Created
October 30, 2020 15:58
-
-
Save lucadidomenico/4bdda6790ebcf5daffed7e9f7488d28a to your computer and use it in GitHub Desktop.
MySql fuzzer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python3 | |
import mysql.connector | |
import warnings | |
excluded_chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789' | |
VERSION = "5.6.49" | |
def fuzzDB(): | |
warnings.warn("deprecated", DeprecationWarning) | |
db = mysql.connector.connect(host="localhost", user="root", passwd=".sweetpwd.", db="my_db", port=3306) | |
cursor = db.cursor(buffered=True) | |
for a in range(128): | |
if chr(a) in excluded_chars: | |
continue | |
for b in range(128): | |
if chr(b) in excluded_chars: | |
continue | |
for c in range(128): | |
if chr(c) in excluded_chars: | |
continue | |
try: | |
cursor.execute("SELECT name FROM browsers WHERE '1'='1' UnIoN{0}SeLeCt{1}VERSION(){2}".format(chr(a), chr(b), chr(c))) | |
records = cursor.fetchall() | |
for row in records: | |
if VERSION in row[0]: | |
print("----------------------------------") | |
print("a: " + str(a) + " " + str(hex(a)) + " " + str((chr(a) if a != 10 else "NEW LINE"))) | |
print("b: " + str(b) + " " + str(hex(b)) + " " + str((chr(b) if b != 10 else "NEW LINE"))) | |
print("c: " + str(c) + " " + str(hex(c)) + " " + str((chr(c) if c != 10 else "NEW LINE"))) | |
print("----------------------------------") | |
except(mysql.connector.Error): | |
continue | |
db.close() | |
cursor.close() | |
db = mysql.connector.connect(host="localhost", user="root", passwd=".sweetpwd.", db="my_db", port=3306) | |
cursor = db.cursor(buffered=True) | |
def main(): | |
fuzzDB() | |
if __name__ == '__main__': | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment