Does nothing?

Question

Does nothing?

Opened this issue 5 years ago · 4 comments

devCodeRise commented 5 years ago

After issuing the command highlighted in the Usage section, it just sits there. Nothing is going on.

Answer 1 · 2019-07-31T17:10:24.000Z

experiencing the same thing

Answer 2 · 2019-08-11T08:42:16.000Z

Its probably because it didnt find anything. The script only outputs vulnerable urls.

Answer 3 · 2021-02-05T21:28:23.000Z

Hey dude @ghostlulzhacks, Are you still active in 2021?
So, before creating a project and pushing it to the public make sure it's working. it took me 10 minutes to debug your code to get where the error is.

The basic idea here is that you're using threading. which disallows you from seeing python error messages on the CLI. So in sqliscanner.py file line 48 you're using this line of code.

html = r.content

But basically, content does return bytes object and regex is using string comparing. so to solve this hall issue you need to replace .content with .text. all of the other stuff is working and I did get results from your script on acunetix test website

[root@demonia-vps]:~/tools/waybackSqliScanner - ls
README.md  __pycache__  main.py  sqliscanner.py  waybackmachine.py
[root@demonia-vps]:~/tools/waybackSqliScanner - python3 main.py testphp.vulnweb.com
Vulnerable	http://testphp.vulnweb.com/artists.php?artist=-1'
Vulnerable	http://testphp.vulnweb.com/artists.php?artist=-1%20union%20select%201,2,group_concat(pass)%20from%20users--'
Vulnerable	http://testphp.vulnweb.com:80/AJAX/infocateg.php?id=1'
Vulnerable	http://testphp.vulnweb.com:80/artists.php?artist=1''
Vulnerable	http://testphp.vulnweb.com/artists.php?artist=1-SLEEP(3)'
Vulnerable	http://testphp.vulnweb.com/artists.php?artist=-1%20UNION%20SELECT%201,version(),current_user()'

So for all people seeing this issue if the author won't do something to fix this issue please go to your sqliscanner.py file then find line 48 and change html = r.content to html = r.text and it should work fine.

Answer 4 · 2021-02-05T22:26:45.000Z

Hello guys, in case the author is unresponsive I created this repo: DEMON1A/waybackSqliscanner with the working code and colored output to make it easy to read it.
In case it will be any response from the author I will delete this repo since the code isn't mine. happy hacking.