"; echo ""; echo "

------------------------=(CGI Scaner)=---------------------------

"; $Server=$HTTP_GET_VARS['server']; $Cgi=$HTTP_GET_VARS['cgi']; $TimeOut=$HTTP_GET_VARS['timeout']; $Port=$HTTP_GET_VARS['port']; $tryme=$HTTP_GET_VARS['tryme']; $i=0; $slash=substr(getcwd(),0,1); if ($slash != "/") { $slash="\\"; } if ($TimeOut == null) { $TimeOut="2"; } if ($Cgi == null) { $Cgi=getcwd().$slash."cgibugs.txt"; } if ($Port == null) { $Port="80"; } function menu ($Server,$Cgi,$Port,$TimeOut) { echo "

"; echo " :List of CGI bugs
"; echo "

---

"; echo " :Individual CGI test (example: /cgi-bin/formail.pl)
"; echo " :Web Server Hostname
"; echo " :Port (example: 80)
"; echo " :Time Out
"; echo ""; echo "

"; } if (!$Server) { echo "
Please, select web server hostname.
"; menu($Server,$Cgi,$Port,$TimeOut); die; } if (!$Port) { echo "
ERROR: Please, select web server port.
"; menu($Server,$Cgi,$Port,$TimeOut); die; } if (!$Cgi) { if (!$tryme) { echo "
ERROR: Please, select path to list of cgibugs.
"; menu($Server,$Cgi,$Port,$TimeOut); die; } } if (!$TimeOut) { echo "
ERROR: Please, select request TimeOut.
"; menu($Server,$Cgi,$Port,$TimeOut); die; } echo "Scaning....
"; $fs=fsockopen($Server,$Port); if (!$fs) { echo "
ERROR: Can't open $Server on $Port port.
"; die; } else { if (!$tryme) { fclose($fs); $fp=fopen($Cgi,"r"); while(!feof($fp)) { $line=trim(fgets($fp,20000)); if (strlen($line)>1){ scan($Server,$line,$Port,$TimeOut); } } fclose($fp); } else { $fs=fsockopen($Server,$Port); socket_set_timeout($fs,$TimeOut); fputs($fs,"GET $tryme HTTP/1.1\nHOST: LSA.cgi.test\n\n"); $res=fread($fs,4000000); echo nl2br(htmlspecialchars($res)); fclose($fs); } echo "
The END:)"; } function scan ($Server,$line,$Port,$TimeOut) { $fs=fsockopen($Server,$Port); socket_set_timeout($fs,$TimeOut); fputs($fs,"GET $line HTTP/1.1\nHOST: LSA.cgi.test\n\n"); $res=substr(trim(fgets($fs,30)),8); if (stristr($res,"200")) { $res="$res"; } echo "$line : $res
"; fclose($fs); } ?>