************
Support "all in one request" for Havij Free.
** Download data tables with performance close to Havij Paid.
Website:
[To see links please register here]
Follow this project in twitter: @jerivasqli and Download this version.
New version
****************************************
Jerivá-SQLi 4.0 - Write in PHP for Windows and LINUX
****************************************
This version suport remote file download in local machine.
Requisit: Target Site vulnerable SQLi and database MYSQL
This feature is Supported for Havij Free.
Website:
[To see links please register here]
Follow this project in twitter: @jerivasqli and Download this version.
Sorry my bad english
Download Remote Files with Havij Free and Jeriva-SQLi 4.0
See this Video:
Sorry my bad english
Learn how to configure windows Jeriva-SQLi
***************************************
Jerivá-SQLi 5.0 - Write in PHP for Windows and Linux
***************************************
Upload - Send files from local machine to the remote server
Requisit: Target Site vulnerable SQLi and database MYSQL
See the demo:
This feature is Supported for Havij Free.
Website:
[To see links please register here]
Follow this project in twitter: @jerivasqli and Download this version.
Sorry my bad english
*********
Video - Installing and cofigurando the Jerivá SQLI on Windows
*********
***************************************
Jerivá-SQLi 6.0 - Write in PHP for Windows and Linux
***************************************
This new feature allows users to create plugins in external-Jerivá SQLI to tampering, manipulation or creating logs.
Now when using the Free Havij or any other tool we can log the URL and or manipulate your data before the request reaches the target site.
The basic structure of a plugin is Tamper
Name of the php script: exemplo_tamper.php
PHP Code:
<?php
Class Tamper
{
private $obj;
public function __construct($obj)
{
$this->obj = $obj;
}
function init_Havij()
{
// Methods that can be used here
// $this->obj->getURL()
// $this->obj->setURL()
// $this->obj->getInjectHere()
// $this->obj->setInjectHere()
}
function init_Jeriva()
{
// Methods that can be used here
// $this->obj->getURL()
// $this->obj->setURL()
// $this->obj->getInjectHere()
// $this->obj->setInjectHere()
}
}
?>
Inside the folder Tamper, was included two Plugins
- base64_base64.php
This script performs the logging of requests and also handles data from SQL Injection.
In addition, he applies two times base64_encode the data that will serve to SQL
- base64.php
Applies a base64_encode times the data that will serve for SQL Injection
A classic example of SQL Injection + Rewrite URL and Tamper Data
Target Site:
[To see links please register here]
-alvo/id/TVRreU9ETT0=/index.htmlThe URL will look like
[To see links please register here]
-sqli/?https://site-alvo/id/$Inject_Here$/index.html&Inject_Tamper=base64_base64&Inject_Here=19283The first converting base64_encode value will be 19283 -> MTkyODM =
The second conversion MTkyODM = base64_encode value will be -> = TVRreU9ETT0
Note: The parameter Inject_Tamper should receive only the script name without the extension php Tamper
Download version 6.0 Jerivá-SQLI following the project on Twitter @ jerivasqli
Videos
- Installing and configuring windows Jerivá-SQLi -
- Show - Jerivá-SQLi 3.0 -
- Jerivá-SQLi + Admin Control Panel Finder v2.1.4 -
- Downloading files using Remote + Free Havij Jerivá-SQLI -
- Upload files to the local server using Havij + Free Jerivá-SQLI -
- Injection Tamper Data - Plugin for base64_base64 Jerivá-SQLI -
Sql Injection in Form's with using enctype="multipart/form-data"
Video
POST e enctype=multipart/form-data -
Project Site: itsafe.net.br