-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsql_error
72 lines (66 loc) · 5.41 KB
/
sql_error
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#!/bin/bash
url=$1
errorsqli=$2
httpx=$3
cat $1|qsreplace "FUZZ"|grep FUZZ|anew|tee -a fuzz.txt
for i in $(cat fuzz.txt);do echo "
==========================================================
URL: $i
==========================================================
">>1_ffuf_op_sqlierror.txt| ffuf -u $i -w $2 -mr "error" -t 60 -s -H "Content-Type: application/x-www-form-urlencoded" ;done| tee -a 1_ffuf_op_sqlierror.txt
for i in $(cat fuzz.txt);do echo "
==========================================================
URL: $i
==========================================================
">>2_ffuf_op_post_method_sqlierror.txt| ffuf -u $i -w $2 -mr "error" -X POST -t 60 -s -H "Content-Type: application/x-www-form-urlencoded" ;done| tee -a 2_ffuf_op_post_method_sqlierror.txt
for i in $(cat fuzz.txt);do echo "
==========================================================
URL: $i
==========================================================
">>3_ffuf_op_sqlicolumn.txt| ffuf -u $i -w $2 -mr "column" -t 60 -s -H "Content-Type: application/x-www-form-urlencoded" ;done| tee -a 3_ffuf_op_sqlicolumn.txt
for i in $(cat fuzz.txt);do echo "
==========================================================
URL: $i
==========================================================
">>4_ffuf_op_post_method_sqlicolumn.txt| ffuf -u $i -w $2 -mr "column" -X POST -t 60 -s -H "Content-Type: application/x-www-form-urlencoded" ;done| tee -a 4_ffuf_op_post_method_sqlicolumn.txt
for i in $(cat fuzz.txt);do echo "
==========================================================
URL: $i
==========================================================
">>5_ffuf_op_sqlitable.txt| ffuf -u $i -w $2 -mr "table" -t 60 -s -H "Content-Type: application/x-www-form-urlencoded" ;done| tee -a 5_ffuf_op_sqlitable.txt
for i in $(cat fuzz.txt);do echo "
==========================================================
URL: $i
==========================================================
">>6_ffuf_op_post_method_sqtable.txt| ffuf -u $i -w $2 -mr "table" -X POST -t 60 -s -H "Content-Type: application/x-www-form-urlencoded" ;done| tee -a 6_ffuf_op_post_method_sqtable.txt
for i in $(cat $3);do echo "
==========================================================
URL: $i
==========================================================
">>7_ffuf_op_method_sqlierrorheader.txt| ffuf -u $i -w $2 -mr "error" -H "Accept: FUZZ" -H "Accept-Charset: FUZZ" -H "Accept-Encoding: FUZZ" -H "Accept-Language: FUZZ" -H "Authorization: FUZZ" -H "Cookie: FUZZ" -H "Host: FUZZ" -H "If-Modified-Since: FUZZ" -H "Referer: FUZZ" -H "User-Agent: FUZZ" -t 60 -s -H "Content-Type: application/x-www-form-urlencoded" ;done| tee -a 7_ffuf_op_method_sqlierrorheader.txt
for i in $(cat $3);do echo "
==========================================================
URL: $i
==========================================================
">>8_ffuf_op_post_method_sqlierrorheader.txt| ffuf -u $i -w $2 -mr "error" -H "Accept: FUZZ" -H "Accept-Charset: FUZZ" -H "Accept-Encoding: FUZZ" -H "Accept-Language: FUZZ" -H "Authorization: FUZZ" -H "Cookie: FUZZ" -H "Host: FUZZ" -H "If-Modified-Since: FUZZ" -H "Referer: FUZZ" -H "User-Agent: FUZZ" -X POST -t 60 -s -H "Content-Type: application/x-www-form-urlencoded" ;done| tee -a 8_ffuf_op_post_method_sqlierrorheader.txt
for i in $(cat $3);do echo "
==========================================================
URL: $i
==========================================================
">>9_ffuf_op_sqlicolumnheader.txt| ffuf -u $i -w $2 -mr "column" -H "Accept: FUZZ" -H "Accept-Charset: FUZZ" -H "Accept-Encoding: FUZZ" -H "Accept-Language: FUZZ" -H "Authorization: FUZZ" -H "Cookie: FUZZ" -H "Host: FUZZ" -H "If-Modified-Since: FUZZ" -H "Referer: FUZZ" -H "User-Agent: FUZZ" -t 60 -s -H "Content-Type: application/x-www-form-urlencoded" ;done| tee -a 9_ffuf_op_sqlicolumnheader.txt
for i in $(cat $3);do echo "
==========================================================
URL: $i
==========================================================
">>10_ffuf_op_post_method_sqlicolumnheader.txt| ffuf -u $i -w $2 -mr "column" -H "Accept: FUZZ" -H "Accept-Charset: FUZZ" -H "Accept-Encoding: FUZZ" -H "Accept-Language: FUZZ" -H "Authorization: FUZZ" -H "Cookie: FUZZ" -H "Host: FUZZ" -H "If-Modified-Since: FUZZ" -H "Referer: FUZZ" -H "User-Agent: FUZZ" -X POST -t 60 -s -H "Content-Type: application/x-www-form-urlencoded" ;done| tee -a 10_ffuf_op_post_method_sqlicolumnheader.txt
for i in $(cat $3);do echo "
==========================================================
URL: $i
==========================================================
">>11_ffuf_op_sqlitableheader.txt| ffuf -u $i -w $2 -mr "table" -H "Accept: FUZZ" -H "Accept-Charset: FUZZ" -H "Accept-Encoding: FUZZ" -H "Accept-Language: FUZZ" -H "Authorization: FUZZ" -H "Cookie: FUZZ" -H "Host: FUZZ" -H "If-Modified-Since: FUZZ" -H "Referer: FUZZ" -H "User-Agent: FUZZ" -t 60 -s -H "Content-Type: application/x-www-form-urlencoded" ;done| tee -a 11_ffuf_op_sqlitableheader.txt
for i in $(cat $3);do echo "
==========================================================
URL: $i
==========================================================
">>12_ffuf_op_post_method_sqtableheader.txt| ffuf -u $i -w $2 -mr "table" -H "Accept: FUZZ" -H "Accept-Charset: FUZZ" -H "Accept-Encoding: FUZZ" -H "Accept-Language: FUZZ" -H "Authorization: FUZZ" -H "Cookie: FUZZ" -H "Host: FUZZ" -H "If-Modified-Since: FUZZ" -H "Referer: FUZZ" -H "User-Agent: FUZZ" -X POST -t 60 -s -H "Content-Type: application/x-www-form-urlencoded" ;done| tee -a 12_ffuf_op_post_method_sqtableheader.txt
rm fuzz.txt