Exemple #1
0
 def get_blind_int(self, sql):
     """
     Extract an integer through blind SQL injection
     """
     pool = AsyncPool(self)
     if self.context.is_multithread():
         pool.add_bisec_task(sql, 0, self.limit_count_max)
     else:
         pool.add_classic_bisec_task(sql, 0, self.limit_count_max)
     pool.solve_tasks()
     return pool.result[0]
Exemple #2
0
 def get_blind_int(self, sql):
     """
     Extract an integer through blind SQL injection
     """
     pool = AsyncPool(self)
     if self.context.is_multithread():
         pool.add_bisec_task(sql, 0, self.limit_count_max)
     else:
         pool.add_classic_bisec_task(sql, 0, self.limit_count_max)
     pool.solve_tasks()
     return pool.result[0]
Exemple #3
0
 def get_blind_str(self, sql):
     """
     Extract a string through a blind SQL injection
     """
     size = self.get_blind_int(self.forge.string_len(sql))
     if size==(self.limit_count_max-1):
         raise OutboundException()
     if self.context.is_multithread():
         pool = AsyncPool(self)
         for p in range(size):
             pool.add_bisec_task(self.forge.ascii(self.forge.get_char(sql,p+1)),0,255)
         pool.solve_tasks()
         return pool.get_str_result()
     else:
         result = ''
         for p in range(size):
             pool = AsyncPool(self)
             pool.add_classic_bisec_task(self.forge.ascii(self.forge.get_char(sql, p+1)), 0, 255)
             pool.solve_tasks()
             result += pool.get_str_result()
         return result
Exemple #4
0
 def get_blind_str(self, sql):
     """
     Extract a string through a blind SQL injection
     """
     size = self.get_blind_int(self.forge.string_len(sql))
     if size == (self.limit_count_max - 1):
         raise OutboundException()
     if self.context.is_multithread():
         pool = AsyncPool(self)
         for p in range(size):
             pool.add_bisec_task(
                 self.forge.ascii(self.forge.get_char(sql, p + 1)), 0, 255)
         pool.solve_tasks()
         return pool.get_str_result()
     else:
         result = ''
         for p in range(size):
             pool = AsyncPool(self)
             pool.add_classic_bisec_task(
                 self.forge.ascii(self.forge.get_char(sql, p + 1)), 0, 255)
             pool.solve_tasks()
             result += pool.get_str_result()
         return result