Advertisement
Guest User

I.C.S.G Multi Sql Injection Vulenarability Scanner [Perl]

a guest
Jul 29th, 2015
372
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 4.65 KB | None | 0 0
  1. #!/usr/bin/perl
  2. use LWP::Simple;
  3. $usage = "\nperl $0 <listsql.txt>\nExample : perl $0 listsql.txt\n";
  4. die "$usage" unless $ARGV[0];
  5. $file="$ARGV[0]";
  6. ###################################################################################################
  7. #I.C.S.G Multi Sql Injection Vulenarability Scanner                                               #
  8. #                                                                                                 #
  9. #Coded By WH!T3 W01F                                                                              #
  10. #                                                                                                 #
  11. #Iran Cyber Security Group                                                                        #
  12. #                                                                                                 #
  13. #Iran-Cyber.Org                                                                                   #
  14. #                                                                                                 #
  15. #Spc Tnx: root3r | MOHAMAD-NOFOZI | KamraN HellisH | JOK3R | Pi.Hack                              #
  16. #                                                                                                 #
  17. #Put Sites List That You Want To Scan Them In A .txt File Then Give It To Script When Running It  #
  18. #                                                                                                 #
  19. #Usage : perl file.pl siteslist.txt                                                               #
  20. ###################################################################################################
  21. print q {
  22.  _____                          _____      _                   ____
  23. |_   _|                        / ____|    | |                 / __ \
  24.   | |  _ __ __ _ _ __  ______ | |    _   _| |__   ___ _ __   | |  | |_ __ __ _
  25.   | | | '__/ _` | '_ \|______|| |   | | | | '_ \ / _ \ '__|  | |  | | '__/ _` |
  26.  | |_| | | (_| | | | |       | |___| |_| | |_) |  __/ |  _  | |__| | | | (_| |
  27. |_____|_|  \__,_|_| |_|        \_____\__, |_.__/ \___|_| (_)  \____/|_|  \__, |
  28.                                      __/ |                                _/ |
  29.                                     |___/                               |___/
  30.  
  31. };
  32. sleep(2);
  33. print "\n";
  34. print "\t+=============================================================+\n";
  35. print "\t|     I.C.S.G Multi Sql Injection Vulenarability Scanner      |\n";
  36. print "\t|                     Author: WH!T3 W01F                      |\n";
  37. print "\t|                       Iran-Cyber.Org                        |\n";
  38. print "\t| Spc Tnx: root3r|MOHAMAD-NOFOZI|KamraN HellisH|JOK3R|Pi.Hack |\n";
  39. print "\t+=============================================================+\n";
  40. print "\n\n";
  41. print "\tScanning ... (Vulnerable Sites Will Save In vulns.txt)\n\n";
  42. open("list","<$file") or die "Can't Open Sites List : $!";
  43. while(<list>){
  44. chomp($_);
  45. $site=$_;
  46. if ($site =~ /http:|https:/) {
  47. $get=get "$site";
  48. if ($get =~ /Warning: mysql_fetch_array()|Warning: mysql_query(): |Warning: mysql_query(): Access denied for user|You have an error in your SQL syntax;|Warning: mysql_fetch_array|supplied argument is not a valid MySQL result resource in|There was an error querying the database.|Warning: mysql_fetch_row():|Division by zero in|Call to a member function|Microsoft JET Database|Microsoft OLE DB Provider for SQL Server|Unclosed quotation mark|Microsoft OLE DB Provider for Oracle|Incorrect syntax near|SQL query failed|mysql_fetch_object()|argument is not a valid MySQL|Syntax error|Fatal error|mysql_num_rows()|execute query|mysql_num_rows()|mysql_error|error/) {
  49. print "$site => Is Vulnerable\n";
  50. open("vulns",">>vulns.txt") or die "Can't Write To File : $!";
  51. print vulns "$site\n";
  52. }
  53. } else {
  54. $site2='http://' . $site;
  55. $get2=get "$site2";
  56. if ($get2 =~ /Warning: mysql_fetch_array()|Warning: mysql_query(): |Warning: mysql_query(): Access denied for user|You have an error in your SQL syntax;|Warning: mysql_fetch_array|supplied argument is not a valid MySQL result resource in|There was an error querying the database.|Warning: mysql_fetch_row():|Division by zero in|Call to a member function|Microsoft JET Database|Microsoft OLE DB Provider for SQL Server|Unclosed quotation mark|Microsoft OLE DB Provider for Oracle|Incorrect syntax near|SQL query failed|mysql_fetch_object()|argument is not a valid MySQL|Syntax error|Fatal error|mysql_num_rows()|execute query|mysql_num_rows()|mysql_error|error/) {
  57. print "$site2 => Is Vulnerable\n";
  58. open("vulns",">>vulns.txt") or die "Can't Write To File : $!";
  59. print vulns "$site\n";
  60. }
  61. }
  62. }
  63. print "################################################\n\n";
  64. print "Finished.Vulnerable Links Saved In vulns.txt ;)\n\n";
  65. print "Don't Forget To Visit Iran-Cyber.Org ;)\n\n";
  66. close("vulns");
  67. close("list");
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement