-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathurl-based-sql-injection.py
executable file
·79 lines (64 loc) · 2.09 KB
/
url-based-sql-injection.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# pylint: disable=C0103
# pylint: disable=C0413
# pylint: disable=W0702
'''
Script that checks if GET parameter can be used to detect SQL injection vulnerability.
Dependencies:
* python2
# Debian/Ubuntu: apt-get install python
# Fedora: dnf install python
* requests
# Debian/Ubuntu: apt-get install python-requests
# Fedora: dnf install python2-requests
'''
INITIAL = "'"
import calendar
import os
import sys
import time
import requests
if len(sys.argv) != 2:
print 'Usage: ' + sys.argv[0] + ' [filename]'
print " * filename - File that contains list of urls.\n"
sys.exit(1)
URLS_FILE = sys.argv[1]
if not os.path.isfile(URLS_FILE):
print 'Error: file ' + '"' + URLS_FILE + '"' + " doesn't exist.\n"
sys.exit(1)
URLS = list()
RESULT_FILE = 'url-based-sql-injection-' + str(calendar.timegm(time.gmtime())) + '.csv'
RESULT_FILE = os.path.dirname(os.path.realpath(__file__)) + '/' + RESULT_FILE
with open(URLS_FILE, 'r') as urls_file:
for url in urls_file:
url = url.strip()
if url not in URLS:
URLS.append(url)
if bool(URLS):
for url in URLS:
found = None
print '> Testing URL: ' + url
try:
response = requests.post(url + INITIAL, timeout=3)
except KeyboardInterrupt:
sys.exit(0)
except:
pass
if 'mysql' in response.text.lower():
print '> Injectable MySQL detected.'
found = 'mysql'
elif 'native client' in response.text.lower():
print '> Injectable MSSQL detected.'
found = 'mssql'
elif 'syntax error' in response.text.lower():
print '> Injectable PostgreSQL detected.'
found = 'postgresql'
elif 'ORA' in response.text.lower():
print '> Injectable Oracle detected.'
found = 'oracle'
else:
print '> Not Injectable.'
if bool(found):
with open(RESULT_FILE, 'a+') as result_file:
result_file.write(url + ',' + found + "\n")