API tools faq
paste
Advertisement
iViiRuS

The Mole sql al qassam edition

iViiRuS
Jun 21st, 2014
619
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 5.72 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python3
  2. # -*- coding: utf-8 -*-
  3. # Sheikh
  4. # The mole v3
  5.  
  6.  
  7. from sys import exit
  8. import getopt, sys
  9. import builtins
  10. import codecs
  11. import signal
  12. import completion
  13.  
  14. import themole
  15. import commands
  16. from outputmanager import OutputManager
  17.  
  18. __version__ = '0.3'
  19.  
  20. def sigint_handler(x, y):
  21.     manager.mole.abort_query()
  22.  
  23. class Manager:
  24.     def __init__(self, opt_map):
  25.         threads = 4
  26.         if 'threads' in opt_map:
  27.             threads = int(opt_map['threads'])
  28.         self.mole = themole.TheMole(threads=threads)
  29.         self.completer = completion.CompletionManager(cmd_manager, self.mole)
  30.         if 'url' in opt_map:
  31.             try:
  32.                 vuln_param = opt_map['vuln_param'] if 'vuln_param' in opt_map else None
  33.                 cmd_manager.find('url').execute(self.mole, [opt_map['url'], vuln_param])
  34.             except commands.CommandException as ex:
  35.                 output_manager.error('Error while setting URL: {0}'.format(ex)).line_break()
  36.                 self.mole.abort_query()
  37.                 exit(1)
  38.         if 'needle' in opt_map:
  39.             cmd_manager.find('needle').execute(self.mole, [opt_map['needle']])
  40.         if 'encoding' in opt_map:
  41.             encoding = opt_map['encoding']
  42.             try:
  43.                 codecs.lookup(encoding)
  44.             except LookupError:
  45.                 output_manager.error('Encoding {0} does not exist.'.format(encoding)).line_break()
  46.                 self.mole.threader.stop()
  47.                 sys.exit(1)
  48.             self.mole.requester.encoding = encoding
  49.  
  50.     def start(self):
  51.         while True:
  52.             try:
  53.                 signal.signal(signal.SIGINT, signal.default_int_handler)
  54.                 try:
  55.                     #line = [i for i in input('#> ').strip().split(' ') if len(i) > 0]
  56.                     line = input('#> ')
  57.                 except KeyboardInterrupt:
  58.                     output_manager.line_break()
  59.                     continue
  60.  
  61.                 cmd_name = line.strip().split(' ')
  62.                 if len(cmd_name) > 0 and len(cmd_name[0]) > 0:
  63.                     cmd = cmd_manager.find(cmd_name[0])
  64.                     if cmd.requires_smart_parse():
  65.                         line = self.completer.smart_parse(line)
  66.                     else:
  67.                         line = self.completer.nice_split(line)
  68.                     signal.signal(signal.SIGINT, sigint_handler)
  69.                     cmd.execute(self.mole, line[1:] if len(line) > 1 else [])
  70.             except commands.CommandException as ex:
  71.                 output_manager.error(str(ex)).line_break()
  72.                 if ex.print_usage:
  73.                     output_manager.normal(' Usage: {0}'.format(cmd.usage(line[0]))).line_break()
  74.             except commands.CmdNotFoundException as ex:
  75.                 output_manager.error('Error: {0}'.format(ex)).line_break()
  76.             except commands.QuietCommandException:
  77.                 pass
  78.             except EOFError:
  79.                 output_manager.line_break()
  80.                 self.mole.abort_query()
  81.                 self.mole.threader.stop()
  82.                 exit(0)
  83.  
  84. def parse_options():
  85.     if '-h' in sys.argv:
  86.         help_()
  87.     options = 'u:n:p:e:t:'
  88.     try:
  89.         args, _ = getopt.getopt(sys.argv[1:], options)
  90.     except getopt.GetoptError as ex:
  91.         print('Invalid parameter({err}).'.format(err=str(ex)))
  92.         exit(1)
  93.     return args
  94.  
  95. def help_():
  96.     print(' Usage ' + sys.argv[0] + ' [PARAMS]\n')
  97.     print(' The mole v{0} - Automatic SQL Injection exploiter.'.format(__version__))
  98.     print(' Run The mole to begin an interactive session\n')
  99.     print(' Params can be:')
  100.     print('   -u URL: The url which contains a sqli vulnerability.')
  101.     print('   -n NEEDLE: The string which is printed on good queries.')
  102.     print('   -t THREADS: The amount of threads to run. Defaults to 4.')
  103.     print('   -e ENCODING: Use ENCODING to decode data retrieved from the server.')
  104.     print('   -p PARAM: Sets the GET vulnerable param(URL must be provided).')
  105.     exit(0)
  106.  
  107. info_string = \
  108. r"""  
  109.   |            
  110.  / \                                                            
  111. /   \                                              
  112. (_____)                                            
  113. |   | +___________________________________+      
  114. |   |     ____________________________    |              
  115. |   | |  |                            |   |                      
  116. |   | |  |                            |   |      
  117. |   | |  |                            | O |    
  118. |   | |  |                            | O |      
  119. |   | |  |____________________________|   |      
  120. |___|    _____________________________________                          
  121.     +--| \ [][][][][][][][][][][][][] [][][]  \
  122.           \ [][][][][][][][][][][][]  [][][]  \
  123.            \ __________________________________\
  124.              ____________________________________|
  125.  
  126. The Mole Sql Injector Al Qassam Edition.
  127.  
  128. Edited by Sheikh, Izz ad din al qassam brigades
  129. """
  130.  
  131. if __name__ == '__main__':
  132.     options = parse_options()
  133.     option_name_mapper = {
  134.         '-u' : 'url',
  135.         '-n' : 'needle',
  136.         '-t' : 'threads',
  137.         '-p' : 'vuln_param',
  138.         '-e' : 'encoding'
  139.     }
  140.     opt_map = {}
  141.     for i in options:
  142.         opt_map[option_name_mapper[i[0]]] = i[1]
  143.  
  144.     print(info_string)
  145.  
  146.     builtins.cmd_manager = commands.CommandManager()
  147.     builtins.manager = Manager(opt_map)
  148.     builtins.output_manager = OutputManager()
  149.     try:
  150.         manager.start()
  151.     except Exception as ex:
  152.         import traceback
  153.         traceback.print_exc(file=sys.stdout)
  154.         output_manager.error('Unexpected error encountered. Please report this bug :D').line_break()
  155.         manager.mole.threader.stop()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!