Follow us on Twitter!
Never in the field of human conflict was so much owed by so many to so few. - Winston Churchill
Sunday, April 20, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 26
Guests Online: 25
Members Online: 1

Registered Members: 82843
Newest Member: hx47
Latest Articles
View Thread

HellBound Hackers | Computer General | Programming

Author

Creating CGI-Bin Exploit Scanner


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-09-05 04:25
hey guys. i wanna make my own cgi exploit scanner from the exploits in my article i wrote. how can i do this in VB? first of all i want them to imput a domain name in a textbox and then have it add on the exploit so that it would be site.com/exploit or w/e. Then display in a box whether it displays a 404, 403, or EXPLOIT FOUND. Any ideas where to start?

thanks

BlackACe227


Author

RE: Creating CGI-Bin Exploit Scanner


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-09-05 06:36
Well step 1, figure out what programming language u want to do this in... ill write u up 2 easy examples in VB, C++.


I am not to good with sockets in C++ seeing as my C++ is becoming rather sluggish after not practicing but ill show u how to add 2 strings together..


VB:
Make a textbox and the button and everything and add this to the button. also have a webbrowser control somewhere on the form.
Code

Dim a as string
Dim b as string
Dim c as string
b = "/exploit"
a = text1.text
c = a+b
WebBrowser1.Navigate c




that will just get whatever the user typed in the textbox and add the exploit specified in the variable b and then navigate to it.

C++:
Code

#include <iostream.h>

using namespace std;

int main()
{
char a[256];
char* b[256];
char* c[256];
b = "/exploit";
cout<<"Please enter the URL to be exploited (e.g. www.google.com): ";
cin.getline(a, 256, '\n');
c = a + b;
cout<<"[!] Beggining exploit against "<<a<<"\n";

// Winsck navigation code here

return 0;
}








Edited by on 25-09-05 06:37
Author

RE: Creating CGI-Bin Exploit Scanner


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-09-05 08:38
i use VB6. i got all that you said. now i got a new question. like lets say i put in www.hellboundhackers.org. the first thing it does is add an /admin to the domain name. so it would be www.hellboundhackers.org/admin and it would popup and u would get a 404. the first textbox is for the domain name. the second box is for the displaying of attempting the exploit. i also have a webbrowser control. i also have a 3rd textbox so that it will display saying 404 instead of page not desplayed. so the program will open the link, see if its a real page, and then say in the third page 404,403,EXPLOIT found. i also wish to string them all together so i push a button and 200 exploits are loaded up and run one after another. any ideas on any of this?


Author

RE: Creating CGI-Bin Exploit Scanner


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-09-05 08:46
Here is php:
Code
<?php

if(isset($_POST['domain'])) {
$domain = $_POST;
}

if(isset($domain)) {

//do the exploits

} else {
?><html><body><form action="thispage.php" method="post">Domain: <input type="text" name="domain" size="50" /><br /><input type="submit" value="go" /></form></body></html>
<?php } ?>





Author

RE: Creating CGI-Bin Exploit Scanner


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-09-05 15:51
i need VB lol.