We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A good book is the best of friends, the same today and forever.
SqlInjection
target_url
SqlmapApi
views.py
sqls.py
Queue
url_queue
# 创建多线程 class ScanThread(Thread): def __init__(self, url_queue): Thread.__init__(self) self.url_queue = url_queue def run(self): while True: if self.url_queue.empty(): break url_now = self.url_queue.get() print url_now task = SqlInjection.objects.get(target_url=url_now) resp_json = task_new() task_id = resp_json['taskid'] task.task_id = task_id if resp_json['success']: print 'Set options...' option_json = option_set(task_id, url_now) if option_json['success']: print 'Options are setted, start scan...' start_json = scan_start(task_id, url_now) # print start_json start_time = time.time() # print start_time print 'Scanning...' if start_json['success']: while True: status_json = scan_status(task_id) # print status_json task.scan_status = status_json['status'] if status_json['status'] != 'terminated': time.sleep(10) else: # print status_json print 'Scan is finished.' # print task_id data_json = scan_data(task_id) # print data_json if data_json['data'] == []: print 'There is no SQL Injection.' else: print 'Data is ...' print data_json['data'] # sql_list.append(url_now) task.scan_data = data_json['data'] task_delete(task_id) print 'Delete task.' break # print time.time() if time.time() - start_time > 3000: print 'No response.' scan_stop(task_id) scan_kill(task_id) task_delete(task_id) break else: print 'Task Error.' self.url_queue.task_done() task.save()
The text was updated successfully, but these errors were encountered:
No branches or pull requests
0x01 DSScan
SqlInjection
数据表中的target_url
提交至SqlmapApi
中进行查询,最后将返回的一系列数据又保存至SqlInjection
数据表中SqlmapApi
进行扫描的逻辑从视图函数views.py
中单独出来作为一个模块,以便以后维护,更新views.py
视图函数的同级目录新建sqls.py
SqlmapApi
相关函数都写在这个sqls.py
模块中Queue
Queue
是用于保存target_url
,所以这个多线程函数必须有一个参数url_queue
SqlmapApi
扫描到的数据必须保存到数据库中The text was updated successfully, but these errors were encountered: