Exploit grabber

**TheKlown** · September 22nd, 2006, 09:52 PM

This program will check the milw0rm database for exploits and then give you a list of exploits. You then tell it which exploit you would like and the script will fetch the exploit from milw0rm for you and save it to your hard drive.

Code:

#!/usr/bin/ruby
#Programmed by: TheKlown
require 'net/http'
require 'uri'

class Milw0rmResults
	def initialize(id, des, link, site)
		@id			=id
		@des		=des
		@link		=link
		@site		=site
	end
	
	def getID()
		return @id
	end
		
	def getDes()
		return @des
	end
	
	def getExploit()
		url = URI.parse(@site)
    res = Net::HTTP.start(url.host, url.port) {|http|
      http.get(@link)
    }
    return res.body
	end
end

class Milw0rm
	def initialize(site)
		@site =site
		@sResult
	end
	
	def Search(search)
		res =Net::HTTP.post_form(URI.parse(@site), {'dong'=&gt;search});
		@sResult =res.body();
	end
	
	def getList()
		search =[]
		@sResult [email protected]('&lt;TR class=submit&gt;')
		
		#Once we have located the position that the search result starts at we then find its length and drop 2 of this
		#the reasion we need to do this is because the last search result needs to be handled seperatly
		max [email protected]
		max -=1
		#process the search results and store them in Milw0rmSearch
		for i in 1..max			
			tmp =@sResult[i].split('&lt;TD nowrap="nowrap" width=62 class=style14&gt;')
			tmp =tmp[1].split('&lt;/TD&gt;&lt;TD nowrap="nowrap" width=375&gt;')
			
			des =tmp[1].split('&gt;')
				
			link =des[0].split('&lt;a href=')
			link =link[1].split(' target=')
			link =link[0]

			des =des[1].split('&lt;/A') #the description is stored in des[0]
			
			search[i] =Milw0rmResults::new(i, des[0], link, @site)
		end
		return search
	end
end

def Intro()
	result ="Exploiter v1\n"
	result +="Programmed by: Spider\n"
	result +="irc: irc.hackedyourbox.net\n"
	result +="A product of:\n\t"
	result +="www.cyber-t3ch.net www.hackedyourbox.net www.striknyne.net & www.j4ck4lz.net\n"
	return result;
end

#a function to remove all the html **** from the bottom
def removeBottom(str)

	count =0
	tmp =str.reverse #reverse the string so we can work from the top
	str =""
	tmp.each{ |i|
		if(count &gt;3) #once we have read the first two lines in we can start saving the file again
			str +=i
		end
			count +=1
	}

	return str.reverse #reverse the file again so its the correct way up
end

print(Intro(), "\n")

print("Exploit&gt;")
find =gets
find =find.split("\n")

#Exploiter starts here
milw0rm =Milw0rm::new("http://www.milw0rm.com/search.php")
milw0rm.Search(find[0])
exploits =milw0rm.getList()

max =exploits.length
max -=1
for i in 1..max
	print(exploits[i].getID() ," : " ,exploits[i].getDes() ,"\n")
end

id =0
while(id.to_i &gt;max or id.to_i ==0)
	print("(press q to exit)\n")
	print("exploit ID&gt; ")
	id =gets
	if(id =="q\n")
		exit 1
	end
end

print("Filename&gt; ")
filename =gets
filename =filename.split("\n") #we need to remove the new line from the filename

outfile =File::new(filename[0], 'w')
count =0
ex =exploits[id.to_i].getExploit()
ex =removeBottom(ex) #we need to remove all the html **** from the bottom of the file
ex.each{ |i|
	if(count &gt;4) #drop the first four lines from the file, this is so we dont get all the html **** in the file
		outfile.write(i)
	end

	count +=1
}

outfile.close()

**loverboy** · September 22nd, 2006, 09:54 PM

I don't think we are supposed to post things like that.

**TheKlown** · September 22nd, 2006, 09:59 PM

why not? This forum did say programming security, and this can be seen as a security app. So why cant we post it? Cant we share our creations with other members on this site?

**nihil** · September 22nd, 2006, 11:02 PM

why not? This forum did say programming security, and this can be seen as a security app. So why cant we post it? Cant we share our creations with other members on this site?

http://www.hackedyourbox.net/viewtop...ight=exploiter

Because it is not your creation for a start? We don't like plagiarism, and can find skiddie sites all on our own thankyou.

And this is not "programming security" by any stretch of the imagination

**TheKlown** · September 22nd, 2006, 11:09 PM

haha, you should of looked at the email address of the person on that site, it is mine i posted it there. I just used a different handle on this site. So next time you start to accuse someone of plagiarism make sure they didnt plagiaris there own work. Oh and if you dont believe me http://www.hackedyourbox.net/profile...ewprofile&u=10 and look at the email address, and then look at my email address for this board.

And how is this not? It is a program that interacts with a security site to aid you in security, is it not?

Oh and if im a skiddie, would i be able to code something that does this? Would the fact that im a skiddie say that i cant code my own ****?

**Negative** · September 22nd, 2006, 11:15 PM

It doesn't show an e-mail address on that profile

**TheKlown** · September 22nd, 2006, 11:18 PM

damn ****ing n00b, click on the button that says email. or go to http://www.cyber-t3ch.net i also use the name spider there and look at the email there, or http://www.hak5.org i use the name spider there as well and look at email. or forum.milw0rm.com i use spider there as well and look at email

damn n00b

oh and by the way **** off EliteHackers.info owns this gay ****ing site. damn n00b should learn to do some basic search's before calling someone a skiddie. Is it just that you cant understand how i made the scriupt and that you cant understand some people use other handles for why i must of stole it? Damn n00b die

***dalek*** · September 22nd, 2006, 11:22 PM

Is this some of your stuff?

Chaosdog well how about i do some embarassing then, next time you want to flood one of my chat sites make sure you do a good job of it, and learn how to ****ing lock as well, you couldnt even get that right. Now why dont you take your ****ing gay ass little script kiddie tools somewhere else and stay the **** out of my ****, oh wait you wont be getting back into apollo anyway seeing as i have your ip from this forum it wont take me long to add you to the ban list. And chaosdog as for the defacments, what have you done apart from a freeewebs site that you made and a forum that you help mod?

Real Uber stuff

skiddie: A rose by any other name is still a rose....

**TheKlown** · September 22nd, 2006, 11:24 PM

yeh but i dont see what that has to do with this? maybe next time you should find out the reasion behind things

instead of bringing things that have nothing to do with it into something. Like i said go there to check the emails. Not find some random post where i was telling some fag to stay out of one of my sites because of his actions and then try to through that up as prove that im a skiddie

Oh and what was the point in that link? all it shows is i told someone to stay out of my sites because of what they done.

**nihil** · September 22nd, 2006, 11:32 PM

So, next time you start to accuse someone of plagiarism, make sure they didnt plagiarise their own work.

The onus is on the poster to claim that it is their own work. There is too much of this cut and pasting going on...........you should respect sites that are vigilant enough to care about protecting your intellectual property credits, and don't expect them to check the fine details. The onus is on YOU to tell people if it is elsewhere under another nick. Also look at the terms of that site, we don't want to get into battles over content rights?

On this site, the thread you chose is for program and application security. What you have posted is a "tool" that would more comfortably belong in "Miscellaneous Security Discussions", as it is a security related "tool".

Thread: Exploit grabber

Thread Tools

Display

Exploit grabber

Posting Permissions