Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl -w
- use strict;
- use warnings;
- use File::Find;
- my @Files = getFiles("/home/ip-sh0k/Dokumente/perl/");
- my @Vars = getVariables(@Files);
- my @SQL = getSQLStatements(@Files);
- getInjections(\@Vars, \@SQL);
- sub readFile
- {
- my $file = shift;
- if(!(-e $file))
- {
- return -1;
- }
- open FILE, $file or die $!;
- my @lines = <FILE>;
- return @lines;
- }
- sub getFiles
- {
- my $dir = shift;
- my (@tmp, @files);
- find sub{ push @tmp, $File::Find::name }, $dir;
- for(my $i = 0, my $x = 0; $i < @tmp; $i++)
- {
- if($tmp[$i] =~ /\.(php|pl)/i)
- {
- push(@files, $tmp[$i]);
- }
- }
- return @files;
- }
- sub getSQLStatements
- {
- my @files = @_;
- my @founds; my $founds_count = 0;
- foreach my $file (@files)
- {
- my @content = readFile($file);
- foreach(@content)
- {
- if($_ =~ /(SELECT |INSERT |UPDATE |DELETE |WHERE |AND |OR |DROP |FROM |LIMIT )/i)
- {
- $founds[$founds_count] = $_;
- $founds_count++;
- }
- }
- }
- return @founds;
- }
- #$meinevariable = $_GET['Myget'];
- #$username = $_POST['username'];
- #$password = $_REQUEST['password'];
- #$output = mysql_query("SELECT * FROM meinetabelle WHERE id='".$meinevariable."' AND 1=1");
- #$uname_query = " WHERE username='$username'";
- #$pword_query = " AND password='$password'";
- #$login = mysql_query("INSERT * FROM logins" . $uname_query . $pword_query);
- sub getVariables
- {
- my @files = @_;
- my @founds; my $founds_count = 0;
- foreach my $file (@files)
- {
- my @content = readFile($file);
- foreach(@content)
- {
- if($_ =~ /\$(.*?)=(.*?)\$_(GET|POST|REQUEST|COOKIE)/ig)
- {
- my $var = "\$" . $1;
- $var =~ s/^\s+|\s+$//g;
- $founds[$founds_count] = $var;
- $founds_count++;
- }
- }
- }
- return @founds;
- }
- sub getInjections
- {
- my ($ref1, $ref2) = @_;
- my @Vars = @{$ref1};
- my @Statements = @{$ref2};
- foreach my $statement (@Statements)
- {
- if($statement =~ /\$_(GET|POST|REQUEST|COOKIE)/ig)
- {
- print "Found: GET/POST/REQUEST/COOKIE\nIN: " . $statement . "\n";
- }
- }
- foreach my $var (@Vars)
- {
- foreach my $statement (@Statements)
- {
- if(index($statement, $var) != -1)
- {
- print "Found: " . $var . "\nIN: " . $statement . "\n";
- }
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement