just grabs all websites in server with php?id= dork for scanning for error based sql injection
(self)
| 1306 | pass |
| 1307 | |
| 1308 | def grabSqli(self): |
| 1309 | """ |
| 1310 | just grabs all websites in server with php?id= dork |
| 1311 | for scanning for error based sql injection |
| 1312 | """ |
| 1313 | page = 1 |
| 1314 | lista = [] |
| 1315 | while page <= 101: |
| 1316 | try: |
| 1317 | bing = "http://www.bing.com/search?q=ip%3A" + \ |
| 1318 | self.serverip + "+php?id=&count=50&first=" + str(page) |
| 1319 | openbing = urllib2.urlopen(bing) |
| 1320 | readbing = openbing.read() |
| 1321 | findwebs = re.findall('<h2><a href="(.*?)"', readbing) |
| 1322 | for i in range(len(findwebs)): |
| 1323 | x = findwebs[i] |
| 1324 | lista.append(x) |
| 1325 | except: |
| 1326 | pass |
| 1327 | page += 50 |
| 1328 | lista = unique(lista) |
| 1329 | self.checkSqli(lista) |
| 1330 | |
| 1331 | def checkSqli(self, s): |
| 1332 | """ |