Posted by SiD on Sun 5 Oct 07:46
report abuse | download | new post
- """
- App Name: Milw0rm Hash-Exploits Searcher
- Author: SiD
- License: Gnu/Gpl
- Search MD5 Hashes / Apps Vulnerabilities on milw0rm.com database.
- ------------------>
- Vuln example:
- PHP-Fusion
- Hash example:
- 0800fc577294c34e0b28ad2839435945
- <------------------
- """
- import urllib, httplib, re
- """ Variables """
- host = 'milw0rm.com'
- page = '/search.php'
- page_hash = '/cracker/search.php'
- reg0 = '</TD><TD align="middle" nowrap="nowrap" width=90>(.*?)</TD>'
- regex0 = re.compile(reg0)
- reg1 = '<a href="(.*?)" target="_blank" class="style14">'
- regex1 = re.compile(reg1)
- reg2 = 'target="_blank" class="style14">(.*?)</a></td>'
- regex2 = re.compile(reg2)
- """ Help, of course =P """
- def help():
- print '\nmilw0rm.com ~ Hash-Exploits Searcher\nAuthor: SiD\nLicense: Gnu/Gpl'
- print '\nIn the menu, type 1 to search MD5 Hashes in the database, 2 to search exploits, 3 to view this help or 4 to exit.\n'
- menu()
- """ Hash Mode """
- def hash():
- string = raw_input('\nSearch Hash >> ')
- print '\nChecking data. Please, wait.'
- if not string:
- print '\nInvalid input.\n'
- hash()
- else:
- if (len(string) < 32) or (len(string) > 32):
- print '\nInvalid hash.\n'
- hash()
- data = urllib.urlencode({
- 'hash': string,
- 'Submit': 'submit'
- })
- head = {
- 'Content-type': 'application/x-www-form-urlencoded',
- 'Accept': 'text/plain'
- }
- try:
- http = httplib.HTTPConnection(host) #Http connection
- except:
- print 'Cannot connect to', host,'\n'
- else:
- http.request('POST', page_hash, data, head) #Basic request
- resp = http.getresponse()
- read = resp.read()
- http.close()
- # Regex
- hash_f = regex0.findall(read)
- if hash_f:
- print '\n[+] Hash Found >>', hash_f[0]
- else:
- print '\n[-] Sorry, hash not found!'
- """ Exploits (Vulnerabilities) Mode """
- def vulnerability():
- string = raw_input('\nSearch Vulnerability (ex. PHP-Fusion) >> ')
- print '\nChecking data. Please, wait.'
- if not string:
- print '\nInvalid input.\n'
- vulnerability()
- data = urllib.urlencode({
- 'dong': string,
- 'Submit': 'submit'
- })
- head = {
- 'Content-type': 'application/x-www-form-urlencoded',
- 'Accept': 'text/plain'
- }
- try:
- http = httplib.HTTPConnection(host) #Http connection
- except:
- print 'Cannot connect to', host,'\n'
- else:
- http.request('POST', page, data, head) #Basic request
- resp = http.getresponse()
- read = resp.read()
- http.close()
- # Regex
- vuln_a = regex1.findall(read)
- vuln_b = regex2.findall(read)
- if vuln_a:
- print '\n[+] Exploits Result\n---\n\n'
- n = 0
- report = open('milw0rm.searcher.txt', 'a')
- report.write('\n[ Milw0rm Hash-Exploits Searcher ~ SiD ] Searched: "'+string+'"\n\n\n')
- for x in vuln_b:
- report.write('http://'+host+vuln_a[n]+'\n'+vuln_b[n]+'\n-\n')
- print 'http://'+host+vuln_a[n],'\n',vuln_b[n],'\n\n'
- n = n+1
- print '\n---\n'
- report.close()
- else:
- print '\n[-] No Exploits named',string,'\n'
- """ Script's menu """
- def menu():
- print '\n-\n## milw0rm.com ~ Hash-Exploits Searcher ##\n-\n'
- print '\n1. Search MD5 Hash\n2. Search Exploits\n\n3. Help & About\n4. Exit'
- what = raw_input('>> ')
- if not what:
- menu()
- else:
- if what == '1':
- hash()
- elif what == '2':
- vulnerability()
- elif what == '3':
- help()
- elif what == '4':
- pass
- else:
- menu()
- menu()
Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.