Script that will perform test queries to check for the existence of files in a webroot.
c8be207d45fef0ba6ed8b95d81fe2e2afe59313cace686c44a99afe37363cbf4#!perl
#----------------------------------------------------------------------------------------------|
#With this program you can bruteforce files, dirs, domains and sub-domains |
#Authors: Alexander Rachev (a.k.a matrix_killer) and EcLiPsE |
#Contact: matrix_k _at_ abv.bg |
#Version: 1.0 |
#Copyright: this program is under a Creative Commons Attribution 2.5 Bulgaria License. |
#Greets: Bl0od3r, Acid_BDS, Alpha-fan and all other friends[they know who they are ;)] |
# !WARNING! |
# THIS PROGRAM IS MADE FOR EDUCATION PURPOSES ONLY ! I'M NOT RESPONSIBLE FOR YOUR ACTIONS !!! |
#----------------------------------------------------------------------------------------------|
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
# $Usage$ @
# 1.For file bruteforce: @
# a)Host -> here you enter the host/server that contains some files that you want to find if they exist at all(ex: host.com) @
# b)Directory -> if you think the file is in a directory then here you specify it(ex: /foo/) or remain it blank @
# c)Dictionary -> here you have to enter the name of your word list (ex: junk.txt) @
# @
# 2.For directory bruteforce: @
# a)Host -> here you enter the host/server that contains the directory that you want to find if it exist at all(ex: host.com) @
# b)Dictionary -> here you have to enter the name of your word list (ex: junk.txt) @
# @
# 3.For domain bruteforce: @
# a)Host -> it should look like "host" or "www.host" without a domain(you are bruting it remember ?) @
# b)Dictionary -> it has to contain stuff like "com", "net" and other domain names without a .(dot) @
# @
# 4.For sub-domain bruteforce: @
# a)Host -> "host.com", "moofoo.net" ... @
# b)Dictionary -> again ordinary words without a .(dot) @
# @
# Finally you will see the result on the shell/cmd and if something is found it will be recorded it the same directory where the program is @
# Cheers and be careful what you brute :=) @
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
use Tk;
use Tk::BrowseEntry;
use Tk::Dialog;
use Tk::FileSelect;
use IO::Socket;
$SIG{'INT'} = \&sig_catch;$SIG{'HUP'}='IGNORE';$SIG{'TERM'}='IGNORE';
$SIG{'CHLD'}='IGNORE';$SIG{'ALRM'}='IGNORE';
$|=1;
sub sig_catch {
exit;
}
my $mw = MainWindow->new ;
$mw->geometry("340x170");
$mw->title("Webrute by matrix_killer and EcLiPsE");
$var1 = "Files";
$fleft=$mw->Frame()->pack ( -side => 'left', -anchor => 'ne') ;
$fright=$mw->Frame()->pack ( -side => 'left', -anchor => 'nw') ;
$fleft->Label ( -text => 'What to brute ? ', -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$x = $fright->BrowseEntry( -command => \&brute_what, -relief => "groove", -variable => \$var1, -font => '{Verdana} 8');
$x->insert("end", "Files");
$x->insert("end", "Dirs");
$x->insert("end", "Domains");
$x->insert("end", "Sub domains");
$x->pack( -side => "top" , -anchor => 'w');
sub brute_what {
if ($var1 eq "Files") {
&files;
}elsif($var1 eq "Dirs") {
&dirs;
}elsif($var1 eq "Domains") {
&domains;
}elsif($var1 eq "Sub domains") {
&subdomains;
}}
#File bruteforce @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
sub files {
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fleft->Label ( -text => 'Host: ', -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$hostf = $fright->Entry ( -relief => "groove", -width => 15, -font => '{Verdana} 8', -textvariable => '') ->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fleft->Label ( -text => 'Directory: ', -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$dirf = $fright->Entry ( -relief => "groove", -width => 15, -font => '{Verdana} 8', -textvariable => '') ->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fleft->Label ( -text => 'Dictionary: ', -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$dicf = $fright->Entry ( -relief => "groove", -width => 15, -font => '{Verdana} 8', -textvariable => '') ->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fright->Button(-width => 10, -height => 10, -activebackground => "red", -activeforeground => "black", -background => "#FFFFFF", -borderwidth => 1, -text => "Brute", -command => \&brutef, -cursor => "", -font => "Tahoma 8 bold", -foreground => "#140F7B", -relief => "solid")->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fright->Label( -text => ' ')->pack();
$fleft->Button(-width => 10, -height => 10, -activebackground => "red", -activeforeground => "black", -background => "#FFFFFF", -borderwidth => 1, -text => "Clear", -command => \&cleanf, -cursor => "", -font => "Tahoma 8 bold", -foreground => "#140F7B", -relief => "solid")->pack ( -side => "right" , -anchor => 'w' ) ;
