Skip to main content

SQL injection framework

Project description

Version Coverage

What is ending?

ending is a flexible SQL injection framework and CLI that works just as well for simple injections as it does for very complex ones.

Like sqlmap, it can be used out of the box for common SQL injection scenarios. However, ending is designed so that when the target stops being simple, you don’t need to abandon the tool and write custom scripts — you write python code instead.

Documentation and tutorials are available here.

Installation

$ pip install cfreal-ending

Documentation

Documentation is available at cfreal.github.io/ending.

A different approach to SQL injection

Most tools work fine for straightforward SQL injections over HTTP. However, when dealing with a complex case, a WAF, or other limitations, you often end up writing a custom script to inject your payloads. This is why ending was built.

Python-based target definitions

In ending, targets are defined using Python design files.

Instead of only configuring a URL and parameters through CLI arguments, you write a small Python method that sends an SQL payload to the target.

This function can be as simple as a single HTTP request — or as complex as needed.

Because it’s Python, you can naturally handle:

  • authentication and sessions
  • custom headers and encodings
  • non-HTTP protocols
  • WAF bypass logic
  • complex request flows

For simple targets, this is often only a few lines of code. For complex targets, it removes the need to switch tools entirely.

AST-based SQL generation

ending operates on the SQL Abstract Syntax Tree (AST) level, rather than building payloads as raw strings.

  • Injection techniques (UNION, error-based, blind, time-based, etc.) are implemented in a generic and reusable way
  • Each DBMS translates the AST into its own SQL dialect

Most of the time, you don't need to get that deep into the tool, as ending does everything itself. But if you face a complex injection, you can change the way AST nodes are converted into SQL syntax, and thus build advanced bypasses, such as:

  • To get rid of badchars (for instance, a<b can be written as a BETWEEN 0 AND b)
  • To make function calls less easy to spot for the WAF: SUBSTR(a, b) becomes SUBSTR# comment\n(a,b)

And it only takes a few lines of code!

First steps

It takes three steps: import, configure, and query.

Import an HTTP request

Configure a design

Get results

Check the documentation to see all available commands, and many tutorials.

Screenshots

A few screenshots of the tool's output.

Dumping some fields from a users table

Dumping columns whose name contains user

Supported databases

Currently, 5 databases are supported:

  • MySQL
  • PostgreSQL
  • SQLite
  • Oracle
  • Microsoft SQL Server (MSSQL)

Implementing a new database is a matter of a few hours. Contribute!

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cfreal_ending-0.2.2.tar.gz (131.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

cfreal_ending-0.2.2-py3-none-any.whl (154.3 kB view details)

Uploaded Python 3

File details

Details for the file cfreal_ending-0.2.2.tar.gz.

File metadata

  • Download URL: cfreal_ending-0.2.2.tar.gz
  • Upload date:
  • Size: 131.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.10.9 Linux/5.15.0-177-generic

File hashes

Hashes for cfreal_ending-0.2.2.tar.gz
Algorithm Hash digest
SHA256 d7284feefbd382f99a55858d4bb6d32b5c1cb5a600cfcc78f6696d28038e40fe
MD5 a44615a595105378c45a9ea166767559
BLAKE2b-256 a03c3265c2803d8dfa628938e552dae1ab432791a5876b9b7560033e2b3ba78e

See more details on using hashes here.

File details

Details for the file cfreal_ending-0.2.2-py3-none-any.whl.

File metadata

  • Download URL: cfreal_ending-0.2.2-py3-none-any.whl
  • Upload date:
  • Size: 154.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.10.9 Linux/5.15.0-177-generic

File hashes

Hashes for cfreal_ending-0.2.2-py3-none-any.whl
Algorithm Hash digest
SHA256 8459cc8c5333ebc422ffd71c00d48484d549e3defa943a91ff39ca9eb60b7c31
MD5 c0ed757d293a9047b50c8ec916eb1a3f
BLAKE2b-256 584e1339562e8d1d8f16a5d8ab969ca1bf6e0bbe7f739bccda1bcb59877fbe26

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page