debian/0000755000000000000000000000000011724250144007166 5ustar debian/themole.links0000644000000000000000000000005311721722040011657 0ustar usr/share/themole/mole.py /usr/bin/themole debian/themole.10000644000000000000000000000247011721722040010704 0ustar .TH THEMOLE 1 "November 24 2011" .SH NAME themole \- automatic SQL injection exploitation tool .SH SYNOPSIS .B \fBthemole\fP [ -h ] [ -u \fIurl\fP ] [ -n \fIneedle\fP ] [-t \fInum_threads\fP] .SH DESCRIPTION The Mole is a command line interface SQL Injection exploitation tool. This application is able to exploit both union-based and blind boolean-based injections. Every action The Mole can execute is triggered by a specific command. All this application requires in order to exploit a SQL Injection is the URL(including the parameters) and a needle(a string) that appears in the server's response whenever the injection parameter generates a valid query, and does not appear otherwise. .SH OPTIONS .TP \fB\-h\fP Shows the help message and exits. .TP \fB\-u \fIurl\fP Sets the url of the mole's instance to \fIurl\fP. .TP \fB\-n \fIneedle\fR Sets the needle of the mole's instance to \fIneedle\fP. It must be a string that appears when the injection returns true and disappears when the injection is false. .TP \fB\-t \fIthreads\fR Sets the max number of concurrent requests that the mole will be making. Cannot be changed at runtime. .SH SEE ALSO The program provides interactive documentation, refer also to the official README file. .SH AUTHOR .nh This manual page was written by Santiago Alessandri debian/rules0000755000000000000000000000010211721722040010233 0ustar #!/usr/bin/make -f #export DH_VERBOSE=1 %: dh $@ --with python3 debian/source/0000755000000000000000000000000011724172307010472 5ustar debian/source/format0000644000000000000000000000001411721722040011670 0ustar 3.0 (quilt) debian/themole.install0000644000000000000000000000040211724171060012206 0ustar *py usr/share/themole/ connection/* usr/share/themole/connection/ dbmsmoles/* usr/share/themole/dbmsmoles/ queryfilters/* usr/share/themole/queryfilters/ requestfilters/* usr/share/themole/requestfilters/ responsefilters/* usr/share/themole/responsefilters/ debian/copyright0000644000000000000000000000544111724176506011136 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: themole Source: http://sourceforge.net/projects/themole/files/themole-0.3/themole-0.3-lin-src.tar.gz Files: * Copyright: 2011-2012 Santiago Alessandri 2011-2012 Matías Fontanini 2011-2012 Gastón Traberg License: GPL-3.0+ Files: debian/* Copyright: 2012 Raúl Benencia License: GPL-3.0+ Files: chardet/* Copyright: 1998 Mark Pilgrim License: LGPL-2.1+ Files: chardet/charsetprober.py chardet/constants.py chardet/latin1prober.py chardet/sbcharsetprober.py chardet/sbcsgroupprober.py chardet/universaldetector.py Copyright: 2001 Mark Pilgrim 2001 Shy Shalom License: LGPL-2.1+ Files: chardet/mbcharsetprober.py chardet/mbcsgroupprober.py Copyright: 2001 Mark Pilgrim 2001 Shy Shalom 2001 Proofpoint Inc. License: LGPL-2.1+ Files: chardet/hebrewprober.py Copyright: 2005 Mark Pilgrim License: LGPL-2.1+ Files: chardet/langhebrewmodel.py Copyright: 2005 Mark Pilgrim 2005 Shy Shalom 2005 Shoshannah Forbes License: LGPL-2.1+ License: LGPL-2.1+ This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. . This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. . You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA . On Debian systems, the complete text of the GNU Lesser General Public License version 2.1 can be found in "/usr/share/common-licenses/LGPL-2.1". License: GPL-3.0+ This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. . This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. . You should have received a copy of the GNU General Public License along with this program. If not, see . . On Debian systems, the complete text of the GNU General Public License version 3 can be found in "/usr/share/common-licenses/GPL-3". debian/control0000644000000000000000000000154211721741131010571 0ustar Source: themole Section: web Priority: optional Maintainer: Raúl Benencia Build-Depends: debhelper (>= 9), python3 Standards-Version: 3.9.3 Homepage: http://themole.nasel.com.ar Package: themole Architecture: all Depends: ${misc:Depends}, ${python3:Depends}, python3, python3-lxml, python3-chardet Description: automatic SQL injection exploitation tool The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. . The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible. debian/changelog0000644000000000000000000000024011724177053011043 0ustar themole (0.3-1) unstable; urgency=low * Initial release (Closes: #658888) -- Raúl Benencia Fri, 02 Mar 2012 14:05:21 -0300 debian/watch0000644000000000000000000000015311721722040010212 0ustar # Compulsory line, this is a version 3 file version=3 http://sf.net/themole/themole-(.*)-lin-src\.tar\.gz debian/docs0000644000000000000000000000002111721722040010026 0ustar README changelog debian/themole.manpages0000644000000000000000000000002111721722040012325 0ustar debian/themole.1 debian/compat0000644000000000000000000000000211721722040010360 0ustar 9