Jump to content
LegioNRST

Script Python

By LegioNRST, in Programe hacking

Recommended Posts

LegioNRST Newbie

LegioNRST

Posted
Posted (edited)

Deface page creator:

Use: deface.py yourpage.html

[code]
import sys
import time
if len(sys.argv) < 2:
	print 'Usage deface.py index.html , this will create an index.html file with deface  .'
	sys.exit()


file = sys.argv[1]   
myfile = open(file,'w')

print '                                        Colors:                                                           '
print '-----------------------------------------------------------------------------'
print '                              | black | white |                                                        '
print '================================================================'
while True:
	var = raw_input ('1.Type the  color for background   here => ')
        if var in ['black','white']: break
        else:
            print 'Wrong color..!'
print >> myfile, '<body bgcolor=','"',(var),'"','>'
print '================================================================'
print '                             Colors   '                  
print '     | black | white | green | red | purple | blue | gray |  '
print '================================================================'

while True:
        var1 = raw_input ('2.Type the text color here => ')
        if var1 in ['black','white','green','orange','red','purple','blue','gray']: break
        else:
            print 'Wrong color..!'
print >> myfile, '<p align="center"><b><font color=','"',(var1),'"','size="3">'

if var == 'black':
 print '================================================================'
 print '                       Choose an image :                        '
 print '| hacked1 | fingerprint | spy    | hacked2 | silence | gameover |'
 print '| leg     | hand        | hitman | smoke   | hacked3  |        ' 
 print '                        | other  |                             '  
 print '================================================================'

 while True:
        var4 = raw_input ('3.Put the image name  here => ')
        if var4 in ['hacked1','fingerprint','spy','hacked2','silence','gameover','leg','hand','hitman','smoke','hacked3','other']: break
        else:
            print 'Wrong image name..! '
 print '================================================================'
 if var4 == 'fingerprint':
  print >> myfile,' <center><img src="http://www.mandel.ro/logos/animFingerprintBlack.gif"></center>'
 if var4 == 'hacked1':
  print >> myfile,' <center><img src="http://site.mynet.com/the_chip/hacked2323.jpg"></center>'
 if var4 == 'spy':
  print >> myfile,' <center><img src="http://www.bluesilk.hu/images/stories/spy.gif"></center>'
 if var4 == 'hacked2':
  print >> myfile,' <center><img src="http://expclan.comli.com/index_files/43084476ii9.png"></center>'
 if var4 == 'silence':
  print >> myfile,' <center><img src="http://demafmipauns.files.wordpress.com/2010/05/sayu0i.jpg"></center>'
 if var4 == 'gameover':
  print >> myfile, '<center><img src="http://img10.imageshack.us/img10/4974/yumaqalt.jpg"></center>' 
 if var4 == 'leg':
  print >> myfile, '<center><img src="http://img268.imageshack.us/img268/6802/thehackerericborgozone1.jpg"></center>'
 if var4 == 'hand':
  print >> myfile, '<center><img src="http://i728.photobucket.com/albums/ww286/vyc0d/owned.jpg"></center>'
 if var4 == 'hitman':
  print >> myfile, '<center><img src="http://t0.gstatic.com/images?q=tbn:lYCsFDr4o7mh1M:http://www.renoascensori.it/hacked.jpg&t=1"></center>'
 if var4 == 'smoke':
  print >> myfile, '<center><img src="http://t1.gstatic.com/images?q=tbn:YgDh8qCPAtwgoM:http://i46.tinypic.com/2gtxdo1.jpg&t=1"></center>'
 if var4 == 'hacked3':
  print >> myfile, '<center><img src="http://img.webme.com/pic/c/cobbra-g3ncii/hacked.jpg"></center>'
 if var4 == 'other':
  while True:
    var4 = raw_input ('Please enter the URL of your picture here: ' )
    if var4.endswith(('.jpg','.png','.gif','.JPG','.PNG','.GIF')) : break
    else:
            print 'Wrong image name..! '
    print >> myfile,'<center><img src="',(var4),'"></center>'

if var == 'white':
 print '================================================================'
 print '                       Choose an image :                        '
 print '  | eye  | door  | fingerprint   | wanted | sleep | other | '  
 print '================================================================'
 while True:
        var4 = raw_input ('3.Put the image name  here => ')
        if var4 in ['door','fingerprint','wanted','sleep','eye','other']: break
        else:
            print 'Wrong image...'
print '================================================================'
if var4 == 'door':
  print >> myfile,'<center><img src="http://www.cdscreative.com/images/door.jpg"></center>'
if var4 == 'fingerprint':
  print >> myfile,' <center><img src="http://www.idfpr.com/DPR/images/fingerprint.gif"></center>'
if var4 == 'wanted':
  print >> myfile,' <center><img src="http://www.allstarcardsinc.com/_derived/buy_list.htm_txt_wanted1.gif"></center>'
if var4 == 'sleep' :
  print >> myfile,' <center><img src="http://www.do2learn.com/picturecards/images/imageschedule/sleep_l.gif"></center>'
if var4 == 'eye' :
  print >> myfile,' <center><img src="http://www.christina-reysen.com/images/eye_open.gif"></center>'
if var4 == 'other':
   while True:
    var4 = raw_input ('Please enter the URL of your picture here: ' )
    if var4.endswith(('.jpg','.png','.gif','.JPG','.PNG','.GIF')) : break
    else:
        print 'Must enter an URL that contains an image file..! '
    print >> myfile,'<center><img src="',(var4),'"></center>'


print '================================================================'
while True:
 var2 = raw_input ('4.put your signature here => ') 
 if len(var2) < 30 : break
 else:
     print 'Signature too large..!'
print >> myfile, '<script>'
print >> myfile, 'if (document.layers)'
print >> myfile, 'var ns4def=""'
print >> myfile, '</script>'
print >> myfile, '<p align="center"><b><font size="4">'
print >> myfile, '<h2 id="flyin"style="position:relative;left:-400;font-style:italic"'
print >> myfile, 'style=&{ns4def};>'
print >> myfile, '<font face="Arial">','Owned by',(var2),'</font></h2>'
print >> myfile, '</font></b></p>'
print >> myfile, '<script language="JavaScript1.2">'
print >> myfile, 'if (document.getElementById||document.all)'
print >> myfile, 'var crossheader=document.getElementById? document.getElementById("flyin").style : document.all.flyin.style'
print >> myfile, 'function animatein(){'
print >> myfile, 'if (parseInt(crossheader.left)<0)'
print >> myfile, 'crossheader.left=parseInt(crossheader.left)+20'
print >> myfile, 'else{'
print >> myfile, 'crossheader.left=0'
print >> myfile, 'crossheader.fontStyle="normal"'
print >> myfile, 'clearInterval(start)'
print >> myfile, '}'
print >> myfile, '}'
print >> myfile, 'if (document.getElementById||document.all)'
print >> myfile, 'start=setInterval("animatein()",50)'
print >> myfile, '</script>'
print >> myfile, '<p>'
print >> myfile, '<font face="Tahoma"><a target="_blank"'
print '================================================================'
print '                        Choose:                '
print '                      | yes | no |             ' 
print '================================================================'
while True:
 var7 = raw_input ('Do you want to add  some other text message?: ')
 if var7.lower() == 'no' :
   print '================================================================'
   print ' Wait...'
   time.sleep(1)
   myfile.close()
   print 'Your HTML file is ready ,I will exit now... '
   time.sleep(2)
   sys.exit()
 elif var7.lower() == 'yes' : break
 else:
      print ("Please enter  'yes' or 'no' ...!") 
print '================================================================'
print '         Choose one of the color from the list                  ' 
print '    | black | white | green | red | purple | blue | gray |  '
print '================================================================'
while True:
        var8 = raw_input ('Type the text color that you want  here => ')
        if var8 in ['black','white','green','orange','red','purple','blue','gray ']:break
        else:
            print 'Wrong color..!'
print >> myfile, '<p align="center"><b><font color=','"',(var8),'"','size="3">'
print '================================================================'
while True:
 var9 = raw_input ('Put your comments  here => ')
 if len(var9) < 150 : break
 else:
     print 'Comments are  too large..!'
print >> myfile, var9
print >> myfile, '</font></b></p>'
print '================================================================'
print 'Processing your HTML file please wait...'
time.sleep(2)
print '...'
time.sleep(2)
myfile.close()
print ' Work done ,your HTML file was defaced , i will exit... '
time.sleep(1)
sys.exit()

#END  [/code]

http://hotfile.com/dl/61475254/9850a03/def.tar.gz.html

SQLInject finder:

#!/usr/bin/env python

-------------------------------------------------------------------------------
#
# sqlinject-finder.py
# Description: Simple python script that parses through a pcap and looks at the 
#              GET and POST request data for suspicious and possible SQL injects.
#
####################################################################################

import dpkt, re, urllib, sys, getopt

tab = False

#removes inline comments that can sometimes be used for obfuscating the sql
def removeComments(val):
	while True:
			index = val.find("/*")
			index2 = val.find("*/")
			if index != -1 and index2 != -1:
				#looks like there is some type of SQL obfuscation, let's remove the comments
				remove = val[index:index2+2]
				val = val.replace(remove, "")
			else:
				break

	return val

#checks for common sql injection tactics using all the variables from post or get data
def analyzeRequest(vals, sIP, page, frameno):
	var = vals[0] #the variable, i.e. in id=1, the var is id
	val = vals[1] #the value, i.e. in id=1, the val is 1
	val = val.decode('ascii') #not sure if this is really doing anything, but we need to deal with non ascii characters for analysis
	val = urllib.unquote(val) #removes url encodings like %20 for space, etc
	val = val.replace("+", " ") #sometimes in urls, instead of a space you can have a + . So, we want to remove those for analysis
	#print val
	display = [False, sIP, page, var, val]
	##### Look for obfuscation techniques ######
	index = val.find("/*")
	if index != -1:
		display[0] = True
		display.append("Might be attempting to obfuscate a SQL statement with a comment")
		val = removeComments(val)

	##### Look for commenting out the end of a MSSQL statement ######
	index = val.rfind("--")
	if index != -1:
		display[0] = True
		display.append("Might be attempting to end a SQL statement by commenting out the remaining statement")

	##### Look for commenting out the end of a MySQL statement #####
	index = val.rfind("#")
	if index != -1:
		display[0] = True
		display.append("Might be attempting to end a SQL statement by commenting out the remaining statement")

	##### Look for common SQL syntax in the values of a param #####
	sqlvals = ("cast(", "declare ", "select ", "union ", "varchar", "set(", "create ", " or ", " NULL,", " concat(")
	for sql in sqlvals:
		index = val.lower().find(sql)
		if index != -1:
			display[0] = True
			display.append("Possible use of SQL syntax in variable")
			break

	if display[0] == True:
		if tab:
			line = str(display[1]) + "\t" + str(display[2]) + "\t" + str(display[3]) + "=" + str(display[4]) + "\t" + str(frameno)
			for i in range(len(display)-5):
				line = line + "\t" + str(display[i+5])
			print line
		else:
			print "Source : " + str(display[1])
			print "Page   : " + str(display[2])
			print "Value  : " + str(display[3]) + "=" + str(display[4])
			print "Frame  : " + str(frameno)
			for i in range(len(display)-5):
				print "Reason : " + str(display[i+5])
			print ""

def octetIP(sIP):
	ip = ""
	for s in sIP:
		ip = ip + str(ord(s)) + "."

	return ip[:-1]


#reads the pcap file and parses out get and post requests for analysis
def parsepcap(filename):
	try:
		f = open(filename, 'rb')
	except:
		print "Error reading file. Please make sure the file exists"
		sys.exit()

	try:
		pcap = dpkt.pcap.Reader(f)
	except:
		print "Error reading file. Please make sure the file is a valid pcap file."
		sys.exit()
	sIP=""
	page=""
	frameno = 1
	for ts, buf in pcap:
		eth = dpkt.ethernet.Ethernet(buf)
		ip = eth.data
		#make sure we are dealing with ip (2048) and tcp (proto=6)
		if eth.type ==2048 and ip.p == 6: 
			tcp = ip.data
			#assuming http is running on port 80
			if tcp.dport == 80 and len(tcp.data) > 0:
				index = 1
				getvals = ""
				try:
					http = dpkt.http.Request(tcp.data)
					url = http.uri
					#deal with post data
					if http.method == "POST":
						getvals=http.body
						index = url.find("?")
						if index != -1:
							page = url[:index]
						else:
							page = url
					#deal with GET data
					elif http.method == "GET":
						index = url.rfind("?")
						if index != -1:
							getvals = url[index+1:]
							page = url[:index]

				except:
					data = tcp.data
					index = str(data).find("POST")
					if index == 0:
						url = str(data).split(" ")
						page = url[1] #POST is usually always the second value in the POST
					index = str(data).count("\n") #need to look into this method a little more, basically, we want to get POST data out of other streams
					if index == 0:
						index = str(data).find("=")
						if index != -1:
							getvals = str(data)

				#split up each variable and its cooresponding value
				if getvals != "":
					getvals = getvals.split("&")
					for val in getvals:
						i = val.find("=")
						val = (val[:i], val[i+1:])
						sIP = octetIP(ip.src)
						analyzeRequest(val, sIP, page, frameno)
		frameno += 1
	f.close()

#usage stuff
def usage():
	print ""
	print "This tool parses through a pcap file and looks for potential SQL injection attempts."
	print ""
	print "usage: sqlinject-finder.py -f filename [-t]"
	print "Options and arguments (and corresponding environment variables):"
	print "-f, --filename : valid pcap file"
	print "-t, --tab      : prints output in tab delimited format"
	print "-h, --help     : shows this screen"
	print ""
	print "Example: #python sqlinject-finder.py -f capture.pcap"
	print "         #python sqlinject-finder.py -f capture.pcap -t > capture.tsv"
	print ""

def main():
	try:	
		opts, args = getopt.getopt(sys.argv[1:], "f:th", ["filename=", "tab", "help"])
	except getopt.GetoptError, err:
		print str(err)
		usage()
		sys.exit(2)

	filename = ""
	for o, a in opts:
		if o in ("-f", "--filename"):
			filename = a
		elif o in ("-t", "--tab"):
				global tab
				tab = True	
		elif o in ("-h", "--help"):
			usage()
			sys.exit()
		else:
			usage()
			sys.exit()
	if (filename == ""):
		print "please specify a filename"
		sys.exit()
	if tab:
		print "Source\tPage\tValue\tFrame\tReason(s)"
	parsepcap(filename)	

if __name__ == "__main__":
	main()

Edited by LegioNRST
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...