ProgramFilesx86
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1= check vul (using google dorks of course) | |
| so i found a target and i'll excute on it | |
| we'll check it by adding 'or' | |
| 2= order injections { | |
| +order+by+1 | |
| order by 1 |
ProgramFilesx86
/ marezzi@gmail.com
Created
December 10, 2018 17:08
Manuallsqlinjectgretingtomarezzi@gmail.com
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| beforre checking vulnerabillity | |
| we have to use Google Dorking | |
| i've been already found the target website that will help us | |
| so we will start now | |
| So as you see guys it's working | |
| (i've bad English and bad connection :'( ) | |
| Now we'll heck vulnerability |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import bs4 as bs | |
| with requests.session() as c: | |
| link="https://www.facebook.com/login.php?login_attempt=1&lwv=110" #link of the webpage to be logged in | |
| initial=c.get(link) #passing the get request | |
| login_data={"email":"xxxxxxxxxxxx","pass":"**********"} #the login | |
| page_login=c.post(link, data=login_data) | |
| #print(page_login) #checking status of requested page | |
| page=c.get("https://www.facebook.com/profile.php?id=100008551898809") #requesting source code of logged in page | |
| good_data = bs.BeautifulSoup(page.content, "lxml") #parsing it with BS4 |