1337scan v0.4 (Modified Edition) (Fixed Reverse IP)

1. <!--
2. ########################################################################
3. # Script : 1337 Multiple CMS Scanner Online v0.4 ( Modified Edition )
4. # Author : AlternatorIWnet
5. # Original Author : KedAns-Dz ( ked-h [ at ] hotmail [ dot ] com )
6. # Author HomePage : www.1337day.com
7. # What Change ?! :-
8. #   - Better Reverse IP method
9. #   - Replace File_Get_Contents with cURL
10. #   - Change Style  ;)
11. #       - Change PacketStormSecurity to Exploit-DB  :D
12. # Greets to : Dz Offenders Cr3W - Algerian Cyber Army - Inj3ct0r Team - TBD Security
13. #########################################################################
14.  
15. // Script Functions , start ..!
16. -->
17. <html>
18. <head>
19. <meta http-equiv="Content-Language" content="fr">
20. <meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
21. <title>1337 Multiple CMS Scanner Online v0.4 (0!IIIV) by KedAns-Dz ( Modified by AlternatorIWnet )</title>
22. <meta content="KedAns-Dz , Inj3ct0r Team , 1337 Multiple CMS Scanner Online, AltenatorIWnet" name="description">
23. <link href="http://209.217.227.77/~forumant/favicon.ico" type="image/x-icon" rel="shortcut icon" />
24. <style>
25. @import url(http://fonts.googleapis.com/css?family=Fredoka+One);@import url(http://fonts.googleapis.com/css?family=Alike);body {background: #000000 repeat-x;font: 75%/170% Arial, Helvetica, sans-serif;padding: 0px;margin: 0px;color: #333333;}a:visited {COLOR: #0066cc;text-decoration none;cursor:pointer;}a:link {COLOR: #ffcb07;cursor:pointer;}input{vertical-align: middle;color: #000;cursor:pointer;padding:4px 7px;font-weight:bold;background rgba(0, 0, 0, .75);border:1px solid #afbccb;border-radius:5px;box-shadow:0 1px 2px rgba(175,188,203,0.6), inset 0 10px 15px rgba(255,255,255,0.5), inset 1px 1px rgba(255,255,255,0.5), inset -1px -1px rgba(255,255,255,0.5);text-shadow:0 1px rgba(255,255,255,0.5);}input:hover, input:focus{background-color: #ffcb07;border-color:rgba(0,0,0,.25);color:#000}textarea{font-family: 'Alike', serif;font-weight:200;padding:5px;box-shadow: rgba(255, 255, 255, .75) 0px 0px 9px 1px;background-color:rgba(0, 0, 0, .25);    color:#ffcb07;border-radius:5px;height: 168px; width: 887px;}.link{font-size:12px;}.head{color: #FFF;font-family: 'Fredoka One', cursive;font-size: 30px;font-weight:400;}.link {font-size:}.foot{font-family: 'Fredoka One', cursive;padding: 2px;border-top: 1px solid #EBEBEB;background-color: #FFF;bottom:0;position:fixed;width:100%;height: 20px;font-size: 15px;}.number{ font-size:15px; color:#fff; }
26. </style>
27.  
28. </head>
29.  
30. <body>
31.  
32. <p align="center">&nbsp;</p>
33. <p align="center">&nbsp;</p>
34. <p align="center">&nbsp;</p>
35. <p align="center"><font size="4">1337 Multiple CMS Scanner Online v0.4 (0!IIIV) | T0olKit By : KedAns-Dz </font></p><br><p align="center"><font size="4">( Modified by AltenatorIWnet )</font></p><br>
36. <form method="POST">
37. <p align="center">
38. <input type="text" name="site" size="65" value="<?php if(isset($_GET['site'])){ echo $_GET['site']; } ?>">
39. <input type="submit" value="Scan.."></p>
40. </form><center>
41. <?php
42. @session_start();
43. @error_reporting(0);
44. @ini_set('error_log',NULL);
45. @ini_set('log_errors',0);
46. @ini_set('max_execution_time',0);
47. @set_time_limit(0);
48. @set_magic_quotes_runtime(0);
49.  
50. /* Use Curl to replace file_get_contents */
51. function getdata($url){
52.     $ch = curl_init($url);
53.     curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
54.     $data = curl_exec ($ch);
55.     curl_close ($ch);
56.     return $data;
57. }
58.  
59. /* Check Exploit At Exploit-DB */
60. function check_exploit($cpmxx){
61.     $link = "http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=&filter_exploit_text=".$cpmxx."&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=";
62.     $result = @getdata("$link");
63.     if (strpos($result, "No results") != FALSE)
64.     {
65.         echo"<td>Not Found</td><td><a href='http://www.google.com/#hl=en&q=download+$cpmxx'>Download</a></td></tr>";
66.     }else{
67.         echo"<td><a href='$link'>Found</a></td><td><=</td></tr>";
68.     }
69. }
70.  
71.  
72. /* Joomla Conf */
73. function check_com($url){
74.     $source = @getdata("http://$url/");
75.     preg_match_all('{option,(.*?)/}i',$source,$f);
76.     preg_match_all('{option=(.*?)(&amp;|&|")}i',$source,$f2);
77.     preg_match_all('{/components/(.*?)/}i',$source,$f3);
78.     $arz=array_merge($f2[1],$f[1],$f3[1]);
79.     $coms=array();
80.     if(count($arz)==0){ echo "<tr><td colspan=3>[ Joomla ] ...Nothing Found !</td></tr>";}
81.     foreach(array_unique($arz) as $x){
82.         $coms[]=$x;
83.     }
84.     foreach($coms as $comm){
85.         if(strlen($comm) < 40 & !strpos($comm, ".js")) {
86.             echo "<tr><td>$comm</td>";
87.             check_exploit($comm);
88.         }
89.     }
90. }
91.  
92. /* WordPress Conf */
93. function get_plugins($url){
94.     $source = @getdata("http://$url/");
95.     preg_match_all("#/plugins/(.*?)/#i", $source, $f);
96.     $arz=array_unique($f[1]);
97.     if(count($arz)==0){
98.         echo "<tr><td colspan=3>[ Wordpress ] ...Nothing Found !</td></tr>";
99.     }
100.     foreach($arz as $plugin){
101.         if(strlen($plugin) < 40 & !strpos($comm, ".js")) {
102.             echo "<tr><td>$plugin</td>";
103.             check_exploit($plugin);
104.         }
105.     }
106. }
107.  
108. /* Nuke's Conf */
109. function get_numod($url){
110.     $source = @getdata("http://$url/");
111.     preg_match_all('{?name=(.*?)/}i',$source,$f);
112.     preg_match_all('{?name=(.*?)(&amp;|&|l_op=")}i',$source,$f2);
113.     preg_match_all('{/modules/(.*?)/}i',$source,$f3);
114.     $arz=array_merge($f2[1],$f[1],$f3[1]);
115.     $cpm=array();
116.     if(count($arz)==0){
117.         echo "<tr><td colspan=3>[ Nuke's ] ...Nothing Found !</td></tr>";
118.     }
119.     foreach(array_unique($arz) as $x){
120.         $cpm[]=$x;
121.     }
122.     foreach($cpm as $nmod){
123.         if(strlen($nmod) < 40 & !strpos($comm, ".js")) {
124.             echo "<tr><td>$nmod</td>";
125.             check_exploit($nmod);
126.         }
127.     }
128. }
129.  
130. /* Xoops Conf */
131. function get_xoomod($url){
132.     $source = @getdata("http://$url/");
133.     preg_match_all('{/modules/(.*?)/}i',$source,$f);
134.     $arz=array_merge($f[1]);
135.     $cpm=array();
136.     if(count($arz)==0){
137.         echo "<tr><td colspan=3>[ Xoops ] ...Nothing Found !</td></tr>";
138.     }
139.     foreach(array_unique($arz) as $x){
140.         $cpm[]=$x;
141.     }
142.     foreach($cpm as $xmod){
143.         if(strlen($xmod) < 40 & !strpos($comm, ".js")) {
144.             echo "<tr><td>$xmod</td>";
145.             check_exploit($xmod);
146.         }
147.     }
148. }
149.  
150. /**************************************************************/
151.  
152. if(!isset($_POST['site'])) { $credit = credit();die("<br><br>$credit"); }
153.  
154. function revip($ip){
155. $SiteToRev = $ip;
156. $site = "";
157. $ch = curl_init();
158. curl_setopt($ch, CURLOPT_URL, "http://www.yougetsignal.com/tools/web-sites-on-web-server/php/get-web-sites-on-web-server-json-data.php?remoteAddress=$SiteToRev");
159. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
160. $result = curl_exec($ch);
161. $jDecode = json_decode($result);
162. if(strtolower($jDecode->status) == "fail"){
163.     echo "<center>".$jDecode->message."</center>";
164. }else{
165.     for($i = 0; $i < $jDecode->domainCount; $i++){
166.         if(isset($jDecode->domainArray[$i][0])){
167.             $site = $site."++".$jDecode->domainArray[$i][0];
168.         }
169.     }
170.     return $site;
171. }
172. }
173.  
174. function CleanAndClear($site) {
175.     $output = strtolower($site);
176.     $aaa = array("http://" ,"www.");
177.     foreach($aaa as $aa1) {
178.         if (strpos($output, "$aa1") != FALSE) {
179.             $output = (str_replace("$aa1", "", $output));
180.         }
181.     }
182.     return $output;
183. }
184.  
185. $start_array = array_filter(explode("++", revip($_POST['site'])));
186.            
187. echo'<table border="1"  width=\"80%\" align=\"center\">
188. <tr><td width=\"30%\"><b>Server IP&nbsp;&nbsp;&nbsp;&nbsp; : </b></td><td><b>'.gethostbyname(CleanAndClear($_POST['site'])).'</b></td></tr>        
189. <tr><td width=\"30%\"><b>Sites Found&nbsp; : </b></td><td><b>'.count($start_array).'</b></td></tr>
190. </table>';
191.  
192. echo "<br><br>";
193. echo'<table border="1" width="80%" align=\"center\">';
194.  
195. foreach($start_array as $h3h3){
196.     echo'<tr id=new><td><b><a href=http://'.$h3h3.'/>'.$h3h3.'</a></b></td><td><b>Exploit-DB</b></td><td><b>Challenge of Exploiting ..!</b></td></tr>';
197.     check_com($h3h3);
198.     get_plugins($h3h3);
199.     get_numod($h3h3);
200.     get_xoomod($h3h3);
201. }
202.  
203. echo"</table>";
204.  
205. function credit(){
206.     echo "</center>
207.     <br><p align=\"center\">
208.     Coded By : <a href='http://facebook.com/KedAns'>KedAns-Dz</a> | Modified by <b>AltenatorIWnet</b> | <a href='http://1337day.com/'>Inj3ct0r 1337day Exploit Database</a><br>
209.     Made in Algeria | CopyCenter (^.^) 2o12
210.     </p>
211.     </body>
212.     </html>";
213. }
214. ?>
215. <!-- ' Thanks to KedAns-Dz Lagripe-Dz aNd K!LLer-Dz'-->