1
  1. Этот сайт использует файлы cookie. Продолжая пользоваться данным сайтом, Вы соглашаетесь на использование нами Ваших файлов cookie. Узнать больше.
Приветствуем вас,Гость, на форуме IFUD.WS. Обязательно рекомендуется к прочтению правила форума http://ifud.ws/threads/obnovleno-pravila-foruma.7759

[PERL]WordPress/Joomla Shell Finder

Тема в разделе "Исходные коды", создана пользователем hisg, 6 июн 2015.

  1. TopicStarter Overlay
    hisg

    hisg

    Регистрация:
    6 июн 2015
    Сообщения:
    22
    Симпатии:
    1
    Код:
    #Author : Nihal Mistry
    #Email : nihalmistry@gmail.com
    #Blog : nihalmistry.blogspot.in
    #.:Indian Cyber Hunters:.
    #Tested on Windows_Xp
    use HTTP::Request;
    use LWP::UserAgent;
    START:
    system('cls');
    system('color a');
    system('title WP/Joomla Sh3ll Finder V2.0 (By X-c0d3r)');
    print "\n";
    print "\t++++++++++++++++++++Private++++++++++++++++++++\n";
    print "\t+ WP/Joomla Shell Finder v2.0 (X-c0d3r) +\n";
    print "\t+ Greetz: Indian Cyber Space +\n";
    print "\t+ P1v0t_4ntr4xt | P4r1nd4 +\n";
    print "\t+ S3n_H4x0r | N3t_m0nst3r +\n";
    print "\t+ C0D3D32 | C0d3_Sm4sh3r +\n";
    print "\t+ All Ind14n H4ck3rs +\n";
    print "\t+++++++++++++++++++++++++++++++++++++++++++++++\n";
    print "\n";
    print "\tSelect the type of cms the site uses:\n";
    print "\t ___________________________________________\n";
    print "\t|| 1 = Wordpress ||\n";
    print "\t|| 2 = Joomla! ||\n";
    print "\t|| 3 = View Usage (Must Read) ||\n";
    print "\t||__________________________________________||\n";
    print "\tEnter your choice 1/2 -> ";
    $cms=<STDIN>;
    chomp $cms;
    if ($cms eq '1')
    {
    ret1:
    print "\n\tPlease Enter Site\n \tExample: www.defaced-wp-site.com\n\t-> ";
    $site=<STDIN>;
    chomp $site;
    if ( $site !~ /^http:/ )
    {
    $site = 'http://'. $site;
    }
    if ( $site !~ //$/ ) {
    $site = $site . '/';
    }
    if ($site =~ m/([a-z0-9-].*)[.{2}](([a-z]{4}|[a-z]{3}|[a-z]{2}))/) {
    goto temp1;
    } else
    {
    print "\n\tPlease cooperate & use this script by entering a proper site! -_-";
    goto ret1;
    }
    temp1:
    print "\n";
    print "\n\tPlease Enter the Theme dir used by site: example: twentyeleven,twentyten....\n\t->";
    $theme=<STDIN>;
    $dir="wp-content/themes/";
    chomp $theme;
    $name="$site$dir$theme/$dirs";print "\t-> Defaced Site: $site\n";print "\t-> Starting Bruteforcing process....\n";
    
    open IN, "< wpfinal.txt" or die "\tFile wpfinal.txt not found please create and put ur brute forcing list!";
    push(@brute_terms,<IN>);
    my $num = @brute_terms;print ("\t-> Having $num paths for guessing.\n");
    foreach $dirs(@brute_terms)
    {
    $name="$site$dir$theme/$dirs";
    my $req=HTTP::Request->new(GET=>$name);
    my $ua=LWP::UserAgent->new();
    $ua->timeout(60);
    my $response=$ua->request($req);
    if($response->content =~ /Uname:/ || $response->content =~ /Symlink/ || $response->content =~/server ip :/ || $response->content =~ /<form method=post>/ || /<input type=password/)
    {
    print " \n\t >.Found Sh3ll -> $name\n";
    system('pause');
    }
    else {
    print "\n\tNot found -> ".$name;
    }
    }
    }
    
    
    
    if ($cms eq '2')
    {
    ret:print "\n\tPlease Enter Site\n\t Example: www.defaced-joomla-site.com\n\t-> ";
    $site=<STDIN>;
    chomp $site;
    if ( $site !~ /^http:/ )
    {
    $site = 'http://'.$site;
    }
    if ( $site !~ //$/ )
    {
    $site = $site.'/';
    }
    if ($site =~ m/([a-z0-9-].*)[.{2}](([a-z]{4}|[a-z]{3}|[a-z]{2}))/)
    {
    goto temp;
    }
    else {
    print "\n\tPlease cooperate & use this script by entering a proper site! -_-";
    goto ret;
    }
    temp:print "\n";print "\tPlease Enter the Template dir used by site: example: beez,system...\n\t->";
    $theme=<STDIN>;
    $dir="templates/";
    chomp $theme;
    $name="$site$dir$theme/$dirs";print "\t-> Defaced Site: $site\n";print "\t-> Starting Bruteforcing process....";
    
    open IN, "< jofinal.txt" or die "\tFile jofinal.txt not found please create and put ur brute forcing list!";
    push(@brute_terms,<IN>);
    my $num = @brute_terms;print ("\t-> Having $num paths for guessing .\n");
    foreach $dirs(@brute_terms)
    {
    $name="$site$dir$theme/$dirs";
    my $req=HTTP::Request->new(GET=>$name);
    my $ua=LWP::UserAgent->new();
    $ua->timeout(60);
    my $response=$ua->request($req);
    if($response->content =~ /Uname:/ || $response->content =~ /Symlink/ || $response->content =~/server ip :/ || $response->content =~ /<form method=post>/ || /<input type=password/)
    {
    print "\n\t >.Found Sh3ll -> $name\n";
    system ('pause');
    }
    else { print "\n\tNot found -> $name ";
    }
    }
    }
    
    if ($cms eq 3){ &usage }
    sub usage()
    {print ("\n\t-->To find theme/template dir used by the site use google dork cache:site.com then -> view source\n\n");
    system("pause");
    system("cls");print ("\n");
    goto START;
    }
    if ($cms != 1 && 2 && 3){ goto START; }
    #EOF
    
     
    Метки:

Поделиться этой страницей

Загрузка...