def get_blind_int(self, sql):
"""
Extract an integer through blind SQL injection
"""
pool = AsyncPool(self)
if self.context.is_multithread():
pool.add_bisec_task(sql, 0, self.limit_count_max)
else:
pool.add_classic_bisec_task(sql, 0, self.limit_count_max)
pool.solve_tasks()
return pool.result[0]
def get_blind_int(self, sql):
"""
Extract an integer through blind SQL injection
"""
pool = AsyncPool(self)
if self.context.is_multithread():
pool.add_bisec_task(sql, 0, self.limit_count_max)
else:
pool.add_classic_bisec_task(sql, 0, self.limit_count_max)
pool.solve_tasks()
return pool.result[0]
def get_blind_str(self, sql):
"""
Extract a string through a blind SQL injection
"""
size = self.get_blind_int(self.forge.string_len(sql))
if size==(self.limit_count_max-1):
raise OutboundException()
if self.context.is_multithread():
pool = AsyncPool(self)
for p in range(size):
pool.add_bisec_task(self.forge.ascii(self.forge.get_char(sql,p+1)),0,255)
pool.solve_tasks()
return pool.get_str_result()
else:
result = ''
for p in range(size):
pool = AsyncPool(self)
pool.add_classic_bisec_task(self.forge.ascii(self.forge.get_char(sql, p+1)), 0, 255)
pool.solve_tasks()
result += pool.get_str_result()
return result
def get_blind_str(self, sql):
"""
Extract a string through a blind SQL injection
"""
size = self.get_blind_int(self.forge.string_len(sql))
if size == (self.limit_count_max - 1):
raise OutboundException()
if self.context.is_multithread():
pool = AsyncPool(self)
for p in range(size):
pool.add_bisec_task(
self.forge.ascii(self.forge.get_char(sql, p + 1)), 0, 255)
pool.solve_tasks()
return pool.get_str_result()
else:
result = ''
for p in range(size):
pool = AsyncPool(self)
pool.add_classic_bisec_task(
self.forge.ascii(self.forge.get_char(sql, p + 1)), 0, 255)
pool.solve_tasks()
result += pool.get_str_result()
return result