PK �y�8 pelmeshko/PK 3k6+jS���pelmeshko/cgi.txtCgi's n031337f1l3 /cgi/ /cgi-auth/ /cgi-bin/ /cgi-bin2/ /cgi_bin/ /cgi-csc/ /cgi-dos/ /cgi-lib/ /cgi-local/ /cgi-scripts/ /cgi-shl/ /cgi-shop/ /cgi-src/ /cgi-sys/ /cgi-temp/ /cgi-win/ /cgibin/ !!!SEP!!! /aglimpse /alibaba.pl /AnyForm2 /AT-admin.cgi /bnbform.cgi /campas /cgiwrap /change-your-password.pl~ /classifieds.cgi /clickresponder.pl /count.cgi /day5datacopier.cgi /day5datanotifier.cgi /dumpenv.pl /edit.pl /environ.cgi /faxsurvey /filemail.pl /finger /finger?@localhost /form.cgi /formmail.pl /fpexplore.exe /get32.exe /guestbook.cgi /GW5/GWWEB.EXE /handler /handler.cgi /hello.bat /htmlscript /htsearch /info2www /infosrch.cgi /input.bat /input2.bat /jj /loadpage.cgi /mailit.pl /maillist.pl /man.sh /nph-publish /nph-test-cgi /perl.exe /perlshop.cgi /pfdisplay.cgi /phf /phf.cgi /phf.pp /php /php.cgi /php-cgi /plusmail /query /responder.cgi /rguest.exe /rwwwshell.pl /search.cgi /sendform.cgi /sojourn.cgi /survey.cgi /test.bat /test-cgi /textcounter.pl /tigvote.cgi /tst.bat /unlg1.1 /upload.pl /view-source /visadmin.exe?user=guest /webdist.cgi /webgais /websendmail /webutil.pl /webutils.pl /webwho.pl /wguest.exe /whois_raw.cgi /WINDMAIL.EXE?%20-n%20c:\boot.ini% /wrap.cgi /wwwadmin.pl /wwwboard.pl /www-sql args.bat /args.cmd win-c-sample.exe /uploader.exePK }�6��%+pelmeshko/cmd.batcmd.exePK �ml6���e!e!pelmeshko/hscan.pl#!/usr/bin/perl -w use strict; use warnings; use IO::Socket; use IO::Socket::SSL; use Time::Local; $| = 1; ###################################################################################### # SomeShitScan[pelmeshk0] ###################################################################################### # someshit.net. Working Stuff. Here. Right now. #### # [c]ode by Gh0s7 [ ideas, bases (c) ettee ] # 09.05.07 #### # TODOs: # [+] Parse sub # [+] Head scan sub # [+] Banner + Timestampts # [+] Header analyzer; patch scanFiles sub; print server answer in each line; cookie grabber # [+] Multiplie databases # [+] update #### # Database format: # line [1] # Database_Name # line [2] # 100% not existing file (e.g. n0l33tf1l3), for 404 probe request # line [2] # /path1/ # line [3] # /path2/ # line [4] # /path3/ # line [5] # !!!SEP!!! #separator # line [6] # file1 # line [i] # fileX ###################################################################################### ### Config my $userAgent = '[SSS] [PELMESHK0] uber-leet h4x0r v.1.0 (Linux, xorg)'; my $baseRoot = './'; #pelmeshko db my $validateFile = "$baseRoot" . "updateCode"; my $SSL = 0; my $port = 80; my $path = '/'; my $cFile = 0; my $url = 0; my $host = 0; my @goodAns = (200,401,203,403,302,301); my @serverHeaders = ('Server', 'X-Powered-By', 'X-Server', 'Set-Cookie'); my $badAnsCode; my $totalInd = 0; my $firstTime = 1; # sub scanFiles(ip, port, path, timeout, cookie) # First scan method. sub scanFiles { #vars my $files; my $ans; my $cookie; my $firstTime = 1; my ($ip, $port, $path, $timeout, $cFile) = @_; #databases loop foreach(glob("$baseRoot/*")) { chomp; my $baseCurr = $_; my $foundRoots; my $gotSep; open($files,"<$baseCurr") or warn "[x] files db open error. Quit.