reverse.pl
Chạy perl reverse.pl -s target.com -o file.txt
#!/usr/bin/env perl# RitX - Reverse IP Tool v1.3# Copyright (C) 2011-2012# r0b10S-12 <r12xr00tu@gmail.com># #p0c.cc# Change Log:# 1.3:# Rename the script to RitX.# Rewrite the entire code.# Now RitX is command line tool.# Better performance.# add the multi-threading functions.# Now results are more accurate.# Fix all broken Regex and bugs.# 1.2:# Added 2 more websites .# Removed all dead services .# Fix some bugs.# Made some changes.# 1.0:# Rit initial release.
print "\n\t+-----------------------------+\n";print "\t| RitX 1.3 |\n";print "\t| Coded by r0b10S-12 |\n";print "\t+-----------------------------+\n\n";#use threads ( stack_size => 4096 );#use threads::shared;use LWP ();#use warnings;#use strict;#use LWP::ConnCache ();#use Getopt::Long;# Provide a friendly message for missing modules...my @Modules = ("threads","threads::shared","Getopt::Long","LWP::ConnCache");foreach $module (@Modules){$can = eval "use $module;1;";if ($can && $module =~ /threads/){# Do processing using threads$usethreads = 1;}elsif(!$can && $module =~ /threads/){# Do it without using threads$usethreads = 0;}# The module isn't thereif ($@ =~ /Can't locate/) {die "\n[!!] Seems that some module is missing...:\n".$@."\n";}}my $in:shared;my @resx:shared;$b = $0;$b =~s/.*\///;sub usage {print <<HELP;Usage: perl $b [OPTIONS]Options:-s, --target Server hostname or ip (for best results use IP)-t, --timeout=SECONDS Seconds to wait before timeout connection (default 30)-c, --check Check web sites that are in the same IP address range-p, --print Print results-o, --output=FILE Save results to a file (default IP.txt)-h, --help This messageThreads:--threads=THREADS Maximum number of concurrent ip checks (default 1) require --checkHELPexit;}# Process options.if ( @ARGV > 0 ){GetOptions( 's|target=s' => \$target,'t|timeout=i' => \$timeout,'threads=i' => \$threads,'c|check' => \$check,'p|print' => \$print,'o|output=s' => \$filename,'h|help' => \$help) or usage;}else{print "[*] Usage : perl $b [OPTIONS]\n";print " EXEMPLE : perl $b -s www.target.com -o result.txt\n\n";print "[*] Try 'perl $b -h' for more options.\n";exit;}$help and usage;$target or usage;if ($target =~ m/^([1-9]|1[0-9]{1,2}|2[0-4]\d|25[0-5])(\.([0-9]|1[0-9]{1,2}|2[0-4]\d|25[0-5])){3}$/){# nice do nothing}elsif ($target =~ /([a-z][a-z0-9\-]+(\.|\-*\.))+[a-z]{2,6}$/){$IP = getIP($target);if ($IP){$target = $IP;}else{die "\n[!!] Unable to Resolve Host $target ! \n";}}else{die "[-] Invalid Hostname or Ip address .\n";}# Global variables$VERSION = "1.3";$useragent ||= 'Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1) Gecko/20090624 Firefox/3.5';$filename ||= "$target.txt";$timeout ||= 30;
#-------------------------------------------------------------------------------#$ua = LWP::UserAgent->new(agent => $useragent);$ua->timeout($timeout);$ua->max_redirect(0);$ua->conn_cache(LWP::ConnCache->new());print "\n[*] This operation will take little time ,Please wait...\n\n";#-------------------------------------------------------------------------------#print "[*] Processing:\n";@R = ({SITE => "Myipneighbors.net",URL => "http://www.myipneighbors.net/?s=%s",REGEX => '<\/tr><tr><td><a href="\/\?s\=.*?">(.*?)<\/a><\/td>',},{SITE => "My-ip-neighbors.com",URL => "http://www.my-ip-neighbors.com/?domain=%s",REGEX => '<td class="action"\starget="\_blank"><a\shref="http\:\/\/whois\.domaintools\.com\/(.*?)"\starget="\_blank"\sclass="external">Whois<\/a><\/td>',},{SITE => "Yougetsignal.com",DATA => 'remoteAddress',URL => "http://www.yougetsignal.com/tools/web-sites-on-web-server/php/get-web-sites-on-web-server-json-data.php",SP => 'Yougetsignal()',},{SITE => "Myiptest.com",URL => "http://www.myiptest.com/staticpages/index.php/Reverse-IP/%s",REGEX => "<td style='width:200px;'><a href='http:\/\/www.myiptest.com\/staticpages\/index.php\/Reverse-IP\/.*?'>(.*?)<\/a><\/td>",},{SITE => "Whois.WebHosting.info",URL => "http://whois.webhosting.info/%s",SP => 'Whoiswebhosting()',},{SITE => "Ksasecurity.net",URL => 'http://www.ksasecurity.net/results-reverse.php?url=%s',REGEX => "<a href='.*?' target='_blank'>http:\/\/(.*?)<\/a><\/li>",},{SITE => 'Domainsbyip.com',URL => 'http://domainsbyip.com/%s/',REGEX => '<li class="site.*?"><a href="http\:\/\/domainsbyip.com\/domaintoip\/(.*?)/">.*?<\/a>',},{SITE => "Ip-adress.com",URL => "http://www.ip-adress.com/reverse_ip/%s",REGEX => '\[<a href="\/whois\/(.*?)">Whois<\/a>\]',},{SITE => "Bing.com",URL => "http://www.bing.com/search?q=ip:%s&filt=all",SP => 'Bing()',},{SITE => "Sameip.org",URL => "http://sameip.org/ip/%s/",REGEX => '<a href="http:\/\/.*?" rel=\'nofollow\' title="visit .*?" target="_blank">(.*?)<\/a>',},{SITE => "Robtex.com",URL => "http://www.robtex.com/ajax/dns/%s.html",REGEX => '<a href="\/dns\/.*?\.html" >(([a-z][a-z0-9\-]+(\.|\-*\.))+[a-z]{2,6})<\/a><br \/>',},{SITE => "Reverseip.us",URL => "http://www.reverseip.us/?url=%s",REGEX => '<td bgcolor="\#EAEAEA" align="left"> <a target="_blank" href="http\:\/\/.*?">(.*?)<\/a><\/td>',},{SITE => "Tools.web-max.ca",URL => "http://ip2web.web-max.ca/?byip=1&ip=%s",REGEX => '<a href="http:\/\/.*?" target="_blank">(.*?)<\/a>',});### Functionssub add{$x = lc($_[0]);($x =~ /\:|freecellphonetracer|reversephonedetective|americanhvacparts|freephonetracer|phone\.addresses|reversephone\.theyellowpages|\.in-addr\.arpa|^\d+(\.|-)\d+(\.|-)/) ? return:0;$x =~ s/http:\/\/|\*\.|^www\.|\///;push(@JUNK,$x);}sub getIP{@ip = unpack("C4",(gethostbyname($_[0]))[4]) or return;return join(".", @ip);}sub Req{#print "$_[0]\n";$data = $_[1];if(!$data){$res = $ua->get($_[0]);}else{$res = $ua->post($_[0],{$data => $target,});}if($res->is_success){#print $res->status_line."\n$_[0]\n";}else{print "[!] Error: ".$res->status_line."\n";}return $res->content;}sub Yougetsignal{$resu = Req(sprintf($TARGET->{URL},$target),$TARGET->{DATA});while ($resu =~ m/\[([^\]]*)\]/g){$s1 = $1;$s1 =~ m/\"(.*?)\", \"?\"/g;#push(@{$TARGET->{"$TARGET->{SITE}"}{DATOS}},$1);add($1);$n{$y}++;}if ($resu =~ m/"message":"Daily reverse IP check limit reached for .*\."/){$n{$y} = "E1";}}sub Whoiswebhosting{$resu = Req(sprintf($TARGET->{URL},$target));if ($resu =~ m/<\/a> <a href="\/.*?\?pi=(.*?)&ob=SLD&oo=ASC"> Last >><\/a><\/td>/g){$nb = $1;for ($i=1;$i<=$nb;$i++){$resu = Req(sprintf($TARGET->{URL},$target).'?pi='.$i.'&ob=SLD&oo=ASC');while ($resu =~ m/<td><a href="http:\/\/whois.webhosting.info\/.*?\.">(.*?)\.<\/a><\/td>/g ){#push(@{$TARGET->{"$TARGET->{SITE}"}{DATOS}},$1);add(lc($1));$n{$y}++;}if ($resu =~ m/The security key helps us prevent automated searches/i){$n{$y} = "E2";last;}}}else{while ($resu =~ m/<td><a href="http:\/\/whois.webhosting.info\/.*?\.">(.*?)\.<\/a><\/td>/g ){#push(@{$TARGET->{"$TARGET->{SITE}"}{DATOS}},$1);add(lc($1));$n{$y}++;}if ($resu =~ m/The security key helps us prevent automated searches/i){$n{$y} = "E2";}}}sub Bing{for ($i=1;;$i+=10){$resu = Req(sprintf($TARGET->{URL},$target).'&first='.$i);$resux = $resu;if ($resux =~ m/FORM=PORE" class="sb_pagN" onmousedown="return si_T\(.*?\)">.*?<\/a><\/li><\/ul>/g){while ($resu =~ m/<\/p><div class="sb_meta"><cite>(.*?)<\/cite>/g){$b = $1;$b =~ s/\/.*+// if ($b =~ /\//);#push(@{$TARGET->{"$TARGET->{SITE}"}{DATOS}},$b);add($b);$n{$y}++;}}else{while ($resu =~ m/<\/p><div class="sb_meta"><cite>(.*?)<\/cite>/g){$b = $1;$b =~ s/\/.*+// if ($b =~ /\//);#push(@{$TARGET->{"$TARGET->{SITE}"}{DATOS}},$b);add($b);$n{$y}++;}last;}}}sub check{if((getIP('www.'.$_[0])==$target)or(getIP($_[0])==$target)){$in++;print " Found : $_[0]\n";#$resx[$in+1]=$_[0];push(@resx,$_[0]);}#else#{# print "\r Try $_[0]\t\t\t";#}}#-------------------------------------------------------------------------------#foreach $TARGET (@R){$y++;syswrite(STDOUT," -> $TARGET->{SITE}\n");if(!$TARGET->{SP}){$res=Req(sprintf($TARGET->{URL},$target),$TARGET->{DATA});}else{eval($TARGET->{SP});next;}$match = $TARGET->{REGEX};while($res =~ m/$match/gi){#push(@{$TARGET->{"$TARGET->{SITE}"}{DATOS}},$1);add($1);$n{$y}++;}}#foreach $TARGET (@R)#{# syswrite(STDOUT," + $TARGET->{SITE}\n");# foreach $aaa (@{$TARGET->{"$TARGET->{SITE}"}{DATOS}})# {# syswrite(STDOUT," - $aaa\n");# }#}#-------------------------------------------------------------------------------#@result = sort(grep { ++$R12{$_} < 2 } @JUNK);if ($check){print "\n[x] Checking and cleaning the results\n";if ($threads && $usethreads){foreach $tr (@result){$t++;threads->create(\&check,$tr)->detach();if($t=$threads){while(threads->list()>0){sleep 2;}$t=0;}}}elsif ($threads && !$usethreads){print "[-] Sorry your PERL installation doesn't support threads!\n";&check($_) foreach @result;}elsif (!$threads){&check($_) foreach @result;}sleep 2;@result = @resx;print "[+] Done\n";}print "\n[x] Result of $target : \n\n";open (F,">$filename") or die ("\n[!] Can't create the file ($filename)\n");print F "# Genereted By RitX $VERSION\n";print F "# Those are the domains hosted on the same web server as ($target).\n\n";foreach $RD (@result){print F "$RD\n" if ($RD);$ny++;}close(F);for ($i=0;$i<=14;$i++){$n{$i} = 0 if (!$n{$i});}print " +------+\n";print " | NB |\n";print "+-----------------------+------+\n";print "| Myipneighbors.net | $n{1}\n";print "|------------------------------|\n";print "| My-ip-neighbors.com | $n{2}\n";print "|------------------------------|\n";print "| Yougetsignal.com | $n{3}\n";print "|------------------------------|\n";print "| Myiptest.com | $n{4}\n";print "|------------------------------|\n";print "| Whois.webhosting.info | $n{5}\n";print "|------------------------------|\n";print "| Ksasecurity.net | $n{6}\n";print "|------------------------------|\n";print "| Domainbyip.com | $n{7}\n";print "|------------------------------|\n";print "| Ip-adress.com | $n{8}\n";print "|------------------------------|\n";print "| Bing.com | $n{9}\n";print "|------------------------------|\n";print "| Sameip.org | $n{10}\n";print "|------------------------------|\n";print "| Robtex.com | $n{11}\n";print "|------------------------------|\n";print "| Reverseip.us | $n{12}\n";print "|------------------------------|\n";print "| Tools.web-max.ca | $n{13}\n";print "+-------------+----------------+\n";print " | Total | $ny\n";print " +----------------+\n";if (($n{5} or $n{3}) =~ /E/){print "+--Keys------------------------------------+\n";print "|E1: Daily reverse IP check limit reached .|\n";print "|E2: Some Security Measures (Captcha) . |\n";print "+------------------------------------------+\n";}if ($ny != 0 and $print){print "[+] Results:\n";foreach $RD (@result){$v++;print " $RD\n";if($v==20){<STDIN>;$v=0;};}}print "[+] Scan Finished, have a nice hacking :p\n\n";#-------------------------------------------------------------------------------#
Chạy perl reverse.pl -s target.com -o file.txt
Không có nhận xét nào:
Đăng nhận xét