Python Script to scan for vulnerable servers allowing SQL Injection

By | July 25, 2015

#!/usr/bin/python

import sys, httplib

def main(host, path):
try:
conn = httplib.HTTPConnection(host)
conn.request(“GET”, path)
r1 = conn.getresponse()
print “[+]”,host+path,”:”,r1.status, r1.reason
except:
print “[-] Error Occurred”
pass

if len(sys.argv) != 3:
print “nUsage: ./sqlresp.py <site> <list of injections>”
print “Example: ./sqlresp.py www.site.com/buy.php?id= injections.txtn”
sys.exit(1)

print “n d3hydr8[at]gmail[dot]com sqlResp v1.0”
print “———————————————-”

try:
injects = open(sys.argv[2], “r”).readlines()
except(IOError):
print “Error: Check your injections pathn”
sys.exit(1)

host = sys.argv[1].strip(“http://”)
if host[-1:] != “=”:
print “n[-] No ‘=’ on the end of address”
print “[+] adding ‘='”
host = host+”=”
print “n[+] Site:”,host
print “[+] Injections Loaded:”,len(injects),”nn”

for inj in injects:
try:
main(host.split(“/”,1)[0], host.split(“/”,1)[1]+inj.strip(“n”))
except(IndexError):
print “[-] Invalid Addressn”
sys.exit(1)
print “n[+] Donen”

Share Button

2 thoughts on “Python Script to scan for vulnerable servers allowing SQL Injection

  1. Pingback: click here link click click this link good site here is the site http://www.clemsondeckbuilders.com/ www.clemsondeckbuilders.com/ clemsondeckbuilders.com/ http://www.clemsondeckbuilders.com/ www.clemsondeckbuilders.com/ clemsondeckbuilders.com/ http://www

  2. Pingback: Joseph de Saram#Rhodium

Leave a Reply

Your email address will not be published. Required fields are marked *