|
| 1 | +#!/usr/bin/python3 |
| 2 | + |
| 3 | +import sys |
| 4 | +import re |
| 5 | + |
| 6 | +# the error contans for sql injection vulnerable |
| 7 | +errors = {'MySQL': 'error in your SQL syntax', |
| 8 | + 'MiscError': 'mysql_fetch', |
| 9 | + 'MiscError2': 'num_rows', |
| 10 | + 'Oracle': 'ORA-01756', |
| 11 | + 'JDBC_CFM': 'Error Executing Database Query', |
| 12 | + 'JDBC_CFM2': 'SQLServer JDBC Driver', |
| 13 | + 'MSSQL_OLEdb': 'Microsoft OLE DB Provider for SQL Server', |
| 14 | + 'MSSQL_Uqm': 'Unclosed quotation mark', |
| 15 | + 'MS-Access_ODBC': 'ODBC Microsoft Access Driver', |
| 16 | + 'MS-Access_JETdb': 'Microsoft JET Database', |
| 17 | + 'Error Occurred While Processing Request' : 'Error Occurred While Processing Request', |
| 18 | + 'Server Error' : 'Server Error', |
| 19 | + 'Microsoft OLE DB Provider for ODBC Drivers error' : 'Microsoft OLE DB Provider for ODBC Drivers error', |
| 20 | + 'Invalid Querystring' : 'Invalid Querystring', |
| 21 | + 'OLE DB Provider for ODBC' : 'OLE DB Provider for ODBC', |
| 22 | + 'VBScript Runtime' : 'VBScript Runtime', |
| 23 | + 'ADODB.Field' : 'ADODB.Field', |
| 24 | + 'BOF or EOF' : 'BOF or EOF', |
| 25 | + 'ADODB.Command' : 'ADODB.Command', |
| 26 | + 'JET Database' : 'JET Database', |
| 27 | + 'mysql_fetch_array()' : 'mysql_fetch_array()', |
| 28 | + 'Syntax error' : 'Syntax error', |
| 29 | + 'mysql_numrows()' : 'mysql_numrows()', |
| 30 | + 'GetArray()' : 'GetArray()', |
| 31 | + 'FetchRow()' : 'FetchRow()', |
| 32 | + 'Input string was not in a correct format' : 'Input string was not in a correct format', |
| 33 | + 'Not found' : 'Not found'} |
| 34 | + |
| 35 | + |
| 36 | +try: |
| 37 | + import requests |
| 38 | + import googlesearch |
| 39 | + # the function to exploit the google hacking databases |
| 40 | + def Exploit(dork,total_page): |
| 41 | + # this require google search engine |
| 42 | + user_agent = {"User-agent":"Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"} |
| 43 | + |
| 44 | + Total_page = int(total_page) |
| 45 | + |
| 46 | + for b in googlesearch.search(dork, num=Total_page): |
| 47 | + web = b+"'" # add ' to end the result url. to check if website is vuln by SQL Injection |
| 48 | + # using requests |
| 49 | + r = requests.get(web, headers=user_agent) |
| 50 | + webs = r.text |
| 51 | + # return errors dictionary to find the error problem matches |
| 52 | + for Type, ErrorMessage in errors.items(): |
| 53 | + if re.search(ErrorMessage, webs): |
| 54 | + # append the list of vulnerability website to result |
| 55 | + print(" 033円[41m033円[30mVULN033円[40m033円[37m {0}\n Vulnerability Type: 033円[31m{1}".format(b,Type)) |
| 56 | + |
| 57 | + # doing the while input |
| 58 | + while True: |
| 59 | + # going to ask your dork |
| 60 | + dork = input("[?] dork: [inurl:cart.php?id=] ") |
| 61 | + total_page = input("[?] total page : ") |
| 62 | + |
| 63 | + # if you input the empty dork. this will set the default dork as 'inurl:products.php?id=' |
| 64 | + if not dork: |
| 65 | + Exploit(dork = "inurl:cart.php?id=", |
| 66 | + total_page = total_page) |
| 67 | + else: |
| 68 | + Exploit(dork = dork,total_page = total_page) |
| 69 | + |
| 70 | +except ImportError: |
| 71 | + # this error will display on your terminal if you havent |
| 72 | + # installed the google module |
| 73 | + print("[!] You havent installed the required modules!\n[+] to install that packages. run 'pip3 install -r requirements.txt' on your terminal\n") |
| 74 | + sys.exit() |
| 75 | +except KeyboardInterrupt: |
| 76 | + sys.exit() |
0 commit comments