Skip to content
/ gotruder Public

Gotruder is a blind sqli script that mimics Burpsuite's intruder functionality

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

andrewvenson/gotruder

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
main.go
main.go
 
 
pw
pw
 
 
wordlist
wordlist
 
 

Repository files navigation

gotruder

Blind SQLi script that mimics Burpsuite's intruder functionality

Specifically built for Portswigger's Web Security Academy lab: Blind SQL injection with conditional responses

Install

git clone https://github.com/andrewvenson/gotruder.git
cd gotruder
go build or go run main.go

  • Copy full url to -h arg flag
  • Copy full cookie header to -hdr arg flag
  • Copy full cookie header value to -hdrVal arg flag
  • Set number of characters password is with -n arg flag
  • Set full path to wordlist with -wl arg flag
  • Set sqlinjection code within string like so "select sqli from ujustgothacked" to -sqli arg flag
  • For the lab, set the substring start index to iter within your sqli arg

Read code, to understand logic & requests being made

Further iterations pending depending on increase of knowledge and skill level

About

Gotruder is a blind sqli script that mimics Burpsuite's intruder functionality

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages