Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl
- # irc.Priv8.jp #priv8
- use threads;
- use threads::shared;
- use Thread::Queue;
- use Thread::Semaphore;
- use HTTP::Headers;
- use HTTP::Request;
- use HTTP::Response;
- use LWP::UserAgent;
- use HTTP::Cookies;
- use Socket;
- if (!$ARGV[1]) {
- print "Modo de uso:\nperl $0 <wordlist> <threads>\n";
- exit();
- }
- $SIG{"INT"} = "IGNORE";
- $SIG{"HUP"} = "IGNORE";
- $SIG{"TERM"} = "IGNORE";
- $SIG{"CHLD"} = "IGNORE";
- my $pid=fork;
- exit if $pid;
- die "Problema com o fork: $!" unless defined($pid);
- $|++;
- sleep(4);
- # inicialização de variaveis
- my $q = Thread::Queue->new();
- my $semaphore = Thread::Semaphore->new();
- my $word = $ARGV[0];
- my $max_threads = $ARGV[1];
- my @wordlist = ();
- my $arq; #file pointer
- my $conta_linha = 0;
- my %rep = ();
- our $xs : shared = 0;
- # processamento da wordlist
- print "[+] Loading wordlist, please wait\n";
- open($arq, "<$word") or die "$!\n";
- while (<$arq>) {
- my $linha = $_;
- chomp $linha;
- push(@wordlist, $linha);
- $conta_linha++;
- }
- close($arq);
- print "[+] Foram carregadas $conta_linha palavras.\n[+] Iniciando buscas...\n";
- #inicio da busca
- &threadnize("search", @wordlist);
- #fim da busca
- print "\n[+] Removendo sites repetidos\n";
- $conta_linha = 0;
- open($arq, "<sites.txt") or die "$!\n";
- while (<$arq>) {
- my $linha = $_;
- chomp $linha;
- if (!$rep{$linha}) {
- $rep{$linha} = 1;
- $conta_linha++;
- }
- }
- close($arq);
- open($arq, ">sites.txt") or die "$!\n";
- foreach my $key (keys %rep){
- print $arq $key . "\n";
- }
- close($arq);
- $conta_linha = 0;
- my @wordlist2 = ();
- print "[+] Carregando lista de sites para resolver ip e buscar mais dominios\n";
- open($arq, "<sites.txt") or die "$!\n";
- while (<$arq>) {
- my $linha = $_;
- chomp $linha;
- push(@wordlist2, $linha);
- }
- close($arq);
- $xs = 0;
- &threadnize("dns", @wordlist2);
- print "\n[+] Removendo sites repetidos\n";
- %rep = ();
- open($arq, "<sites.txt") or die "$!\n";
- while (<$arq>) {
- my $linha = $_;
- chomp $linha;
- if (!$rep{$linha}) {
- $rep{$linha} = 1;
- $conta_linha++;
- }
- }
- close($arq);
- open($arq, ">sites.txt") or die "$!\n";
- foreach my $key (keys %rep){
- print $arq $key . "\n";
- }
- close($arq);
- print "[+] Total de sites encontrados: $conta_linha\n";
- print "[+] iniciando bruteforce com 400 threads\n";
- system("perl scan.pl sites.txt 400");
- ######################### SUBS #################################
- sub search(){
- while($q->pending() > 0){
- $semaphore->down();
- my $search = $q->dequeue;
- $semaphore->up();
- next if(not defined $search);
- my $x = 0;
- my $y = 701;
- my ($bing, $response) = "";
- my %sites = ();
- for($x=0; $x <= $y; $x+=10){
- $bing = 'http://www.bing.com/search?q='.$search.'&first='.$x.'&FORM=PORE';
- $response = &GET($bing);
- while ($response =~ m/<cite>(.*?)<\/cite>/g){
- my $site = $1;
- $site =~s/<strong>|<\/strong>//g;
- $site = substr($site, 0, index($site, '/')) if($site =~/\//);
- if(!$sites{$site}){
- $sites{$site} = 1 if($site =~/^[a-zA-Z0-9\.\-]+$/);
- }
- }
- $y = 10 * &getmax($response) + 1;
- }
- my $si = "";
- foreach my $key (keys %sites){
- $si .= $key . "\n";
- $semaphore->down();
- $xs++;
- $semaphore->up();
- }
- my $a;
- $semaphore->down();
- open($a, ">>sites.txt");
- print $a $si;
- close($a);
- print "[+] sites encontrados: [$xs] buscas restantes [". $q->pending ."] \r";
- $semaphore->up();
- }
- }
- sub search2(){
- my $search = shift;
- my $x = 0;
- my $y = 701;
- my ($bing, $response) = "";
- my %sites = ();
- for($x=0; $x <= $y; $x+=10){
- $bing = 'http://www.bing.com/search?q='.$search.'&first='.$x.'&FORM=PORE';
- $response = &GET($bing);
- while ($response =~ m/<cite>(.*?)<\/cite>/g){
- my $site = $1;
- $site =~s/<strong>|<\/strong>//g;
- $site = substr($site, 0, index($site, '/')) if($site =~/\//);
- if(!$sites{$site}){
- $sites{$site} = 1 if($site =~/^[a-zA-Z0-9\.\-]+$/);
- }
- }
- $y = 10 * &getmax($response) + 1;
- }
- my $si = "";
- foreach my $key (keys %sites){
- $si .= $key . "\n";
- $semaphore->down();
- $xs++;
- $semaphore->up();
- }
- my $a;
- $semaphore->down();
- open($a, ">>sites.txt");
- print $a $si;
- close($a);
- print "[+] sites encontrados: [$xs] buscas restantes [". $q->pending ."] \r";
- $semaphore->up();
- }
- sub getmax(){
- my $content = shift;
- my $max = 0;
- while($content =~m/<li><a href="\/search\?q=.+">(\d+)<\/a><\/li>/g){
- $max = $1;
- }
- return $max;
- }
- sub threadnize(){
- my ($fun, @tests) = @_;
- @_=();
- foreach my $test (@tests){
- $q->enqueue($test) if($test);
- }
- my $x=0;
- my @threads = ();
- while($q->pending() > 0 && $x <= $max_threads-1){
- no strict 'refs';
- push @threads, threads->new(\&{$fun});
- $x++;
- }
- sleep(2);
- foreach my $running (@threads) {
- $running->join();
- }
- @threads = ();
- }
- sub GET(){
- my $url1 = shift;
- return 0 if(!$url1);
- return 0 if($url1 !~/^https?:\/\//);
- my $headers = HTTP::Headers->new();
- $headers->remove_header('Connection');
- $headers->header('Accept' => "text/html, application/xhtml+xml, application/xml",
- 'Accept-Language' => "en-US,en",
- 'Accept-Encoding' => "gzip, deflate",
- 'Connection' => "Keep-alive",
- 'Keep-Alive' => 30);
- my $req = HTTP::Request->new('GET', $url1, $headers);
- my $ua = LWP::UserAgent->new(agent => "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.77 Safari/535.7", ssl_opts => { verify_hostname => 0} );
- $ua->timeout(15);
- $ua->max_size(1024000);
- $ua->protocols_allowed( [ 'http'] );
- my $response=$ua->request($req);
- my $code = $response->code;
- if($response->is_success){
- return $response->decoded_content;
- }
- elsif($code == 404){
- return "error";
- }
- else{
- return $code;
- }
- }
- sub dns(){
- while($q->pending() > 0){
- $semaphore->down();
- my $url = $q->dequeue;
- $semaphore->up();
- my $ip = join(".", unpack("C4", (gethostbyname($url))[4]));
- if (defined($ip)) {
- &search2("ip:$ip") if(length($ip) > 6 && $ip =~/^\d+\.\d+\.\d+\.\d+$/);
- }
- undef $ip;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement