-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SQL Insert error for some region #5
Comments
SQL injection in insert_victim_geo! |
@goRaspy Thanks to you, enjoy it and share it with your friends. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Look like the script do not like people from "Provence Alpes cote d'Azur" region (France)
Trape look to be insane anyway :)
: fd54b
[*] It's his first time
[2017-11-04 00:42:07,868] ERROR in app: Exception on /register [POST]
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1982, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1614, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1517, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1612, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1598, in dispatch_request
return self.view_functionsrule.endpoint
File "/root/trape/core/victim.py", line 61, in register
db.sentences_victim('insert_victim_geo', [victimGeo, vId], 2)
File "/root/trape/core/db.py", line 94, in sentences_victim
return self.sql_insert(self.prop_sentences_victim(type, data))
File "/root/trape/core/db.py", line 39, in sql_insert
self.cursor.execute(sentence)
OperationalError: near "Azur": syntax error
The text was updated successfully, but these errors were encountered: