Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Does nothing? #2

Open
devCodeRise opened this issue Jul 5, 2019 · 4 comments
Open

Does nothing? #2

devCodeRise opened this issue Jul 5, 2019 · 4 comments

Comments

@devCodeRise
Copy link

After issuing the command highlighted in the Usage section, it just sits there. Nothing is going on.
@prosecurity
Copy link

experiencing the same thing

@ghostlulzhacks
Copy link
Owner

Its probably because it didnt find anything. The script only outputs vulnerable urls.

@DEMON1A
Copy link

DEMON1A commented Feb 5, 2021

Hey dude @ghostlulzhacks, Are you still active in 2021?
So, before creating a project and pushing it to the public make sure it's working. it took me 10 minutes to debug your code to get where the error is.

The basic idea here is that you're using threading. which disallows you from seeing python error messages on the CLI. So in sqliscanner.py file line 48 you're using this line of code.

html = r.content

But basically, content does return bytes object and regex is using string comparing. so to solve this hall issue you need to replace .content with .text. all of the other stuff is working and I did get results from your script on acunetix test website

[root@demonia-vps]:~/tools/waybackSqliScanner - ls
README.md  __pycache__  main.py  sqliscanner.py  waybackmachine.py
[root@demonia-vps]:~/tools/waybackSqliScanner - python3 main.py testphp.vulnweb.com
Vulnerable	http://testphp.vulnweb.com/artists.php?artist=-1'
Vulnerable	http://testphp.vulnweb.com/artists.php?artist=-1%20union%20select%201,2,group_concat(pass)%20from%20users--'
Vulnerable	http://testphp.vulnweb.com:80/AJAX/infocateg.php?id=1'
Vulnerable	http://testphp.vulnweb.com:80/artists.php?artist=1''
Vulnerable	http://testphp.vulnweb.com/artists.php?artist=1-SLEEP(3)'
Vulnerable	http://testphp.vulnweb.com/artists.php?artist=-1%20UNION%20SELECT%201,version(),current_user()'

So for all people seeing this issue if the author won't do something to fix this issue please go to your sqliscanner.py file then find line 48 and change html = r.content to html = r.text and it should work fine.

@DEMON1A DEMON1A mentioned this issue Feb 5, 2021
Closed
@DEMON1A
Copy link

DEMON1A commented Feb 5, 2021

  • Hello guys, in case the author is unresponsive I created this repo: DEMON1A/waybackSqliscanner with the working code and colored output to make it easy to read it.

  • In case it will be any response from the author I will delete this repo since the code isn't mine. happy hacking.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@devCodeRise @ghostlulzhacks @prosecurity @DEMON1A