what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

lgool.c

lgool.c
Posted Oct 24, 2004
Authored by l0om

Lgool is a program that will search Google for a given vulnerability. It does the exact same thing you could do by going to Google and searching for nasty stuff like passwd.cfg, but without all the trouble of actually opening a web browser. It operates in a way that is similar to "gooscan" (written by johnny and presented at defcon this year).

tags | web
systems | unix
SHA-256 | fc84bedf31be38ae83ff3d535b74ab23de27f74cc69a13e4347fc8c5f24bbf9e

lgool.c

Change Mirror Download
/*

**************************
for education purpose only
iam not responsible for what you are doing with this software.
**************************

/ /
( ___ ___ ___ (
| | )| )| )|
| |__/ |__/ |__/ |
__/

lgool V 0.1

written by l0om

WWW.EXCLUDED.ORG - l0om[a7]excluded[d07]org

idea based on johnny longs gooscan and goole dorking itself. thanks john.

this is a part of a proof-of-concept project in automate attacks with googles help.

greets to goolemasters:
murfie,klouw,ThePsyko,jimmyneutron,
MILKMAN,Deadlink,crash_monkey,zoro25
cybercide,wasabi

greets to geeks/freaks/nice_people like:
proxy, detach, takt, dna,
maximilan, capt.boris, dr.dohmen,
mattball


*/

#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/time.h>
#include <netinet/in.h>
#include <netdb.h>

#define GOOGLE "www.google.com" //default google server to send query
#define PATTERN "<font color=#008000>" //indentifies links in googles results
#define RESULTS "<font size=-1 color=#000000>" //show results

char *encode(char *str); // NULL on failure / the encoded query on success
int connect_me(char *dest, int port); // -1 on failure / connected socket on success
int grep_google(char *host, int port, int proxy, char *query, int mode, int start);

void help(char *usage);
void header(void);

int main(int argc, char **argv)
{
int i, port, valswap, max = 0, only_results = 0, site = 0, proxl = 0; // greets at proxy - this variable is dedicated to you ;D h4h4h4
char *host, *query = NULL;


if(argc == 1) {
help(argv[0]);
return(1);
} else for(i = 1; i < argc; i++)
if(argv[i][0] == '-')
switch(argv[i][1]) {
case 'V':
header();
return(0);
case 'r':
only_results = 1;
break;
case 'm':
max = atoi(argv[++i]);
break;
case 'p':
if( (host = strchr(argv[++i], ':')) == NULL) {
fprintf(stderr, "illegal proxy syntax [host:port]\n");
return(1);
}
port = atoi(strtok(host, ":"));
host = strtok(argv[i], ":");
proxl = 1; // "gib frei ich will rein"
break;
case 'h':
help(argv[0]);
return(0);
} else query = argv[i];

if(query == NULL) {
fprintf(stderr, "no query!\n");
help(argv[0]);
return(1);
}

if( (query = encode(query)) == NULL) {
fprintf(stderr, "string encoding faild!\n");
return(2);
}

if(!max) {
if(grep_google(host, port, proxl, query, only_results, site) > 0) return(0);
else return(1);
}

for(i = 0; i < max; )
if( (valswap = grep_google(host, port, proxl, query, only_results, (site+=10))) <= 0) return(1);
else i+=valswap;

return(0);
}

int grep_google(char *host, int port, int proxl, char *query, int mode, int site)
{
unsigned int results = 0;
int sockfd, nbytes, stdlen = 31, prxlen = 38+strlen(GOOGLE), buflen = 100;
char *sendthis, *readbuf, *buffer, *ptr;

if(proxl) {
if( (sockfd = connect_me(host, port)) == -1) // connect to proxy
return(-2);
if( (sendthis = (char *)malloc(prxlen+strlen(query)+7)) == NULL) {
perror("malloc");
return(-1);
} else sprintf(sendthis,"GET http://%s/search?q=%s&start=%d HTTP/1.0\n\n",GOOGLE,query,site);
} else {
if( (sockfd = connect_me(GOOGLE, 80)) == -1)
return(-2);
if( (sendthis = (char *)malloc(stdlen+strlen(query)+7)) == NULL) {
perror("malloc");
return(-1);
} else sprintf(sendthis, "GET /search?q=%s&start=%d HTTP/1.0\n\n",query,site);
}

if( (readbuf = (char *)malloc(255)) == NULL) {
perror("malloc");
return(-1);
}
if( (buffer = (char *)malloc(1)) == NULL) {
perror("malloc");
return(-1);
}

if(send(sockfd, sendthis, strlen(sendthis),0) <= 0)
return(-2);

while( (nbytes = read(sockfd, readbuf, 255)) > 0) {
if( (buffer = (char *)realloc(buffer, buflen+=nbytes)) == NULL) {
perror("realloc");
return(-1);
} else { strcat(buffer, readbuf); memset(readbuf, 0x00, 255); }
}
close(sockfd);

ptr=buffer;
while(buflen--)
if(mode) {
if(memcmp(ptr++, RESULTS, strlen(RESULTS)) == 0) {
ptr += strlen(RESULTS)-1;
while(memcmp(ptr, "&", 1) != 0) {
if(memcmp(ptr, "<b>", 3) == 0) ptr+=3;
else if(memcmp(ptr, "</b>", 4) == 0) ptr+=4;
else printf("%c",*ptr++);
}
} else continue;
printf("\n");
return(0);
} else
if(memcmp(ptr++, PATTERN, strlen(PATTERN)) == 0) {
ptr += strlen(PATTERN)-1;
results++;
while(memcmp(ptr, " - ", 3) && buflen--) printf("%c",*ptr++);
printf("\n");
}

free(sendthis);
free(readbuf);
return(results);
}

char *encode(char *str)
{
static char *query;
char *ptr;
int nlen, i;

nlen = strlen(str)*3;
if( (query = (char *)malloc(nlen)) == NULL) {
perror("malloc");
return(NULL);
} else ptr = str;

for(i = 0; i < nlen; i+=3)
sprintf(&query[i], "%c%X",'%',*ptr++);
query[nlen] = '\0';
return(query);
}

int connect_me(char *dest, int port)
{
int sockfd;
struct sockaddr_in servaddr;
struct hostent *he;

if( (sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
perror("socket");
return(-1);
}

if( (he = gethostbyname(dest)) == NULL) {
fprintf(stderr, "cannot resovle hostname\n");
return(-1);
}

servaddr.sin_addr = *((struct in_addr *) he->h_addr);
servaddr.sin_port = htons(port);
servaddr.sin_family = AF_INET;

if(connect(sockfd, (struct sockaddr *)&servaddr, sizeof(struct sockaddr)) == -1) {
perror("connect");
return(-1);
} else return(sockfd);
}

void help(char *usage)
{
printf("%s help\n",usage);
printf("%s <query> [options]\n");
puts("options:");
puts("-h: this help menue");
puts("-p: request google with a proxy. next argument must be the proxy");
puts(" and the port in the following format \"host:port\"");
puts("-m: next argument must be the count of results you want to see");
puts("-V: prints versions info");
puts("-r: prints only the results count and exit");
puts("examples:");
printf("%s \"filetype:pwd inurl:service.pwd\" -r # show results\n");
printf("%s \"filetype:pwd inurl:service.pwd\" -m 30 # print about 30 results\n");
}

void header(void)
{
puts("\tlgool V 0.2");
puts("written by l0om - WWW.EXCLUDED.ORG - l0om[47]excluded[d07]org\n");
}

//phree the cyberspace !


Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close