├── README.md ├── check.py ├── logsqlmapgui.txt ├── sqlmapgui.py ├── tampers.py └── tampers.txt /README.md: -------------------------------------------------------------------------------- 1 | # SqlMapGui 2 | 3 | ## Version 1.0 4 | 5 | -Inyeccion SQL GET 6 | 7 | -Inyeccion SQL POST 8 | 9 | -Hilos (threads) 10 | 11 | -Verbosidad 12 | 13 | -Historial de Comandos Ejecutados 14 | 15 | -Ejecucion automatica de varios tampers a la vez 16 | 17 | ## Autor: Eduardo Sarria (Desdes) 18 | 19 | ### GSINT - GreyCorp 20 | -------------------------------------------------------------------------------- /check.py: -------------------------------------------------------------------------------- 1 | import Tkinter 2 | 3 | def valite(): 4 | print var.get() 5 | 6 | root = Tkinter.Tk() 7 | root.geometry("400x300") 8 | 9 | var = Tkinter.IntVar() 10 | chk = Tkinter.Checkbutton(root, text='foo', variable=var,command=valite) 11 | chk.pack() 12 | 13 | tamp_info = Tkinter.Button(root, text="Go", command=valite) 14 | tamp_info.pack() 15 | 16 | root.mainloop() -------------------------------------------------------------------------------- /logsqlmapgui.txt: -------------------------------------------------------------------------------- 1 | sqlmap -u "1231" --data "23" --dbs 2 | sqlmap -u "1231" --data "23" --dbs 3 | sqlmap -u "123" --data "345" --dbs 4 | sqlmap -u "123" --data "345" --dbs 5 | sqlmap -u "123" --data "345" --dbs --tamper="chardoubleencode" 6 | sqlmap -u "123" --data "345" --dbs --tamper="charencode" 7 | sqlmap -u "123" --data "345" --dbs --tamper="charunicodeencode" 8 | -------------------------------------------------------------------------------- /sqlmapgui.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | import Tkinter 5 | import os 6 | 7 | #Funcion para ejecutar el sqlmap en la misma shell que se ejecuta el programa 8 | def current(val = 1): 9 | 10 | #global val_tampers 11 | payload=sqlmap 12 | 13 | if target.get() is not "": 14 | payload = payload + " -u \""+target.get() 15 | 16 | if post.get('1.0', 'end-1c') is not "": 17 | payload = payload + "\" --data \""+post.get('1.0', 'end-1c') 18 | 19 | if parametros.get() is not "": 20 | payload = payload + "\" -p \""+parametros.get() 21 | 22 | if db.get() is not "": 23 | payload = payload + "\" -D \""+db.get() 24 | 25 | if table.get() is not "": 26 | payload = payload + "\" -T \""+table.get() 27 | 28 | if column.get() is not "": 29 | payload = payload +"\" -C \""+column.get()+"\" --dump" 30 | else: 31 | payload = payload + "\" --columns" 32 | else: 33 | payload = payload + "\" --tables" 34 | else: 35 | payload = payload + "\" --dbs" 36 | else: 37 | payload = payload + " --h" 38 | 39 | if lvl.get() is not "": 40 | payload = payload + " --level="+lvl.get() 41 | if rsk.get() is not "": 42 | payload = payload + " --risk="+rsk.get() 43 | if thr.get() is not "": 44 | payload = payload + " --threads="+thr.get() 45 | if v.get() is not "": 46 | payload = payload + " -v "+v.get() 47 | #no-cast 48 | if nc.get() is 1: 49 | payload = payload + " --no-cast" 50 | #random-agent 51 | if ra.get() is 1: 52 | payload = payload + " --random-agent" 53 | #user-agent 54 | if ua.get() is not "": 55 | payload = payload + " --user-agent=\""+ua.get()+"\"" 56 | #timesec 57 | if ts.get() is not "": 58 | payload = payload + " --time-sec="+ts.get() 59 | #timeout 60 | if to.get() is not "": 61 | payload = payload + " --timeout="+to.get() 62 | #proxy 63 | if proxy.get() is not "": 64 | payload = payload + " --proxy=\""+proxy.get()+"\"" 65 | 66 | #Guardando logs 67 | #log.write(payload+'\n') 68 | #log.close() 69 | 70 | if val == 1: 71 | #Iniciando archivo de logs 72 | log = open ('logsqlmapgui.txt','a') 73 | #Verificar antes de ejecutar 74 | print payload 75 | #Guardando logs 76 | log.write(payload+'\n') 77 | log.close() 78 | #Ejecutar en la shell 79 | os.system(payload) 80 | else: 81 | return payload 82 | #Cerrando los logs 83 | 84 | #Funcion para ejecutar el sqlmap en otras shells 85 | def other(): 86 | #global current_tampers 87 | #Obteniendo el payload de la funcion current 88 | payl = current(0) 89 | #print payl 90 | #print current_tampers 91 | if len(current_tampers) is not 0: 92 | for tamper in current_tampers: 93 | #Iniciando archivo de logs 94 | log = open ('logsqlmapgui.txt','a') 95 | #Creando comando con tampers 96 | comand = payl+" --tamper=\""+tamper+"\"" 97 | #Guardando logs 98 | log.write(comand+'\n') 99 | log.close() 100 | #Ejecutando 101 | os.system('gnome-terminal -x bash -c "'+comand+';bash"') 102 | else: 103 | #Iniciando archivo de logs 104 | log = open ('logsqlmapgui.txt','a') 105 | log.write(payl+'\n') 106 | log.close() 107 | os.system('gnome-terminal -x bash -c "'+payl+';bash"') 108 | #Comando usado: gnome-terminal -x bash -c "comando;bash" 109 | #os.system('gnome-terminal -x bash -c "'+payload+';bash"') 110 | 111 | #Funcion para crear la cadena de tampers ejm: tamper1,tamper2,tamper3 112 | def set_tamp(var): 113 | if var in current_tampers: 114 | current_tampers.remove(var) 115 | else: 116 | current_tampers.append(var) 117 | 118 | #print current_tampers 119 | #Ventana Window Tamper 120 | def tampers(): 121 | 122 | #Creaccion de la ventana tamper 123 | tamperv = Tkinter.Tk() 124 | tamperv.title("Window-Tampers") 125 | #seteando posicion con la ventana main 126 | x=root.winfo_x()+400 127 | y=root.winfo_y()#+300 128 | tamperv.geometry("600x330+"+str(x)+"+"+str(y)) 129 | #Quitando Bordes 130 | #tamperv.overrideredirect(1) 131 | 132 | #Tamper List 133 | tampers=["apostrophemask","apostrophenullencode","appendnullbyte", 134 | "base64encode","between","bluecoat","chardoubleencode", 135 | "charencode","charunicodeencode","concat2concatws", 136 | "equaltolike","greatest","halfversionedmorekeywords", 137 | "ifnull2ifisnull","modsecurityversioned","modsecurityzeroversioned", 138 | "multiplespaces","nonrecursivereplacement","percentage", 139 | "randomcase","randomcomments","securesphere","space2comment", 140 | "space2dash","space2hash","space2morehash","space2mssqlblank", 141 | "space2mssqlhash","space2mysqlblank","space2mysqldash", 142 | "space2plus","space2randomblank","sp_password","unionalltounion", 143 | "unmagicquotes","versionedkeywords","versionedmorekeywords"] 144 | 145 | #Boton informativo 146 | tamp_info = Tkinter.Button(tamperv, text="Que tamper usar", command=tamp_txt) 147 | tamp_info.grid(row=0,column=1) 148 | 149 | 150 | #Agregar los Checkbutton en la ventana tamper (No funcionó >:v) 151 | """ 152 | r = 1 153 | c = 0 154 | pos = 0 155 | cb_tampers = [] 156 | for tamper in tampers: 157 | #print pos 158 | #val_tampers.append(Tkinter.IntVar()) 159 | Tkinter.Checkbutton(tamperv, text=tamper, command=lambda:set_tamp(self.get("text"))).grid(row=r,column=c) 160 | print tampers[pos] 161 | pos = pos + 1 162 | #c = c + 1 163 | r = r + 1 164 | if r == 14: 165 | #c = 0 166 | #r = r + 1 167 | r = 1 168 | c = c + 1 169 | """ 170 | #Alv asi si funciona xd 171 | 172 | Tkinter.Checkbutton(tamperv, text=tampers[0], command=lambda:set_tamp(tampers[0])).grid(row=1,column=0) 173 | Tkinter.Checkbutton(tamperv, text=tampers[1], command=lambda:set_tamp(tampers[1])).grid(row=2,column=0) 174 | Tkinter.Checkbutton(tamperv, text=tampers[2], command=lambda:set_tamp(tampers[2])).grid(row=3,column=0) 175 | Tkinter.Checkbutton(tamperv, text=tampers[3], command=lambda:set_tamp(tampers[3])).grid(row=4,column=0) 176 | Tkinter.Checkbutton(tamperv, text=tampers[4], command=lambda:set_tamp(tampers[4])).grid(row=5,column=0) 177 | Tkinter.Checkbutton(tamperv, text=tampers[5], command=lambda:set_tamp(tampers[5])).grid(row=6,column=0) 178 | Tkinter.Checkbutton(tamperv, text=tampers[6], command=lambda:set_tamp(tampers[6])).grid(row=7,column=0) 179 | Tkinter.Checkbutton(tamperv, text=tampers[7], command=lambda:set_tamp(tampers[7])).grid(row=8,column=0) 180 | Tkinter.Checkbutton(tamperv, text=tampers[8], command=lambda:set_tamp(tampers[8])).grid(row=9,column=0) 181 | Tkinter.Checkbutton(tamperv, text=tampers[9], command=lambda:set_tamp(tampers[9])).grid(row=10,column=0) 182 | Tkinter.Checkbutton(tamperv, text=tampers[10], command=lambda:set_tamp(tampers[10])).grid(row=11,column=0) 183 | Tkinter.Checkbutton(tamperv, text=tampers[11], command=lambda:set_tamp(tampers[11])).grid(row=12,column=0) 184 | Tkinter.Checkbutton(tamperv, text=tampers[12], command=lambda:set_tamp(tampers[12])).grid(row=13,column=0) 185 | Tkinter.Checkbutton(tamperv, text=tampers[13], command=lambda:set_tamp(tampers[13])).grid(row=1,column=1) 186 | Tkinter.Checkbutton(tamperv, text=tampers[14], command=lambda:set_tamp(tampers[14])).grid(row=2,column=1) 187 | Tkinter.Checkbutton(tamperv, text=tampers[15], command=lambda:set_tamp(tampers[15])).grid(row=3,column=1) 188 | Tkinter.Checkbutton(tamperv, text=tampers[16], command=lambda:set_tamp(tampers[16])).grid(row=4,column=1) 189 | Tkinter.Checkbutton(tamperv, text=tampers[17], command=lambda:set_tamp(tampers[17])).grid(row=5,column=1) 190 | Tkinter.Checkbutton(tamperv, text=tampers[18], command=lambda:set_tamp(tampers[18])).grid(row=6,column=1) 191 | Tkinter.Checkbutton(tamperv, text=tampers[19], command=lambda:set_tamp(tampers[19])).grid(row=7,column=1) 192 | Tkinter.Checkbutton(tamperv, text=tampers[20], command=lambda:set_tamp(tampers[20])).grid(row=8,column=1) 193 | Tkinter.Checkbutton(tamperv, text=tampers[21], command=lambda:set_tamp(tampers[21])).grid(row=9,column=1) 194 | Tkinter.Checkbutton(tamperv, text=tampers[22], command=lambda:set_tamp(tampers[22])).grid(row=10,column=1) 195 | Tkinter.Checkbutton(tamperv, text=tampers[23], command=lambda:set_tamp(tampers[23])).grid(row=11,column=1) 196 | Tkinter.Checkbutton(tamperv, text=tampers[24], command=lambda:set_tamp(tampers[24])).grid(row=12,column=1) 197 | Tkinter.Checkbutton(tamperv, text=tampers[25], command=lambda:set_tamp(tampers[25])).grid(row=13,column=1) 198 | Tkinter.Checkbutton(tamperv, text=tampers[26], command=lambda:set_tamp(tampers[26])).grid(row=1,column=2) 199 | Tkinter.Checkbutton(tamperv, text=tampers[27], command=lambda:set_tamp(tampers[27])).grid(row=2,column=2) 200 | Tkinter.Checkbutton(tamperv, text=tampers[28], command=lambda:set_tamp(tampers[28])).grid(row=3,column=2) 201 | Tkinter.Checkbutton(tamperv, text=tampers[29], command=lambda:set_tamp(tampers[29])).grid(row=4,column=2) 202 | Tkinter.Checkbutton(tamperv, text=tampers[30], command=lambda:set_tamp(tampers[30])).grid(row=5,column=2) 203 | Tkinter.Checkbutton(tamperv, text=tampers[31], command=lambda:set_tamp(tampers[31])).grid(row=6,column=2) 204 | Tkinter.Checkbutton(tamperv, text=tampers[32], command=lambda:set_tamp(tampers[32])).grid(row=7,column=2) 205 | Tkinter.Checkbutton(tamperv, text=tampers[33], command=lambda:set_tamp(tampers[33])).grid(row=8,column=2) 206 | Tkinter.Checkbutton(tamperv, text=tampers[34], command=lambda:set_tamp(tampers[34])).grid(row=9,column=2) 207 | Tkinter.Checkbutton(tamperv, text=tampers[35], command=lambda:set_tamp(tampers[35])).grid(row=10,column=2) 208 | #Loop Ventana tampers 209 | tamperv.mainloop() 210 | 211 | #Para validad y actualizar el texto del boton del tamper 212 | #if tamp == 0: 213 | # tamperv.state(newstate='normal') 214 | # btn_text.set("Ocultar Window Tamper") 215 | # tamp = 1 216 | #else: 217 | # tamperv.state(newstate='withdraw') 218 | # btn_text.set("Mostrar Window Tamper") 219 | # tamp = 0 220 | 221 | #Ejecutar lista de tampers informativa 222 | def tamp_txt(): 223 | os.system('gnome-terminal -x bash -c "cat tampers.txt;bash"') 224 | 225 | def logsqlmap(): 226 | os.system('gnome-terminal -x bash -c "cat logsqlmapgui.txt;bash"') 227 | 228 | ##################################################### 229 | #Ventana Principal 230 | root = Tkinter.Tk() 231 | root.title("SqlMapGui") 232 | root.geometry("400x400") 233 | 234 | #Creando cadena inicial 235 | 236 | sqlmap = "sqlmap" 237 | 238 | #InterfaceGrafica 239 | Tkinter.Label(root, text="------Target Section---------------------------------------------------").place(x=10, y=5) 240 | #Target 241 | Tkinter.Label(root, text="URL Vulnerable").place(x=15, y=25) 242 | target = Tkinter.Entry(root, width=45) 243 | target.place(x=15, y=40) 244 | 245 | #PostDate 246 | Tkinter.Label(root, text="Data Post").place(x=15, y=65) 247 | post = Tkinter.Text(root, height=2, width=45) 248 | post.place(x=15, y=80) 249 | 250 | #Parametros 251 | Tkinter.Label(root, text="Parametros").place(x=15, y=125) 252 | parametros = Tkinter.Entry(root, width=20) 253 | parametros.place(x=15, y=140) 254 | 255 | #Base de Dato/s 256 | Tkinter.Label(root, text="Base de Datos").place(x=215, y=125) 257 | db = Tkinter.Entry() 258 | db.place(x=215, y=140) 259 | 260 | #Tabla/s 261 | Tkinter.Label(root, text="Ingrese la tabla").place(x=15, y=165) 262 | table = Tkinter.Entry() 263 | table.place(x=15, y=180) 264 | 265 | #Columna/s 266 | Tkinter.Label(root, text="Ingrese la columna").place(x=215, y=165) 267 | column = Tkinter.Entry() 268 | column.place(x=215, y=180) 269 | 270 | #Level 271 | Tkinter.Label(root, text="--level=").place(x=15, y=205) 272 | lvl = Tkinter.Entry(root, width=1) 273 | lvl.place(x=70, y=205) 274 | 275 | #Risk 276 | Tkinter.Label(root, text="--risk=").place(x=95, y=205) 277 | rsk = Tkinter.Entry(root, width=1) 278 | rsk.place(x=140, y=205) 279 | 280 | #Threads 281 | Tkinter.Label(root, text="--threads=").place(x=160, y=205) 282 | thr = Tkinter.Entry(root, width=2) 283 | thr.place(x=230, y=205) 284 | 285 | #Verbosidad 286 | Tkinter.Label(root, text="-v").place(x=252, y=205) 287 | v = Tkinter.Entry(root, width=1) 288 | v.place(x=270, y=205) 289 | 290 | #No Cast 291 | nc = Tkinter.IntVar() 292 | Tkinter.Checkbutton(root, text="--no-cast", variable=nc).place(x=290, y=205) 293 | 294 | Tkinter.Label(root, text="------Connection Section---------------------------------------------").place(x=10, y=230) 295 | 296 | #--Random-Agent 297 | ra = Tkinter.IntVar() 298 | Tkinter.Checkbutton(root, text="--random-agent", variable=ra).place(x=8, y=250) 299 | 300 | #--user-agent= 301 | Tkinter.Label(root, text="--user-agent=").place(x=140, y=250) 302 | ua = Tkinter.Entry(root, width=18) 303 | ua.place(x=233, y=250) 304 | 305 | #Time Sec 306 | Tkinter.Label(root, text="--time-sec=").place(x=10, y=275) 307 | ts = Tkinter.Entry(root, width=2) 308 | ts.place(x=88, y=275) 309 | 310 | 311 | #TimeOUT 312 | Tkinter.Label(root, text="--timeout=").place(x=110, y=275) 313 | to = Tkinter.Entry(root, width=2) 314 | to.place(x=185, y=275) 315 | 316 | #Proxy 317 | Tkinter.Label(root, text="--proxy=").place(x=210, y=275) 318 | proxy = Tkinter.Entry(root, width=13) 319 | proxy.place(x=273, y=275) 320 | 321 | 322 | #Tamper Seleccionados 323 | current_tampers=[] 324 | 325 | Tkinter.Label(root, text="------Extra Section---------------------------------------------").place(x=10, y=300) 326 | 327 | 328 | #Boton para entrar a la funcion 329 | boton1 = Tkinter.Button(root, text="Run SQLMAP current Shell", command=current) 330 | boton1.place(x=5, y=320) 331 | 332 | boton2 = Tkinter.Button(root, text="Run SQLMAP other Shell", command=other) 333 | boton2.place(x=210, y=320) 334 | 335 | #Deslizar ventana tampers 336 | btn_text = Tkinter.StringVar() 337 | boton3 = Tkinter.Button(root, textvariable=btn_text, command=tampers) 338 | btn_text.set("Seleccionar algun Tamper") 339 | boton3.place(x=5, y=355) 340 | tamp = 0 341 | 342 | #Registro de comandos SQLMAP 343 | boton2 = Tkinter.Button(root, text="SqlMap History Payload", command=logsqlmap) 344 | boton2.place(x=210, y=355) 345 | 346 | #Loop infinito hasta cerrar la ventana 347 | root.mainloop() -------------------------------------------------------------------------------- /tampers.py: -------------------------------------------------------------------------------- 1 | r = 1 2 | c = 0 3 | 4 | for i in range (0,37): 5 | print "Tkinter.Checkbutton(tamperv, text=tampers["+str(i)+"], command=lambda:set_tamp(tampers["+str(i)+"])).grid(row="+str(r)+",column="+str(c)+")" 6 | r = r + 1 7 | 8 | if r == 14: 9 | #c = 0 10 | #r = r + 1 11 | r = 1 12 | c = c + 1 13 | -------------------------------------------------------------------------------- /tampers.txt: -------------------------------------------------------------------------------- 1 | # All scripts 2 | 3 | apostrophemask 4 | apostrophenullencode 5 | appendnullbyte 6 | base64encode 7 | between 8 | bluecoat 9 | chardoubleencode 10 | charencode 11 | charunicodeencode 12 | concat2concatws 13 | equaltolike 14 | greatest 15 | halfversionedmorekeywords 16 | ifnull2ifisnull 17 | modsecurityversioned 18 | modsecurityzeroversioned 19 | multiplespaces 20 | nonrecursivereplacement 21 | percentage 22 | randomcase 23 | randomcomments 24 | securesphere 25 | space2comment 26 | space2dash 27 | space2hash 28 | space2morehash 29 | space2mssqlblank 30 | space2mssqlhash 31 | space2mysqlblank 32 | space2mysqldash 33 | space2plus 34 | space2randomblank 35 | sp_password 36 | unionalltounion 37 | unmagicquotes 38 | versionedkeywords 39 | versionedmorekeywords 40 | 41 | # General scripts 42 | 43 | apostrophemask 44 | apostrophenullencode 45 | base64encode 46 | between 47 | chardoubleencode 48 | charencode 49 | charunicodeencode 50 | equaltolike 51 | greatest 52 | ifnull2ifisnull 53 | multiplespaces 54 | nonrecursivereplacement 55 | percentage 56 | randomcase 57 | securesphere 58 | space2comment 59 | space2plus 60 | space2randomblank 61 | unionalltounion 62 | unmagicquotes 63 | 64 | # Microsoft access 65 | 66 | between 67 | bluecoat 68 | charencode 69 | charunicodeencode 70 | concat2concatws 71 | equaltolike 72 | greatest 73 | halfversionedmorekeywords 74 | ifnull2ifisnull 75 | modsecurityversioned 76 | modsecurityzeroversioned 77 | multiplespaces 78 | nonrecursivereplacement 79 | percentage 80 | randomcase 81 | securesphere 82 | space2comment 83 | space2hash 84 | space2morehash 85 | space2mysqldash 86 | space2plus 87 | space2randomblank 88 | unionalltounion 89 | unmagicquotes 90 | versionedkeywords 91 | versionedmorekeywords 92 | 93 | # Microsoft SQL Server 94 | 95 | between 96 | charencode 97 | charunicodeencode 98 | equaltolike 99 | greatest 100 | multiplespaces 101 | nonrecursivereplacement 102 | percentage 103 | randomcase 104 | securesphere 105 | sp_password 106 | space2comment 107 | space2dash 108 | space2mssqlblank 109 | space2mysqldash 110 | space2plus 111 | space2randomblank 112 | unionalltounion 113 | unmagicquotes 114 | 115 | # MySQL 116 | 117 | between 118 | bluecoat 119 | charencode 120 | charunicodeencode 121 | concat2concatws 122 | equaltolike 123 | greatest 124 | halfversionedmorekeywords 125 | ifnull2ifisnull 126 | modsecurityversioned 127 | modsecurityzeroversioned 128 | multiplespaces 129 | nonrecursivereplacement 130 | percentage 131 | randomcase 132 | securesphere 133 | space2comment 134 | space2hash 135 | space2morehash 136 | space2mysqldash 137 | space2plus 138 | space2randomblank 139 | unionalltounion 140 | unmagicquotes 141 | versionedkeywords 142 | versionedmorekeywords 143 | xforwardedfor 144 | 145 | # Oracle 146 | 147 | between 148 | charencode 149 | equaltolike 150 | greatest 151 | multiplespaces 152 | nonrecursivereplacement 153 | randomcase 154 | securesphere 155 | space2comment 156 | space2plus 157 | space2randomblank 158 | unionalltounion 159 | unmagicquotes 160 | xforwardedfor 161 | 162 | # PostgreSQL 163 | 164 | between 165 | charencode 166 | charunicodeencode 167 | equaltolike 168 | greatest 169 | multiplespaces 170 | nonrecursivereplacement 171 | percentage 172 | randomcase 173 | securesphere 174 | space2comment 175 | space2plus 176 | space2randomblank 177 | xforwardedfor 178 | 179 | # SAP MaxDB 180 | 181 | ifnull2ifisnull 182 | nonrecursivereplacement 183 | randomcase 184 | securesphere 185 | space2comment 186 | space2plus 187 | unionalltounion 188 | unmagicquotes 189 | xforwardedfor 190 | 191 | # SQLite 192 | 193 | ifnull2ifisnull 194 | multiplespaces 195 | nonrecursivereplacement 196 | randomcase 197 | securesphere 198 | space2comment 199 | space2dash 200 | space2plus 201 | unionalltounion 202 | unmagicquotes 203 | xforwardedfor 204 | --------------------------------------------------------------------------------