+- Sinisterly (https://sinister.ly)
+-- Forum: Hacking (https://sinister.ly/Forum-Hacking)
+--- Forum: Hacking Tools (https://sinister.ly/Forum-Hacking-Tools)
+--- Thread: [HC Official]Vulnerability Scanner (/Thread-HC-Official-Vulnerability-Scanner)
[HC Official]Vulnerability Scanner - The Alchemist - 03-10-2013
Here is the original thread : http://www.hackcommunity.com/Thread-Vulnerability-Scanner-By-The-Alchemist
Lots of members liked this tool so, bluedog.tar.gz told me to make this HC Official. So, I modified the design just a bit so that it looks like a HC Official.
I'd like to thank my friend ande again for helping me out with this.
Here is a screenshot :
Spoiler:
![[Image: i7ry9bOtyRLfP.png]](http://i6.minus.com/i7ry9bOtyRLfP.png)
PHP Code:
<?php
set_time_limit(0);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Vulnerability Scanner</title>
<style type="text/css">
body
{
color: #ffffff;
text-shadow: 2px 2px #000000;
background-color: #282828;
font-family: Arial, Helvetica, sans-serif;
}
pre
{
background-color: #353535;
border: solid 1px #505050;
}
input
{
font-family: Arial, Helvetica, sans-serif;
}
.Button
{
padding: 5px 10px;
background: #303030;
border: solid #101010 1px;
color: #fff;
cursor: pointer;
font-weight: bold;
border-radius: 5px;
-moz-border-radius: 5px;
-webkit-border-radius: 5px;
text-shadow: 1px 1px #000;
}
.Input
{
border: solid #101010 1px;
color: white;
font-weight: bold;
padding: 3px;
background-color: #252525;
}
</style>
</head>
<body>
<div align="center">
<pre>
___ ___ __ _________ .__ __
/ | \_____ ____ | | __ \_ ___ \ ____ _____ _____ __ __ ____ |__|/ |_ ___.__.
/ ~ \__ \ _/ ___\| |/ / / \ \/ / _ \ / \ / \| | \/ \| \ __< | |
\ Y // __ \\ \___| < \ \___( <_> ) Y Y \ Y Y \ | / | \ || | \___ |
\___|_ /(____ /\___ >__|_ \ \______ /\____/|__|_| /__|_| /____/|___| /__||__| / ____|
\/ \/ \/ \/ \/ \/ \/ \/ \/
Vulnerability Scanner Coded By The Alchemist</pre>
<form method="POST" action="">
Enter URL : <input type="text" name="url" value="<?php if(isset($_POST['url'])){echo(htmlentities($_POST['url']));}?>"
placeholder="http://example.com/index.php?id=1" size="75" class="Input" />
<input type="submit" name="submit" value="Scan" class="Button" />
</form>
<br />
<?php
##Coded by The Alchemist
##Thanks again ande
class Vulnscanner
{
private $sql = array("'",'"');
private $rfi = array("http://www.facebook.com");
private $lfi = array("../etc/passwd",
"../../etc/passwd",
"../../../etc/passwd",
"../../../../etc/passwd",
"../../../../../etc/passwd",
"../../../../../../etc/passwd");
private $xss = array("'\"/><img src=\"http://owned.com\"/>");
private $sqlerrors = array("mysql_", "You have an error in your SQL syntax",
"SQL Error", "Database Error", "supplied argument is not a valid MySQL result resource");
private $rfierrors = array("Welcome to Facebook - Log In, Sign Up or Learn More", "failed to open stream: No such file or directory");
private $lfierrors = array("root:x:0:0:root:", "failed to open stream: No such file or directory");
private $xsserrors = array("<img src=\"http://owned.com\"/>");
public function isvalid($link)
{
if(filter_var($link,FILTER_VALIDATE_URL) && strstr($link,"="))
return true;
return false;
}
private function getcontents($link)
{
$agent= 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0';
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_URL,$link);
$result=curl_exec($ch);
return $result;
}
private function errorcheck($url,$addtourl,$errorar)
{
foreach($addtourl as $val)
{
$link = $url.$val;
$contents = $this->getcontents($link);
foreach($errorar as $err)
{
if(strstr($contents, $err))
return true;
}
}
return false;
}
public function issqlvulnerable($link)
{
$orig = $link;
if($this->errorcheck($orig,$this->sql,$this->sqlerrors))
echo htmlentities($orig) ." <span style=\"color: red;\">might</span> be vulnerable to SQL Injection.<br />";
else
echo htmlentities($orig) ." is probably <span style=\"color: red;\">NOT</span> vulnerable to SQL Injection.<br />";
}
public function isrfivulnerable($link)
{
$orig = $link;
$link = substr($link,0,strpos($link,'=')+1);
if($this->errorcheck($link,$this->rfi,$this->rfierrors))
echo htmlentities($orig) ." <span style=\"color: red;\">might</span> be vulnerable to RFI.<br />";
else
echo htmlentities($orig) ." is probably <span style=\"color: red;\">NOT</span> vulnerable to RFI.<br />";
}
public function islfivulnerable($link)
{
$orig = $link;
$link = substr($link,0,strpos($link,'=')+1);
if($this->errorcheck($link,$this->lfi,$this->lfierrors))
echo htmlentities($orig) ." <span style=\"color: red;\">might</span> be vulnerable to LFI.<br />";
else
echo htmlentities($orig) ." is probably <span style=\"color: red;\">NOT</span> vulnerable to LFI.<br />";
}
public function isxssvulnerable($link)
{
$orig = $link;
$link = substr($link,0,strpos($link,'=')+1);
if($this->errorcheck($link,$this->xss,$this->xsserrors))
echo htmlentities($orig) ." <span style=\"color: red;\">might</span> be vulnerable to XSS.<br />";
else
echo htmlentities($orig) ." is probably <span style=\"color: red;\">NOT</span> vulnerable to XSS.<br />";
}
} // END OF CLASS
if(isset($_POST['url']) && isset($_POST['submit']))
{
$obj = new Vulnscanner();
$link = $_POST['url'];
if($obj->isvalid($link))
{
$obj->islfivulnerable($link);
$obj->isxssvulnerable($link);
$obj->issqlvulnerable($link);
$obj->isrfivulnerable($link);
}
else
{
echo "<span style=\"color: red;\">". htmlentities($link) ." is not a valid link.</span>";
}
}
?>
<br /><br /><br /><br /><br /><br /><br /><br />
<br /><br /><br /><br /><br /><br /><br /><br />
<br /><br /><br />
<a href="http://www.hackcommunity.com"><span style=\"color: red;\">Hack Community</span></a>
</div>
</body>
</html>
FEEDBACK WOULD BE APPRECIATED!! It'll help me to make an updated version of this.
RE: [HC Official]Vulnerability Scanner - Ex094 - 03-10-2013
Nice man, Good Job! I hope bluedog makes it an official tool
too bad no one replied to my HC Official Hash cracker post under the Your Official HC Tools thread 
RE: [HC Official]Vulnerability Scanner - The Alchemist - 03-10-2013
(03-10-2013, 07:34 AM)Ex094 Wrote: Nice man, Good Job! I hope bluedog makes it an official toolThanks man.
Mine is already an HC Official I guess.
And about your Hash Cracker. I'm sure Deque will reply to it.
And I think there are some restrictions about posting in http://www.hackcommunity.com/Forum-Official-HC-Programs like you need to be a member of HC Dev group or something like that(I'm not sure though, ask Deque).
All the best.
RE: [HC Official]Vulnerability Scanner - hadryboyz - 03-12-2013
Hello I had upload the code in my server,but nothing appear,just broken link?how?
can u give me the link that u already made for this scanner?
RE: [HC Official]Vulnerability Scanner - Deque - 03-12-2013
(03-10-2013, 07:34 AM)Ex094 Wrote: Nice man, Good Job! I hope bluedog makes it an official tool
Mh, I assumed bluedog would be the one to decide that. I will ask him if that's his decision or mine. Up to now he decided about HC Official tools.
RE: [HC Official]Vulnerability Scanner - The Alchemist - 03-12-2013
(03-12-2013, 12:36 PM)hadryboyz Wrote: Hello I had upload the code in my server,but nothing appear,just broken link?how?
can u give me the link that u already made for this scanner?
Name your file with .php extension. Example vuln.php and not vuln.txt or vuln.php.txt
And then upload it in your public_html folder. The link should be like this : http://yoursitename.com/vuln.php
Its better if you use it from your localhost if you have XAMPP or WAMP in your computer. Most free host providers do not allow the set_time_limit(0) function and some curl options.
RE: [HC Official]Vulnerability Scanner - nasrul07 - 03-16-2013
i found error scan this alert : Fatal error: "Fatal error: Call to undefined function curl_init() in C:\xampp\htdocs\scan.php on line 108"
can u explain ????
RE: [HC Official]Vulnerability Scanner - LiXon - 03-17-2013
(03-16-2013, 07:33 PM)nasrul07 Wrote: i found error scan this alert : Fatal error: "Fatal error: Call to undefined function curl_init() in C:\xampp\htdocs\scan.php on line 108"
can u explain ????
Yes, here is the solution :
Step 1. Stop all Xampp services: Apache, Mysql, Filezilla, and Mercury.
Step 2. Open the following files in your editor of choice. (Replace C:\xampp with the location of your xampp install)
Code:
C:\xampp\apache\bin\php.ini
C:\xampp\php\php.ini
C:\xampp\php\php5.ini
C:\xampp\php\php4\php.ini
C:\xampp\php\php4\php4.iniCode:
old line – ;extension=php_curl.dll
new line – extension=php_curl.dll
RE: [HC Official]Vulnerability Scanner - The Alchemist - 03-18-2013
(03-16-2013, 07:33 PM)nasrul07 Wrote: i found error scan this alert : Fatal error: "Fatal error: Call to undefined function curl_init() in C:\xampp\htdocs\scan.php on line 108"PHP cURL has to be enabled.
can u explain ????
(03-17-2013, 01:04 PM)LiXon Wrote:Thanks for answering it before me.(03-16-2013, 07:33 PM)nasrul07 Wrote: i found error scan this alert : Fatal error: "Fatal error: Call to undefined function curl_init() in C:\xampp\htdocs\scan.php on line 108"
can u explain ????
Yes, here is the solution :
Step 1. Stop all Xampp services: Apache, Mysql, Filezilla, and Mercury.
Step 2. Open the following files in your editor of choice. (Replace C:\xampp with the location of your xampp install)
Step 3. Find the following code in each of the files, and remove the ; (semicolon) at the beginning of the line.Code:C:\xampp\apache\bin\php.ini
C:\xampp\php\php.ini
C:\xampp\php\php5.ini
C:\xampp\php\php4\php.ini
C:\xampp\php\php4\php4.ini
Step 4. Start your apache services and try again your script.Code:old line – ;extension=php_curl.dll
new line – extension=php_curl.dll
I wonder why XAMPP disables PHP cURL by default. If they had to disable it, why was it made at all?
RE: [HC Official]Vulnerability Scanner - zomgwtfbbq - 03-18-2013
(03-18-2013, 06:55 AM)The Alchemist Wrote:Performance reasons, if all extensions were enabled by default the server would be much slower.(03-16-2013, 07:33 PM)nasrul07 Wrote: i found error scan this alert : Fatal error: "Fatal error: Call to undefined function curl_init() in C:\xampp\htdocs\scan.php on line 108"PHP cURL has to be enabled.
can u explain ????
(03-17-2013, 01:04 PM)LiXon Wrote:Thanks for answering it before me.(03-16-2013, 07:33 PM)nasrul07 Wrote: i found error scan this alert : Fatal error: "Fatal error: Call to undefined function curl_init() in C:\xampp\htdocs\scan.php on line 108"
can u explain ????
Yes, here is the solution :
Step 1. Stop all Xampp services: Apache, Mysql, Filezilla, and Mercury.
Step 2. Open the following files in your editor of choice. (Replace C:\xampp with the location of your xampp install)
Step 3. Find the following code in each of the files, and remove the ; (semicolon) at the beginning of the line.Code:C:\xampp\apache\bin\php.ini
C:\xampp\php\php.ini
C:\xampp\php\php5.ini
C:\xampp\php\php4\php.ini
C:\xampp\php\php4\php4.ini
Step 4. Start your apache services and try again your script.Code:old line – ;extension=php_curl.dll
new line – extension=php_curl.dll
I wonder why XAMPP disables PHP cURL by default. If they had to disable it, why was it made at all?