diff --git a/.gitignore b/.gitignore index 522c760..d86ef33 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,2 @@ /vendor -composer.lock *.txt diff --git a/build/main.phar b/build/main.phar index 4b7a719..1d6d46c 100755 Binary files a/build/main.phar and b/build/main.phar differ diff --git a/composer.lock b/composer.lock new file mode 100644 index 0000000..727d122 --- /dev/null +++ b/composer.lock @@ -0,0 +1,464 @@ +{ + "_readme": [ + "This file locks the dependencies of your project to a known state", + "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", + "This file is @generated automatically" + ], + "content-hash": "6b7232bcabf1f337ddd6123349c89397", + "packages": [ + { + "name": "guiguiboy/php-cli-progress-bar", + "version": "0.0.4", + "source": { + "type": "git", + "url": "https://github.com/guiguiboy/PHP-CLI-Progress-Bar.git", + "reference": "7d3eb61c1f0c164b9c3139af694b2d38171e4d04" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guiguiboy/PHP-CLI-Progress-Bar/zipball/7d3eb61c1f0c164b9c3139af694b2d38171e4d04", + "reference": "7d3eb61c1f0c164b9c3139af694b2d38171e4d04", + "shasum": "" + }, + "require": { + "ext-mbstring": "*", + "php": ">=5.3.0" + }, + "type": "library", + "autoload": { + "psr-0": { + "ProgressBar": "." + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Guillaume", + "email": "guillaume.bretou@gmail.com" + } + ], + "description": "Progress bar for PHP CLI scripts", + "homepage": "https://github.com/guiguiboy/PHP-CLI-Progress-Bar", + "keywords": [ + "bar", + "cli", + "command-line", + "progress" + ], + "time": "2014-11-19T13:12:00+00:00" + }, + { + "name": "guzzlehttp/psr7", + "version": "1.6.1", + "source": { + "type": "git", + "url": "https://github.com/guzzle/psr7.git", + "reference": "239400de7a173fe9901b9ac7c06497751f00727a" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guzzle/psr7/zipball/239400de7a173fe9901b9ac7c06497751f00727a", + "reference": "239400de7a173fe9901b9ac7c06497751f00727a", + "shasum": "" + }, + "require": { + "php": ">=5.4.0", + "psr/http-message": "~1.0", + "ralouphie/getallheaders": "^2.0.5 || ^3.0.0" + }, + "provide": { + "psr/http-message-implementation": "1.0" + }, + "require-dev": { + "ext-zlib": "*", + "phpunit/phpunit": "~4.8.36 || ^5.7.27 || ^6.5.8" + }, + "suggest": { + "zendframework/zend-httphandlerrunner": "Emit PSR-7 responses" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.6-dev" + } + }, + "autoload": { + "psr-4": { + "GuzzleHttp\\Psr7\\": "src/" + }, + "files": [ + "src/functions_include.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + }, + { + "name": "Tobias Schultze", + "homepage": "https://github.com/Tobion" + } + ], + "description": "PSR-7 message implementation that also provides common utility methods", + "keywords": [ + "http", + "message", + "psr-7", + "request", + "response", + "stream", + "uri", + "url" + ], + "time": "2019-07-01T23:21:34+00:00" + }, + { + "name": "psr/http-message", + "version": "1.0.1", + "source": { + "type": "git", + "url": "https://github.com/php-fig/http-message.git", + "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/http-message/zipball/f6561bf28d520154e4b0ec72be95418abe6d9363", + "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Http\\Message\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "http://www.php-fig.org/" + } + ], + "description": "Common interface for HTTP messages", + "homepage": "https://github.com/php-fig/http-message", + "keywords": [ + "http", + "http-message", + "psr", + "psr-7", + "request", + "response" + ], + "time": "2016-08-06T14:39:51+00:00" + }, + { + "name": "ralouphie/getallheaders", + "version": "3.0.3", + "source": { + "type": "git", + "url": "https://github.com/ralouphie/getallheaders.git", + "reference": "120b605dfeb996808c31b6477290a714d356e822" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ralouphie/getallheaders/zipball/120b605dfeb996808c31b6477290a714d356e822", + "reference": "120b605dfeb996808c31b6477290a714d356e822", + "shasum": "" + }, + "require": { + "php": ">=5.6" + }, + "require-dev": { + "php-coveralls/php-coveralls": "^2.1", + "phpunit/phpunit": "^5 || ^6.5" + }, + "type": "library", + "autoload": { + "files": [ + "src/getallheaders.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Ralph Khattar", + "email": "ralph.khattar@gmail.com" + } + ], + "description": "A polyfill for getallheaders.", + "time": "2019-03-08T08:55:37+00:00" + }, + { + "name": "serps/core", + "version": "v0.3.1", + "source": { + "type": "git", + "url": "https://github.com/serp-spider/core.git", + "reference": "bbc93c2a348ea91a01046d29d7bf733274e85c7c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/serp-spider/core/zipball/bbc93c2a348ea91a01046d29d7bf733274e85c7c", + "reference": "bbc93c2a348ea91a01046d29d7bf733274e85c7c", + "shasum": "" + }, + "require": { + "php": ">=5.5", + "psr/http-message": "^1.0.0", + "symfony/css-selector": "^2|^3|^4" + }, + "require-dev": { + "guzzlehttp/psr7": "^1.3.0", + "phpunit/phpunit": "~4.1", + "squizlabs/php_codesniffer": "~2.5", + "zendframework/zend-diactoros": "1.3.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "0.3.0-dev" + } + }, + "autoload": { + "psr-4": { + "Serps\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Fair" + ], + "authors": [ + { + "name": "Soufiane GHZAL", + "homepage": "https://github.com/gsouf" + } + ], + "description": "Search engine scrapper", + "homepage": "https://github.com/serp-spider/core", + "keywords": [ + "bing", + "google", + "scrapper", + "search engine", + "yahoo" + ], + "time": "2020-02-22T09:54:56+00:00" + }, + { + "name": "serps/http-client-curl", + "version": "v0.2.3", + "source": { + "type": "git", + "url": "https://github.com/serp-spider/http-client-curl.git", + "reference": "67e57649b512dd1ae57bdb766bdd08d18de7f0cf" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/serp-spider/http-client-curl/zipball/67e57649b512dd1ae57bdb766bdd08d18de7f0cf", + "reference": "67e57649b512dd1ae57bdb766bdd08d18de7f0cf", + "shasum": "" + }, + "require": { + "php": ">=5.5", + "serps/core": "~0.2.0|~0.3.0" + }, + "require-dev": { + "phpunit/phpunit": "~4.1", + "serps/http-client-test-suite": "*", + "squizlabs/php_codesniffer": "~2.5", + "zendframework/zend-diactoros": ">=1" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "0.2.*-dev" + } + }, + "autoload": { + "psr-4": { + "Serps\\HttpClient\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Fair" + ], + "authors": [ + { + "name": "Soufiane GHZAL", + "homepage": "https://github.com/gsouf" + } + ], + "description": "CURL client for SERPS", + "homepage": "https://github.com/serp-spider/serps-http-client-curl", + "keywords": [ + "SERPS", + "curl", + "http client" + ], + "time": "2018-04-04T14:05:34+00:00" + }, + { + "name": "serps/search-engine-google", + "version": "v0.4.8", + "source": { + "type": "git", + "url": "https://github.com/serp-spider/search-engine-google.git", + "reference": "9f889148e8b39ffd98fdddb2bc58a2844bb14ae6" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/serp-spider/search-engine-google/zipball/9f889148e8b39ffd98fdddb2bc58a2844bb14ae6", + "reference": "9f889148e8b39ffd98fdddb2bc58a2844bb14ae6", + "shasum": "" + }, + "require": { + "ext-dom": "*", + "php": ">=5.5", + "serps/core": "~0.3.0" + }, + "require-dev": { + "guzzlehttp/psr7": "^1.4", + "phpunit/phpunit": "~4.1", + "serps/cli": "^1.1", + "squizlabs/php_codesniffer": "~3.2", + "symfony/yaml": ">=2.0" + }, + "suggest": { + "guzzlehttp/psr7": "For http request", + "zendframework/zend-diactoros": "For http request" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "0.3.0-dev" + } + }, + "autoload": { + "psr-4": { + "Serps\\SearchEngine\\Google\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Fair" + ], + "authors": [ + { + "name": "Soufiane GHZAL", + "homepage": "https://github.com/gsouf" + } + ], + "description": "Google Rules and client for SERPS", + "homepage": "https://github.com/serp-spider/search-engine-google", + "keywords": [ + "SERPS", + "google" + ], + "time": "2019-07-22T22:06:56+00:00" + }, + { + "name": "symfony/css-selector", + "version": "v4.4.9", + "source": { + "type": "git", + "url": "https://github.com/symfony/css-selector.git", + "reference": "afc26133a6fbdd4f8842e38893e0ee4685c7c94b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/css-selector/zipball/afc26133a6fbdd4f8842e38893e0ee4685c7c94b", + "reference": "afc26133a6fbdd4f8842e38893e0ee4685c7c94b", + "shasum": "" + }, + "require": { + "php": "^7.1.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "4.4-dev" + } + }, + "autoload": { + "psr-4": { + "Symfony\\Component\\CssSelector\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Jean-François Simon", + "email": "jeanfrancois.simon@sensiolabs.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony CssSelector Component", + "homepage": "https://symfony.com", + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2020-03-27T16:54:36+00:00" + } + ], + "packages-dev": [], + "aliases": [], + "minimum-stability": "stable", + "stability-flags": [], + "prefer-stable": false, + "prefer-lowest": false, + "platform": { + "ext-curl": "*", + "ext-bz2": "*" + }, + "platform-dev": [], + "plugin-api-version": "1.1.0" +} diff --git a/main.php b/main.php index d68936c..3e7c0b6 100644 --- a/main.php +++ b/main.php @@ -3,6 +3,7 @@ use Cvar1984\SqlScan\SqlScan; use Cvar1984\SqlScan\Cli as Cout; use Cvar1984\SqlScan\Dorker; + try { $count = scandir('phar://main.phar/assets/'); $count = sizeof($count); diff --git a/src/Cli.php b/src/Cli.php index 061da02..274c623 100644 --- a/src/Cli.php +++ b/src/Cli.php @@ -26,11 +26,25 @@ public static function printStandar($var) } public static function printLine($var) { - fprintf(STDOUT, '%s[#]%s %s%s', self::$light_cyan, self::$white, $var, PHP_EOL); + fprintf( + STDOUT, + '%s[#]%s %s%s', + self::$light_cyan, + self::$white, + $var, + PHP_EOL + ); } public static function printWarning($var) { - fprintf(STDERR, '%s[!]%s %s%s', self::$light_red, self::$white, $var, PHP_EOL); + fprintf( + STDERR, + '%s[!]