Author Topic: [Perl] Phiser Log Finder (Read 2221 times)

ToPN1K · « **on:** August 27, 2011, 01:36:33 am »

This little script is searching for phiser logs. So all you need to do is to insert URL and the script will start scanning for possible directory (passwords.txt,logs.txt). You can edit directorys by yourself.

Phiser Log Finder

Code: [Select]

#!/usr/bin/perl

use Socket;
system('cls');
system('title Phisher Log Scanner     ');
use LWP::UserAgent;
use HTTP::Request;

regex();
header();

#data

print ">URL:\n";
print '>';chomp($link = <STDIN>);

if($link !~ /http:\/\//) { $link = "http://$link"; }

# Scanning Dir...

@vuls = ('log.txt',
'Log.txt',
'logs.txt',
'Logs.txt',
'passwords.txt',
'Passwords.txt',
'password.txt',
'Password.txt',
'Login.txt',
'login.txt',
'User.txt',
'user.txt',
'Users.txt',
'users.txt',
'Phished.txt',
'phished.txt',
'Found.txt',
'found.txt',
'Logger.txt',
'logger.txt',
'phisher.txt',
'Phisher.txt',
'pass.txt',
'Pass.txt',
'logovi.txt',
'Logovi.txt',
'logz.txt',
'logZ.txt',
'LogZ.txt',
'Logz.txt',
'File.txt',
'file.txt');

print ">Scanning...\n";


foreach $scan(@vuls){

$url = $link.$scan;
$request = HTTP::Request->new(GET=>$url);
$useragent = LWP::UserAgent->new();

$response = $useragent->request($request);
if ($response->is_success && $response->content =~ /username/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /id/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /accountid/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /login/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /password/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /pass/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /passwd/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /a/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /b/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /c/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /d/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /e/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /f/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /g/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /h/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /i/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /j/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /k/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /l/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /m/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /n/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /o/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /p/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /q/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /r/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /s/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /t/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /u/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /v/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /w/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /x/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /y/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /z/) { $msg = "Not Found";}
else { $msg = Vulnerable;}

print "$scan..........[$msg]\n";
}

sub regex(){
$sis="$^O";if ($sis eq windows){ $cmd="clear";} else { $cmd="cls"; }
system("$cmd");
}

sub header(){
print q{
[+]-----------------------------------------[+]
[+]------------Phisher Log Scanner----------[+]
};
}

Ripway Cracker

Code: [Select]

#!/usr/bin/perl -w

use LWP::UserAgent;
use HTTP::Request;

print q(

   #################################################
   #                  #
   #                  #
   #      Ripway cracker v1.0      #
   #                  #
   #                  #
   #                  #
   #                  #
   #################################################

);

($url) = @ARGV;
if(@ARGV !=1) {
print "How to use: perl ripway.pl url_untill_the_ripway_phisher\n";
print "Example: perl ripway.pl http://h1.ripway.com/topn1k/";
exit;
}
@rips = ('passwords.txt','password.txt','pass.txt','accounts.txt','passy.txt','pasy.txt','accs.txt','accz123.txt','pwd.txt','pwds.txt','passwd.txt','passwds.txt','rapids.txt','rapid.txt','rapidaccs.txt','rapid_acc.txt','rapids.txt','rapidshare.txt','rshare.txt','rsaccs.txt','zxfeel.txt','dawss2.txt','TEXT-FILE.txt','D2K46CRSGE95F.txt','B3W2T2D2FG.txt','nushi.txt','zihouh.txt','2512.txt','TEXT-FILEE.txt');

foreach $sken(@rips) {

my $adresa = $url.$sken;
my $zahtjev = HTTP::Request->new(GET=>$adresa);
my $ua = LWP::UserAgent->new();
my $odgovor = $ua->request($zahtjev);

if($odgovor->is_success) {
if($odgovor->content =~ /IP:/) {
print "Found it!\n\n";
print "Adresa: $adresa";
exit;
}

}
else {
print "Error.";
}
}

xzid · « **Reply #1 on:** August 27, 2011, 03:18:38 am »

pretty cool. a few suggestions, if you don't mind..

"title" is windows, no such command on linux/bsd.

clearing the screen of output is not recommended/nice towards the user.

$msg = Vulnerable;

even if not required, "quote it"

rename this function: regex(), there is no regex in it. call it cls(). And just so you know, this may be a little more advanced but it can be shortened to:

Code: [Select]

sub cls
  {
  system( ($^O =~ /win/) ? "cls" : "clear" );
  }

Also perl subfunctions do not require brackets(), you use shift or @_ to access parameters.

now for the long sequence of:

if ($response->is_success && $response->content =~ /login/)
...

starting with the 26 lines a - z:

if ($response->is_success && $response->content =~ /a/) { $msg = "Not Found";}
if ($response->is_success && $response->content =~ /b/) { $msg = "Not Found";}

use regex:

$response->content =~ /[a-z]/i

much shorter, also it makes the above lines useless because something that will match /login/ will also match /l/, /o/, /g/, ...

So in this way you can condense it to a single line.

If you're simply trying to find if the file exists, then HTTP::Request has status_line. Which will return "200 OK" on success, and "404 Not Found" if no file exists... Would be better way to go then using content.

If you read your wordlist from a file, then you would be able to use this for more than just a phish page log finder.. Say you're looking for files on the server, you could load a wordlist that will do this:

http://remote.org/
http://remote.org/robots.txt
http://remote.org/admin.php
http://remote.org/login.php
http://remote.org/admin/
http://remote.org/cp/

... etc ...

I'm not trying to be insulting, I've been coding perl since about 2007. Keep learning, you will get good at it. Perl is awesome at dealing with text.

Stackprotector · « **Reply #2 on:** August 27, 2011, 10:57:52 am »

The concept is cool

hacker@sr.gov.yu · « **Reply #3 on:** August 27, 2011, 11:42:20 am »

Quote from: Factionwars on August 27, 2011, 10:57:52 am

The concept is cool

x2 I used to search with google inurl: "logs.txt" site: ripway.com but this is better

EvilZone

News:

Author Topic: [Perl] Phiser Log Finder (Read 2221 times)

ToPN1K

[Perl] Phiser Log Finder

xzid

Re: [Perl] Phiser Log Finder

Stackprotector

Re: [Perl] Phiser Log Finder

hacker@sr.gov.yu

Re: [Perl] Phiser Log Finder