Skip to content
/ sqlmap-websocket-proxy Public

Tool to enable blind sql injection attacks against websockets using sqlmap

License

MIT license
57 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

BKreisel/sqlmap-websocket-proxy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
src/sqlmap_websocket_proxy
src/sqlmap_websocket_proxy
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

sqlmap Websocket Proxy

💉Tool to enable blind sql injection attacks against websockets using sqlmap

Heavily based on an excellent writeup from Rayhan Ahmed: Automating Blind SQL injection over WebSocket

Example

sqlmap-websocket-proxy -u ws://sketcy.lol:1337 -p '{"id": "%param%"}'
python3 sqlmap.py -u  http://localhost:8080/?param1=1

Usage

usage: sqlmap-websocket-proxy [-h] -u URL -d DATA [-p PORT]

options:
  -h, --help            show this help message and exit
  -u URL, --url URL     URL to the websocket (example: ws://vuln_server:1337/ws)
  -d DATA, --data DATA  Paylod with injectable fields encoded as '%param%' (example: {"id": "%param%"})
  -p PORT, --port PORT  Proxy Port (default: 8080)

Installation

PyPI

python3 -m pip install sqlmap-websocket-proxy

Manual

python3 -m pip install sqlmap_websocket_proxy-1.1.0-py3-none-any.whl

Git

python3 -m pip install .

Download Latest Release

Demo

demo

About

Tool to enable blind sql injection attacks against websockets using sqlmap

Topics

python websocket sqlmap

Resources

Readme

License

MIT license
Activity

Stars

57 stars

Watchers

2 watching

Forks

6 forks
Report repository

Releases 2

1.1.0 Latest
Nov 4, 2023
+ 1 release

Packages

No packages published

Languages