Skip to main content

SQL injection framework

Project description

Version Coverage

What is ending?

ending is a flexible SQL injection framework and CLI that works just as well for simple injections as it does for very complex ones.

Like sqlmap, it can be used out of the box for common SQL injection scenarios. However, ending is designed so that when the target stops being simple, you don’t need to abandon the tool and write custom scripts — you write python code instead.

Documentation and tutorials are available here.

Installation

$ pip install cfreal-ending

Documentation

Documentation is available at cfreal.github.io/ending.

A different approach to SQL injection

Most tools work fine for straightforward SQL injections over HTTP. However, when dealing with a complex case, a WAF, or other limitations, you often end up writing a custom script to inject your payloads. This is why ending was built.

Python-based target definitions

In ending, targets are defined using Python design files.

Instead of only configuring a URL and parameters through CLI arguments, you write a small Python method that sends an SQL payload to the target.

This function can be as simple as a single HTTP request — or as complex as needed.

Because it’s Python, you can naturally handle:

  • authentication and sessions
  • custom headers and encodings
  • non-HTTP protocols
  • WAF bypass logic
  • complex request flows

For simple targets, this is often only a few lines of code. For complex targets, it removes the need to switch tools entirely.

AST-based SQL generation

ending operates on the SQL Abstract Syntax Tree (AST) level, rather than building payloads as raw strings.

  • Injection techniques (UNION, error-based, blind, time-based, etc.) are implemented in a generic and reusable way
  • Each DBMS translates the AST into its own SQL dialect

Most of the time, you don't need to get that deep into the tool, as ending does everything itself. But if you face a complex injection, you can change the way AST nodes are converted into SQL syntax, and thus build advanced bypasses, such as:

  • To get rid of badchars (for instance, a<b can be written as a BETWEEN 0 AND b)
  • To make function calls less easy to spot for the WAF: SUBSTR(a, b) becomes SUBSTR# comment\n(a,b)

And it only takes a few lines of code!

First steps

It takes three steps: import, configure, and query.

Import an HTTP request

Configure a design

Get results

Check the documentation to see all available commands, and many tutorials.

Screenshots

A few screenshots of the tool's output.

Dumping some fields from a users table

Dumping columns whose name contains user

Supported databases

Currently, 5 databases are supported:

  • MySQL
  • PostgreSQL
  • SQLite
  • Oracle
  • Microsoft SQL Server (MSSQL)

Implementing a new database is a matter of a few hours. Contribute!

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cfreal_ending-0.2.0.tar.gz (130.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

cfreal_ending-0.2.0-py3-none-any.whl (154.2 kB view details)

Uploaded Python 3

File details

Details for the file cfreal_ending-0.2.0.tar.gz.

File metadata

  • Download URL: cfreal_ending-0.2.0.tar.gz
  • Upload date:
  • Size: 130.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.10.9 Linux/5.15.0-177-generic

File hashes

Hashes for cfreal_ending-0.2.0.tar.gz
Algorithm Hash digest
SHA256 43ffd0e4deef5f38a24f261441359e22d29efdfb5dfda2f03f2fff351027f79f
MD5 5e17f6845138bd4248cc39f22386be7e
BLAKE2b-256 96731fe743d852517f73c1fb2ce1cb4763cb943416f955ed459602929d90ebc8

See more details on using hashes here.

File details

Details for the file cfreal_ending-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: cfreal_ending-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 154.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.10.9 Linux/5.15.0-177-generic

File hashes

Hashes for cfreal_ending-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 e92e2c219e8c403ee46cc6c34d6851109349b0bc7a914ca3e76df43dac05273d
MD5 491acda91942a85698e3c085073281e7
BLAKE2b-256 91c1c8329034153750b9ea915d509ba2425fcdd99a3656054a318be8b78c8736

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page