SHOW:
|
|
- or go back to the newest paste.
1 | <!-- | |
2 | ######################################################################## | |
3 | ## | |
4 | # Script : [+]~ 1337 Multiple CMS Scaner Online v0.4 (0!IIIV) ~[+] | |
5 | ## | |
6 | # Author : KedAns-Dz ( ked-h [ at ] hotmail [ dot ] com ) | |
7 | ## | |
8 | # Home : www.1337day.com | |
9 | ## | |
10 | # Greets to : Dz Offenders Cr3W - Algerian Cyber Army - Inj3ct0r Team | |
11 | ## | |
12 | ######################################################################### | |
13 | ||
14 | // Script Functions , start ..! | |
15 | --> | |
16 | <html> | |
17 | <head> | |
18 | <meta http-equiv="Content-Language" content="fr"> | |
19 | <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> | |
20 | <title>1337 Multiple CMS Scaner Online v0.4 (0!IIIV) by KedAns-Dz</title> | |
21 | <meta content="KedAns-Dz , Inj3ct0r Team , 1337 Multiple CMS Scaner Online" name="description"> | |
22 | <link href="http://209.217.227.77/~forumant/favicon.ico" type="image/x-icon" rel="shortcut icon" /> | |
23 | <style> | |
24 | body,input,table,select{background: black; font-family:Verdana,tahoma; color: #008000; font-size:11px; } | |
25 | a:link,a:active,a:visited{text-decoration: none;color: red;} | |
26 | a:hover {text-decoration: underline; color: red;} | |
27 | table,td,tr,#gg{ border-style:solid; text-decoration:bold; } | |
28 | tr:hover,td:hover{background-color: #FFFFCC; color:green;} | |
29 | .oo:hover{background-color: black; color:white;} | |
30 | </style> | |
31 | </head> | |
32 | ||
33 | <body> | |
34 | ||
35 | <p align="center"> </p> | |
36 | <p align="center"> </p> | |
37 | <p align="center"> </p> | |
38 | <p align="center"><font size="4">1337 Multiple CMS Scaner Online v0.4 (0!IIIV) | T0olKit By : KedAns-Dz</font></p><br> | |
39 | <form method="POST"> | |
40 | <p align="center"><input type="text" name="site" size="65" value="127.0.0.1"><input type="submit" value="Scan.."></p> | |
41 | </form><center> | |
42 | <?php | |
43 | @set_time_limit(0); | |
44 | @error_reporting(0); | |
45 | ||
46 | function check_exploit($cpmxx){ | |
47 | ||
48 | $link ="http://packetstormsecurity.org/search/files/?q=$cpmxx"; | |
49 | ||
50 | $result = @file_get_contents($link); | |
51 | ||
52 | if (eregi("No Results Found",$result)) { | |
53 | ||
54 | echo"<td>Not Found</td><td><a href='http://www.google.dz/#hl=en&q=download+$cpmxx'>Download</a></td></tr>"; | |
55 | ||
56 | }else{ | |
57 | ||
58 | echo"<td><a href='$link'>Found</a></td><td><=</td></tr>"; | |
59 | ||
60 | } | |
61 | } | |
62 | ||
63 | /* Joomla Conf */ | |
64 | function check_com($url){ | |
65 | ||
66 | $source = @file_get_contents($url); | |
67 | ||
68 | preg_match_all('{option,(.*?)/}i',$source,$f); | |
69 | preg_match_all('{option=(.*?)(&|&|")}i',$source,$f2); | |
70 | preg_match_all('{/components/(.*?)/}i',$source,$f3); | |
71 | ||
72 | $arz=array_merge($f2[1],$f[1],$f3[1]); | |
73 | ||
74 | $coms=array(); | |
75 | ||
76 | if(count($arz)==0){ echo "<tr><td colspan=3>[ Joomla ] ...Nothing Found !</td></tr>";} | |
77 | ||
78 | foreach(array_unique($arz) as $x){ | |
79 | $coms[]=$x; | |
80 | } | |
81 | ||
82 | foreach($coms as $comm){ | |
83 | ||
84 | echo "<tr><td>$comm</td>"; | |
85 | check_exploit($comm); | |
86 | } | |
87 | ||
88 | } | |
89 | ||
90 | /* WordPress Conf */ | |
91 | ||
92 | function get_plugins($url){ | |
93 | ||
94 | $source = @file_get_contents($url); | |
95 | ||
96 | preg_match_all("#/plugins/(.*?)/#i", $source, $f); | |
97 | ||
98 | $arz=array_unique($f[1]); | |
99 | ||
100 | if(count($arz)==0){ echo "<tr><td colspan=3>[ Wordpress ] ...Nothing Found !</td></tr>";} | |
101 | ||
102 | foreach($arz as $plugin){ | |
103 | ||
104 | echo "<tr><td>$plugin</td>"; | |
105 | ||
106 | check_exploit($plugin); | |
107 | ||
108 | } | |
109 | ||
110 | } | |
111 | ||
112 | /**************************************************************/ | |
113 | /* Nuke's Conf */ | |
114 | ||
115 | function get_numod($url){ | |
116 | ||
117 | $source = @file_get_contents($url); | |
118 | ||
119 | preg_match_all('{?name=(.*?)/}i',$source,$f); | |
120 | preg_match_all('{?name=(.*?)(&|&|l_op=")}i',$source,$f2); | |
121 | preg_match_all('{/modules/(.*?)/}i',$source,$f3); | |
122 | ||
123 | $arz=array_merge($f2[1],$f[1],$f3[1]); | |
124 | ||
125 | $cpm=array(); | |
126 | ||
127 | if(count($arz)==0){ echo "<tr><td colspan=3>[ Nuke's ] ...Nothing Found !</td></tr>";} | |
128 | ||
129 | foreach(array_unique($arz) as $x){ | |
130 | ||
131 | $cpm[]=$x; | |
132 | } | |
133 | ||
134 | foreach($cpm as $nmod){ | |
135 | ||
136 | echo "<tr><td>$nmod</td>"; | |
137 | ||
138 | check_exploit($nmod); | |
139 | ||
140 | } | |
141 | ||
142 | } | |
143 | ||
144 | /*****************************************************/ | |
145 | /* Xoops Conf */ | |
146 | ||
147 | function get_xoomod($url){ | |
148 | ||
149 | $source = @file_get_contents($url); | |
150 | ||
151 | preg_match_all('{/modules/(.*?)/}i',$source,$f); | |
152 | ||
153 | $arz=array_merge($f[1]); | |
154 | ||
155 | $cpm=array(); | |
156 | ||
157 | if(count($arz)==0){ echo "<tr><td colspan=3>[ Xoops ] ...Nothing Found !</td></tr>";} | |
158 | ||
159 | foreach(array_unique($arz) as $x){ | |
160 | ||
161 | $cpm[]=$x; | |
162 | } | |
163 | ||
164 | foreach($cpm as $xmod){ | |
165 | ||
166 | echo "<tr><td>$xmod</td>"; | |
167 | ||
168 | check_exploit($xmod); | |
169 | ||
170 | } | |
171 | ||
172 | } | |
173 | ||
174 | /**************************************************************/ | |
175 | ||
176 | function sec($site){ | |
177 | preg_match_all('{http://(.*?)(/index.php)}siU',$site, $sites); | |
178 | if(eregi("www",$sites[0][0])){ | |
179 | return $site=str_replace("index.php","",$sites[0][0]); | |
180 | }else{ | |
181 | return $site=str_replace("http://","http://www.",str_replace("index.php","",$sites[0][0])); | |
182 | }} | |
183 | ||
184 | $npages = 50000; | |
185 | ||
186 | if ($_POST) | |
187 | { | |
188 | $ip = trim(strip_tags($_POST['site'])); | |
189 | $npage = 1; | |
190 | $allLinks = array(); | |
191 | ||
192 | ||
193 | while($npage <= $npages) | |
194 | { | |
195 | ||
196 | $x=@file_get_contents('http://www.bing.com/search?q=ip%3A' . $ip . '+index.php?option=com&first=' . $npage); | |
197 | ||
198 | ||
199 | if ($x) | |
200 | { | |
201 | preg_match_all('(<div class="sb_tlst">.*<h3>.*<a href="(.*)".*>(.*)</a>.*</h3>.*</div>)siU', $x, $findlink); | |
202 | ||
203 | foreach ($findlink[1] as $fl) | |
204 | ||
205 | $allLinks[]=sec($fl); | |
206 | ||
207 | ||
208 | $npage = $npage + 10; | |
209 | ||
210 | if (preg_match('(first=' . $npage . '&)siU', $x, $linksuiv) == 0) | |
211 | break; | |
212 | } | |
213 | ||
214 | else | |
215 | break; | |
216 | } | |
217 | ||
218 | ||
219 | $allDmns = array(); | |
220 | ||
221 | foreach ($allLinks as $kk => $vv){ | |
222 | ||
223 | $allDmns[] = $vv; | |
224 | } | |
225 | ||
226 | echo'<table border="1" width=\"80%\" align=\"center\"> | |
227 | <tr><td width=\"30%\"><b>Server IP : </b></td><td><b>'.$ip.'</b></td></tr> | |
228 | <tr><td width=\"30%\"><b>Sites Found : </b></td><td><b>'.count(array_unique($allDmns)).'</b></td></tr> | |
229 | </table>'; | |
230 | echo "<br><br>"; | |
231 | ||
232 | echo'<table border="1" width="80%" align=\"center\">'; | |
233 | ||
234 | foreach(array_unique($allDmns) as $h3h3){ | |
235 | ||
236 | echo'<tr id=new><td><b><a href='.$h3h3.'>'.$h3h3.'</a></b></td><td><b>PacketStorm</b></td><td><b>Challenge of Exploiting ..!</b></td></tr>'; | |
237 | ||
238 | check_com($h3h3); | |
239 | get_plugins($h3h3); | |
240 | get_numod($h3h3); | |
241 | get_xoomod($h3h3); | |
242 | } | |
243 | ||
244 | echo"</table>"; | |
245 | ||
246 | } | |
247 | ?></center> | |
248 | <br><p align="center"> | |
249 | Coded By : <a href='http://facebook.com/KedAns'>KedAns-Dz</a> | <a href='http://1337day.com/'>Inj3ct0r 1337day Exploit Database</a><br> | |
250 | Made in Algeria | CopyCenter (^.^) 2o12 | |
251 | </p> | |
252 | </body> | |
253 | </html> | |
254 | <!-- ' Thanks to Lagripe-Dz aNd K!LLer-Dz'--> |