themole(1) automatic SQL injection exploitation tool


themole [ -h ] [ -u url ] [ -n needle ] [-t num_threads]


The Mole is a command line interface SQL Injection exploitation tool. This application is able to exploit both union-based and blind boolean-based injections.

Every action The Mole can execute is triggered by a specific command. All this application requires in order to exploit a SQL Injection is the URL(including the parameters) and a needle(a string) that appears in the server's response whenever the injection parameter generates a valid query, and does not appear otherwise.


Shows the help message and exits.
-u url
Sets the url of the mole's instance to url.
-n needle
Sets the needle of the mole's instance to needle. It must be a string that appears when the injection returns true and disappears when the injection is false.
-t threads
Sets the max number of concurrent requests that the mole will be making. Cannot be changed at runtime.


This manual page was written by Santiago Alessandri <[email protected]>