[PHP & Ajax]PleskScan v0.1

Hello everyone,

Well it’s been a while since my last post, well yeah that’s what I almost say always xD.

My today’s post has a short story, and I’ll try to rush through it to not overwhelm you with emotions, and stuff yeah I have emotions ūüėÄ see that’s an emotion. Enough with joking, well 2 days ago Kingcope an Exploit developer/research/legend has published an 0day exploit for plesk panel’s yay! so I had an idea, damn wouldn’t it be cool, to have a scanner which goes through a given list of host’s and checks them for Plesk Panel’s, rather then trying them one by one.

It’s always cooler to automate processes like that, so (Yeah I know I can use Google dorks) I wrote a little PHP script that does exactly that, based on patterns it goes through you’re given hosts if an host matches a pattern It’s probably hosting a plesk panel.

All this runs in the background of as I use ajax to show real time data.

Tada! we got a beautiful tiny scanner.

The scanner looks something like this:

pleskdoesn’t it just look cute :3

The usage is pretty simple, you have to enter some hosts to scan divided by a comma the next step would be you to hit check pages and there you go.. brum brum

Please don’t scan any sites that you’re not allowed too, before going through a scanning process ask the administrators for permit to perform a scan, enough said the script can be found here GITHUB and please don’t use this EXPLOIT to do evil.

Preview

As i wrote this script king in a rush, it may contain bugs, but as always I welcome any king of suggestion and feedback.

Night

p.s. before using the script you have to do go into you’re php directory and open the file php.ini and uncomment line extension=php_openssl.dll this is required because we have to perform some HTTPS requests.

[PHP] Site Configuration v0.3

Well, I’ve been working today on my site configuration class, the class that helps you to¬†separate js, and css files based on templates. Well not only for css and js. it’s easy to be extended with new code templates but that I will leave to your need of purpose.

In this new version I have included a small new thinks like:

  • – [FIX ] Error with default tempalte
  • – [NEW] Now you can specify wherever you want to include the default template scripts in an template or not. (You can see it later in the example code)
  • – [NEW] Added an new future to sort the include array based on the array itself or by key.¬†( Review the example code for more information)
  • – [NEW] Added normal and reverse sorting abilities. ( Review the example code for more information)

Well the new version can be found HERE and the example code with the new futures can be found HERE

 

As always I’m thankful for any kind of feedback and suggestion.

[PHP] IP Blocking Class

Hello everyone, it’s been a while since my last post so it’s time for a new one, yesterday night I had a nice beer and a good idea on writing a little class to help me block ip addresses ( I know that I can do it with htaccess). I’ve done it in php since I wanted to have a little more control and I had the idea on further expanding it in the future, so enough said here’s the code, as usual feedback and any kind of suggestions are welcome, I wanna give out a big thx to my bro Denat my always tester.

The code can be found: Here

(Privacy vulnerability in Skype)Skype Local Information Recovery

Well hello everybody, after a thew days It’s time for a new post and this one is pretty cool.

I was going through the Application Data Folder and I’ve noticed that skype uses SQLite database to store user information first off all I thought it’s all encrypted but NOT it’s not, so I found this information disclosure vulnerability in Skype, and said let’s do a little P0C application for the vulnerability¬†¬†to recover a thew useful information from the sqlite database.

for those who are more interested in what other information skype stores in it’s database in this post I will include the source code to the tool.

So feel free to discover, and optimize I also must say ūüėõ the source code has been written fast so it’s kind of messy anyway wish all fun coding!

The Source is in VB.NET and can be found here:

 

http://www.fileserve.com/file/Z2Bkj5K

 

Some Screenshot’s:

Process Protection Class (VB.NET/C#)

Hi everybody today I had a little problem with a project I’m currently working on, I didn’t want the user to be able to kill my application process.
So I thought of using ThreadTokes but then I found a more interesting API called NtSetInformationProcess (Yes native API rock) so after reading a while and a thew BSOD’s I made this little class that does exactly what what I wanted xD okay a little explanation on what my class does;

Whenever someone kills the application process it will recreate itself and start the process, this is used by a lot of Windows Native tools also AV use this method. I’m looking forward to go a little deeper this week and try to set the Process Priority to the System Level, okay enough said.

Heres the class For  VB.NET and C#

VB.NET

http://pastebin.com/ap4Map0T

C#

http://pastebin.com/Lkkse2bL

I’m pleased for any kind of suggestion or feedback xD.
P.s. the code ain’t as sexy as it could have been it’s 3:17 AM over here, and I’m kind of tired and out of sugar xD.

Code for Fun and No Profit.