Bueno por fin termine la segunda version de mi tools.
search-vul 0.2
Caracteristica:
- Busca pagina mediante google
- Buscar paginas web mediante distinto servidores googles
- Opción para examinar un lista de paginas webs en busca de algunas vulnerables a sqli
- Reverse dns
- Buscador del panel de control
=pod
Autor: Yoyahack
name: search-vul
verion: 0.2
Mail: yoyahack@undersecurity.net
Web: www.yoyahack.blogspot.com
Webs: www.undersecurity.net & www.mitm.cl |
Descripcion: -> v
Busca pagina mediante googles o algunos servidores googles - Opcion para examinar un lista de pagininas webs
en busca de algunas vurnerables a sqli - Reverse dns - Buscador del panel de control
Gretz: S[e]C, seth, p0fk, ksha, OzX, protos, n0b0dy, NorK, C1c4Tr1Z
=cut
#Modulos
use LWP::UserAgent;
use HTTP::Request;
#Code
print q(
·············································
Code
by
Yoyahack
www.yoyahack.blogspot.com
www.undersecurity.com & www.mitm.cl
·············································
);
print q (
1- Solo www.google.com
2- En todos los servidores google
3- Escanear una lista de paginas guardada en un archivo
de texto en busca de vurnerabilidades
4- Reverse dns
5- Buscador de panel de control
);
print "Escoje una opcion: ";
$opcion = <STDIN>;
if ($opcion == 1) { &google }
if ($opcion == 2) { &googles }
if ($opcion == 3) { &vul }
if ($opcion == 4) { &dns }
if ($opcion == 5) { &panel }
sub google {
print "Escriba la palabra a buscar: ";
my $search = <STDIN>;
print "\nnumero de paginas: ";
my $num = <STDIN>;
#------------------------------------------------
my $ua = new LWP::UserAgent;
$ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12");
#------------------------------------------------
for($i=1;$i<$num;$i++){
my $busqueda = new HTTP::Request GET =>"http://www.google.com/search?hl=&q=$search&start=$i";
my $resultado = $ua->request($busqueda);
$ua->timeout(7) || die "Conecction faield";
my $result = $resultado->content();
while ($result =~ m/<h3 class=.*?<a href="([^"]+).*?>(.*?)<\/a>/g) {
my ($enlace) = ($1);
open (SE,">>busqueda.txt");
print SE "$enlace\n";
close (SE);
print "$enlace\n";
}
}
}
sub googles {
print "Escriba la palabra a buscar\n";
my $bus1 = <STDIN>;
print "Numero de paginas a buscar en cada servidor google\n";
my $num1 = <STDIN>;
#------------------------------------------------
my $ua = new LWP::UserAgent;
$ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12");
#------------------------------------------------
foreach $googles(@googles)
{
chomp($googles);
#------------------------------------------------
for($ii=1;$ii<$num1;$ii++){
my $busqueda1 = new HTTP::Request GET =>"http://$googles/search?hl=&q=$bus1&start=$ii";
my $resultado1 = $ua->request($busqueda1);
$ua->timeout(7) || die "Conecction faield";
my $result1 = $resultado1->content();
while ($result1 =~ m/<h3 class=.*?<a href="([^"]+).*?>(.*?)<\/a>/g) {
my ($enlace1) = ($1);
open (SS,">>googles.txt");
print SS "$enlace1\n";
close (SS);
print "$enlace1\n";
}
}
}
}
sub vul {
print "Escanear todas las url obtenida en busca de paginas vurnerables a Mysql? ";
print q(
1 = verificar las paginas vurnerables
2 = No verificar y salir del code
);
print "\nElige una opcion\n";
my $op2 = <STDIN>;
if ($op2 == 1) { &mysql }
if ($op2 == 2) { exit(0); }
}
sub mysql {
print q(
Nombre del archivo de texto
en el que esta guardado las listas de paginas
);
my $txt = <STDIN>;
#------------------------------------------------
open(PAG,$txt) || die "Archivo de texto no encontrado";
@urls=<PAG>;
close (PAG);
#------------------------------------------------
foreach $pag(@urls)
{
chomp($pag);
#------------------------------------------------
my $ua = new LWP::UserAgent;
$ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12");
#------------------------------------------------
#------------------------------------------------
print "Comprovando paginas vurnerables a Mysql\n\n";
my $iny = $pag."'";
my $peti = new HTTP::Request GET =>"$iny";
my $resul = $ua->request($peti);
$ua->timeout(7) || die "Conecction faield to host";
my $fuente = $resul->content();
if($fuente =~ /mysql_fetch_/ || $fuente =~ /You have an error in your SQL syntax/ || $fuente =~ /tem um erro de sintaxe no seu SQL/ || $fuente =~ /Algo está equivocado en su sintax/ || $fuente =~ /Division by zero in/ || $fuente =~ /supplied argument is not a valid MySQL/){
open (VUL,">>vurl.txt");
print VUL q(
·············································
Code
by
Yoyahack
www.yoyahack.blogspot.com
www.undersecurity.com & www.mitm.cl
·············································
);
print VUL "$pag\n";
close (SS);
print "[+]$pag es vurnerable a SQLI\n";
print "\nLas paginas vurnerables han sido guardada exitosamente\nen un archivo de texto\n";
} else {
print "\n\n$pag no es vurnerable a SQL";
}
}
}
sub dns {
print "Ingresa la web\n";
my $web = <STDIN>;
my $ua = new LWP::UserAgent;
$ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12");
my $busqueda = new HTTP::Request GET =>"http://www.ip-adress.com/reverse_ip/$web";
my $resultado = $ua->request($busqueda);
$ua->timeout(7) || die "Conecction faield";
my $result = $resultado->content();
while ($result =~ m!<a href="/whois/(.+)">Whois</a>!ig){
open (DNS,">>reverse_dns.txt");
print DNS "$1\n";
close (DNS);
print "$1\n";
}
if ($result =~ /valid IP address/) {
print "Not found\n";
}
}
sub panel{
print "Inserte la web\nEx:http://www.pagina.com/\n\n";
my $pag = <STDIN>;
chomp($pag);
#------------------------------------
@panel = ('admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/',
'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php',
'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html',
'admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html',
'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html',
'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php',
'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php',
'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html',
'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html',
'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html',
'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php','adminarea/index.php',
'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php',
'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php',
'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php'
);
#----------------------------------
print "Buscando panel de control\n";
foreach $panel(@panel) {
chomp($panel);
my $todo = "$pag"."$panel";
my $lwp = HTTP::Request->new(GET=>"$todo");
my $ua = LWP::UserAgent->new();
$ua->timeout(10);
my $response = $ua->request($lwp);
my $peti = $response->content();
if ($peti =~ /Username/ ||
$peti =~ /Password/ ||
$peti =~ /username/ ||
$peti =~ /password/ ||
$peti =~ /USERNAME/ ||
$peti =~ /PASSWORD/ ||
$peti =~ /Senha/ ||
$peti =~ /senha/ ||
$peti =~ /Personal/ ||
$peti =~ /Usuario/ ||
$peti =~ /Clave/ ||
$peti =~ /Usager/ ||
$peti =~ /usager/ ||
$peti =~ /Sing/ ||
$peti =~ /passe/ ||
$peti =~ /P\/W/ ||
$peti =~ /Admin Password/
){
open (P,">>panel de control");
print P "{+}Found -> $todo\n";
close (P);
print "{+}Found -> $todo\n";
}else{
print "$todo Not found\n";
}
}
}
17:51