-
Notifications
You must be signed in to change notification settings - Fork 2
/
main.py
76 lines (64 loc) · 2.81 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
#!/usr/bin/python2
"""Declaring colors"""
colors = {
'FAIL': '\033[91m',
'BOLD': '\033[1m',
'OKGREEN': '\033[92m'
}
try:
from googlesearch.googlesearch import GoogleSearch
except ImportError, e:
print '{}{}[!] google-search not found ~[#] {}'.format(colors['BOLD'], colors['FAIL'], e)
try:
import requests
except ImportError, e:
print '{}{}[!] requests not found ~[#] {}'.format(colors['BOLD'], colors['FAIL'], e)
import argparse
class InjectFinder:
def __init__(self, dork, num_results):
self.dork = dork
self.num_results = num_results
self.logo()
self.seacrh()
def seacrh(self):
response = GoogleSearch().search(self.dork, self.num_results)
for result in response.results:
url = result.url
self.validator(url)
def validator(self, url):
check = "'"
print 'Testing %s' % (url)
checker = requests.post(url + check)
if "MySQL" in checker.text:
print "{}[*] SQL iNjection Found > Database type: MySQL {}".format(colors['OKGREEN'], colors['BOLD'])
elif "native client" in checker.text:
print "{}[*] SQL iNjection Found > Database type: MSSQL {}".format(colors['OKGREEN'], colors['BOLD'])
elif "syntax error" in checker.text:
print "{}[*] SQL iNjection Found > Database type: PostGRES {}".format(colors['OKGREEN'], colors['BOLD'])
elif "ORA" in checker.text:
print "{}[*] SQL iNjection Found > Database type: Oracle {}".format(colors['OKGREEN'], colors['BOLD'])
elif "MariaDB" in checker.text:
print "{}[*] SQL iNjection Found > Database type: MariaDB {}".format(colors['OKGREEN'], colors['BOLD'])
elif "You have an error in your SQL syntax;" in checker.text:
print "{}[*] SQL iNjection Found > Database type: None !".format(colors['FAIL'], colors['BOLD'])
else:
print "[!] Oops SQL iNjection Not Found !".format(colors['FAIL'], colors['BOLD'])
def logo(self):
print """{}{}
__ ____ __ _____ _ ___ _ _
/ _\ /___ \/ / \_ \_ __ (_) / __(_)_ __ __| | ___ _ __
\ \ // / / / / /\/ '_ \ | |/ _\ | | '_ \ / _` |/ _ \ '__|
_\ \/ \_/ / /___/\/ /_ | | | || / / | | | | | (_| | __/ |
\__/\___,_\____/\____/ |_| |_|/ \/ |_|_| |_|\__,_|\___|_|
|__/
""".format(colors['BOLD'], colors['FAIL'])
def main():
parser = argparse.ArgumentParser()
parser.add_argument('dork', help='ex: inurl:".php?id="')
parser.add_argument('result_count', type=int)
args = parser.parse_args()
"""Start Search"""
print '{}[*]Starting Query...\n'.format(colors['FAIL'])
InjectFinder(args.dork, args.result_count)
if __name__ == '__main__':
main()