| Author |
Creating CGI-Bin Exploit Scanner |
BlackAce227
Member
Posts: 332
Location: 127.0.0.1
Joined: 01.12.04
Rank: Hacker Level 1 |
|
hey guys. i wanna make my own cgi exploit scanner from the exploits in my article i wrote. how can i do this in VB? first of all i want them to imput a domain name in a textbox and then have it add on the exploit so that it would be site.com/exploit or w/e. Then display in a box whether it displays a 404, 403, or EXPLOIT FOUND. Any ideas where to start?
thanks
BlackACe227
~Admin And Moderator of www.blackacesecurity.com~
|
 
|
| Author |
RE: Creating CGI-Bin Exploit Scanner |
Haykuro
Member
Posts: 177
Location:
Joined: 04.03.05
Rank: HBH Guru |
|
Well step 1, figure out what programming language u want to do this in... ill write u up 2 easy examples in VB, C++.
I am not to good with sockets in C++ seeing as my C++ is becoming rather sluggish after not practicing but ill show u how to add 2 strings together..
VB:
Make a textbox and the button and everything and add this to the button. also have a webbrowser control somewhere on the form.
Dim a as string
Dim b as string
Dim c as string
b = "/exploit"
a = text1.text
c = a+b
WebBrowser1.Navigate c
that will just get whatever the user typed in the textbox and add the exploit specified in the variable b and then navigate to it.
C++:
#include <iostream.h>
using namespace std;
int main()
{
char a[256];
char* b[256];
char* c[256];
b = "/exploit";
cout<<"Please enter the URL to be exploited (e.g. www.google.com): ";
cin.getline(a, 256, '\n');
c = a + b;
cout<<"[!] Beggining exploit against "<<a<<"\n";
// Winsck navigation code here
return 0;
}
"If we live to die, do we die to live?" - Haykuro
Edited by Haykuro on 25-09-05 06:37 |
 
|
| Author |
RE: Creating CGI-Bin Exploit Scanner |
BlackAce227
Member
Posts: 332
Location: 127.0.0.1
Joined: 01.12.04
Rank: Hacker Level 1 |
|
i use VB6. i got all that you said. now i got a new question. like lets say i put in www.hellboundhackers.org. the first thing it does is add an /admin to the domain name. so it would be www.hellboundhackers.org/admin and it would popup and u would get a 404. the first textbox is for the domain name. the second box is for the displaying of attempting the exploit. i also have a webbrowser control. i also have a 3rd textbox so that it will display saying 404 instead of page not desplayed. so the program will open the link, see if its a real page, and then say in the third page 404,403,EXPLOIT found. i also wish to string them all together so i push a button and 200 exploits are loaded up and run one after another. any ideas on any of this?
~Admin And Moderator of www.blackacesecurity.com~
|
|
|
| Author |
RE: Creating CGI-Bin Exploit Scanner |
JohnC
Member
Posts: 1
Location:
Joined: 21.09.05
Rank: Apprentice |
|
|
Here is php: <?php
if(isset($_POST['domain'])) {
$domain = $_POST;
}
if(isset($domain)) {
//do the exploits
} else {
?><html><body><form action="thispage.php" method="post">Domain: <input type="text" name="domain" size="50" /><br /><input type="submit" value="go" /></form></body></html>
<?php } ?>
//ruby on rails owns |
|
|
| Author |
RE: Creating CGI-Bin Exploit Scanner |
BlackAce227
Member
Posts: 332
Location: 127.0.0.1
Joined: 01.12.04
Rank: Hacker Level 1 |
|
i need VB lol.
~Admin And Moderator of www.blackacesecurity.com~
|
|
|
Main:
