#/usr/bin/env ruby require 'net/http'def web_count(server_ip,variable)

1. #/usr/bin/env ruby
2.  
3. require 'net/http'
4.  
5.  
6. def web_count(server_ip,variable)
7. file = File.new("website.txt","w")
8. (0..6).each do |pages|
9. req = Net::HTTP.get_response(URI.parse("http://www.bing.com/search?q=ip%3a#{server_ip}+%22.php%3f#{variable}%3d%22&go=&filt=all&first=#{pages*10 + 1}&FORM=PERE1")) #get the request
10. bodys = req.body
11. my_array = bodys.split('"') # split the text
12. my_array.each do |words|
13. if words.scan(".php?#{variable}=").size > 0 then #scan for the .php?id=
14. if words.scan("http://").size > 0 then
15. file.puts words
16. end
17. end
18. end
19. end
20. file.close
21. end
22. def check_sql()
23. file = File.open("website.txt","r")
24. file.each_line do |x|
25. web_v = x+"'"
26. web_v["\n"]=""
27. sql = Net::HTTP.get_response(URI.parse(web_v))
28. if sql.body.downcase.scan("sql").size > 0 then
29. puts "this web is vulnerable : #{x}"
30. end
31. end
32. end
33.  
34. if ARGV.size .eql?(2) == false
35. puts "\nusage [server ip] [variable] ex: ruby DEV.rb 127.0.0.1 id"
36. else
37. begin
38. puts "#################"
39. puts "# SQL_extractor #"
40. puts "#################"
41. web_count(ARGV[0],ARGV[1])
42. check_sql()
43. rescue
44. puts "can't extract website"
45. end
46. end