• [Perl] DB Exploit Helper 0.4

 #481694  por Doddy
 13 Dic 2015, 00:36
Hola aca la nueva version de mi programa para buscar exploits en db-exploit ,en esta version aumente la velocidad de busqueda aunque no la de descargar ,pero bueno no se puede tener todo xDDD.
#!usr/bin/perl
#DB Exploit Helper 0.4
#(C) Doddy Hackman 2011

use LWP::UserAgent;
use HTML::Parser;
use Data::Dumper;

my $nave = LWP::UserAgent->new;
$nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");
$nave->timeout(5);

&menu;

sub menu {
head();
print "\n[String] : ";
chomp (my $cosa = <stdin>);
if ($cosa eq "") { menu(); }
print "\n\n[+] Searching string\n\n";
my %found = buscar($cosa);
$total = int(keys %found) - 1;
print "[+] Exploits Found : ".$total."\n\n\n";
unless (-d $cosa) {
mkdir($cosa,"777");
}
for my $da(keys %found) {	
my $tata = $da;
$tata =~s/\<//;
$tata =~s/(\s)+$//;
if (download($found{$da},$cosa."/".$tata.".txt")) {
print "[Exploit Found] : ".$da."\n";
}
}
copyright();
<stdin>;
exit(1);
}

sub buscar {
for my $n(1..666) {
my $code = toma("http://www.exploit-db.com/search/?action=search&filter_page=".$n."&filter_description=".$_[0]."&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=");
chomp $code;
if ($code=~/No results/ig) {
return %busca;
}
%busca = getlinks($code);
}}

sub getlinks {

my $test = HTML::Parser->new(
start_h => [\&start, "tagname,attr"],
text_h  => [\&text, "dtext"],
);
$test->parse($_[0]);

sub start {
my($a,$b) = @_;
my %e = %$b;
unless($a ne "a") {
$d = $e{href};
$c = $a;
}}

sub text {
my $title = shift;
chomp $title;
unless($c ne "a") {
if ($d=~/www.exploit-db.com\/exploits\/(.*)/) {
my $id = $1;
my $url = "http://www.exploit-db.com/download/".$id;
$links{$title} = $url;
print $title."\n";
}
$d = "";
}}
return %links;
}

sub toma {
return $nave->get($_[0])->content;
}

sub repes {
foreach $test(@_) {
push @limpio,$test unless $repe{$test}++;
}
return @limpio;
}

sub head {
system("cls");
print "\n\n-- == DB Exploit Helper 0.4 == --\n\n";
}

sub download {
if ($nave->mirror($_[0],$_[1])) {
if (-f $_[1]) {
return true;
}}}

sub copyright {
print "\n\n(C) Doddy Hackman 2011\n\n";
}	

# ¿ The End ? 
[/code]

Ejemplo de uso

[code]

-- == DB Exploit Helper 0.4 == --


[String] : smf


[+] Searching string

[+] Exploits Found : 5


[Exploit Found] : SMF Forum Mambo Component <= 1.3.1.3 Include Vulnerability
[Exploit Found] : Seo4SMF for SMF forums Multiple Vulnerabilities
[Exploit Found] : eFiction <= 3.1.1 (path_to_smf) Remote File Include Vulnerabil
ities
[Exploit Found] : SMF Mod Member Awards 1.0.2 Blind SQL Injection Exploit
[Exploit Found] : Simple Machines Forum (SMF) 1.1.6 Code Execution Exploit


(C) Doddy Hackman 2011