Skip to main content

SQL injection framework

Project description

Version Coverage

What is ending?

ending is a flexible SQL injection framework and CLI that works just as well for simple injections as it does for very complex ones.

Like sqlmap, it can be used out of the box for common SQL injection scenarios. However, ending is designed so that when the target stops being simple, you don’t need to abandon the tool and write custom scripts — you write python code instead.

Documentation and tutorials are available here.

Installation

$ pip install .

Documentation

Documentation is available at cfreal.github.io/ending.

A different approach to SQL injection

Most tools work fine for straightforward SQL injections over HTTP. However, when dealing with a complex case, a WAF, or other limitations, you often end up writing a custom script to inject your payloads. This is why ending was built.

Python-based target definitions

In ending, targets are defined using Python design files.

Instead of only configuring a URL and parameters through CLI arguments, you write a small Python method that sends an SQL payload to the target.

This function can be as simple as a single HTTP request — or as complex as needed.

Because it’s Python, you can naturally handle:

  • authentication and sessions
  • custom headers and encodings
  • non-HTTP protocols
  • WAF bypass logic
  • complex request flows

For simple targets, this is often only a few lines of code. For complex targets, it removes the need to switch tools entirely.

AST-based SQL generation

ending operates on the SQL Abstract Syntax Tree (AST) level, rather than building payloads as raw strings.

  • Injection techniques (UNION, error-based, blind, time-based, etc.) are implemented in a generic and reusable way
  • Each DBMS translates the AST into its own SQL dialect

Most of the time, you don't need to get that deep into the tool, as ending does everything itself. But if you face a complex injection, you can change the way AST nodes are converted into SQL syntax, and thus build advanced bypasses, such as:

  • To get rid of badchars (for instance, a<b can be written as a BETWEEN 0 AND b)
  • To make function calls less easy to spot for the WAF: SUBSTR(a, b) becomes SUBSTR# comment\n(a,b)

And it only takes a few lines of code!

Screenshots

A few screenshots of the tool's output.

Dumping some fields from a users table

Dumping columns whose name contains user

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cfreal_ending-0.1.0.tar.gz (126.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

cfreal_ending-0.1.0-py3-none-any.whl (149.8 kB view details)

Uploaded Python 3

File details

Details for the file cfreal_ending-0.1.0.tar.gz.

File metadata

  • Download URL: cfreal_ending-0.1.0.tar.gz
  • Upload date:
  • Size: 126.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.10.9 Linux/5.15.0-177-generic

File hashes

Hashes for cfreal_ending-0.1.0.tar.gz
Algorithm Hash digest
SHA256 72332e26e0626c361d1d50c47bbc74e5e5c141d78e238e6e70dacc1948556944
MD5 91b78e334900449aa52aaef702982f31
BLAKE2b-256 d53c5c1101da8d7df31ef70cceb20c8a27776e1f6967016e94fcef525bb78628

See more details on using hashes here.

File details

Details for the file cfreal_ending-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: cfreal_ending-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 149.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.10.9 Linux/5.15.0-177-generic

File hashes

Hashes for cfreal_ending-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 00da67ef8df71e73f17e7fc1ea6d63626069a31b0c0c3def8c765a611c6646f5
MD5 7bb0ff35f8c306ac995f20bc9c299664
BLAKE2b-256 6bfbd5891d8ebaf03a75ef1f68c268079be9c40f5d36e902318b7f9b375404af

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page