Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Creating CGI-Bin Exploit Scanner

  1. Home
  2. Forum
  3. Programming
  4. Creating CGI-Bin Exploit Scanner

ghost's Avatar

ghost

0 0

hey guys. i wanna make my own cgi exploit scanner from the exploits in my article i wrote. how can i do this in VB? first of all i want them to imput a domain name in a textbox and then have it add on the exploit so that it would be site.com/exploit or w/e. Then display in a box whether it displays a 404, 403, or EXPLOIT FOUND. Any ideas where to start?

thanks

BlackACe227


ghost's Avatar

ghost

0 0

Well step 1, figure out what programming language u want to do this in… ill write u up 2 easy examples in VB, C++.

I am not to good with sockets in C++ seeing as my C++ is becoming rather sluggish after not practicing but ill show u how to add 2 strings together..

VB: Make a textbox and the button and everything and add this to the button. also have a webbrowser control somewhere on the form.

Dim a as string
Dim b as string
Dim c as string
b = "/exploit"
a = text1.text
c = a+b
WebBrowser1.Navigate c

that will just get whatever the user typed in the textbox and add the exploit specified in the variable b and then navigate to it.

C++:

#include <iostream.h>

using namespace std;

int main()
{
char a[256];
char* b[256];
char* c[256];
b = "/exploit";
cout<<"Please enter the URL to be exploited (e.g. www.google.com): ";
cin.getline(a, 256, '\n');
c = a + b;
cout<<"[!] Beggining exploit against "<<a<<"\n";

// Winsck navigation code here

return 0;
}

ghost's Avatar

ghost

0 0

i use VB6. i got all that you said. now i got a new question. like lets say i put in www.hellboundhackers.org. the first thing it does is add an /admin to the domain name. so it would be www.hellboundhackers.org/admin and it would popup and u would get a 404. the first textbox is for the domain name. the second box is for the displaying of attempting the exploit. i also have a webbrowser control. i also have a 3rd textbox so that it will display saying 404 instead of page not desplayed. so the program will open the link, see if its a real page, and then say in the third page 404,403,EXPLOIT found. i also wish to string them all together so i push a button and 200 exploits are loaded up and run one after another. any ideas on any of this?


ghost's Avatar

ghost

0 0

Here is php:```markup<?php

if(isset($_POST['domain'])) { $domain = $_POST; }

if(isset($domain)) {

//do the exploits

} else { ?><html><body><form action="thispage.php" method="post">Domain: <input type="text" name="domain" size="50" /><br /><input type="submit" value="go" /></form></body></html> <?php } ?>```


ghost's Avatar

ghost

0 0

i need VB lol.