SiD

"""
App Name: Milw0rm Hash-Exploits Searcher
Author: SiD
License: Gnu/Gpl

Search MD5 Hashes / Apps Vulnerabilities on milw0rm.com database.
------------------>
Vuln example:
PHP-Fusion

Hash example:
0800fc577294c34e0b28ad2839435945
<------------------

Attention: in exploits mode, to search more than a word, separate the words with "_"
"""

import urllib, httplib, re, sys
from string import *

""" Variables """
host = 'milw0rm.com'
page = '/search.php'
page_hash = '/cracker/search.php'

reg0 = '</TD><TD align="middle" nowrap="nowrap" width=90>(.*?)</TD>'
regex0 = re.compile(reg0)
reg1 = '<a href="(.*?)" target="_blank" class="style14">'
regex1 = re.compile(reg1)
reg2 = 'target="_blank" class="style14">(.*?)</a></td>'
regex2 = re.compile(reg2)


""" Help, of course =P """
def help():
    print '\nmilw0rm.com ~ Hash-Exploits Searcher ~ Command line version\nAuthor: SiD\nLicense: Gnu/Gpl'
    print '\nTo search hash: python milw0rm.py -h (md5 hash)\nEx. python milw0rm.py -h 0800fc577294c34e0b28ad2839435945'
    print '\nTo search exploit: python milw0rm.py -e (app)\nEx. python milw0rm.py -e Linux_Kernel\nATTENTION: to search more than a word, separate the words with "_"\n'

""" Hash Mode """
def hash():
    print '\nChecking data. Please, wait.'
    if (len(string) < 32) or (len(string) > 32):
        print '\nInvalid hash.\n'

    data = urllib.urlencode({
                'hash': string,
                'Submit': 'submit'
                            })
    head = {
        'Content-type': 'application/x-www-form-urlencoded',
        'Accept': 'text/plain'
        }

    try:
        http = httplib.HTTPConnection(host) #Http connection
    except:
        print 'Cannot connect to', host,'\n'
    else:
        http.request('POST', page_hash, data, head) #Basic request
        resp = http.getresponse()
        read = resp.read()
        http.close()
        # Regex
        hash_f = regex0.findall(read)
        if hash_f:
            print '\n[+] Hash Found >>', hash_f[0]
        else:
            print '\n[-] Sorry, hash not found!'

""" Exploits (Vulnerabilities) Mode """
def vulnerability():
    print '\nChecking data. Please, wait.'

    data = urllib.urlencode({
                'dong': string,
                'Submit': 'submit'
                            })
    head = {
        'Content-type': 'application/x-www-form-urlencoded',
        'Accept': 'text/plain'
        }

    try:
        http = httplib.HTTPConnection(host) #Http connection
    except:
        print 'Cannot connect to', host,'\n'
    else:
        http.request('POST', page, data, head) #Basic request
        resp = http.getresponse()
        read = resp.read()
        http.close()
        # Regex
        vuln_a = regex1.findall(read)
        vuln_b = regex2.findall(read)
        if vuln_a:
            print '\n[+] Exploits Result\n---\n'
            n = 0
            report = open('milw0rm.searcher.txt', 'a')
            report.write('\n[ Milw0rm Hash-Exploits Searcher ~ SiD ] Searched: "'+string+'"\n\n\n')
            for x in vuln_b:
                report.write('http://'+host+vuln_a[n]+'\n'+vuln_b[n]+'\n-\n')
                print 'http://'+host+vuln_a[n],'\n',vuln_b[n],'\n'
                n = n+1
            print '\n---\n'
            report.close()
        else:
            print '\n[-] No Exploits named',string,'\n'


"""  Options   """
if sys.argv[1] == '-h':
    try:
        string = sys.argv[2]
        hash()
    except:
        help()

elif sys.argv[1] == '-e':
    try:
        string = sys.argv[2]
        string = replace(string, '_', ' ')
        vulnerability()
    except:
        help()

else:
    help()