sqli Checker
[php]
#!/usr/bin/python
# This was written for educational purpose and pentest only. Use it at your own risk.
# Author will be not responsible for any damage!
# !!! Special greetz for my friend sinner_01 !!!
# Toolname : sqliChecker.py
# Coder : baltazar a.k.a b4ltazar < [email protected]>
# Version : 0.1
# Greetz for rsauron and low1z, great python coders
# greetz for d3hydr8, r45c4l, qk, fx0, Soul, MikiSoft, c0ax, b0ne, tek0t and all members of ex darkc0de.com, ljuska.org
#
import os, sys, subprocess, socket, urllib2, re, time
try:
set
except NameError:
from sets import Set as set
def timer():
sec = time.time()
return sec
def logo():
print "\n|---------------------------------------------------------------|"
print "| b4ltazar[@]gmail[dot]com |"
print "| 05/2012 sqliChecker.py v.0.1 |"
print "| b4ltazar.wordpress.com & ljuska.org |"
print "| |"
print "|---------------------------------------------------------------|\n"
if sys.platform == 'linux' or sys.platform == 'linux2':
subprocess.call("clear", shell=True)
logo()
else:
subprocess.call("cls", shell=True)
logo()
timeout = 10
socket.setdefaulttimeout(timeout)
log = "sqlivuln.txt"
logfile = open(log, "a")
urls = []
vuln = []
sqlerrors = {'MySQL': 'error in your SQL syntax',
'MiscError': 'mysql_fetch',
'MiscError2': 'num_rows',
'Oracle': 'ORA-01756',
'JDBC_CFM': 'Error Executing Database Query',
'JDBC_CFM2': 'SQLServer JDBC Driver',
'MSSQL_OLEdb': 'Microsoft OLE DB Provider for SQL Server',
'MSSQL_Uqm': 'Unclosed quotation mark',
'MS-Access_ODBC': 'ODBC Microsoft Access Driver',
'MS-Access_JETdb': 'Microsoft JET Database',
'Error Occurred While Processing Request' : 'Error Occurred While Processing Request',
'Server Error' : 'Server Error',
'Microsoft OLE DB Provider for ODBC Drivers error' : 'Microsoft OLE DB Provider for ODBC Drivers error',
'Invalid Querystring' : 'Invalid Querystring',
'OLE DB Provider for ODBC' : 'OLE DB Provider for ODBC',
'VBScript Runtime' : 'VBScript Runtime',
'ADODB.Field' : 'ADODB.Field',
'BOF or EOF' : 'BOF or EOF',
'ADODB.Command' : 'ADODB.Command',
'JET Database' : 'JET Database',
'mysql_fetch_array()' : 'mysql_fetch_array()',
'Syntax error' : 'Syntax error',
'mysql_numrows()' : 'mysql_numrows()',
'GetArray()' : 'GetArray()',
'FetchRow()' : 'FetchRow()',
'Input string was not in a correct format' : 'Input string was not in a correct format'}
if len(sys.argv) != 2:
print "[+] Usage: python sqliChecker.py <FILE>"
print "[+] Please visit ljuska.org & b4ltazar.wordpress.com"
print "[!] Exiting, thanks for using script"
sys.exit(1)
checklist = sys.argv[1]
starttimer = timer()
try:
check = open(checklist, "r")
checkline = check.readlines()
print "[!] You have",len(checkline),"links to check\n"
except(IOError):
print "[-] Error, check your path or file name!"
print "[+] Please visit ljuska.org & b4ltazar.wordpress.com"
print "[!] Exiting, thanks for using script"
sys.exit(1)
for url in checkline:
url = url.replace("\n", "")
url = url.rsplit('=', 1)[0]+"="
url = url+"'"
urls.append(url)
def classicINJ(url):
num = 1
for url in urls:
try:
source = urllib2.urlopen(url).read()
for type,eMSG in sqlerrors.items():
if re.search(eMSG, source):
print num,"/",len(urls), "w00t!,w00t!:", url, "Error:", type, " ---> SQL Injection Found"
vuln.append(url)
else:
pass
except:
pass
num += 1
if __name__ == "__main__":
classicINJ(url)
print "\n[!] There is %s vulnerable sites to SQL Injection" % len(vuln)
vulnerable = list(set(vuln))
print "[+] Without duplicates we have %s vulnerable sites to SQL Injection" % len(vulnerable)
for v in vulnerable:
logfile.write("\n"+v)
endtimer = timer()
print "\n[+] Time used for checking :", int(((endtimer-starttimer) / 60)), "minutes"
print "[+] Average time per link is :", int(((endtimer-starttimer) / float(len(checkline)))), "seconds"
print "[+] Please visit ljuska.org & b4ltazar.wordpress.com"
[/php]
[php]
#!/usr/bin/python
# This was written for educational purpose and pentest only. Use it at your own risk.
# Author will be not responsible for any damage!
# !!! Special greetz for my friend sinner_01 !!!
# Toolname : sqliChecker.py
# Coder : baltazar a.k.a b4ltazar < [email protected]>
# Version : 0.1
# Greetz for rsauron and low1z, great python coders
# greetz for d3hydr8, r45c4l, qk, fx0, Soul, MikiSoft, c0ax, b0ne, tek0t and all members of ex darkc0de.com, ljuska.org
#
import os, sys, subprocess, socket, urllib2, re, time
try:
set
except NameError:
from sets import Set as set
def timer():
sec = time.time()
return sec
def logo():
print "\n|---------------------------------------------------------------|"
print "| b4ltazar[@]gmail[dot]com |"
print "| 05/2012 sqliChecker.py v.0.1 |"
print "| b4ltazar.wordpress.com & ljuska.org |"
print "| |"
print "|---------------------------------------------------------------|\n"
if sys.platform == 'linux' or sys.platform == 'linux2':
subprocess.call("clear", shell=True)
logo()
else:
subprocess.call("cls", shell=True)
logo()
timeout = 10
socket.setdefaulttimeout(timeout)
log = "sqlivuln.txt"
logfile = open(log, "a")
urls = []
vuln = []
sqlerrors = {'MySQL': 'error in your SQL syntax',
'MiscError': 'mysql_fetch',
'MiscError2': 'num_rows',
'Oracle': 'ORA-01756',
'JDBC_CFM': 'Error Executing Database Query',
'JDBC_CFM2': 'SQLServer JDBC Driver',
'MSSQL_OLEdb': 'Microsoft OLE DB Provider for SQL Server',
'MSSQL_Uqm': 'Unclosed quotation mark',
'MS-Access_ODBC': 'ODBC Microsoft Access Driver',
'MS-Access_JETdb': 'Microsoft JET Database',
'Error Occurred While Processing Request' : 'Error Occurred While Processing Request',
'Server Error' : 'Server Error',
'Microsoft OLE DB Provider for ODBC Drivers error' : 'Microsoft OLE DB Provider for ODBC Drivers error',
'Invalid Querystring' : 'Invalid Querystring',
'OLE DB Provider for ODBC' : 'OLE DB Provider for ODBC',
'VBScript Runtime' : 'VBScript Runtime',
'ADODB.Field' : 'ADODB.Field',
'BOF or EOF' : 'BOF or EOF',
'ADODB.Command' : 'ADODB.Command',
'JET Database' : 'JET Database',
'mysql_fetch_array()' : 'mysql_fetch_array()',
'Syntax error' : 'Syntax error',
'mysql_numrows()' : 'mysql_numrows()',
'GetArray()' : 'GetArray()',
'FetchRow()' : 'FetchRow()',
'Input string was not in a correct format' : 'Input string was not in a correct format'}
if len(sys.argv) != 2:
print "[+] Usage: python sqliChecker.py <FILE>"
print "[+] Please visit ljuska.org & b4ltazar.wordpress.com"
print "[!] Exiting, thanks for using script"
sys.exit(1)
checklist = sys.argv[1]
starttimer = timer()
try:
check = open(checklist, "r")
checkline = check.readlines()
print "[!] You have",len(checkline),"links to check\n"
except(IOError):
print "[-] Error, check your path or file name!"
print "[+] Please visit ljuska.org & b4ltazar.wordpress.com"
print "[!] Exiting, thanks for using script"
sys.exit(1)
for url in checkline:
url = url.replace("\n", "")
url = url.rsplit('=', 1)[0]+"="
url = url+"'"
urls.append(url)
def classicINJ(url):
num = 1
for url in urls:
try:
source = urllib2.urlopen(url).read()
for type,eMSG in sqlerrors.items():
if re.search(eMSG, source):
print num,"/",len(urls), "w00t!,w00t!:", url, "Error:", type, " ---> SQL Injection Found"
vuln.append(url)
else:
pass
except:
pass
num += 1
if __name__ == "__main__":
classicINJ(url)
print "\n[!] There is %s vulnerable sites to SQL Injection" % len(vuln)
vulnerable = list(set(vuln))
print "[+] Without duplicates we have %s vulnerable sites to SQL Injection" % len(vulnerable)
for v in vulnerable:
logfile.write("\n"+v)
endtimer = timer()
print "\n[+] Time used for checking :", int(((endtimer-starttimer) / 60)), "minutes"
print "[+] Average time per link is :", int(((endtimer-starttimer) / float(len(checkline)))), "seconds"
print "[+] Please visit ljuska.org & b4ltazar.wordpress.com"
[/php]