chioara3 Posted July 19, 2012 Report Posted July 19, 2012 (edited) Salut, am gasit un SQLi Scanner si am decis sa il impart cu voi.Poate cuiva ii va fii de folos .Ce este SQLi Scanner? - SQLi Scanner este un scanner care cauta site-uri vulnerabile la injectia sql.Puteti seta ce site-uri sa caute(de vanzare, cumparare, etc) si cate sa caute. Voi alegeti .Download : https://rapidshare.com/#!download|537p2|365928145|SEKURITY.WS Scanner.exe|25|0|0Virus Total : https://www.virustotal.com/file/64d80ece19df83a2d7d9548e90044d0a49937d5568eb5f7d6cd7436071ff4add/analysis///Edit : Dorks : inurl:mypage.php?id=inurl:index.php?id=inurl:trainers.php?id=inurl:buy.php?category=inurl:article.php?ID=inurl:play_old.php?id=inurl:declaration_more.php?decl_id=inurl:Pageid=inurl:games.php?id=inurl:page.php?file=inurl:newsDetail.php?id=inurl:gallery.php?id=inurl:article.php?id=inurl:show.php?id=inurl:staff_id=inurl:newsitem.php?num=inurl:readnews.php?id=inurl:top10.php?cat=inurl:historialeer.php?num=inurl:reagir.php?num=inurl:forum_bds.php?num=inurl:game.php?id=inurl:view_product.php?id=inurl:newsone.php?id=inurl:sw_comment.php?id=inurl:news.php?id=inurl:avd_start.php?avd=inurl:event.php?id=inurl:product-item.php?id=inurl:sql.php?id=inurl:news_view.php?id=inurl:select_biblio.php?id=inurl:humor.php?id=inurl:aboutbook.php?id=inurl:fiche_spectacle.php?id=inurl:communique_detail.php?id=inurl:sem.php3?id=inurl:kategorie.php4?id=inurl:news.php?id=inurl:index.php?id=inurl:faq2.php?id=inurl:show_an.php?id=inurl:preview.php?id=inurl:loadpsb.php?id=inurl:opinions.php?id=inurl:spr.php?id=inurl:pages.php?id=inurl:announce.php?id=inurl:clanek.php4?id=inurl:participant.php?id=inurl:download.php?id=inurl:main.php?id=inurl:review.php?id=inurl:chappies.php?id=inurl:read.php?id=inurl:prod_detail.php?id=inurl:viewphoto.php?id=inurl:article.php?id=inurl:person.php?id=inurl:productinfo.php?id=inurl:showimg.php?id=inurl:view.php?id=inurl:website.php?id=inurl:hosting_info.php?id=inurl:gallery.php?id=inurl:rub.php?idr=inurl:view_faq.php?id=inurl:artikelinfo.php?id=inurl:detail.php?ID=inurl:index.php?=inurl:profile_view.php?id=inurl:category.php?id=inurl:publications.php?id=inurl:fellows.php?id=inurl:downloads_info.php?id=inurl:prod_info.php?id=inurl:shop.php?do=part&id=inurl:Productinfo.php?id=inurl:collectionitem.php?id=inurl:band_info.php?id=inurl:product.php?id=inurl:releases.php?id=inurl:ray.php?id=inurl:produit.php?id=inurl:pop.php?id=inurl:shopping.php?id=inurl:productdetail.php?id=inurl:post.php?id=inurl:viewshowdetail.php?id=inurl:clubpage.php?id=inurl:memberInfo.php?id=inurl:section.php?id=inurl:theme.php?id=inurl:page.php?id=inurl:shredder-categories.php?id=inurl:tradeCategory.php?id=inurl:product_ranges_view.php?ID=inurl:shop_category.php?id=inurl:transcript.php?id=inurl:channel_id=inurl:item_id=inurl:newsid=inurl:trainers.php?id=inurl:news-full.php?id=inurl:news_display.php?getid=inurl:index2.php?option=inurl:readnews.php?id=inurl:top10.php?cat=inurl:newsone.php?id=inurl:event.php?id=inurl:product-item.php?id=inurl:sql.php?id=inurl:aboutbook.php?id=inurl:review.php?id=inurl:loadpsb.php?id=inurl:ages.php?id=inurl:material.php?id=inurl:clanek.php4?id=inurl:announce.php?id=inurl:chappies.php?id=inurl:read.php?id=inurl:viewapp.php?id=inurl:viewphoto.php?id=inurl:rub.php?idr=inurl:galeri_info.php?l=inurl:review.php?id=inurl:iniziativa.php?in=inurl:curriculum.php?id=inurl:labels.php?id=inurl:story.php?id=inurl:look.php?ID=inurl:newsone.php?id=inurl:aboutbook.php?id=inurl:material.php?id=inurl:opinions.php?id=inurl:announce.php?id=inurl:rub.php?idr=inurl:galeri_info.php?l=inurl:tekst.php?idt=inurl:newscat.php?id=inurl:newsticker_info.php?idn=inurl:rubrika.php?idr=inurl:rubp.php?idr=inurl:offer.php?idf=inurl:art.php?idm=inurl:title.php?id=inurl:"id=" & intext:"Warning: mysql_fetch_assoc()inurl:"id=" & intext:"Warning: mysql_fetch_array()inurl:"id=" & intext:"Warning: mysql_num_rows()inurl:"id=" & intext:"Warning: session_start()inurl:"id=" & intext:"Warning: getimagesize()inurl:"id=" & intext:"Warning: is_writable()inurl:"id=" & intext:"Warning: getimagesize()inurl:"id=" & intext:"Warning: Unknown()inurl:"id=" & intext:"Warning: session_start()inurl:"id=" & intext:"Warning: mysql_result()inurl:"id=" & intext:"Warning: pg_exec()inurl:"id=" & intext:"Warning: mysql_result()inurl:"id=" & intext:"Warning: mysql_num_rows()inurl:"id=" & intext:"Warning: mysql_query()inurl:"id=" & intext:"Warning: array_merge()inurl:"id=" & intext:"Warning: preg_match()inurl:"id=" & intext:"Warning: ilesize()inurl:"id=" & intext:"Warning: filesize()inurl:"id=" & intext:"Warning: filesize()inurl:"id=" & intext:"Warning: require()Cum se foloseste? Intrati in CMD, click dreapta pe SEKURITY.WS Scanner si il bagati in cmd.Pe urma, salvati dorks-urile de mai sus intr-un format .txt si le bagati dupa ce ati bagat SEKURITY.WS Scanner in cmd.La amount of pages to search per dork voi alegeti. Enter pe urma.La domain dati enter.La keyword iar enter.La scan timeout de preferat 5000.Pe urma el va cauta siteurile vulnerabile la SQLi si le va salva pe desktop intr-un format .txt.Sper ca am fost de folos.Daca va place +1 rep.Salut, chioara3.//Edit : Imi cer scuze ca v-am indus in eroare si ca nu am bagat dorks-urile, cum se foloseste programul si am creeat neplaceri. Edited July 20, 2012 by chioara3 Quote
chioara3 Posted July 20, 2012 Author Report Posted July 20, 2012 nu imi merge..Ti se pare... mie imi merge bine Quote
raze Posted September 30, 2012 Report Posted September 30, 2012 nici mie nu mi-a mers. in fisierul .txt de pe desktop in care ar trebui sa fie afisate siteurile vulnerabile la SQLi, nu imi apar. Quote
Kay97 Posted October 11, 2012 Report Posted October 11, 2012 nici mie nu mi-a mers. in fisierul .txt de pe desktop in care ar trebui sa fie afisate siteurile vulnerabile la SQLi, nu imi apar.la sfarsit ,cand termina de scanat,se deschide automat fisierul .txt cu siteurile vulnerabile Quote
rohaxx0r Posted October 12, 2012 Report Posted October 12, 2012 Havij cred ca face acelasi lucru dupa cate stiu eu... Quote
SticKyWoX Posted October 12, 2012 Report Posted October 12, 2012 Havij cred ca face acelasi lucru dupa cate stiu eu...Havij nu e scanner, e exploiter.Programul asta scaneaza dupa site-uri vulnerabile la SQLi, pe cand Havijul le exploateaza. Quote
dark87 Posted October 12, 2012 Report Posted October 12, 2012 (edited) Anubis - Analysis Reporthttp://www.threatexpert.com/report.aspx?md5=774ead380dd082f1301fa3e2243e85eeEu l-as rula intr-o masina virtuala Edited October 12, 2012 by dark87 Quote
Benz Posted October 19, 2012 Report Posted October 19, 2012 One simple thing i don't get it: De ce nu-mi da nici un rezultat ? Mi se deschide .txt-ul de care vorbesti (la sfarsit) si e GOL... Quote
Z.D.O Posted October 19, 2012 Report Posted October 19, 2012 Chiorule, e ceva de capu` la scanerul asta? ca sa nu ma obosesc sa-l iau degeaba. Quote
wdq Posted October 19, 2012 Report Posted October 19, 2012 i`am dat un scan acum sa vad ce poate a ajuns pe la [76/165]Dork: inurl:shop.php?do=part&id=si a ramas asa de vreo 10 minute Quote
duksss Posted October 21, 2012 Report Posted October 21, 2012 acum il testez si eu revin cu un rezultat Quote
lutulik Posted November 13, 2012 Report Posted November 13, 2012 Un echivalent pe linux nu stiti care ar fi? Quote
Htich Posted January 8, 2014 Report Posted January 8, 2014 Poti sa ii faci uploadul in alta parte , site down.Multumesc Quote
bo0gHy Posted January 12, 2014 Report Posted January 12, 2014 Foarte bun programu , mersi mullllttt Quote
xTremeSurfer Posted January 13, 2014 Report Posted January 13, 2014 [Python] Apollo.py - Pastebin.com have fun ! Quote
