SQL'i Dork Scanner :)

[Crack-7]

Hey ich hab nen SQLI dork scanner geschrieben, und würde es mal gerne von geschulten augen unter die lupe nehmen lassen.

Was ich wissen möchte.

- Habt ihr Verbesserungsvorschläge?


So und für leute die nicht wissen was ein dork scanner ist.

Ein DorkScanner ist ein Programm, dass einer SuchMaschine einen Code gibt, mit welchem eine sehr hohe chance besteht internetseiten zu finden, welche eine SQLI lücke beinhalten.

Durch eine SQLI lücke ist es möglich zugriff auf die MySQL datenbank zu bekommen.

Ich habe mit dem Tool schon 5 SeitenInhabern eine Lücke Melden können. (Starke lücken)

Hier der Source.

 Spoiler

PHP Code:

#include <ButtonConstants.au3>
#include <ComboConstants.au3>
#include <GUIConstantsEx.au3>
#include <GUIListBox.au3>
#include <StaticConstants.au3>
#include <TabConstants.au3>
#include <WindowsConstants.au3>
#include <WinHttp.au3>
#include <string.au3>
#include <array.au3>
#include<ProgressConstants.au3>
#include <winapi.au3>
GLOBAL $OnlyNumber = 0
GLOBAL $NoGov = 0
GLOBAL $ProgressState = 0
GLOBAL $Checked = 0
GLOBAL $urls = 0
GLOBAL $Stop = 0
If FileExists(@scriptdir&"\DorkScannerSettings.ini") Then
    LoadINI()
EndIf
#Region ### START Koda GUI section ### Form=
$Form1 = GUICreate("DorkScanner By FreehuntX", 578, 422, 380, 173)
$MenuItem1 = GUICtrlCreateMenu("&Menu")
$MenuItem2 = GUICtrlCreateMenuItem("Options",$MenuItem1)
$MenuItem3 = GUICtrlCreateMenuItem("Exit", $MenuItem1)
$MenuItem4 = GUICtrlCreateMenu("&?")
$MenuItem5 = GUICtrlCreateMenuItem("About",$MenuItem4)
$Tab1 = GUICtrlCreateTab(0, 0, 577, 401)
$TabSheet1 = GUICtrlCreateTabItem("DorkScanner")
$Label1 = GUICtrlCreateLabel("Dork:", 8, 32, 30, 17)
$Combo1 = GUICtrlCreateCombo("inurl:*.php?id=", 48, 30, 177, 25, BitOR($CBS_DROPDOWN,$ws_vscroll))
GUICtrlSetData(-1,"inurl:*.php?news=|inurl:*.php?page=|inurl:index.php?id=|inurl:trainers.php?id=|inurl:buy.php?category=|inurl:article.php?ID=|inurl:play_old.php?id=|inurl:declaration_more.php?decl_id=|inurl:Pageid=|inurl:games.php?id=|inurl:page.php?file=|inurl:newsDetail.php?id=|inurl:gallery.php?id=|inurl:article.php?id=|inurl:show.php?id=|inurl:staff_id=|inurl:newsitem.php?num=|inurl:readnews.php?id=|inurl:top10.php?cat=|inurl:historialeer.php?num=|inurl:reagir.php?num=|inurl:forum_bds.php?num=|inurl:game.php?id=|inurl:view_product.php?id=|inurl:newsone.php?id=|inurl:sw_comment.php?id=|inurl:news.php?id=|inurl:avd_start.php?avd=|inurl:event.php?id=|inurl:product-item.php?id=|inurl:sql.php?id=|inurl:news_view.php?id=|inurl:select_biblio.php?id=|inurl:humor.php?id=|inurl:aboutbook.php?id=|inurl:fiche_spectacle.php?id=|inurl:communique_detail.php?id=|inurl:sem.php3?id=|inurl:kategorie.php4?id=|inurl:news.php?id=|inurl:index.php?id=|inurl:faq2.php?id=|inurl:show_an.php?id=|inurl:preview.php?id=|inurl:loadpsb.php?id=|inurl:opinions.php?id=|inurl:spr.php?id=|inurl:pages.php?id=|inurl:announce.php?id=|inurl:clanek.php4?id=|inurl:participant.php?id=|inurl:download.php?id=|inurl:main.php?id=|inurl:review.php?id=|inurl:chappies.php?id=|inurl:read.php?id=|inurl:prod_detail.php?id=|inurl:viewphoto.php?id=|inurl:article.php?id=|inurl:person.php?id=|inurl:productinfo.php?id=|inurl:showimg.php?id=|inurl:view.php?id=|inurl:website.php?id=|inurl:hosting_info.php?id=|inurl:gallery.php?id=|inurl:rub.php?idr=|inurl:view_faq.php?id=|inurl:artikelinfo.php?id=|inurl:detail.php?ID=|inurl:index.php?=|inurl:profile_view.php?id=|inurl:category.php?id=|inurl:publications.php?id=|inurl:fellows.php?id=|inurl:downloads_info.php?id=|inurl:prod_info.php?id=|inurl:shop.php?do=part&id=|inurl:Productinfo.php?id=|inurl:collectionitem.php?id=|inurl:band_info.php?id=|inurl:product.php?id=|inurl:releases.php?id=|inurl:ray.php?id=|inurl:produit.php?id=|inurl:pop.php?id=|inurl:shopping.php?id=|inurl:productdetail.php?id=|inurl:post.php?id=|inurl:viewshowdetail.php?id=|inurl:clubpage.php?id=|inurl:memberInfo.php?id=|inurl:section.php?id=|inurl:theme.php?id=|inurl:page.php?id=|inurl:shredder-categories.php?id=|inurl:tradeCategory.php?id=|inurl:product_ranges_view.php?ID=|inurl:shop_category.php?id=|inurl:transcript.php?id=|inurl:channel_id=|inurl:item_id=|inurl:newsid=|inurl:trainers.php?id=|inurl:news-full.php?id=|inurl:news_display.php?getid=|inurl:index2.php?option=|inurl:readnews.php?id=|inurl:top10.php?cat=|inurl:newsone.php?id=|inurl:event.php?id=|inurl:product-item.php?id=|inurl:sql.php?id=|inurl:aboutbook.php?id=|inurl:review.php?id=|inurl:loadpsb.php?id=|inurl:ages.php?id=|inurl:material.php?id=|inurl:clanek.php4?id=|inurl:announce.php?id=|inurl:chappies.php?id=|inurl:read.php?id=|inurl:viewapp.php?id=|inurl:viewphoto.php?id=|inurl:rub.php?idr=|inurl:galeri_info.php?l=|inurl:review.php?id=|inurl:iniziativa.php?in=|inurl:curriculum.php?id=|inurl:labels.php?id=|inurl:story.php?id=|inurl:look.php?ID=|inurl:newsone.php?id=|inurl:aboutbook.php?id=|inurl:material.php?id=|inurl:opinions.php?id=|inurl:announce.php?id=|inurl:rub.php?idr=|inurl:galeri_info.php?l=|inurl:tekst.php?idt=|inurl:newscat.php?id=|inurl:newsticker_info.php?idn=|inurl:rubrika.php?idr=|inurl:rubp.php?idr=|inurl:offer.php?idf=|inurl:art.php?idm=|inurl:title.php?id=|")
$Label2 = GUICtrlCreateLabel("Results:", 240, 32, 42, 17)
$Combo2 = GUICtrlCreateCombo("50", 288, 30, 65, 25, BitOR($CBS_DROPDOWN,$CBS_AUTOHSCROLL))
GUICtrlSetData(-1,"100|150|200|250|300|350|400|450|500")
$Label3 = GUICtrlCreateLabel("Country:", 368, 32, 43, 17)
$Combo3 = GUICtrlCreateCombo("ALL", 416, 30, 153, 25, BitOR($CBS_DROPDOWN,$ws_vscroll))
Guictrlsetdata(-1,"AD (Andorra)|AE (UAE)|AF (Afghanistan)|AG (Antigua and Barbuda)|AI (Anguilla)|AL (Albania)|AM (Armenia)|AN (Netherlands)|AO (Angola)|AQ (Antarctica)|AR (Argentina)|AS (American Samoa)|AT (Austria)|AU (Australia)|AW (Aruba)|AZ (Azerbaijan)|BA (Bosnia and Herzegovina)|BB (Barbados)|BD (Bangladesh)|BE (Belgium)|BF (Burkina Faso)|BG (Bulgaria)|BH (Bahrain)|BI (Burundi)|BJ (Benin)|BM (Bermuda)|BN (Brunei Darussalam)|BO (Bolivia)|BR (Brazil)|BS (Bahamas)|BT (Bhutan)|BV (Bouvet Island)|BW (Botswana)|BY (Belarus)|BZ (Belize)|CA (Canada)|CC (Cocos)|CF (Central African Republic)|CG (Congo)|CH (Switzerland)|CI (Cote D'Ivoire)|CK (Cook Islands)|CL (Chile)|CM (Cameroon)|CN (China)|CO (Colombia)|COM (US Commercial)|CR (Costa Rica)|CS (Czechoslovakia)|CU (Cuba)|CV (Cape Verde)|CX (Christmas Island)|CY (Cyprus)|CZ (Czech Republic)|DE (Germany)|DJ (Djibouti)|DK (Denmark)|DM (Dominica)|DO (Dominican Republic)|DZ (Algeria)|EC (Ecuador)|EDU (US Educational)|EE (Estonia)|EG (Egypt)|EH (Western Sahara)|ER (Eritrea)|ES (Spain)|ET (Ethiopia)|FI (Finland)|FJ (Fiji)|FK (Falkland)|FM (Micronesia)|FO (Faroe Islands)|FR (France)|FX (France)|GA (Gabon)|GB (Great Britain)|GD (Grenada)|GE (Georgia)|GF (French Guiana)|GH (Ghana)|GI (Gibraltar)|GL (Greenland)|GM (Gambia)|GN (Guinea)|GOV (Government)|GP (Guadeloupe)|GQ (Equatorial Guinea)|GR (Greece)|GS (S.Georgia and S.Sandwich Isls.)|GT (Guatemala)|GU (Guam)|GW (Guinea-Bissau)|GY (Guyana)|HK (Hong Kong)|HM (Heard and McDonald Islands)|HN (Honduras)|HR (Croatia)|HT (Haiti)|HU (Hungary)|ID (Indonesia)|IE (Ireland)|IL (Israel)|IN (India)|INT (International)|IO (British Indian Ocean Territory)|IQ (Iraq)|IR (Iran)|IS (Iceland)|IT (Italy)|JM (Jamaica)|JO (Jordan)|JP (Japan)|KE (Kenya)|KG (Kyrgyzstan)|KH (Cambodia)|KI (Kiribati)|KM (Comoros)|KN (Saint Kitts and Nevis)|KP (North Korea)|KR (South Korea)|KW (Kuwait)|KY (Cayman Islands)|KZ (Kazakhstan)|LA (Laos)|LB (Lebanon)|LC (Saint Lucia)|LI (Liechtenstein)|LK (Sri Lanka)|LR (Liberia)|LS (Lesotho)|LT (Lithuania)|LU (Luxembourg)|LV (Latvia)|LY (Libya)|MA (Morocco)|MC (Monaco)|MD (Moldova)|MG (Madagascar)|MH (Marshall Islands)|MIL (Military)|MK (Macedonia)|ML (Mali)|MM (Myanmar)|MN (Mongolia)|MO (Macau)|MP (Northern Mariana Islands)|MQ (Martinique)|MR (Mauritania)|MS (Montserrat)|MT (Malta)|MU (Mauritius)|MV (Maldives)|MW (Malawi)|MX (Mexico)|MY (Malaysia)|MZ (Mozambique)|NA (Namibia)|NC (New Caledonia)|NE (Niger)|NET (Network)|NF (Norfolk Island)|NG (Nigeria)|NI (Nicaragua)|NL (Netherlands)|NO (Norway)|NP (Nepal)|NR (Nauru)|NT (Neutral Zone)|NU (Niue)|NZ (New Zealand)|OM (Oman)|ORG (Organization)|PA (Panama)|PE (Peru)|PF (French Polynesia)|PG (Papua New Guinea)|PH (Philippines)|PK (Pakistan)|PL (Poland)|PM (St. Pierre and Miquelon)|PN (Pitcairn)|PR (Puerto Rico)|PT (Portugal)|PW (Palau)|PY (Paraguay)|QA (Qatar)|RE (Reunion)|RO (Romania)|RS (Serbia)|RU (Russian Federation)|RW (Rwanda)|SA (Saudi Arabia)|Sb (Solomon Islands)|SC (Seychelles)|SD (Sudan)|SE (Sweden)|SG (Singapore)|SH (St. Helena)|SI (Slovenia)|SJ (Svalbard and Jan Mayen Islands)|SK (Slovak Republic)|SL (Sierra Leone)|SM (San Marino)|SN (Senegal)|SO (Somalia)|SR (Suriname)|ST (Sao Tome and Principe)|SU (USSR)|SV (El Salvador)|SY (Syria)|SZ (Swaziland)|TC (Turks and Caicos Islands)|TD (Chad)|TF (French Southern Territories)|TG (Togo)|TH (Thailand)|TJ (Tajikistan)|TK (Tokelau)|TM (Turkmenistan)|TN (Tunisia)|TO (Tonga)|TP (East Timor)|TR (Turkey)|TT (Trinidad and Tobago)|TV (Tuvalu)|TW (Taiwan)|TZ (Tanzania)|UA (Ukraine)|UG (Uganda)|UK (United Kingdom)|UM (US Minor Outlying Islands)|US (United States)|UY (Uruguay)|UZ (Uzbekistan)|VA (Vatican City State)|VC (Saint Vincent and the Grenadines)|VE (Venezuela)|VG (Virgin Islands)|VI (Virgin Islands USA)|VN (Viet Nam)|VU (Vanuatu)|WF (Wallis and Futuna Islands)|WS (Samoa)|YE (Yemen)|YT (Mayotte)|YU (Yugoslavia)|ZA (South Africa)|ZM (Zambia)|ZR (Zaire)|ZW (Zimbabwe)")
$Button1 = GUICtrlCreateButton("Start", 8, 61, 75, 25)
$Button3 = GUICtrlCreateButton("Clear Duplicates", 388, 357, 91, 33)
GUICtrlSetState(-1,$GUI_DISABLE)
$Button4 = GUICtrlCreateButton("Scan 4 SQLI", 484, 357, 86, 33)
GUICtrlSetState(-1,$GUI_DISABLE)
$List1 = GUICtrlCreateList("", 4, 93, 566, 258)
$Progress1 = GUICtrlCreateProgress(90, 61, 478, 25, $PBS_SMOOTH)
$Label4 = GUICtrlCreateLabel("Url's found: -", 8, 368, 332, 20)
GUICtrlSetFont(-1, 10, 400, 0, "Arial")
$Label8 = GUICtrlCreateLabel("State: 0/0", 240, 368, 332, 20)
GUICtrlSetFont(-1, 10, 400, 0, "Arial")
$TabSheet2 = GUICtrlCreateTabItem("SQLi Scanner")
$Label5 = GUICtrlCreateLabel("Current URL:", 8, 32, 66, 17)
$Label6 = GUICtrlCreateLabel("-", 80, 32, 487, 17)
$List2 = GUICtrlCreateList("", 4, 88, 566, 266)
$Progress2 = GUICtrlCreateProgress(8, 56, 558, 26)
$Button5 = GUICtrlCreateButton("Export List", 472, 360, 91, 33)
GUICtrlSetState(-1,$GUI_DISABLE)
$Label7 = GUICtrlCreateLabel("Vuln. Url's: -", 8, 368, 175, 20)
GUICtrlSetFont(-1, 10, 400, 0, "Arial")
GUICtrlCreateTabItem("")
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###
    $contextmenu = GUICtrlCreateContextMenu($List1)
    $item1 = GUICtrlCreateMenuItem("Open Website", $contextmenu)
    $item2 = GUICtrlCreateMenuItem("Copy", $contextmenu)
    $item3 = GuicTrlCreateMenuItem("Delete",$contextmenu)
    $2contextmenu = GUICtrlCreateContextMenu($List2)
    $2item1 = GUICtrlCreateMenuItem("Open Website", $2contextmenu)
    $2item2 = GUICtrlCreateMenuItem("Copy", $2contextmenu)
    $2item3 = GuicTrlCreateMenuItem("Delete",$2contextmenu)
While 1
    $nMsg = GUIGetMsg()
    Switch $nMsg
        Case $GUI_EVENT_CLOSE
            SaveINI()
            Exit
        Case $MenuItem2
            Options()
        Case $MenuItem3
            Exit
        Case $MenuItem5
            MsgBox(0,"About","This DorkScanner is made by FreehuntX")
        Case $Button1
            GUICtrlSetState($Button1,$GUI_DISABLE)
            GUICtrlSetState($Button3,$GUI_DISABLE)
            GUICtrlSetState($Button4,$GUI_DISABLE)
            GUICtrlSetState($combo1,$GUI_DISABLE)
            GUICtrlSetState($combo2,$GUI_DISABLE)
            GUICtrlSetState($combo3,$GUI_DISABLE)
            $urls = 0
            $ProgressState = 0
            _GUICtrlListBox_ResetContent($List1)
            GUICtrlSetState($Button1,$GUI_DISABLE)
            DorkIt()
        Case $Button3
            GUICtrlSetState($Button1,$GUI_DISABLE)
            GUICtrlSetState($Button3,$GUI_DISABLE)
            GUICtrlSetState($Button4,$GUI_DISABLE)
            GUICtrlSetState($combo1,$GUI_DISABLE)
            GUICtrlSetState($combo2,$GUI_DISABLE)
            GUICtrlSetState($combo3,$GUI_DISABLE)
            ClearIt()
        Case $Button4
            GUICtrlSetState($TabSheet2, $GUI_SHOW)
            _GUICtrlListBox_ResetContent($List2)
            GUICtrlSetState($Button5,$GUI_DISABLE)
            Scan4SQLI()
        Case $Button5
            Export()
        Case $Item1
            ShellExecute(_GUICtrlListBox_GetText($List1,_GUICtrlListBox_GetCurSel($List1))&"'")
        Case $Item2            
            ClipPut(_GUICtrlListBox_GetText($List1,_GUICtrlListBox_GetCurSel($List1))&"'")
        Case $Item3
            _GUICtrlListBox_DeleteString($List1,_GUICtrlListBox_GetCurSel($List1))
            GUICtrlSetData($Label4,"Url's found: "&_GUICtrlListBox_GetCount($List1))
        Case $2Item1
            ShellExecute(_GUICtrlListBox_GetText($List2,_GUICtrlListBox_GetCurSel($List2))&"'")
        Case $2Item2            
            ClipPut(_GUICtrlListBox_GetText($List2,_GUICtrlListBox_GetCurSel($List2))&"'")
        Case $2Item3
            _GUICtrlListBox_DeleteString($List2,_GUICtrlListBox_GetCurSel($List2))
            GUICtrlSetData($Label7,"Vuln. Url's: "&_GUICtrlListBox_GetCount($List2))

    EndSwitch
WEnd



Func Scan4SQLI()
    For $i = 0 to _GUICtrlListBox_GetCount($List1)
        $currsource = UrlToText(_GUICtrlListBox_GetText($List1,$i)&"'")
        GUICtrlSetData($Label6,_GUICtrlListBox_GetText($List1,$i))
        GUICtrlSetData($Label7,"Vuln. Url's: "&_GUICtrlListBox_GetCount($List2))
        GUICtrlSetData($Progress2, $i*100/_GUICtrlListBox_GetCount($List1))
        If StringInStr($currsource,"You have an error in your SQL syntax") Then
            GUICtrlSetData($list2,_GUICtrlListBox_GetText($List1,$i)&"|")
        ElseIf StringInStr($currsource,"Invalid query:") Then
            GUICtrlSetData($list2,_GUICtrlListBox_GetText($List1,$i)&"|")
        ElseIf StringInStr($currsource,"mysql_num_rows()") Then
            GUICtrlSetData($list2,_GUICtrlListBox_GetText($List1,$i)&"|")
        ElseIf StringInStr($currsource,"mysql_fetch_array()") Then
            GUICtrlSetData($list2,_GUICtrlListBox_GetText($List1,$i)&"|")
        ElseIf StringInStr($currsource,"mysql_fetch_row()") Then
            GUICtrlSetData($list2,_GUICtrlListBox_GetText($List1,$i)&"|")
        ElseIf StringInStr($currsource,"mysql_fetch_assoc()") Then
            GUICtrlSetData($list2,_GUICtrlListBox_GetText($List1,$i)&"|")
        ElseIf StringInStr($currsource,"mysql_fetch_object()") Then
            GUICtrlSetData($list2,_GUICtrlListBox_GetText($List1,$i)&"|")
        ElseIf StringInStr($currsource,"mysql_numrows()") Then
            GUICtrlSetData($list2,_GUICtrlListBox_GetText($List1,$i)&"|")
        Else
        EndIf
    Next
    MsgBox(0,"Finish!","SQLi Scan Finished!")
    GUICtrlSetData($Label6,"-")
    GUICtrlSetState($Button5,$GUI_ENABLE)
EndFunc


Func Export()
    For $i = 0 To _GUICtrlListBox_GetCount($List2)-1
        $file = FileOpen(@ScriptDir&"\export.txt", 1)
        FileWrite($file, _GUICtrlListBox_GetText($List2,$i)&"'"&@CRLF)
    Next
    FileClose($file)
EndFunc


Func UrlToText($scanurl)
If NOT StringInStr($scanurl,"http") Then
    Return BinaryToString(InetRead("http://"&$scanurl))
Else
    Return BinaryToString(InetRead($scanurl))
EndIf

EndFunc




Func DorkIt()
    $HOST="search.conduit.com"
    $HSESSION=_WINHTTPOPEN("Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1")
    $HCONNECT=_WINHTTPCONNECT($HSESSION,$HOST)
    
    For $i = 0 to Guictrlread($Combo2)/10-1
    If StringLeft(GUICtrlRead($Combo3),3) = "ALL" Then
        $test = _WinHttpSimpleRequest($HCONNECT,"GET","/Results.aspx?q="&GUICtrlRead($Combo1)&"&start="&$i*10)
    Else
        $test = _WinHttpSimpleRequest($HCONNECT,"GET","/Results.aspx?q="&GUICtrlRead($Combo1)&"+site:"&StringLeft(GUICtrlRead($Combo3),3)&"&start="&$i*10)
    EndIf
    $ersteseite = _StringBetween($test, '<div class="title"><a href="', '" id="')
    $treffer = _StringBetween($test, '<div id="results_info">','(')
    $treffer = StringRegExpReplace($treffer[0],"[^0-9]","")
    for $i2 = 0 to 9
                        $Progressstate +=1
                        GUICtrlSetData($Progress1, $Progressstate*100/Guictrlread($Combo2))
                        GUICtrlSetData($Label8, "State: "&$Progressstate&"/"&GUICtrlRead($Combo2))
        If $treffer < 1000 Then
;~             $Progressstate +=1
;~             GUICtrlSetData($Progress1, $Progressstate*100/Guictrlread($Combo2))
;~             Guictrlsetdata($Label8,$Progressstate&"/"&Guictrlread($Combo2))
        Else
            
            If $OnlyNumber = 1 and StringIsDigit(StringRight($ersteseite[$i2],1)) Then
;~                 $Progressstate +=1
;~                         GUICtrlSetData($Progress1, $Progressstate*100/Guictrlread($Combo2))
;~                         Guictrlsetdata($Label8,$Progressstate&"/"&Guictrlread($Combo2))
                If $NoGov = 1 Then
                    If StringInStr($ersteseite[$i2], ".gov") Then
;~                         $Progressstate +=1
;~                         GUICtrlSetData($Progress1, $Progressstate*100/Guictrlread($Combo2))
;~                         Guictrlsetdata($Label8,$Progressstate&"/"&Guictrlread($Combo2))
                        GUICtrlSetData($Label4,"Url's found: "&_GUICtrlListBox_GetCount($List1))
                    Else
                        GUICtrlSetData($list1,$ersteseite[$i2]&"|")
                        $urls += 1
;~                         $Progressstate +=1
;~                         GUICtrlSetData($Progress1, $Progressstate*100/Guictrlread($Combo2))
;~                         Guictrlsetdata($Label8,$Progressstate&"/"&Guictrlread($Combo2))
                        GUICtrlSetData($Label4,"Url's found: "&_GUICtrlListBox_GetCount($List1))
                    EndIf
                Else
                    