};
#File bruteforce @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
#Directory bruteforce @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
sub dirs {
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fleft->Label ( -text => 'Host: ', -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$hostdir = $fright->Entry ( -relief => "groove", -width => 15, -font => '{Verdana} 8', -textvariable => '') ->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fleft->Label ( -text => 'Dictionary: ', -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$dicdir = $fright->Entry ( -relief => "groove", -width => 15, -font => '{Verdana} 8', -textvariable => '') ->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fright->Button(-width => 20, -height => 5, -activebackground => "red", -activeforeground => "black", -background => "#FFFFFF", -borderwidth => 1, -text => "Brute", -command => \&dirbrute, -cursor => "", -font => "Tahoma 8 bold", -foreground => "#140F7B", -relief => "solid")->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fright->Label( -text => ' ')->pack();
$fleft->Button(-width => 20, -height => 5, -activebackground => "red", -activeforeground => "black", -background => "#FFFFFF", -borderwidth => 1, -text => "Clear", -command => \&cleandir, -cursor => "", -font => "Tahoma 8 bold", -foreground => "#140F7B", -relief => "solid")->pack ( -side => "right" , -anchor => 'w' );
};
#Directory bruteforce @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
#Domain bruteforce @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
sub domains {
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fleft->Label ( -text => 'Host: ', -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$hostdom = $fright->Entry ( -relief => "groove", -width => 15, -font => '{Verdana} 8', -textvariable => '') ->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fleft->Label ( -text => 'Dictionary: ', -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$dicdom = $fright->Entry ( -relief => "groove", -width => 15, -font => '{Verdana} 8', -textvariable => '') ->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fright->Button(-width => 20, -height => 5, -activebackground => "red", -activeforeground => "black", -background => "#FFFFFF", -borderwidth => 1, -text => "Brute", -command => \&dombrute, -cursor => "", -font => "Tahoma 8 bold", -foreground => "#140F7B", -relief => "solid")->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fright->Label( -text => ' ')->pack();
$fleft->Button(-width => 20, -height => 5, -activebackground => "red", -activeforeground => "black", -background => "#FFFFFF", -borderwidth => 1, -text => "Clear", -command => \&cleandom, -cursor => "", -font => "Tahoma 8 bold", -foreground => "#140F7B", -relief => "solid")->pack ( -side => "right" , -anchor => 'w' );
}
#Domain bruteforce @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
#Sub domain bruteforce @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
sub subdomains {
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fleft->Label ( -text => 'Host: ', -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$hossubdom = $fright->Entry ( -relief => "groove", -width => 15, -font => '{Verdana} 8', -textvariable => '') ->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fleft->Label ( -text => 'Dictionary: ', -font => '{Verdana} 8 bold') ->pack ( -side => "top" , -anchor => 'e' ) ;
$dicsubdom = $fright->Entry ( -relief => "groove", -width => 15, -font => '{Verdana} 8', -textvariable => '') ->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fleft->Label( -text => ' ')->pack();
$fright->Button(-width => 20, -height => 5, -activebackground => "red", -activeforeground => "black", -background => "#FFFFFF", -borderwidth => 1, -text => "Brute", -command => \&subbrute, -cursor => "", -font => "Tahoma 8 bold", -foreground => "#140F7B", -relief => "solid")->pack ( -side => "top" , -anchor => 'w' ) ;
$fright->Label( -text => ' ')->pack();
$fright->Label( -text => ' ')->pack();
$fleft->Button(-width => 20, -height => 5, -activebackground => "red", -activeforeground => "black", -background => "#FFFFFF", -borderwidth => 1, -text => "Clear", -command => \&cleansubdom, -cursor => "", -font => "Tahoma 8 bold", -foreground => "#140F7B", -relief => "solid")->pack ( -side => "right" , -anchor => 'w' );
}
#Sub domain bruteforce @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
sub brutef {
$hostf = $hostf->get() ;
$dirf = $dirf->get() ;
$dicf = $dicf->get() ;
if ($dirf eq "") {
$dirf = "/";
}
open(IN,"<$dicf") || &error;
@dictionary = <IN>;
close IN;
foreach $temp (@dictionary) {
chomp $temp;
@filetypes = ("$temp", "$temp.txt", "$temp.php", "$temp.asp", "$temp.html", "$temp.htm", "$temp.jsp", "$temp.js", "$temp.exe", "$temp.log", "$temp.tmp", "$temp.db", "$temp.mdb", "$temp.doc", "$temp.pl", "$temp.css", "$temp.py", "$temp.cgi");
$r = 0;
while ($r < @filetypes) {
$socket = IO::Socket::INET->new(Proto => "tcp", PeerAddr => "$hostf", PeerPort => "80") || sleep(0);
print $socket "GET $dirf$filetypes[$r] HTTP/1.0\nHost: $hostf\n\n";
print "\n Trying $hostf$dirf$filetypes[$r]";
while ($answer = <$socket>) {
if ($answer =~ /OK/) {
if ($filetypes[$r] eq "$temp/") {
push(@dirs,$filetypes[$r]);
}
print "\n\n\t$filetypes[$r] Found!\n";
&savelogf;
close(LOG);
}
}
$r++;
}
}}
undef($dir);
foreach $dir (@dirs) {
&brutef;
}
sub savelogf {
if (-e "./file_brute_log.txt") {
open (LOG, ">>file_brute_log.txt");
}
else {
open (LOG, ">file_brute_log.txt");
}
$time = time();
$loctime = localtime($time);
print LOG "\n";
print LOG "Time: $loctime\n";
print LOG "Host: $hostf\n";
print LOG "Files Found:\n\n";
print LOG "$dir$filetypes[$r]\n";
}
sub dirbrute {
$hostdir = $hostdir->get() ;
$dicdir = $dicdir->get() ;
open(IN,"<$dicdir") || &error;
@dictionary = <IN>;
close IN;
foreach $temp (@dictionary) {
chomp $temp;
@filetype = ("$temp");
$r = 0;
while ($r < @filetype) {
$socket = IO::Socket::INET->new(Proto => "tcp", PeerAddr => "$hostdir", PeerPort => "80") || sleep(0);
print $socket "GET /$filetype[$r]/ HTTP/1.0\nHost: $hostdir\n\n";
print "\n Trying $hostdir/$filetype[$r]";
while ($answer = <$socket>) {
if ($answer =~ m/(Index of)/gi) {
print "\n\n\t$hostdir/$filetype[$r] Found!\n";
&savelogdir;
close(LOG);
}elsif($answer =~ m/(Forbidden)/gi) {
print "\n\n\t$hostdir/$filetype[$r] Found!\n";
&savelogdir;
close(LOG);
}}
$r++;
}}}
sub savelogdir {
if (-e "./directory_brute_log.txt") {
open (LOG, ">>directory_brute_log.txt");
}
else {
open (LOG, ">directory_brute_log.txt");
}
$time = time();
$loctime = localtime($time);
print LOG "\n";
print LOG "Time: $loctime\n";
print LOG "Host: $hostdir\n";
print LOG "Directoryes Found:\n\n";
print LOG "$filetype[$r]\n";
}
sub dombrute {
$hostdom = $hostdom->get() ;
$dicdom = $dicdom->get() ;
open(IN,"<$dicdom") || &error;
@dictionary = <IN>;
close IN;
foreach $temp (@dictionary) {
chomp $temp;
@filetype = ("$temp");
$r = 0;
while ($r < @filetype) {
$socket = IO::Socket::INET->new(Proto => "tcp", PeerAddr => "$hostdom.$filetype[$r]", PeerPort => "80") || sleep(0);
print $socket "GET / HTTP/1.0\nHost: $hostdom\n\n";
print "\n Trying $hostdom.$filetype[$r]";
while ($answer = <$socket>) {
if ($answer =~ /OK/) {
print "\n\n\t$hostdom.$filetype[$r] Found!\n";
&savelogdom;
close(LOG);
}}
$r++;
}}}
sub savelogdom {
if (-e "./domain_brute_log.txt") {
open (LOG, ">>domain_brute_log.txt");
}
else {
open (LOG, ">domain_brute_log.txt");
}
$time = time();
$loctime = localtime($time);
print LOG "\n";
print LOG "Time: $loctime\n";
print LOG "Domains Found:\n\n";
print LOG "$hostdom.$filetype[$r]\n";
}
sub subbrute {
$hossubdom = $hossubdom->get() ;
$dicsubdom = $dicsubdom->get() ;
open(IN,"<$dicsubdom") || &error;
@dictionary = <IN>;
close IN;
foreach $temp (@dictionary) {
chomp $temp;
@filetype = ("$temp");
$r = 0;
while ($r < @filetype) {
$socket = IO::Socket::INET->new(Proto => "tcp", PeerAddr => "$filetype[$r].$hossubdom", PeerPort => "80") || sleep(0);
print $socket "GET / HTTP/1.0\nHost: $hossubdom\n\n";
print "\n Trying $filetype[$r].$hossubdom";
while ($answer = <$socket>) {
if ($answer =~ /OK/) {
print "\n\n\t$filetype[$r].$hossubdom Found!\n";
&savelogsub;
close(LOG);
}}
$r++;
}}}
sub savelogsub {
if (-e "./subdomain_brute_log.txt") {
open (LOG, ">>subdomain_brute_log.txt");
}
else {
open (LOG, ">subdomain_brute_log.txt");
}
$time = time();
$loctime = localtime($time);
print LOG "\n";
print LOG "Time: $loctime\n";
print LOG "Sub-domains Found:\n\n";
print LOG "$filetype[$r].$hossubdom\n";
}
sub error {
eval {
$dialog = $mw->Dialog(
-title => "Error",
-text => "Dictionary not found !",
-buttons => ["OK"]);
$dialog->Show();
}};
sub cleanf {
eval {
$hostf->delete(0, 'end');
$dirf->delete(0, 'end');
$dicf->delete(0, 'end');
}};
sub cleandir {
eval {
$hostdir->delete(0, 'end');
$dicdir->delete(0, 'end');
}};
sub cleandom {
eval {
$hostdom->delete(0, 'end');
$dicdom->delete(0, 'end');
}};
sub cleansubdom {
eval {
$hossubdom->delete(0, 'end');
$dicsubdom->delete(0, 'end');
}};
MainLoop();
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed