Need help with DSSS?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

stamparm
470 Stars 153 Forks 123 Commits 0 Opened issues

Description

Damn Small SQLi Scanner

Services available

!
?

Need anything else?

Contributors list

Damn Small SQLi Scanner Python 3.x License

Damn Small SQLi Scanner (DSSS) is a fully functional SQL injection vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code.

Vulnerable

As of optional settings it supports HTTP proxy together with HTTP header values

User-Agent
,
Referer
and
Cookie
.

Sample runs

$ python3 dsss.py -h
Damn Small SQLi Scanner (DSSS) < 100 LoC (Lines of Code) #v0.3a
 by: Miroslav Stampar (@stamparm)

Usage: dsss.py [options]

Options: --version show program's version number and exit -h, --help show this help message and exit -u URL, --url=URL Target URL (e.g. "http://www.target.com/page.php?id=1") --data=DATA POST data (e.g. "query=test") --cookie=COOKIE HTTP Cookie header value --user-agent=UA HTTP User-Agent header value --referer=REFERER HTTP Referer header value --proxy=PROXY HTTP proxy address (e.g. "http://127.0.0.1:8080")

$ python3 dsss.py -u "http://testphp.vulnweb.com/artists.php?artist=1"
Damn Small SQLi Scanner (DSSS) < 100 LoC (Lines of Code) #v0.3a
 by: Miroslav Stampar (@stamparm)

  • scanning GET parameter 'artist' (i) GET parameter 'artist' could be error SQLi vulnerable (MySQL) (i) GET parameter 'artist' appears to be blind SQLi vulnerable (e.g.: 'http://t estphp.vulnweb.com/artists.php?artist=1%20AND%2061%3E60')

scan results: possible vulnerabilities found

Requirements

Python version 3.x is required for running this program.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.