简介:PHP+MYSQL网站注入扫描工具,针对类似夜猫文章下
载系统比较有效,界面是仿教程的hdsi中的PHP注入模块写
的,实现原理是参考angel的SQL Injection with MYSQL
写的,网上有很多,不再细说。
界面截图:/upimg/070605/11Q0312W33J014593.jpg
源码下载:http://downloads.2ccc.com/general/internet_lan/PHPInj.rar
Author: hnxyy
QQ: 19026695
Date: 2005/5/25
FireFox技术交流论坛
http://www.wrsky.com
It is all beginnings free
It is all ruin to be privately owned
使用D7编写,界面比较难看,和教主的工具对比了一下,感觉比他的工作扫描速度要快很多
主要单元代码:
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, Spin, StdCtrls, ComCtrls, Buttons, ExtCtrls, IDHTTP, unit2, Unit3,
OleCtrls, SHDocVw;
type
TForm1 = class(TForm)
Panel8: TPanel;
Label15: TLabel;
Label16: TLabel;
Label17: TLabel;
EdtInjUrl: TEdit;
EdtKey: TEdit;
EdtFieldNum: TEdit;
rdbNum: TRadioButton;
rdbChar: TRadioButton;
Panel1: TPanel;
pcPHPInj: TPageControl;
TabSheet1: TTabSheet;
sbscan1: TSpeedButton;
sbstop1: TSpeedButton;
sbscan2: TSpeedButton;
sbstop2: TSpeedButton;
Panel15: TPanel;
GroupBox5: TGroupBox;
lvTable: TListView;
GroupBox6: TGroupBox;
lvField: TListView;
TabSheet2: TTabSheet;
GroupBox7: TGroupBox;
Label18: TLabel;
Label19: TLabel;
Label20: TLabel;
Label21: TLabel;
spField1: TSpinEdit;
spField2: TSpinEdit;
EdtField1: TEdit;
EdtField2: TEdit;
EdtTable: TEdit;
EdtID: TEdit;
GroupBox8: TGroupBox;
Label22: TLabel;
EdtFileName: TEdit;
sbrecord: TSpeedButton;
sbfile: TSpeedButton;
MM: TMemo;
sbscan: TSpeedButton;
TabSheet3: TTabSheet;
lsbDict: TListBox;
TabSheet4: TTabSheet;
wb: TWebBrowser;
spNum: TSpinEdit;
GroupBox1: TGroupBox;
sbscan3: TSpeedButton;
sbstop3: TSpeedButton;
ListBox1: TListBox;
TabSheet5: TTabSheet;
MMAbout: TMemo;
StatusBar1: TStatusBar;
procedure sbscanClick(Sender: TObject);
procedure sbstop1Click(Sender: TObject);
procedure sbscan1Click(Sender: TObject);
procedure sbscan2Click(Sender: TObject);
procedure lvFieldClick(Sender: TObject);
procedure lvTableClick(Sender: TObject);
procedure sbrecordClick(Sender: TObject);
procedure sbfileClick(Sender: TObject);
procedure sbstop2Click(Sender: TObject);
procedure sbscan3Click(Sender: TObject);
procedure sbstop3Click(Sender: TObject);
procedure ListBox1Click(Sender: TObject);
procedure FormShow(Sender: TObject);
private
{ Private declarations }
Url,KeyWord:string;
iStr,InjUrl:string;
//弹出信息框
procedure MsgBox(strMsg: string);
procedure SetUrl;
function Get(URL,Key: string): boolean;
procedure InjTable;
procedure FieldThreadExit(sender: TObject);
procedure ManagerThreadExit(sender: TObject);
public
{ Public declarations }
pg1:TProgressBar;
end;
var
Form1: TForm1;
//scanTable :array of scanTableThread; // 定义线程数组
scanField :array of scanFieldThread;
scanManager :array of scanManagerThread;
scanTable: scanTableThread; //扫描表段线程
isFinish:boolean=false;
N:integer=0;
M:integer=0;
implementation
{$R *.dfm}
{ TForm1 }
procedure TForm1.MsgBox(strMsg: string);
begin
Application.MessageBox(pchar(strMsg), '提示信息', mb_iconinformation);
end;
procedure TForm1.SetUrl;
begin
begin
if rdbNum.Checked then
Url := trim(EdtInjUrl.Text)
else
Url := trim(EdtInjUrl.Text)+#39;
end;
end;
procedure TForm1.sbscanClick(Sender: TObject);
var
scan:scanThread;
begin
if (EdtInjUrl.Text='') then
begin
MsgBox('请输入要注入的地址!');
exit;
end;
if (EdtKey.Text='') then
begin
MsgBox('请输入要注入的关键字!');
exit;
end;
如果您对本文有任何疑问或者建议,请到讨论区发表您的意见:
>>
论坛入口 <<
上一篇:url编码与解码工具代码 下一篇:Delphi中对象解除技巧
【文章评论】
【收藏本文】
【推荐好友】
【打印本文】
【我要投稿】 【论坛讨论】
