Descripcion: Script que interactua con Zone H permitiendo reportar desde la querida terminal.
Nombre: ZoneHReporter.py
###################
#!/usr/bin/python #
# Zone-H Reporter #
# Coded by Sanko #
###################
import urllib,urllib2
def main():
options = """
#######################
# #
# Zone - H Reporter #
# [0] Login #
# [1] Single Deface #
# [2] Mass Deface #
# [i] info methods #
# #
#######################"""
print options
entrada = raw_input("Choose an option -> ")
if entrada == 0:
login('user','password')
elif entrada == 1:
uploadsingle('defacer','http://web.com/','15','1')
elif entrada == 2:
uploadmass('defacer','15','1') #Deben indicar en la funcion los domains defaceados
elif entrada == 'i':
info()
else:
print "Error , try again\n"
main()
def login(user,password):
url = 'http://www.zone-h.org/login'
values = {'user':user,
'password':password}
data = urllib.urlencode(values)
req = urllib2.Request(url, data)
resp = urllib2.urlopen(req)
page = resp.read()
print page
def uploadsingle(defacer,domain,hackmode,reason):
url = 'http://www.zone-h.org/notify/single'
values = {'defacer':defacer,
'domain1':domain,
'hackmode':hackmode,
'reason':reason,
'submit':'Send'}
data = urllib.urlencode(values)
req = urllib2.Request(url, data)
resp = urllib2.urlopen(req)
page = resp.read()
print page
def uploadmass(defacer,hackmode,reason):
url = 'http://www.zone-h.org/notify/mass'
values = {'defacer':defacer,
'domain1':'',
'domain2':'',
'domain3':'',
'domain4':'',
'domain5':'',
'domain6':'',
'domain7':'',
'domain8':'',
'domain9':'',
'domain10':'',
'domain1':domain,
'hackmode':hackmode,
'reason':reason,
'submit':'Send'}
data = urllib.urlencode(values)
req = urllib2.Request(url, data)
resp = urllib2.urlopen(req)
page = resp.read()
print page
def info():
hackmodes = """
[1] known vulnerability (i.e. unpatched system)
[2] undisclosed (new) vulnerability
[3] configuration / admin. mistake
[4] brute force attack
[5] social engineering
[6] Web Server intrusion
[7] Web Server external module intrusion
[8] Mail Server intrusion
[9] FTP Server intrusion
[10] SSH Server intrusion
[11] Telnet Server intrusion
[12] RPC Server intrusion
[13] Shares misconfiguration
[14] Other Server intrusion
[15] SQL Injection
[16] URL Poisoning
[17] File Inclusion
[18] Other Web Application bug
[19] Remote administrative panel access through bruteforcing
[20] Remote administrative panel access through password guessing
[21] Remote administrative panel access through social engineering
[22] Attack against the administrator/user (password stealing/sniffing)
[23] Access credentials through Man In the Middle attack
[24] Remote service password guessing
[25] Remote service password bruteforce
[26] Rerouting after attacking the Firewall
[27] Rerouting after attacking the Router
[28] DNS attack through social engineering
[29] DNS attack through cache poisoning
[30] Not available
[31] Cross-Site Scripting"""
reasons = """
[1] Heh...just for fun!
[2] Revenge against that website
[3] Political reasons
[4] As a challenge
[5] I just want to be the best defacer
[6] Patriotism
[7] Not available"""
entrada = raw_input("info hackmodes | info reasons --- > ")
if entrada == "hackmodes":
print hackmodes
elif entrada == "reasons":
print reasons
else:
print "Error"
main()
0 comentarios:
Publicar un comentario