forked from bahaabdelwahed/killshot
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsqlscan.rb
57 lines (43 loc) · 1.29 KB
/
sqlscan.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
#/usr/bin/ruby -w
require "open-uri"
require "net/http"
require "colorize"
system("cls")
system("clear")
print "
_______ __ _______
| __|.-----.| | __|.----.---.-.-----.
|__ || _ || |__ || __| _ | |
|_______||__ ||__|_______||____|___._|__|__|
|__|
".red
list = ARGV[0]
if (ARGV.length < 1) then
puts "USAGE <./sqlscan.rb sites.txt >"
exit
end
File.open("#{list}","r").each do |target|
payload =["'","/*","/>X"]
e = 1
payload.each do |i|
response = Net::HTTP.get_response(URI.parse("#{target}#{i}"))
if ("400" < response.code) then
print "#{target} "
print " =========== > SQL DETECTED\n\n".red
elsif ("300"<response.code) and (response.code<"400") then
print "#{target}"
print "=============> Redirect"
end
$site = open("#{target}#{i}", 'User-Agent' => 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b8pre) Gecko/20101114 Firefox/4.0b8pre').read
if($site["You have an erro"].nil?) and ($site["SQL"].nil?) and ($site["MYSQL"].nil?)then
puts "#{target}"
puts "Test N : #{e}"
puts"=============== >[*] Not vulnrable\n\n".green
e = e + 1
else
print "#{target} "
print " =========== > [*] SQL DETECTED\n\n".red
break
end
end
end