#!/usr/bin/perl
#
# @1999 Martin Eiszner security@freefly.com
#
###########################################
$| = 1;
use LWP;
use Getopt::Std;
use LWP::UserAgent;
use HTTP::Request;
use HTTP::Response;
use vars qw($opt_h $opt_f $opt_p $opt_l $opt_a $opt_r);
getopts("h:f:p:l:a:r:");
my $host = $opt_h;
my $cgifile = $opt_f;
my $proxy = $opt_p;
my $logfile = $opt_l;
my $accepted = $opt_a;
my $replace = $opt_r;
my ($repit,$repwith);
########################
## check options
##
if (!$host || !$cgifile)
{
print "\nusage: $0 -h [host]\n\t-f [cgiFile]\n\t-p [proxy]\n\t-r [replUrlpart:replUrlpart]";
print "\n\t-a [acceptPorts example: (8088:6666:1122) 80:443->default]\n\t-l [logfile]\n\n";
exit 1;
}
## replacements
##
if ($replace && $replace =~ /:/)
{
($repit,$repwith) = split(/:/,$replace);
chomp($repit); chomp($repwith);
print "replacing: $repit with: $repwith\n";
}
## check accepted ports
##
my @accepted;
@accepted = split(/:/,$accepted);
push (@accepted, 80); push (@accepted, 443);
push (@accepted, $accepted) if ($accepted !~ /:/ && length($accepted) > 0);
## host
##
($host = "http://".$host) if ($host !~ /http:\/\// && $host !~ /https:\/\//);
## our cgi-file
##
open (CGI_FILE, "< $cgifile") || print "cant open $cgifile\n";
## shall we log it
##
if ($logfile ne '')
{
open (RF, "> $logfile") || print "cant open $cgifile\n";
}
print "host: $host\nproxy: $proxy\nfile: $cgifile\n";
print RF "host: $host\nproxy: $proxy\nfile: $cgifile\n" if($logfile ne '');
## create new user-agent
##
my $user_agent = new LWP::UserAgent;
$user_agent->timeout(25);
$user_agent->agent("Mozilla/4.0(compatible;MSIE 6.0;Windows NT 5.0)");
## the main loop
##
##
while (<CGI_FILE>)
{
my $s = $_;
## check for allowed ports
##
my $pn = 80;
($s =~ /^:(\d+)\//) ? $pn = $1 : 80;
if (&ina(\@accepted,$pn))
{
$getti=$host.$s;
($getti =~ s/$repit/$repwith/) if($repit && $repwith);
$getti =~ s/[\n\r]//g;
if ($proxy ne '')
{
($proxy = "http://".$proxy) if ($proxy !~ /http:\/\// && $proxy !~ /https:\/\//);
$user_agent->proxy('http', $proxy) if($getti =~ /^http:\/\/.*$/);
$user_agent->proxy('https', $proxy) if($getti =~ /^https:\/\/.*$/);
}
my $request = new HTTP::Request('GET', $getti);
my $response = $user_agent->request($request);
## thats what were here for
##
if ($response->is_success)
{
print "*** FOUND ***\t $getti\n";
print RF "*** FOUND ***\t $getti\n" if($logfile ne '');
}
else
{
if ($response->code() == "404")
{
print "$getti\n";
print RF "$getti\n" if($logfile ne '');
}
else
{
print $response->code(), "-", $response->message(), "\t$getti\n";
print RF $response->code(), "-", $response->message(), "\t$getti\n" if($logfile ne '');
}
}
} # end only accepted ports
} # end while
## game over
##
close(CGI_FILE);
close(RF) if ($logfile ne '');
print "\ndone\n";
#######################
## end main start subs
#######################
## find in array
##
sub ina
{
my $a = shift;
my $n = shift;
for (my $c=0; $c<=$#{$a}; $c++)
{
return 1 if ($n eq @{$a}[$c]);
}
return 0;
}