Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!--
- ########################################################################
- # Script : 1337 Multiple CMS Scanner Online v0.4 ( Modified Edition )
- # Author : AlternatorIWnet
- # Original Author : KedAns-Dz ( ked-h [ at ] hotmail [ dot ] com )
- # Author HomePage : www.1337day.com
- # What Change ?! :-
- # - Better Reverse IP method
- # - Replace File_Get_Contents with cURL
- # - Change Style ;)
- # - Change PacketStormSecurity to Exploit-DB :D
- # - Add 1337day exploit finder engine
- # - Proxy Support
- # Greets to : Dz Offenders Cr3W - Algerian Cyber Army - Inj3ct0r Team - TBD Security
- #########################################################################
- // Script Functions , start ..!
- -->
- <html>
- <head>
- <meta http-equiv="Content-Language" content="fr">
- <meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
- <title>1337 Multiple CMS Scanner Online v0.4 (0!IIIV) by KedAns-Dz ( Modified by AlternatorIWnet )</title>
- <meta content="KedAns-Dz , Inj3ct0r Team , 1337 Multiple CMS Scanner Online, AltenatorIWnet" name="description">
- <link href="http://209.217.227.77/~forumant/favicon.ico" type="image/x-icon" rel="shortcut icon" />
- <style>
- @import url(http://fonts.googleapis.com/css?family=Fredoka+One);@import url(http://fonts.googleapis.com/css?family=Alike);body {background: #000000 repeat-x;font: 75%/170% Arial, Helvetica, sans-serif;padding: 0px;margin: 0px;color: #C4C4C4;}a:visited {COLOR: #0066cc;text-decoration none;cursor:pointer;}a:link {COLOR: #ffcb07;cursor:pointer;}input{vertical-align: middle;color: #000;cursor:pointer;padding:4px 7px;font-weight:bold;background rgba(0, 0, 0, .75);border:1px solid #afbccb;border-radius:5px;box-shadow:0 1px 2px rgba(175,188,203,0.6), inset 0 10px 15px rgba(255,255,255,0.5), inset 1px 1px rgba(255,255,255,0.5), inset -1px -1px rgba(255,255,255,0.5);text-shadow:0 1px rgba(255,255,255,0.5);}input:hover, input:focus{background-color: #ffcb07;border-color:rgba(0,0,0,.25);color:#000}textarea{font-family: 'Alike', serif;font-weight:200;padding:5px;box-shadow: rgba(255, 255, 255, .75) 0px 0px 9px 1px;background-color:rgba(0, 0, 0, .25); color:#ffcb07;border-radius:5px;height: 168px; width: 887px;}.link{font-size:12px;}.head{color: #FFF;font-family: 'Fredoka One', cursive;font-size: 30px;font-weight:400;}.link {font-size:}.foot{font-family: 'Fredoka One', cursive;padding: 2px;border-top: 1px solid #EBEBEB;background-color: #FFF;bottom:0;position:fixed;width:100%;height: 20px;font-size: 15px;}.number{ font-size:15px; color:#fff; }
- </style>
- </head>
- <body>
- <?
- if(isset($_REQUEST['searchleet'])){
- echo "<center><br><h2> 1337day Exploit Finder </h2><h4> Author : Altenator Iwnet </h4>";
- $search = getcookie(getdata("http://1337day.net/", "", "agree=Ok"));
- $search = getdata("http://1337day.net/search", $search, "dong=".$_REQUEST['searchleet']."&submit_search=Submit");
- if(strpos($search, "DESCRIPTION")){
- echo'<table border="1" width="80%" align=\"center\"><tr><td><b> Name </b></td><td align=center><b> Date </b></td></tr>';
- $data = explode("<tr class='TableContent'>", $search);
- foreach($data as $a){
- if(strpos($a, "/exploit/")){
- $date = explode("'>", $a);
- $date = explode('</a><', $date[1]);
- $link = explode("/exploit/description/", $a);
- $link = explode("' >", $link[1]);
- $name = explode('</a>', $link[1]);
- echo "<tr><td><a href=\"http://1337day.net/exploit/".$link[0]."\">".$name[0]."</a></td><td align=center>".$date[0]."</td><tr>";
- }
- }
- }else{
- echo "<br><h2>No exploit search \"".$_REQUEST['searchleet']."\" found</h2>";
- }
- echo "</table>";
- die();
- }
- ?>
- <br><br>
- <p align="center"><font size="4">1337 Multiple CMS Scanner Online v0.4 (0!IIIV) | T0olKit By : KedAns-Dz </font></p><br><p align="center"><font size="4">( Modified by AltenatorIWnet )</font></p><br>
- <center><table align=center border=1>
- <form method="POST">
- <tr><td>Site</td><td><input type="text" name="site" size="40" value="<?php if(isset($_POST['site'])){ echo $_POST['site']; } ?>"></td></tr>
- <tr><td>Proxy</td><td><input type="text" name="proxy" size="40" value="<?php if(isset($_POST['proxy'])){ echo $_POST['proxy']; } ?>"></td></tr>
- <tr><td colspan=2 align=center><input type="submit" value="Scan.."></td></tr>
- </table>
- </form>
- *Use proxy if problem with reverse IP<br>
- You can get proxy <a href="http://www.freeproxylists.net/" target="_blank">here</a>
- <?php
- @session_start();
- @error_reporting(0);
- @ini_set('error_log',NULL);
- @ini_set('log_errors',0);
- @ini_set('max_execution_time',0);
- @set_time_limit(0);
- @set_magic_quotes_runtime(0);
- /* Use Curl to replace file_get_contents */
- function getdata($url, $cookies = "", $post = "")
- {
- $ch = @curl_init();
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_HEADER, 1);
- if ($cookies) curl_setopt($ch, CURLOPT_COOKIE, $cookies);
- curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11');
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- if ($post){
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
- }
- curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
- curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
- curl_setopt($ch, CURLOPT_TIMEOUT, 30);
- curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 20);
- $page = curl_exec( $ch);
- curl_close($ch);
- return $page;
- }
- /* Extract cookie from respond data */
- function getcookie($content){
- preg_match_all('/Set-Cookie: (.*);/U',$content,$temp);
- $cookie = $temp[1];
- $cookies = implode('; ',$cookie);
- return $cookies;
- }
- /* Check Exploit At 1337day */
- function leetday($data){
- $cookie = getcookie(getdata("http://1337day.net/", "", "agree=Ok"));
- $search = getdata("http://1337day.net/search", $cookie, "dong=".$data."&submit_search=Submit");
- if(strpos($search, "DESCRIPTION")){
- return true;
- }else{
- return false;
- }
- }
- /* Check Exploit At Exploit-DB */
- function exploitdb($data){
- $search = getdata("http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=&filter_exploit_text=".$data."&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=", "", "");
- if(strpos($search, "No results")){
- return false;
- }else{
- return true;
- }
- }
- /* Search Exploit */
- function check_exploit($cpmxx){
- $leetday = leetday($cpmxx);
- $exploitdb = exploitdb($cpmxx);
- if($exploitdb){
- echo "<td><a href=\"http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=&filter_exploit_text=".$cpmxx."&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=\">Found</a></td>";
- }else{
- echo "<td>Not Found</td>";
- }
- if($leetday){
- echo "<td><a href=\"?searchleet=".$cpmxx."\">Found</a></td>";
- }else{
- echo "<td>Not Found</td>";
- }
- if($exploitdb == TRUE || $leetday == TRUE){
- echo "<td><=</td></tr>";
- }else{
- echo "<td><a href='http://www.google.com/#hl=en&q=download+".$cpmxx."'>Download</a></td></tr>";
- }
- }
- /* Joomla Conf */
- function check_com($url){
- $source = @getdata("http://".$url."/", "", "");
- preg_match_all('{option,(.*?)/}i',$source,$f);
- preg_match_all('{option=(.*?)(&|&|")}i',$source,$f2);
- preg_match_all('{/components/(.*?)/}i',$source,$f3);
- $arz=array_merge($f2[1],$f[1],$f3[1]);
- $coms=array();
- if(count($arz)==0){ echo "<tr><td colspan=4>[ Joomla ] ...Nothing Found !</td></tr>";}
- foreach(array_unique($arz) as $x){
- $coms[]=$x;
- }
- foreach($coms as $comm){
- if(strlen($comm) < 40 & !strpos($comm, ".js")) {
- echo "<tr><td>$comm</td>";
- check_exploit($comm);
- }
- }
- }
- /* WordPress Conf */
- function get_plugins($url){
- $source = @getdata("http://".$url."/", "", "");
- preg_match_all("#/plugins/(.*?)/#i", $source, $f);
- $arz=array_unique($f[1]);
- if(count($arz)==0){
- echo "<tr><td colspan=4>[ Wordpress ] ...Nothing Found !</td></tr>";
- }
- foreach($arz as $plugin){
- if(strlen($plugin) < 40 & !strpos($comm, ".js")) {
- echo "<tr><td>$plugin</td>";
- check_exploit($plugin);
- }
- }
- }
- /* Nuke's Conf */
- function get_numod($url){
- $source = @getdata("http://".$url."/", "" ,"");
- preg_match_all('{?name=(.*?)/}i',$source,$f);
- preg_match_all('{?name=(.*?)(&|&|l_op=")}i',$source,$f2);
- preg_match_all('{/modules/(.*?)/}i',$source,$f3);
- $arz=array_merge($f2[1],$f[1],$f3[1]);
- $cpm=array();
- if(count($arz)==0){
- echo "<tr><td colspan=4>[ Nuke's ] ...Nothing Found !</td></tr>";
- }
- foreach(array_unique($arz) as $x){
- $cpm[]=$x;
- }
- foreach($cpm as $nmod){
- if(strlen($nmod) < 40 & !strpos($comm, ".js")) {
- echo "<tr><td>$nmod</td>";
- check_exploit($nmod);
- }
- }
- }
- /* Xoops Conf */
- function get_xoomod($url){
- $source = @getdata("http://".$url."/", "", "");
- preg_match_all('{/modules/(.*?)/}i',$source,$f);
- $arz=array_merge($f[1]);
- $cpm=array();
- if(count($arz)==0){
- echo "<tr><td colspan=4>[ Xoops ] ...Nothing Found !</td></tr>";
- }
- foreach(array_unique($arz) as $x){
- $cpm[]=$x;
- }
- foreach($cpm as $xmod){
- if(strlen($xmod) < 40 & !strpos($comm, ".js")) {
- echo "<tr><td>$xmod</td>";
- check_exploit($xmod);
- }
- }
- }
- /**************************************************************/
- if(!isset($_POST['site'])) { $credit = credit();die("<br><br>$credit"); }
- function revip($ip){
- $SiteToRev = $ip;
- $site = "";
- $proxy = $_POST['proxy'];
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, "http://www.yougetsignal.com/tools/web-sites-on-web-server/php/get-web-sites-on-web-server-json-data.php?remoteAddress=$SiteToRev");
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- if(isset($proxy)){
- curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, TRUE);
- curl_setopt($ch, CURLOPT_PROXY, $proxy);
- }
- $result = curl_exec($ch);
- $jDecode = json_decode($result);
- if(strtolower($jDecode->status) == "fail"){
- echo "<center>".$jDecode->message."</center>";
- }else{
- for($i = 0; $i < $jDecode->domainCount; $i++){
- if(isset($jDecode->domainArray[$i][0])){
- $site = $site."++".$jDecode->domainArray[$i][0];
- }
- }
- return $site;
- }
- }
- function CleanAndClear($site) {
- $output = strtolower($site);
- $aaa = array("http://" ,"www.");
- foreach($aaa as $aa1) {
- if (strpos($output, "$aa1") != FALSE) {
- $output = (str_replace("$aa1", "", $output));
- }
- }
- return $output;
- }
- $start_array = array_filter(explode("++", revip($_POST['site'])));
- echo'<table border="1" width=\"80%\" align=\"center\">
- <tr><td width=\"30%\"><b>Server IP : </b></td><td><b>'.gethostbyname(CleanAndClear($_POST['site'])).'</b></td></tr>
- <tr><td width=\"30%\"><b>Sites Found : </b></td><td><b>'.count($start_array).'</b></td></tr>
- </table>';
- echo "<br><br>";
- echo'<table border="1" width="80%" align=\"center\">';
- foreach($start_array as $h3h3){
- echo'<tr id=new><td><b><a href=http://'.$h3h3.'/>'.$h3h3.'</a></b></td><td><b>Exploit-DB</b></td><td><b>1337Day</b></td><td><b>Challenge of Exploiting ..!</b></td></tr>';
- check_com($h3h3);
- get_plugins($h3h3);
- get_numod($h3h3);
- get_xoomod($h3h3);
- }
- echo"</table>";
- function credit(){
- echo "</center>
- <br><p align=\"center\">
- Coded By : <a href='http://facebook.com/KedAns'>KedAns-Dz</a> | Modified by <b>AltenatorIWnet</b> | <a href='http://1337day.com/'>Inj3ct0r 1337day Exploit Database</a><br>
- Made in Algeria | CopyCenter (^.^) 2o12
- </p>
- </body>
- </html>";
- }
- ?>
- <!-- ' Thanks to KedAns-Dz,Lagripe-Dz aNd K!LLer-Dz'-->
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement