provide usage as a library
Brought to you by:
freko28,
mattoufoutu
We want a check for SQL injections in a buffer directly from python script.
I.e. something like below:
Get an array w/ strings with diffrent variants of injection attemps
(i.e. one appended with ";" + SQLCodeToInject ,
second with '1 ==1 AND ' + SQLCodeToInject and so on... )
---------------cut----------------
from ExploitMyUnion import GenerateInjectionSample
StringsWithSQLiAttempts=[]
StringsWithSQLiAttempts=GenerateInjectionSample(MyString,InjectionType,SQLCodeToInject)
passThisToMy_API_endpoint(StringsWithSQLiAttempts,other_params_i_use)
---------------cut----------------
Could you please provide such a call for injection templates used by ExploitMyUnion ?
I'm sorry, but this project is no longer maintained, and furthermore much better alternatives exist. I suggest you have a look at sqlmap for example, which is actively maintained and has tons of features.
Okay, understood.
As about sqlmap - I've already asked them - them're not planning to implement this type of use.