FullMSSQLInjectionPWNage.txt#!/usr/bin/perl
use LWP::Simple;
use LWP::UserAgent;
use HTTP::Request;
my $sis="$^O";if ($sis eq 'MSWin32') { system("cls"); } else { system("clear"); }
print "+++++++++++++++++++++++++++++++\n";
print "+ SQL - Google Search +\n";
print "+ CWH Underground +\n";
print "+++++++++++++++++++++++++++++++\n\n";
print "Insert Dork:";
chomp( my $dork = <STDIN> );
print "Total Query Pages (10 Links/Pages) :";
chomp( my $page = <STDIN> );
print "\n[+] Result:\n\n";
for($start = 0;$start != $page*10;$start += 10)
{
$t = "http://www.google.com/search?hl=en&q=".$dork."&btnG=Search&start=".$start;
$ua = LWP::UserAgent->new(agent => 'Mozilla 5.2');
$ua->timeout(10);
$ua->env_proxy;
$response = $ua->get($t);
if ($response->is_success)
{
$c = $response->content;
@stuff = split(/<a href=/,$c);
foreach $line(@stuff)
{
if($line =~/(.*) class=l/ig)
{
$out = $1;
$out =~ s/\"//g;
$out =~s/$/\'/;
$ua = LWP::UserAgent->new(agent => 'Mozilla 5.2');
$ua->timeout(10);
$ua->env_proxy;
$response = $ua->get($out);
$error = $response->content();
if($error =~m/mysql_/ || $error =~m/Division by zero in/ || $error =~m/Warning:/)
{print "$out => Could be Vulnerable in MySQL Injection!!\n";}
elsif($error =~m/Microsoft JET Database/ || $error =~m/ODBC Microsoft Access Driver/)
{print "$out => Could be Vulnerable in MS Access Injection!!\n";}
elsif($error =~m/Microsoft OLE DB Provider for SQL Server/ || $error =~m/Unclosed quotation mark/)
{print "$out => Could be Vulnerable in MSSQL Injection!!\n";}
elsif($error =~m/Microsoft OLE DB Provider for Oracle/)
{print "$out => Could be Vulnerable in Oracle Injection!!\n";}
}
}
}
}
문서중 일부를 발췌 한 것입니다.
GoogleD0rk 검색프로그램 소스입니다. (MSSQL Injection)
저도 만들고 있었는데 한발 늦었군요 ㅡㅡ;;
응용하여 다른 injection 취약점이나 다른 기법 취약점 검색프로그램으로 만들어도 될 것 같습니다.
'[+] 유틸리티' 카테고리의 다른 글
| APP Scan : 웹 어플리케이션 취약점 탐색 프로그램 (4) | 2009.02.10 |
|---|---|
| CyScanner : 싸이월드 방문자 추적기 탐색기 (3) | 2009.02.03 |
| Cygwin : UNIX 에뮬레이터 (0) | 2009.01.29 |
| IP Random 생성 : IP Random generation (0) | 2009.01.29 |
