Posted by SiD on Mon 6 Oct 15:11
report abuse | download | new post
- """
- App Name: Milw0rm Hash-Exploits Searcher
- Author: SiD
- License: Gnu/Gpl
- Search MD5 Hashes / Apps Vulnerabilities on milw0rm.com database.
- ------------------>
- Vuln example:
- PHP-Fusion
- Hash example:
- 0800fc577294c34e0b28ad2839435945
- <------------------
- Attention: in exploits mode, to search more than a word, separate the words with "_"
- """
- import urllib, httplib, re, sys
- from string import *
- """ Variables """
- host = 'milw0rm.com'
- page = '/search.php'
- page_hash = '/cracker/search.php'
- reg0 = '</TD><TD align="middle" nowrap="nowrap" width=90>(.*?)</TD>'
- regex0 = re.compile(reg0)
- reg1 = '<a href="(.*?)" target="_blank" class="style14">'
- regex1 = re.compile(reg1)
- reg2 = 'target="_blank" class="style14">(.*?)</a></td>'
- regex2 = re.compile(reg2)
- """ Help, of course =P """
- def help():
- print '\nmilw0rm.com ~ Hash-Exploits Searcher ~ Command line version\nAuthor: SiD\nLicense: Gnu/Gpl'
- print '\nTo search hash: python milw0rm.py -h (md5 hash)\nEx. python milw0rm.py -h 0800fc577294c34e0b28ad2839435945'
- print '\nTo search exploit: python milw0rm.py -e (app)\nEx. python milw0rm.py -e Linux_Kernel\nATTENTION: to search more than a word, separate the words with "_"\n'
- """ Hash Mode """
- def hash():
- print '\nChecking data. Please, wait.'
- if (len(string) < 32) or (len(string) > 32):
- print '\nInvalid hash.\n'
- data = urllib.urlencode({
- 'hash': string,
- 'Submit': 'submit'
- })
- head = {
- 'Content-type': 'application/x-www-form-urlencoded',
- 'Accept': 'text/plain'
- }
- try:
- http = httplib.HTTPConnection(host) #Http connection
- except:
- print 'Cannot connect to', host,'\n'
- else:
- http.request('POST', page_hash, data, head) #Basic request
- resp = http.getresponse()
- read = resp.read()
- http.close()
- # Regex
- hash_f = regex0.findall(read)
- if hash_f:
- print '\n[+] Hash Found >>', hash_f[0]
- else:
- print '\n[-] Sorry, hash not found!'
- """ Exploits (Vulnerabilities) Mode """
- def vulnerability():
- print '\nChecking data. Please, wait.'
- data = urllib.urlencode({
- 'dong': string,
- 'Submit': 'submit'
- })
- head = {
- 'Content-type': 'application/x-www-form-urlencoded',
- 'Accept': 'text/plain'
- }
- try:
- http = httplib.HTTPConnection(host) #Http connection
- except:
- print 'Cannot connect to', host,'\n'
- else:
- http.request('POST', page, data, head) #Basic request
- resp = http.getresponse()
- read = resp.read()
- http.close()
- # Regex
- vuln_a = regex1.findall(read)
- vuln_b = regex2.findall(read)
- if vuln_a:
- print '\n[+] Exploits Result\n---\n'
- n = 0
- report = open('milw0rm.searcher.txt', 'a')
- report.write('\n[ Milw0rm Hash-Exploits Searcher ~ SiD ] Searched: "'+string+'"\n\n\n')
- for x in vuln_b:
- report.write('http://'+host+vuln_a[n]+'\n'+vuln_b[n]+'\n-\n')
- print 'http://'+host+vuln_a[n],'\n',vuln_b[n],'\n'
- n = n+1
- print '\n---\n'
- report.close()
- else:
- print '\n[-] No Exploits named',string,'\n'
- """ Options """
- if sys.argv[1] == '-h':
- try:
- string = sys.argv[2]
- hash()
- except:
- help()
- elif sys.argv[1] == '-e':
- try:
- string = sys.argv[2]
- string = replace(string, '_', ' ')
- vulnerability()
- except:
- help()
- else:
- help()
Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.