Skip to content

Commit

Permalink
Add files via upload
Browse files Browse the repository at this point in the history
  • Loading branch information
@sp00fing
sp00fing authored Jan 26, 2023
1 parent a5c9e34 commit eb64db5
Show file tree
Hide file tree
Showing 5 changed files with 361 additions and 0 deletions.
130 changes: 130 additions & 0 deletions domain resolver/CloudUnflare/cloudunflare.bash
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,130 @@
#!/bin/bash
# CloudUnflare

CompleteDNS_Login='[email protected]|password'

if [[ -z $(command -v dig) ]]; then
echo " ERROR: \"dig\" command not found"
exit
elif [[ -z $(command -v curl) ]]; then
echo " ERROR: \"curl\" command not found"
exit
elif [[ -z $(command -v whois) ]]; then
echo " ERROR: \"whois\" command not found"
exit
fi

echo ' __ '
echo ' __( )_ CLOUDFLARE '
echo ' __( )_ RECONNAISSANCE '
echo '(____________)__ _ V 0.2 '
echo ' _ _ _ __ / _| | __ _ _ __ ___ '
echo '| | | | `_ \| |_| |/ _` | `__/ _ \ '
echo '| |_| | | | | _| | (_| | | | __/ '
echo ' \__,_|_| |_|_| |_|\__,_|_| \___| '
echo ''

if [[ -f cuf-domain.tmp ]]; then
rm cuf-domain.tmp
elif [[ -f cuf-ipaddr.tmp ]]; then
rm cuf-ipaddr.tmp
fi

echo " Input domain name"
echo " Example: google.com"
echo -ne " >> "
read DOMAIN
echo ''

if [[ -z $(dig +short ${DOMAIN}) ]]; then
if [[ -z $(whois ${DOMAIN} | grep -i 'Domain Name:') ]]; then
echo " ERROR: Domain not found"
exit
fi
fi

function Dig() {
D=$1
echo " INFO: Checking ${D}"
for DMN in $(dig +short ${D} | grep '[.]'$ | sed 's/[.]$//g' | sort -V | uniq)
do
echo " + CNAME: ${DMN}"
done
for IP in $(dig +short ${D} | grep [0-9]$ | sort -V | uniq)
do
VENDOR=$(curl -s "https://rdap.arin.net/registry/ip/${IP}" -H 'User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 KHTML, like Gecko) Chrome/77.0.3865.120 Mobile Safari/537.36' --compressed | sed 's/",/\n/g' | grep '"name"' | sed 's/://g' | sed 's/"//g' | awk '{print $2}')
echo " + ${IP} [${VENDOR}]"
done
}

Dig ${DOMAIN}

i=0
c=0
max=$(cat `dirname $(realpath $0)`/subdomains.txt | wc -l)
for SUBD in $(cat `dirname $(realpath $0)`/subdomains.txt)
do
((i++))
SUBDOMAIN=${SUBD}.${DOMAIN}
if [[ ! -z $(dig +short ${SUBDOMAIN}) ]]; then
Dig ${SUBDOMAIN}
else
((c++))
if [[ $(expr $c % 20) -eq 0 ]]; then
echo " INFO: Subdomain enumeration progress [${i}/${max}]"
fi
fi
done

function CompleteDNS() {
DMN=${1}
CRE=${2}
EMAIL=$(echo ${CRE} | awk -F '|' '{print $1}')
PASS=$(echo ${CRE} | awk -F '|' '{print $2}')
TOKEN=$(curl -s --cookie-jar cookie.txt https://completedns.com/login | grep '_csrf_token' | sed 's/value="/\nToken /g' | grep ^Token | sed 's/"//g' | awk '{print $2}')
if [[ ! -z $(curl -skL --cookie cookie.txt --cookie-jar cookie.txt 'https://completedns.com/login_check' --data "_csrf_token=${TOKEN}&_username=${EMAIL}&_password=${PASS}&submitButton=" | grep 'Invalid credentials.') ]]; then
echo " ERROR: CompleteDNS cannot login"
return 1
fi
if [[ -f completedns.tmp ]]; then
rm completedns.tmp
fi
curl -s --cookie cookie.txt https://completedns.com/dns-history/ajax/?domain=${DMN} &>> completedns.tmp
echo " INFO: NS History by CompleteDNS.com"
i=0
IFS=$'\n'
for NSROW in $(cat completedns.tmp | sed ':a;N;$!ba;s/\n/ /g' | sed 's/clearfix/\n/g' | sed 's/col-md-2/\nASULAH/g' | grep ASULAH | sed 's/ //g' | sed 's/>/ /g' | sed 's/</ /g');
do
((i++))
echo "${NSROW}" | awk '{print " + "$11"/"$10"/"$5}'
echo "${NSROW}" | sed 's/br \//\nNSLine /g' | grep -v '"' | grep -v '/' | awk '{print " * "$2}'
done
if [[ ${i} -lt 1 ]]; then
echo " * Empty"
fi
if [[ -f completedns.tmp ]]; then
rm completedns.tmp
elif [[ -f cookie.txt ]]; then
rm cookie.txt
fi
}

CompleteDNS "${DOMAIN}" "${CompleteDNS_Login}"

function ViewDNS() {
DMN="${1}"
if [[ -f viewdns.tmp ]]; then
rm viewdns.tmp
fi
curl -s "https://viewdns.info/iphistory/?domain=${DMN}" -H 'user-agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Mobile Safari/537.36' --compressed &>> viewdns.tmp
COUNT=$(cat viewdns.tmp | sed ':a;N;$!ba;s/\n/ /g' | sed 's/<table border="1">/\nIPHISTORY/g' | sed 's/<\/table>/\n/g' | grep ^IPHISTORY | sed 's/<tr><td>/\n/g' | sed 's/\r//' | grep ^[0-9] | sed 's/<\/td><td>/|/g' | sed 's/<\/td><td align="center">/|/g' | sed 's/<\/td><\/tr>//g' | awk -F '|' '{print " + "$4" | "$1" | "$3"("$2")"}' | sort -V | wc -l);
if [[ ${COUNT} -lt 1 ]]; then
echo " ERROR: No IP History data in ViewDNS.info"
else
echo " INFO: IP History by ViewDNS.info"
cat viewdns.tmp | sed ':a;N;$!ba;s/\n/ /g' | sed 's/<table border="1">/\nIPHISTORY/g' | sed 's/<\/table>/\n/g' | grep ^IPHISTORY | sed 's/<tr><td>/\n/g' | sed 's/\r//' | grep ^[0-9] | sed 's/<\/td><td>/|/g' | sed 's/<\/td><td align="center">/|/g' | sed 's/<\/td><\/tr>//g' | awk -F '|' '{print " + "$4" | "$1" | "$3"("$2")"}' | sort -V
fi
rm viewdns.tmp
}

ViewDNS ${DOMAIN}
13 changes: 13 additions & 0 deletions domain resolver/CloudUnflare/faq.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
1. CompleteDNS API
Create an account at completedns.com and verify first.
Input your email and password on CompleteDNS_Login variable in cloudunflare.bash.

2. Installation

apt-get install curl dnsutils whois -y

3. Command

cd CloudUnflare

bash cloudunflare.bash
67 changes: 67 additions & 0 deletions domain resolver/CloudUnflare/subdomains.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
1
1rer
2
2tty
admin
api
app
bbs
blog
cdn
cloud
demo
dev
devel
development
doc
docs
documentation
email
exchange
file
files
forum
ftp
gate
gateway
gov
govyty
gw
hgfgdf
host
image
images
img
lkjkui
m
mail
mail1
mail2
mx
mx1
news
ns
ns1
ns2
owa
pop
pop3
portal
remote
secure
server
shop
smtp
staging
store
support
test
ticket
ticketing
vpn
vps
web
webmail
ww1
ww42
www2
140 changes: 140 additions & 0 deletions domain resolver/WAF-BYPASS/bypass-waf.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,140 @@
<?php
// my code bypass-waf is here!

@ini_set('display_errors', 0); error_reporting(0); @ini_set('output_buffering', 'Off'); @ini_set('implicit_flush', 1); @ini_set('zlib.output_compression', 0); ob_implicit_flush(1); $cf = basename($_SERVER['SCRIPT_FILENAME']);

if(!empty($_GET['url'])){
$url = urldecode($_GET['url']);
}
elseif(!empty($argv[1])){
$url = $argv[1];
}else{
system("clear");
die("
\033[0;36m
\033[0;36m Bypass-Waf \033[1;97m\033[4;37mCloudFlare Bypass Hostname\e[0;0m \033[4;31mVersion1.0\e[0;0m
\033[0;36m \e[0;0mAuthor : Yousuf Shafi'i Muhammad Junior Programmer.
\033[0;36m( \e[0;0m[!] legal disclaimer: Usage of bypass-waf for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program... I hope for you good future and i am willing that you will come high effort.
sites : muhammadabdirahman.wixsite.com/yousuf9963blog.
Github : https://github.com/Yousuf9963/bypass-waf.
I hope You Like This Tool.
Thank you.
\033[45m-------------------------------\e[0;0m[\e[0m\e[1;91m NOTES \e[0;0m]\033[45m---------------------------------------\e[0;0m
This tools can help you to see the real \033[1;97m\033[4;37mIP\e[0;0m behind \033[1;97m\033[4;37mCloudFlare\e[0;0m protected websites
\033[1;91m❝\033[1;36m Not all websites with cloudflare WAF can be bypassed with this tool \033[1;91m❞
\033[1;92m - \033[1;97mHow do I run it?\e[0;0m
\033[1;92m - \033[1;97mCommand: \033[1;37m./$cf\e[0;0m \033[1;97mexemple.com\e[0;0m
\n");
}

$alert = "
\033[0;36m
\033[0;36m \033[1;97m\033[4;37mCloudFlare Bypass Waf\e[0;0m \033[4;31mv2.2\e[0;0m
\033[0;36m \e[0;0mAuthor : Yousuf Shafi'i Muhammad Junior Programmer.
\033[0;36m( \e[0;0mContact: https://github.com/Yousuf9963
Sites : muhammadabdirahman.wixsite.com/yousuf9963blog.
\033[45m-------------------------------\e[0;0m[\e[0m\e[1;91m ALERT \e[0;0m]\033[45m---------------------------------------\e[0;0m
\033[1;91m❝\033[1;36m Not all websites with cloudflare WAF can be bypassed with this tool \033[1;91m❞
";

system("clear");

echo "\033[1;92mScanning: \033[1;97m\033[4;37m".htmlspecialchars(addslashes($url))."\e[0;0m\n";

function showProgressBar($percentage, int $numDecimalPlaces)
{
$percentageStringLength = 4;
if ($numDecimalPlaces > 0)
{
$percentageStringLength += ($numDecimalPlaces + 1);
}

$percentageString = number_format($percentage, $numDecimalPlaces) . '%';
$percentageString = str_pad($percentageString, $percentageStringLength, " ", STR_PAD_LEFT);

$percentageStringLength += 3;

$terminalWidth = `tput cols`;
$barWidth = $terminalWidth - ($percentageStringLength) - 2;
$numBars = round(($percentage) / 100 * ($barWidth));
$numEmptyBars = $barWidth - $numBars;

$barsString = '[' . str_repeat("\033[0;92m#\e[0;0m", ($numBars)) . str_repeat(" ", ($numEmptyBars)) . ']';

echo "($percentageString) " . $barsString . "\r";
}

//$level = ob_get_level();
$total = '1000';
for ($i=0; $i<$total; $i++)
{
$percentage = $i / $total * 100;
showProgressBar($percentage, 2); ob_end_flush();
}

ob_start();

// Replace URL
$url = str_replace("www.", "", $url);
$url = str_replace("http://", "", $url);
$url = str_replace("https://", "", $url);
$url = str_replace("/", "", $url);

// sudo apt install php-curl
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"https://crimeflare.herokuapp.com/?url=".htmlspecialchars(addslashes($url)).""); // CrimeFlare API v2.1
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$exec = curl_exec($ch);
curl_close ($ch);

ob_end_flush(); sleep(2); system("clear");

$logo = "\033[0;92m ______
____ __ __ __
| __ ) _ _ _ __ __ _ ___ ___ \ \ / /_ _ / _|
| _ \| | | | '_ \ / _` / __/ __|____\ \ /\ / / _` | |_
| |_) | |_| | |_) | (_| \__ \__ \_____\ V V / (_| | _|
|____/ \__, | .__/ \__,_|___/___/ \_/\_/ \__,_|_|
|___/|_|
\e[0;0m \033[4;31mv2.2\e[0;0m
";

if(!empty($exec)) {
$cloudflare = gethostbyname(htmlspecialchars(addslashes($url)));
preg_match('/(\d*\.\d*\.\d*\.\d*)/s', $exec, $ip); // Regex Real IP CloudFlare
if(empty($ip[1])){
exit("$alert
\033[1;92m -\e[0;0m Unable to detect \033[1;97mIP\e[0;0m address from (\033[1;97m\033[4;37m".htmlspecialchars(addslashes($url))."\e[0;0m)
\n");
}

$data = json_decode(file_get_contents("http://ip-api.com/json/".$ip[1]."?fields=status,message,country,countryCode,region,regionName,city,district,zip,lat,lon,timezone,offset,currency,isp,org,as,asname,reverse,query")); $token = "51a986ffa5ddb1"; $get = json_decode(file_get_contents("http://ipinfo.io/$ip[1]/json?token=$token")); $host = file_get_contents("https://get.geojs.io/v1/dns/ptr/$ip[1]"); $host = str_replace("\n", "", $host); $host = str_replace("Failed to get PTR record", "\e[0;0m\033[4;31mNot detected\e[0;0m", $host); $dns = dns_get_record( $url, DNS_NS); $ns1 = $dns[0]['target']; $ns2 = $dns[1]['target'];
$geo = json_decode(file_get_contents("https://get.geojs.io/v1/ip/country/".$ip[1].".json"));


print_r ("$logo
Website Target : $url
CloudFlare IP : $cloudflare
CloudFlare NS1 : $ns1
CloudFlare NS2 : $ns2
\033[1;92m--------------------------------------------------------------------------------\e[0;0m
Real IP Address : $get->ip
Hostname : $host
Company : $data->org
Country : $geo->name
Address : $get->country, $get->city, $get->region
Location : $get->loc
Time Zone : $get->timezone
\n");
} else {
echo "$alert
\033[1;92m -\e[0;0m \e[0;0m\033[4;31mit seems to be a problem with your network!\e[0;0m\n
\n";
}

ob_flush(); flush();



?>
11 changes: 11 additions & 0 deletions domain resolver/WAF-BYPASS/faq.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
Installation:

pkg update && pkg upgrade -y

pkg install git

pkg install php

cd WAF-BYPASS

php bypass-waf.php exa123mple.com

0 comments on commit eb64db5

Please sign in to comment.