Python – Making A Simple SQL Injection Vulnerability Tester Tool

Python - Making A Simple Vulnerability Tester- picateshackz.com


Hello, today we are making a MySQL SQL Injection vulnerability checking tool in python programming language. That’s why we named it Making A Simple SQL Injection Vulnerability Tester. It will work only on GET parameter using websites.

Recommended:

Things you need:

– Python 3.4

– Internet Connection

– A vulnerable website

– Computer with Windows or Linux



For this tutorial i am using windows for python coding, If you are using Kali Linux then you already got python. Open up a terminal and type the following command to start python:

python


For Windows users, If you haven’t got installed Python yet, download it from the following link:

https://www.python.org/downloads/

Python basics

Python is written in C, it is one of the easiest programming languages for hacking tools, it includes alot of very useful libs, today, we will use 1 of them,

Finding a website for testing

You can easily find a website for testing using simple SQLi dorks, like inurl:”index.php?cat_id=”. You can find vulnerable site dumps over the web.

For more info about SQLi: How to Hack Website Using Sql Map in Kali Linux – Sql Injection

Step By Step Code your first simple SQLi checking vulnerability with Python:


Before starting coding, make a new .py file.

Importing main libraries

This time we will use sys, urllib and urllib.request modules, so import those 3 by using import sys, urllib, urllib.request or import sys, import urllib and import urllib.request in the new line.


Python - Making A Simple Vulnerability Tester- picateshackz.com

Explanation: ‘import’ is used for importing libraries, such as urllib or os, system.

Selecting the input type

Now we need to select the input type, the first one is pretty simple, the other one is harder. This time we will use the first one, but it does not affect other lines of code.

  • 1) Use input(“”) commands to get user input. This time it will be:

fullurl = input(“Please specify the full vulnerable url: “)

Python - Making A Simple Vulnerability Tester- picateshackz.com

Explanation: ‘variable = input(“Input: “)’ sets the var ‘variable’ to user input, ‘Input: ‘ is the text seen by the user at the input line.

  • 2) Use arguments for specifying the data:

for carg in sys.argv:if carg == “-w”:

  • argnum = sys.argv.index(carg)
  • argnum += 1
  • fullurl = sys.argv[argnum]

Python - Making A Simple Vulnerability Tester- picateshackz.com
Explanation: ‘if’ is a well known macro stament. Right now, we are using it to determine curent arg, the other lines – indicates the second argument, ‘in’ – checks if there is a specified text in a string.

Coding the program to make an web request

This is the most important part.

  • resp = urllib.request.urlopen(fullurl + “=1′ or ‘1’ = ‘1””)

  • body = resp.read()

  • fullbody = body.decode(‘utf-8’)​

Python - Making A Simple Vulnerability Tester- picateshackz.com

Explanation: the resp variable is set to the request response, body – to the response text, fullbody – to the decoded request text, ‘+’ is the addition variable on Python, is the escape character.

Making the program to check if the target is vulnerable

Now, once we have the response, we have to check if it contains SQL errors.

We will use this code for that:

  • if “You have an error in your SQL syntax” in fullbody:

  • print (“The website is classic SQL injection vulnerable!”)

  • else:

  • print (“The website is not classic SQL injection vulnerable!”)

Python - Making A Simple Vulnerability Tester- picateshackz.com

Explanation: We use ‘if’ macro for checking if there’s the specified text in the response.

Scanner with first type of getting user input

Python - Making A Simple Vulnerability Tester- picateshackz.com


with second type


Python - Making A Simple Vulnerability Tester- picateshackz.com


So yeah, that’s it!

Save the file, open cmd and run ‘python filename.py’ and input the requested info, if you were using the second method, use ‘python filenamy.py -w website’. It will check if the site’s vulnerable .

The copied code may not work, please rewrite it to your file .

If you had errors in syntax!

  • Unexpected indendity shows up when there are problems with tabs.
  • Problems with syntax are mostly showing up on problems with macros. If this error occured, please check your macros validity.


How to prevent simple SQL injection

Preventing SQLi ON MYSQL if very simple. Just use mysql_real_escape string for queries, as example:

  • $query = sprintf(“SELECT * FROM users where user=’%s’ AND password=’%s’,

  • mysql_real_escape_string($username)

  • mysql_real_escape_string($password)


ADVICE: after having success on this scanner, try to making a heartbleed exploiter

Good luck!


Also Read:

You may also like...

Close