PHP SHELL FINDER FOR NEWBIES FROM TEAM OPENFIRE
BY NU11_()_V0!D
It's Automated PHP shell finder by crawling Google.com.
Can save a huge amount of time for newbies and also relief for Pors or 1337s [Do Not Disturb].
Its coded is Perl and Use Linux .. [My Recommendation for this]
The found shell will be listed on a auto generated HTML file.
Enjoy.. !!!
@nu11_()_v0!d
CODE:
#!/usr/bin/perl
use strict;
use warnings;
use LWP::UserAgent;
usage() unless $ARGV[2];
my @searchTerm;my @checkTerm;
if(lc($ARGV[0]) eq "r57") {
push(@searchTerm, "inurl:r57.php");
push(@searchTerm, "\"[ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ]\"");
push(@searchTerm, "intitle:r57shell");
push(@checkTerm, "r57");
push(@checkTerm, "safe_mode");
} elsif(lc($ARGV[0]) eq "c99") {
push(@searchTerm, "inurl:c99.php");
push(@searchTerm, "\"Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout\"");
push(@searchTerm, "intitle:\" - phpshell\"");
push(@searchTerm, "intitle:\" - c99shell\"");
push(@checkTerm, "c99");
push(@checkTerm, "Safe-mode");
} elsif(lc($ARGV[0]) eq "mys") {
push(@searchTerm, "\"Auto error traping enabled\"");
push(@searchTerm, "intitle:\"MyShell 1.1.0 build 20010923\"");
push(@checkTerm, "MyShell");
push(@checkTerm, "Echo commands");
} elsif(lc($ARGV[0]) eq "phs") {
push(@searchTerm, "intitle:\"PHP Shell 1.5\"");
push(@searchTerm, "intitle:\"PHP Shell 1.6\"");
push(@searchTerm, "intitle:\"PHP Shell 1.7\"");
push(@searchTerm, "\"Enable stderr-trapping?\"");
push(@checkTerm, "PHP Shell");
push(@checkTerm, "Choose new working");
} elsif(lc($ARGV[0]) eq "phm") {
push(@searchTerm, "\"PHPShell by Macker\"");
push(@searchTerm, "\"[ Main Menu ] [ PHPKonsole ] [ Haxplorer ]\"");
push(@checkTerm, "Haxplorer");
push(@checkTerm, "PHPKonsole");
} elsif(lc($ARGV[0]) eq "rem") {
push(@searchTerm, "intitle:\"phpRemoteView: \"");
push(@searchTerm, "\"REMVIEW TOOLS\"");
push(@checkTerm, "phpRemoteView");
push(@checkTerm, "perms");
}
if(!@searchTerm) {
print "Error: [shell to find] is a unknown shell\n" and die;
}
my $outputOn;
if(lc($ARGV[1]) eq "on") {
$outputOn = 1;
} elsif(lc($ARGV[1]) eq "off") {
$outputOn = 0;
} else {
print "Error: [screen output] must be \"on\" or \"off\"\n" and die;
}
my $outputFile;
if(index(lc($ARGV[2]), ".htm") > 0) {
$outputFile = $ARGV[2];
} else {
print "Error: [output HTML file] must be *.htm or *.html\n" and die;
}
open(FILEHANDLE, ">$outputFile");
print FILEHANDLE "PHP Shell's \n";close FILEHANDLE;
my $userAgent = LWP::UserAgent->new;$userAgent->agent("User-Agent=Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.5) Gecko/20061201 Firefox/2.0.0.5");
my @resultLinks;
foreach(@searchTerm) {
print "[*] Query for \"$_\"\n" if($outputOn == 1);
my $isLastPage = 0;
for(my $gPage = 0; ; $gPage++) {
if($isLastPage == 1) { last; }
my $gRequest = HTTP::Request->new(GET => "http://www.google.com/search?q=$_&start=$gPage"."0");
my $gResource = $userAgent->request($gRequest);
if($gResource->is_success) {
my @gContent = split(""
, $gResource->content);
if(@gContent < 10) { $isLastPage = 1; };
for(my $gPiece = 1; $gPiece < @gContent; $gPiece++) {
my $shellLink = substr($gContent[$gPiece], index($gContent[$gPiece], "href=\"") + 6);
$shellLink = substr($shellLink, 0, index($shellLink, "\""));
print "[*] Check status of site \"$shellLink\"\n" if($outputOn == 1);
my $sRequest = HTTP::Request->new(GET => $shellLink);
my $sResource = $userAgent->request($sRequest);
if($sResource->is_success) {
if(index($sResource->content, $checkTerm[0]) != -1 && index($sResource->content, $checkTerm[1]) != -1) {
open(FILEHANDLE, ">>$outputFile");
print FILEHANDLE "Link: $shellLink\">$shellLink
\n";
print FILEHANDLE "Search Term: $_\n";
close FILEHANDLE;
print "[+] Found shell: $shellLink\n" if($outputOn == 1);
} else {
print "[-] No shell\n" if($outputOn == 1);
}
} else {
print "[-] Offline\n" if($outputOn == 1);
}
}
sleep 20; #wait 20 seconds so google dont think we are a bot
} else {
print "Unable to query google\n" and die;
}
}
}
open(FILEHANDLE, ">>$outputFile");
print FILEHANDLE "
sub usage {
print qq(Find PHP Shells via Google - by nu11_()_v0!d (http://www.openfire-security.net)
Usage: perl $0 [shell to find] [screen output] [output HTML file]
[shell to find] can be:
r57 - find r57shell
c99 - find c99shell
mys - find MyShell
phs - find PHP Shell
phm - find PHPShell (Macker)
rem - find phpRemoteView
[screen output] can be:
on - every step the script doas get printed on the screen
off - no output, the script just writes to the output file
[output HTML file] must be:
*.htm or *.html
Example: perl $0 c99 on c99shells.htm
perl $0 mys off manyshells.htm
) and exit;
}
