break a time, with break the c0de…

DARKJUMPER V5.3 WAS RELEASE AND TUTORIAL BY GUNSLINGER_


well after darkjumper v4.0 was rock up by my big brother , mywisdom .
now i’m and mywisdom developed darkjumper v5.0 (now v5.3) and added more function in darkjumper
with this, i released this tools and some tutorial how to using this tools and what’s new in this version…

Toolname     : darkjumper.py v5.3
Developed by : mywisdom & gunslinger_ <devilzc0de.com c0der>
Released on  : 15 ,February 2010
Download url : https://sourceforge.net/projects/darkjumper/

Function(s)
1. User enumeration(s) guessing based on 4-8 chars trial taken from every site name that host at the same server
2. Scan for sql injection,local file inclusion,remote file inclusion and blind sql injection on every site(s) at the same server
3. CGI and Path(s) Scanning
4. Portscanning
5. Autobruteforcing after user enumeration
6. Autoinjector - autocolumnfinder (mysql) if found mysql bug if found
7. Proxy added
8. Verbocity added
9. IP or proxy checker and GeoIP usefull for checking your IP or your proxy work or not

Additional feature: more fake http user agent(s)
Requirement(s): - python : 2.5.x
		- perl

Now we’re go to tutorial section :

before scanning : make sure you always clearlog before scanning by execute clearlog.py

./clearlog.py

allright folks , now we’re ready to try execute darkjumper and show the option by

./darkjumper.py -h

or

./darkjumper.py --help

and we got like this…

in this version, we have 6 mode. there is :
reverseonly				| Only reverse target no checking bug
surface					| Checking for sqli and blind sqli on every web that host at the same target server
full					| Checking for sqli,blind,rfi,lfi on every web that host at the same target server
cgidirs					| Scanning cgidirs on the target server
enum [number] 				| Guessing possible user enumeration on server (4-8 chars user enumeration)
portscan [startport]-[endport]		| Scanning open port on server target

ok there is any full description on it…

– reverseonly
in this mode, darkjumper only reverse target ip. no checking any bug .
Command is :

./darkjumper.py -t [target] -m reverseonly

Example :

– surface
This mode, darkjumper reverse the target then check sqli (sql injection vulnerability) and blind (blind sql injection vulnerability) on every web that host at the same target server
Good is in this version and up, we’re also trying to finder the column automatic if we got mysql type error ! phew !
Command is :

./darkjumper.py -t [target] -m surface

example :

– full
This mode, darkjumper will reverse target then check CGI path and checking sqli (sql injection vulnerability) , blind (blind sql injection vulnerability) , lfi (local file inclusion) , rfi (remote file inclusion) on every web that host at the same target server . autoinjector or autocolumn finder working to in this mode if we got mysql error.
Command is :

./darkjumper.py -t [target] -m full

Example :

– cgidirs
This mode, darkjumper only checking CGI path checking on your target

Command is :

./darkjumper.py -t [target] -m cgidirs

Example :

– enum
This mode, darkjumper reverse the target then Guessing possible user enumeration on server (4-8 chars user enumeration)

Command is :

./darkjumper.py -t [target] -m enum [number]

Example command :

./darkjumper.py -t [target] -m enum 4

Example :

Note : You can enable autoftpbruteforcing by :

./darkjumper.py -t [target] -m enum [number] -a 

(argument -a is for autoftpbruteforcing)

Example :

– portscan
This mode, darkjumper only checking open port on your target
Command is :

./darkjumper.py -t [target] -m portscan [startport]-[endport]

Example command :

./darkjumper.py -t localhost -m portscan 15-22

Example :

You can make it verbose by :

./darkjumper.py -t localhost -m portscan 15-22 -v

Example :

And you can check your ip and your proxy .
if you wanna check your proxy your command is

./darkjumper.py -p [proxyaddress:port]

or you wanna check your own ip address

./darkjumper.py -c 

You want stop your scanning? simply type this command
killall -9 /usr/bin/python & killall -9 /usr/bin/perl

allright guys that’s it ! hopely you can enjoy !!
Don’t forget to check latest version or report bug @ https://sourceforge.net/projects/darkjumper/

Advertisements

14 responses

  1. come

    ko blh teach me a? i reading python

    April 24, 2010 at 1:37 am

  2. Elliot

    Awesome! Love it!

    May 24, 2010 at 9:40 am

  3. thanks bro… coba dulu…

    June 27, 2010 at 10:49 am

    • Ok bro jangan lupa cek versi terbarunya

      June 28, 2010 at 2:19 am

  4. Sup bro, jst google U out today. This is 9jadarklord from the darkc0de crew b4 it was closed down:(.. Nywaiz, ‘m glad i found U…We need to talk..Can i get ur email addy, its personal. Waiting for ur reply nd i can see darkjumper.py has got a new release. Thumbs Up…

    July 8, 2010 at 9:51 am

  5. Darkjumper.py version 5.8
    Developed by : mywisdom & gunslinger_
    Date version release : Wednesday, 24 Feb 2010 $ 9:13 PM
    Dedicated to darkc0de.com, devilzc0de.org,jatimcrew.org,flash-crew.com, jasakom.com, h4cky0u.org and 0c0de.com
    Traceback (most recent call last):
    File “./darkjumper.py”, line 947, in
    main()
    File “./darkjumper.py”, line 882, in main
    reversemode()
    File “./darkjumper.py”, line 70, in reversemode
    reverse=socket.gethostbyaddr(target)
    socket.gaierror: (-2, ‘Name or service not known’)
    root@bt:~/dark/jumper#
    please help ,i am using backtrack 4 and cannot solve this problem.
    Thanks.

    November 5, 2010 at 2:00 am

    • socket connection to target problem, please use diferrent alternative hostname

      November 8, 2010 at 7:46 pm

  6. Pingback: Darkjumper v5 + tutorial | | Tutorial Blogger | Indonesian Coder Team | Indonesian Hacker Team | Sikuruz.co.tv |

  7. civo

    numpang nanya bro..kok darkjumper yg kupakai error bro..
    seperti ini:
    Darkjumper.py version 5.7
    Developed by : mywisdom & gunslinger_
    Date version release : Wednesday, 24 Feb 2010 $ 9:13 PM
    Dedicated to darkc0de.com, devilzc0de.org,jatimcrew.org,flash-crew.com, jasakom.com, h4cky0u.org and 0c0de.com
    Traceback (most recent call last):
    File “./darkjumper.py”, line 946, in
    main()
    File “./darkjumper.py”, line 878, in main
    reversemode()
    File “./darkjumper.py”, line 70, in reversemode
    reverse=socket.gethostbyaddr(target)
    socket.gaierror: [Errno -2] Name or service not known
    civopras@civopras-Axioo-zetta:~/darkjumper.v5.7$

    mirip kaya kasus diatas..nah ganti hostnamenya di mana bro..mohon petunjuknya..aq pake OS blackbuntu

    February 26, 2011 at 3:30 pm

  8. d00m

    hey bro m having same error with 5.7

    Darkjumper.py version 5.7
    Developed by : mywisdom & gunslinger_
    Date version release : Wednesday, 24 Feb 2010 $ 9:13 PM
    Dedicated to darkc0de.com, devilzc0de.org,jatimcrew.org,flash-crew.com, jasakom.com, h4cky0u.org and 0c0de.com
    Traceback (most recent call last):
    File “./darkjumper.py”, line 946, in
    main()
    File “./darkjumper.py”, line 878, in main
    reversemode()
    File “./darkjumper.py”, line 70, in reversemode
    reverse=socket.gethostbyaddr(target)
    socket.gaierror: [Errno -2] Name or service not known
    civopras@civopras-Axioo-zetta:~/darkjumper.v5.7$

    any fixes?

    March 5, 2011 at 6:40 pm

  9. Ehytr

    Hi ,
    @crankhost@hotmail.com , @civo ,@d00m windows not work darkjumper try linux ;)

    My Problem

    [+] Target hostname : google.com
    [+] Target IP : 209.85.148.147
    [+] Use proxy : None
    [+] Verbocity : False
    [+] Time Starting : 14:46:28
    [+] Trying reverse your target’s ip…
    [+] Please wait…
    ——————————
    [!] Error in connecting site
    [!] Please check internet connections !

    what error ?

    June 9, 2011 at 6:52 pm

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s