├── README.md
├── SDList.txt
├── SDSQLi.txt
├── dorksploit
├── extract.py
├── files
    ├── fi.speedx
    ├── sqli.speedx
    └── xss.speedx
└── vuln.py


/README.md:
--------------------------------------------------------------------------------
 1 | # dorksploit
 2 | Advance Google Dorker and Vulnerability Scanner
 3 | 
 4 | # Introduction
 5 | 
 6 | DorkSploit is a Tool which finds the list of website according to your given GOOGLE dork. This can be used for Finding SQLi , XSS , LFI/RFI Vulnerable Websites.
 7 | 
 8 | Each page of generated dorks contains about 10 Websites. So if you type 1 page it gives 10 websites , 2 page gives 20 websites, etc.
 9 | 
10 | Website Vulnerablity Scanner Scans only For SQLi Vulnerablity. It will Soon Be Updated To Scan For Other Vulnerabilities. Keep Supporting ME ;-)"
11 | 
12 | NOTE: It is Only For Educational Purposes. Neither I Say Nor I Promote To Hack Sites Without Owners Consent."
13 | 
14 | # How to install
15 | 
16 | copy the following commands 
17 | 
18 | git clone https://github.com/cipherhexx/dorksploit
19 | 
20 | cd dorksploit
21 | 
22 | chmod +x dorksploit
23 | 
24 | ./dorksploit
25 | 
26 | # Shoutout
27 |  
28 | A big Shoutout to my friend Speedx, Without him i won't be able to complete this project.
29 | 


--------------------------------------------------------------------------------
/SDList.txt:
--------------------------------------------------------------------------------
 1 | http://www.atmarine.fi/index.php%3Fid%3D2
 2 | http://www.katoombagroup.org/details.php%3Fid%3D56
 3 | https://www.finvent.com/details.php%3Fid%3D20
 4 | http://www.bpc.gov.bd/contactus.php%3Fid%3D13
 5 | http://www.iitk.ac.in/sere/project.php%3Fid%3D6
 6 | http://www.tunesoman.com/product.php%3Fid%3D200
 7 | http://northeastnews.in/news.php%3Fid%3D17
 8 | https://www.id.ee/index.php%3Fid%3D30470
 9 | http://www.atrium.com.pk/Shopping.php%3FID%3D1
10 | http://www.studentvote.ca/2011/results/index.php%3Fid%3D1
11 | http://www.jmtv.com/news.php%3Fid%3D3
12 | https://www.webscantest.com/datastore/search_get_by_id.php%3Fid%3D4
13 | https://www.migration.gov.rw/index.php%3Fid%3D19
14 | http://www.interaliaproject.com/news.php%3Fid%3D115
15 | http://www.romanianwriters.ro/s.php%3Fid%3D1
16 | http://www.kvm.co.ke/products.php%3Fid%3D1
17 | http://www.ubraintv.com/watchchannel.php%3Fid%3D6
18 | http://www.dynatekbikes.com/news.php%3Fid%3D10
19 | http://www.ampak.com.tw/product.php%3Fid%3D21
20 | http://www.cinguitars.com/brand.php%3Fid%3D45
21 | https://www.ecqa.org/index.php%3Fid%3D22
22 | http://www.bransonparksandrecreation.com/page.php%3Fid%3D38
23 | http://www.asfaa.org/members.php%3Fid%3D1
24 | http://www.multan.gov.pk/files.php%3Fid%3D1
25 | http://berkeleyrecycling.org/page.php%3Fid%3D1
26 | https://alphaonenow.org/info.php%3Fid%3D131
27 | http://www.icdcprague.org/index.php%3Fid%3D10
28 | http://americanvalues.org/search/item.php%3Fid%3D18
29 | http://myscs.org/study-abroad-detail.php%3Fid%3D63
30 | http://www.minddesign.co.uk/show.php%3Fid%3D174
31 | http://www.pixheaven.net/galerie_us.php%3Fid%3D22
32 | http://polyportables-id.com/search.php%3Ftag%3DPortable%26searchtxt%3DPortable
33 | http://www.sansihotels.com/hotels.php%3Fid%3D1
34 | http://www.stasy.gr/index.php%3Fid%3D49%26L%3D1
35 | https://www.kunstreservebank.nl/index.php%3Fid%3D1%26lang%3DEN
36 | http://www.ilslbd.com/content.php%3FId%3D4
37 | http://www.katun.me/page.php%3Fid%3D10
38 | https://immigration.ecitizen.go.ke/index.php%3Fid%3D5
39 | http://www.ghanatimber.org/certification_details.php%3Fid%3D12
40 | https://www.bible-history.com/subcat.php%3Fid%3D2
41 | 


--------------------------------------------------------------------------------
/SDSQLi.txt:
--------------------------------------------------------------------------------
 1 | http://www.atmarine.fi/index.php%3Fid%3D2
 2 | https://www.finvent.com/details.php%3Fid%3D20
 3 | http://www.studentvote.ca/2011/results/index.php%3Fid%3D1
 4 | http://www.jmtv.com/news.php%3Fid%3D3
 5 | http://www.interaliaproject.com/news.php%3Fid%3D115
 6 | http://www.kvm.co.ke/products.php%3Fid%3D1
 7 | http://www.ubraintv.com/watchchannel.php%3Fid%3D6
 8 | http://www.dynatekbikes.com/news.php%3Fid%3D10
 9 | http://www.cinguitars.com/brand.php%3Fid%3D45
10 | http://www.bransonparksandrecreation.com/page.php%3Fid%3D38
11 | http://www.multan.gov.pk/files.php%3Fid%3D1
12 | https://alphaonenow.org/info.php%3Fid%3D131
13 | http://www.icdcprague.org/index.php%3Fid%3D10
14 | http://myscs.org/study-abroad-detail.php%3Fid%3D63
15 | http://www.minddesign.co.uk/show.php%3Fid%3D174
16 | http://polyportables-id.com/search.php%3Ftag%3DPortable%26searchtxt%3DPortable
17 | https://www.kunstreservebank.nl/index.php%3Fid%3D1%26lang%3DEN
18 | http://www.ilslbd.com/content.php%3FId%3D4
19 | http://www.ghanatimber.org/certification_details.php%3Fid%3D12
20 | 


--------------------------------------------------------------------------------
/dorksploit:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | cat << "EOF" 
  3 | 
  4 | ██████╗  ██████╗ ██████╗ ██╗  ██╗███████╗██████╗ ██╗      ██████╗ ██╗████████╗
  5 | ██╔══██╗██╔═══██╗██╔══██╗██║ ██╔╝██╔════╝██╔══██╗██║     ██╔═══██╗██║╚══██╔══╝
  6 | ██║  ██║██║   ██║██████╔╝█████╔╝ ███████╗██████╔╝██║     ██║   ██║██║   ██║   
  7 | ██║  ██║██║   ██║██╔══██╗██╔═██╗ ╚════██║██╔═══╝ ██║     ██║   ██║██║   ██║   
  8 | ██████╔╝╚██████╔╝██║  ██║██║  ██╗███████║██║     ███████╗╚██████╔╝██║   ██║   
  9 | ╚═════╝  ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚══════╝╚═╝     ╚══════╝ ╚═════╝ ╚═╝   ╚═╝   
 10 |                                                                               
 11 | EOF
 12 | echo ""
 13 | echo ""
 14 | echo "Select an Option"
 15 | echo ""
 16 | echo "1. Install the requirements"
 17 | echo "2. Start the tool"
 18 | read OPT
 19 | if [ "$OPT" -eq 1 ]
 20 | then
 21 | apt update -y
 22 | apt upgrade -y
 23 | pkg update
 24 | pkg upgrade 
 25 | pkg install curl python2 busybox
 26 | pip2 install --upgrade pip
 27 | pip2 install urllib3
 28 | pip2 install progressbar2
 29 | clear
 30 | echo "succesfully installed now run the tool again :)"
 31 | elif [ "$OPT" -eq 2 ]
 32 | then
 33 | clear
 34 | cat << "EOF" 
 35 | 
 36 | ██████╗  ██████╗ ██████╗ ██╗  ██╗███████╗██████╗ ██╗      ██████╗ ██╗████████╗
 37 | ██╔══██╗██╔═══██╗██╔══██╗██║ ██╔╝██╔════╝██╔══██╗██║     ██╔═══██╗██║╚══██╔══╝
 38 | ██║  ██║██║   ██║██████╔╝█████╔╝ ███████╗██████╔╝██║     ██║   ██║██║   ██║   
 39 | ██║  ██║██║   ██║██╔══██╗██╔═██╗ ╚════██║██╔═══╝ ██║     ██║   ██║██║   ██║   
 40 | ██████╔╝╚██████╔╝██║  ██║██║  ██╗███████║██║     ███████╗╚██████╔╝██║   ██║   
 41 | ╚═════╝  ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚══════╝╚═╝     ╚══════╝ ╚═════╝ ╚═╝   ╚═╝   
 42 |                                                                               
 43 | EOF
 44 | echo "Select an Option"
 45 | echo "1. Generate Sites From Dork"
 46 | echo "2. Scan For Vulnerable Sites"
 47 | echo "3. View Sample Dorks"
 48 | echo "4. For Instructions"
 49 | echo "5. Exit "
 50 | read ch
 51 | if [ $ch -eq 1 ];then
 52 | clear
 53 | cat << "EOF" 
 54 | 
 55 | ██████╗  ██████╗ ██████╗ ██╗  ██╗███████╗██████╗ ██╗      ██████╗ ██╗████████╗
 56 | ██╔══██╗██╔═══██╗██╔══██╗██║ ██╔╝██╔════╝██╔══██╗██║     ██╔═══██╗██║╚══██╔══╝
 57 | ██║  ██║██║   ██║██████╔╝█████╔╝ ███████╗██████╔╝██║     ██║   ██║██║   ██║   
 58 | ██║  ██║██║   ██║██╔══██╗██╔═██╗ ╚════██║██╔═══╝ ██║     ██║   ██║██║   ██║   
 59 | ██████╔╝╚██████╔╝██║  ██║██║  ██╗███████║██║     ███████╗╚██████╔╝██║   ██║   
 60 | ╚═════╝  ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚══════╝╚═╝     ╚══════╝ ╚═════╝ ╚═╝   ╚═╝   
 61 |                                                                               
 62 | EOF
 63 | echo ""
 64 | echo -e "\e[1;33m Enter A Google Dork:"
 65 | read dork
 66 | echo -e "Enter Number Of Pages:"
 67 | read page
 68 | echo >SDList.txt
 69 | echo -e "\e[1;34m Please Wait... This May Take 1-2 Minutes..."
 70 | url="https://www.google.com/search?q="+$dork
 71 | curl -sA "Chrome" -L $url -o list1.txt
 72 | python2 extract.py list1.txt >SDList.txt
 73 | echo " Dorking Started !!!"
 74 | half=$(( page/2 ))
 75 | if [ $page -gt 1 ];then
 76 | for (( i=1;i<$page;i++ ))
 77 | do
 78 | turl=$url"&start="$(( i*10 ))
 79 | fn="list"$(( i+1 ))".txt"
 80 | curl -sA "Chrome" -L $turl -o $fn
 81 | python2 extract.py $fn >>SDList.txt
 82 | if [ $i -eq $half ];then
 83 | echo "50% Completed !!!"
 84 | fi
 85 | done
 86 | fi
 87 | echo "100% Completed !!!"
 88 | echo "List Created For Dork: "$dork
 89 | echo "Vulnerable Sites Saved in FileName: SDList.txt"
 90 | echo " "
 91 | rm list*.txt
 92 | echo "Do You Want To View it Now (Y/N):"
 93 | read cho
 94 | if [ "$cho" = "Y" ] || [ "$cho" = "y" ] ;then
 95 | echo -e "\e[1;31mThis List Was Created By DorkSploit !!!"
 96 | echo " "
 97 | cat SDList.txt
 98 | echo " "
 99 | echo " "
100 | echo "Press Enter To Go To Main Menu"
101 | read a4
102 | else
103 | echo "Going Back to Main Menu..."
104 | sleep 1
105 | fi
106 | elif [ $ch -eq 2 ];then
107 | clear
108 | cat << "EOF" 
109 | 
110 | ██████╗  ██████╗ ██████╗ ██╗  ██╗███████╗██████╗ ██╗      ██████╗ ██╗████████╗
111 | ██╔══██╗██╔═══██╗██╔══██╗██║ ██╔╝██╔════╝██╔══██╗██║     ██╔═══██╗██║╚══██╔══╝
112 | ██║  ██║██║   ██║██████╔╝█████╔╝ ███████╗██████╔╝██║     ██║   ██║██║   ██║   
113 | ██║  ██║██║   ██║██╔══██╗██╔═██╗ ╚════██║██╔═══╝ ██║     ██║   ██║██║   ██║   
114 | ██████╔╝╚██████╔╝██║  ██║██║  ██╗███████║██║     ███████╗╚██████╔╝██║   ██║   
115 | ╚═════╝  ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚══════╝╚═╝     ╚══════╝ ╚═════╝ ╚═╝   ╚═╝   
116 |                                                                               
117 | EOF
118 | echo "Note: This Scanner Only Scans for SQLi Vulnerablity"
119 | echo "Scanning Time Depends On Your Internet Speed & Site List.."
120 | echo "It is Recommended To Use Tool Generate Vulnerable Site List"
121 | echo "Default FileName : SDList.txt "
122 | echo " "
123 | echo -e "\e[1;33mInput The Name Of File Containing Links:"
124 | read fin
125 | echo -e "\e[1;32m"
126 | python2 vuln.py $fin
127 | echo -e "\e[1;34m Press Enter To Continue.."
128 | read a1
129 | elif [ $ch -eq 3 ];then
130 | clear
131 | cd files
132 | while true
133 | do
134 | clear
135 | cat << "EOF" 
136 | 
137 | ██████╗  ██████╗ ██████╗ ██╗  ██╗███████╗██████╗ ██╗      ██████╗ ██╗████████╗
138 | ██╔══██╗██╔═══██╗██╔══██╗██║ ██╔╝██╔════╝██╔══██╗██║     ██╔═══██╗██║╚══██╔══╝
139 | ██║  ██║██║   ██║██████╔╝█████╔╝ ███████╗██████╔╝██║     ██║   ██║██║   ██║   
140 | ██║  ██║██║   ██║██╔══██╗██╔═██╗ ╚════██║██╔═══╝ ██║     ██║   ██║██║   ██║   
141 | ██████╔╝╚██████╔╝██║  ██║██║  ██╗███████║██║     ███████╗╚██████╔╝██║   ██║   
142 | ╚═════╝  ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚══════╝╚═╝     ╚══════╝ ╚═════╝ ╚═╝   ╚═╝   
143 |                                                                               
144 | EOF
145 | echo "These Dorks Were Taken From Internet !! And Just Sample Better Use Your Own Dorks"
146 | echo " "
147 | echo "Press 1 For SQLi Dorks"
148 | echo "Press 2 For XSS Dorks"
149 | echo "Press 3 For LFI/RFI Dorks"
150 | echo "Press 4 To Exit "
151 | read dc
152 | if [ $dc -eq 1 ];then
153 | echo -e "\e[1;33mSome SQLi Dorks"
154 | echo " "
155 | cat sqli.speedx
156 | echo " "
157 | echo " "
158 | echo "Press Enter To Go Back"
159 | read a2
160 | elif [ $dc -eq 2 ];then
161 | echo -e "\e[1;33mSome XSS Dorks"
162 | echo " "
163 | cat xss.speedx
164 | echo " "
165 | echo " "
166 | echo "Press Enter To Go Back"
167 | read a2
168 | elif [ $dc -eq 3 ];then
169 | echo -e "\e[1;33mSome File Inclusion Dorks"
170 | echo " "
171 | cat fi.speedx
172 | echo " "
173 | echo " "
174 | echo "Press Enter To Go Back"
175 | read a2
176 | elif [ $dc -eq 4 ];then
177 | break
178 | else
179 | echo "Invalid Input !!!"
180 | sleep 2
181 | fi
182 | done
183 | echo -e "\e[1;31m"
184 | cd ..
185 | elif [ $ch -eq 4 ];then
186 | clear
187 | cat << "EOF" 
188 | 
189 | ██████╗  ██████╗ ██████╗ ██╗  ██╗███████╗██████╗ ██╗      ██████╗ ██╗████████╗
190 | ██╔══██╗██╔═══██╗██╔══██╗██║ ██╔╝██╔════╝██╔══██╗██║     ██╔═══██╗██║╚══██╔══╝
191 | ██║  ██║██║   ██║██████╔╝█████╔╝ ███████╗██████╔╝██║     ██║   ██║██║   ██║   
192 | ██║  ██║██║   ██║██╔══██╗██╔═██╗ ╚════██║██╔═══╝ ██║     ██║   ██║██║   ██║   
193 | ██████╔╝╚██████╔╝██║  ██║██║  ██╗███████║██║     ███████╗╚██████╔╝██║   ██║   
194 | ╚═════╝  ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚══════╝╚═╝     ╚══════╝ ╚═════╝ ╚═╝   ╚═╝   
195 |                                                                               
196 | EOF
197 | echo -e "\e[1;33m DorkSploit is a Tool which finds the list of website according to your given GOOGLE dork. This can be used for Finding SQLi , XSS , LFI/RFI Vulnerable Websites.\e[0m"
198 | echo " "
199 | echo -e "\e[1;32m Each page of generated dorks contains about 10 Websites. So if you type 1 page it gives 10 websites , 2 page gives 20 websites, etc."
200 | echo " "
201 | echo -e "\e[1;34m Website Vulnerablity Scanner Scans only For SQLi Vulnerablity. It will Soon Be Updated To Scan For Other Vulnerabilities. Keep Supporting ME ;-)"
202 | echo " "
203 | echo -e "\e[1;31m NOTE: It is Only For Educational Purposes. Neither I Say Nor I Promote To Hack Sites Without Owners Consent."
204 | echo " "
205 | echo " "
206 | echo " Press Enter To Continue..."
207 | read a5
208 | elif [ $ch -eq 5 ];then
209 | start=0
210 | else
211 | echo -e "\e[4;32m Invalid Input !!! \e[0m"
212 | echo "Press Enter To Go Home"
213 | read a3
214 | start=6
215 | clear
216 | fi
217 | echo "Thanks For Using DorkSploit !!"
218 | 
219 | else 
220 | echo "Dude you are drunk !! select a valid option"
221 | fi
222 | 


--------------------------------------------------------------------------------
/extract.py:
--------------------------------------------------------------------------------
 1 | import sys
 2 | def main():
 3 | 	f=open(sys.argv[1],"r")
 4 | 	str=f.read()
 5 | 	f.close()
 6 | 	p=str.split("<a href=")
 7 | 	for s in p:
 8 | 		if s.lower().find("url?q=") == 2:
 9 | 			stin=8
10 | 			ein=int(s.find("&amp;"))
11 | 			t=s[stin:ein]
12 | 			print t
13 | if __name__=="__main__":
14 | 	main()
15 | 


--------------------------------------------------------------------------------
/files/fi.speedx:
--------------------------------------------------------------------------------
 1 | inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
 2 | inurl:/include/new-visitor.inc.php?lvc_include_dir=
 3 | inurl:/_functions.php?prefix=
 4 | inurl:/cpcommerce/_functions.php?prefix=
 5 | inurl:/modules/coppermine/themes/default/theme.php?THEME_DIR=
 6 | inurl:/modules/agendax/addevent.inc.php?agendax_path=
 7 | inurl:/ashnews.php?pathtoashnews=
 8 | inurl:/eblog/blog.inc.php?xoopsConfig[xoops_url]=
 9 | inurl:/pm/lib.inc.php?pm_path=
10 | inurl:/b2-tools/gm-2-b2.php?b2inc=
11 | inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=
12 | inurl:/modules/agendax/addevent.inc.php?agendax_path=
13 | inurl:/includes/include_once.php?include_file=
14 | inurl:/e107/e107_handlers/secure_img_render.php?p=
15 | inurl:/shoutbox/expanded.php?conf=
16 | inurl:/main.php?x=
17 | inurl:/myPHPCalendar/admin.php?cal_dir=
18 | inurl:/index.php/main.php?x=
19 | inurl:/index.php?include=
20 | inurl:/index.php?x=
21 | inurl:/index.php?open=
22 | inurl:/index.php?visualizar=
23 | inurl:/template.php?pagina=
24 | inurl:/index.php?pagina=
25 | inurl:/index.php?inc=
26 | inurl:/includes/include_onde.php?include_file=
27 | inurl:/index.php?page=
28 | inurl:/index.php?pg=
29 | inurl:/index.php?show=
30 | inurl:/index.php?cat=
31 | inurl:/index.php?file=
32 | inurl:/db.php?path_local=
33 | inurl:/index.php?site=
34 | inurl:/htmltonuke.php?filnavn=
35 | inurl:/livehelp/inc/pipe.php?HCL_path=
36 | inurl:/hcl/inc/pipe.php?HCL_path=
37 | inurl:/inc/pipe.php?HCL_path=
38 | inurl:/support/faq/inc/pipe.php?HCL_path=
39 | inurl:/help/faq/inc/pipe.php?HCL_path=
40 | inurl:/helpcenter/inc/pipe.php?HCL_path=
41 | inurl:/live-support/inc/pipe.php?HCL_path=
42 | inurl:/gnu3/index.php?doc=
43 | inurl:/gnu/index.php?doc=
44 | inurl:/phpgwapi/setup/tables_update.inc.php?appdir=
45 | inurl:/forum/install.php?phpbb_root_dir=
46 | inurl:/includes/calendar.php?phpc_root_path=
47 | inurl:/includes/setup.php?phpc_root_path=
48 | inurl:/inc/authform.inc.php?path_pre=
49 | inurl:/include/authform.inc.php?path_pre=
50 | inurl:index.php?nic=
51 | inurl:index.php?sec=
52 | inurl:index.php?content=
53 | inurl:index.php?link=
54 | inurl:index.php?filename=
55 | inurl:index.php?dir=
56 | inurl:index.php?document=
57 | inurl:index.php?view=
58 | inurl:*.php?sel=
59 | inurl:*.php?session=&content=
60 | inurl:*.php?locate=
61 | inurl:*.php?place=
62 | inurl:*.php?layout=
63 | inurl:*.php?go=
64 | inurl:*.php?catch=
65 | inurl:*.php?mode=
66 | inurl:*.php?name=
67 | inurl:*.php?loc=
68 | inurl:*.php?f=
69 | inurl:*.php?inf=
70 | inurl:*.php?pg=
71 | inurl:*.php?load=
72 | inurl:*.php?naam=
73 | allinurl:/index.php?page= site:*.dk
74 | allinurl:/index.php?file= site:*.dk


--------------------------------------------------------------------------------
/files/sqli.speedx:
--------------------------------------------------------------------------------
 1 | inurl:php?id=
 2 | inurl:index.php?id=
 3 | inurl:trainers.php?id=
 4 | inurl:buy.php?category=
 5 | inurl:article.php?ID=
 6 | inurl:play_old.php?id=
 7 | inurl:declaration_more.php?decl_id=
 8 | inurl:page?id=
 9 | inurl:games.php?id=
10 | inurl:page.php?file=
11 | inurl:newsDetail.php?id=
12 | inurl:gallery.php?id=
13 | inurl:article.php?id=
14 | inurl:show.php?id=
15 | inurl:staff_id=
16 | inurl:newsitem.php?num=
17 | inurl:readnews.php?id=
18 | inurl:top10.php?cat=
19 | inurl:historialeer.php?num=
20 | inurl:reagir.php?num=


--------------------------------------------------------------------------------
/files/xss.speedx:
--------------------------------------------------------------------------------
 1 | inurl:".php?cmd="
 2 | inurl:".php?z="
 3 | inurl:".php?q="
 4 | inurl:".php?search="
 5 | inurl:".php?query="
 6 | inurl:".php?searchst­ring="
 7 | inurl:".php?keyword=­"
 8 | inurl:".php?file="
 9 | inurl:".php?years="
10 | inurl:".php?txt="
11 | inurl:".php?tag="
12 | inurl:".php?max="
13 | inurl:".php?from="
14 | inurl:".php?author="
15 | inurl:".php?pass="
16 | inurl:".php?feedback­="
17 | inurl:".php?mail="
18 | inurl:".php?cat="
19 | inurl:".php?vote="
20 | inurl:search.php?q=
21 | inurl:com_feedpostol­d/feedpost.php?url=
22 | inurl:scrapbook.php?­id=
23 | inurl:headersearch.p­hp?sid=
24 | inurl:/poll/­default.asp?catid=
25 | inurl:/search_results.php?search=


--------------------------------------------------------------------------------
/vuln.py:
--------------------------------------------------------------------------------
 1 | import sys
 2 | import urllib
 3 | import progressbar
 4 | def main():
 5 | 	vul=[]
 6 | 	fi=open(sys.argv[1],"r")
 7 | 	st=fi.read()
 8 | 	fi.close()
 9 | 	link=st.split("\n")
10 | 	i=1
11 | 	with progressbar.ProgressBar(max_value=len(link)) as bar:
12 | 		for s in link:
13 | 			try:
14 | 				if s:
15 | 					response=urllib.urlopen(s+"%27")
16 | 					res=response.read()
17 | 					if "error" in res:
18 | 						vul.append(s)
19 | 					bar.update(i)
20 | 					i=i+1
21 | 			except:
22 | 				i=i+1
23 | 	print str(len(vul))+" Websites Found Vulnerable"
24 | 	f2=open("SDSQLi.txt","w")
25 | 	for v in vul:
26 | 		print v
27 | 		f2.write(v+"\n")
28 | 	f2.close()
29 | 	print "\nSite List Saved With Filename: SDSQLi.txt"
30 | if __name__=="__main__":
31 | 	main()
32 | 


--------------------------------------------------------------------------------