0x00 前言:
大家都知道 sqlmap 是非常强大的 sql 注入工具, 最近发现他有个 sqlmap API, 上网查了一下. 发现这是
sqlmap 的微端.(可以叫做 sqlmap 在线检测 sql 注入 = =)
0x001 准备:
环境:
- Ubuntu 16.04
- Python3
- Python2
用到的库: requests,parform,os
0x002 正文:
首先我们来启动 sqlmapapi
sqlmapi -s
出现如下图就成功了:
sqlmapapi 介绍:
http://127.0.0.1:8775/task/new 创建一个新的任务 GET 请求
http://127.0.0.1:8775/scan/id + 要请求的值 并设置 header 头为 (Content-Type:application/json) post 请求 (这里的 ID 就是刚刚 new 的时候获取到的)
http://127.0.01:8775/scan/id/status 查看状态 GET 请求
http://127.0.0.1:8775/scan/id/data 查看扫描结果 如果扫描结果返回空则代表无 sql 注入, 如果返回不是空则有 sql 注入 GET 请求
http://127.0.0.1:8775/task/delete 删除一个 ID GET 请求
http://127.0.0.1:8775/scan/kalii 杀死一个进程 GET 请求
http://127.0.0.1:8775/scan/logo 查看扫描日志
http://127.0.0.1:8775/scan/stop 停止扫描
代码:
- import requests
- import json
- import platform
- import os
- logo="#sqlmap api 制作" \
- "# 九世制作"
- print(logo)
- print('[1]Manually open sqlmapapi')
- print('[2]Automatically open sqlmapapi')
- while True:
- start=input("Please choose:")
- if start == "1":
- print('[*]You choose to open sqlmapapi manually')
- break
- elif start == "2":
- print('[*]You choose to automatically open sqlmapapi')
- os.system('sqlmapapi.py -s')
- break
- else:
- print('[-]There is no choice')
- continue
- while True:
- user=input('Please enter the web site you want to scan:')
- if user==None:
- print('[-]You have nothing to enter')
- continue
- else:
- break
- vsersion=platform.uname()
- for p in vsersion:
- print('[*]Your operating system type is:{}'.format(p))
- print(' ')
- def sqlmap(host):
- urlnew="http://127.0.0.1:8775/task/new"
- urlscan="http://127.0.0.1:8775/scan/"
- headers={"user-agent":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (Khtml, like Gecko) Chrome/39.0.2171.71 Safari/537.36"}
- pd=requests.get(url=urlnew,headers=headers)
- print('[*]New task')
- jsons=pd.json()
- print("[*]id:",jsons['taskid'])
- print("[*]success:",jsons["success"])
- id=jsons['taskid']
- scan=urlscan+id+"/start"
- print("[*]scanurl:",scan)
- data=json.dumps({"url":"{}".format(host)})
- headerss={"Content-Type":"application/json"}
- scans=requests.post(url=scan,headers=headerss,data=data)
- swq=scans.json()
- print('--------SCAN-----------')
- print('[*]scanid:',swq["engineid"])
- print('[*]scansuccess:',swq["success"])
- print('--------STATUS---------')
- status="http://127.0.0.1:8775/scan/{}/status".format(id)
- print(status)
- while True:
- staw=requests.get(url=status,headers=headers)
- if staw.json()['status'] == 'terminated':
- datas=requests.get(url='http://127.0.0.1:8775/scan/{}/data'.format(id))
- dat=datas.json()['data']
- print('[*]data:',dat)
- break
- elif staw.json()['status'] == 'running':
- continue
- sqlmap(user.strip())
扫描结果:
插入一曲 BGM:
来源: https://www.cnblogs.com/haq5201314/p/9092348.html