bambish / scanqli Goto Github PK
View Code? Open in Web Editor NEWSQLi scanner to detect SQL vulns
License: GNU General Public License v3.0
SQLi scanner to detect SQL vulns
License: GNU General Public License v3.0
Some website generate the following error :
ERROR: Unknow error : GetHTML(): <class 'requests.exceptions.SSLError'>
Traceback (most recent call last):
File "scanqli.py", line 141, in
function.PrintError("", error)
File "/root/ScanQLi/function.py", line 373, in PrintError
print(colored("ERROR: ", "red", attrs=["bold"]) + colored(command, attrs=["bold"]) + " : " + errormsg)
TypeError: cannot concatenate 'str' and 'exceptions.UnboundLocalError' objects
i have this error
Traceback (most recent call last):######################################################]
File "./scanqli.py", line 129, in
result = function.CheckPageListAllVulns(pageset)
File "/home/CyberTheReapeR/ScanQLi/function.py", line 341, in CheckPageListAllVulns
payload = CheckPageListVuln(pageset, vuln)
File "/home/CyberTheReapeR/ScanQLi/function.py", line 319, in CheckPageListVuln
payload = CheckPageVuln(url, vuln, pageset[url])
File "/home/CyberTheReapeR/ScanQLi/function.py", line 308, in CheckPageVuln
postresult = CheckPostVuln(url, vuln, fields, html)
File "/home/CyberTheReapeR/ScanQLi/function.py", line 272, in CheckPostVuln
page = PostData(url, payloadeddata)
File "/home/CyberTheReapeR/ScanQLi/function.py", line 104, in PostData
r = requests.post(url, data=data, cookies=cookies)
File "/usr/lib/python2.7/dist-packages/requests/api.py", line 116, in post
return request('post', url, data=data, json=json, **kwargs)
File "/usr/lib/python2.7/dist-packages/requests/api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python2.7/dist-packages/requests/adapters.py", line 516, in send
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='xxx.xxx.com', port=443): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fe0aa3bf610>: Failed to establish a new connection: [Errno 110] Connection timed out',))
Hello,
I think ScanQLi should work with websites that use self signed certificate or expired certificate (developpement servers for example).
In case of expired certificate we got this error :
ERROR: Connection Error : HTTPSConnectionPool(host='www.xxxxxxxxxxx.com', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
Can we get a command line switch to ignore certificate verification ?
When testing to an IP address which is hosting an HTTPS/port 443 service, there should be an option to ignore an SSL certificate mismatch. Thanks!
Pen Test > ./scanqli.py -u https://x.x.x.x/login.php?example=1 -v -o /root/scan_x.x.x.x
[2] 19135
bash: -v: command not found
Pen Test > ____ ____ __ _
/ __/ ____ ___ _ ___ / __ \ / / (_)
_\ \ / __// _ `/ / _ \/ /_/ / / /__ / /
/___/ \__/ \_,_/ /_//_/\___\_\/____//_/
https://github.com/bambish
https://twitter.com/bambishee
URL = https://x.x.x.x/login.php?example=1
ERROR: Connection Error : HTTPSConnectionPool(host='x.x.x.x', port=443): Max retries exceeded with url: /login.php?example=1 (Caused by SSLError(CertificateError("hostname 'x.x.x.x' doesn't match either of '*.targetdomain.com', 'targetdomain.com'",),))
tested on bwapp zero vuln :D lol remove it
To integrate scanqli
into the Fedora Security Lab it's required that the scanqli
is available as RPM package.
This is the tracking issue for that effort.
python scanqli.py -u 'http://perdu.com/' -r
/ / ____ ___ _ ___ / __ \ / / (_)
\ \ / __// _ `/ / _ / // / / / / /
// _/ _,/ ////____/__///
https://github.com/bambish
https://twitter.com/bambishee
Traceback (most recent call last):
File "scanqli.py", line 142, in
resultlen = numpy.shape(result)[0] * numpy.shape(result)[1]
IndexError: tuple index out of range
i tryed small sites to see how it is scanning but it is extreme slow with getting urls 25 mbps download speed and 25 ms ping i do have
Traceback (most recent call last):
File "scanqli.py", line 101, in
function.cookies = json.loads(options.cookies)
File "C:\Python27\lib\json_init_.py", line 339, in loads
return _default_decoder.decode(s)
File "C:\Python27\lib\json\decoder.py", line 364, in decode
obj, end = self.raw_decode(s, idx=_w(s, 0).end())
File "C:\Python27\lib\json\decoder.py", line 380, in raw_decode
obj, end = self.scan_once(s, idx)
ValueError: Expecting property name: line 1 column 2 (char 1)
Congratulations for your program it is a light sqli scanner that works pretty good, but it has some issues:
id
:python scanqli.py -q -u "http://example.com/details.php?id=12&caca=222" -> Doesn't detect
python scanqli.py -q -u "http://example.com/details.php?caca=222&id=12" -> Detects
Another issue is regarding the -U / --urllist -> it just doesn't detect
One recommendation is to add more detections on the config.py, for example, I skipped one vulnerable parameter because the MySQL Error was supplied argument is not a valid MySQL result resource
and that's not included
Thank you very much!
Your tools seems to not understand urls with "?" character...
python scanqli.py -u 'http://xxx.xxx.xxx' -r
/ / ____ ___ _ ___ / __ \ / / (_)
\ \ / __// _ `/ / _ / // / / / / /
// _/ _,/ ////____/__///
https://github.com/bambish
https://twitter.com/bambishee
Base URL = http://xxx.xxx.xxx/
HTTPConnectionPool(host='spip.php', port=80): Max retries exceeded with url: /?rubrique24 (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7fb26ce441d0>: Failed to establish a new connection: [Errno -2] Name or service not known',))
Hello,
When using recursive option (-r), I got some exceptions :
File "/usr/local/lib/python2.7/dist-packages/requests/models.py", line 390, in prepare_url
raise InvalidURL("Invalid URL %r: No host supplied" % url)
requests.exceptions.InvalidURL: Invalid URL u'https://#ecran-10': No host supplied
File "/usr/local/lib/python2.7/dist-packages/requests/models.py", line 390, in prepare_url
raise InvalidURL("Invalid URL %r: No host supplied" % url)
requests.exceptions.InvalidURL: Invalid URL u'https://#footer': No host supplied
Such URLs should just be ignored, it should not crash your software.
Example :
python scanqli.py -u 'https://github.com' -r
/ / ____ ___ _ ___ / __ \ / / (_)
\ \ / __// _ `/ / _ / // / / / / /
// _/ _,/ ////____/__///
https://github.com/bambish
https://twitter.com/bambishee
Base URL = https://github.com
Traceback (most recent call last):
File "scanqli.py", line 118, in
pageset = function.GetAllPages(baseurl)
File "/root/ScanQLi/function.py", line 176, in GetAllPages
html = GetHTML(link)
File "/root/ScanQLi/function.py", line 79, in GetHTML
r = requests.get(url, cookies=cookies)
File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 519, in request
prep = self.prepare_request(req)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 462, in prepare_request
hooks=merge_hooks(request.hooks, self.hooks),
File "/usr/local/lib/python2.7/dist-packages/requests/models.py", line 313, in prepare
self.prepare_url(url, params)
File "/usr/local/lib/python2.7/dist-packages/requests/models.py", line 390, in prepare_url
raise InvalidURL("Invalid URL %r: No host supplied" % url)
requests.exceptions.InvalidURL: Invalid URL u'https://#start-of-content': No host supplied
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.