We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A good book is the best of friends, the same today and forever.
SqlInjection
target_url
SqlmapApi
views.py
sqls.py
Queue
url_queue
# 创建多线程 class ScanThread(Thread): def __init__(self, url_queue): Thread.__init__(self) self.url_queue = url_queue def run(self): while True: if self.url_queue.empty(): break url_now = self.url_queue.get() print url_now task = SqlInjection.objects.get(target_url=url_now) resp_json = task_new() task_id = resp_json['taskid'] task.task_id = task_id if resp_json['success']: print 'Set options...' option_json = option_set(task_id, url_now) if option_json['success']: print 'Options are setted, start scan...' start_json = scan_start(task_id, url_now) # print start_json start_time = time.time() # print start_time print 'Scanning...' if start_json['success']: while True: status_json = scan_status(task_id) # print status_json task.scan_status = status_json['status'] if status_json['status'] != 'terminated': time.sleep(10) else: # print status_json print 'Scan is finished.' # print task_id data_json = scan_data(task_id) # print data_json if data_json['data'] == []: print 'There is no SQL Injection.' else: print 'Data is ...' print data_json['data'] # sql_list.append(url_now) task.scan_data = data_json['data'] task_delete(task_id) print 'Delete task.' break # print time.time() if time.time() - start_time > 3000: print 'No response.' scan_stop(task_id) scan_kill(task_id) task_delete(task_id) break else: print 'Task Error.' self.url_queue.task_done() task.save()
The text was updated successfully, but these errors were encountered:
No branches or pull requests
0x01 DSScan
SqlInjection数据表中的target_url提交至SqlmapApi中进行查询,最后将返回的一系列数据又保存至SqlInjection数据表中SqlmapApi进行扫描的逻辑从视图函数views.py中单独出来作为一个模块,以便以后维护,更新views.py视图函数的同级目录新建sqls.pySqlmapApi相关函数都写在这个sqls.py模块中QueueQueue是用于保存target_url,所以这个多线程函数必须有一个参数url_queueSqlmapApi扫描到的数据必须保存到数据库中The text was updated successfully, but these errors were encountered: