what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Neon_beta4.c

Neon_beta4.c
Posted May 9, 2000
Authored by Axess | Site b0f.com

-(- Neon beta4 -)- Simple Host or Iplist Cgi Scanner ( 356 ) Checks

tags | cgi
SHA-256 | 86681f46a5aad3c105b7e34f6aa49625105ec65e6f590da99bbab08a785ed388
Download | Favorite | View

Neon_beta4.c

Change Mirror Download
/****************************************************************************
 
                           -(-  Neon beta4  -)-
                           Cgi Security Scanner
                               (356) Checks
 
 Instead of just making it as a single host scanner, as everyone else does.
 I added so you can compile it as a iplist too if that is needed =)
 
       Host   Scanner    Compile : gcc Neon_beta4.c -o Neon -Wall      
       Iplist Scanner    Compile : gcc Neon_beta4.c -o Neon -Wall -DMULTI
         
                 
                   Usage: just run the file damit #!#%&#!      

 Shoutouts to: prizm and all the rest that have helped me out with adding 
               new flaws to it before this public release.
      

          NOTE! I dont answer any questions on how to use any of these flaws.


                    Buffer0verfl0w Security www.b0f.com
                   By axess ( axess@mail.com ) May-2000

*****************************************************************************/





#include <stdio.h>
#include <unistd.h>
#include <netinet/in.h>
#include <netdb.h>
#include <string.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <stdlib.h>

#define CGIFLAWS 357
#ifdef MULTI
void cgihost(char *);
#endif
struct sockaddr_in server;
struct hostent *hp;
char host[1024];
char host2[1024];
char out[100];
char *get[400];
char bufferhttp[1024];
char buffer[1024];
char *temp;
char *ip_ptr;
char *cgicheck;
char msg[] = "200 OK";
int s,count,antal,number;
int f1,f2,f3,f4;
int s1,s2,s3,s4;
int ip;
FILE *inf;
FILE *of;

int main()
{
   system("clear");
   printf("\n\n\n");
for ( antal = 1 ; antal <= 28 ; antal++ )
   putchar(' ');
   printf("-(- Neon beta4 -)-\n");
for ( antal = 1 ; antal <= 20 ; antal++ )
   putchar(' ');
#ifdef MULTI
   printf(" Multi Host Cgi Security Scanner\n");
#else
   printf("Single Host Cgi Security Scanner\n");
#endif

for ( antal = 1 ; antal <= 30 ; antal++ )
   putchar(' ');
   printf("(356) Checks\n\n");
for ( antal = 1 ; antal <= 24 ; antal++ )
   putchar(' ');
#ifdef MULTI
   printf("List : ");
   scanf("%s",host);

if((inf = fopen(host, "r")) == NULL)
{
   printf("Error: input file does not exist!!!\n");
   exit(1);
}

for ( antal = 1 ; antal <= 21 ; antal++ )
   putchar(' ');
   printf("Logfile : ");
   scanf("%s",out);

if((of = fopen(out, "w")) == NULL)
{
   printf("Error: Cant write to file!!!\n");
   exit(1);
}

fprintf(of,"This file was created by Neon_beta4 by axess\n");
fprintf(of,"--------------------------------------------\n");


while(fscanf(inf, "%s", host) != EOF)
{
   cgihost(host);
}
   return 0;
}

void cgihost(char *target)
{
#else
   printf("Host : ");
   scanf("%s",host);
    
if((hp=gethostbyname(host)) == NULL)
{
   herror("gethostbyname");
   exit(1);
}

for ( antal = 1 ; antal <= 21 ; antal++ )
   putchar(' ');
   printf("Logfile : ");
   scanf("%s",out);

if((of = fopen(out, "w")) == NULL)
{
   printf("Error: Cant write to file!!!\n");
   exit(1);
}
#endif

get[1] = "GET /cgi-bin/whois_raw.cgi HTTP/1.0\n\n";
get[2] = "GET /cgi-bin/phf HTTP/1.0\n\n";
get[3] = "GET /cgi-bin/ls HTTP/1.0\n\n";
get[4] = "GET /cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi HTTP/1.0\n\n";
get[5] = "GET /cgi-bin/.fhp HTTP/1.0\n\n";
get[6] = "GET /cgi-bin/Count.cgi HTTP/1.0\n\n";
get[7] = "GET /cgi-bin/test-cgi HTTP/1.0\n\n";
get[8] = "GET /cgi-bin/nph-test-cgi HTTP/1.0\n\n";
get[9] = "GET /cgi-bin/php.cgi HTTP/1.0\n\n";
get[10] = "GET /cgi-bin/php-cgi HTTP/1.0\n\n";
get[11] = "GET /cgi-bin/handler HTTP/1.0\n\n";
get[12] = "GET /cgi-bin/handler.cgi HTTP/1.0\n\n";
get[13] = "GET /cgi-bin/minimal.exe HTTP/1.0\n\n";
get[14] = "GET /cgi-bin/stats.prg HTTP/1.0\n\n";
get[15] = "GET /cgi-bin/statsconfig HTTP/1.0\n\n";
get[16] = "GET /cgi-bin/excite HTTP/1.0\n\n";
get[17] = "GET /cgi-bin/webgais HTTP/1.0\n\n";
get[18] = "GET /cgi-bin/websendmail HTTP/1.0\n\n";
get[19] = "GET /cgi-bin/webdist.cgi HTTP/1.0\n\n";
get[20] = "GET /cgi-bin/faxsurvey HTTP/1.0\n\n";
get[21] = "GET /cgi-bin/dig.cgi HTTP/1.0\n\n";
get[22] = "GET /cgi-bin/getdoc.cgi HTTP/1.0\n\n";
get[23] = "GET /cgi-bin/webplus HTTP/1.0\n\n";
get[24] = "GET /cgi-bin/bizdb1-search.cgi HTTP/1.0\n\n";
get[25] = "GET /cgi-bin/htmlscript HTTP/1.0\n\n";
get[26] = "GET /cgi-bin/pfdispaly.cgi HTTP/1.0\n\n";
get[27] = "GET /cgi-bin/perl.exe HTTP/1.0\n\n";
get[28] = "GET /cgi-bin/ppdscgi.exe HTTP/1.0\n\n";
get[29] = "GET /cgi-bin/cart.pl HTTP/1.0\n\n";
get[30] = "GET /cgi-bin/bigconf.cgi HTTP/1.0\n\n";
get[31] = "GET /cgi-bin/wwwboard.pl HTTP/1.0\n\n";
get[32] = "GET /cgi-bin/www-sql HTTP/1.0\n\n";
get[33] = "GET /cgi-bin/htsearch HTTP/1.0\n\n";
get[34] = "GET /cgi-bin/view-source HTTP/1.0\n\n";
get[35] = "GET /cgi-bin/campas HTTP/1.0\n\n";
get[36] = "GET /cgi-bin/aglimpse HTTP/1.0\n\n";
get[37] = "GET /cgi-bin/get32.exe HTTP/1.0\n\n";
get[38] = "GET /cgi-bin/man.sh HTTP/1.0\n\n";
get[39] = "GET /cgi-bin/meta.pl HTTP/1.0\n\n";
get[40] = "GET /cgi-bin/AT-admin.cgi HTTP/1.0\n\n";
get[41] = "GET /cgi-bin/filemail.pl HTTP/1.0\n\n";
get[42] = "GET /cgi-bin/maillist.pl HTTP/1.0\n\n";
get[43] = "GET /cgi-bin/maillist.cgi HTTP/1.0\n\n";
get[44] = "GET /cgi-bin/jj HTTP/1.0\n\n";
get[45] = "GET /cgi-bin/info2www HTTP/1.0\n\n";
get[46] = "GET /cgi-bin/files.pl HTTP/1.0\n\n";
get[47] = "GET /cgi-bin/finger HTTP/1.0\n\n";
get[48] = "GET /cgi-bin/finger?@localhost HTTP/1.0\n\n";
get[49] = "GET /cgi-bin/bnbform.cgi HTTP/1.0\n\n";
get[50] = "GET /cgi-bin/survey.cgi HTTP/1.0\n\n";
get[51] = "GET /cgi-bin/AnyForm2 HTTP/1.0\n\n";
get[52] = "GET /cgi-bin/textcounter.pl HTTP/1.0\n\n";
get[53] = "GET /cgi-bin/classifieds.cgi HTTP/1.0\n\n";
get[54] = "GET /cgi-bin/classified.cgi HTTP/1.0\n\n";
get[55] = "GET /cgi-bin/environ.cgi HTTP/1.0\n\n";
get[56] = "GET /cgi-bin/fpexplore.exe HTTP/1.0\n\n";
get[57] = "GET /cgi-bin/imagemap.exe HTTP/1.0\n\n";
get[58] = "GET /cgi-bin/cgitest.exe HTTP/1.0\n\n";
get[59] = "GET /cgi-bin/anyboard.cgi HTTP/1.0\n\n";
get[60] = "GET /cgi-bin/webbbs.cgi HTTP/1.0\n\n";
get[61] = "GET /cgi-bin/visadmin.exe HTTP/1.0\n\n";
get[62] = "GET /cgi-bin/nph-publish HTTP/1.0\n\n";
get[63] = "GET /cgi-bin/perlshop.cgi HTTP/1.0\n\n";
get[64] = "GET /cgi-bin/wrap HTTP/1.0\n\n";
get[65] = "GET /cgi-bin/cgiwrap HTTP/1.0\n\n";
get[66] = "GET /cgi-bin/cachemgr.cgi HTTP/1.0\n\n";
get[67] = "GET /cgi-bin/query HTTP/1.0\n\n";
get[68] = "GET /cgi-bin/rpm_query HTTP/1.0\n\n";
get[69] = "GET /cgi-bin/ax.cgi HTTP/1.0\n\n";
get[70] = "GET /cgi-bin/ax-admin.cgi HTTP/1.0\n\n";
get[71] = "GET /cgi-bin/architext_query.pl HTTP/1.0\n\n";
get[72] = "GET /cgi-bin/w3-msql/ HTTP/1.0\n\n";
get[73] = "GET /cgi-bin/add_ftp.cgi HTTP/1.0\n\n";
get[74] = "GET /cgi-bin/test.bat HTTP/1.0\n\n";
get[75] = "GET /cgi-bin/input.bat HTTP/1.0\n\n";
get[76] = "GET /cgi-bin/input2.bat HTTP/1.0\n\n";
get[77] = "GET /cgi-bin/day5datacopier.cgi HTTP/1.0\n\n";
get[78] = "GET /cgi-bin/day5datanotifier.cgi HTTP/1.0\n\n";
get[79] = "GET /cgi-bin/whois.cgi HTTP/1.0\n\n";
get[80] = "GET /cgi-bin/mlog.phtml HTTP/1.0\n\n";
get[81] = "GET /cgi-bin/archie HTTP/1.0\n\n";
get[82] = "GET /cgi-bin/bb-hist.sh HTTP/1.0\n\n";
get[83] = "GET /cgi-bin/nph-error.pl HTTP/1.0\n\n";
get[84] = "GET /cgi-bin/post_query HTTP/1.0\n\n";
get[85] = "GET /cgi-bin/ppdscgi.exe HTTP/1.0\n\n";
get[86] = "GET /cgi-bin/webmap.cgi HTTP/1.0\n\n";
get[87] = "GET /cgi-bin/tigvote.cgi HTTP/1.0\n\n";
get[88] = "GET /cgi-bin/webutils.pl HTTP/1.0\n\n";
get[89] = "GET /cgi-bin/axs.cgi HTTP/1.0\n\n";
get[90] = "GET /cgi-bin/responder.cgi HTTP/1.0\n\n";
get[91] = "GET /cgi-bin/plusmail HTTP/1.0\n\n";
get[92] = "GET /cgi-bin/passwd.txt HTTP/1.0\n\n";
get[93] = "GET /cgi-bin/Cgitest.exe HTTP/1.0\n\n";
get[94] = "GET /cgi-bin/GW5/GWWEB.EXE HTTP/1.0\n\n";
get[95] = "GET /cgi-bin/webwho.pl HTTP/1.0\n\n";
get[96] = "GET /cgi-bin/search.cgi HTTP/1.0\n\n";
get[97] = "GET /cgi-bin/dbmlparser.exe HTTP/1.0\n\n";
get[98] = "GET /cgi-bin/search/tidfinder.cgi HTTP/1.0\n\n";
get[99] = "GET /cgi-bin/wa HTTP/1.0\n\n";
get[100] = "GET /cgi-bin/tablebuild.pl HTTP/1.0\n\n";
get[101] = "GET /cgi-bin/displayTC.pl HTTP/1.0\n\n";
get[102] = "GET /cgi-bin/uptime HTTP/1.0\n\n";
get[103] = "GET /cgi-bin/cvsweb/src/usr.bin/rdist/expand.c HTTP/1.0\n\n";
get[104] = "GET /cgi-bin/c_download.cgi HTTP/1.0\n\n";
get[105] = "GET /cgi-bin/download.cgi HTTP/1.0\n\n";
get[106] = "GET /cgi-bin/program.pl HTTP/1.0\n\n";
get[107] = "GET /cgi-bin/ntitar.pl HTTP/1.0\n\n";
get[108] = "GET /cgi-bin/enter.cgi HTTP/1.0\n\n";
get[109] = "GET /cgi-bin/test.html HTTP/1.0\n\n";
get[110] = "GET /cgi-bin/test-unix.html HTTP/1.0\n\n";
get[111] = "GET /cgi-bin/printenv HTTP/1.0\n\n";
get[112] = "GET /cgi-bin/dasp/fm_shell.asp HTTP/1.0\n\n";
get[113] = "GET /cgi-bin/cgiback.cgi HTTP/1.0\n\n";
get[114] = "GET /cgi-bin/unlg1.1 HTTP/1.0\n\n";
get[115] = "GET /cgi-bin/unlg1.2 HTTP/1.0\n\n";
get[116] = "GET /cgi-bin/gH.cgi HTTP/1.0\n\n";
get[117] = "GET /cgi-bin/rwwwshell.pl HTTP/1.0\n\n";
get[118] = "GET /cgi-bin/php HTTP/1.0\n\n";
get[119] = "GET /cgi-bin/perl HTTP/1.0\n\n";
get[120] = "GET /cgi-bin/wwwboard.cgi HTTP/1.0\n\n";
get[121] = "GET /cgi-bin/guestbook.cgi HTTP/1.0\n\n";
get[122] = "GET /cgi-bin/guestbook.pl HTTP/1.0\n\n";
get[123] = "GET /cgi-bin/passwd HTTP/1.0\n\n";
get[124] = "GET /cgi-bin/passwd.txt HTTP/1.0\n\n";
get[125] = "GET /cgi-bin/password HTTP/1.0\n\n";
get[126] = "GET /cgi-bin/password.txt HTTP/1.0\n\n";
get[127] = "GET /cgi-bin/flexform.cgi HTTP/1.0\n\n";
get[128] = "GET /cgi-bin/MachineInfo HTTP/1.0\n\n";
get[129] = "GET /cgi-bin/lwgate HTTP/1.0\n\n";
get[130] = "GET /cgi-bin/lwgate.cgi HTTP/1.0\n\n";
get[131] = "GET /cgi-bin/nlog-smb.cgi HTTP/1.0\n\n";
get[132] = "GET /cgi-bin/icat HTTP/1.0\n\n";
get[133] = "GET /cgi-bin/tst.bat HTTP/1.0\n\n";
get[134] = "GET /cgi-bin/infosrch.cgi HTTP/1.0\n\n";
get[135] = "GET /cgi-bin/webwho.pl HTTP/1.0\n\n";
get[136] = "GET /cgi-bin/FormHandler.cgi HTTP/1.0\n\n";
get[137] = "GET /cgi-bin/cgi-lib.pl HTTP/1.0\n\n";
get[138] = "GET /com1 HTTP/1.0\n\n";
get[139] = "GET /com2 HTTP/1.0\n\n";
get[140] = "GET /com3 HTTP/1.0\n\n";
get[141] = "GET /con HTTP/1.0\n\n";
get[142] = "GET /_vti_inf.html HTTP/1.0\n\n";
get[143] = "GET /_vti_pvt/service.pwd HTTP/1.0\n\n";
get[144] = "GET /_vti_pvt/users.pwd HTTP/1.0\n\n";
get[145] = "GET /_vti_pvt/authors.pwd HTTP/1.0\n\n";
get[146] = "GET /_vti_pvt/administrators.pwd HTTP/1.0\n\n";
get[147] = "GET /_vti_pvt/writeto.cnf HTTP/1.0\n\n";
get[148] = "GET /_vti_pvt/svcacl.cnf HTTP/1.0\n\n";
get[149] = "GET /_vti_pvt/services.cnf HTTP/1.0\n\n";
get[150] = "GET /_vti_pvt/service.stp HTTP/1.0\n\n";
get[151] = "GET /_vti_pvt/service.cnf HTTP/1.0\n\n";
get[152] = "GET /_vti_pvt/access.cnf HTTP/1.0\n\n";
get[153] = "GET /_vti_bin/shtml.dll HTTP/1.0\n\n";
get[154] = "GET /_vti_bin/shtml.exe HTTP/1.0\n\n";
get[155] = "GET /_vti_bin/fpcount.exe HTTP/1.0\n\n";
get[156] = "GET /_vti_bin/_vti_adm/admin.dll HTTP/1.0\n\n";
get[157] = "GET /_vti_bin/_vti_aut/author.dll HTTP/1.0\n\n";
get[158] = "GET /_vti_bin/_vti_aut/dvwssr.dll HTTP/1.0\n\n";
get[159] = "GET /cgi-dos/args.bat HTTP/1.0\n\n";
get[160] = "GET /cgi-dos/args.cmd HTTP/1.0\n\n";
get[161] = "GET /cgi-win/uploader.exe HTTP/1.0\n\n";
get[162] = "GET /cgi-shl/win-c-sample.exe HTTP/1.0\n\n";
get[163] = "GET /scripts/c32web.exe HTTP/1.0\n\n";
get[164] = "GET /scripts/cart32.exe HTTP/1.0\n\n";
get[165] = "GET /scripts/issadmin/bdir.htr HTTP/1.0\n\n";
get[166] = "GET /scripts/CGImail.exe HTTP/1.0\n\n";
get[167] = "GET /scripts/tools/newdsn.exe HTTP/1.0\n\n";
get[168] = "GET /scripts/fpcount.exe HTTP/1.0\n\n";
get[169] = "GET /scripts/no-such-file.pl HTTP/1.0\n\n";
get[170] = "GET /scripts/counter.exe HTTP/1.0\n\n";
get[171] = "GET /scripts/uploadn.asp HTTP/1.0\n\n";
get[172] = "GET /scripts/uploadx.asp HTTP/1.0\n\n";
get[173] = "GET /scripts/upload.asp HTTP/1.0\n\n";
get[174] = "GET /scripts/repost.asp HTTP/1.0\n\n";
get[175] = "GET /scripts/postinfo.asp HTTP/1.0\n\n";
get[176] = "GET /scripts/run.exe HTTP/1.0\n\n";
get[177] = "GET /scripts/convert.bas HTTP/1.0\n\n";
get[178] = "GET /scripts/iisadmin/ism.dll HTTP/1.0\n\n";
get[179] = "GET /scripts/tools/getdrvrs.exe HTTP/1.0\n\n";
get[180] = "GET /scripts/tools/dsnform.exe HTTP/1.0\n\n";
get[181] = "GET /scripts/samples/search/webhits.exe HTTP/1.0\n\n";
get[182] = "GET /scripts/../../cmd.exe HTTP/1.0\n\n";
get[183] = "GET /scripts/webbbs.exe HTTP/1.0\n\n";
get[184] = "GET /scripts/samples/ctguestb.idc HTTP/1.0\n\n";
get[185] = "GET /scripts/samples/details.idc HTTP/1.0\n\n";
get[186] = "GET /scripts/tools/getdrvs.exe HTTP/1.0\n\n";
get[187] = "GET /scripts/pu3.pl HTTP/1.0\n\n";
get[188] = "GET /scripts/proxy/w3proxy.dll HTTP/1.0\n\n";
get[189] = "GET /scripts/cpshost.dll HTTP/1.0\n\n";
get[190] = "GET /scripts/Fpadmcgi.exe HTTP/1.0\n\n";
get[191] = "GET /scripts/iisadmin/bdir.htr HTTP/1.0\n\n";
get[192] = "GET /scripts/iisadmin/samples/ctgestb.htx HTTP/1.0\n\n";
get[193] = "GET /scripts/iisadmin/samples/ctgestb.idc HTTP/1.0\n\n";
get[194] = "GET /scripts/iisadmin/samples/details.htx HTTP/1.0\n\n";
get[195] = "GET /scripts/iisadmin/samples/details.idc HTTP/1.0\n\n";
get[196] = "GET /scripts/iisadmin/samples/query.htx HTTP/1.0\n\n";
get[197] = "GET /scripts/iisadmin/samples/query.idc HTTP/1.0\n\n";
get[198] = "GET /scripts/iisadmin/samples/register.htx HTTP/1.0\n\n";
get[199] = "GET /scripts/iisadmin/samples/register.idc HTTP/1.0\n\n";
get[200] = "GET /scripts/iisadmin/samples/sample.htx HTTP/1.0\n\n";
get[201] = "GET /scripts/iisadmin/samples/sample.idc HTTP/1.0\n\n";
get[202] = "GET /scripts/iisadmin/samples/sample2.htx HTTP/1.0\n\n";
get[203] = "GET /scripts/iisadmin/samples/viewbook.htx HTTP/1.0\n\n";
get[204] = "GET /scripts/iisadmin/samples/viewbook.idc HTTP/1.0\n\n";
get[205] = "GET /scripts/iisadmin/tools/ct.htx HTTP/1.0\n\n";
get[206] = "GET /scripts/iisadmin/tools/ctss.idc HTTP/1.0\n\n";
get[207] = "GET /scripts/iisadmin/tools/dsnform.exe HTTP/1.0\n\n";
get[208] = "GET /scripts/iisadmin/tools/getdrvrs.exe HTTP/1.0\n\n";
get[209] = "GET /scripts/iisadmin/tools/mkilog.exe HTTP/1.0\n\n";
get[210] = "GET /scripts/iisadmin/tools/newdsn.exe HTTP/1.0\n\n";
get[211] = "GET /WebShop/templates/cc.txt HTTP/1.0\n\n";
get[212] = "GET /WebShop/logs/cc.txt HTTP/1.0\n\n";
get[213] = "GET /WebShop/logs/ck.log HTTP/1.0\n\n";
get[214] = "GET /config/orders.txt HTTP/1.0\n\n";
get[215] = "GET /config/import.txt HTTP/1.0\n\n";
get[216] = "GET /config/checks.txt HTTP/1.0\n\n";
get[217] = "GET /orders/order.log HTTP/1.0\n\n";
get[218] = "GET /orders/import.txt HTTP/1.0\n\n";
get[219] = "GET /orders/checks.txt HTTP/1.0\n\n";
get[220] = "GET /orders/orders.txt HTTP/1.0\n\n";
get[221] = "GET /Orders/order.log HTTP/1.0\n\n";
get[222] = "GET /order/order.log HTTP/1.0\n\n";
get[223] = "GET /cfdocs/expelval/openfile.cfm HTTP/1.0\n\n";
get[224] = "GET /cfdocs/expelval/exprcalc.cfm HTTP/1.0\n\n";
get[225] = "GET /cfdocs/expelval/displayopenedfile.cfm HTTP/1.0\n\n";
get[226] = "GET /cfdocs/expelval/sendmail.cfm HTTP/1.0\n\n";
get[227] = "GET /cfdocs/cfmlsyntaxcheck.cfm HTTP/1.0\n\n";
get[228] = "GET /cfdocs/snippets/fileexist.cfm HTTP/1.0\n\n";
get[229] = "GET /cfdocs/zero.cfm HTTP/1.0\n\n";
get[230] = "GET /cfdocs/root.cfm HTTP/1.0\n\n";
get[231] = "GET /cfdocs/expressions.cfm HTTP/1.0\n\n";
get[232] = "GET /cfdocs/toxic.cfm HTTP/1.0\n\n";
get[233] = "GET /cfdocs/mole.cfm HTTP/1.0\n\n";
get[234] = "GET /cfdocs/exampleapp/publish/admin/addcontent.cfm HTTP/1.0\n\n";
get[235] = "GET /cfdocs/exampleapp/email/getfile.cfm HTTP/1.0\n\n";
get[236] = "GET /cfdocs/exampleapp/publish/admin/application.cfm HTTP/1.0\n\n";
get[237] = "GET /cfdocs/exampleapp/email/application.cfm HTTP/1.0\n\n";
get[238] = "GET /cfdocs/exampleapp/docs/sourcewindow.cfm HTTP/1.0\n\n";
get[239] = "GET /cfdocs/examples/parks/detail.cfm HTTP/1.0\n\n";
get[240] = "GET /cfdocs/examples/cvbeans/beaninfo.cfm HTTP/1.0\n\n";
get[241] = "GET /cfdocs/cfmlsyntaxcheck.cfm HTTP/1.0\n\n";
get[242] = "GET /cfdocs/snippets/viewexample.cfm HTTP/1.0\n\n";
get[243] = "GET /cfdocs/snippets/evaluate.cfm HTTP/1.0\n\n";
get[244] = "GET /cfappman/index.cfm HTTP/1.0\n\n";
get[245] = "GET /cfusion/cfapps/forums/forums_.mdb HTTP/1.0\n\n";
get[246] = "GET /cfusion/cfapps/security/realm_.mdb HTTP/1.0\n\n";
get[247] = "GET /cfusion/cfapps/forums/data/forums.mdb HTTP/1.0\n\n";
get[248] = "GET /cfusion/cfapps/security/data/realm.mdb HTTP/1.0\n\n";
get[249] = "GET /cfusion/database/cfexamples.mdb HTTP/1.0\n\n";
get[250] = "GET /cfusion/database/cfsnippets.mdb HTTP/1.0\n\n";
get[251] = "GET /cfusion/database/smpolicy.mdb HTTP/1.0\n\n";
get[252] = "GET /cfusion/database/cypress.mdb HTTP/1.0\n\n";
get[253] = "GET /_private/registrations.txt HTTP/1.0\n\n";
get[254] = "GET /_private/registrations.htm HTTP/1.0\n\n";
get[255] = "GET /_private/register.txt HTTP/1.0\n\n";
get[256] = "GET /_private/register.htm HTTP/1.0\n\n";
get[257] = "GET /_private/orders.txt HTTP/1.0\n\n";
get[258] = "GET /_private/orders.htm HTTP/1.0\n\n";
get[259] = "GET /_private/form_results.htm HTTP/1.0\n\n";
get[260] = "GET /_private/form_results.txt HTTP/1.0\n\n";
get[261] = "GET /admisapi/fpadmin.htm HTTP/1.0\n\n";
get[262] = "GET /iissamples/exair/howitworks/codebrws.asp HTTP/1.0\n\n";
get[263] = "GET /iissamples/sdk/asp/docs/codebrws.asp HTTP/1.0\n\n";
get[264] = "GET /iissamples/iissamples/query.asp HTTP/1.0\n\n";
get[265] = "GET /iissamples/exair/search/advsearch.asp HTTP/1.0\n\n";
get[266] = "GET /iisadmpwd/achg.htr HTTP/1.0\n\n";
get[267] = "GET /iisadmpwd/aexp.htr HTTP/1.0\n\n";
get[268] = "GET /iisadmpwd/aexp2.htr HTTP/1.0\n\n";
get[269] = "GET /iisadmpwd/aexp2b.htr HTTP/1.0\n\n";
get[270] = "GET /iisadmpwd/aexp3.htr HTTP/1.0\n\n";
get[271] = "GET /iisadmpwd/aexp4.htr HTTP/1.0\n\n";
get[272] = "GET /iisadmpwd/aexp4b.htr HTTP/1.0\n\n";
get[273] = "GET /iisadmpwd/anot.htr HTTP/1.0\n\n";
get[274] = "GET /iisadmpwd/anot3.htr HTTP/1.0\n\n";
get[275] = "GET /pw/storemgr.pw HTTP/1.0\n\n";
get[276] = "GET /config/mountain.cfg HTTP/1.0\n\n";
get[277] = "GET /orders/mountain.cfg HTTP/1.0\n\n";
get[278] = "GET /quikstore.cfg HTTP/1.0\n\n";
get[279] = "GET /PDG_Cart/shopper.conf HTTP/1.0\n\n";
get[280] = "GET /search97.vts HTTP/1.0\n\n";
get[281] = "GET /carbo.dll HTTP/1.0\n\n";
get[282] = "GET /msadc/Samples/SELECTOR/showcode.asp HTTP/1.0\n\n";
get[283] = "GET /adsamples/config/site.csc HTTP/1.0\n\n";
get[284] = "GET /Admin_files/order.log HTTP/1.0\n\n";
get[285] = "GET /mall_log_files/order.log HTTP/1.0\n\n";
get[286] = "GET /PDG_Cart/order.log HTTP/1.0\n\n";
get[287] = "GET /doc HTTP/1.0\n\n";
get[288] = "GET /.html/............./config.sys HTTP/1.0\n\n";
get[289] = "GET /ssi/envout.bat HTTP/1.0\n\n";
get[290] = "GET /~root HTTP/1.0\n\n";
get[291] = "GET /server%20logfile HTTP/1.0\n\n";
get[292] = "GET /....../autoexec.bat HTTP/1.0\n\n";
get[293] = "GET /perl/files.pl HTTP/1.0\n\n";
get[294] = "GET /lpt HTTP/1.0\n\n";
get[295] = "GET /AdvWorks/equipment/catalog_type.asp HTTP/1.0\n\n";
get[296] = "GET /ASPSamp/AdvWorks/equipment/catalog_type.asp HTTP/1.0\n\n";
get[297] = "GET /admin.php3 HTTP/1.0\n\n";
get[298] = "GET /code.php3 HTTP/1.0\n\n";
get[299] = "GET /bb-dnbd/bb-hist.sh HTTP/1.0\n\n";
get[300] = "GET /domcfg.nsf HTTP/1.0\n\n";
get[301] = "GET /today.nsf HTTP/1.0\n\n";
get[302] = "GET /names.nsf HTTP/1.0\n\n";
get[303] = "GET /catalog.nsf HTTP/1.0\n\n";
get[304] = "GET /log.nsf HTTP/1.0\n\n";
get[305] = "GET /domlog.nsf HTTP/1.0\n\n";
get[306] = "GET /database.nsf HTTP/1.0\n\n";
get[307] = "GET /secure/.htaccess HTTP/1.0\n\n";
get[308] = "GET /secure/.wwwacl HTTP/1.0\n\n";
get[309] = "GET /WebSTAR HTTP/1.0\n\n";
get[310] = "GET /msadc/msadcs.dll HTTP/1.0\n\n";
get[311] = "GET /reviews/newpro.cgi HTTP/1.0\n\n";
get[312] = "GET /_AuthChangeUrl? HTTP/1.0\n\n";
get[313] = "GET /........./autoexec.bat HTTP/1.0\n\n";
get[314] = "GET /.html/............/autoexec.bat HTTP/1.0\n\n";
get[315] = "GET /......../ HTTP/1.0\n\n";
get[316] = "GET /eatme.idc HTTP/1.0\n\n";
get[317] = "GET /eatme.ida HTTP/1.0\n\n";
get[318] = "GET /eatme.pl HTTP/1.0\n\n";
get[319] = "GET /eatme.idq HTTP/1.0\n\n";
get[320] = "GET /eatme.idw HTTP/1.0\n\n";
get[321] = "GET /default.asp HTTP/1.0\n\n";
get[322] = "GET /default.asp::$DATA HTTP/1.0\n\n";
get[323] = "GET /default.asp. HTTP/1.0\n\n";
get[324] = "GET /samples/ HTTP/1.0\n\n";
get[325] = "GET /photoads/cgi-bin/env.cgi HTTP/1.0\n\n";
get[326] = "GET /photoads/cgi-bin/ HTTP/1.0\n\n";
get[327] = "GET /photoads/ HTTP/1.0\n\n";
get[328] = "GET /session/admnlogin HTTP/1.0\n\n";
get[329] = "GET /session/adminlogin?RCpage=/sysadmin/index.stm HTTP/1.0\n\n";
get[330] = "GET /samples/search/queryhit.htm HTTP/1.0\n\n";
get[331] = "GET /msadc/msadcs.dll HTTP/1.0\n\n";
get[332] = "GET /publisher/|publisher HTTP/1.0\n\n";
get[333] = "GET /PSUser/PSCOErrPage.htm HTTP/1.0\n\n";
get[334] = "GET ../../boot.ini HTTP/1.0\n\n";
get[335] = "GET ../.. HTTP/1.0\n\n";
get[336] = "GET /aux HTTP/1.0\n\n";
get[337] = "GET /status HTTP/1.0\n\n";
get[338] = "GET /status.cgi HTTP/1.0\n\n";
get[339] = "GET /log HTTP/1.0\n\n";
get[340] = "GET /stats HTTP/1.0\n\n";
get[341] = "GET /manage/cgi/cgiproc HTTP/1.0\n\n";
get[342] = "GET /bb-hist.sh HTTP/1.0\n\n";
get[343] = "GET /DataBase/ HTTP/1.0\n\n";
get[344] = "GET /scripts/wa.exe HTTP/1.0\n\n";
get[345] = "GET /cgi-bin/UltraBoard.pl HTTP/1.0\n\n";
get[346] = "GET /cgi-bin/UltraBoard.cgi HTTP/1.0\n\n";
get[347] = "GET /piranha/secure/passwd.php3 HTTP/1.0\n\n";
get[348] = "GET /wwwboard/passwd.txt HTTP/1.0\n\n";
get[349] = "GET /cgi-bin/sojourn.cgi HTTP/1.0\n\n";
get[350] = "GET /cgi-bin/ews HTTP/1.0\n\n";
get[351] = "GET /cgi-bin/dumpenv HTTP/1.0\n\n";
get[352] = "GET /cgi-bin/dfire.cgi HTTP/1.0\n\n";
get[353] = "GET /cgi-bin/spin_client.cgi HTTP/1.0\n\n";
get[354] = "GET /ss HTTP/1.0\n\n";
get[355] = "GET /cgi-bin/echo.bat HTTP/1.0\n\n";
get[356] = "GET /cgi-bin/hello.bat HTTP/1.0\n\n";

#ifdef MULTI

   fprintf(of,"\nStarted Scanning %s\n", target);

if((hp=(struct hostent *)gethostbyname(target)) == NULL)
{
   return;
}
        s = socket(AF_INET, SOCK_STREAM, 0);
        bzero(&server, sizeof(server));
        server.sin_family = AF_INET;
        server.sin_port = htons(80);
        memcpy((char *)&server.sin_addr, (char *)hp->h_addr,hp->h_length);

if((connect(s, (struct sockaddr *)&server, sizeof(server)))== -1)
{
   return;
}
        send(s,"HEAD / HTTP/1.0\n\n",17,0);
        recv(s,bufferhttp,sizeof(bufferhttp),0);
        fprintf(of,"Version:\n%s",bufferhttp);
        close(s);

#else 

   s = socket(AF_INET,SOCK_STREAM, 0);
   bcopy(hp->h_addr, (char *)&server.sin_addr, hp->h_length);
   server.sin_family = AF_INET;
   server.sin_port = htons(80);

if((connect(s, (struct sockaddr *)&server, sizeof(server))) == -1)
{  
   perror("connect");
   exit(1);
}
   send(s,"HEAD / HTTP/1.0\n\n",17,0);
   recv(s,bufferhttp,sizeof(bufferhttp),0);
   fprintf(of,"Scanning:%s\n",host);
   fprintf(of,"Version:\n%s",bufferhttp);

#endif

fprintf(of,"The following was found on the Server\n");

for(count=1 ; count != CGIFLAWS ; count++ )
{   

#ifdef MULTI

        s = socket(AF_INET, SOCK_STREAM, 0);
        bzero(&server, sizeof(server));
        server.sin_family = AF_INET;
        server.sin_port = htons(80);
        memcpy((char *)&server.sin_addr, (char *)hp->h_addr,hp->h_length);

if((connect(s, (struct sockaddr *)&server, sizeof(server))) == -1)
{
   return;
}

#else


   s = socket(AF_INET, SOCK_STREAM, 0);    
   bcopy(hp->h_addr, (char *)&server.sin_addr, hp->h_length);
   server.sin_family = AF_INET;
   server.sin_port = htons(80);   

if((connect(s, (struct sockaddr *)&server, sizeof(server))) == -1)
{
   perror("connect");
   exit(1);
}
   
#endif

for(number=0; number<1024; number++)
{
   buffer[number] = '\0';
}
   send(s,get[count],strlen(get[count]),0);
   recv(s, buffer, sizeof(buffer),0);                 
   cgicheck = strstr(buffer,msg);

if(cgicheck != NULL)
   fprintf(of,"%s \n",get[count]);      
else  
   close(s);
}
#ifdef MULTI
return;
#else
return 0;
fclose(of);
#endif
}
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close