My Pastes
Public Pastes
Layout Width
Share Pastebin
Guest
Public paste!

epixoip

By: a guest | May 19th, 2009 | Syntax: Perl | Size: 2.89 KB | Hits: 546 | Expires: Never
Download | Raw | Embed | Report abuse
Copy text to clipboard
  1. #!/usr/bin/perl
  2. # Mon May 18 13:33:40 PDT 2009 by epixoip <epixoip@hush.com>
  3. # multi-threaded scanner for webdav-enabled servers. note this
  4. # does NOT tell you if your server is vulnerable to any WebDAV
  5. # exploits! it only tells you if WebDAV is enabled.
  6.  
  7.  
  8. $|++;
  9. use IO::Socket;
  10. use threads;
  11. use Thread::Queue;
  12. use Term::ANSIColor qw(:constants);
  13. our $starttime : shared;
  14. our $count : shared;
  15. our $hostcnt : shared;
  16. our $thrnum :  shared = 75; # change to adjust performance
  17. our $q : shared;
  18. our %webdav : shared;
  19.  
  20. sub scan {
  21.         my $host = shift;
  22.         my $sock = new IO::Socket::INET (PeerAddr => "$host:http(80)",Timeout => 1);
  23.         if ($sock) {
  24.                 print $sock "OPTIONS * HTTP/1.0\n\n";
  25.                 while (<$sock>) {
  26.                         if ( $_ =~ /^(?:Allow|Public)\:\ (.*(?:COPY|MOVE|MKCOL|PROPFIND|PROPPATCH|LOCK|UNLOCK|SEARCH))/img ) {
  27.                                 $webdav{$host} = $1;
  28.                         }
  29.                 }
  30.                 close $sock;
  31.         }
  32. }
  33.  
  34. sub report {
  35.         print BOLD WHITE."\n\n[".GREEN."+".WHITE."]".RESET." The following hosts were discovered supporting WebDAV:\n";
  36.         while ( my ($key, $value) = each(%webdav) ) { print "\t$key \t=> $value\n"; }
  37.         exit;
  38. }
  39.  
  40. sub main {
  41.         print BOLD WHITE."[".GREEN."+".WHITE."]".RESET." Building queue... ";
  42.         $q = new Thread::Queue;
  43.         my $file = shift;
  44.         open HOSTS, $file or die $!;
  45.         while (<HOSTS>) { chomp $_; $q->enqueue($_); $hostcnt++; }
  46.         close HOSTS;
  47.         print "added $hostcnt hosts\n";
  48.         print BOLD WHITE."[".GREEN."+".WHITE."]".RESET." $thrnum worker thread(s) will be spawned\n";
  49.         print BOLD WHITE."[".GREEN."+".WHITE."]".RESET." WebDAV scan initiated for $hostcnt hosts\n";
  50.         while (1) {
  51.                 my @threads = threads->list;
  52.                 if ($q->pending > 0) {
  53.                         if  ($#threads <= $thrnum + 1) {
  54.                                 threads->new(\&scan, $q->dequeue);
  55.                                 $count++;
  56.                         } else {
  57.                                 foreach $running (@threads) {
  58.                                         $running->join();
  59.                                 }
  60.                         }
  61.                         my $percent = $count / $hostcnt * 100;
  62.                         $width = `tput cols` - 35;
  63.                         $char = ON_GREEN " ". RESET;
  64.                         printf GREEN."---".RESET." %s hosts scanned  %s %.0f%%\r", $count, $char x (($width)*$count/$hostcnt), $percent;
  65.                 } else {
  66.                         if ($#threads > 0) {
  67.                                 foreach $running (@threads) {
  68.                                         $running->join();
  69.                                 }
  70.                         }
  71.                         &report;
  72.                 }
  73.         }
  74. }
  75.  
  76. &main($ARGV[0]);
create new paste | create new version of this paste RAW Paste Data