Skip to content

Instantly share code, notes, and snippets.

@v4p0r

v4p0r/Simples Mass SQLi Scan

Created December 2, 2017 19:17
Show Gist options
  • Save v4p0r/300b01f08be8044fa90ade5f5dd11188 to your computer and use it in GitHub Desktop.
Save v4p0r/300b01f08be8044fa90ade5f5dd11188 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Simples Mass SQLi Scan
#!/usr/bin/perl
# Mass SQLi Scanner
# Coder: v4p0r
# Date: 02 DEZ 2017 - 15:07
# Image: http://prntscr.com/hi6q2m
#
# Greetz: YC - HighTech - EOF Club - Brian - d3m0l1d0r - Cater - Strike - rCent - Tr4xb0y
# Kodo - CrazyDuck - xin0x - MMxM - CriptonKing - b33ck - d3z3n0v3 - c0de_universal - All Friends
use strict;
use warnings;
use WWW::Mechanize;
my ($checkerror_, $testar_site, $site, $printerror);
my (@oracle, @db2, @jdbc, @odbc, @sybase, @mariadb, @mysql, @postgresql, @msacess);
my @errorlist=("ORACLE SQL", "DB2", "JDBC", "ODBC", "SYBASE", "MARIADB", "MYSQL", "POSTGRESQL", "MSACESS");
my @error_oracle = ("ORA-00921: unexpected end of SQL command", "ORA-01756", "ORA-", "Oracle ODBC", "Oracle Error", "Oracle Driver", "Oracle DB2", "error ORA-", "SQL command not properly ended");
my @error_db2 = ("DB2 ODBC", "DB2 error", "DB2 Driver");
my @error_jdbc = ("Error Executing Database Query", "SQLServer JDBC Driver", "JDBC SQL", "JDBC Oracle", "JDBC MySQL", "JDBC error", "JDBC Driver");
my @error_odbc = ("ODBC SQL", "ODBC DB2", "ODBC Driver", "ODBC Error", "ODBC Microsoft Access", "ODBC Oracle", "ODBC Microsoft Access Driver");
my @error_sybase = ("Warning: sybaserror_", "function.sybase", "Sybase result index", "Sybase Error:", "Sybase: Server message:", "sybaserror_", "ODBC Driver");
my @error_mariadb = ("MariaDB server version for the right syntax");
my @error_mysql = ("You have an error in your SQL", "Warning: mysql_", "function.mysql", "MySQL result index", "MySQL Error", "MySQL ODBC", "MySQL Driver", "mysqli.query", "num_rows", "mysql error:","supplied argument is not a valid MySQL result resource", "on MySQL result index", "Error Executing Database Query", "mysql_");
my @error_postgresql = ("Warning: pg_", "PostgreSql Error:", "function.pg", "Supplied argument is not a valid PostgreSQL result", "PostgreSQL query failed: ERROR: parser: parse error", ": pg_");
my @error_msacess = ("Microsoft JET Database", "ADODB.Recordset", "500 - Internal server error", "Microsoft OLE DB Provider", "Unclosed quotes", "ADODB.Command", "ADODB.Field error", "Microsoft VBScript","Microsoft OLE DB Provider for SQL Server", "Unclosed quotation mark", "Microsoft OLE DB Provider for Oracle", "Active Server Pages error", "OLE/DB provider returned message","OLE DB Provider for ODBC", "error \"800a0d5d\"", "error \"800a000d\"", "Unclosed quotation mark after the character string", "SQL Server", "Warning: odbc_");
my @checkerror = (@error_oracle, @error_db2, @error_jdbc, @error_odbc, @error_sybase, @error_mariadb, @error_mysql, @error_postgresql, @error_msacess);
sub checkvulns {
my $testar_site = shift;
my $get_error = join("|", @checkerror);
# verificando se é vuln
if ($testar_site =~ /$get_error/) {
foreach $checkerror_(@checkerror) {
if ($testar_site =~ /$checkerror_/g) {
if (grep( /^$checkerror_$/, @error_oracle)) {
push(@oracle, $checkerror_);
}
if (grep( /^$checkerror_$/, @error_db2)) {
push(@db2, $checkerror_);
}
if (grep( /^$checkerror_$/, @error_jdbc)) {
push(@jdbc, $checkerror_);
}
if (grep( /^$checkerror_$/, @error_odbc)) {
push(@odbc, $checkerror_);
}
if (grep( /^$checkerror_$/, @error_sybase)) {
push(@sybase, $checkerror_);
}
if (grep( /^$checkerror_$/, @error_mariadb)) {
push(@mariadb, $checkerror_);
}
if (grep( /^$checkerror_$/, @error_mysql)) {
push(@mysql, $checkerror_);
}
if (grep( /^$checkerror_$/, @error_postgresql)) {
push(@postgresql, $checkerror_);
}
if (grep( /^$checkerror_$/, @error_msacess)) {
push(@msacess, $checkerror_);
}
}
}
if (@oracle) {
$printerror = $oracle[0];
printerrors($errorlist[0], $printerror);
}
if (@db2) {
$printerror = $db2[0];
printerrors($errorlist[1], $printerror);
}
if (@jdbc) {
$printerror = $jdbc[0];
printerrors($errorlist[2], $printerror);
}
if (@odbc) {
$printerror = $odbc[0];
printerrors($errorlist[3], $printerror);
}
if (@sybase) {
$printerror = $sybase[0];
printerrors($errorlist[4], $printerror);
}
if (@mariadb) {
$printerror = $mariadb[0];
printerrors($errorlist[5], $printerror);
}
if (@mysql) {
$printerror = $mysql[0];
printerrors($errorlist[6], $printerror);
}
if (@postgresql) {
$printerror = $postgresql[0];
printerrors($errorlist[7], $printerror);
}
if (@msacess) {
$printerror = $msacess[8];
printerrors($errorlist[8], $printerror);
}
}
}
sub printerrors {
my ($errorlist, $printerror) = @_;
print "\n[!] TYPE ERROR: [" . $errorlist . "]\n";
print "[!] ERROR: [".$printerror."]\n"."\r";
}
sub req {
my $site = shift;
$site = 'http://'.$site if $site !~/^https?:\/\//;
print "\n[!] SITE: ".$site;
my $req = WWW::Mechanize->new( agent => 'Mozilla 5.0' );
$req->timeout(3);
$req->max_size(1024000);
$req->protocols_allowed( [ 'http', 'https'] );
$req->get($site);
my $testar_site = $req->content;
checkvulns($testar_site)
}
print q{
* ___
/` `'. * * * * *
/ _..---; *
| /__..._/ .--.-. * * *
* |.' e e | ___\_|/____
(_)'--.o.--| | | | Mass SQLi Scanner *
.-( `-' = `-|____| |____| Coder: v4p0r *
/ ( |____ ____| Date: 01 NOV 20 * *
| ( |_ | | __| Gretz: YC - HighTech - All Friends
| '-.--';/'/__ | | ( `| *
| '. \ )"";--`\ / * *
\ ; |--' `;.-' * * *
|`-.__ ..-'--'`;..--'`
* * * * * *
};
print "\n[!] [Insira sua lista]: ";
chomp(my $file = <STDIN>);
open (my $open,'<',$file) || die "\n [Lista nao selecionada]";
my @file = <$open>;
foreach $site(@file) {
req($site);
}
print "\n[!] Finish Scan HOHOHO! Feliz Natal e um Prospero Ano Novo Cambada\n"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment