(adsbygoogle = window.adsbygoogle || []).push({}); Hello!

This is basically just my collection of scripts that i use on a regular basis. They're all coded in either Bash, Python or Perl, and have been created by many different authors (Including my self). I have put this pack together and made a few alterations to the scripts to make them either more effective or user friendly; however if there was any comments by the original author i have retained them, so on most of them you can see who originally created them. So here is a rundown of what we have:

adminfinder.pl

This is a great little perl script for searching for the adminitstration login of a web page. it was originally coded by GlaDiaT0R but was edited a tad by me. The script is written in French, so have fun editing it, it takes roughly 5 minutes to scan for admin pages.

aiocracker.py

Originally authored by Beenu Arora, this script will test an MD5/SHA1/SHA256/SHA384/SHA512 hash against a word list to attempt to crack it. The success and length of your attack will depend on the hash and the word lsit you have. But be warned this script loads the word list you use into RAM, So don't try using a 1GB wordlist if you only have 512MB of RAM! With the wordlist that i have provided with the pack it will take about one minute to test it. But again this depends on the hash, your computer, and the word list.

brute.sh

Not too sure why i included this, but it is a nice little script, written by [email][email protected][/email] it will basically just start creating all of the characters a-z + 0-9 in the terminal, you can either pipe this to a different script, or send it into a text file for use with another script.

cupp.py

Common User Passwords Profiler is a simple python script to help create a wordlist of words that your target may have used as a password. Basically it asks you a series of questions about the target and then creates a word list around those words. You can then add this to your standard word list so that you have a more personalised word list for your target. A pro-tip for this, is that you don't need to enter the data relevant to the questions, just anything that you think might be relevant to the password!

Network.sh

This is a bash script that i made to make it easier to get up to mischief on a network. Basically the usage is literally type "Spoof" or "Sniff" depending on what you want to do. However this script does require you to have installed and configured ettercap, dsniff, sslstrip and apache2 before hand. SO this won't be much use to you unless you know what you are doing already.

sqlcheck.sh

This is an excellent bash script written by Pepelux (author of sqldata.sh as well) Basically this script automates the process of Blind SQLi, but this script is for the information gathering not the retrieval of data (sqldata.sh) is for that. The instructions are pretty simple, and there is an even more detailed explanation if you open up the source. I have also taken the liberty of editing this script to have an extensive list of table and column names, previously it only had like 10. I have also edited it to remove the temporary files after completion. This requires you to have Lynx installed.

sqldata.sh

This is to be used after sqlcheck.sh, basically enter the data you have gathered with sqlcheck.sh and let it test all the characters to give you an output. THis is a bit odd but just leave it alone, if it looks like it is repeating i think that is normal, but to be honest i haven't had too much success with it, but it does work, just in a weird way! This requires you to have Lynx installed.

sqldump.pl

Coded by Vrs-hCk, this is one of my favourite scripts. Basically once you have performed manual SQLi on a target this allows you to easily dump the data to your computer. the confusing but is 'c0li' basically it means, you have to put c0li in the vulnerable column in your union statement. i.e You must login or register to view this content. union select 1,2,3,c0li,4,5

sh2ftpcrack.pl

Written by GhOsT-PR this is a pretty simple brute force, just follow the syntax and use a good word list, it is quite slow however, but it is still very effective! This requires libssh2 to be installed, see the source for instructions

Wordlist.txt

This is simply a 100Mb word list of common usernames and passwords, author unknown, but it was donated to me from Mothered. You can use this with a lot of these scripts and it is generally a good sized and manageable word list.

wordlister.sh

This is a simple script written by me (Middle) that allows you to easily manage your word lists, like those made with cupp and the brute.sh script. This has several features, but it is geared towards the handling of WPA cracking wordlists, which are usually >2GB minimum, so some of the options are redundant for work with these scripts, but the majority of it is still applicable.

Download:You must login or register to view this content.
If you download the pack, please say thanks! Enjoy