python 使用 sqlmap API 检测 SQL 注入
0x00 前言:
大家都知道 sqlmap 是非常强大的 sql 注入工具, 最近发现他有个 sqlmap API, 上网查了一下. 发现这是
sqlmap 的微端.(可以叫做 sqlmap 在线检测 sql 注入 = =)
0x001 准备:
环境:Ubuntu16.04
Python3
Python2
用到的库: requests,parform,os
0x002 正文:
首先我们来启动 sqlmapapi
sqlmapi -s
出现如下图就成功了:
sqlmapapi 介绍:
http://127.0.0.1:8775/task/new 创建一个新的任务 GET 请求
http://127.0.0.1:8775/scan/id + 要请求的值 并设置 header 头为 (Content-Type:application/json) post 请求 (这里的 ID 就是刚刚 new 的时候获取到的)
http://127.0.01:8775/scan/id/status 查看状态 GET 请求
http://127.0.0.1:8775/scan/id/data 查看扫描结果 如果扫描结果返回空则代表无 sql 注入, 如果返回不是空则有 sql 注入 GET 请求
http://127.0.0.1:8775/task/delete 删除一个 ID GET 请求
http://127.0.0.1:8775/scan/kalii 杀死一个进程 GET 请求
http://127.0.0.1:8775/scan/logo 查看扫描日志
http://127.0.0.1:8775/scan/stop 停止扫描
代码:importrequests
importjson
importplatform
importos
logo="#sqlmap api 制作"\
"# 九世制作"
print(logo)
print('[1]Manually open sqlmapapi')
print('[2]Automatically open sqlmapapi')
whileTrue:
start=input("Please choose:")
ifstart=="1":
print('[*]You choose to open sqlmapapi manually')
break
elifstart=="2":
print('[*]You choose to automatically open sqlmapapi')
os.system('sqlmapapi.py -s')
break
else:
print('[-]There is no choice')
continue
whileTrue:
user=input('Please enter the web site you want to scan:')
ifuser==None:
print('[-]You have nothing to enter')
continue
else:
break
vsersion=platform.uname()
forpinvsersion:
print('[*]Your operating system type is:{}'.format(p))
print(' ')
defsqlmap(host):
urlnew="http://127.0.0.1:8775/task/new"
urlscan="http://127.0.0.1:8775/scan/"
headers={"user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (Khtml, like Gecko) Chrome/39.0.2171.71 Safari/537.36"}
pd=requests.get(url=urlnew,headers=headers)
print('[*]New task')
jsons=pd.json()
print("[*]id:",jsons['taskid'])
print("[*]success:",jsons["success"])
id=jsons['taskid']
scan=urlscan+id+"/start"
print("[*]scanurl:",scan)
data=json.dumps({"url":"{}".format(host)})
headerss={"Content-Type":"application/json"}
scans=requests.post(url=scan,headers=headerss,data=data)
swq=scans.json()
print('--------SCAN-----------')
print('[*]scanid:',swq["engineid"])
print('[*]scansuccess:',swq["success"])
print('--------STATUS---------')
status="http://127.0.0.1:8775/scan/{}/status".format(id)
print(status)
whileTrue:
staw=requests.get(url=status,headers=headers)
ifstaw.json()['status']=='terminated':
datas=requests.get(url='http://127.0.0.1:8775/scan/{}/data'.format(id))
dat=datas.json()['data']
print('[*]data:',dat)
break
elifstaw.json()['status']=='running':
continue
sqlmap(user.strip())
扫描结果:
插入一曲 BGM:
来源: https://www.cnblogs.com/haq5201314/p/9092348.html