Skip to content
/ sqlpy Public

a short Python script that tries to sql inject into login forms

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

piazzamp/sqlpy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
sqlpy.py
sqlpy.py
 
 

Repository files navigation

sqlpy

a super simple script to blind-fuzz / sql inject your way into a website pass in a URL that points to a page with a login form example: python3.4 ./sqlpy.py ringzer0team.com/challenges/1

###to-do:

  • inject places other than login forms
  • add session cookie
  • add simple test function to analyze response when passed a single-quote
  • consider injecting into the username field as well
  • add a verbose mode to print out all the stuff that is currently commented out
  • be smarter about determining success or failure

###deps:

  • BeautifulSoup4: pip install beautifulsoup4
  • requests: pip install requests

About

a short Python script that tries to sql inject into login forms

Resources

Readme
Activity

Stars

2 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages