this is strictly for educational purposes

stamparm · stamparm · commit 19d8733e9ac0 · 2010-12-20T17:30:47.000Z
diff --git a/lib/core/common.py b/lib/core/common.py
@@ -660,6 +660,7 @@ def setPaths():
     paths.COMMON_COLUMNS         = os.path.join(paths.SQLMAP_TXT_PATH, "common-columns.txt")
     paths.COMMON_TABLES          = os.path.join(paths.SQLMAP_TXT_PATH, "common-tables.txt")
     paths.COMMON_OUTPUTS         = os.path.join(paths.SQLMAP_TXT_PATH, 'common-outputs.txt')
+    paths.DORKS                  = os.path.join(paths.SQLMAP_TXT_PATH, "dorks.txt")
     paths.SQL_KEYWORDS           = os.path.join(paths.SQLMAP_TXT_PATH, "keywords.txt")
     paths.ORACLE_DEFAULT_PASSWD  = os.path.join(paths.SQLMAP_TXT_PATH, "oracle-default-passwords.txt")
     paths.WORDLIST               = os.path.join(paths.SQLMAP_TXT_PATH, "wordlist.txt")
diff --git a/lib/core/option.py b/lib/core/option.py
@@ -302,6 +302,20 @@ def __setRequestFromFile():
 
     __feedTargetsDict(conf.requestFile, addedTargetUrls)
 
+def __setScriptKiddie():
+    """
+    This function sets a random google dork
+    """
+    if not conf.scriptKiddie or conf.url or conf.list or conf.requestFile or conf.googleDork:
+        return
+
+    dorks = getFileItems(paths.DORKS)
+    conf.googleDork = "inurl:%s" % dorks[randomRange(0, len(dorks) - 1)]
+    conf.multipleTargets = True
+
+    logMsg = "setting random google dork to: '%s'" % conf.googleDork
+    logger.info(logMsg)
+
 def __setGoogleDorking():
     """
     This function checks if the way to request testable hosts is through
@@ -1379,7 +1393,7 @@ def init(inputOptions=advancedDict()):
     parseTargetUrl()
     parseTargetDirect()
 
-    if conf.url or conf.list or conf.requestFile or conf.googleDork or conf.liveTest:
+    if conf.url or conf.list or conf.requestFile or conf.googleDork or conf.liveTest or conf.scriptKiddie:
         __setHTTPTimeout()
         __setHTTPExtraHeaders()
         __setHTTPCookies()
@@ -1390,6 +1404,7 @@ def init(inputOptions=advancedDict()):
         __setHTTPProxy()
         __setSafeUrl()
         __setUnion()
+        __setScriptKiddie()
         __setGoogleDorking()
         __urllib2Opener()
         __findPageForms()
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
@@ -560,7 +560,8 @@ def cmdLineParser():
         (args, _) = parser.parse_args(args)
 
         if not args.direct and not args.url and not args.list and not args.googleDork and not args.configFile\
-            and not args.requestFile and not args.updateAll and not args.smokeTest and not args.liveTest:
+            and not args.requestFile and not args.updateAll and not args.smokeTest and not args.liveTest\
+            and not args.scriptKiddie:
             errMsg  = "missing a mandatory parameter ('-d', '-u', '-l', '-r', '-g', '-c' or '--update'), "
             errMsg += "-h for help"
             parser.error(errMsg)
diff --git a/txt/dorks.txt b/txt/dorks.txt