                    GUICtrlSetData($list1,$ersteseite[$i2]&"|")
                    $urls += 1
;~                     $Progressstate +=1
;~                     GUICtrlSetData($Progress1, $Progressstate*100/Guictrlread($Combo2))
;~                     Guictrlsetdata($Label8,$Progressstate&"/"&Guictrlread($Combo2))
                    GUICtrlSetData($Label4,"Url's found: "&_GUICtrlListBox_GetCount($List1))
                EndIf
;~                 $Progressstate +=1
            Elseif $OnlyNumber = 0 Then
;~                                 $Progressstate +=1
;~                                 GUICtrlSetData($Progress1, $Progressstate*100/Guictrlread($Combo2))
;~                                 Guictrlsetdata($Label8,$Progressstate&"/"&Guictrlread($Combo2))
;~                         $Progressstate +=1
;~                         GUICtrlSetData($Progress1, $Progressstate*100/Guictrlread($Combo2))
;~                         Guictrlsetdata($Label8,$Progressstate&"/"&Guictrlread($Combo2))
                If $NoGov = 1 Then
                    If StringInStr($ersteseite[$i2], ".gov") Then
;~                         $Progressstate +=1
;~                         GUICtrlSetData($Progress1, $Progressstate*100/Guictrlread($Combo2))
;~                         Guictrlsetdata($Label8,$Progressstate&"/"&Guictrlread($Combo2))
                        GUICtrlSetData($Label4,"Url's found: "&_GUICtrlListBox_GetCount($List1))
                    Else
                        GUICtrlSetData($list1,$ersteseite[$i2]&"|")
                        $urls += 1
;~                         $Progressstate +=1
;~                         GUICtrlSetData($Progress1, $Progressstate*100/Guictrlread($Combo2))
;~                         Guictrlsetdata($Label8,$Progressstate&"/"&Guictrlread($Combo2))
                        GUICtrlSetData($Label4,"Url's found: "&_GUICtrlListBox_GetCount($List1))
                    EndIf
                Else
                    GUICtrlSetData($list1,$ersteseite[$i2]&"|")
                    $urls += 1
;~                     $Progressstate +=1
;~                     GUICtrlSetData($Progress1, $Progressstate*100/Guictrlread($Combo2))
;~                     Guictrlsetdata($Label8,$Progressstate&"/"&Guictrlread($Combo2))
                    GUICtrlSetData($Label4,"Url's found: "&_GUICtrlListBox_GetCount($List1))
                EndIf
            Else
;~                 $Progressstate +=1
;~                 GUICtrlSetData($Progress1, $Progressstate*100/Guictrlread($Combo2))
;~                 Guictrlsetdata($Label8,$Progressstate&"/"&Guictrlread($Combo2))
            EndIf
            ;$Progressstate +=1
;~             GUICtrlSetData($Progress1, $Progressstate*100/Guictrlread($Combo2))
;~             Guictrlsetdata($Label8,$Progressstate&"/"&Guictrlread($Combo2))
        EndIf
    Next
    Next
    GUICtrlSetState($Button1,$GUI_ENABLE)
    GUICtrlSetState($Button3,$GUI_ENABLE)
    GUICtrlSetState($Button4,$GUI_ENABLE)
    GUICtrlSetState($combo1,$GUI_ENABLE)
    GUICtrlSetState($combo2,$GUI_ENABLE)
    GUICtrlSetState($combo3,$GUI_ENABLE)
EndFunc



Func WieOft($source,$text)
    $string_found = 0
    $string_position = StringInStr($source, $text, 0, 1)

    While $string_position > 0
        $string_found += 1
        $string_position = StringInStr($source, $text, 0, 1, $string_position + 1)
    WEnd
    return $string_found
EndFunc

Func ClearIt()
    For $i = 0 to _GUICtrlListBox_GetCount($List1)
        $CurrText = _GUICtrlListBox_GetText($List1,$i)
        $CurrPatt = StringLeft($CurrText,18)
        $Checked = 0
        For $i2 = 0 To _GUICtrlListBox_GetCount($List1)
            If StringInStr(_GUICtrlListBox_GetText($List1,$i2),$CurrPatt) = 1 Then
                If $Checked = 1 then 
                _GUICtrlListBox_DeleteString($List1,$i2)
                GUICtrlSetData($Label4,"Url's found: "&_GUICtrlListBox_GetCount($List1))
                Else
                EndIf
                $Checked +=1
            EndIf
        Next
    Next
    For $i = 0 to _GUICtrlListBox_GetCount($List1)
        $CurrText = _GUICtrlListBox_GetText($List1,$i)
        $CurrPatt = StringLeft($CurrText,18)
        $Checked = 0
        For $i2 = 0 To _GUICtrlListBox_GetCount($List1)
            If StringInStr(_GUICtrlListBox_GetText($List1,$i2),$CurrPatt) = 1 Then
                If $Checked = 1 then 
                _GUICtrlListBox_DeleteString($List1,$i2)
                GUICtrlSetData($Label4,"Url's found: "&_GUICtrlListBox_GetCount($List1))
                Else
                EndIf
                $Checked +=1
            EndIf
        Next
    Next
    GUICtrlSetState($Button1,$GUI_ENABLE)
    GUICtrlSetState($Button3,$GUI_ENABLE)
    GUICtrlSetState($Button4,$GUI_ENABLE)
    GUICtrlSetState($combo1,$GUI_ENABLE)
    GUICtrlSetState($combo2,$GUI_ENABLE)
    GUICtrlSetState($combo3,$GUI_ENABLE)
    GUICtrlSetData($Label4,"Url's found: "&_GUICtrlListBox_GetCount($List1))
    MsgBox(0,"Finish!","Cleared almost all Duplicates!")
EndFunc

Func Options()
    #Region ### START Koda GUI section ### Form=
$2Form1 = GUICreate("Options", 178, 50, 267, 207)
$2Checkbox1 = GUICtrlCreateCheckbox("Only Numbers", 8, 8, 89, 17)
$2Checkbox2 = GUICtrlCreateCheckbox("No .Gov", 8, 30, 89, 17)
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###
If $OnlyNumber = 1 Then
    GUICtrlSetState($2Checkbox1,1)
Else
    GUICtrlSetState($2Checkbox1,4)
EndIf
If $NoGov = 1 Then
    GUICtrlSetState($2Checkbox2,1)
Else
    GUICtrlSetState($2Checkbox2,4)
EndIf


While 1
    Switch GUIGETMSG()
        Case -3 
            GUIDelete($2Form1)
            SaveINI()
            ExitLoop

    EndSwitch
    If GUICtrlRead($2Checkbox1) = 4 then
        $OnlyNumber = 0
    ElseIf GUICtrlRead($2Checkbox1) = 1 Then
        $OnlyNumber = 1
    EndIf
    
    If GUICtrlRead($2Checkbox2) = 4 Then
        $NoGov = 0
    ElseIf GUICtrlRead($2Checkbox2) = 1 Then
        $NoGov = 1
    EndIf
WEnd
EndFunc

Func SaveINI()
    IniWrite(@ScriptDir&"\DorkScannerSettings.ini", "Settings", "OnlyNumber ", $OnlyNumber)
    IniWrite(@ScriptDir&"\DorkScannerSettings.ini", "Settings", "NoGov ", $NoGov)
EndFunc

Func LoadINI()
    $OnlyNumber = IniRead(@Scriptdir&"\DorkScannerSettings.ini","Settings","OnlyNumber ",0)
    $NoGov = IniRead(@Scriptdir&"\DorkScannerSettings.ini","Settings","NoGov ",0)
EndFunc 


[MoepMeep]

Nimm ganz schnell den code raus, sonst kommen hier eine menge kleine Kinder auf dumme ideen.

[.2good4you111]

Wie siehts den mit Google Traffic aus, also bekommt man nach ca 5 Seiten mit inurl nen 403 oder sucht der da ganz gelassen weiter?

[Crack-7]

Quote:

Originally Posted by .2good4you111

Wie siehts den mit Google Traffic aus, also bekommt man nach ca 5 Seiten mit inurl nen 403 oder sucht der da ganz gelassen weiter?

Ne ^^

Ich habe conduit serch genutzt, dar es dort keinen anti spam bot gibt.

Quote:

Originally Posted by MoepMeep

Nimm ganz schnell den code raus, sonst kommen hier eine menge kleine Kinder auf dumme ideen.

Wenn mans richtig anstellt, kann man mit sowas geld machen.

Lücken finden, und seiten admin melden.

Außerdem gibt es im Internet schlimmeres als so einen DorkScanner.

[MoepMeep]

Quote:

Originally Posted by Crack-7

Wenn mans richtig anstellt, kann man mit sowas geld machen.

Lücken finden, und seiten admin melden.

Außerdem gibt es im Internet schlimmeres als so einen DorkScanner.

Trotzdem betreiben 95% der Leute mit sowas nur unfug.

[Crack-7]

Und die restlichen 5% kümmerts was die leute machen?

Wer scheiße bauen will, hätte es auch ohne mich hinbekommen -.-

Es ist wie immer.

Man kann es für gute oder böse zwecke nutzen.

[.SkyneT.]

Quote:

Originally Posted by MoepMeep

Nimm ganz schnell den code raus, sonst kommen hier eine menge kleine Kinder auf dumme ideen.

Quote:

Originally Posted by MoepMeep

Trotzdem betreiben 95% der Leute mit sowas nur unfug.

Solang das tool die Lücken nur scannt ist es doch noch kein Problem ?

Außerdem wärs nicht so als ob das der einzige Scanner dafür wäre ,
die Idee den rauszunehmen finde ich daher nicht vorteilhaft.
(Außerdem können die meisten eh nicht mit SQL umgehen, und daher
auch nichts mit den gefundenen Lücken auslesen)