\n" and exit(1); my $dbName = <$files>; chomp $dbName; my @rootsFound; my $rootsFoundInd = 0; my $badAnsCode; #main loop my $gotRoots; my $sep; my @foundRoots; my $foundRootsInd; # while (<$files>) { chomp(); if ($_ eq '/') { $_ = ''; } if ($_ =~ /\/.{1,100}/) { $_ =~ s/\///; } #cut starting '/' my $scanFile = $_; if ($_ eq '!!!SEP!!!') { last unless $gotRoots; #print "[*] Sep dbg. \$gotRoots:$gotRoots; \$dbName:$dbName; @foundRoots;\n"; $sep = 1; print "[*] Database $dbName:\n"; foreach (@foundRoots) { print "[*] Rootdir found: $ip$path$_\n"; } } #database parse unless ($sep) { my $ans = head($_); chomp $ans; my ($version, $ansCode, $text) = split (/ /, $ans); #chomp $text; if (matchAns($ansCode, $badAnsCode)) { $foundRoots[$foundRootsInd++] = $_; $gotRoots = 1; } next; } foreach (@foundRoots) { my $ans = head("$_$scanFile"); my ($version, $ansCode, $text) = split (/ /, $ans); #chomp $text; if (matchAns($ansCode)) { print "[*] [$ansCode] Found: $ip$path$_$scanFile \n"; } } #end of loop } } close COOK if $cFile; close $files; } sub usage () { print '# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #' . "\n"; print " SomeShitScan[pelmeshk0] hscan.pl - Advanced HEAD-Scaner.\n"; print '# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #' . "\n"; print " Usage: hscan [--update] [http://]somehost.net[:port][/path/]\n"; print " [https(1/0)] [COOK]\n"; print " Example: hscan /:443/ 1 cookies.txt\n"; print " hscan forum.antichat.ru\n"; print '# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #' . "\n"; print " [c]ode by Gh0s7\n"; print '# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #' . "\n"; exit(0); } sub getArgs { $url = $ARGV[0]; $SSL = $ARGV[1] and $port = 443 if $ARGV[1]; $cFile = $ARGV[2] if $ARGV[2]; checkUpdates() if $url =~ /--update/; #http://host.net:port/path $url =~ s!http.{0,1}://!!; #host.net:port/path if ($url =~ m!.{1,128}:[0-9]{1,5}/.{0,128}!) { my ($ip, $portPath) = split (/:/, $url); my @res = split(/\//, $portPath); $port = $res[0]; $res[0] = ''; foreach (@res) { $path .= $_; } $host = $ip; #host.net/path } elsif ($url =~ m!.{1,128}/.{0,128}!) { my @res = split(/\//, $url); $host = $res[0]; $res[0] = ''; foreach (@res) { $path .= $_; } #host.net:port } elsif ($url =~ m!.{1,128}:[0-9]{1,5}!) { ($host, $port) = split (/:/, $url); #host.net } else { $host = $url; } #$path .= '/' start(); # sub scanFiles(ip, port, path, timeout, cookie) scanFiles($host, $port, $path, 0, $cFile); finish(); } sub head { $totalInd++; my ($file) = @_; my $somesock; my $cookie; my $ip = $host; #cookie files if ($cFile) { open (COOK, "<$cFile") and $cookie = or warn "[!] Cookie file not found, skipping.\n" and undef($cFile); } #ssl check if ($SSL) { $somesock = new IO::Socket::SSL (PeerAddr => $ip, PeerPort => $port, PeerProto => 'tcp', TimeOut => 10) or warn "[!] Connection failed\n" and exit(1); } else { $somesock = new IO::Socket::INET (PeerAddr => $ip, PeerPort => $port, PeerProto => 'tcp', TimeOut => 10) or warn "[!] Connection failed\n" and exit(1); } # Cookie: name=val; name2=val2; #packet my $server_check ="HEAD $path$file HTTP/1.1\n"; $server_check.="Host: $ip\n"; $server_check.="User-Agent: $userAgent\n"; chomp($cookie) if $cFile; $server_check.="Cookie: " . $cookie . "\n" if $cFile; $server_check.="Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\n"; $server_check.="Accept-Language: en-us,en;q=0.5\n"; $server_check.="Accept-Encoding: gzip,deflate\n"; $server_check.="X-Forwarded-For: uber leet pelmeshko host\n"; $server_check.="Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\n\n"; print $somesock $server_check; my $ans = <$somesock>; my $http; #first-time checks, header analyzer if ($firstTime) { print "[*] 404 Probe request to server. Server answering with $ans"; $firstTime = 0 ; ($http, $badAnsCode) = split (/ /, $ans); #print "[*] [DBG] \$badAnsCode:$badAnsCode\n"; my $firstHeaders = 1; while (<$somesock>) { chomp; my $socketStr = $_; foreach (@serverHeaders) { my ($headerName, $content) = split (/:/, $socketStr); if ($headerName eq $_) { print "[*] Server Headers:\n" and $firstHeaders = 0 if $firstHeaders; if ($_ eq 'Set-Cookie') { print "[*] Cookies:$content\n"; next; } print "[*] $headerName:$content\n"; } } } } close $somesock; return $ans; } sub checkUpdates { my $uptodate = 0; my ($pelmeshko, $lastCode, $validateCode); my $validateSock = new IO::Socket::INET (PeerHost => 'someshit.net', PeerPort => 80, PeerProto => 'tcp', TimeOut => 15) or warn "[x] Cant connect to someshit.net" and exit(0); my $headers = "Host: someshit.net\nUser-Agent:SSS Updater\nAccept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\n"; open (CODE, "<$validateFile"); $lastCode = ; chomp $lastCode; close CODE; print $validateSock "GET /sss/updateCode HTTP/1.1\n" . $headers . "\n"; while (<$validateSock>) { chomp; if (/pelmeshko:.{1,128}/) { ($pelmeshko, $validateCode) = split (/:/, $_); if ($lastCode eq $validateCode) { print "[*] $0 version $lastCode is up-to-date; no updates required\n"; $uptodate = 1; last and exit(0); } } } unless ($uptodate) { print "[*] You has $lastCode version. Last version is $validateCode\n"; print "[*] Please, download new version from http://someshit.net/sss/pelmeshko.tgz\n"; } exit(0); } sub start() { my $time = localtime(); print '-' x 45; print "\n[i] Starting scan.\n"; print "[i] Start time: $time\n"; print "[i] Targer host/path: $host$path\n"; print "[i] Targer port/SSL: $port | $SSL\n"; print '-' x 45, "\n"; } sub finish() { my $time = localtime(); print '-' x 45, "\n"; print "[*] Scan finished at $time. Total $totalInd objects scanned\n"; print '-' x 45, "\n"; exit(0); } sub matchAns { my ($code) = @_; my $regexp; foreach (@goodAns) { if ($_ == $badAnsCode) { next; } $regexp .= $_ . '|'; } chop $regexp; #print $regexp; if ($_[0] =~ /$regexp/) { return 1; } else { return 0; } } usage() unless $ARGV[0]; getArgs;PK F7l6A��##pelmeshko/main.txtCommon n031337f1l3 / !!!SEP!!! /a/ /about/ /acart/ /access/ /account/ /achievo/ /address/ /adm/ /admin/ /administration/ /admins/ /AdminWeb/ /alias/ /aliases/ /allow/ /alpha/ /apache/ /application/ /applications/ /arc/ /archive/ /archives/ /article/ /articles/ /audit/ /auth/ /b/ /backup/ /bank/ /beta/ /billpay/ /bin/ /boardroom/ /boot/ /c/ /cache/ /card/ /cards/ /cash/ /catalog/ /cbi-bin/ /cdrom/ /CertControl/ /CertEnroll/ /certsrv/ /cgi/ /cgi-auth/ /cgi-bin/ /cgi-bin2/ /cgi_bin/ /cgi-csc/ /cgi-lib/ /cgi-local/ /cgi-scripts/ /cgi-shl/ /cgi-shop/ /cgi-src/ /cgi-sys/ /cgi-temp/ /cgi-win/ /cgibin/ /chat/ /check/ /citrix/ /class/ /classes/ /client/ /clients/ /closeup/ /code/ /codes/ /component/ /components/ /conf/ /config/ /connect/ /console/ /control/ /css/ /CS/ /cvsweb/ /CVS/ /cybercash/ /d/ /dat/ /data/ /database/ /databases/ /db/ /default/ /demo/ /deny/ /development/ /dir/ /directory/ /dirs/ /disk/ /disks/ /distr/ /distrib/ /DMR/ /doc/ /doc-html/ /docs/ /document/ /documents/ /down/ /download/ /downloads/ /e/ /email/ /emails/ /error/ /errors/ /etc/ /example/ /examples/ /exe/ /f/ /file/ /files/ /films/ /find/ /forum/ /forums/ /forwrite/ /foto/ /fotos/ /g/ /gallery/ /general/ /get/ /global/ /gold/ /group/ /groups/ /guest/ /GXApp/ /gui/ /h/ /HB/ /help/ /hide/ /home/ /host/ /hosts/ /i/ /ibank/ /ibill/ /iisadmin/ /iisadmpwd/ /iishelp/ /iissamples/ /image/ /images/ /img/ /inc/ /include/ /index/ /info/ /ini/ /international/ /ip/ /isapi/ /j/ /java/ /jdbc/ /js/ /jserv/ /jsp/ /k/ /key/ /keys/ /l/ /labs/ /lib/ /library/ /list/ /log/ /Log/ /login/ /logins/ /logon/ /logout/ /logs/ /look/ /m/ /mail/ /Mail/ /mailroot/ /mails/ /makefile/ /master/ /members/ /money/ /mp3/ /mrtg/ /msadc/ /MSMQ/ /mssql/ /mysql/ /n/ /net/ /netcat/ /network/ /new/ /NSearch/ /o/ /odbc/ /oetaki/ /old/ /order/ /orders/ /p/ /pass/ /passport/ /passwd/ /password/ /passwords/ /path/ /paths/ /PBSData/ /PBServer/ /perl/ /perl5/ /phone/ /phones/ /photo/ /php/ /phpBB/ /phpnuke/ /phpproject/ /picture/ /pictures/ /post/ /postgres/ /printer/ /printers/ /priv/ /private/ /product/ /products/ /pub/ /public/ /q/ /r/ /rdp/ /read/ /register/ /registration/ /remote/ /rep/ /report/ /reports/ /res/ /resource/ /resources/ /result/ /results/ /root/ /rpc/ /s/ /sample/ /samples/ /save/ /scripts/ /search/ /secure/ /security/ /send/ /servers/ /service/ /services/ /session/ /sessions/ /set/ /sets/ /setting/ /settings/ /setup/ /shutdown/ /silver/ /slave/ /soft/ /sound/ /source/ /sources/ /src/ /ssl/ /ssi/ /stat/ /stats/ /status/ /style/ /sys/ /sysadmin/ /sysinfo/ /system/ /system32/ /t/ /temp/ /template/ /templates/ /test/ /test-cgi/ /test12/ /ToDo/ /tmp/ /tree/ /trust/ /tsweb/ /u/ /uddi/ /uddipublic/ /update/ /updates/ /upload/ /usage/ /user/ /users/ /util/ /utils/ /v/ /var/ /video/ /view/ /w/ /webaccess/ /webadmin/ /webboard/ /WebBank/ /weblog/ /WebShop/ /write/ /wwwlog/ /wwwroot/ /x/ /xml/ /y/ /z/ /zip/ /_backup/ /_errors/ /_mem_bin/ /_pages/ /_private/ /_scripts/ .bash_history .mysql_history .bash_profile info.php phpinfo.php php.php config.php config.php.inc config.inc.php config.inc config.php~ config.php.inc~ config.inc.php~ config.inc~ robot.txt robots.txt .htaccess .htpasswd .htaccess~ .htpasswd~ /systemadm/ /systemadmin/ /sa/ /systemadministration/ /admin-a/ /includes/ /incs/ /girls/ /girl/ /boy/ /boys/ /ban/ /im/ /logs-a/ /server-status/ /new/ /old/ /service/ /willopen/ /up/ /uploads/ /ups/ /uploaded/ 1/ 123/ qqq/ qwe/ q/ 123321/ 123123/ 2/ 3/ 4/ 5/ 6/ 7/ 8/ 9/ a/ b/ c/ d/ e/ f/ g/ h/ i/ j/ k/ l/ m/ n/ o/ p/ q/ r/ s/ t/ u/ v/ w/ x/ y/ z/ ~root ~nobody ~apache sess/ phpsess/ _sess/ _sessions/ wwwboard/eleeteleetPK �hl6�gX�pelmeshko/updateCode0.5 PK �y�8 pelmeshko/PK 3k6+jS��� (pelmeshko/cgi.txtPK }�6��%+ Spelmeshko/cmd.batPK �ml6���e!e! �pelmeshko/hscan.plPK F7l6A��## 'pelmeshko/main.txtPK �hl6�gX� q5pelmeshko/updateCodePKx�5