SQL injection Online detection (SQLMAPAPI)

Before a infiltration of colleagues asked me, sqlmapapi.py is what, I guess a lot of people have played Sqlmap, but played sqlmapapi should be relatively few, today and everyone to see how to use and some beautiful place.

To put it bluntly, sqlmapapi.py is providing an interface for checking SQL injection, and we can scan SQL injection directly by sending an HTTP request to get a series of operations such as scan results.

The following example shows how to use:

I. Start the server side

The server backend uses bottle, a Python web micro-framework.

Two. We use requests this library to send requests

1. New Task

2. Send scan option to open scan

Note: The cd92e4e99406715b is the TaskID returned by the new task.

3. View scan Status

the task is over and the scan results are available.

4. View Scan Results

We clearly see that there is a SQL injection

Hey, is not very simple, but very powerful ah, in fact, if the depth of the source view, you will find it is also very simple.

such as starting a task,

def engine_start (self):        self.process = Popen ("Python sqlmap.py--pickled-options%s"% Base64pickle (self.options),                             shell=true, Stdin=pipe, Close_fds=false)

Others are also at a glance,

   def engine_stop (self):        if self.process:            return self.process.terminate ()        else:            return None    def Engine_kill (self):        if self.process:            return Self.process.kill ()        else:            return None    def engine_ Get_returncode (self):        if self.process:            self.process.poll ()            return Self.process.returncode        else: return            none    def engine_has_terminated (self):        #如何任务没有结束, the return value of ReturnCode is None return        Isinstance (Self.engine_get_returncode (), int)

Our RESTful API design is also very fastidious, generally less with verbs, but through the method of HTTP to represent the action. Getting a state, for example, is not a getstatus, but a get method, and a status name is appropriate.

But sometimes the verb is unavoidable, how to say start,stop and so on. In fact, look at the new task API design author must also be very tangled, originally if the new task has parameters, the direct post method can be, do not need the new verb. However, because the new task does not require any parameters, using the Post method is not appropriate, so the Get method is changed. This also conforms to the above open task using post, while the stop task is using get.

More detailed questions need to see the document or source code, just take advantage of this opportunity to analyze the next subprocess module and bottle framework, the latter will have this aspect of the analysis.

SQL injection Online detection (SQLMAPAPI)