function full($site)
{
print "[-] Start full scanning mode.\n";
pmapwn($site, 1);
print "[-] Start SQL Injection Scan\n";
sql($site, 1);
print "[-] Start XSS Scan\n";
xss($site, 1);
print "[-] Start RFI Scan\n";
rfi($site, 1);
print "[-] Start LFI Scan\n";
lfi($site, 1);
}
function scan()
{
print "\n Options:\n";
print " sqli - SQL Injection\n";
print " xss - Cross Site Scripting\n";
print " lfi - Local File Inclusion\n";
print " rfi - Remote File Inclusion\n";
print " all - F**k shit up\n";
print " What: ";
$choice = fopen("php://stdin", "r");
$what = fgets($choice);
print "\n File: ";
$choicef = fopen("php://stdin", "r");
$whatf = fgets($choicef);
$whatf = trim($whatf);
if (file_exists('out/' . $whatf)) {
if (trim($what) == 'sqli' || trim($what) == 'all' || trim($what) == 'sqli&xss') {
print "\n\n - Testing SQL Injection for " . count(file('out/' . $whatf)) . " parameters ({$whatf})\n";
$urls = file('out/' . $whatf);
foreach ($urls as $link) {
sqli(urldecode($link));
}
}
if (trim($what) == 'xss' || trim($what) == 'all' || trim($what) == 'sqli&xss') {
print "\n\n - Testing Cross Site Scripting for " . count(file('out/' . $whatf)) . " parameters ({$whatf})\n";
$urls = file('out/' . $whatf);
foreach ($urls as $link) {
xss(urldecode($link));
}
}
if (trim($what) == 'lfi' || trim($what) == 'all' || trim($what == 'lfi&rfi')) {
print "\n\n - Testing Local File Inclusion for " . count(file('out/' . $whatf)) . " parameters ({$whatf})\n";
$urls = file('out/' . $whatf);
foreach ($urls as $link) {
lfi(urldecode($link));
}
}
if (trim($what) == 'rfi' || trim($what) == 'all' || trim($what == 'lfi&rfi')) {
print "\n\n - Testing Remote File Inclusion for " . count(file('out/' . $whatf)) . " parameters ({$whatf})\n";
$urls = file('out/' . $whatf);
foreach ($urls as $link) {
rfi(urldecode($link));
}
}
} else {
print "\nFile doesnt exist!\n";
}
}
