Exploit-suggester
#!/usr/bin/python
################################################################
# .___ __ _______ .___ #
# __| _/____ _______| | __ ____ \ _ \ __| _/____ #
# / __ |\__ \\_ __ \ |/ // ___\/ /_\ \ / __ |/ __ \ #
# / /_/ | / __ \| | \/ <\ \___\ \_/ \/ /_/ \ ___/ #
# \____ |(______/__| |__|_ \\_____>\_____ /\_____|\____\ #
# \/ \/ \/ #
# ___________ ______ _ __ #
# _/ ___\_ __ \_/ __ \ \/ \/ / #
# \ \___| | \/\ ___/\ / #
# \___ >__| \___ >\/\_/ #
# est.2007 \/ \/ forum.darkc0de.com #
###########################################################################################
# Greetz to all Darkc0de Andhra Hackers,ICW Memebers #
#Darkc0de : d3hydra,rasuron,nd all darkcode crew #
#Hackers Grage : Mr_B0nd,Wipu,GOdwinAugstin,beenu,hubysoft,Mr_H@x0r,r45c4l #
#Shoutz ICw : SMART_HAX0R,j4ckh4x0r,41w@r10r,micro,MR xxxx,Hackin,Hoodlum,Dark_blue,#
###########################################################################################
############################FB1h2s#########################################################
# [-]Exploit Suggester BY FB1H2S Exploitsug.py -->:An Update 4 my serverchk.py # https://ift.tt/2KYDgwo
#[+]Port scan -->:Tcp scan + SIN-ACK scan (using scapy not shiped default ping # me if u wann SIN-ACK)
#[+]Advance Banner Graber -->:Captures banners perfectly
#[+]Port Based and Banner Based Exploit Finder -->:Finds Matching exploits form exploitdb based on ports nd # Banner
#[+]Looks for Backdoor's -->:Default Port opned On previous intrusions
#[+]Tool give a good structure of working exploits
import string, sys, time, urllib2,urllib,cookielib,re,random,threading,socket,httplib,os
port=0
def banner_match(banner):
try:
banner_r=banner.strip('\n')
FILE=open("vuln.txt","r")
banner_rf=FILE.readlines()
for banners in banner_rf:
if re.search(banners[:-1].lower(),banner.lower()):
return banners
else:
en_banner=raw_input("Enter the Service Version If u have any idea:")
if (en_banner !=None):
return en_banner
else:
return
except: pass
def fetch_exp(banner,port):
#banner_rec="OpenSSH"
#port=0
print "\nFetching Exploits:"+banner
header = ['Mozilla/5.0 (compatible; MSIE 5.5; Windows NT 5.0)',
'Mozilla/5.0 (compatible; MSIE 7.0b; Windows NT 5.1)',
'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6)',
'Microsoft Internet Explorer/4.0b1 (Windows NT 5.0)']
cj = cookielib.FileCookieJar("cookies")
des=banner.strip('\n')
port=port
if(port==0):
result_0web ='https://ift.tt/2J5W8MH'
elif(len(des)==0 and port!=0):
result_0web ='https://ift.tt/2L3HEKC'
elif(len(des)==0 and port==0):
return
else:
result_0web ='https://ift.tt/2LClNLm'
exp_url=result_0web.replace(" ","+")
#print exp_url
try:
exp_request = urllib2.Request(exp_url)
agent = random.choice(header)
exp_request.add_header('User-Agent', agent)
exp_open = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
text = exp_open.open(exp_request).read()
text=text.replace("\n","end")
strreg = re.compile("(?<=href=')(.*?)(?=')")
li=re.findall("(?<=_blank)(.*?)(?<=end)",text)
li1=re.findall("(?<=_blank)(.*?)(?<=/a)",text)
names = strreg.findall(text)
li.append(li1)
i=0
j=0
for name in names:
try:
if '/exploit' in name:
print '-->'+name.strip('rss.php')
print i
print '[-]'+li[i].replace("end","---->")
i=i+1
#else: print "Nothing Found:'
except: pass
except:print "Failed:Check Internet Connection"
def http_b(ip):
try:
conn = httplib.HTTPConnection(ip)
conn.request("HEAD", "/")
res = conn.getresponse()
return res.getheader("server")
except():print 'error'
def exploitscaner(ip):
ports=([21,22,23,24,25,63,80,110,135,139,143,445,8080,1433,1723,3306,3389,5900])#These are the ports i alway find sucess with so just limitin the scan
http = "80"#21,22,23,24,25,63,80,110,135,139,143,445,8080,1433,1723,3306,3389,5900
#webbdrs=([31373,4444,5555])#c99,metsploit,addmore
port_based=[]
banner_baser=[]
#22,23,24,25,63,80,110,80,139,445,8080,1433,1723,5900,1433,3306,3389,
for scanport in ports:
sockp = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
sockp.connect((ip,scanport))
print "*"*70
print "%s:%d OPEN" % (ip,scanport)
li.append(scanport)
#BOP--:Based on Port no
if scanport==80:
sockp.close()
banner=http_b(ip)
banner=banner.replace("-","+")
banner=banner.replace("/","+")
fetch_exp(banner,port=0)
elif scanport==135:
sockp.close()
print "[+]Microsft ds port"
fetch_exp(banner='',port=135)
elif scanport==139:
sockp.close()
print "[+]Microsoft Netbios"
fetch_exp(banner='',port=139)
elif scanport==445:
sockp.close()
print "[+]Microsoft smb_tcp"
fetch_exp(banner='',port=445)
elif scanport==3389:
print "[+]Microsoft Remote Desktop"
print "\nTry MS05-041, MS09-044"
elif scanport==5900:
print "[+]Remote Desktop Vnc Viewer"
fetch_exp(banner='vnc',port=5900)
elif scanport==1433:
sockp.close()
print "[+]Microsoft SQL Server"
r="microsoft+sql"
fetch_exp(banner=r,port=0)
elif scanport==1521:
sockp.close()
print "[+]Oracle SQL Server"
fetch_exp(banner='oracle',port=1521)
elif scanport==3306:
sockp.close()
print "[+]MYSQL Server"
fetch_exp(banner='mysql',port=3306)
else:
#sockp.send('sas sas') taught of sending some packets :
#BOB-:Based On Banner
banner = sockp.recv(50)
sockp.close()
if(len(banner)>3):
print "[+] Running:",banner,"\n"
banner=banner_match(banner)
port=scanport
fetch_exp(banner,scanport)
print "*"*70
except: pass
def back_dor(ip):
try:
ip=ip
webbdrs=([31373,4444,5555])#c99,metsploit,add more
for po in webbdrs:
sockb = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sockb.connect((ip,po))
print "%s:%d OPEN" % (ip,po)
except:pass
print "[+]Exploit Suggester Version 1.0 by FB1H2S"
print "[+]Port scan a Host and List All Matching exploit form Exploit_db"
print "[+]Report Bugs at fbone@in.com"
print "[+]Now find all Remote Root or Remote DOS Exploits with Exploit-Suggester"
if os.path.isfile("vuln.txt"):
ip=raw_input("Enter the IP/Domain:")
file = open(ip+'.txt', "a")
file.write("\n|------------------------------------------------|")
file.write("\n| FB1H2S Exploit_Suggester Ver 1.0 |")
file.write("\n| Port Scan and Find all Eatching Exploits |")
file.write("\n| Uses Exploit_db to Match Exploits |")
if len(ip) >3:
li=[]
exploitscaner(ip)
print '\n[+]open ports:'
for portop in li:
print portop
print "\n[+]Scanning Backdoor's "
back_dor(ip)
print ip+".txt For the Scan details"
else:
print "\n:( Banner matching File 'Vuln.txt' missing\n"
print ":) Download it and put it in the running directory"
print "https://ift.tt/2L0XIg1"
from BITCOIN NEWS https://ift.tt/2LCn7hi
via Bitcoin News Update
Monday, May 28, 2018
Exploit-suggester
Date - May 28, 2018
Bitcoin News
Share this
Related Articles :
Paling Dilihat
-
Three stories dominate this week’s initial coin offering (ICO) round up: It appears many ICO projects are reaching out to social media infl...
-
from BITCOIN NEWS http://bit.ly/2BAgGb6 via Bitcoin News Update
-
Google hacking master list Dan Morrill (Program Director CityU of Seattle) posted 11/14/2008 | Comments (2) This master list of Google Ha...