Сообщений в теме: 2

[AFoST]

Цитата

#! /usr/bin/perl

# hack_mail.ru.pl
# © drmist/STNC 2007
# web: www.security-teams.net

use POSIX qw(setlocale strftime LC_TIME);
use MIME::Base64;
use IO::Socket;
use DBI;

$db_host = "localhost";
$db_name = "mail_hack";
$db_user = "root";
$db_pass = "";

$proxy_host = "127.0.0.0.1";
$proxy_port = 8080;
$proxy_login = "root";
$proxy_pass = "";

@urls = ("http://otvet.mail.ru...stion/--NUM--/", "http://soft.mail.ru/...--NUM--&full=1");

if((scalar(@ARGV) != 1)||(($ARGV[0] != 0)&&($ARGV[0] != 1))) {
usage();
exit;
}

setlocale(LC_TIME, "POSIX");

$target = $ARGV[0];
$url_mask = $urls[$target];
$start = 1 - $target;
$end = $target ? 237125 : 6981583;
$plus = $target ? 25 : 1;
$tbl = ($target ? "soft" : "otvet");

$db = DBI->connect("DBI:mysql:$db_name:$db_host", $db_user, $db_pass) or die "Error connecting to database";

print "\nAttacking $tbl.mail.ru ...\n";
$tbl .= "_last";

for(;;) {
$db->do("LOCK TABLES $tbl WRITE");

$st = $db->prepare("SELECT id FROM $tbl LIMIT 1");
$st->execute();
$st->bind_columns(undef, \$i);
$st->fetch();

$db->do("UPDATE $tbl SET id = id + $plus");
$db->do("UNLOCK TABLES");

if($i > $end) { last; }
$page = 1;

for(;;) {
   $url = $url_mask;
   $url =~ s/--NUM--/$i/;
if($page > 1) { $url .= "?pg=$page"; }

   print "\n[".strftime("%H:%M:%S %d/%m/%y", localtime())."] $url\n\n";

   $data = get($url);
   if(@found = ($data =~ /http\:\/\/www\.mail\.ru\/agent\?message\&to\=\*?([^\'\"]+)/g)) {
     $query = "";
     foreach $curr(@found) {
    if($curr =~ /\<\/a\>\<\/noindex\>/) { next; }
$curr = del_end_dots($curr);
    print "$curr\n";
       if($query) { $query .= ", "; }
    $query .= "('$curr')";
     }
     $db->do("REPLACE mails VALUES ".$query);
   }

$page++;
unless(($target == 0)&&
  ($data =~ /\<a href=\"\/question\/$i\/\?pg\=$page\"\>/)) {
  last;
}
}
}

$db->disconnect;

print "\nAll done\n";
exit;

#sub timeout() { close $sock; }

sub get() {
local $url = $_[0];
return $proxy_host ? proxy_get($url) : http_get($url);

}

sub http_get()
{
local $request = $_[0];
local $port = 80;
local $data = "";
local $sock;

if(local($server, $url) = $request =~ /^http\:\/\/([^\/]+)\/(.+)$/)
{
if($server =~ /^([^\:]+)\[0-9]{2,5})$/){ $server = $1; $port = $2; }

$sock = IO::Socket::INET->new(
   PeerAddr => $server,
   PeerPort => $port,
   Proto => 'tcp',
   Type => SOCK_STREAM,
   TimeOut => $timeout
) or return 0; # connection failed

print $sock "GET /$url HTTP/1.0\r\nHost: $server\r\n\r\n";

#$SIG{ALRM} = \&timeout; alarm 10;
while(<$sock>){ $data .= $_; }
#alarm 0;
close $sock;
}

return $data;
}

sub proxy_get()
{
local $url = $_[0];
local $data = "";
local $sock = IO::Socket::INET->new(
   PeerAddr => $proxy_host,
   PeerPort => $proxy_port,
   Proto => 'tcp',
   Type => SOCK_STREAM,
   TimeOut => $timeout
) or return 0; # connection failed

print $sock "GET $url HTTP/1.0\r\n";

if($proxy_login) {
   print $sock "Proxy-Authorization: Basic ".encode_base64("$proxy_login:$proxy_pass")."\r\n"
}

print $sock "\r\n";

while(<$sock>){ $data .= $_; }
close $sock;

return $data;
}

sub del_end_dots() {
local $str = $_[0];
local $len = length($str);

while(($len > 0)&&(substr($str, $len - 1, 1) eq ".")) {
   $str = substr($str, 0, --$len);
}

return $str;
}

sub usage() {
print "Usage: $0 <target>\n\n";
print "Targets: \n";
print "  0 - otvet.mail.ru\n";
print "  1 - soft.mail.ru\n";
}

Цитата

CREATE TABLE `mails` (
`email` varchar(64) NOT NULL,
UNIQUE KEY `email` (`email`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

CREATE TABLE `otvet_last` (
`id` int(11) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

INSERT INTO `otvet_last` (`id`) VALUES
(1);

CREATE TABLE `video_last` (
`id` int(11) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

INSERT INTO `video_last` (`id`) VALUES
(1);

]]>http://www.security-...?showtopic=5118]]>

[kiberon]

а как его скомпилировать?

[Pernat1y]

kiberon (3.12.2008, 18:21) писал:

а как его скомпилировать?

его не надо компилить. он ]]>перлом]]> запускаеться