%s %s%s', + self::$light_red, + self::$white, + $var, + PHP_EOL + ); } public static function printError($var) { @@ -38,14 +52,35 @@ public static function printError($var) } public static function printSuccess($var) { - fprintf(STDOUT, '%s[+]%s %s%s', self::$light_green, self::$white, $var, PHP_EOL); + fprintf( + STDOUT, + '%s[+]%s %s%s', + self::$light_green, + self::$white, + $var, + PHP_EOL + ); } public static function printFailed($var) { - fprintf(STDOUT, '%s[-]%s %s%s', self::$light_red, self::$white, $var, PHP_EOL); + fprintf( + STDOUT, + '%s[-]%s %s%s', + self::$light_red, + self::$white, + $var, + PHP_EOL + ); } public static function printAsk($var) { - fprintf(STDOUT, '%s[?]%s %s%s', self::$yellow, self::$white, $var, PHP_EOL); + fprintf( + STDOUT, + '%s[?]%s %s%s', + self::$yellow, + self::$white, + $var, + PHP_EOL + ); } } diff --git a/src/Dorker.php b/src/Dorker.php index 586b3df..c857ac6 100644 --- a/src/Dorker.php +++ b/src/Dorker.php @@ -1,5 +1,7 @@ setSearchTerm($dork); @@ -26,16 +35,15 @@ function __construct(string $dork, string $filename = 'result_url.txt') Cout::printLine('title : ' . $result->title); Cout::printLine('url : ' . $result->url); $write = @fopen($filename, 'a'); + if ($write) { fprintf($write, '%s%s', $result->url, PHP_EOL); fclose($write); + Cout::printSuccess('Writed (' . $filename .')'); } else { - self::$error = 'Waring can\'t write result'; + Cout::printLine('Waring can\'t write result'); } } } - if (!empty(self::$error)) { - Cout::printWarning(self::$error); - } } } diff --git a/src/SqlScan.php b/src/SqlScan.php index 8e69a5d..b54d6b1 100644 --- a/src/SqlScan.php +++ b/src/SqlScan.php @@ -1,11 +1,14 @@ getHrefLinks(); + $url = $parser->getHrefLinks(); $count = sizeof($url); Cout::printLine('Total raw urls : ' . $count); if (!empty($count)) { - $urlz = array(); + $urlz = []; foreach ($url as $urls) { - if (pathinfo($urls[0], PATHINFO_EXTENSION) == 'pdf') continue; - elseif (pathinfo($urls[0], PATHINFO_EXTENSION) == 'zip') continue; - elseif (pathinfo($urls[0], PATHINFO_EXTENSION) == 'mp4') continue; - elseif (pathinfo($urls[0], PATHINFO_EXTENSION) == 'mp3') continue; - elseif (pathinfo($urls[0], PATHINFO_EXTENSION) == 'tar') continue; - elseif (pathinfo($urls[0], PATHINFO_EXTENSION) == 'jpg') continue; - elseif (pathinfo($urls[0], PATHINFO_EXTENSION) == 'png') continue; - elseif (pathinfo($urls[0], PATHINFO_EXTENSION) == 'gif') continue; - elseif (pathinfo($urls[0], PATHINFO_EXTENSION) == 'm4a') continue; - elseif (pathinfo($urls[0], PATHINFO_EXTENSION) == '3gp') continue; - if (!preg_match('/=/', $urls[0])) continue; + $urlExtension = pathinfo($urls[0], PATHINFO_EXTENSION); + if (in_array($urlExtension, self::$bannedExtension)) { + continue; + } + if (!preg_match('/=/', $urls[0])) { + continue; + } $urlz[] = $urls[0]; } $count = count($urlz); @@ -51,13 +63,15 @@ public function scan(string $url, string $filename) Cout::printLine('Total available urls : ' . $count); foreach ($urlz as $urls) { $urls = str_replace('=', '=\'', $urls); - //Cout::printLine('Testing : ' . $urls); + Cout::printStandar('Scanning '); $progressBar->advance(); $result = @file_get_contents($urls); - foreach (self::$sql as $sqli) { - if (preg_match('/' . $sqli . '/', $result)) { + foreach (self::$sqlList as $sqli) { + if (preg_match('/' . $sqli . '/Usi', $result)) { Cout::printSuccess('Hit (' . $sqli . ')'); + Cout::printSuccess('Url (' . $urls . ')'); + Cout::printSuccess('Saved (' . $filename . ')'); $file = @fopen($filename, 'a'); if (!$file) { Cout::printWarning('warning can\'t write result');