def referer(self): """ check referer header value """ DB = None URL = None DATA = None PAYLOAD = None for payload in sql(): # cookie header headers = {'Referer': '{}'.format(payload)} req = self.Send(url=self.url, method=self.get, headers=headers) # search errors error = self.serror(req.content) if error: DB = error URL = req.url PAYLOAD = payload break # if URL and PAYLOAD not empty if URL and PAYLOAD: plus( "A potential \"SQL Injection\" was found at referer header value:" ) more("URL: {}".format(URL)) more("PAYLOAD: {}".format(PAYLOAD)) more("DBMS: {}".format(DB))
def run(self): """ Run """ info('Checking SQL Injection...') DB = None URL = None DATA = None PAYLOAD = None for payload in sql(): # post method if self.data: # data add payload rPayload = padd(self.url, payload, self.data) for data in rPayload.run(): # send request req = self.Send(url=self.url, method=self.post, data=data) # search error error = self.serror(req.content) if error: DB = error URL = req.url DATA = data PAYLOAD = payload break # get method else: # url query add payload urls = padd(self.url, payload, None) for url in urls.run(): # send request req = self.Send(url=url, method=self.get) # search error error = self.serror(req.content) if error: DB = error URL = url PAYLOAD = payload break # if URL and PAYLOAD not empty if URL and PAYLOAD: # print if DATA != None: plus("A potential \"SQL Injection\" was found at:") more("URL: {}".format(URL)) more("POST DATA: {}".format(DATA)) more("PAYLOAD: {}".format(PAYLOAD)) more("DBMS: {}".format(DB)) return True, PAYLOAD elif DATA == None: plus("A potential \"SQL Injection\" was found at:") more("URL: {}".format(URL)) more("PAYLOAD: {}".format(PAYLOAD)) more("DBMS: {}".format(DB)) return True, PAYLOAD # break break
def useragent(self): """ check useragent header value """ DB = None URL = None DATA = None PAYLOAD = None for payload in sql(): # cookie header headers = { 'User-Agent':'{}'.format(payload) } req = self.Send(url=self.url,method=self.get,headers=headers) # search errors error = self.serror(req.content) if error: DB = error URL = req.url PAYLOAD = payload break # if URL and PAYLOAD not empty if URL and PAYLOAD: return True