[Perl] Exploit DB Helper 0.5

Iniciado por BigBear, 30 Septiembre 2012, 19:33 PM

0 Miembros y 1 Visitante están viendo este tema.

BigBear

Version mejorada de este script para buscar exploits en la pagina exploit-db

Código (perl) [Seleccionar]

#!usr/bin/perl
#Exploit DB Helper 0.5
#Coded By Doddy H

use LWP::UserAgent;
use HTML::Parser;
use Data::Dumper;
use Time::HiRes "usleep";

my $nave = LWP::UserAgent->new;
$nave->agent(
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
);
$nave->timeout(5);

head();
print "\n\n[String] : ";
chomp( my $cosa = <stdin> );
if ( $cosa eq "" ) { menu(); }
print "\n\n[+] Searching ...\n\n";
my %found = buscar($cosa);
$total = int( keys %found ) - 1;
print "[+] Exploits Found : " . $total . "\n\n";

unless ( -d $cosa ) {
    mkdir( $cosa, "777" );
}
for my $da ( keys %found ) {
    my $tata = $da;
    $tata =~ s/\<//;
    $tata =~ s/(\s)+$//;
    if ( download( $found{$da}, $cosa . "/" . $tata . ".txt" ) ) {
        print "[Exploit Found] : " . $da . "\n";
    }
}
copyright();

sub buscar {
    for my $n ( 1 .. 666 ) {
        my $code =
          toma( "http://www.exploit-db.com/search/?action=search&filter_page="
              . $n
              . "&filter_description="
              . $_[0]
              . "&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve="
          );
        chomp $code;
        if ( $code =~ /No results/ig ) {
            return %busca;
        }
        %busca = getlinks($code);
    }
}

sub getlinks {

    my $test = HTML::Parser->new(
        start_h => [ \&start, "tagname,attr" ],
        text_h  => [ \&text,  "dtext" ],
    );
    $test->parse( $_[0] );

    sub start {
        my ( $a, $b ) = @_;
        my %e = %$b;
        unless ( $a ne "a" ) {
            $d = $e{href};
            $c = $a;
        }
    }

    sub text {
        my $title = shift;
        chomp $title;
        unless ( $c ne "a" ) {
            if ( $d =~ /www.exploit-db.com\/exploits\/(.*)/ ) {
                my $id  = $1;
                my $url = "http://www.exploit-db.com/download/" . $id;
                $links{$title} = $url;
            }
            $d = "";
        }
    }
    return %links;
}

sub toma {
    return $nave->get( $_[0] )->content;
}

sub repes {
    my @limpio;
    foreach $test (@_) {
        push @limpio, $test unless $repe{$test}++;
    }
    return @limpio;
}

sub download {
    if ( $nave->mirror( $_[0], $_[1] ) ) {
        if ( -f $_[1] ) {
            return true;
        }
    }
}

sub head {

    my @logo = (
        "#=============================================#", "\n",
        "#            Exploit DB 0.5                   #", "\n",
        "#---------------------------------------------#", "\n",
        "# Written By Doddy H                          #", "\n",
        "# Email: lepuke[at]hotmail[com]               #", "\n",
        "# Website: doddyhackman.webcindario.com       #", "\n",
        "#---------------------------------------------#", "\n",
        "# The End ?                                   #", "\n",
        "#=============================================#", "\n"
    );

    print "\n";
    marquesina(@logo);

}

sub marquesina {

    #Effect based in the exploits by Jafer Al Zidjali

    my @logo = @_;

    my $car = "|";

    for my $uno (@logo) {
        for my $dos ( split //, $uno ) {

            $|++;

            if ( $car eq "|" ) {
                mostrar( "\b" . $dos . $car, "/" );
            }
            elsif ( $car eq "/" ) {
                mostrar( "\b" . $dos . $car, "-" );
            }
            elsif ( $car eq "-" ) {
                mostrar( "\b" . $dos . $car, "\\" );
            }
            else {
                mostrar( "\b" . $dos . $car, "|" );
            }
            usleep(40_000);
        }
        print "\b ";
    }

    sub mostrar {
        print $_[0];
        $car = $_[1];
    }

}

sub copyright {

    print "\n\n";

    marquesina("-- == (C) Doddy Hackman 2012 == --");

    print "\n\n";

    <stdin>;
    exit(1);
}

#The End ?