sqliChecker.py

python

python sqliChecker.py FILE_NAME

 

#!/usr/bin/python
# This was written for educational purpose and pentest only. Use it at your own risk.
# Author will be not responsible for any damage!
# !!! Special greetz for my friend sinner_01 !!!
# Toolname        : sqliChecker.py
# Coder           : baltazar a.k.a b4ltazar < b4ltazar@gmail.com>
# Version         : 0.1
# Greetz for rsauron and low1z, great python coders
# greetz for d3hydr8, r45c4l, qk, fx0, Soul, MikiSoft, c0ax, b0ne, tek0t and all members of ex darkc0de.com, ljuska.org
#

import os
import sys
import subprocess
import socket
import urllib2
import re
import time

try:
    set
except NameError:
    from sets import Set as set


def timer():
    sec = time.time()
    return sec


def logo():
    print "\n|---------------------------------------------------------------|"
        print "| b4ltazar[@]gmail[dot]com                                      |"
        print "|   05/2012     sqliChecker.py v.0.1                            |"
        print "| b4ltazar.wordpress.com     &      ljuska.org                  |"
        print "|                                                               |"
        print "|---------------------------------------------------------------|\n"


if sys.platform == 'linux' or sys.platform == 'linux2':
    subprocess.call("clear", shell=True)
    logo()
else:
    subprocess.call("cls", shell=True)
    logo()

timeout = 10
socket.setdefaulttimeout(timeout)
log = "sqlivuln.txt"
logfile = open(log, "a")
urls = []
vuln = []

sqlerrors = {'MySQL': 'error in your SQL syntax',
             'MiscError': 'mysql_fetch',
             'MiscError2': 'num_rows',
             'Oracle': 'ORA-01756',
             'JDBC_CFM': 'Error Executing Database Query',
             'JDBC_CFM2': 'SQLServer JDBC Driver',
             'MSSQL_OLEdb': 'Microsoft OLE DB Provider for SQL Server',
             'MSSQL_Uqm': 'Unclosed quotation mark',
             'MS-Access_ODBC': 'ODBC Microsoft Access Driver',
             'MS-Access_JETdb': 'Microsoft JET Database',
             'Error Occurred While Processing Request': 'Error Occurred While Processing Request',
             'Server Error': 'Server Error',
             'Microsoft OLE DB Provider for ODBC Drivers error': 'Microsoft OLE DB Provider for ODBC Drivers error',
             'Invalid Querystring': 'Invalid Querystring',
             'OLE DB Provider for ODBC': 'OLE DB Provider for ODBC',
             'VBScript Runtime': 'VBScript Runtime',
             'ADODB.Field': 'ADODB.Field',
             'BOF or EOF': 'BOF or EOF',
             'ADODB.Command': 'ADODB.Command',
             'JET Database': 'JET Database',
             'mysql_fetch_array()': 'mysql_fetch_array()',
             'Syntax error': 'Syntax error',
             'mysql_numrows()': 'mysql_numrows()',
             'GetArray()': 'GetArray()',
             'FetchRow()': 'FetchRow()',
             'Input string was not in a correct format': 'Input string was not in a correct format'}


if len(sys.argv) != 2:
    print "[+] Usage: python sqliChecker.py "
    print "[+] Please visit ljuska.org & b4ltazar.wordpress.com"
    print "[!] Exiting, thanks for using script"
    sys.exit(1)

checklist = sys.argv[1]
starttimer = timer()

try:
    check = open(checklist, "r")
    checkline = check.readlines()
    print "[!] You have", len(checkline), "links to check\n"
except(IOError):
    print "[-] Error, check your path or file name!"
    print "[+] Please visit ljuska.org & b4ltazar.wordpress.com"
    print "[!] Exiting, thanks for using script"
    sys.exit(1)

for url in checkline:
    url = url.replace("\n", "")
    url = url.rsplit('=', 1)[0] + "="
    url = url + "'"
    urls.append(url)


def classicINJ(url):
    num = 1
    for url in urls:
        try:
            source = urllib2.urlopen(url).read()
            for type, eMSG in sqlerrors.items():
                if re.search(eMSG, source):
                    print num, "/", len(urls), "w00t!,w00t!:", url, "Error:", type, " ---> SQL Injection Found"
                    vuln.append(url)
                else:
                    pass
        except:
            pass

        num += 1


if __name__ == "__main__":
    classicINJ(url)
    print "\n[!] There is %s vulnerable sites to SQL Injection" % len(vuln)
    vulnerable = list(set(vuln))
    print "[+] Without duplicates we have %s vulnerable sites to SQL Injection" % len(vulnerable)
    for v in vulnerable:
        logfile.write("\n" + v)

    endtimer = timer()
    print "\n[+] Time used for checking :", int(((endtimer - starttimer) / 60)), "minutes"
    print "[+] Average time per link is :", int(((endtimer - starttimer) / float(len(checkline)))), "seconds"
    print "[+] Please visit ljuska.org & b4ltazar.wordpress.com"

 
Copyright : b4ltazar
Beautified with Atom

Share on FacebookTweet about this on TwitterPin on PinterestShare on Google+
Rbcafe © 2004- | Rb Cafe 1.3 | Contact Rbcafe | Rbcafe on Twitter | Rbcafe on Facebook | Privacy Policy