예제 #1
0
파일: web.py 프로젝트: ch0ck/proxy-inject
def queue_get(queue_waiting, queue_scaning):
		while not queue_scaning.full():
				while queue_waiting.qsize()>0 :
						postdata = queue_waiting.get()
						data = postdata['data'] if postdata['data'] else ''
						queue_scaning.put(1)
						wow = AutoSqli('http://127.0.0.1:8775',postdata['url'],data,postdata['header']['referer'],postdata['header']['cookie'])
						wow.run()
						queue_scaning.get()	
예제 #2
0
 def sqli_detect(self):
     from AutoSqli import AutoSqli
     try:
         t = AutoSqli(sqlmap_api_address, self.req_url, self.para_str, '',
                      self.cookie, self.request)
         t.deamon = True
         t.start()
     except Exception, e:
         print e
예제 #3
0
def queue_get(queue_waiting, queue_scaning):
    while not queue_scaning.full():
	while queue_waiting.qsize()>0 :
	        postdata = queue_waiting.get()
		data = postdata['data'] if postdata['data'] else ''
        	queue_scaning.put(1)
		wow = AutoSqli('http://127.0.0.1:8775',postdata['url'],data,postdata['header']['referer'],postdata['header']['cookie'])
		wow.run()
		queue_scaning.get()	
예제 #4
0
 def run(self):
     """
     Run the sqli detection using HTTPRequest object.
     """
     try:
         detecter = AutoSqli(SERVER, self.url, self.data, 
             self.referer, self.cookie, self.req_text) 
         detecter.deamon = True
         detecter.start()
     except Exception, e:
         print e
예제 #5
0
 def run(self):
     """
     Run the sqli detection using HTTPRequest object.
     """
     try:
         detecter = AutoSqli(SERVER, self.url, self.data, self.referer,
                             self.cookie, self.req_text)
         detecter.deamon = True
         detecter.start()
     except Exception, e:
         print e
예제 #6
0
파일: web.py 프로젝트: Sndav/pro-in
def queue_get(queue_waiting, queue_scaning):
    while not queue_scaning.full():
        while queue_waiting.qsize() > 0:
            postdata = queue_waiting.get()
            data = postdata["data"] if postdata["data"] else ""
            queue_scaning.put(1)
            wow = AutoSqli(
                "http://127.0.0.1:8775",
                postdata["url"],
                data,
                postdata["header"]["referer"],
                postdata["header"]["cookie"],
            )
            wow.run()
            queue_scaning.get()
예제 #7
0
def run(word):
    c = Crawl(word)
    c.urls, c.next_page = c.baidu_crawl()
    while True:
        while not c.urls.empty():
            url = c.urls.get().strip()
            s = AutoSqli(url)
            # t = threading.Thread(target=s.run)
            t = gevent.spawn(s.run)
            c.threads.append(t)
            print url
            # t.start()
        else:
            gevent.joinall(c.threads)
            # for t in c.threads:
            #     t.join()
            print c.next_page
            if c.next_page:
                c.urls, c.next_page = c.baidu_crawl()
            else:
                break
예제 #8
0
파일: Main.py 프로젝트: qhwlpg/AutoSqliTest
def test_Sqli(test_url):
    t = AutoSqli('http://127.0.0.1:8775',test_url)
    t.run() 
            #if not log_value:
            #此处如果没有得到回显,可尝试检查reverse domain的结果
            #现在借助api已解决这类问题。
            #print "[+]Well, you could check the reverse domain for result here.\n"
        elif self.detect_type == "ssrf":
            log_value = self.ssrf_detect()
            #此处无法添加可匹配的regx,可尝试检查reverse domain的结果
            #现在借助api已解决这类问题。
            #print "[+]Well, you could check the reverse domain for result here.\n"
        elif self.detect_type == "xxe":
            log_value = self.xxe_detect()

        elif self.detect_type == "sqli":
            from AutoSqli import AutoSqli
            try:
                t = AutoSqli(sqlmap_api_address, self.req_url, self.para_str,
                             '', self.cookie, self.request)
                t.deamon = True
                t.start()

            except Exception, e:
                print e
            log_value = False
            print "[+]Please wait for sqli time-delay detect.\n"
        else:
            return

        #print log_value
        if log_value != False and log_value != None:
            print "[!]Well. mabye success exploit here!\n"
            self.log_print(self.detect_type)
        #else:
예제 #10
0
def test_Sqli(test_url):
    t = AutoSqli('http://127.0.0.1:8775', test_url)
    t.run()