• 27,004
  • +1,029
  • 3,074
Code your first simple SQL Injection checking vulnerability with Python

Code your first simple SQL Injection checking vulnerability with Python

Bookmark

Hello, today we are making an Python MySQL SQL Injection checking tool. That's why we named it Code your first simple SQL Injection checking vulnerability with Python ๐Ÿ™‚

It will work only on GET parameter using websites.

You are going to need:

     – Python 3.4

     – Internet Connection

     – A vulnerable website

     – Computer with Windows or Linux

If you haven't got installed Python yet, download it from the following link:

https://www.python.org/downloads/

Python basics

Python is written in C, it is one of the easiest programming languages for hacking tools, it includes alot of very useful libs, today, we will use 1 of them,

Finding a website for testing

You can easily find a website for testing using simple SQLi dorks, like inurl:"index.php?cat_id=". You can find vulnerable site dumps over the web.

Step by step Code your first simple SQLi checking vulnerability with Python:

Before starting coding, make a new .py file.

Importing main libraries

This time we will use sys, urllib and urllib.request modules, so import those 3 by using import  sys, urllib, urllib.request or import sys, import urllib and import urllib.request in the new line

Code your first simple SQLi checking vulnerability with Python

Explanation: 'import' is used for importing libraries, such as urllib or os, system.

Selecting the input type

Now we need to select the input type, the first one is pretty simple, the other one is harder. This time we will use the first one, but it does not affect other lines of code.

1) Use input("") commands to get user input. This time it will be:

fullurl = input("Please specify the full vulnerable url:  ")

Code your first simple SQLi checking vulnerability with Python

Explanation: 'variable = input("Input: ")' sets the var 'variable' to user input, 'Input: ' is the text seen by the user at the input line.

2) Use arguments for specifying the data:

for carg in sys.argv:

if carg == "-w":

argnum = sys.argv.index(carg)

argnum += 1

fullurl = sys.argv[argnum]

Code your first simple SQLi checking vulnerability with Python

Explanation: 'if' is a well known macro stament. Right now, we are using it to determine curent arg, the other lines – indicates the second argument, 'in' – checks if there is a specified text in a string.

Coding the program to make an web request

This is the most important part.

resp = urllib.request.urlopen(fullurl + "=1\' or \'1\' = \'1\''")

body = resp.read()

fullbody = body.decode('utf-8')โ€‹

Code your first simple SQLi checking vulnerability with Python

Explanation: the resp variable is set to the request response, body – to the response text, fullbody – to the decoded request text, '+' is the addition variable on Python, \ is the escape character.

Making the program to check if the target is vulnerable

Now, once we have the response, we have to check if it contains SQL errors.

We will use this code for that:

if "You have an error in your SQL syntax" in fullbody:

print ("The website is classic SQL injection vulnerable!")

else:

print ("The website is not classic SQL injection vulnerable!")

Code your first simple SQLi checking vulnerability with Python

Explanation: We use 'if' macro for checking if there's the specified text in the response.

Scanner with first type of getting user input

Code your first simple SQLi checking vulnerability with Python

with second type

Code your first simple SQLi checking vulnerability with Python

So yeah, that's it!

Save the file, open cmd and run 'python filename.py' and input the requested info, if you were using the second method, use 'python filenamy.py -w website'. It will check if the site's vulnerable ๐Ÿ™‚

The copied code may not work, please rewrite it to your file ๐Ÿ™‚

If you had errors in syntax

Unexpected indendity shows up when there are problems with tabs.

Problems with syntax are mostly showing up on problems with macros. If this error occured, please check your macros validity.

How to prevent simple SQL injection

Preventing SQLi ON MYSQL if very simple. Just use mysql_real_escape string for queries, as example:

$query = sprintf("SELECT * FROM users where user='%s' AND password='%s',

                        mysql_real_escape_string($username)

                        mysql_real_escape_string($password)

ADVICE: after having success on this scanner, try to making a heartbleed exploiter ๐Ÿ™‚

Good luck!

Writer: I am Vilius Povilaika, IT security specialist. Mainly developing exploits or other hacking tools.

Website: c-genf.com

Share this article if you found this post was useful:

Hacking Tutorial, Tips and Trick

See all posts by || Visit Website : http://www.hacking-tutorial.com

  • i love your blog and theme style.please tell us which theme r u using it will be more helpfull for me

  • Farhad Mehdi

    Thank you so much for writing this post, i hope you will be writing more of them in future too, i am a very big fan of you.
    cheers

  • Austin Powell

    what program are you using to write the .py file? and where did you input the “for carg in sys.argv” lines?

    • Adobe Photoshop

      Download the python offical dev kit from python’s website. It is called Python IDLE.

      • Austin Powell

        could you provide me with a link to IDLE? i have searched but am unable to find it or the dev kit

  • the learning guy

    wait I was doing this and the = in the , if carg = “-w”, is a syntax error somehow

    • Austin Powell

      i got the same error

      • Adobe Photoshop

        It is ==, not =. Probably a typo in the photo.

    • Adobe Photoshop

      == not =, a typo in the photo.

      • the learning guy

        thx

  • S!f0u

    i made my own sql checker but , this tool scans the whole server not only one website ๐Ÿ™‚

  • f0rheX

    works with python 3.4.3? or have to be with 3.4.0 cuz i listen that 3.4.3 have some problems

  • lisa

    Lisa

  • Volcan

    you have to download the modules and libs for this tutorial

  • Zain Arshad

    I don’t know about how to do hacking.

    I am php developer but i want to learn this and improve my skills.

    but i don’t know how to learn hacking from this site or any other and not know what thing is required for hacking and

    what tool required .

    please anybody help me from where i start to learn hacking what knowledge is required and where i start from this.

    i tried my best to get knowledge about hacking but nothing special i have.

    i completed main level and basic level but in every next level i find i have nothing every level is so up then my knowledge.

    If any body feel my problem please help me i am waiting for your answer…

    I shall be thankful to you

  • mahdi

    hi
    i am work this tutorial
    but
    reuslt:

    urllib.error.HTTPError: HTTP Error 404: Not Found